change urls

2024-01-16 01:38:02 +00:00 · 2024-01-16 01:38:02 +00:00 · 51b229387b
parent 461af185ad
commit 51b229387b
10 changed files with 48 additions and 31 deletions
--- a/authentik/providers/oauth2/api/providers.py
+++ b/authentik/providers/oauth2/api/providers.py
@ -95,16 +95,19 @@ class OAuth2ProviderViewSet(UsedByMixin, ModelViewSet):
            "authorize": request.build_absolute_uri(
                reverse(
                    "authentik_providers_oauth2:authorize",
+                    kwargs={"application_slug": provider.application.slug},
                )
            ),
            "token": request.build_absolute_uri(
                reverse(
                    "authentik_providers_oauth2:token",
+                    kwargs={"application_slug": provider.application.slug},
                )
            ),
            "user_info": request.build_absolute_uri(
                reverse(
                    "authentik_providers_oauth2:userinfo",
+                    kwargs={"application_slug": provider.application.slug},
                )
            ),
            "provider_info": None,
--- a/authentik/providers/oauth2/tests/test_api.py
+++ b/authentik/providers/oauth2/tests/test_api.py
@ -34,7 +34,7 @@ class TestAPI(APITestCase):
        )
        self.assertEqual(response.status_code, 200)
        body = loads(response.content.decode())["preview"]
-        self.assertEqual(body["iss"], "http://testserver/application/o/issuer/test/")
+        self.assertEqual(body["iss"], "http://testserver/application/o/test/")

    def test_setup_urls(self):
        """Test Setup URLs API Endpoint"""
@ -43,7 +43,7 @@ class TestAPI(APITestCase):
        )
        self.assertEqual(response.status_code, 200)
        body = loads(response.content.decode())
-        self.assertEqual(body["issuer"], "http://testserver/application/o/issuer/test/")
+        self.assertEqual(body["issuer"], "http://testserver/application/o/test/")

    # https://github.com/goauthentik/authentik/pull/5918
    @skipUnless(version_info >= (3, 11, 4), "This behaviour is only Python 3.11.4 and up")
--- a/authentik/providers/oauth2/urls.py
+++ b/authentik/providers/oauth2/urls.py
@ -20,40 +20,40 @@ from authentik.providers.oauth2.views.userinfo import UserInfoView

 urlpatterns = [
    path(
-        "authorize/",
+        "<slug:application_slug>/authorize/",
        AuthorizationFlowInitView.as_view(),
        name="authorize",
    ),
-    path("token/", TokenView.as_view(), name="token"),
-    path("device/", DeviceView.as_view(), name="device"),
+    path("<slug:application_slug>/token/", TokenView.as_view(), name="token"),
+    path("<slug:application_slug>/device/", DeviceView.as_view(), name="device"),
    path(
-        "userinfo/",
+        "<slug:application_slug>/userinfo/",
        UserInfoView.as_view(),
        name="userinfo",
    ),
    path(
-        "introspect/",
+        "<slug:application_slug>/introspect/",
        TokenIntrospectionView.as_view(),
        name="token-introspection",
    ),
    path(
-        "revoke/",
+        "<slug:application_slug>/revoke/",
        TokenRevokeView.as_view(),
        name="token-revoke",
    ),
    path(
-        "end-session/<slug:application_slug>/",
+        "<slug:application_slug>/end-session/",
        RedirectView.as_view(pattern_name="authentik_core:if-session-end", query_string=True),
        name="end-session",
    ),
-    path("jwks/<slug:application_slug>/", JWKSView.as_view(), name="jwks"),
+    path("<slug:application_slug>/jwks/", JWKSView.as_view(), name="jwks"),
    path(
-        "issuer/<slug:application_slug>/",
+        "<slug:application_slug>/",
        RedirectView.as_view(pattern_name="authentik_providers_oauth2:provider-info"),
        name="provider-root",
    ),
    path(
-        "discovery/<slug:application_slug>/.well-known/openid-configuration",
+        "<slug:application_slug>/.well-known/openid-configuration",
        ProviderInfoView.as_view(),
        name="provider-info",
    ),
--- a/authentik/providers/oauth2/views/authorize.py
+++ b/authentik/providers/oauth2/views/authorize.py
@ -4,7 +4,7 @@ from datetime import timedelta
 from json import dumps
 from re import error as RegexError
 from re import fullmatch
-from typing import Optional
+from typing import Any, Optional
 from urllib.parse import parse_qs, urlencode, urlparse, urlsplit, urlunsplit
 from uuid import uuid4

