From 0ab8f4eed7a9939f74fcc29aedbf65672497aeb9 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Fri, 19 Aug 2022 14:51:50 +0100 Subject: [PATCH] blueprints: add required password stage backends Signed-off-by: Jens Langhammer --- authentik/blueprints/v1/common.py | 2 -- .../stages/password/migrations/0007_app_password.py | 3 ++- .../default/10-flow-default-authentication-flow.yaml | 10 +++++++++- 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/authentik/blueprints/v1/common.py b/authentik/blueprints/v1/common.py index bc98e342e..1f505e29b 100644 --- a/authentik/blueprints/v1/common.py +++ b/authentik/blueprints/v1/common.py @@ -183,8 +183,6 @@ class Format(YAMLTag): def resolve(self, entry: BlueprintEntry, blueprint: Blueprint) -> Any: try: - print(self.format_string) - print(self.args) return self.format_string % tuple(self.args) except TypeError as exc: raise EntryInvalidError(exc) diff --git a/authentik/stages/password/migrations/0007_app_password.py b/authentik/stages/password/migrations/0007_app_password.py index fbff951b3..641ccdb07 100644 --- a/authentik/stages/password/migrations/0007_app_password.py +++ b/authentik/stages/password/migrations/0007_app_password.py @@ -15,7 +15,8 @@ def update_default_backends(apps: Apps, schema_editor: BaseDatabaseSchemaEditor) if not stages.exists(): return stage = stages.first() - stage.backends.append(BACKEND_APP_PASSWORD) + if BACKEND_APP_PASSWORD not in stage.backends: + stage.backends.append(BACKEND_APP_PASSWORD) stage.save() diff --git a/blueprints/default/10-flow-default-authentication-flow.yaml b/blueprints/default/10-flow-default-authentication-flow.yaml index 743b4b153..231420733 100644 --- a/blueprints/default/10-flow-default-authentication-flow.yaml +++ b/blueprints/default/10-flow-default-authentication-flow.yaml @@ -11,6 +11,10 @@ entries: model: authentik_flows.flow id: flow - attrs: + backends: + - authentik.core.auth.InbuiltBackend + - authentik.sources.ldap.auth.LDAPBackend + - authentik.core.auth.TokenBackend configure_flow: !Find [authentik_flows.flow, [slug, default-password-change]] identifiers: name: default-authentication-password @@ -20,7 +24,11 @@ entries: name: default-authentication-mfa-validation id: default-authentication-mfa-validation model: authentik_stages_authenticator_validate.authenticatorvalidatestage -- identifiers: +- attrs: + user_fields: + - email + - username + identifiers: name: default-authentication-identification id: default-authentication-identification model: authentik_stages_identification.identificationstage