providers/proxy: fix certificates without key being selectable

authentik/core/api/tokens.py

@@ -49,7 +49,7 @@ class TokenViewSet(ModelViewSet):
         if not tokens.exists():
             raise Http404
         token = tokens.first()
-        Event.new(  # noqa # nosec
-            EventAction.SECRET_VIEW, secret=token
-        ).from_http(request)
+        Event.new(EventAction.SECRET_VIEW, secret=token).from_http(  # noqa # nosec
+            request
+        )
         return Response(TokenViewSerializer({"key": token.key}).data)

authentik/providers/proxy/forms.py

@@ -18,7 +18,7 @@ class ProxyProviderForm(forms.ModelForm):
         )
         self.fields["certificate"].queryset = CertificateKeyPair.objects.filter(
             key_data__isnull=False
-        )
+        ).exclude(key_data="")
 
     def save(self, *args, **kwargs):
         actual_save = super().save(*args, **kwargs)