From 8178b6e97d2575d5e9ea68209f54dd03f17bb348 Mon Sep 17 00:00:00 2001 From: Stanislav Dimov Date: Tue, 16 Jan 2024 02:01:23 +0000 Subject: [PATCH] lint --- .../providers/oauth2/tests/test_authorize.py | 20 +++++-------- .../oauth2/tests/test_device_backchannel.py | 12 +++++--- .../providers/oauth2/tests/test_introspect.py | 12 +++++--- .../providers/oauth2/tests/test_revoke.py | 12 +++++--- .../providers/oauth2/tests/test_token.py | 24 ++++------------ .../providers/oauth2/tests/test_token_cc.py | 24 ++++------------ .../oauth2/tests/test_token_cc_jwt_source.py | 28 +++++-------------- .../oauth2/tests/test_token_device.py | 12 ++------ .../providers/oauth2/tests/test_userinfo.py | 8 +++--- authentik/providers/oauth2/views/provider.py | 18 ++++++++---- tests/e2e/test_provider_oauth2_grafana.py | 12 ++++++-- 11 files changed, 78 insertions(+), 104 deletions(-) diff --git a/authentik/providers/oauth2/tests/test_authorize.py b/authentik/providers/oauth2/tests/test_authorize.py index 4489be515..64103f3fc 100644 --- a/authentik/providers/oauth2/tests/test_authorize.py +++ b/authentik/providers/oauth2/tests/test_authorize.py @@ -297,9 +297,7 @@ class TestAuthorize(OAuthTestCase): self.client.force_login(user) # Step 1, initiate params and get redirect to flow self.client.get( - reverse( - "authentik_providers_oauth2:authorize", - kwargs={"application_slug": app.slug}), + reverse("authentik_providers_oauth2:authorize", kwargs={"application_slug": app.slug}), data={ "response_type": "code", "client_id": "test", @@ -362,8 +360,8 @@ class TestAuthorize(OAuthTestCase): # Step 1, initiate params and get redirect to flow self.client.get( reverse( - "authentik_providers_oauth2:authorize", - kwargs={"application_slug": app.slug}), + "authentik_providers_oauth2:authorize", kwargs={"application_slug": app.slug} + ), data={ "response_type": "id_token", "client_id": "test", @@ -426,8 +424,8 @@ class TestAuthorize(OAuthTestCase): # Step 1, initiate params and get redirect to flow self.client.get( reverse( - "authentik_providers_oauth2:authorize", - kwargs={"application_slug": app.slug}), + "authentik_providers_oauth2:authorize", kwargs={"application_slug": app.slug} + ), data={ "response_type": "code", "response_mode": "fragment", @@ -482,9 +480,7 @@ class TestAuthorize(OAuthTestCase): self.client.force_login(user) # Step 1, initiate params and get redirect to flow self.client.get( - reverse( - "authentik_providers_oauth2:authorize", - kwargs={"application_slug": app.slug}), + reverse("authentik_providers_oauth2:authorize", kwargs={"application_slug": app.slug}), data={ "response_type": "id_token", "response_mode": "form_post", @@ -534,9 +530,7 @@ class TestAuthorize(OAuthTestCase): self.client.force_login(user) # Step 1, initiate params and get redirect to flow self.client.get( - reverse( - "authentik_providers_oauth2:authorize", - kwargs={"application_slug": app.slug}), + reverse("authentik_providers_oauth2:authorize", kwargs={"application_slug": app.slug}), data={ "response_type": "code", "response_mode": "form_post", diff --git a/authentik/providers/oauth2/tests/test_device_backchannel.py b/authentik/providers/oauth2/tests/test_device_backchannel.py index 3a3207e69..a69bc3abf 100644 --- a/authentik/providers/oauth2/tests/test_device_backchannel.py +++ b/authentik/providers/oauth2/tests/test_device_backchannel.py @@ -30,7 +30,8 @@ class TesOAuth2DeviceBackchannel(OAuthTestCase): res = self.client.post( reverse( "authentik_providers_oauth2:device", - kwargs={"application_slug": self.application.slug}), + kwargs={"application_slug": self.application.slug}, + ), data={ "client_id": "foo", }, @@ -39,7 +40,8 @@ class TesOAuth2DeviceBackchannel(OAuthTestCase): res = self.client.post( reverse( "authentik_providers_oauth2:device", - kwargs={"application_slug": self.application.slug}), + kwargs={"application_slug": self.application.slug}, + ), ) self.assertEqual(res.status_code, 400) # test without application @@ -48,7 +50,8 @@ class TesOAuth2DeviceBackchannel(OAuthTestCase): res = self.client.post( reverse( "authentik_providers_oauth2:device", - kwargs={"application_slug": self.application.slug}), + kwargs={"application_slug": self.application.slug}, + ), data={ "client_id": "test", }, @@ -60,7 +63,8 @@ class TesOAuth2DeviceBackchannel(OAuthTestCase): res = self.client.post( reverse( "authentik_providers_oauth2:device", - kwargs={"application_slug": self.application.slug}), + kwargs={"application_slug": self.application.slug}, + ), data={ "client_id": self.provider.client_id, }, diff --git a/authentik/providers/oauth2/tests/test_introspect.py b/authentik/providers/oauth2/tests/test_introspect.py index d92855c02..6c229465b 100644 --- a/authentik/providers/oauth2/tests/test_introspect.py +++ b/authentik/providers/oauth2/tests/test_introspect.py @@ -51,7 +51,8 @@ class TesOAuth2Introspection(OAuthTestCase): res = self.client.post( reverse( "authentik_providers_oauth2:token-introspection", - kwargs={"application_slug": self.app.slug}), + kwargs={"application_slug": self.app.slug}, + ), HTTP_AUTHORIZATION=f"Basic {self.auth}", data={"token": token.token}, ) @@ -85,7 +86,8 @@ class TesOAuth2Introspection(OAuthTestCase): res = self.client.post( reverse( "authentik_providers_oauth2:token-introspection", - kwargs={"application_slug": self.app.slug}), + kwargs={"application_slug": self.app.slug}, + ), HTTP_AUTHORIZATION=f"Basic {self.auth}", data={"token": token.token}, ) @@ -107,7 +109,8 @@ class TesOAuth2Introspection(OAuthTestCase): res = self.client.post( reverse( "authentik_providers_oauth2:token-introspection", - kwargs={"application_slug": self.app.slug}), + kwargs={"application_slug": self.app.slug}, + ), HTTP_AUTHORIZATION=f"Basic {self.auth}", data={"token": generate_id(), "token_type_hint": "refresh_token"}, ) @@ -124,7 +127,8 @@ class TesOAuth2Introspection(OAuthTestCase): res = self.client.post( reverse( "authentik_providers_oauth2:token-introspection", - kwargs={"application_slug": self.app.slug}), + kwargs={"application_slug": self.app.slug}, + ), HTTP_AUTHORIZATION="Basic qwerqrwe", data={"token": generate_id(), "token_type_hint": "refresh_token"}, ) diff --git a/authentik/providers/oauth2/tests/test_revoke.py b/authentik/providers/oauth2/tests/test_revoke.py index 2be299f71..672a07b5f 100644 --- a/authentik/providers/oauth2/tests/test_revoke.py +++ b/authentik/providers/oauth2/tests/test_revoke.py @@ -50,7 +50,8 @@ class TesOAuth2Revoke(OAuthTestCase): res = self.client.post( reverse( "authentik_providers_oauth2:token-revoke", - kwargs={"application_slug": self.app.slug}), + kwargs={"application_slug": self.app.slug}, + ), HTTP_AUTHORIZATION=f"Basic {self.auth}", data={ "token": token.token, @@ -75,7 +76,8 @@ class TesOAuth2Revoke(OAuthTestCase): res = self.client.post( reverse( "authentik_providers_oauth2:token-revoke", - kwargs={"application_slug": self.app.slug}), + kwargs={"application_slug": self.app.slug}, + ), HTTP_AUTHORIZATION=f"Basic {self.auth}", data={ "token": token.token, @@ -88,7 +90,8 @@ class TesOAuth2Revoke(OAuthTestCase): res = self.client.post( reverse( "authentik_providers_oauth2:token-revoke", - kwargs={"application_slug": self.app.slug}), + kwargs={"application_slug": self.app.slug}, + ), HTTP_AUTHORIZATION=f"Basic {self.auth}", data={ "token": generate_id(), @@ -101,7 +104,8 @@ class TesOAuth2Revoke(OAuthTestCase): res = self.client.post( reverse( "authentik_providers_oauth2:token-revoke", - kwargs={"application_slug": self.app.slug}), + kwargs={"application_slug": self.app.slug}, + ), HTTP_AUTHORIZATION="Basic fqewr", data={ "token": generate_id(), diff --git a/authentik/providers/oauth2/tests/test_token.py b/authentik/providers/oauth2/tests/test_token.py index cda4ce5c6..a0d67c273 100644 --- a/authentik/providers/oauth2/tests/test_token.py +++ b/authentik/providers/oauth2/tests/test_token.py @@ -129,9 +129,7 @@ class TestToken(OAuthTestCase): code="foobar", provider=provider, user=user, auth_time=timezone.now() ) response = self.client.post( - reverse( - "authentik_providers_oauth2:token", - kwargs={"application_slug": self.app.slug}), + reverse("authentik_providers_oauth2:token", kwargs={"application_slug": self.app.slug}), data={ "grant_type": GRANT_TYPE_AUTHORIZATION_CODE, "code": code.code, @@ -186,9 +184,7 @@ class TestToken(OAuthTestCase): _scope="offline_access", ) response = self.client.post( - reverse( - "authentik_providers_oauth2:token", - kwargs={"application_slug": self.app.slug}), + reverse("authentik_providers_oauth2:token", kwargs={"application_slug": self.app.slug}), data={ "grant_type": GRANT_TYPE_REFRESH_TOKEN, "refresh_token": token.token, @@ -247,9 +243,7 @@ class TestToken(OAuthTestCase): _scope="offline_access", ) response = self.client.post( - reverse( - "authentik_providers_oauth2:token", - kwargs={"application_slug": self.app.slug}), + reverse("authentik_providers_oauth2:token", kwargs={"application_slug": self.app.slug}), data={ "grant_type": GRANT_TYPE_REFRESH_TOKEN, "refresh_token": token.token, @@ -311,9 +305,7 @@ class TestToken(OAuthTestCase): ) # Create initial refresh token response = self.client.post( - reverse( - "authentik_providers_oauth2:token", - kwargs={"application_slug": self.app.slug}), + reverse("authentik_providers_oauth2:token", kwargs={"application_slug": self.app.slug}), data={ "grant_type": GRANT_TYPE_REFRESH_TOKEN, "refresh_token": token.token, @@ -327,9 +319,7 @@ class TestToken(OAuthTestCase): # Post again with initial token -> get new refresh token # and revoke old one response = self.client.post( - reverse( - "authentik_providers_oauth2:token", - kwargs={"application_slug": self.app.slug}), + reverse("authentik_providers_oauth2:token", kwargs={"application_slug": self.app.slug}), data={ "grant_type": GRANT_TYPE_REFRESH_TOKEN, "refresh_token": new_token.token, @@ -340,9 +330,7 @@ class TestToken(OAuthTestCase): self.assertEqual(response.status_code, 200) # Post again with old token, is now revoked and should error response = self.client.post( - reverse( - "authentik_providers_oauth2:token", - kwargs={"application_slug": self.app.slug}), + reverse("authentik_providers_oauth2:token", kwargs={"application_slug": self.app.slug}), data={ "grant_type": GRANT_TYPE_REFRESH_TOKEN, "refresh_token": new_token.token, diff --git a/authentik/providers/oauth2/tests/test_token_cc.py b/authentik/providers/oauth2/tests/test_token_cc.py index 19abd5d75..b0a03044d 100644 --- a/authentik/providers/oauth2/tests/test_token_cc.py +++ b/authentik/providers/oauth2/tests/test_token_cc.py @@ -50,9 +50,7 @@ class TestTokenClientCredentials(OAuthTestCase): def test_wrong_user(self): """test invalid username""" response = self.client.post( - reverse( - "authentik_providers_oauth2:token", - kwargs={"application_slug": self.app.slug}), + reverse("authentik_providers_oauth2:token", kwargs={"application_slug": self.app.slug}), { "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "scope": SCOPE_OPENID, @@ -70,9 +68,7 @@ class TestTokenClientCredentials(OAuthTestCase): def test_wrong_token(self): """test invalid token""" response = self.client.post( - reverse( - "authentik_providers_oauth2:token", - kwargs={"application_slug": self.app.slug}), + reverse("authentik_providers_oauth2:token", kwargs={"application_slug": self.app.slug}), { "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "scope": SCOPE_OPENID, @@ -92,9 +88,7 @@ class TestTokenClientCredentials(OAuthTestCase): self.app.provider = None self.app.save() response = self.client.post( - reverse( - "authentik_providers_oauth2:token", - kwargs={"application_slug": self.app.slug}), + reverse("authentik_providers_oauth2:token", kwargs={"application_slug": self.app.slug}), { "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "scope": SCOPE_OPENID, @@ -118,9 +112,7 @@ class TestTokenClientCredentials(OAuthTestCase): order=0, ) response = self.client.post( - reverse( - "authentik_providers_oauth2:token", - kwargs={"application_slug": self.app.slug}), + reverse("authentik_providers_oauth2:token", kwargs={"application_slug": self.app.slug}), { "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "scope": SCOPE_OPENID, @@ -138,9 +130,7 @@ class TestTokenClientCredentials(OAuthTestCase): def test_successful(self): """test successful""" response = self.client.post( - reverse( - "authentik_providers_oauth2:token", - kwargs={"application_slug": self.app.slug}), + reverse("authentik_providers_oauth2:token", kwargs={"application_slug": self.app.slug}), { "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}", @@ -173,9 +163,7 @@ class TestTokenClientCredentials(OAuthTestCase): def test_successful_password(self): """test successful (password grant)""" response = self.client.post( - reverse( - "authentik_providers_oauth2:token", - kwargs={"application_slug": self.app.slug}), + reverse("authentik_providers_oauth2:token", kwargs={"application_slug": self.app.slug}), { "grant_type": GRANT_TYPE_PASSWORD, "scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}", diff --git a/authentik/providers/oauth2/tests/test_token_cc_jwt_source.py b/authentik/providers/oauth2/tests/test_token_cc_jwt_source.py index d2ecff9b9..3f13f083e 100644 --- a/authentik/providers/oauth2/tests/test_token_cc_jwt_source.py +++ b/authentik/providers/oauth2/tests/test_token_cc_jwt_source.py @@ -63,9 +63,7 @@ class TestTokenClientCredentialsJWTSource(OAuthTestCase): def test_invalid_type(self): """test invalid type""" response = self.client.post( - reverse( - "authentik_providers_oauth2:token", - kwargs={"application_slug": self.app.slug}), + reverse("authentik_providers_oauth2:token", kwargs={"application_slug": self.app.slug}), { "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}", @@ -81,9 +79,7 @@ class TestTokenClientCredentialsJWTSource(OAuthTestCase): def test_invalid_jwt(self): """test invalid JWT""" response = self.client.post( - reverse( - "authentik_providers_oauth2:token", - kwargs={"application_slug": self.app.slug}), + reverse("authentik_providers_oauth2:token", kwargs={"application_slug": self.app.slug}), { "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}", @@ -105,9 +101,7 @@ class TestTokenClientCredentialsJWTSource(OAuthTestCase): } ) response = self.client.post( - reverse( - "authentik_providers_oauth2:token", - kwargs={"application_slug": self.app.slug}), + reverse("authentik_providers_oauth2:token", kwargs={"application_slug": self.app.slug}), { "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}", @@ -129,9 +123,7 @@ class TestTokenClientCredentialsJWTSource(OAuthTestCase): } ) response = self.client.post( - reverse( - "authentik_providers_oauth2:token", - kwargs={"application_slug": self.app.slug}), + reverse("authentik_providers_oauth2:token", kwargs={"application_slug": self.app.slug}), { "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}", @@ -155,9 +147,7 @@ class TestTokenClientCredentialsJWTSource(OAuthTestCase): } ) response = self.client.post( - reverse( - "authentik_providers_oauth2:token", - kwargs={"application_slug": self.app.slug}), + reverse("authentik_providers_oauth2:token", kwargs={"application_slug": self.app.slug}), { "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}", @@ -185,9 +175,7 @@ class TestTokenClientCredentialsJWTSource(OAuthTestCase): } ) response = self.client.post( - reverse( - "authentik_providers_oauth2:token", - kwargs={"application_slug": self.app.slug}), + reverse("authentik_providers_oauth2:token", kwargs={"application_slug": self.app.slug}), { "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}", @@ -209,9 +197,7 @@ class TestTokenClientCredentialsJWTSource(OAuthTestCase): } ) response = self.client.post( - reverse( - "authentik_providers_oauth2:token", - kwargs={"application_slug": self.app.slug}), + reverse("authentik_providers_oauth2:token", kwargs={"application_slug": self.app.slug}), { "grant_type": GRANT_TYPE_CLIENT_CREDENTIALS, "scope": f"{SCOPE_OPENID} {SCOPE_OPENID_EMAIL} {SCOPE_OPENID_PROFILE}", diff --git a/authentik/providers/oauth2/tests/test_token_device.py b/authentik/providers/oauth2/tests/test_token_device.py index 0fdb7f80d..6f75d7b0f 100644 --- a/authentik/providers/oauth2/tests/test_token_device.py +++ b/authentik/providers/oauth2/tests/test_token_device.py @@ -33,9 +33,7 @@ class TestTokenDeviceCode(OAuthTestCase): def test_code_no_code(self): """Test code without code""" res = self.client.post( - reverse( - "authentik_providers_oauth2:token", - kwargs={"application_slug": self.app.slug}), + reverse("authentik_providers_oauth2:token", kwargs={"application_slug": self.app.slug}), data={ "client_id": self.provider.client_id, "grant_type": GRANT_TYPE_DEVICE_CODE, @@ -53,9 +51,7 @@ class TestTokenDeviceCode(OAuthTestCase): device_code=generate_id(), ) res = self.client.post( - reverse( - "authentik_providers_oauth2:token", - kwargs={"application_slug": self.app.slug}), + reverse("authentik_providers_oauth2:token", kwargs={"application_slug": self.app.slug}), data={ "client_id": self.provider.client_id, "grant_type": GRANT_TYPE_DEVICE_CODE, @@ -75,9 +71,7 @@ class TestTokenDeviceCode(OAuthTestCase): user=self.user, ) res = self.client.post( - reverse( - "authentik_providers_oauth2:token", - kwargs={"application_slug": self.app.slug}), + reverse("authentik_providers_oauth2:token", kwargs={"application_slug": self.app.slug}), data={ "client_id": self.provider.client_id, "grant_type": GRANT_TYPE_DEVICE_CODE, diff --git a/authentik/providers/oauth2/tests/test_userinfo.py b/authentik/providers/oauth2/tests/test_userinfo.py index 2feba5aa7..372aee53e 100644 --- a/authentik/providers/oauth2/tests/test_userinfo.py +++ b/authentik/providers/oauth2/tests/test_userinfo.py @@ -49,8 +49,8 @@ class TestUserinfo(OAuthTestCase): """test user info with all normal scopes""" res = self.client.get( reverse( - "authentik_providers_oauth2:userinfo", - kwargs={"application_slug": self.app.slug}), + "authentik_providers_oauth2:userinfo", kwargs={"application_slug": self.app.slug} + ), HTTP_AUTHORIZATION=f"Bearer {self.token.token}", ) self.assertJSONEqual( @@ -73,8 +73,8 @@ class TestUserinfo(OAuthTestCase): res = self.client.get( reverse( - "authentik_providers_oauth2:userinfo", - kwargs={"application_slug": self.app.slug}), + "authentik_providers_oauth2:userinfo", kwargs={"application_slug": self.app.slug} + ), HTTP_AUTHORIZATION=f"Bearer {self.token.token}", ) self.assertJSONEqual( diff --git a/authentik/providers/oauth2/views/provider.py b/authentik/providers/oauth2/views/provider.py index c0df5abf3..54e4d2711 100644 --- a/authentik/providers/oauth2/views/provider.py +++ b/authentik/providers/oauth2/views/provider.py @@ -50,17 +50,20 @@ class ProviderInfoView(View): "authorization_endpoint": self.request.build_absolute_uri( reverse( "authentik_providers_oauth2:authorize", - kwargs={"application_slug": provider.application.slug}) + kwargs={"application_slug": provider.application.slug}, + ) ), "token_endpoint": self.request.build_absolute_uri( reverse( "authentik_providers_oauth2:token", - kwargs={"application_slug": provider.application.slug}) + kwargs={"application_slug": provider.application.slug}, + ) ), "userinfo_endpoint": self.request.build_absolute_uri( reverse( "authentik_providers_oauth2:userinfo", - kwargs={"application_slug": provider.application.slug}) + kwargs={"application_slug": provider.application.slug}, + ) ), "end_session_endpoint": self.request.build_absolute_uri( reverse( @@ -71,17 +74,20 @@ class ProviderInfoView(View): "introspection_endpoint": self.request.build_absolute_uri( reverse( "authentik_providers_oauth2:token-introspection", - kwargs={"application_slug": provider.application.slug}) + kwargs={"application_slug": provider.application.slug}, + ) ), "revocation_endpoint": self.request.build_absolute_uri( reverse( "authentik_providers_oauth2:token-revoke", - kwargs={"application_slug": provider.application.slug}) + kwargs={"application_slug": provider.application.slug}, + ) ), "device_authorization_endpoint": self.request.build_absolute_uri( reverse( "authentik_providers_oauth2:device", - kwargs={"application_slug": provider.application.slug}) + kwargs={"application_slug": provider.application.slug}, + ) ), "response_types_supported": [ ResponseTypes.CODE, diff --git a/tests/e2e/test_provider_oauth2_grafana.py b/tests/e2e/test_provider_oauth2_grafana.py index 19b75f0ae..dac9aad6b 100644 --- a/tests/e2e/test_provider_oauth2_grafana.py +++ b/tests/e2e/test_provider_oauth2_grafana.py @@ -50,9 +50,15 @@ class TestProviderOAuth2OAuth(SeleniumTestCase): "GF_AUTH_GENERIC_OAUTH_CLIENT_ID": self.client_id, "GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET": self.client_secret, "GF_AUTH_GENERIC_OAUTH_SCOPES": "openid email profile", - "GF_AUTH_GENERIC_OAUTH_AUTH_URL": self.url("authentik_providers_oauth2:authorize", application_slug=self.app_slug), - "GF_AUTH_GENERIC_OAUTH_TOKEN_URL": self.url("authentik_providers_oauth2:token", application_slug=self.app_slug), - "GF_AUTH_GENERIC_OAUTH_API_URL": self.url("authentik_providers_oauth2:userinfo", application_slug=self.app_slug), + "GF_AUTH_GENERIC_OAUTH_AUTH_URL": self.url( + "authentik_providers_oauth2:authorize", application_slug=self.app_slug + ), + "GF_AUTH_GENERIC_OAUTH_TOKEN_URL": self.url( + "authentik_providers_oauth2:token", application_slug=self.app_slug + ), + "GF_AUTH_GENERIC_OAUTH_API_URL": self.url( + "authentik_providers_oauth2:userinfo", application_slug=self.app_slug + ), "GF_AUTH_SIGNOUT_REDIRECT_URL": self.url( "authentik_providers_oauth2:end-session", application_slug=self.app_slug,