authentik_client/models/
saml_source_request.rs

1/*
2 * authentik
3 *
4 * Making authentication simple.
5 *
6 * The version of the OpenAPI document: 2025.10.2
7 * Contact: hello@goauthentik.io
8 * Generated by: https://openapi-generator.tech
9 */
10
11use crate::models;
12use serde::{Deserialize, Serialize};
13
14/// SamlSourceRequest : SAMLSource Serializer
15#[derive(Clone, Default, Debug, PartialEq, Serialize, Deserialize)]
16pub struct SamlSourceRequest {
17    /// Source's display Name.
18    #[serde(rename = "name")]
19    pub name: String,
20    /// Internal source name, used in URLs.
21    #[serde(rename = "slug")]
22    pub slug: String,
23    #[serde(rename = "enabled", skip_serializing_if = "Option::is_none")]
24    pub enabled: Option<bool>,
25    /// Flow to use when authenticating existing users.
26    #[serde(
27        rename = "authentication_flow",
28        default,
29        with = "::serde_with::rust::double_option",
30        skip_serializing_if = "Option::is_none"
31    )]
32    pub authentication_flow: Option<Option<uuid::Uuid>>,
33    /// Flow to use when enrolling new users.
34    #[serde(
35        rename = "enrollment_flow",
36        default,
37        with = "::serde_with::rust::double_option",
38        skip_serializing_if = "Option::is_none"
39    )]
40    pub enrollment_flow: Option<Option<uuid::Uuid>>,
41    #[serde(rename = "user_property_mappings", skip_serializing_if = "Option::is_none")]
42    pub user_property_mappings: Option<Vec<uuid::Uuid>>,
43    #[serde(rename = "group_property_mappings", skip_serializing_if = "Option::is_none")]
44    pub group_property_mappings: Option<Vec<uuid::Uuid>>,
45    #[serde(rename = "policy_engine_mode", skip_serializing_if = "Option::is_none")]
46    pub policy_engine_mode: Option<models::PolicyEngineMode>,
47    /// How the source determines if an existing user should be authenticated or a new user enrolled.
48    #[serde(rename = "user_matching_mode", skip_serializing_if = "Option::is_none")]
49    pub user_matching_mode: Option<models::UserMatchingModeEnum>,
50    #[serde(rename = "user_path_template", skip_serializing_if = "Option::is_none")]
51    pub user_path_template: Option<String>,
52    /// How the source determines if an existing group should be used or a new group created.
53    #[serde(rename = "group_matching_mode", skip_serializing_if = "Option::is_none")]
54    pub group_matching_mode: Option<models::GroupMatchingModeEnum>,
55    /// Flow used before authentication.
56    #[serde(rename = "pre_authentication_flow")]
57    pub pre_authentication_flow: uuid::Uuid,
58    /// Also known as Entity ID. Defaults the Metadata URL.
59    #[serde(rename = "issuer", skip_serializing_if = "Option::is_none")]
60    pub issuer: Option<String>,
61    /// URL that the initial Login request is sent to.
62    #[serde(rename = "sso_url")]
63    pub sso_url: String,
64    /// Optional URL if your IDP supports Single-Logout.
65    #[serde(
66        rename = "slo_url",
67        default,
68        with = "::serde_with::rust::double_option",
69        skip_serializing_if = "Option::is_none"
70    )]
71    pub slo_url: Option<Option<String>>,
72    /// Allows authentication flows initiated by the IdP. This can be a security risk, as no validation of the request ID is done.
73    #[serde(rename = "allow_idp_initiated", skip_serializing_if = "Option::is_none")]
74    pub allow_idp_initiated: Option<bool>,
75    /// NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
76    #[serde(rename = "name_id_policy", skip_serializing_if = "Option::is_none")]
77    pub name_id_policy: Option<models::SamlNameIdPolicyEnum>,
78    #[serde(rename = "binding_type", skip_serializing_if = "Option::is_none")]
79    pub binding_type: Option<models::BindingTypeEnum>,
80    /// When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default.
81    #[serde(
82        rename = "verification_kp",
83        default,
84        with = "::serde_with::rust::double_option",
85        skip_serializing_if = "Option::is_none"
86    )]
87    pub verification_kp: Option<Option<uuid::Uuid>>,
88    /// Keypair used to sign outgoing Responses going to the Identity Provider.
89    #[serde(
90        rename = "signing_kp",
91        default,
92        with = "::serde_with::rust::double_option",
93        skip_serializing_if = "Option::is_none"
94    )]
95    pub signing_kp: Option<Option<uuid::Uuid>>,
96    #[serde(rename = "digest_algorithm", skip_serializing_if = "Option::is_none")]
97    pub digest_algorithm: Option<models::DigestAlgorithmEnum>,
98    #[serde(rename = "signature_algorithm", skip_serializing_if = "Option::is_none")]
99    pub signature_algorithm: Option<models::SignatureAlgorithmEnum>,
100    /// Time offset when temporary users should be deleted. This only applies if your IDP uses the NameID Format 'transient', and the user doesn't log out manually. (Format: hours=1;minutes=2;seconds=3).
101    #[serde(rename = "temporary_user_delete_after", skip_serializing_if = "Option::is_none")]
102    pub temporary_user_delete_after: Option<String>,
103    /// When selected, incoming assertions are encrypted by the IdP using the public key of the encryption keypair. The assertion is decrypted by the SP using the the private key.
104    #[serde(
105        rename = "encryption_kp",
106        default,
107        with = "::serde_with::rust::double_option",
108        skip_serializing_if = "Option::is_none"
109    )]
110    pub encryption_kp: Option<Option<uuid::Uuid>>,
111    #[serde(rename = "signed_assertion", skip_serializing_if = "Option::is_none")]
112    pub signed_assertion: Option<bool>,
113    #[serde(rename = "signed_response", skip_serializing_if = "Option::is_none")]
114    pub signed_response: Option<bool>,
115}
116
117impl SamlSourceRequest {
118    /// SAMLSource Serializer
119    pub fn new(name: String, slug: String, pre_authentication_flow: uuid::Uuid, sso_url: String) -> SamlSourceRequest {
120        SamlSourceRequest {
121            name,
122            slug,
123            enabled: None,
124            authentication_flow: None,
125            enrollment_flow: None,
126            user_property_mappings: None,
127            group_property_mappings: None,
128            policy_engine_mode: None,
129            user_matching_mode: None,
130            user_path_template: None,
131            group_matching_mode: None,
132            pre_authentication_flow,
133            issuer: None,
134            sso_url,
135            slo_url: None,
136            allow_idp_initiated: None,
137            name_id_policy: None,
138            binding_type: None,
139            verification_kp: None,
140            signing_kp: None,
141            digest_algorithm: None,
142            signature_algorithm: None,
143            temporary_user_delete_after: None,
144            encryption_kp: None,
145            signed_assertion: None,
146            signed_response: None,
147        }
148    }
149}