Skip to content

Commit

Permalink
admin: system api: do not show FIPS status if no valid license (#10091)
Browse files Browse the repository at this point in the history 
* admin: system api: do not show FIPS status if no valid license

Signed-off-by: Marc 'risson' Schmitt <[email protected]>

* also for outposts

Signed-off-by: Marc 'risson' Schmitt <[email protected]>

* black

Signed-off-by: Marc 'risson' Schmitt <[email protected]>

---------

Signed-off-by: Marc 'risson' Schmitt <[email protected]>
  • Loading branch information
@rissson
rissson authored Jun 14, 2024
1 parent ae86184 commit b8cbdca
Show file tree
Hide file tree
Showing 3 changed files with 17 additions and 4 deletions.
7 changes: 5 additions & 2 deletions authentik/admin/api/system.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@

from authentik import get_full_version
from authentik.core.api.utils import PassiveSerializer
from authentik.enterprise.license import LicenseKey
from authentik.lib.config import CONFIG
from authentik.lib.utils.reflection import get_env
from authentik.outposts.apps import MANAGED_OUTPOST
Expand All @@ -32,7 +33,7 @@ class RuntimeDict(TypedDict):
platform: str
uname: str
openssl_version: str
openssl_fips_mode: bool
openssl_fips_mode: bool | None
authentik_version: str


Expand Down Expand Up @@ -71,7 +72,9 @@ def get_runtime(self, request: Request) -> RuntimeDict:
"architecture": platform.machine(),
"authentik_version": get_full_version(),
"environment": get_env(),
"openssl_fips_enabled": backend._fips_enabled,
"openssl_fips_enabled": (
backend._fips_enabled if LicenseKey.get_total().is_valid() else None
),
"openssl_version": OPENSSL_VERSION,
"platform": platform.platform(),
"python_version": python_version,
Expand Down
11 changes: 9 additions & 2 deletions authentik/outposts/api/outposts.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
from django_filters.filterset import FilterSet
from drf_spectacular.utils import extend_schema
from rest_framework.decorators import action
from rest_framework.fields import BooleanField, CharField, DateTimeField
from rest_framework.fields import BooleanField, CharField, DateTimeField, SerializerMethodField
from rest_framework.relations import PrimaryKeyRelatedField
from rest_framework.request import Request
from rest_framework.response import Response
Expand All @@ -18,6 +18,7 @@
from authentik.core.api.used_by import UsedByMixin
from authentik.core.api.utils import JSONDictField, PassiveSerializer
from authentik.core.models import Provider
from authentik.enterprise.license import LicenseKey
from authentik.enterprise.providers.rac.models import RACProvider
from authentik.outposts.api.service_connections import ServiceConnectionSerializer
from authentik.outposts.apps import MANAGED_OUTPOST, MANAGED_OUTPOST_NAME
Expand Down Expand Up @@ -120,7 +121,7 @@ class OutpostHealthSerializer(PassiveSerializer):
golang_version = CharField(read_only=True)
openssl_enabled = BooleanField(read_only=True)
openssl_version = CharField(read_only=True)
fips_enabled = BooleanField(read_only=True)
fips_enabled = SerializerMethodField()

version_should = CharField(read_only=True)
version_outdated = BooleanField(read_only=True)
Expand All @@ -130,6 +131,12 @@ class OutpostHealthSerializer(PassiveSerializer):

hostname = CharField(read_only=True, required=False)

def get_fips_enabled(self, obj: dict) -> bool | None:
"""Get FIPS enabled"""
if not LicenseKey.get_total().is_valid():
return None
return obj["fips_enabled"]


class OutpostFilter(FilterSet):
"""Filter for Outposts"""
Expand Down
3 changes: 3 additions & 0 deletions schema.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39547,6 +39547,8 @@ components:
readOnly: true
fips_enabled:
type: boolean
nullable: true
description: Get FIPS enabled
readOnly: true
version_should:
type: string
Expand Down Expand Up @@ -47406,6 +47408,7 @@ components:
type: string
openssl_fips_mode:
type: boolean
nullable: true
authentik_version:
type: string
required:
Expand Down

0 comments on commit b8cbdca

Please sign in to comment.