Skip to main content

authentik_client/models/
saml_source_request.rs

1/*
2 * authentik
3 *
4 * Making authentication simple.
5 *
6 * The version of the OpenAPI document: 2026.2.0
7 * Contact: hello@goauthentik.io
8 * Generated by: https://openapi-generator.tech
9 */
10
11use crate::models;
12use serde::{Deserialize, Serialize};
13
14/// SamlSourceRequest : SAMLSource Serializer
15#[derive(Clone, Default, Debug, PartialEq, Serialize, Deserialize)]
16pub struct SamlSourceRequest {
17    /// Source's display Name.
18    #[serde(rename = "name")]
19    pub name: String,
20    /// Internal source name, used in URLs.
21    #[serde(rename = "slug")]
22    pub slug: String,
23    #[serde(rename = "enabled", skip_serializing_if = "Option::is_none")]
24    pub enabled: Option<bool>,
25    /// When enabled, this source will be displayed as a prominent button on the login page, instead of a small icon.
26    #[serde(rename = "promoted", skip_serializing_if = "Option::is_none")]
27    pub promoted: Option<bool>,
28    /// Flow to use when authenticating existing users.
29    #[serde(
30        rename = "authentication_flow",
31        default,
32        with = "::serde_with::rust::double_option",
33        skip_serializing_if = "Option::is_none"
34    )]
35    pub authentication_flow: Option<Option<uuid::Uuid>>,
36    /// Flow to use when enrolling new users.
37    #[serde(
38        rename = "enrollment_flow",
39        default,
40        with = "::serde_with::rust::double_option",
41        skip_serializing_if = "Option::is_none"
42    )]
43    pub enrollment_flow: Option<Option<uuid::Uuid>>,
44    #[serde(rename = "user_property_mappings", skip_serializing_if = "Option::is_none")]
45    pub user_property_mappings: Option<Vec<uuid::Uuid>>,
46    #[serde(rename = "group_property_mappings", skip_serializing_if = "Option::is_none")]
47    pub group_property_mappings: Option<Vec<uuid::Uuid>>,
48    #[serde(rename = "policy_engine_mode", skip_serializing_if = "Option::is_none")]
49    pub policy_engine_mode: Option<models::PolicyEngineMode>,
50    /// How the source determines if an existing user should be authenticated or a new user enrolled.
51    #[serde(rename = "user_matching_mode", skip_serializing_if = "Option::is_none")]
52    pub user_matching_mode: Option<models::UserMatchingModeEnum>,
53    #[serde(rename = "user_path_template", skip_serializing_if = "Option::is_none")]
54    pub user_path_template: Option<String>,
55    #[serde(rename = "icon", skip_serializing_if = "Option::is_none")]
56    pub icon: Option<String>,
57    /// How the source determines if an existing group should be used or a new group created.
58    #[serde(rename = "group_matching_mode", skip_serializing_if = "Option::is_none")]
59    pub group_matching_mode: Option<models::GroupMatchingModeEnum>,
60    /// Flow used before authentication.
61    #[serde(rename = "pre_authentication_flow")]
62    pub pre_authentication_flow: uuid::Uuid,
63    /// Also known as Entity ID. Defaults the Metadata URL.
64    #[serde(rename = "issuer", skip_serializing_if = "Option::is_none")]
65    pub issuer: Option<String>,
66    /// URL that the initial Login request is sent to.
67    #[serde(rename = "sso_url")]
68    pub sso_url: String,
69    /// Optional URL if your IDP supports Single-Logout.
70    #[serde(
71        rename = "slo_url",
72        default,
73        with = "::serde_with::rust::double_option",
74        skip_serializing_if = "Option::is_none"
75    )]
76    pub slo_url: Option<Option<String>>,
77    /// Allows authentication flows initiated by the IdP. This can be a security risk, as no validation of the request ID is done.
78    #[serde(rename = "allow_idp_initiated", skip_serializing_if = "Option::is_none")]
79    pub allow_idp_initiated: Option<bool>,
80    /// NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
81    #[serde(rename = "name_id_policy", skip_serializing_if = "Option::is_none")]
82    pub name_id_policy: Option<models::SamlNameIdPolicyEnum>,
83    #[serde(rename = "binding_type", skip_serializing_if = "Option::is_none")]
84    pub binding_type: Option<models::BindingTypeEnum>,
85    /// When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default.
86    #[serde(
87        rename = "verification_kp",
88        default,
89        with = "::serde_with::rust::double_option",
90        skip_serializing_if = "Option::is_none"
91    )]
92    pub verification_kp: Option<Option<uuid::Uuid>>,
93    /// Keypair used to sign outgoing Responses going to the Identity Provider.
94    #[serde(
95        rename = "signing_kp",
96        default,
97        with = "::serde_with::rust::double_option",
98        skip_serializing_if = "Option::is_none"
99    )]
100    pub signing_kp: Option<Option<uuid::Uuid>>,
101    #[serde(rename = "digest_algorithm", skip_serializing_if = "Option::is_none")]
102    pub digest_algorithm: Option<models::DigestAlgorithmEnum>,
103    #[serde(rename = "signature_algorithm", skip_serializing_if = "Option::is_none")]
104    pub signature_algorithm: Option<models::SignatureAlgorithmEnum>,
105    /// Time offset when temporary users should be deleted. This only applies if your IDP uses the NameID Format 'transient', and the user doesn't log out manually. (Format: hours=1;minutes=2;seconds=3).
106    #[serde(rename = "temporary_user_delete_after", skip_serializing_if = "Option::is_none")]
107    pub temporary_user_delete_after: Option<String>,
108    /// When selected, incoming assertions are encrypted by the IdP using the public key of the encryption keypair. The assertion is decrypted by the SP using the the private key.
109    #[serde(
110        rename = "encryption_kp",
111        default,
112        with = "::serde_with::rust::double_option",
113        skip_serializing_if = "Option::is_none"
114    )]
115    pub encryption_kp: Option<Option<uuid::Uuid>>,
116    #[serde(rename = "signed_assertion", skip_serializing_if = "Option::is_none")]
117    pub signed_assertion: Option<bool>,
118    #[serde(rename = "signed_response", skip_serializing_if = "Option::is_none")]
119    pub signed_response: Option<bool>,
120}
121
122impl SamlSourceRequest {
123    /// SAMLSource Serializer
124    pub fn new(name: String, slug: String, pre_authentication_flow: uuid::Uuid, sso_url: String) -> SamlSourceRequest {
125        SamlSourceRequest {
126            name,
127            slug,
128            enabled: None,
129            promoted: None,
130            authentication_flow: None,
131            enrollment_flow: None,
132            user_property_mappings: None,
133            group_property_mappings: None,
134            policy_engine_mode: None,
135            user_matching_mode: None,
136            user_path_template: None,
137            icon: None,
138            group_matching_mode: None,
139            pre_authentication_flow,
140            issuer: None,
141            sso_url,
142            slo_url: None,
143            allow_idp_initiated: None,
144            name_id_policy: None,
145            binding_type: None,
146            verification_kp: None,
147            signing_kp: None,
148            digest_algorithm: None,
149            signature_algorithm: None,
150            temporary_user_delete_after: None,
151            encryption_kp: None,
152            signed_assertion: None,
153            signed_response: None,
154        }
155    }
156}