diff --git a/.prospector.yaml b/.prospector.yaml deleted file mode 100644 index 3c1e3ca1f..000000000 --- a/.prospector.yaml +++ /dev/null @@ -1,12 +0,0 @@ -strictness: medium -test-warnings: true -doc-warnings: false - -ignore-paths: - - migrations - - docs - - node_modules - -uses: - - django - - celery diff --git a/.pylintrc b/.pylintrc deleted file mode 100644 index c2675db1b..000000000 --- a/.pylintrc +++ /dev/null @@ -1,29 +0,0 @@ -[MASTER] - -disable = - arguments-differ, - no-self-use, - fixme, - locally-disabled, - too-many-ancestors, - too-few-public-methods, - import-outside-toplevel, - bad-continuation, - signature-differs, - similarities, - cyclic-import, - protected-access, - raise-missing-from - -load-plugins=pylint_django,pylint.extensions.bad_builtin -django-settings-module=authentik.root.settings -extension-pkg-whitelist=lxml,xmlsec - -# Allow constants to be shorter than normal (and lowercase, for settings.py) -const-rgx=[a-zA-Z0-9_]{1,40}$ - -ignored-modules=django-otp -generated-members=xmlsec.constants.*,xmlsec.tree.*,xmlsec.template.* -ignore=migrations -max-attributes=12 -max-branches=20 diff --git a/Pipfile.lock b/Pipfile.lock index 860f0977b..3f80b1888 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -122,8 +122,8 @@ }, "boto3": { "hashes": [ - "sha256:ee999b46b2c630e50e7b052d6dfe224203a348d83b00e168ca50009af0f276c1", - "sha256:54380395ba52502a9877cd0c4c9c9834341ce74c96c9f1ecc6fd77bade1b201a" + "sha256:54380395ba52502a9877cd0c4c9c9834341ce74c96c9f1ecc6fd77bade1b201a", + "sha256:ee999b46b2c630e50e7b052d6dfe224203a348d83b00e168ca50009af0f276c1" ], "index": "pypi", "version": "==1.17.40" @@ -611,11 +611,11 @@ }, "ldap3": { "hashes": [ - "sha256:afc6fc0d01f02af82cd7bfabd3bbfd5dc96a6ae91e97db0a2dab8a0f1b436056", - "sha256:c1df41d89459be6f304e0ceec4b00fdea533dbbcd83c802b1272dcdb94620b57", - "sha256:8c949edbad2be8a03e719ba48bd6779f327ec156929562814b3e84ab56889c8c", + "sha256:18c3ee656a6775b9b0d60f7c6c5b094d878d1d90fc03d56731039f0a4b546a91", "sha256:4139c91f0eef9782df7b77c8cbc6243086affcb6a8a249b768a9658438e5da59", - "sha256:18c3ee656a6775b9b0d60f7c6c5b094d878d1d90fc03d56731039f0a4b546a91" + "sha256:8c949edbad2be8a03e719ba48bd6779f327ec156929562814b3e84ab56889c8c", + "sha256:afc6fc0d01f02af82cd7bfabd3bbfd5dc96a6ae91e97db0a2dab8a0f1b436056", + "sha256:c1df41d89459be6f304e0ceec4b00fdea533dbbcd83c802b1272dcdb94620b57" ], "index": "pypi", "version": "==2.9" @@ -877,37 +877,37 @@ }, "pyasn1": { "hashes": [ - "sha256:7ab8a544af125fb704feadb008c99a88805126fb525280b2270bb25cc1d78a12", "sha256:014c0e9976956a08139dc0712ae195324a75e142284d5f87f1a87ee1b068a359", - "sha256:99fcc3c8d804d1bc6d9a099921e39d827026409a58f2a720dcdb89374ea0c776", - "sha256:6e7545f1a61025a4e58bb336952c5061697da694db1cae97b116e9c46abcf7c8", - "sha256:fec3e9d8e36808a28efb59b489e4528c10ad0f480e57dcc32b4de5c9d8c9fdf3", - "sha256:78fa6da68ed2727915c4767bb386ab32cdba863caa7dbe473eaae45f9959da86", - "sha256:aef77c9fb94a3ac588e87841208bdec464471d9871bd5050a287cc9a475cd0ba", - "sha256:08c3c53b75eaa48d71cf8c710312316392ed40899cb34710d092e96745a358b7", - "sha256:e89bf84b5437b532b0803ba5c9a5e054d21fec423a89952a74f87fa2c9b7bce2", - "sha256:5c9414dcfede6e441f7e8f81b43b34e834731003427e5b09e4e00e3172a10f00", "sha256:03840c999ba71680a131cfaee6fab142e1ed9bbd9c693e285cc6aca0d555e576", "sha256:0458773cfe65b153891ac249bcf1b5f8f320b7c2ce462151f8fa74de8934becf", - "sha256:39c7e2ec30515947ff4e87fb6f456dfc6e84857d34be479c9d