blueprints: fix policy exception causing password stage to be skipped after upgrade (#6674)

* blueprints: fix policy exception causing password stage to be skipped after upgrade * make policy more fault tolerant Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-08-30 00:08:04 +02:00 · 2023-08-30 00:08:04 +02:00 · 1ffb7efed6
parent e1a49e1f4e
commit 1ffb7efed6
1 changed files with 6 additions and 2 deletions
--- a/blueprints/default/flow-default-authentication-flow.yaml
+++ b/blueprints/default/flow-default-authentication-flow.yaml
@ -51,6 +51,8 @@ entries:
    order: 20
    stage: !KeyOf default-authentication-password
    target: !KeyOf flow
+  attrs:
+    re_evaluate_policies: true
  id: default-authentication-flow-password-binding
  model: authentik_flows.flowstagebinding
 - identifiers:
@ -69,10 +71,12 @@ entries:
    name: default-authentication-flow-password-stage
  attrs:
    expression: |
-      flow_plan = request.context["flow_plan"]
+      flow_plan = request.context.get("flow_plan")
+      if not flow_plan:
+          return True
      # If the user does not have a backend attached to it, they haven't
      # been authenticated yet and we need the password stage
-      return not hasattr(flow_plan.context["pending_user"], "backend")
+      return not hasattr(flow_plan.context.get("pending_user"), "backend")
 - model: authentik_policies.policybinding
  identifiers:
    order: 10