@ -339,7 +339,7 @@ class AuthorizationFlowInitView(PolicyAccessView):
        request.context["oauth_response_type"] = self.params.response_type
        return request

-    def get(self, request: HttpRequest, *args, **kwargs) -> HttpResponse:
+    def get(self, request: HttpRequest, *args: Any, **kwargs: Any) -> HttpResponse:
        """Start FlowPLanner, return to flow executor shell"""
        # Require a login event to be set, otherwise make the user re-login
        login_event = get_login_event(request)
--- a/authentik/providers/oauth2/views/device_backchannel.py
+++ b/authentik/providers/oauth2/views/device_backchannel.py
@ -1,5 +1,5 @@
 """Device flow views"""
-from typing import Optional
+from typing import Any, Optional
 from urllib.parse import urlencode

 from django.http import HttpRequest, HttpResponse, HttpResponseBadRequest, JsonResponse
@ -44,7 +44,7 @@ class DeviceView(View):
        self.scopes = self.request.POST.get("scope", "").split(" ")
        return None

-    def dispatch(self, request: HttpRequest, *args, **kwargs) -> HttpResponse:
+    def dispatch(self, request: HttpRequest, *args: Any, **kwargs: Any) -> HttpResponse:
        throttle = AnonRateThrottle()
        throttle.rate = CONFIG.get("throttle.providers.oauth2.device", "20/hour")
        throttle.num_requests, throttle.duration = throttle.parse_rate(throttle.rate)
@ -52,7 +52,7 @@ class DeviceView(View):
            return HttpResponse(status=429)
        return super().dispatch(request, *args, **kwargs)

-    def post(self, request: HttpRequest) -> HttpResponse:
+    def post(self, request: HttpRequest, *args: Any, **kwargs: Any) -> HttpResponse:
        """Generate device token"""
        resp = self.parse_request()
        if resp:
--- a/authentik/providers/oauth2/views/introspection.py
+++ b/authentik/providers/oauth2/views/introspection.py
@ -1,5 +1,6 @@
 """authentik OAuth2 Token Introspection Views"""
 from dataclasses import dataclass, field
+from typing import Any

 from django.http import HttpRequest, HttpResponse
 from django.utils.decorators import method_decorator
@ -64,7 +65,7 @@ class TokenIntrospectionView(View):
    params: TokenIntrospectionParams
    provider: OAuth2Provider

