blueprints: fix policy exception causing password stage to be skipped after upgrade (#6674)

* blueprints: fix policy exception causing password stage to be skipped after upgrade

* make policy more fault tolerant

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens L 2023-08-30 00:08:04 +02:00 committed by GitHub
parent e1a49e1f4e
commit 1ffb7efed6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 2 deletions

View File

@ -51,6 +51,8 @@ entries:
order: 20 order: 20
stage: !KeyOf default-authentication-password stage: !KeyOf default-authentication-password
target: !KeyOf flow target: !KeyOf flow
attrs:
re_evaluate_policies: true
id: default-authentication-flow-password-binding id: default-authentication-flow-password-binding
model: authentik_flows.flowstagebinding model: authentik_flows.flowstagebinding
- identifiers: - identifiers:
@ -69,10 +71,12 @@ entries:
name: default-authentication-flow-password-stage name: default-authentication-flow-password-stage
attrs: attrs:
expression: | expression: |
flow_plan = request.context["flow_plan"] flow_plan = request.context.get("flow_plan")
if not flow_plan:
return True
# If the user does not have a backend attached to it, they haven't # If the user does not have a backend attached to it, they haven't
# been authenticated yet and we need the password stage # been authenticated yet and we need the password stage
return not hasattr(flow_plan.context["pending_user"], "backend") return not hasattr(flow_plan.context.get("pending_user"), "backend")
- model: authentik_policies.policybinding - model: authentik_policies.policybinding
identifiers: identifiers:
order: 10 order: 10