core: fix provider launch URL being prioritised over manually configured launch URL
closes #2493 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
42389188ad
commit
be232e2b77
|
@ -287,10 +287,10 @@ class Application(PolicyBindingModel):
|
||||||
def get_launch_url(self, user: Optional["User"] = None) -> Optional[str]:
|
def get_launch_url(self, user: Optional["User"] = None) -> Optional[str]:
|
||||||
"""Get launch URL if set, otherwise attempt to get launch URL based on provider."""
|
"""Get launch URL if set, otherwise attempt to get launch URL based on provider."""
|
||||||
url = None
|
url = None
|
||||||
if self.meta_launch_url:
|
|
||||||
url = self.meta_launch_url
|
|
||||||
if provider := self.get_provider():
|
if provider := self.get_provider():
|
||||||
url = provider.launch_url
|
url = provider.launch_url
|
||||||
|
if self.meta_launch_url:
|
||||||
|
url = self.meta_launch_url
|
||||||
if user and url:
|
if user and url:
|
||||||
if isinstance(user, SimpleLazyObject):
|
if isinstance(user, SimpleLazyObject):
|
||||||
user._setup()
|
user._setup()
|
||||||
|
|
|
@ -4,8 +4,10 @@ from rest_framework.test import APITestCase
|
||||||
|
|
||||||
from authentik.core.models import Application
|
from authentik.core.models import Application
|
||||||
from authentik.core.tests.utils import create_test_admin_user
|
from authentik.core.tests.utils import create_test_admin_user
|
||||||
|
from authentik.flows.models import Flow
|
||||||
from authentik.policies.dummy.models import DummyPolicy
|
from authentik.policies.dummy.models import DummyPolicy
|
||||||
from authentik.policies.models import PolicyBinding
|
from authentik.policies.models import PolicyBinding
|
||||||
|
from authentik.providers.oauth2.models import OAuth2Provider
|
||||||
|
|
||||||
|
|
||||||
class TestApplicationsAPI(APITestCase):
|
class TestApplicationsAPI(APITestCase):
|
||||||
|
@ -13,8 +15,19 @@ class TestApplicationsAPI(APITestCase):
|
||||||
|
|
||||||
def setUp(self) -> None:
|
def setUp(self) -> None:
|
||||||
self.user = create_test_admin_user()
|
self.user = create_test_admin_user()
|
||||||
|
self.provider = OAuth2Provider.objects.create(
|
||||||
|
name="test",
|
||||||
|
redirect_uris="http://some-other-domain",
|
||||||
|
authorization_flow=Flow.objects.create(
|
||||||
|
name="test",
|
||||||
|
slug="test",
|
||||||
|
),
|
||||||
|
)
|
||||||
self.allowed = Application.objects.create(
|
self.allowed = Application.objects.create(
|
||||||
name="allowed", slug="allowed", meta_launch_url="https://goauthentik.io/%(username)s"
|
name="allowed",
|
||||||
|
slug="allowed",
|
||||||
|
meta_launch_url="https://goauthentik.io/%(username)s",
|
||||||
|
provider=self.provider,
|
||||||
)
|
)
|
||||||
self.denied = Application.objects.create(name="denied", slug="denied")
|
self.denied = Application.objects.create(name="denied", slug="denied")
|
||||||
PolicyBinding.objects.create(
|
PolicyBinding.objects.create(
|
||||||
|
@ -64,8 +77,19 @@ class TestApplicationsAPI(APITestCase):
|
||||||
"pk": str(self.allowed.pk),
|
"pk": str(self.allowed.pk),
|
||||||
"name": "allowed",
|
"name": "allowed",
|
||||||
"slug": "allowed",
|
"slug": "allowed",
|
||||||
"provider": None,
|
"provider": self.provider.pk,
|
||||||
"provider_obj": None,
|
"provider_obj": {
|
||||||
|
"assigned_application_name": "allowed",
|
||||||
|
"assigned_application_slug": "allowed",
|
||||||
|
"authorization_flow": str(self.provider.authorization_flow.pk),
|
||||||
|
"component": "ak-provider-oauth2-form",
|
||||||
|
"meta_model_name": "authentik_providers_oauth2.oauth2provider",
|
||||||
|
"name": self.provider.name,
|
||||||
|
"pk": self.provider.pk,
|
||||||
|
"property_mappings": [],
|
||||||
|
"verbose_name": "OAuth2/OpenID Provider",
|
||||||
|
"verbose_name_plural": "OAuth2/OpenID Providers",
|
||||||
|
},
|
||||||
"launch_url": f"https://goauthentik.io/{self.user.username}",
|
"launch_url": f"https://goauthentik.io/{self.user.username}",
|
||||||
"meta_launch_url": "https://goauthentik.io/%(username)s",
|
"meta_launch_url": "https://goauthentik.io/%(username)s",
|
||||||
"meta_icon": None,
|
"meta_icon": None,
|
||||||
|
@ -100,8 +124,19 @@ class TestApplicationsAPI(APITestCase):
|
||||||
"pk": str(self.allowed.pk),
|
"pk": str(self.allowed.pk),
|
||||||
"name": "allowed",
|
"name": "allowed",
|
||||||
"slug": "allowed",
|
"slug": "allowed",
|
||||||
"provider": None,
|
"provider": self.provider.pk,
|
||||||
"provider_obj": None,
|
"provider_obj": {
|
||||||
|
"assigned_application_name": "allowed",
|
||||||
|
"assigned_application_slug": "allowed",
|
||||||
|
"authorization_flow": str(self.provider.authorization_flow.pk),
|
||||||
|
"component": "ak-provider-oauth2-form",
|
||||||
|
"meta_model_name": "authentik_providers_oauth2.oauth2provider",
|
||||||
|
"name": self.provider.name,
|
||||||
|
"pk": self.provider.pk,
|
||||||
|
"property_mappings": [],
|
||||||
|
"verbose_name": "OAuth2/OpenID Provider",
|
||||||
|
"verbose_name_plural": "OAuth2/OpenID Providers",
|
||||||
|
},
|
||||||
"launch_url": f"https://goauthentik.io/{self.user.username}",
|
"launch_url": f"https://goauthentik.io/{self.user.username}",
|
||||||
"meta_launch_url": "https://goauthentik.io/%(username)s",
|
"meta_launch_url": "https://goauthentik.io/%(username)s",
|
||||||
"meta_icon": None,
|
"meta_icon": None,
|
||||||
|
|
Reference in New Issue