fix tests
This commit is contained in:
parent
51b229387b
commit
5eb25240c3
|
@ -260,13 +260,15 @@ class TestAuthorize(OAuthTestCase):
|
|||
redirect_uris="foo://localhost",
|
||||
access_code_validity="seconds=100",
|
||||
)
|
||||
Application.objects.create(name="app", slug="app", provider=provider)
|
||||
app = Application.objects.create(name="app", slug="app", provider=provider)
|
||||
state = generate_id()
|
||||
user = create_test_admin_user()
|
||||
self.client.force_login(user)
|
||||
# Step 1, initiate params and get redirect to flow
|
||||
self.client.get(
|
||||
reverse("authentik_providers_oauth2:authorize"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:authorize",
|
||||
kwargs={"application_slug": app.slug}),
|
||||
data={
|
||||
"response_type": "code",
|
||||
"client_id": "test",
|
||||
|
@ -302,7 +304,7 @@ class TestAuthorize(OAuthTestCase):
|
|||
redirect_uris="http://localhost",
|
||||
signing_key=self.keypair,
|
||||
)
|
||||
Application.objects.create(name="app", slug="app", provider=provider)
|
||||
app = Application.objects.create(name="app", slug="app", provider=provider)
|
||||
state = generate_id()
|
||||
user = create_test_admin_user()
|
||||
self.client.force_login(user)
|
||||
|
@ -318,7 +320,9 @@ class TestAuthorize(OAuthTestCase):
|
|||
):
|
||||
# Step 1, initiate params and get redirect to flow
|
||||
self.client.get(
|
||||
reverse("authentik_providers_oauth2:authorize"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:authorize",
|
||||
kwargs={"application_slug": app.slug}),
|
||||
data={
|
||||
"response_type": "id_token",
|
||||
"client_id": "test",
|
||||
|
@ -364,7 +368,7 @@ class TestAuthorize(OAuthTestCase):
|
|||
redirect_uris="http://localhost",
|
||||
signing_key=self.keypair,
|
||||
)
|
||||
Application.objects.create(name="app", slug="app", provider=provider)
|
||||
app = Application.objects.create(name="app", slug="app", provider=provider)
|
||||
state = generate_id()
|
||||
user = create_test_admin_user()
|
||||
self.client.force_login(user)
|
||||
|
@ -380,7 +384,9 @@ class TestAuthorize(OAuthTestCase):
|
|||
):
|
||||
# Step 1, initiate params and get redirect to flow
|
||||
self.client.get(
|
||||
reverse("authentik_providers_oauth2:authorize"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:authorize",
|
||||
kwargs={"application_slug": app.slug}),
|
||||
data={
|
||||
"response_type": "code",
|
||||
"response_mode": "fragment",
|
||||
|
@ -425,7 +431,9 @@ class TestAuthorize(OAuthTestCase):
|
|||
self.client.force_login(user)
|
||||
# Step 1, initiate params and get redirect to flow
|
||||
self.client.get(
|
||||
reverse("authentik_providers_oauth2:authorize"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:authorize",
|
||||
kwargs={"application_slug": app.slug}),
|
||||
data={
|
||||
"response_type": "id_token",
|
||||
"response_mode": "form_post",
|
||||
|
@ -474,7 +482,9 @@ class TestAuthorize(OAuthTestCase):
|
|||
self.client.force_login(user)
|
||||
# Step 1, initiate params and get redirect to flow
|
||||
self.client.get(
|
||||
reverse("authentik_providers_oauth2:authorize"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:authorize",
|
||||
kwargs={"application_slug": app.slug}),
|
||||
data={
|
||||
"response_type": "code",
|
||||
"response_mode": "form_post",
|
||||
|
|
|
@ -28,21 +28,27 @@ class TesOAuth2DeviceBackchannel(OAuthTestCase):
|
|||
def test_backchannel_invalid(self):
|
||||
"""Test backchannel"""
|
||||
res = self.client.post(
|
||||
reverse("authentik_providers_oauth2:device"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:device",
|
||||
kwargs={"application_slug": self.application.slug}),
|
||||
data={
|
||||
"client_id": "foo",
|
||||
},
|
||||
)
|
||||
self.assertEqual(res.status_code, 400)
|
||||
res = self.client.post(
|
||||
reverse("authentik_providers_oauth2:device"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:device",
|
||||
kwargs={"application_slug": self.application.slug}),
|
||||
)
|
||||
self.assertEqual(res.status_code, 400)
|
||||
# test without application
|
||||
self.application.provider = None
|
||||
self.application.save()
|
||||
res = self.client.post(
|
||||
reverse("authentik_providers_oauth2:device"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:device",
