*: load websocket paths similarly to URLs (#5018)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-03-20 23:39:25 +01:00 · 2023-03-20 23:39:25 +01:00 · 54cacd784c
parent 32840d3909
commit 54cacd784c
5 changed files with 38 additions and 12 deletions
--- a/authentik/core/apps.py
+++ b/authentik/core/apps.py
@ -11,6 +11,7 @@ class AuthentikCoreConfig(ManagedAppConfig):
    label = "authentik_core"
    verbose_name = "authentik Core"
    mountpoint = ""
    ws_mountpoint = "authentik.outposts.urls"
    default = True
    def reconcile_load_core_signals(self):
--- a/authentik/core/urls.py
+++ b/authentik/core/urls.py
@ -1,4 +1,6 @@
 """authentik URL Configuration"""
 from channels.auth import AuthMiddleware
 from channels.sessions import CookieMiddleware
 from django.conf import settings
 from django.contrib.auth.decorators import login_required
 from django.urls import path
@ -9,6 +11,8 @@ from authentik.core.views import apps, impersonate
 from authentik.core.views.debug import AccessDeniedView
 from authentik.core.views.interface import FlowInterfaceView, InterfaceView
 from authentik.core.views.session import EndSessionView
 from authentik.root.asgi_middleware import SessionMiddleware
 from authentik.root.messages.consumer import MessageConsumer
 urlpatterns = [
    path(
@ -64,6 +68,12 @@ urlpatterns = [
    ),
 ]
 websocket_urlpatterns = [
    path(
        "ws/client/", CookieMiddleware(SessionMiddleware(AuthMiddleware(MessageConsumer.as_asgi())))
    ),
 ]
 if settings.DEBUG:
    urlpatterns += [
        path("debug/policy/deny/", AccessDeniedView.as_view(), name="debug-policy-deny"),
--- a/authentik/outposts/apps.py
+++ b/authentik/outposts/apps.py
@ -24,6 +24,7 @@ class AuthentikOutpostConfig(ManagedAppConfig):
    label = "authentik_outposts"
    verbose_name = "authentik Outpost"
    default = True
    ws_mountpoint = "authentik.outposts.urls"
    def reconcile_load_outposts_signals(self):
        """Load outposts signals"""
--- a/authentik/outposts/urls.py
+++ b/authentik/outposts/urls.py
@ -0,0 +1,8 @@
 """Outpost Websocket URLS"""
 from django.urls import path
 from authentik.outposts.channels import OutpostConsumer
 websocket_urlpatterns = [
    path("ws/outpost/<uuid:pk>/", OutpostConsumer.as_asgi()),
 ]
--- a/authentik/root/websocket.py
+++ b/authentik/root/websocket.py
@ -1,15 +1,21 @@
 """root Websocket URLS"""
-from channels.auth import AuthMiddleware
+from importlib import import_module
 from channels.sessions import CookieMiddleware
 from django.urls import path
-from authentik.outposts.channels import OutpostConsumer
+from structlog.stdlib import get_logger
 from authentik.root.asgi_middleware import SessionMiddleware
 from authentik.root.messages.consumer import MessageConsumer
-websocket_urlpatterns = [
+from authentik.lib.utils.reflection import get_apps
-    path("ws/outpost/<uuid:pk>/", OutpostConsumer.as_asgi()),
+
-    path(
+LOGGER = get_logger()
-        "ws/client/", CookieMiddleware(SessionMiddleware(AuthMiddleware(MessageConsumer.as_asgi())))
+
-    ),
+websocket_urlpatterns = []
-]
+for _authentik_app in get_apps():
    mountpoint = getattr(_authentik_app, "ws_mountpoint", None)
    if not mountpoint:
        continue
    ws_paths = import_module(mountpoint)
    websocket_urlpatterns.extend(getattr(ws_paths, "websocket_urlpatterns"))
    LOGGER.debug(
        "Mounted URLs",
        app_name=_authentik_app.name,
        app_mountpoint=mountpoint,
    )