4a4ba4bf46aa5d" + "sha256:08c3c53b75eaa48d71cf8c710312316392ed40899cb34710d092e96745a358b7", + "sha256:39c7e2ec30515947ff4e87fb6f456dfc6e84857d34be479c9d4a4ba4bf46aa5d", + "sha256:5c9414dcfede6e441f7e8f81b43b34e834731003427e5b09e4e00e3172a10f00", + "sha256:6e7545f1a61025a4e58bb336952c5061697da694db1cae97b116e9c46abcf7c8", + "sha256:78fa6da68ed2727915c4767bb386ab32cdba863caa7dbe473eaae45f9959da86", + "sha256:7ab8a544af125fb704feadb008c99a88805126fb525280b2270bb25cc1d78a12", + "sha256:99fcc3c8d804d1bc6d9a099921e39d827026409a58f2a720dcdb89374ea0c776", + "sha256:aef77c9fb94a3ac588e87841208bdec464471d9871bd5050a287cc9a475cd0ba", + "sha256:e89bf84b5437b532b0803ba5c9a5e054d21fec423a89952a74f87fa2c9b7bce2", + "sha256:fec3e9d8e36808a28efb59b489e4528c10ad0f480e57dcc32b4de5c9d8c9fdf3" ], "version": "==0.4.8" }, "pyasn1-modules": { "hashes": [ - "sha256:b80486a6c77252ea3a3e9b1e360bc9cf28eaac41263d173c032581ad2f20fe45", + "sha256:0845a5582f6a02bb3e1bde9ecfc4bfcae6ec3210dd270522fee602365430c3f8", + "sha256:0fe1b68d1e486a1ed5473f1302bd991c1611d319bba158e98b106ff86e1d7199", + "sha256:15b7c67fabc7fc240d87fb9aabf999cf82311a6d6fb2c70d00d3d0604878c811", + "sha256:426edb7a5e8879f1ec54a1864f16b882c2837bfd06eee62f2c982315ee2473ed", + "sha256:65cebbaffc913f4fe9e4808735c95ea22d7a7775646ab690518c056784bc21b4", + "sha256:905f84c712230b2c592c19470d3ca8d552de726050d1d1716282a1f6146be65e", "sha256:a50b808ffeb97cb3601dd25981f6b016cbb3d31fbf57a8b8a87428e6158d0c74", "sha256:a99324196732f53093a84c4369c996713eb8c89d360a496b599fb1a9c47fc3eb", + "sha256:b80486a6c77252ea3a3e9b1e360bc9cf28eaac41263d173c032581ad2f20fe45", "sha256:c29a5e5cc7a3f05926aff34e097e84f8589cd790ce0ed41b67aed6857b26aafd", "sha256:cbac4bc38d117f2a49aeedec4407d23e8866ea4ac27ff2cf7fb3e5b570df19e0", - "sha256:fe0644d9ab041506b62782e92b06b8c68cca799e1a9636ec398675459e031405", - "sha256:0845a5582f6a02bb3e1bde9ecfc4bfcae6ec3210dd270522fee602365430c3f8", "sha256:f39edd8c4ecaa4556e989147ebf219227e2cd2e8a43c7e7fcb1f1c18c5fd6a3d", - "sha256:65cebbaffc913f4fe9e4808735c95ea22d7a7775646ab690518c056784bc21b4", - "sha256:426edb7a5e8879f1ec54a1864f16b882c2837bfd06eee62f2c982315ee2473ed", - "sha256:905f84c712230b2c592c19470d3ca8d552de726050d1d1716282a1f6146be65e", - "sha256:0fe1b68d1e486a1ed5473f1302bd991c1611d319bba158e98b106ff86e1d7199", - "sha256:15b7c67fabc7fc240d87fb9aabf999cf82311a6d6fb2c70d00d3d0604878c811" + "sha256:fe0644d9ab041506b62782e92b06b8c68cca799e1a9636ec398675459e031405" ], "version": "==0.2.8" }, @@ -1103,9 +1103,9 @@ }, "requests-oauthlib": { "hashes": [ + "sha256:7f71572defaecd16372f9006f33c2ec8c077c3cfa6f5911a9a90202beb513f3d", "sha256:b4261601a71fd721a8bd6d7aa1cc1d6a8a93b4a9f5e96626f8e4d91e8beeaa6a", - "sha256:fa6c47b933f01060936d87ae9327fead68768b69c6c9ea2109c48be30f2d4dbc", - "sha256:7f71572defaecd16372f9006f33c2ec8c077c3cfa6f5911a9a90202beb513f3d" + "sha256:fa6c47b933f01060936d87ae9327fead68768b69c6c9ea2109c48be30f2d4dbc" ], "index": "pypi", "version": "==1.3.0" diff --git a/authentik/flows/challenge.py b/authentik/flows/challenge.py index c03fb3ffc..6cfffc7fe 100644 --- a/authentik/flows/challenge.py +++ b/authentik/flows/challenge.py @@ -16,9 +16,9 @@ if TYPE_CHECKING: class ChallengeTypes(Enum): """Currently defined challenge types""" - native = "native" - shell = "shell" - redirect = "redirect" + NATIVE = "native" + SHELL = "shell" + REDIRECT = "redirect" class ErrorDetailSerializer(Serializer): diff --git a/authentik/flows/tests/test_views.py b/authentik/flows/tests/test_views.py index d75e507ef..f06ba18b5 100644 --- a/authentik/flows/tests/test_views.py +++ b/authentik/flows/tests/test_views.py @@ -94,7 +94,7 @@ class TestFlowExecutor(TestCase): "component": "ak-stage-access-denied", "error_message": FlowNonApplicableException.