Skip to main content

authentik_client/models/
kerberos_source_request.rs

1/*
2 * authentik
3 *
4 * Making authentication simple.
5 *
6 * The version of the OpenAPI document: 2025.8.6
7 * Contact: hello@goauthentik.io
8 * Generated by: https://openapi-generator.tech
9 */
10
11use crate::models;
12use serde::{Deserialize, Serialize};
13
14/// KerberosSourceRequest : Kerberos Source Serializer
15#[derive(Clone, Default, Debug, PartialEq, Serialize, Deserialize)]
16pub struct KerberosSourceRequest {
17    /// Source's display Name.
18    #[serde(rename = "name")]
19    pub name: String,
20    /// Internal source name, used in URLs.
21    #[serde(rename = "slug")]
22    pub slug: String,
23    #[serde(rename = "enabled", skip_serializing_if = "Option::is_none")]
24    pub enabled: Option<bool>,
25    /// Flow to use when authenticating existing users.
26    #[serde(
27        rename = "authentication_flow",
28        default,
29        with = "::serde_with::rust::double_option",
30        skip_serializing_if = "Option::is_none"
31    )]
32    pub authentication_flow: Option<Option<uuid::Uuid>>,
33    /// Flow to use when enrolling new users.
34    #[serde(
35        rename = "enrollment_flow",
36        default,
37        with = "::serde_with::rust::double_option",
38        skip_serializing_if = "Option::is_none"
39    )]
40    pub enrollment_flow: Option<Option<uuid::Uuid>>,
41    #[serde(rename = "user_property_mappings", skip_serializing_if = "Option::is_none")]
42    pub user_property_mappings: Option<Vec<uuid::Uuid>>,
43    #[serde(rename = "group_property_mappings", skip_serializing_if = "Option::is_none")]
44    pub group_property_mappings: Option<Vec<uuid::Uuid>>,
45    #[serde(rename = "policy_engine_mode", skip_serializing_if = "Option::is_none")]
46    pub policy_engine_mode: Option<models::PolicyEngineMode>,
47    /// How the source determines if an existing user should be authenticated or a new user enrolled.
48    #[serde(rename = "user_matching_mode", skip_serializing_if = "Option::is_none")]
49    pub user_matching_mode: Option<models::UserMatchingModeEnum>,
50    #[serde(rename = "user_path_template", skip_serializing_if = "Option::is_none")]
51    pub user_path_template: Option<String>,
52    /// How the source determines if an existing group should be used or a new group created.
53    #[serde(rename = "group_matching_mode", skip_serializing_if = "Option::is_none")]
54    pub group_matching_mode: Option<models::GroupMatchingModeEnum>,
55    /// Kerberos realm
56    #[serde(rename = "realm")]
57    pub realm: String,
58    /// Custom krb5.conf to use. Uses the system one by default
59    #[serde(rename = "krb5_conf", skip_serializing_if = "Option::is_none")]
60    pub krb5_conf: Option<String>,
61    /// KAdmin server type
62    #[serde(rename = "kadmin_type", skip_serializing_if = "Option::is_none")]
63    pub kadmin_type: Option<models::KadminTypeEnum>,
64    /// Sync users from Kerberos into authentik
65    #[serde(rename = "sync_users", skip_serializing_if = "Option::is_none")]
66    pub sync_users: Option<bool>,
67    /// When a user changes their password, sync it back to Kerberos
68    #[serde(rename = "sync_users_password", skip_serializing_if = "Option::is_none")]
69    pub sync_users_password: Option<bool>,
70    /// Principal to authenticate to kadmin for sync.
71    #[serde(rename = "sync_principal", skip_serializing_if = "Option::is_none")]
72    pub sync_principal: Option<String>,
73    /// Password to authenticate to kadmin for sync
74    #[serde(rename = "sync_password", skip_serializing_if = "Option::is_none")]
75    pub sync_password: Option<String>,
76    /// Keytab to authenticate to kadmin for sync. Must be base64-encoded or in the form TYPE:residual
77    #[serde(rename = "sync_keytab", skip_serializing_if = "Option::is_none")]
78    pub sync_keytab: Option<String>,
79    /// Credentials cache to authenticate to kadmin for sync. Must be in the form TYPE:residual
80    #[serde(rename = "sync_ccache", skip_serializing_if = "Option::is_none")]
81    pub sync_ccache: Option<String>,
82    /// Force the use of a specific server name for SPNEGO. Must be in the form HTTP@hostname
83    #[serde(rename = "spnego_server_name", skip_serializing_if = "Option::is_none")]
84    pub spnego_server_name: Option<String>,
85    /// SPNEGO keytab base64-encoded or path to keytab in the form FILE:path
86    #[serde(rename = "spnego_keytab", skip_serializing_if = "Option::is_none")]
87    pub spnego_keytab: Option<String>,
88    /// Credential cache to use for SPNEGO in form type:residual
89    #[serde(rename = "spnego_ccache", skip_serializing_if = "Option::is_none")]
90    pub spnego_ccache: Option<String>,
91    /// If enabled, the authentik-stored password will be updated upon login with the Kerberos password backend
92    #[serde(
93        rename = "password_login_update_internal_password",
94        skip_serializing_if = "Option::is_none"
95    )]
96    pub password_login_update_internal_password: Option<bool>,
97}
98
99impl KerberosSourceRequest {
100    /// Kerberos Source Serializer
101    pub fn new(name: String, slug: String, realm: String) -> KerberosSourceRequest {
102        KerberosSourceRequest {
103            name,
104            slug,
105            enabled: None,
106            authentication_flow: None,
107            enrollment_flow: None,
108            user_property_mappings: None,
109            group_property_mappings: None,
110            policy_engine_mode: None,
111            user_matching_mode: None,
112            user_path_template: None,
113            group_matching_mode: None,
114            realm,
115            krb5_conf: None,
116            kadmin_type: None,
117            sync_users: None,
118            sync_users_password: None,
119            sync_principal: None,
120            sync_password: None,
121            sync_keytab: None,
122            sync_ccache: None,
123            spnego_server_name: None,
124            spnego_keytab: None,
125            spnego_ccache: None,
126            password_login_update_internal_password: None,
127        }
128    }
129}