stages/authenticator: add user field to devices (#12636)

Signed-off-by: Jens Langhammer <[email protected]>

Author: BeryJu

authentik/stages/authenticator_duo/api.py

@@ -12,6 +12,7 @@
 from rest_framework.viewsets import GenericViewSet, ModelViewSet
 from structlog.stdlib import get_logger
 
+from authentik.core.api.groups import GroupMemberSerializer
 from authentik.core.api.used_by import UsedByMixin
 from authentik.core.api.utils import ModelSerializer
 from authentik.flows.api.stages import StageSerializer
@@ -165,9 +166,11 @@ def import_devices_automatic(self, request: Request, pk: str) -> Response:
 class DuoDeviceSerializer(ModelSerializer):
     """Serializer for Duo authenticator devices"""
 
+    user = GroupMemberSerializer(read_only=True)
+
     class Meta:
         model = DuoDevice
-        fields = ["pk", "name"]
+        fields = ["pk", "name", "user"]
         depth = 2
 
 

authentik/stages/authenticator_sms/api.py

@@ -3,6 +3,7 @@
 from rest_framework import mixins
 from rest_framework.viewsets import GenericViewSet, ModelViewSet
 
+from authentik.core.api.groups import GroupMemberSerializer
 from authentik.core.api.used_by import UsedByMixin
 from authentik.core.api.utils import ModelSerializer
 from authentik.flows.api.stages import StageSerializer
@@ -41,9 +42,11 @@ class AuthenticatorSMSStageViewSet(UsedByMixin, ModelViewSet):
 class SMSDeviceSerializer(ModelSerializer):
     """Serializer for sms authenticator devices"""
 
+    user = GroupMemberSerializer(read_only=True)
+
     class Meta:
         model = SMSDevice
-        fields = ["name", "pk", "phone_number"]
+        fields = ["name", "pk", "phone_number", "user"]
         depth = 2
         extra_kwargs = {
             "phone_number": {"read_only": True},

authentik/stages/authenticator_static/api.py

@@ -3,6 +3,7 @@
 from rest_framework import mixins
 from rest_framework.viewsets import GenericViewSet, ModelViewSet
 
+from authentik.core.api.groups import GroupMemberSerializer
 from authentik.core.api.used_by import UsedByMixin
 from authentik.core.api.utils import ModelSerializer
 from authentik.flows.api.stages import StageSerializer
@@ -48,10 +49,11 @@ class StaticDeviceSerializer(ModelSerializer):
     """Serializer for static authenticator devices"""
 
     token_set = StaticDeviceTokenSerializer(many=True, read_only=True)
+    user = GroupMemberSerializer(read_only=True)
 
     class Meta:
         model = StaticDevice
-        fields = ["name", "token_set", "pk"]
+        fields = ["name", "token_set", "pk", "user"]
 
 
 class StaticDeviceViewSet(

authentik/stages/authenticator_totp/api.py

@@ -4,6 +4,7 @@
 from rest_framework.fields import ChoiceField
 from rest_framework.viewsets import GenericViewSet, ModelViewSet
 
+from authentik.core.api.groups import GroupMemberSerializer
 from authentik.core.api.used_by import UsedByMixin
 from authentik.core.api.utils import ModelSerializer
 from authentik.flows.api.stages import StageSerializer
@@ -37,11 +38,14 @@ class AuthenticatorTOTPStageViewSet(UsedByMixin, ModelViewSet):
 class TOTPDeviceSerializer(ModelSerializer):
     """Serializer for totp authenticator devices"""
 
+    user = GroupMemberSerializer(read_only=True)
+
     class Meta:
         model = TOTPDevice
         fields = [
             "name",
             "pk",
+            "user",
         ]
         depth = 2
 

authentik/stages/authenticator_webauthn/api/devices.py

@@ -3,6 +3,7 @@
 from rest_framework import mixins
 from rest_framework.viewsets import GenericViewSet, ModelViewSet
 
+from authentik.core.api.groups import GroupMemberSerializer
 from authentik.core.api.used_by import UsedByMixin
 from authentik.core.api.utils import ModelSerializer
 from authentik.stages.authenticator_webauthn.api.device_types import WebAuthnDeviceTypeSerializer
@@ -13,10 +14,11 @@ class WebAuthnDeviceSerializer(ModelSerializer):
     """Serializer for WebAuthn authenticator devices"""
 
     device_type = WebAuthnDeviceTypeSerializer(read_only=True, allow_null=True)
+    user = GroupMemberSerializer(read_only=True)
 
     class Meta:
         model = WebAuthnDevice
-        fields = ["pk", "name", "created_on", "device_type", "aaguid"]
+        fields = ["pk", "name", "created_on", "device_type", "aaguid", "user"]
         extra_kwargs = {
             "aaguid": {"read_only": True},
         }

schema.yml

@@ -41226,9 +41226,14 @@ components:
           type: string
           description: The human-readable name of this device.
           maxLength: 64
+        user:
+          allOf:
+          - $ref: '#/components/schemas/GroupMember'
+          readOnly: true
       required:
       - name
       - pk
+      - user
     DuoDeviceEnrollmentStatus:
       type: object
       properties:
@@ -54570,10 +54575,15 @@ components:
         phone_number:
           type: string
           readOnly: true
+        user:
+          allOf:
+          - $ref: '#/components/schemas/GroupMember'
+          readOnly: true
       required:
       - name
       - phone_number
       - pk
+      - user
     SMSDeviceRequest:
       type: object
       description: Serializer for sms authenticator devices
@@ -55275,10 +55285,15 @@ components:
           type: integer
           readOnly: true
           title: ID
+        user:
+          allOf:
+          - $ref: '#/components/schemas/GroupMember'
+          readOnly: true
       required:
       - name
       - pk
       - token_set
+      - user
     StaticDeviceRequest:
       type: object
       description: Serializer for static authenticator devices
@@ -55507,9 +55522,14 @@ components:
           type: integer
           readOnly: true
           title: ID
+        user:
+          allOf:
+          - $ref: '#/components/schemas/GroupMember'
+          readOnly: true
       required:
       - name
       - pk
+      - user
     TOTPDeviceRequest:
       type: object
       description: Serializer for totp authenticator devices
@@ -56951,12 +56971,17 @@ components:
         aaguid:
           type: string
           readOnly: true
+        user:
+          allOf:
+          - $ref: '#/components/schemas/GroupMember'
+          readOnly: true
       required:
       - aaguid
       - created_on
       - device_type
       - name
       - pk
+      - user
     WebAuthnDeviceRequest:
       type: object
       description: Serializer for WebAuthn authenticator devices