trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

sources/oauth: fix error whilst fetching user profile when source uses fixed URLs 

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-04-20 17:04:19 +02:00
parent 34a191f216
commit dc75d7b7f0
4 changed files with 16 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
authentik/sources/oauth/clients/base.py
View File

@ -40,8 +40,11 @@ class BaseOAuthClient:
def get_profile_info(self, token: dict[str, str]) -> Optional[dict[str, Any]]: def get_profile_info(self, token: dict[str, str]) -> Optional[dict[str, Any]]:
"Fetch user profile information." "Fetch user profile information."
profile_url = self.source.type.profile_url or ""
if self.source.type.urls_customizable and self.source.profile_url:
profile_url = self.source.profile_url
try: try:
response = self.do_request("get", self.source.profile_url, token=token) response = self.do_request("get", profile_url, token=token)
response.raise_for_status() response.raise_for_status()
except RequestException as exc: except RequestException as exc:
LOGGER.warning("Unable to fetch user profile", exc=exc) LOGGER.warning("Unable to fetch user profile", exc=exc)
@ -60,16 +63,16 @@ class BaseOAuthClient:
args.update(additional) args.update(additional)
params = urlencode(args) params = urlencode(args)
LOGGER.info("redirect args", **args) LOGGER.info("redirect args", **args)
base_url = self.source.type.authorization_url authorization_url = self.source.type.authorization_url or ""
if self.source.authorization_url: if self.source.type.urls_customizable and self.source.authorization_url:
base_url = self.source.authorization_url authorization_url = self.source.authorization_url
if base_url == "": if authorization_url == "":
Event.new( Event.new(
EventAction.CONFIGURATION_ERROR, EventAction.CONFIGURATION_ERROR,
source=self.source, source=self.source,
message="Source has an empty authorization URL.", message="Source has an empty authorization URL.",
).save() ).save()
return f"{base_url}?{params}" return f"{authorization_url}?{params}"
def parse_raw_token(self, raw_token: str) -> dict[str, Any]: def parse_raw_token(self, raw_token: str) -> dict[str, Any]:
"Parse token and secret from raw token response." "Parse token and secret from raw token response."

8
authentik/sources/oauth/clients/oauth1.py
View File

@ -28,8 +28,8 @@ class OAuthClient(BaseOAuthClient):
if raw_token is not None and verifier is not None: if raw_token is not None and verifier is not None:
token = self.parse_raw_token(raw_token) token = self.parse_raw_token(raw_token)
try: try:
access_token_url: str = self.source.type.access_token_url or "" access_token_url = self.source.type.access_token_url or ""
if self.source.access_token_url: if self.source.type.urls_customizable and self.source.access_token_url:
access_token_url = self.source.access_token_url access_token_url = self.source.access_token_url
response = self.do_request( response = self.do_request(
"post", "post",
@ -51,8 +51,8 @@ class OAuthClient(BaseOAuthClient):
"Fetch the OAuth request token. Only required for OAuth 1.0." "Fetch the OAuth request token. Only required for OAuth 1.0."
callback = self.request.build_absolute_uri(self.callback) callback = self.request.build_absolute_uri(self.callback)
try: try:
request_token_url: str = self.source.type.request_token_url or "" request_token_url = self.source.type.request_token_url or ""
if self.source.request_token_url: if self.source.type.urls_customizable and self.source.request_token_url:
request_token_url = self.source.request_token_url request_token_url = self.source.request_token_url
response = self.do_request( response = self.do_request(
"post", "post",

2
authentik/sources/oauth/clients/oauth2.py
View File

@ -57,7 +57,7 @@ class OAuth2Client(BaseOAuthClient):
return None return None
try: try:
access_token_url = self.source.type.access_token_url or "" access_token_url = self.source.type.access_token_url or ""
if self.source.access_token_url: if self.source.type.urls_customizable and self.source.access_token_url:
access_token_url = self.source.access_token_url access_token_url = self.source.access_token_url
response = self.session.request( response = self.session.request(
"post", "post",

4
web/src/pages/sources/oauth/OAuthSourceViewPage.ts
View File

@ -99,7 +99,7 @@ export class OAuthSourceViewPage extends LitElement {
<span class="pf-c-description-list__text">${t`Authorization URL`}</span> <span class="pf-c-description-list__text">${t`Authorization URL`}</span>
</dt> </dt>
<dd class="pf-c-description-list__description"> <dd class="pf-c-description-list__description">
<div class="pf-c-description-list__text">${this.source.authorizationUrl}</div> <div class="pf-c-description-list__text">${this.source.type?.authorizationUrl || this.source.authorizationUrl}</div>
</dd> </dd>
</div> </div>
<div class="pf-c-description-list__group"> <div class="pf-c-description-list__group">
@ -107,7 +107,7 @@ export class OAuthSourceViewPage extends LitElement {
<span class="pf-c-description-list__text">${t`Token URL`}</span> <span class="pf-c-description-list__text">${t`Token URL`}</span>
</dt> </dt>
<dd class="pf-c-description-list__description"> <dd class="pf-c-description-list__description">
<div class="pf-c-description-list__text">${this.source.accessTokenUrl}</div> <div class="pf-c-description-list__text">${this.source.type?.accessTokenUrl || this.source.accessTokenUrl}</div>
</dd> </dd>
</div> </div>
</dl> </dl>