-    def post(self, request: HttpRequest) -> HttpResponse:
+    def post(self, request: HttpRequest, *args: Any, **kwargs: Any) -> HttpResponse:
        """Introspection handler"""
        try:
            self.params = TokenIntrospectionParams.from_request(request)
--- a/authentik/providers/oauth2/views/provider.py
+++ b/authentik/providers/oauth2/views/provider.py
@ -48,13 +48,19 @@ class ProviderInfoView(View):
        return {
            "issuer": provider.get_issuer(self.request),
            "authorization_endpoint": self.request.build_absolute_uri(
-                reverse("authentik_providers_oauth2:authorize")
+                reverse(
+                    "authentik_providers_oauth2:authorize",
+                    kwargs={"application_slug": provider.application.slug})
            ),
            "token_endpoint": self.request.build_absolute_uri(
-                reverse("authentik_providers_oauth2:token")
+                reverse(
+                    "authentik_providers_oauth2:token",
+                    kwargs={"application_slug": provider.application.slug})
            ),
            "userinfo_endpoint": self.request.build_absolute_uri(
-                reverse("authentik_providers_oauth2:userinfo")
+                reverse(
+                    "authentik_providers_oauth2:userinfo",
+                    kwargs={"application_slug": provider.application.slug})
            ),
            "end_session_endpoint": self.request.build_absolute_uri(
                reverse(
@ -63,13 +69,19 @@ class ProviderInfoView(View):
                )
            ),
            "introspection_endpoint": self.request.build_absolute_uri(
-                reverse("authentik_providers_oauth2:token-introspection")
+                reverse(
+                    "authentik_providers_oauth2:token-introspection",
+                    kwargs={"application_slug": provider.application.slug})
            ),
            "revocation_endpoint": self.request.build_absolute_uri(
-                reverse("authentik_providers_oauth2:token-revoke")
+                reverse(
+                    "authentik_providers_oauth2:token-revoke",
+                    kwargs={"application_slug": provider.application.slug})
            ),
            "device_authorization_endpoint": self.request.build_absolute_uri(
-                reverse("authentik_providers_oauth2:device")
+                reverse(
+                    "authentik_providers_oauth2:device",
+                    kwargs={"application_slug": provider.application.slug})
            ),
            "response_types_supported": [
                ResponseTypes.CODE,
--- a/authentik/providers/oauth2/views/token.py
+++ b/authentik/providers/oauth2/views/token.py
@ -435,10 +435,10 @@ class TokenView(View):
        cors_allow(self.request, response, *allowed_origins)
        return response

-    def options(self, request: HttpRequest) -> HttpResponse:
+    def options(self, request: HttpRequest, *args: Any, **kwargs: Any) -> HttpResponse:
        return TokenResponse({})

-    def post(self, request: HttpRequest) -> HttpResponse:
+    def post(self, request: HttpRequest, *args: Any, **kwargs: Any) -> HttpResponse:
        """Generate tokens for clients"""
        try:
            with Hub.current.start_span(
--- a/authentik/providers/oauth2/views/token_revoke.py
+++ b/authentik/providers/oauth2/views/token_revoke.py
@ -1,5 +1,6 @@
 """Token revocation endpoint"""
 from dataclasses import dataclass
+from typing import Any

 from django.http import Http404, HttpRequest, HttpResponse
 from django.utils.decorators import method_decorator
@ -49,7 +50,7 @@ class TokenRevokeView(View):
    params: TokenRevocationParams
    provider: OAuth2Provider

-    def post(self, request: HttpRequest) -> HttpResponse:
+    def post(self, request: HttpRequest, *args: Any, **kwargs: Any) -> HttpResponse:
        """Revocation handler"""
        try:
            self.params = TokenRevocationParams.from_request(request)
--- a/authentik/providers/oauth2/views/userinfo.py
+++ b/authentik/providers/oauth2/views/userinfo.py
@ -113,10 +113,10 @@ class UserInfoView(View):
        cors_allow(self.request, response, *allowed_origins)
        return response

-    def options(self, request: HttpRequest) -> HttpResponse:
+    def options(self, request: HttpRequest, *args: Any, **kwargs: Any) -> HttpResponse:
        return TokenResponse({})

-    def get(self, request: HttpRequest, **kwargs) -> HttpResponse:
+    def get(self, request: HttpRequest, *args: Any, **kwargs: Any) -> HttpResponse:
        """Handle GET Requests for UserInfo"""
        if not self.token:
            return HttpResponseBadRequest()
@ -127,6 +127,6 @@ class UserInfoView(View):
        response = TokenResponse(claims)
        return response

-    def post(self, request: HttpRequest, **kwargs) -> HttpResponse:
+    def post(self, request: HttpRequest, *args: Any, **kwargs: Any) -> HttpResponse:
        """POST Requests behave the same as GET Requests, so the get handler is called here"""
-        return self.get(request, **kwargs)
+        return self.get(request, *args, **kwargs)