sources/oauth: fix azure AD get_profile_info not working
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
35bcd5d174
commit
4f04ab7a5f
|
@ -2,13 +2,46 @@
|
||||||
from typing import Any, Optional
|
from typing import Any, Optional
|
||||||
from uuid import UUID
|
from uuid import UUID
|
||||||
|
|
||||||
|
from requests.exceptions import RequestException
|
||||||
|
from structlog.stdlib import get_logger
|
||||||
|
|
||||||
|
from authentik.sources.oauth.clients.oauth2 import OAuth2Client
|
||||||
from authentik.sources.oauth.types.manager import MANAGER, SourceType
|
from authentik.sources.oauth.types.manager import MANAGER, SourceType
|
||||||
from authentik.sources.oauth.views.callback import OAuthCallback
|
from authentik.sources.oauth.views.callback import OAuthCallback
|
||||||
|
|
||||||
|
LOGGER = get_logger()
|
||||||
|
|
||||||
|
|
||||||
|
class AzureADClient(OAuth2Client):
|
||||||
|
"""Azure AD Oauth client, azure ad doesn't like the ?access_token that is sent by default"""
|
||||||
|
|
||||||
|
def get_profile_info(self, token: dict[str, str]) -> Optional[dict[str, Any]]:
|
||||||
|
"Fetch user profile information."
|
||||||
|
profile_url = self.source.type.profile_url or ""
|
||||||
|
if self.source.type.urls_customizable and self.source.profile_url:
|
||||||
|
profile_url = self.source.profile_url
|
||||||
|
try:
|
||||||
|
response = self.session.request(
|
||||||
|
"get",
|
||||||
|
profile_url,
|
||||||
|
headers={
|
||||||
|
"Authorization": f"{token['token_type']} {token['access_token']}"
|
||||||
|
},
|
||||||
|
)
|
||||||
|
LOGGER.debug(response.text)
|
||||||
|
response.raise_for_status()
|
||||||
|
except RequestException as exc:
|
||||||
|
LOGGER.warning("Unable to fetch user profile", exc=exc)
|
||||||
|
return None
|
||||||
|
else:
|
||||||
|
return response.json()
|
||||||
|
|
||||||
|
|
||||||
class AzureADOAuthCallback(OAuthCallback):
|
class AzureADOAuthCallback(OAuthCallback):
|
||||||
"""AzureAD OAuth2 Callback"""
|
"""AzureAD OAuth2 Callback"""
|
||||||
|
|
||||||
|
client_class = AzureADClient
|
||||||
|
|
||||||
def get_user_id(self, info: dict[str, Any]) -> Optional[str]:
|
def get_user_id(self, info: dict[str, Any]) -> Optional[str]:
|
||||||
try:
|
try:
|
||||||
return str(UUID(info.get("objectId")).int)
|
return str(UUID(info.get("objectId")).int)
|
||||||
|
|
Reference in New Issue