|
||||
kwargs={"application_slug": self.application.slug}),
|
||||
data={
|
||||
"client_id": "test",
|
||||
},
|
||||
|
@ -52,7 +58,9 @@ class TesOAuth2DeviceBackchannel(OAuthTestCase):
|
|||
def test_backchannel(self):
|
||||
"""Test backchannel"""
|
||||
res = self.client.post(
|
||||
reverse("authentik_providers_oauth2:device"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:device",
|
||||
kwargs={"application_slug": self.application.slug}),
|
||||
data={
|
||||
"client_id": self.provider.client_id,
|
||||
},
|
||||
|
|
|
@ -49,7 +49,9 @@ class TesOAuth2Introspection(OAuthTestCase):
|
|||
),
|
||||
)
|
||||
res = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token-introspection"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token-introspection",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
HTTP_AUTHORIZATION=f"Basic {self.auth}",
|
||||
data={"token": token.token},
|
||||
)
|
||||
|
@ -81,7 +83,9 @@ class TesOAuth2Introspection(OAuthTestCase):
|
|||
),
|
||||
)
|
||||
res = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token-introspection"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token-introspection",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
HTTP_AUTHORIZATION=f"Basic {self.auth}",
|
||||
data={"token": token.token},
|
||||
)
|
||||
|
@ -101,7 +105,9 @@ class TesOAuth2Introspection(OAuthTestCase):
|
|||
def test_introspect_invalid_token(self):
|
||||
"""Test introspect (invalid token)"""
|
||||
res = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token-introspection"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token-introspection",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
HTTP_AUTHORIZATION=f"Basic {self.auth}",
|
||||
data={"token": generate_id(), "token_type_hint": "refresh_token"},
|
||||
)
|
||||
|
@ -116,7 +122,9 @@ class TesOAuth2Introspection(OAuthTestCase):
|
|||
def test_introspect_invalid_auth(self):
|
||||
"""Test introspect (invalid auth)"""
|
||||
res = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token-introspection"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token-introspection",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
HTTP_AUTHORIZATION="Basic qwerqrwe",
|
||||
data={"token": generate_id(), "token_type_hint": "refresh_token"},
|
||||
)
|
||||
|
|
|
@ -48,7 +48,9 @@ class TesOAuth2Revoke(OAuthTestCase):
|
|||
),
|
||||
)
|
||||
res = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token-revoke"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token-revoke",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
HTTP_AUTHORIZATION=f"Basic {self.auth}",
|
||||
data={
|
||||
"token": token.token,
|
||||
|
@ -71,7 +73,9 @@ class TesOAuth2Revoke(OAuthTestCase):
|
|||
),
|
||||
)
|
||||
res = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token-revoke"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token-revoke",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
HTTP_AUTHORIZATION=f"Basic {self.auth}",
|
||||
data={
|
||||
"token": token.token,
|
||||
|
@ -82,7 +86,9 @@ class TesOAuth2Revoke(OAuthTestCase):
|
|||
def test_revoke_invalid(self):
|
||||
"""Test revoke (invalid token)"""
|
||||
res = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token-revoke"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token-revoke",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
HTTP_AUTHORIZATION=f"Basic {self.auth}",
|
||||
data={
|
||||
"token": generate_id(),
|
||||
|
@ -93,7 +99,9 @@ class TesOAuth2Revoke(OAuthTestCase):
|
|||
def test_revoke_invalid_auth(self):
|
||||
"""Test revoke (invalid auth)"""
|
||||
res = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token-revoke"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token-revoke",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
HTTP_AUTHORIZATION="Basic fqewr",
|
||||
data={
|
||||
"token": generate_id(),
|
||||
|
|
|
@ -127,7 +127,9 @@ class TestToken(OAuthTestCase):
|
|||
code="foobar", provider=provider, user=user, auth_time=timezone.now()
|
||||
)
|
||||
response = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
data={
|
||||
"grant_type": GRANT_TYPE_AUTHORIZATION_CODE,
|
||||
