From be232e2b77e815b8a364ac4c5cd0185ce2741d95 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Wed, 16 Mar 2022 10:26:55 +0100 Subject: [PATCH] core: fix provider launch URL being prioritised over manually configured launch URL closes #2493 Signed-off-by: Jens Langhammer --- authentik/core/models.py | 4 +- authentik/core/tests/test_applications_api.py | 45 ++++++++++++++++--- 2 files changed, 42 insertions(+), 7 deletions(-) diff --git a/authentik/core/models.py b/authentik/core/models.py index 284ca3b17..301d70698 100644 --- a/authentik/core/models.py +++ b/authentik/core/models.py @@ -287,10 +287,10 @@ class Application(PolicyBindingModel): def get_launch_url(self, user: Optional["User"] = None) -> Optional[str]: """Get launch URL if set, otherwise attempt to get launch URL based on provider.""" url = None - if self.meta_launch_url: - url = self.meta_launch_url if provider := self.get_provider(): url = provider.launch_url + if self.meta_launch_url: + url = self.meta_launch_url if user and url: if isinstance(user, SimpleLazyObject): user._setup() diff --git a/authentik/core/tests/test_applications_api.py b/authentik/core/tests/test_applications_api.py index 34cb8855c..8ee9ba1fa 100644 --- a/authentik/core/tests/test_applications_api.py +++ b/authentik/core/tests/test_applications_api.py @@ -4,8 +4,10 @@ from rest_framework.test import APITestCase from authentik.core.models import Application from authentik.core.tests.utils import create_test_admin_user +from authentik.flows.models import Flow from authentik.policies.dummy.models import DummyPolicy from authentik.policies.models import PolicyBinding +from authentik.providers.oauth2.models import OAuth2Provider class TestApplicationsAPI(APITestCase): @@ -13,8 +15,19 @@ class TestApplicationsAPI(APITestCase): def setUp(self) -> None: self.user = create_test_admin_user() + self.provider = OAuth2Provider.objects.create( + name="test", + redirect_uris="http://some-other-domain", + authorization_flow=Flow.objects.create( + name="test", + slug="test", + ), + ) self.allowed = Application.objects.create( - name="allowed", slug="allowed", meta_launch_url="https://goauthentik.io/%(username)s" + name="allowed", + slug="allowed", + meta_launch_url="https://goauthentik.io/%(username)s", + provider=self.provider, ) self.denied = Application.objects.create(name="denied", slug="denied") PolicyBinding.objects.create( @@ -64,8 +77,19 @@ class TestApplicationsAPI(APITestCase): "pk": str(self.allowed.pk), "name": "allowed", "slug": "allowed", - "provider": None, - "provider_obj": None, + "provider": self.provider.pk, + "provider_obj": { + "assigned_application_name": "allowed", + "assigned_application_slug": "allowed", + "authorization_flow": str(self.provider.authorization_flow.pk), + "component": "ak-provider-oauth2-form", + "meta_model_name": "authentik_providers_oauth2.oauth2provider", + "name": self.provider.name, + "pk": self.provider.pk, + "property_mappings": [], + "verbose_name": "OAuth2/OpenID Provider", + "verbose_name_plural": "OAuth2/OpenID Providers", + }, "launch_url": f"https://goauthentik.io/{self.user.username}", "meta_launch_url": "https://goauthentik.io/%(username)s", "meta_icon": None, @@ -100,8 +124,19 @@ class TestApplicationsAPI(APITestCase): "pk": str(self.allowed.pk), "name": "allowed", "slug": "allowed", - "provider": None, - "provider_obj": None, + "provider": self.provider.pk, + "provider_obj": { + "assigned_application_name": "allowed", + "assigned_application_slug": "allowed", + "authorization_flow": str(self.provider.authorization_flow.pk), + "component": "ak-provider-oauth2-form", + "meta_model_name": "authentik_providers_oauth2.oauth2provider", + "name": self.provider.name, + "pk": self.provider.pk, + "property_mappings": [], + "verbose_name": "OAuth2/OpenID Provider", + "verbose_name_plural": "OAuth2/OpenID Providers", + }, "launch_url": f"https://goauthentik.io/{self.user.username}", "meta_launch_url": "https://goauthentik.io/%(username)s", "meta_icon": None,