sources/oauth: cancel currently active flows before redirecting out

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-09-07 11:03:45 +02:00
parent 073dd8b560
commit 70d0dd51a5
2 changed files with 3 additions and 1 deletions

View File

@ -6,6 +6,7 @@ from django.urls import reverse
from django.views.generic import RedirectView
from structlog.stdlib import get_logger
from authentik.flows.views import FlowExecutorView
from authentik.sources.oauth.models import OAuthSource
from authentik.sources.oauth.views.base import OAuthClientMixin
@ -42,4 +43,5 @@ class OAuthRedirect(OAuthClientMixin, RedirectView):
raise Http404(f"source {slug} is not enabled.")
client = self.get_client(source, callback=self.get_callback_url(source))
params = self.get_additional_parameters(source)
FlowExecutorView().cancel()
return client.get_redirect_url(params)

View File

@ -121,7 +121,7 @@ func NewOAuthProxy(opts *options.Options, provider api.ProxyOutpostConfig, c *ht
redirectURL.Path = fmt.Sprintf("%s/callback", opts.ProxyPrefix)
}
logger.WithField("auth_url", opts.GetProvider().Data().LoginURL).WithField("client_id", opts.ClientID).Info("proxy instance configured")
logger.WithField("auth_url", opts.GetProvider().Data().LoginURL.String()).WithField("client_id", opts.ClientID).Info("proxy instance configured")
sessionChain := buildSessionChain(opts, sessionStore)