providers/oauth2: fix incorrect scope permissions shown (#6696)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
parent
bfd0fb66b3
commit
3afff1bae9
|
@ -375,7 +375,9 @@ class AuthorizationFlowInitView(PolicyAccessView):
|
|||
):
|
||||
self.request.session[SESSION_KEY_LAST_LOGIN_UID] = login_uid
|
||||
return self.handle_no_permission()
|
||||
scope_descriptions = UserInfoView().get_scope_descriptions(self.params.scope)
|
||||
scope_descriptions = UserInfoView().get_scope_descriptions(
|
||||
self.params.scope, self.params.provider
|
||||
)
|
||||
# Regardless, we start the planner and return to it
|
||||
planner = FlowPlanner(self.provider.authorization_flow)
|
||||
planner.allow_empty_flows = True
|
||||
|
|
|
@ -55,7 +55,7 @@ def validate_code(code: int, request: HttpRequest) -> Optional[HttpResponse]:
|
|||
if not app:
|
||||
return None
|
||||
|
||||
scope_descriptions = UserInfoView().get_scope_descriptions(token.scope)
|
||||
scope_descriptions = UserInfoView().get_scope_descriptions(token.scope, token.provider)
|
||||
planner = FlowPlanner(token.provider.authorization_flow)
|
||||
planner.allow_empty_flows = True
|
||||
try:
|
||||
|
|
|
@ -40,10 +40,14 @@ class UserInfoView(View):
|
|||
|
||||
token: Optional[RefreshToken]
|
||||
|
||||
def get_scope_descriptions(self, scopes: list[str]) -> list[PermissionDict]:
|
||||
def get_scope_descriptions(
|
||||
self, scopes: list[str], provider: OAuth2Provider
|
||||
) -> list[PermissionDict]:
|
||||
"""Get a list of all Scopes's descriptions"""
|
||||
scope_descriptions = []
|
||||
for scope in ScopeMapping.objects.filter(scope_name__in=scopes).order_by("scope_name"):
|
||||
for scope in ScopeMapping.objects.filter(scope_name__in=scopes, provider=provider).order_by(
|
||||
"scope_name"
|
||||
):
|
||||
scope_descriptions.append(PermissionDict(id=scope.scope_name, name=scope.description))
|
||||
# GitHub Compatibility Scopes are handled differently, since they required custom paths
|
||||
# Hence they don't exist as Scope objects
|
||||
|
|
Reference in a new issue