From a20ca9136b54a18a32986c4bb5454f86f9cad368 Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@beryju.org>
Date: Sat, 26 Dec 2020 18:53:47 +0100
Subject: [PATCH] providers/oauth2: use in for prompt check

---
 authentik/policies/views.py                   |  1 +
 authentik/providers/oauth2/views/authorize.py | 10 +++-------
 2 files changed, 4 insertions(+), 7 deletions(-)

diff --git a/authentik/policies/views.py b/authentik/policies/views.py
index b6d8cd669..a2491b133 100644
--- a/authentik/policies/views.py
+++ b/authentik/policies/views.py
@@ -29,6 +29,7 @@ class RequestValidationError(SentryIgnoredException):
         if response:
             self.response = response
 
+
 class BaseMixin:
     """Base Mixin class, used to annotate View Member variables"""
 
diff --git a/authentik/providers/oauth2/views/authorize.py b/authentik/providers/oauth2/views/authorize.py
index ab1e91e7e..af358b63e 100644
--- a/authentik/providers/oauth2/views/authorize.py
+++ b/authentik/providers/oauth2/views/authorize.py
@@ -341,21 +341,17 @@ class AuthorizationFlowInitView(PolicyAccessView):
             self.params = OAuthAuthorizationParams.from_request(self.request)
         except OAuth2Error as error:
             raise RequestValidationError(
-                bad_request_message(
-                    self.request, error.description, title=error.error
-                )
+                bad_request_message(self.request, error.description, title=error.error)
             )
         except OAuth2Provider.DoesNotExist:
             raise Http404
-        if self.params.prompt == PROMPT_NONE and not self.request.user.is_authenticated:
+        if PROMPT_NONE in self.params.prompt and not self.request.user.is_authenticated:
             # When "prompt" is set to "none" but the user is not logged in, show an error message
             error = AuthorizeError(
                 self.params.redirect_uri, "interaction_required", self.params.grant_type
             )
             raise RequestValidationError(
-                bad_request_message(
-                    self.request, error.description, title=error.error
-                )
+                bad_request_message(self.request, error.description, title=error.error)
             )
 
     def resolve_provider_application(self):