authentik_rust/models/
saml_source.rs

1/*
2 * authentik
3 *
4 * Making authentication simple.
5 *
6 * The version of the OpenAPI document: 2024.2.1
7 * Contact: hello@goauthentik.io
8 * Generated by: https://openapi-generator.tech
9 */
10
11use crate::models;
12
13/// SamlSource : SAMLSource Serializer
14#[derive(Clone, Default, Debug, PartialEq, Serialize, Deserialize)]
15pub struct SamlSource {
16    #[serde(rename = "pk")]
17    pub pk: uuid::Uuid,
18    /// Source's display Name.
19    #[serde(rename = "name")]
20    pub name: String,
21    /// Internal source name, used in URLs.
22    #[serde(rename = "slug")]
23    pub slug: String,
24    #[serde(rename = "enabled", skip_serializing_if = "Option::is_none")]
25    pub enabled: Option<bool>,
26    /// Flow to use when authenticating existing users.
27    #[serde(rename = "authentication_flow", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
28    pub authentication_flow: Option<Option<uuid::Uuid>>,
29    /// Flow to use when enrolling new users.
30    #[serde(rename = "enrollment_flow", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
31    pub enrollment_flow: Option<Option<uuid::Uuid>>,
32    /// Get object component so that we know how to edit the object
33    #[serde(rename = "component")]
34    pub component: String,
35    /// Return object's verbose_name
36    #[serde(rename = "verbose_name")]
37    pub verbose_name: String,
38    /// Return object's plural verbose_name
39    #[serde(rename = "verbose_name_plural")]
40    pub verbose_name_plural: String,
41    /// Return internal model name
42    #[serde(rename = "meta_model_name")]
43    pub meta_model_name: String,
44    #[serde(rename = "policy_engine_mode", skip_serializing_if = "Option::is_none")]
45    pub policy_engine_mode: Option<models::PolicyEngineMode>,
46    /// How the source determines if an existing user should be authenticated or a new user enrolled.  * `identifier` - Use the source-specific identifier * `email_link` - Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses. * `email_deny` - Use the user's email address, but deny enrollment when the email address already exists. * `username_link` - Link to a user with identical username. Can have security implications when a username is used with another source. * `username_deny` - Use the user's username, but deny enrollment when the username already exists.
47    #[serde(rename = "user_matching_mode", skip_serializing_if = "Option::is_none")]
48    pub user_matching_mode: Option<models::UserMatchingModeEnum>,
49    /// Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.
50    #[serde(rename = "managed", deserialize_with = "Option::deserialize")]
51    pub managed: Option<String>,
52    #[serde(rename = "user_path_template", skip_serializing_if = "Option::is_none")]
53    pub user_path_template: Option<String>,
54    /// Get the URL to the Icon. If the name is /static or starts with http it is returned as-is
55    #[serde(rename = "icon", deserialize_with = "Option::deserialize")]
56    pub icon: Option<String>,
57    /// Flow used before authentication.
58    #[serde(rename = "pre_authentication_flow")]
59    pub pre_authentication_flow: uuid::Uuid,
60    /// Also known as Entity ID. Defaults the Metadata URL.
61    #[serde(rename = "issuer", skip_serializing_if = "Option::is_none")]
62    pub issuer: Option<String>,
63    /// URL that the initial Login request is sent to.
64    #[serde(rename = "sso_url")]
65    pub sso_url: String,
66    /// Optional URL if your IDP supports Single-Logout.
67    #[serde(rename = "slo_url", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
68    pub slo_url: Option<Option<String>>,
69    /// Allows authentication flows initiated by the IdP. This can be a security risk, as no validation of the request ID is done.
70    #[serde(rename = "allow_idp_initiated", skip_serializing_if = "Option::is_none")]
71    pub allow_idp_initiated: Option<bool>,
72    /// NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.  * `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress` - Email * `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` - Persistent * `urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName` - X509 * `urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName` - Windows * `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` - Transient
73    #[serde(rename = "name_id_policy", skip_serializing_if = "Option::is_none")]
74    pub name_id_policy: Option<models::NameIdPolicyEnum>,
75    #[serde(rename = "binding_type", skip_serializing_if = "Option::is_none")]
76    pub binding_type: Option<models::BindingTypeEnum>,
77    /// When selected, incoming assertion's Signatures will be validated against this certificate. To allow unsigned Requests, leave on default.
78    #[serde(rename = "verification_kp", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
79    pub verification_kp: Option<Option<uuid::Uuid>>,
80    /// Keypair used to sign outgoing Responses going to the Identity Provider.
81    #[serde(rename = "signing_kp", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
82    pub signing_kp: Option<Option<uuid::Uuid>>,
83    #[serde(rename = "digest_algorithm", skip_serializing_if = "Option::is_none")]
84    pub digest_algorithm: Option<models::DigestAlgorithmEnum>,
85    #[serde(rename = "signature_algorithm", skip_serializing_if = "Option::is_none")]
86    pub signature_algorithm: Option<models::SignatureAlgorithmEnum>,
87    /// Time offset when temporary users should be deleted. This only applies if your IDP uses the NameID Format 'transient', and the user doesn't log out manually. (Format: hours=1;minutes=2;seconds=3).
88    #[serde(rename = "temporary_user_delete_after", skip_serializing_if = "Option::is_none")]
89    pub temporary_user_delete_after: Option<String>,
90}
91
92impl SamlSource {
93    /// SAMLSource Serializer
94    pub fn new(pk: uuid::Uuid, name: String, slug: String, component: String, verbose_name: String, verbose_name_plural: String, meta_model_name: String, managed: Option<String>, icon: Option<String>, pre_authentication_flow: uuid::Uuid, sso_url: String) -> SamlSource {
95        SamlSource {
96            pk,
97            name,
98            slug,
99            enabled: None,
100            authentication_flow: None,
101            enrollment_flow: None,
102            component,
103            verbose_name,
104            verbose_name_plural,
105            meta_model_name,
106            policy_engine_mode: None,
107            user_matching_mode: None,
108            managed,
109            user_path_template: None,
110            icon,
111            pre_authentication_flow,
112            issuer: None,
113            sso_url,
114            slo_url: None,
115            allow_idp_initiated: None,
116            name_id_policy: None,
117            binding_type: None,
118            verification_kp: None,
119            signing_kp: None,
120            digest_algorithm: None,
121            signature_algorithm: None,
122            temporary_user_delete_after: None,
123        }
124    }
125}
126