root: add silk and debugging views

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

authentik/core/urls.py

@@ -1,4 +1,5 @@
 """authentik URL Configuration"""
+from django.conf import settings
 from django.contrib.auth.decorators import login_required
 from django.urls import path
 from django.views.decorators.csrf import ensure_csrf_cookie
@@ -6,6 +7,7 @@ from django.views.generic import RedirectView
 from django.views.generic.base import TemplateView
 
 from authentik.core.views import apps, impersonate
+from authentik.core.views.debug import AccessDeniedView
 from authentik.core.views.interface import FlowInterfaceView
 from authentik.core.views.session import EndSessionView
 
@@ -60,3 +62,8 @@ urlpatterns = [
         TemplateView.as_view(template_name="if/admin.html"),
     ),
 ]
+
+if settings.DEBUG:
+    urlpatterns += [
+        path("debug/policy/deny/", AccessDeniedView.as_view(), name="debug-policy-deny"),
+    ]

authentik/core/views/debug.py

@@ -0,0 +1,12 @@
+"""debug view"""
+from django.http import HttpRequest, HttpResponse
+from django.views.generic import View
+
+from authentik.policies.denied import AccessDeniedResponse
+
+
+class AccessDeniedView(View):
+    """Easily access AccessDeniedResponse"""
+
+    def dispatch(self, request: HttpRequest) -> HttpResponse:
+        return AccessDeniedResponse(request)

authentik/events/middleware.py

@@ -18,13 +18,18 @@ from authentik.events.utils import model_to_dict
 from authentik.lib.sentry import before_send
 from authentik.lib.utils.errors import exception_to_string
 
-IGNORED_MODELS = (
+IGNORED_MODELS = [
     Event,
     Notification,
     UserObjectPermission,
     AuthenticatedSession,
     StaticToken,
-)
+]
+try:
+    from silk.models import Request, Response
+    IGNORED_MODELS += [Request, Response]
+except:
+    pass
 
 
 class AuditMiddleware:

authentik/root/settings.py

@@ -460,7 +460,6 @@ _LOGGING_HANDLER_MAP = {
     "django": "WARNING",
     "celery": "WARNING",
     "selenium": "WARNING",
-    "grpc": LOG_LEVEL,
     "docker": "WARNING",
     "urllib3": "WARNING",
     "websockets": "WARNING",
@@ -468,6 +467,7 @@ _LOGGING_HANDLER_MAP = {
     "kubernetes": "INFO",
     "asyncio": "WARNING",
     "aioredis": "WARNING",
+    "silk": "INFO",
 }
 for handler_name, level in _LOGGING_HANDLER_MAP.items():
     # pyright: reportGeneralTypeIssues=false
@@ -504,6 +504,11 @@ for _app in INSTALLED_APPS:
 if DEBUG:
     CELERY_TASK_ALWAYS_EAGER = True
     os.environ[ENV_GIT_HASH_KEY] = "dev"
+    INSTALLED_APPS.append("silk")
+    SILKY_PYTHON_PROFILER = True
+    MIDDLEWARE = [
+        "silk.middleware.SilkyMiddleware"
+    ] + MIDDLEWARE
 
 INSTALLED_APPS.append("authentik.core")
 

authentik/root/urls.py

@@ -1,6 +1,7 @@
 """authentik URL Configuration"""
 from django.urls import include, path
 from structlog.stdlib import get_logger
+from django.conf import settings
 
 from authentik.core.views import error
 from authentik.lib.utils.reflection import get_apps
@@ -47,3 +48,8 @@ urlpatterns += [
     path("-/health/live/", LiveView.as_view(), name="health-live"),
     path("-/health/ready/", ReadyView.as_view(), name="health-ready"),
 ]
+
+if settings.DEBUG:
+    urlpatterns += [
+        path("debug/silk/", include("silk.urls", namespace="silk")),
+    ]

pyproject.toml

@@ -158,6 +158,7 @@ pytest-django = "*"
 pytest-randomly = "*"
 requests-mock = "*"
 selenium = "*"
+django-silk = "*"
 
 [build-system]
 requires = ["poetry-core>=1.0.0"]