*: load websocket paths similarly to URLs (#5018)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-20 23:39:25 +01:00 · 2023-03-20 23:39:25 +01:00 · 54cacd784c
parent 32840d3909
commit 54cacd784c
5 changed files with 38 additions and 12 deletions
--- a/authentik/core/apps.py
+++ b/authentik/core/apps.py
@ -11,6 +11,7 @@ class AuthentikCoreConfig(ManagedAppConfig):
    label = "authentik_core"
    verbose_name = "authentik Core"
    mountpoint = ""
+    ws_mountpoint = "authentik.outposts.urls"
    default = True

    def reconcile_load_core_signals(self):
--- a/authentik/core/urls.py
+++ b/authentik/core/urls.py
@ -1,4 +1,6 @@
 """authentik URL Configuration"""
+from channels.auth import AuthMiddleware
+from channels.sessions import CookieMiddleware
 from django.conf import settings
 from django.contrib.auth.decorators import login_required
 from django.urls import path
@ -9,6 +11,8 @@ from authentik.core.views import apps, impersonate
 from authentik.core.views.debug import AccessDeniedView
 from authentik.core.views.interface import FlowInterfaceView, InterfaceView
 from authentik.core.views.session import EndSessionView
+from authentik.root.asgi_middleware import SessionMiddleware
+from authentik.root.messages.consumer import MessageConsumer

 urlpatterns = [
    path(
@ -64,6 +68,12 @@ urlpatterns = [
    ),
 ]

+websocket_urlpatterns = [
+    path(
+        "ws/client/", CookieMiddleware(SessionMiddleware(AuthMiddleware(MessageConsumer.as_asgi())))
+    ),
+]
+
 if settings.DEBUG:
    urlpatterns += [
        path("debug/policy/deny/", AccessDeniedView.as_view(), name="debug-policy-deny"),
--- a/authentik/outposts/apps.py
+++ b/authentik/outposts/apps.py
@ -24,6 +24,7 @@ class AuthentikOutpostConfig(ManagedAppConfig):
    label = "authentik_outposts"
    verbose_name = "authentik Outpost"
    default = True
+    ws_mountpoint = "authentik.outposts.urls"

    def reconcile_load_outposts_signals(self):
        """Load outposts signals"""
--- a/authentik/outposts/urls.py
+++ b/authentik/outposts/urls.py
@ -0,0 +1,8 @@
+"""Outpost Websocket URLS"""
+from django.urls import path
+
+from authentik.outposts.channels import OutpostConsumer
+
+websocket_urlpatterns = [
+    path("ws/outpost/<uuid:pk>/", OutpostConsumer.as_asgi()),
+]
--- a/authentik/root/websocket.py
+++ b/authentik/root/websocket.py
@ -1,15 +1,21 @@
 """root Websocket URLS"""
-from channels.auth import AuthMiddleware
-from channels.sessions import CookieMiddleware
-from django.urls import path
+from importlib import import_module

-from authentik.outposts.channels import OutpostConsumer
-from authentik.root.asgi_middleware import SessionMiddleware
-from authentik.root.messages.consumer import MessageConsumer
+from structlog.stdlib import get_logger

-websocket_urlpatterns = [
-    path("ws/outpost/<uuid:pk>/", OutpostConsumer.as_asgi()),
-    path(
-        "ws/client/", CookieMiddleware(SessionMiddleware(AuthMiddleware(MessageConsumer.as_asgi())))
-    ),
-]
+from authentik.lib.utils.reflection import get_apps
+
+LOGGER = get_logger()
+
+websocket_urlpatterns = []
+for _authentik_app in get_apps():
+    mountpoint = getattr(_authentik_app, "ws_mountpoint", None)
+    if not mountpoint:
+        continue
+    ws_paths = import_module(mountpoint)
+    websocket_urlpatterns.extend(getattr(ws_paths, "websocket_urlpatterns"))
+    LOGGER.debug(
+        "Mounted URLs",
+        app_name=_authentik_app.name,
+        app_mountpoint=mountpoint,
+    )