diff --git a/Cargo.lock b/Cargo.lock index 308be98ef..06dfc1a44 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3319,6 +3319,7 @@ dependencies = [ "serde_with", "smartstring", "sshkey-attest", + "sshkeys", "time", "tracing", "url", diff --git a/Cargo.toml b/Cargo.toml index e813a40ae..8ade1ff87 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -264,6 +264,7 @@ shellexpand = "^2.1.2" smartstring = "^1.0.1" smolset = "^1.3.1" sshkey-attest = "^0.5.0" +sshkeys = "0.3.3" svg = "0.13.1" syn = { version = "2.0.82", features = ["full"] } tempfile = "3.13.0" diff --git a/proto/Cargo.toml b/proto/Cargo.toml index bc12d0a92..2cd08c13c 100644 --- a/proto/Cargo.toml +++ b/proto/Cargo.toml @@ -37,6 +37,7 @@ utoipa = { workspace = true } uuid = { workspace = true, features = ["serde"] } webauthn-rs-proto = { workspace = true } sshkey-attest = { workspace = true } +sshkeys = { workspace = true } [dev-dependencies] enum-iterator = { workspace = true } diff --git a/proto/src/attribute.rs b/proto/src/attribute.rs index 5e43b249b..e3f7aa19a 100644 --- a/proto/src/attribute.rs +++ b/proto/src/attribute.rs @@ -188,6 +188,7 @@ pub enum Attribute { TestNotAllowed, #[cfg(not(test))] + #[schema(value_type = String)] Custom(AttrString), } diff --git a/proto/src/v1/unix.rs b/proto/src/v1/unix.rs index bb073ee8c..8a99ac737 100644 --- a/proto/src/v1/unix.rs +++ b/proto/src/v1/unix.rs @@ -1,5 +1,6 @@ use serde::{Deserialize, Serialize}; use sshkey_attest::proto::PublicKey as SshPublicKey; +use sshkeys::{KeyType, KeyTypeKind, PublicKeyKind}; use std::fmt; use utoipa::ToSchema; use uuid::Uuid; @@ -8,6 +9,35 @@ use serde_with::skip_serializing_none; use crate::constants::{ATTR_GROUP, ATTR_LDAP_SSHPUBLICKEY}; +#[allow(dead_code)] +#[derive(ToSchema)] +#[schema(as = KeyTypeKind)] +pub struct KeyTypeKindSchema(KeyTypeKind); + +#[derive(ToSchema)] +#[schema(as = KeyType)] +pub struct KeyTypeSchema { + pub name: &'static str, + pub short_name: &'static str, + pub is_cert: bool, + pub is_sk: bool, + pub kind: KeyTypeKind, + pub plain: &'static str, +} + +#[allow(dead_code)] +#[derive(ToSchema)] +#[schema(as = PublicKeyKind)] +pub struct PublicKeyKindSchema(PublicKeyKind); + +#[derive(ToSchema)] +#[schema(as = SshPublicKey)] +pub struct SshPublicKeySchema { + pub key_type: KeyType, + pub kind: PublicKeyKind, + pub comment: Option, +} + /// A token representing the details of a unix group #[derive(Debug, Serialize, Deserialize, Clone, ToSchema)] pub struct UnixGroupToken { diff --git a/server/core/src/https/apidocs/mod.rs b/server/core/src/https/apidocs/mod.rs index 177a6b39d..31eca9e55 100644 --- a/server/core/src/https/apidocs/mod.rs +++ b/server/core/src/https/apidocs/mod.rs @@ -1,5 +1,5 @@ use axum::{middleware::from_fn, response::Redirect, routing::get, Router}; -use kanidm_proto::{internal, scim_v1, v1}; +use kanidm_proto::{attribute, internal, scim_v1, v1}; use utoipa::{ openapi::security::{HttpAuthScheme, HttpBuilder, SecurityScheme}, Modify, OpenApi, @@ -209,7 +209,7 @@ impl Modify for SecurityAddon { ), components( schemas( - // kanidm_proto::attribute::Attribute, + attribute::Attribute, scim_v1::ScimSyncState, @@ -223,6 +223,7 @@ impl Modify for SecurityAddon { internal::ApiToken, internal::ApiTokenPurpose, internal::BackupCodesView, + internal::ConsistencyError, internal::CreateRequest, internal::CredentialDetail, internal::CredentialDetailType, @@ -263,7 +264,11 @@ impl Modify for SecurityAddon { v1::AuthStep, v1::Entry, v1::GroupUnixExtend, + v1::PublicKeyKindSchema, v1::SingleStringRequest, + v1::SshPublicKeySchema, + v1::KeyTypeKindSchema, + v1::KeyTypeSchema, internal::UiHint, v1::UatPurposeStatus, v1::UatStatus, diff --git a/server/core/src/https/v1_scim.rs b/server/core/src/https/v1_scim.rs index bbae59d33..8b38fa18a 100644 --- a/server/core/src/https/v1_scim.rs +++ b/server/core/src/https/v1_scim.rs @@ -347,7 +347,7 @@ async fn scim_entry_id_get( ), security(("token_jwt" = [])), tag = "scim", - operation_id = "scim_entry_id_get" + operation_id = "scim_person_id_get" )] async fn scim_person_id_get( State(state): State,