From b15002a992a0837e06fa6b1ea5c4b05be124f47b Mon Sep 17 00:00:00 2001 From: Jens L Date: Wed, 27 Sep 2023 12:34:02 +0200 Subject: [PATCH] flows: stage_invalid() makes flow restart depending on invalid_response_action setting (#6780) * flows: stage_invalid() makes flow restart depending on invalid_response_action setting Signed-off-by: Jens Langhammer * fix Signed-off-by: Jens Langhammer --------- Signed-off-by: Jens Langhammer --- authentik/flows/views/executor.py | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/authentik/flows/views/executor.py b/authentik/flows/views/executor.py index 31f08c107..92b944670 100644 --- a/authentik/flows/views/executor.py +++ b/authentik/flows/views/executor.py @@ -42,6 +42,7 @@ from authentik.flows.models import ( FlowDesignation, FlowStageBinding, FlowToken, + InvalidResponseAction, Stage, ) from authentik.flows.planner import ( @@ -105,7 +106,7 @@ class FlowExecutorView(APIView): flow: Flow plan: Optional[FlowPlan] = None - current_binding: FlowStageBinding + current_binding: Optional[FlowStageBinding] = None current_stage: Stage current_stage_view: View @@ -411,6 +412,19 @@ class FlowExecutorView(APIView): Optionally, an exception can be passed, which will be shown if the current user is a superuser.""" self._logger.debug("f(exec): Stage invalid") + if self.current_binding and self.current_binding.invalid_response_action in [ + InvalidResponseAction.RESTART, + InvalidResponseAction.RESTART_WITH_CONTEXT, + ]: + keep_context = ( + self.current_binding.invalid_response_action + == InvalidResponseAction.RESTART_WITH_CONTEXT + ) + self._logger.debug( + "f(exec): Invalid response, restarting flow", + keep_context=keep_context, + ) + return self.restart_flow(keep_context) self.cancel() challenge_view = AccessDeniedChallengeView(self, error_message) challenge_view.request = self.request