From fc8fe5317ac821b4ac75424426d7156f7992d334 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Thu, 19 Jan 2023 17:57:21 +0100 Subject: [PATCH] stages: always use get_pending_user instead of getting context user Signed-off-by: Jens Langhammer --- authentik/stages/authenticator_duo/stage.py | 10 +--------- authentik/stages/authenticator_sms/stage.py | 6 +----- authentik/stages/authenticator_validate/stage.py | 2 +- authentik/stages/authenticator_webauthn/stage.py | 8 -------- 4 files changed, 3 insertions(+), 23 deletions(-) diff --git a/authentik/stages/authenticator_duo/stage.py b/authentik/stages/authenticator_duo/stage.py index 3e77b3507..df44a7259 100644 --- a/authentik/stages/authenticator_duo/stage.py +++ b/authentik/stages/authenticator_duo/stage.py @@ -1,5 +1,5 @@ """Duo stage""" -from django.http import HttpRequest, HttpResponse +from django.http import HttpResponse from django.utils.timezone import now from rest_framework.fields import CharField @@ -10,7 +10,6 @@ from authentik.flows.challenge import ( ChallengeTypes, WithUserInfoChallenge, ) -from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER from authentik.flows.stage import ChallengeStageView from authentik.flows.views.executor import InvalidStageError from authentik.stages.authenticator_duo.models import AuthenticatorDuoStage, DuoDevice @@ -68,13 +67,6 @@ class AuthenticatorDuoStageView(ChallengeStageView): } ) - def get(self, request: HttpRequest, *args, **kwargs) -> HttpResponse: - user = self.executor.plan.context.get(PLAN_CONTEXT_PENDING_USER) - if not user: - self.logger.debug("No pending user, continuing") - return self.executor.stage_ok() - return super().get(request, *args, **kwargs) - def challenge_valid(self, response: ChallengeResponse) -> HttpResponse: # Duo Challenge has already been validated stage: AuthenticatorDuoStage = self.executor.current_stage diff --git a/authentik/stages/authenticator_sms/stage.py b/authentik/stages/authenticator_sms/stage.py index f152b9b99..0192a3d8f 100644 --- a/authentik/stages/authenticator_sms/stage.py +++ b/authentik/stages/authenticator_sms/stage.py @@ -14,7 +14,6 @@ from authentik.flows.challenge import ( ChallengeTypes, WithUserInfoChallenge, ) -from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER from authentik.flows.stage import ChallengeStageView from authentik.stages.authenticator_sms.models import ( AuthenticatorSMSStage, @@ -95,10 +94,7 @@ class AuthenticatorSMSStageView(ChallengeStageView): return response def get(self, request: HttpRequest, *args, **kwargs) -> HttpResponse: - user = self.executor.plan.context.get(PLAN_CONTEXT_PENDING_USER) - if not user: - self.logger.debug("No pending user, continuing") - return self.executor.stage_ok() + user = self.get_pending_user() # Currently, this stage only supports one device per user. If the user already # has a device, just skip to the next stage diff --git a/authentik/stages/authenticator_validate/stage.py b/authentik/stages/authenticator_validate/stage.py index 8f4d39a52..148172527 100644 --- a/authentik/stages/authenticator_validate/stage.py +++ b/authentik/stages/authenticator_validate/stage.py @@ -376,7 +376,7 @@ class AuthenticatorValidateStageView(ChallengeStageView): def challenge_valid(self, response: AuthenticatorValidationChallengeResponse) -> HttpResponse: # All validation is done by the serializer - user = self.executor.plan.context.get(PLAN_CONTEXT_PENDING_USER) + user = self.get_pending_user() if not user: if "webauthn" not in response.data: return self.executor.stage_invalid() diff --git a/authentik/stages/authenticator_webauthn/stage.py b/authentik/stages/authenticator_webauthn/stage.py index f7137bc15..41132f4aa 100644 --- a/authentik/stages/authenticator_webauthn/stage.py +++ b/authentik/stages/authenticator_webauthn/stage.py @@ -26,7 +26,6 @@ from authentik.flows.challenge import ( ChallengeTypes, WithUserInfoChallenge, ) -from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER from authentik.flows.stage import ChallengeStageView from authentik.stages.authenticator_webauthn.models import AuthenticateWebAuthnStage, WebAuthnDevice from authentik.stages.authenticator_webauthn.utils import get_origin, get_rp_id @@ -113,13 +112,6 @@ class AuthenticatorWebAuthnStageView(ChallengeStageView): } ) - def get(self, request: HttpRequest, *args, **kwargs) -> HttpResponse: - user = self.executor.plan.context.get(PLAN_CONTEXT_PENDING_USER) - if not user: - self.logger.debug("No pending user, continuing") - return self.executor.stage_ok() - return super().get(request, *args, **kwargs) - def get_response_instance(self, data: QueryDict) -> AuthenticatorWebAuthnChallengeResponse: response: AuthenticatorWebAuthnChallengeResponse = super().get_response_instance(data) response.request = self.request