"code": code.code,
|
||||
|
@ -172,7 +174,9 @@ class TestToken(OAuthTestCase):
|
|||
auth_time=timezone.now(),
|
||||
)
|
||||
response = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
data={
|
||||
"grant_type": GRANT_TYPE_REFRESH_TOKEN,
|
||||
"refresh_token": token.token,
|
||||
|
@ -219,7 +223,9 @@ class TestToken(OAuthTestCase):
|
|||
auth_time=timezone.now(),
|
||||
)
|
||||
response = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
data={
|
||||
"grant_type": GRANT_TYPE_REFRESH_TOKEN,
|
||||
"refresh_token": token.token,
|
||||
|
@ -269,7 +275,9 @@ class TestToken(OAuthTestCase):
|
|||
)
|
||||
# Create initial refresh token
|
||||
response = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
data={
|
||||
"grant_type": GRANT_TYPE_REFRESH_TOKEN,
|
||||
"refresh_token": token.token,
|
||||
|
@ -283,7 +291,9 @@ class TestToken(OAuthTestCase):
|
|||
# Post again with initial token -> get new refresh token
|
||||
# and revoke old one
|
||||
response = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
data={
|
||||
"grant_type": GRANT_TYPE_REFRESH_TOKEN,
|
||||
"refresh_token": new_token.token,
|
||||
|
@ -294,7 +304,9 @@ class TestToken(OAuthTestCase):
|
|||
self.assertEqual(response.status_code, 200)
|
||||
# Post again with old token, is now revoked and should error
|
||||
response = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
data={
|
||||
"grant_type": GRANT_TYPE_REFRESH_TOKEN,
|
||||
"refresh_token": new_token.token,
|
||||
|
|
|
@ -50,7 +50,9 @@ class TestTokenClientCredentials(OAuthTestCase):
|
|||
def test_wrong_user(self):
|
||||
"""test invalid username"""
|
||||
response = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
{
|
||||
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
|
||||
"scope": SCOPE_OPENID,
|
||||
|
@ -68,7 +70,9 @@ class TestTokenClientCredentials(OAuthTestCase):
|
|||
def test_wrong_token(self):
|
||||
"""test invalid token"""
|
||||
response = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
{
|
||||
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
|
||||
"scope": SCOPE_OPENID,
|
||||
|
@ -88,7 +92,9 @@ class TestTokenClientCredentials(OAuthTestCase):
|
|||
self.app.provider = None
|
||||
self.app.save()
|
||||
response = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
{
|
||||
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
|
||||
"scope": SCOPE_OPENID,
|
||||
|
@ -112,7 +118,9 @@ class TestTokenClientCredentials(OAuthTestCase):
|
|||
order=0,
|
||||
)
|
||||
response = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
{
|
||||
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
|
||||
"scope": SCOPE_OPENID,
|
||||
|
@ -130,7 +138,9 @@ class TestTokenClientCredentials(OAuthTestCase):
|
|||
def test_successful(self):
|
||||
"""test successful"""
|
||||
response = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
{
|
||||
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
|
||||
"scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}",
|
||||
|
@ -163,7 +173,9 @@ class TestTokenClientCredentials(OAuthTestCase):
|
|||
def test_successful_password(self):
|
||||
"""test successful (password grant)"""
|
||||
response = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
{
|
||||
"grant_type": GRANT_TYPE_PASSWORD,
|
||||
"scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}",
|
||||
|
|
|
@ -63,7 +63,9 @@ class TestTokenClientCredentialsJWTSource(OAuthTestCase):
|
|||
def test_invalid_type(self):
|
||||
"""test invalid type"""
|
||||
response = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
{
|
||||
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
|
||||
"scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}",
|
||||
|
@ -79,7 +81,9 @@ class TestTokenClientCredentialsJWTSource(OAuthTestCase):
|
|||
def test_invalid_jwt(self):
|
||||
"""test invalid JWT"""
|
||||
response = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
{
|
||||
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
|
||||
"scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}",
|
||||
|
@ -101,7 +105,9 @@ class TestTokenClientCredentialsJWTSource(OAuthTestCase):
|
|||
}
|
||||
)
|
||||
response = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
{
|
||||
