OTSSigns/OTSSignsOrchestrator
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
150549a20d8b7bb43704e1159416595eb028ed16
OTSSignsOrchestrator/OTSSignsOrchestrator.Core/Services/IAuthentikService.cs

127 lines
5.5 KiB
C#
Raw Normal View History

work with authentik
2026-02-27 17:48:21 -05:00
using OTSSignsOrchestrator.Core.Models.DTOs;
namespace OTSSignsOrchestrator.Core.Services;
/// <summary>
/// Provisions SAML applications in Authentik and retrieves IdP metadata
/// needed to render the Xibo SAML settings-custom.php template.
/// </summary>
public interface IAuthentikService
{
/// <summary>
/// Creates an Authentik SAML provider and application for the given Xibo instance,
/// then fetches the IdP metadata (entity ID, x509 cert, SSO/SLO URLs).
/// If the application already exists (by slug), returns its existing metadata.
/// </summary>
Task<AuthentikSamlConfig> ProvisionSamlAsync(
string instanceAbbrev,
string instanceBaseUrl,
CancellationToken ct = default);
Refactor SAML configuration deployment and enhance Authentik integration - Removed SAML configuration deployment calls from PostInstanceInitService. - Updated DeploySamlConfigurationAsync to improve template fetching logic from Git and local directories. - Added Authentik flow and keypair models for better representation in the UI. - Enhanced SettingsViewModel to include Authentik settings with save and test functionality. - Updated UI to support Authentik configuration, including dropdowns for flows and keypairs. - Changed default CMS server name template to "app.ots-signs.com" across various files. - Improved password handling in SshDockerCliService for secure shell command execution. - Added new template file for settings-custom.php in the project structure.
2026-02-27 22:15:24 -05:00
/// <summary>
/// Tests the connection to Authentik by fetching the current user.
/// Optionally accepts override URL/key for testing before saving.
/// </summary>
Task<(bool Success, string Message)> TestConnectionAsync(
string? overrideUrl = null,
string? overrideApiKey = null,
CancellationToken ct = default);
/// <summary>
/// Returns all available flows from Authentik.
/// </summary>
Task<List<AuthentikFlowItem>> ListFlowsAsync(
string? overrideUrl = null,
string? overrideApiKey = null,
CancellationToken ct = default);
/// <summary>
/// Returns all certificate keypairs from Authentik.
/// </summary>
Task<List<AuthentikKeypairItem>> ListKeypairsAsync(
string? overrideUrl = null,
string? overrideApiKey = null,
CancellationToken ct = default);
feat: Implement Authentik group synchronization and add confirmation dialogs for service management
2026-03-04 21:33:29 -05:00
/// <summary>
/// Returns all groups from Authentik, optionally filtered to those with
/// at least one member. Used for syncing groups to Xibo instances.
/// </summary>
Task<List<AuthentikGroupItem>> ListGroupsAsync(
string? overrideUrl = null,
string? overrideApiKey = null,
CancellationToken ct = default);
feat: Implement customer invitation infrastructure in Authentik - Added IInvitationSetupService and InvitationSetupService to orchestrate the setup of invitation infrastructure for customers. - Introduced methods for creating groups, enrollment flows, invitation stages, roles, and policies in Authentik. - Updated PostInstanceInitService to call the new invitation setup methods during post-initialization. - Enhanced InstanceService to pass customer name during SAML configuration deployment. - Updated App.axaml.cs to register the new IInvitationSetupService. - Modified settings-custom.php.template to include documentation for SAML authentication configuration with group-based admin assignment. - Added logic to exclude specific groups from being synced to Xibo during group synchronization.
2026-03-04 21:58:59 -05:00
// ─────────────────────────────────────────────────────────────────────────
// Customer invitation infrastructure
// ─────────────────────────────────────────────────────────────────────────
/// <summary>
/// Creates a group in Authentik with the given name.
/// Returns the group PK (UUID string). If a group with that name already exists, returns its PK.
/// </summary>
Task<string> CreateGroupAsync(string groupName, CancellationToken ct = default);
/// <summary>
/// Creates an invitation stage in Authentik.
/// Returns the stage PK. If a stage with that name already exists, returns its PK.
/// </summary>
Task<string> CreateInvitationStageAsync(string stageName, bool continueWithoutInvitation = false, CancellationToken ct = default);
/// <summary>
/// Creates an enrollment flow in Authentik with the given name and slug.
/// Returns the flow PK (UUID string). If a flow with that slug already exists, returns its PK.
/// </summary>
Task<string> CreateEnrollmentFlowAsync(string name, string slug, CancellationToken ct = default);
/// <summary>
/// Binds a stage to a flow at the specified order.
/// </summary>
Task BindStageToFlowAsync(string flowSlug, string stagePk, int order, CancellationToken ct = default);
/// <summary>
/// Creates an expression policy in Authentik.
/// Returns the policy PK. If a policy with that name already exists, returns its PK.
/// </summary>
Task<string> CreateExpressionPolicyAsync(string name, string expression, CancellationToken ct = default);
/// <summary>
/// Binds a policy to a flow stage binding (so it executes when that stage runs).
/// </summary>
Task BindPolicyToFlowStageBoundAsync(string flowStageBindingPk, string policyPk, CancellationToken ct = default);
/// <summary>
/// Binds a policy to a flow (policy/group/user binding tab).
/// </summary>
Task BindPolicyToFlowAsync(string flowSlug, string policyPk, CancellationToken ct = default);
/// <summary>
/// Creates a role in Authentik with the given name.
/// Returns the role PK. If a role with that name already exists, returns its PK.
/// </summary>
Task<string> CreateRoleAsync(string roleName, CancellationToken ct = default);
/// <summary>
/// Assigns a set of permissions to a role.
/// Permission codenames follow Django format, e.g. "add_invitation", "view_invitation".
/// </summary>
Task AssignPermissionsToRoleAsync(string rolePk, IEnumerable<string> permissionCodenames, CancellationToken ct = default);
/// <summary>
/// Assigns a role to a group so all members of the group inherit the role's permissions.
/// </summary>
Task AssignRoleToGroupAsync(string rolePk, string groupPk, CancellationToken ct = default);
/// <summary>
/// Finds the flow-stage binding PK for a specific stage bound to a flow at a given order.
/// Returns null if not found.
/// </summary>
Task<string?> GetFlowStageBindingPkAsync(string flowSlug, int order, CancellationToken ct = default);
/// <summary>
/// Looks up a built-in Authentik stage by partial name match (e.g. "default-enrollment-prompt").
/// Returns the stage PK, or null if not found.
/// </summary>
Task<string?> FindStageByNameAsync(string nameContains, CancellationToken ct = default);
work with authentik
2026-02-27 17:48:21 -05:00
}
Reference in New Issue Copy Permalink