enterprise/providers/scim: add support for interactive OAuth2 (#22072)

* enterprise/providers/scim: add support for interactive OAuth2

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* prep different oauth mode

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* implement it

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add data to API

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update ui

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fixes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* cleanup

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* start adding tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add more tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove not-needed migration

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fixup

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix last_updated not being updated

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

packages/client-ts/src/models/SCIMAuthenticationModeEnum.ts

@@ -19,6 +19,7 @@
 export const SCIMAuthenticationModeEnum = {
     Token: "token",
     Oauth: "oauth",
+    OauthInteractive: "oauth_interactive",
     UnknownDefaultOpenApi: "11184809",
 } as const;
 export type SCIMAuthenticationModeEnum =

packages/client-ts/src/models/SCIMProvider.ts

@@ -125,6 +125,30 @@ export interface SCIMProvider {
      * @memberof SCIMProvider
      */
     authOauthParams?: { [key: string]: any };
+    /**
+     *
+     * @type {Date}
+     * @memberof SCIMProvider
+     */
+    readonly authOauthTokenLastUpdated: Date | null;
+    /**
+     *
+     * @type {Date}
+     * @memberof SCIMProvider
+     */
+    readonly authOauthTokenExpires: Date | null;
+    /**
+     *
+     * @type {string}
+     * @memberof SCIMProvider
+     */
+    readonly authOauthUrlCallback: string | null;
+    /**
+     *
+     * @type {string}
+     * @memberof SCIMProvider
+     */
+    readonly authOauthUrlStart: string | null;
     /**
      * Alter authentik behavior for vendor-specific SCIM implementations.
      * @type {CompatibilityModeEnum}
@@ -190,6 +214,13 @@ export function instanceOfSCIMProvider(value: object): value is SCIMProvider {
     if (!("verboseNamePlural" in value) || value["verboseNamePlural"] === undefined) return false;
     if (!("metaModelName" in value) || value["metaModelName"] === undefined) return false;
     if (!("url" in value) || value["url"] === undefined) return false;
+    if (!("authOauthTokenLastUpdated" in value) || value["authOauthTokenLastUpdated"] === undefined)
+        return false;
+    if (!("authOauthTokenExpires" in value) || value["authOauthTokenExpires"] === undefined)
+        return false;
+    if (!("authOauthUrlCallback" in value) || value["authOauthUrlCallback"] === undefined)
+        return false;
+    if (!("authOauthUrlStart" in value) || value["authOauthUrlStart"] === undefined) return false;
     return true;
 }
 
@@ -223,6 +254,16 @@ export function SCIMProviderFromJSONTyped(json: any, ignoreDiscriminator: boolea
                 : SCIMAuthenticationModeEnumFromJSON(json["auth_mode"]),
         authOauth: json["auth_oauth"] == null ? undefined : json["auth_oauth"],
         authOauthParams: json["auth_oauth_params"] == null ? undefined : json["auth_oauth_params"],
+        authOauthTokenLastUpdated:
+            json["auth_oauth_token_last_updated"] == null
+                ? null
+                : new Date(json["auth_oauth_token_last_updated"]),
+        authOauthTokenExpires:
+            json["auth_oauth_token_expires"] == null
+                ? null
+                : new Date(json["auth_oauth_token_expires"]),
+        authOauthUrlCallback: json["auth_oauth_url_callback"],
+        authOauthUrlStart: json["auth_oauth_url_start"],
         compatibilityMode:
             json["compatibility_mode"] == null
                 ? undefined
@@ -256,6 +297,10 @@ export function SCIMProviderToJSONTyped(
         | "verbose_name"
         | "verbose_name_plural"
         | "meta_model_name"
+        | "auth_oauth_token_last_updated"
+        | "auth_oauth_token_expires"
+        | "auth_oauth_url_callback"
+        | "auth_oauth_url_start"
     > | null,
     ignoreDiscriminator: boolean = false,
 ): any {