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
|
||||
"scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}",
|
||||
|
@ -123,7 +129,9 @@ class TestTokenClientCredentialsJWTSource(OAuthTestCase):
|
|||
}
|
||||
)
|
||||
response = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
{
|
||||
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
|
||||
"scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}",
|
||||
|
@ -147,7 +155,9 @@ class TestTokenClientCredentialsJWTSource(OAuthTestCase):
|
|||
}
|
||||
)
|
||||
response = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
{
|
||||
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
|
||||
"scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}",
|
||||
|
@ -175,7 +185,9 @@ class TestTokenClientCredentialsJWTSource(OAuthTestCase):
|
|||
}
|
||||
)
|
||||
response = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
{
|
||||
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
|
||||
"scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}",
|
||||
|
@ -197,7 +209,9 @@ class TestTokenClientCredentialsJWTSource(OAuthTestCase):
|
|||
}
|
||||
)
|
||||
response = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
{
|
||||
"grant_type": GRANT_TYPE_CLIENT_CREDENTIALS,
|
||||
"scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}",
|
||||
|
|
|
@ -33,7 +33,9 @@ class TestTokenDeviceCode(OAuthTestCase):
|
|||
def test_code_no_code(self):
|
||||
"""Test code without code"""
|
||||
res = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
data={
|
||||
"client_id": self.provider.client_id,
|
||||
"grant_type": GRANT_TYPE_DEVICE_CODE,
|
||||
|
@ -51,7 +53,9 @@ class TestTokenDeviceCode(OAuthTestCase):
|
|||
device_code=generate_id(),
|
||||
)
|
||||
res = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
data={
|
||||
"client_id": self.provider.client_id,
|
||||
"grant_type": GRANT_TYPE_DEVICE_CODE,
|
||||
|
@ -71,7 +75,9 @@ class TestTokenDeviceCode(OAuthTestCase):
|
|||
user=self.user,
|
||||
)
|
||||
res = self.client.post(
|
||||
reverse("authentik_providers_oauth2:token"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:token",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
data={
|
||||
"client_id": self.provider.client_id,
|
||||
"grant_type": GRANT_TYPE_DEVICE_CODE,
|
||||
|
|
|
@ -48,7 +48,9 @@ class TestUserinfo(OAuthTestCase):
|
|||
def test_userinfo_normal(self):
|
||||
"""test user info with all normal scopes"""
|
||||
res = self.client.get(
|
||||
reverse("authentik_providers_oauth2:userinfo"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:userinfo",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
HTTP_AUTHORIZATION=f"Bearer {self.token.token}",
|
||||
)
|
||||
self.assertJSONEqual(
|
||||
|
@ -70,7 +72,9 @@ class TestUserinfo(OAuthTestCase):
|
|||
self.provider.property_mappings.add(scope)
|
||||
|
||||
res = self.client.get(
|
||||
reverse("authentik_providers_oauth2:userinfo"),
|
||||
reverse(
|
||||
"authentik_providers_oauth2:userinfo",
|
||||
kwargs={"application_slug": self.app.slug}),
|
||||
HTTP_AUTHORIZATION=f"Bearer {self.token.token}",
|
||||
)
|
||||
self.assertJSONEqual(
|
||||
|
|
|
@ -50,9 +50,9 @@ class TestProviderOAuth2OAuth(SeleniumTestCase):
|
|||
"GF_AUTH_GENERIC_OAUTH_CLIENT_ID": self.client_id,
|
||||
"GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET": self.client_secret,
|
||||
"GF_AUTH_GENERIC_OAUTH_SCOPES": "openid email profile",
|
||||
"GF_AUTH_GENERIC_OAUTH_AUTH_URL": self.url("authentik_providers_oauth2:authorize"),
|
||||
"GF_AUTH_GENERIC_OAUTH_TOKEN_URL": self.url("authentik_providers_oauth2:token"),
|
||||
"GF_AUTH_GENERIC_OAUTH_API_URL": self.url("authentik_providers_oauth2:userinfo"),
|
||||
"GF_AUTH_GENERIC_OAUTH_AUTH_URL": self.url("authentik_providers_oauth2:authorize", application_slug=self.app_slug),
|
||||
"GF_AUTH_GENERIC_OAUTH_TOKEN_URL": self.url("authentik_providers_oauth2:token", application_slug=self.app_slug),
|
||||
"GF_AUTH_GENERIC_OAUTH_API_URL": self.url("authentik_providers_oauth2:userinfo", application_slug=self.app_slug),
|
||||
"GF_AUTH_SIGNOUT_REDIRECT_URL": self.url(
|
||||
"authentik_providers_oauth2:end-session",
|
||||
application_slug=self.app_slug,
|
||||
|
|
Reference in a new issue