From 6600d5bf698140659f3d1048915dcdb00447facb Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@beryju.org>
Date: Sat, 15 May 2021 14:08:49 +0200
Subject: [PATCH] providers/oauth2: use user.uid
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
---
authentik/providers/oauth2/models.py | 3 +--
outpost/pkg/proxy/templates.go | 2 ++
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/authentik/providers/oauth2/models.py b/authentik/providers/oauth2/models.py
index b6440593b..e40c6f643 100644
--- a/authentik/providers/oauth2/models.py
+++ b/authentik/providers/oauth2/models.py
@@ -12,7 +12,6 @@ from uuid import uuid4
from cryptography.hazmat.primitives.asymmetric.rsa import RSAPrivateKey
from dacite import from_dict
-from django.conf import settings
from django.db import models
from django.http import HttpRequest
from django.utils import dateformat, timezone
@@ -457,7 +456,7 @@ class RefreshToken(ExpiringModel, BaseGrantModel):
See: http://openid.net/specs/openid-connect-core-1_0.html#IDToken"""
sub = ""
if self.provider.sub_mode == SubModes.HASHED_USER_ID:
- sub = sha256(f"{user.id}-{settings.SECRET_KEY}".encode("ascii")).hexdigest()
+ sub = user.uid
elif self.provider.sub_mode == SubModes.USER_EMAIL:
sub = user.email
elif self.provider.sub_mode == SubModes.USER_USERNAME:
diff --git a/outpost/pkg/proxy/templates.go b/outpost/pkg/proxy/templates.go
index 1efdb210d..ca61f9ca3 100644
--- a/outpost/pkg/proxy/templates.go
+++ b/outpost/pkg/proxy/templates.go
@@ -13,12 +13,14 @@ func getTemplates() *template.Template {
<head>
<title>{{.Title}}</title>
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
+ <style>* { font-family: sans-serif; }</style>
</head>
<body>
<h2>{{.Title}}</h2>
<p>{{.Message}}</p>
<hr>
<p><a href="{{.ProxyPrefix}}/sign_in">Sign In</a></p>
+ <p>Powered by <a href="https://goauthentik.io">authentik</a></p>
</body>
</html>{{end}}`)
if err != nil {