trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

*: improve configuration error events (#5523) 

* *: improve configuration error events

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* delete test-db when resetting

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens L 2023-05-08 15:34:43 +02:00 committed by GitHub
parent 8215ee19c6
commit 5ea54e8f7e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 19 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile
View File

@ -206,6 +206,8 @@ install: web-install website-install
dev-reset: dev-reset:
dropdb -U postgres -h localhost authentik dropdb -U postgres -h localhost authentik
# Also remove the test-db if it exists
dropdb -U postgres -h localhost test_authentik || true
createdb -U postgres -h localhost authentik createdb -U postgres -h localhost authentik
redis-cli -n 0 flushall redis-cli -n 0 flushall
make migrate make migrate

2
authentik/providers/oauth2/tests/test_userinfo.py
View File

@ -92,5 +92,5 @@ class TestUserinfo(OAuthTestCase):
self.assertTrue(events.exists()) self.assertTrue(events.exists())
self.assertEqual( self.assertEqual(
events.first().context["message"], events.first().context["message"],
"Failed to evaluate property-mapping: name 'q' is not defined", "Failed to evaluate property-mapping: 'test'",
) )

4
authentik/providers/oauth2/views/userinfo.py
View File

@ -82,9 +82,11 @@ class UserInfoView(View):
except PropertyMappingExpressionException as exc: except PropertyMappingExpressionException as exc:
Event.new( Event.new(
EventAction.CONFIGURATION_ERROR, EventAction.CONFIGURATION_ERROR,
message=f"Failed to evaluate property-mapping: {str(exc)}", message=f"Failed to evaluate property-mapping: '{scope.name}'",
provider=provider,
mapping=scope, mapping=scope,
).from_http(self.request) ).from_http(self.request)
LOGGER.warning("Failed to evaluate property mapping", exc=exc)
if value is None: if value is None:
continue continue
if not isinstance(value, dict): if not isinstance(value, dict):

11
authentik/providers/saml/processors/assertion.py
View File

@ -108,9 +108,11 @@ class AssertionProcessor:
# Value error can be raised when assigning invalid data to an attribute # Value error can be raised when assigning invalid data to an attribute
Event.new( Event.new(
EventAction.CONFIGURATION_ERROR, EventAction.CONFIGURATION_ERROR,
message=f"Failed to evaluate property-mapping: {str(exc)}", message=f"Failed to evaluate property-mapping: '{mapping.name}'",
provider=self.provider,
mapping=mapping, mapping=mapping,
).from_http(self.http_request) ).from_http(self.http_request)
LOGGER.warning("Failed to evaluate property mapping", exc=exc)
continue continue
return attribute_statement return attribute_statement
@ -185,9 +187,14 @@ class AssertionProcessor:
except PropertyMappingExpressionException as exc: except PropertyMappingExpressionException as exc:
Event.new( Event.new(
EventAction.CONFIGURATION_ERROR, EventAction.CONFIGURATION_ERROR,
message=f"Failed to evaluate property-mapping: {str(exc)}", message=(
"Failed to evaluate property-mapping: "
f"'{self.provider.name_id_mapping.name}'",
),
provider=self.provider,
mapping=self.provider.name_id_mapping, mapping=self.provider.name_id_mapping,
).from_http(self.http_request) ).from_http(self.http_request)
LOGGER.warning("Failed to evaluate property mapping", exc=exc)
return name_id return name_id
if name_id.attrib["Format"] == SAML_NAME_ID_FORMAT_EMAIL: if name_id.attrib["Format"] == SAML_NAME_ID_FORMAT_EMAIL:
name_id.text = self.http_request.user.email name_id.text = self.http_request.user.email

2
authentik/providers/saml/tests/test_auth_n_request.py
View File

@ -261,5 +261,5 @@ class TestAuthNRequest(TestCase):
self.assertTrue(events.exists()) self.assertTrue(events.exists())
self.assertEqual( self.assertEqual(
events.first().context["message"], events.first().context["message"],
"Failed to evaluate property-mapping: name 'q' is not defined", "Failed to evaluate property-mapping: 'test'",
) )

3
authentik/sources/ldap/sync/base.py
View File

@ -108,7 +108,8 @@ class BaseLDAPSynchronizer:
except PropertyMappingExpressionException as exc: except PropertyMappingExpressionException as exc:
Event.new( Event.new(
EventAction.CONFIGURATION_ERROR, EventAction.CONFIGURATION_ERROR,
message=f"Failed to evaluate property-mapping: {str(exc)}", message=f"Failed to evaluate property-mapping: '{mapping.name}'",
source=self._source,
mapping=mapping, mapping=mapping,
).save() ).save()
self._logger.warning("Mapping failed to evaluate", exc=exc, mapping=mapping) self._logger.warning("Mapping failed to evaluate", exc=exc, mapping=mapping)

2
authentik/sources/ldap/tests/test_sync.py
View File

@ -56,7 +56,7 @@ class LDAPSyncTests(TestCase):
self.assertFalse(User.objects.filter(username="user1_sn").exists()) self.assertFalse(User.objects.filter(username="user1_sn").exists())
events = Event.objects.filter( events = Event.objects.filter(
action=EventAction.CONFIGURATION_ERROR, action=EventAction.CONFIGURATION_ERROR,
context__message="Failed to evaluate property-mapping: name 'q' is not defined", context__message="Failed to evaluate property-mapping: 'name'",
) )
self.assertTrue(events.exists()) self.assertTrue(events.exists())