diff --git a/authentik/crypto/models.py b/authentik/crypto/models.py index 972e8d6cc..9c41020de 100644 --- a/authentik/crypto/models.py +++ b/authentik/crypto/models.py @@ -1,7 +1,7 @@ """authentik crypto models""" from binascii import hexlify from hashlib import md5 -from typing import Optional +from typing import Optional, Union from uuid import uuid4 from cryptography.hazmat.backends import default_backend @@ -41,8 +41,8 @@ class CertificateKeyPair(ManagedModel, CreatedUpdatedModel): ) _cert: Optional[Certificate] = None - _private_key: Optional[RSAPrivateKey | EllipticCurvePrivateKey | Ed25519PrivateKey] = None - _public_key: Optional[RSAPublicKey | EllipticCurvePublicKey | Ed25519PublicKey] = None + _private_key: Optional[Union[RSAPrivateKey, EllipticCurvePrivateKey, Ed25519PrivateKey]] = None + _public_key: Optional[Union[RSAPublicKey, EllipticCurvePublicKey, Ed25519PublicKey]] = None @property def certificate(self) -> Certificate: @@ -54,14 +54,16 @@ class CertificateKeyPair(ManagedModel, CreatedUpdatedModel): return self._cert @property - def public_key(self) -> Optional[RSAPublicKey | EllipticCurvePublicKey]: + def public_key(self) -> Optional[Union[RSAPublicKey, EllipticCurvePublicKey, Ed25519PublicKey]]: """Get public key of the private key""" if not self._public_key: self._public_key = self.private_key.public_key() return self._public_key @property - def private_key(self) -> Optional[RSAPrivateKey | EllipticCurvePrivateKey]: + def private_key( + self, + ) -> Optional[Union[RSAPrivateKey, EllipticCurvePrivateKey, Ed25519PrivateKey]]: """Get python cryptography PrivateKey instance""" if not self._private_key and self.key_data != "": try: diff --git a/authentik/providers/oauth2/api/provider.py b/authentik/providers/oauth2/api/provider.py index 964c434a1..fde5e6dd1 100644 --- a/authentik/providers/oauth2/api/provider.py +++ b/authentik/providers/oauth2/api/provider.py @@ -1,6 +1,5 @@ """OAuth2Provider API Views""" from django.urls import reverse -from django.utils.translation import gettext_lazy as _ from drf_spectacular.utils import OpenApiResponse, extend_schema from rest_framework.decorators import action from rest_framework.fields import CharField diff --git a/authentik/providers/oauth2/migrations/0008_rename_rsa_key_oauth2provider_signing_key_and_more.py b/authentik/providers/oauth2/migrations/0008_rename_rsa_key_oauth2provider_signing_key_and_more.py index 118e47ef2..297c11ad0 100644 --- a/authentik/providers/oauth2/migrations/0008_rename_rsa_key_oauth2provider_signing_key_and_more.py +++ b/authentik/providers/oauth2/migrations/0008_rename_rsa_key_oauth2provider_signing_key_and_more.py @@ -6,17 +6,20 @@ from django.db import migrations class Migration(migrations.Migration): dependencies = [ - ('authentik_providers_oauth2', '0007_auto_20201016_1107_squashed_0017_alter_oauth2provider_token_validity'), + ( + "authentik_providers_oauth2", + "0007_auto_20201016_1107_squashed_0017_alter_oauth2provider_token_validity", + ), ] operations = [ migrations.RenameField( - model_name='oauth2provider', - old_name='rsa_key', - new_name='signing_key', + model_name="oauth2provider", + old_name="rsa_key", + new_name="signing_key", ), migrations.RemoveField( - model_name='oauth2provider', - name='jwt_alg', + model_name="oauth2provider", + name="jwt_alg", ), ] diff --git a/authentik/providers/oauth2/models.py b/authentik/providers/oauth2/models.py index 16fcedc13..6162e4ded 100644 --- a/authentik/providers/oauth2/models.py +++ b/authentik/providers/oauth2/models.py @@ -8,9 +8,9 @@ from datetime import datetime from hashlib import sha256 from typing import Any, Optional, Type from urllib.parse import urlparse + from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey from cryptography.hazmat.primitives.asymmetric.rsa import RSAPrivateKey - from dacite import from_dict from django.db import models from django.http import HttpRequest diff --git a/authentik/providers/oauth2/views/jwks.py b/authentik/providers/oauth2/views/jwks.py index 0fe5e0f28..9364581f2 100644 --- a/authentik/providers/oauth2/views/jwks.py +++ b/authentik/providers/oauth2/views/jwks.py @@ -1,7 +1,10 @@ """authentik OAuth2 JWKS Views""" from base64 import urlsafe_b64encode -from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey, EllipticCurvePublicKey +from cryptography.hazmat.primitives.asymmetric.ec import ( + EllipticCurvePrivateKey, + EllipticCurvePublicKey, +) from cryptography.hazmat.primitives.asymmetric.rsa import RSAPrivateKey, RSAPublicKey from django.http import HttpRequest, HttpResponse, JsonResponse from django.shortcuts import get_object_or_404 @@ -58,7 +61,6 @@ class JWKSView(View): } ] - response = JsonResponse(response_data) response["Access-Control-Allow-Origin"] = "*" diff --git a/authentik/providers/proxy/models.py b/authentik/providers/proxy/models.py index d9d778caf..5e26b47c4 100644 --- a/authentik/providers/proxy/models.py +++ b/authentik/providers/proxy/models.py @@ -16,11 +16,7 @@ from authentik.providers.oauth2.constants import ( SCOPE_OPENID_EMAIL, SCOPE_OPENID_PROFILE, ) -from authentik.providers.oauth2.models import ( - ClientTypes, - OAuth2Provider, - ScopeMapping, -) +from authentik.providers.oauth2.models import ClientTypes, OAuth2Provider, ScopeMapping SCOPE_AK_PROXY = "ak_proxy"