enterprise/providers/rac: create authorize_application event when creating token (#8050)
* events: don't log creation of creation token Signed-off-by: Jens Langhammer <jens@goauthentik.io> * enterprise/providers/rac: create authorize_application event when creating token Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
parent
d54b410429
commit
b93ad8615c
|
@ -10,6 +10,7 @@ from authentik.core.models import Application, AuthenticatedSession
|
||||||
from authentik.core.views.interface import InterfaceView
|
from authentik.core.views.interface import InterfaceView
|
||||||
from authentik.enterprise.policy import EnterprisePolicyAccessView
|
from authentik.enterprise.policy import EnterprisePolicyAccessView
|
||||||
from authentik.enterprise.providers.rac.models import ConnectionToken, Endpoint, RACProvider
|
from authentik.enterprise.providers.rac.models import ConnectionToken, Endpoint, RACProvider
|
||||||
|
from authentik.events.models import Event, EventAction
|
||||||
from authentik.flows.challenge import RedirectChallenge
|
from authentik.flows.challenge import RedirectChallenge
|
||||||
from authentik.flows.exceptions import FlowNonApplicableException
|
from authentik.flows.exceptions import FlowNonApplicableException
|
||||||
from authentik.flows.models import in_memory_stage
|
from authentik.flows.models import in_memory_stage
|
||||||
|
@ -43,6 +44,7 @@ class RACStartView(EnterprisePolicyAccessView):
|
||||||
plan.insert_stage(
|
plan.insert_stage(
|
||||||
in_memory_stage(
|
in_memory_stage(
|
||||||
RACFinalStage,
|
RACFinalStage,
|
||||||
|
application=self.application,
|
||||||
endpoint=self.endpoint,
|
endpoint=self.endpoint,
|
||||||
provider=self.provider,
|
provider=self.provider,
|
||||||
)
|
)
|
||||||
|
@ -90,6 +92,7 @@ class RACFinalStage(RedirectStage):
|
||||||
def get_challenge(self, *args, **kwargs) -> RedirectChallenge:
|
def get_challenge(self, *args, **kwargs) -> RedirectChallenge:
|
||||||
endpoint: Endpoint = self.executor.current_stage.endpoint
|
endpoint: Endpoint = self.executor.current_stage.endpoint
|
||||||
provider: RACProvider = self.executor.current_stage.provider
|
provider: RACProvider = self.executor.current_stage.provider
|
||||||
|
application: Application = self.executor.current_stage.application
|
||||||
token = ConnectionToken.objects.create(
|
token = ConnectionToken.objects.create(
|
||||||
provider=provider,
|
provider=provider,
|
||||||
endpoint=endpoint,
|
endpoint=endpoint,
|
||||||
|
@ -100,6 +103,12 @@ class RACFinalStage(RedirectStage):
|
||||||
expires=now() + timedelta_from_string(provider.connection_expiry),
|
expires=now() + timedelta_from_string(provider.connection_expiry),
|
||||||
expiring=True,
|
expiring=True,
|
||||||
)
|
)
|
||||||
|
Event.new(
|
||||||
|
EventAction.AUTHORIZE_APPLICATION,
|
||||||
|
authorized_application=application,
|
||||||
|
flow=self.executor.plan.flow_pk,
|
||||||
|
endpoint=endpoint.name,
|
||||||
|
).from_http(self.request)
|
||||||
setattr(
|
setattr(
|
||||||
self.executor.current_stage,
|
self.executor.current_stage,
|
||||||
"destination",
|
"destination",
|
||||||
|
|
|
@ -20,6 +20,7 @@ from authentik.core.models import (
|
||||||
User,
|
User,
|
||||||
UserSourceConnection,
|
UserSourceConnection,
|
||||||
)
|
)
|
||||||
|
from authentik.enterprise.providers.rac.models import ConnectionToken
|
||||||
from authentik.events.models import Event, EventAction, Notification
|
from authentik.events.models import Event, EventAction, Notification
|
||||||
from authentik.events.utils import model_to_dict
|
from authentik.events.utils import model_to_dict
|
||||||
from authentik.flows.models import FlowToken, Stage
|
from authentik.flows.models import FlowToken, Stage
|
||||||
|
@ -54,6 +55,7 @@ IGNORED_MODELS = (
|
||||||
SCIMUser,
|
SCIMUser,
|
||||||
SCIMGroup,
|
SCIMGroup,
|
||||||
Reputation,
|
Reputation,
|
||||||
|
ConnectionToken,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
|
Reference in a new issue