__doc__, "title": "", - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, }, ) @@ -415,7 +415,7 @@ class TestFlowExecutor(TestCase): force_str(response.content), { "background": flow.background.url, - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, "component": "ak-stage-dummy", "title": binding.stage.name, }, @@ -446,7 +446,7 @@ class TestFlowExecutor(TestCase): force_str(response.content), { "background": flow.background.url, - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, "component": "ak-stage-dummy", "title": binding4.stage.name, }, diff --git a/authentik/flows/views.py b/authentik/flows/views.py index 9020894c6..42e328f4c 100644 --- a/authentik/flows/views.py +++ b/authentik/flows/views.py @@ -241,7 +241,7 @@ class FlowExecutorView(APIView): { "error_message": error_message, "title": self.flow.title, - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, "component": "ak-stage-access-denied", } ) @@ -334,14 +334,14 @@ def to_stage_response(request: HttpRequest, source: HttpResponse) -> HttpRespons ) return HttpChallengeResponse( RedirectChallenge( - {"type": ChallengeTypes.redirect, "to": str(redirect_url)} + {"type": ChallengeTypes.REDIRECT, "to": str(redirect_url)} ) ) if isinstance(source, TemplateResponse): return HttpChallengeResponse( ShellChallenge( { - "type": ChallengeTypes.shell, + "type": ChallengeTypes.SHELL, "body": source.render().content.decode("utf-8"), } ) @@ -351,7 +351,7 @@ def to_stage_response(request: HttpRequest, source: HttpResponse) -> HttpRespons return HttpChallengeResponse( ShellChallenge( { - "type": ChallengeTypes.shell, + "type": ChallengeTypes.SHELL, "body": source.content.decode("utf-8"), } ) diff --git a/authentik/providers/saml/views/flows.py b/authentik/providers/saml/views/flows.py index eb03eb9c8..e6ebb368e 100644 --- a/authentik/providers/saml/views/flows.py +++ b/authentik/providers/saml/views/flows.py @@ -74,7 +74,7 @@ class SAMLFlowFinalView(ChallengeStageView): return super().get( self.request, **{ - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, "component": "ak-stage-autosubmit", "title": "Redirecting to %(app)s..." % {"app": application.name}, "url": provider.acs_url, diff --git a/authentik/sources/oauth/types/azure_ad.py b/authentik/sources/oauth/types/azure_ad.py index 7ca6468a2..697bc94fa 100644 --- a/authentik/sources/oauth/types/azure_ad.py +++ b/authentik/sources/oauth/types/azure_ad.py @@ -7,7 +7,7 @@ from authentik.sources.oauth.types.manager import MANAGER, RequestKind from authentik.sources.oauth.views.callback import OAuthCallback -@MANAGER.source(kind=RequestKind.callback, name="Azure AD") +@MANAGER.source(kind=RequestKind.CALLBACK, name="Azure AD") class AzureADOAuthCallback(OAuthCallback): """AzureAD OAuth2 Callback""" diff --git a/authentik/sources/oauth/types/discord.py b/authentik/sources/oauth/types/discord.py index 94ab600e6..b50aafa77 100644 --- a/authentik/sources/oauth/types/discord.py +++ b/authentik/sources/oauth/types/discord.py @@ -7,7 +7,7 @@ from authentik.sources.oauth.views.callback import OAuthCallback from authentik.sources.oauth.views.redirect import OAuthRedirect -@MANAGER.source(kind=RequestKind.redirect, name="Discord") +@MANAGER.source(kind=RequestKind.REDIRECT, name="Discord") class DiscordOAuthRedirect(OAuthRedirect): """Discord OAuth2 Redirect""" @@ -17,7 +17,7 @@ class DiscordOAuthRedirect(OAuthRedirect): } -@MANAGER.source(kind=RequestKind.callback, name="Discord") +@MANAGER.source(kind=RequestKind.CALLBACK, name="Discord") class DiscordOAuth2Callback(OAuthCallback): """Discord OAuth2 Callback""" diff --git a/authentik/sources/oauth/types/facebook.py b/authentik/sources/oauth/types/facebook.py index 5b39c5265..3956413da 100644 --- a/authentik/sources/oauth/types/facebook.py +++ b/authentik/sources/oauth/types/facebook.py @@ -10,7 +10,7 @@ from authentik.sources.oauth.views.callback import OAuthCallback from authentik.sources.oauth.views.redirect import OAuthRedirect -@MANAGER.source(kind=RequestKind.redirect, name="Facebook") +@MANAGER.source(kind=RequestKind.REDIRECT, name="Facebook") class FacebookOAuthRedirect(OAuthRedirect): """Facebook OAuth2 Redirect""" @@ -28,7 +28,7 @@ class FacebookOAuth2Client(OAuth2Client): return api.get_object("me", fields="id,name,email") -@MANAGER.source(kind=RequestKind.callback, name="Facebook") +@MANAGER.source(kind=RequestKind.CALLBACK, name="Facebook") class FacebookOAuth2Callback(OAuthCallback): """Facebook OAuth2 Callback""" diff --git a/authentik/sources/oauth/types/github.py b/authentik/sources/oauth/types/github.py index d016d6fcd..420fa6ba1 100644 --- a/authentik/sources/oauth/types/github.py +++ b/authentik/sources/oauth/types/github.py @@ -6,7 +6,7 @@ from authentik.sources.oauth.types.manager import MANAGER, RequestKind from authentik.sources.oauth.views.callback import OAuthCallback -@MANAGER.source(kind=RequestKind.callback, name="GitHub") +@MANAGER.source(kind=RequestKind.CALLBACK, name="GitHub") class GitHubOAuth2Callback(OAuthCallback): """GitHub OAuth2 Callback""" diff --git a/authentik/sources/oauth/types/google.py b/authentik/sources/oauth/types/google.py index 00143d324..c7d1ba8c8 100644 --- a/authentik/sources/oauth/types/google.py +++ b/authentik/sources/oauth/types/google.py @@ -7,7 +7,7 @@ from authentik.sources.oauth.views.callback import OAuthCallback from authentik.sources.oauth.views.redirect import OAuthRedirect -@MANAGER.source(kind=RequestKind.redirect, name="Google") +@MANAGER.source(kind=RequestKind.REDIRECT, name="Google") class GoogleOAuthRedirect(OAuthRedirect): """Google OAuth2 Redirect""" @@ -17,7 +17,7 @@ class GoogleOAuthRedirect(OAuthRedirect): } -@MANAGER.source(kind=RequestKind.callback, name="Google") +@MANAGER.source(kind=RequestKind.CALLBACK, name="Google") class GoogleOAuth2Callback(OAuthCallback): """Google OAuth2 Callback""" diff --git a/authentik/sources/oauth/types/manager.py b/authentik/sources/oauth/types/manager.py index 6069947d5..ea51b7c5b 100644 --- a/authentik/sources/oauth/types/manager.py +++ b/authentik/sources/oauth/types/manager.py @@ -15,8 +15,8 @@ LOGGER = get_logger() class RequestKind(Enum): """Enum of OAuth Request types""" - callback = "callback" - redirect = "redirect" + CALLBACK = "callback" + REDIRECT = "redirect" class SourceTypeManager: @@ -52,9 +52,9 @@ class SourceTypeManager: have=self.__source_types[kind.value].keys(), ) # Return defaults - if kind == RequestKind.callback: + if kind == RequestKind.CALLBACK: return OAuthCallback - if kind == RequestKind.redirect: + if kind == RequestKind.REDIRECT: return OAuthRedirect raise KeyError( f"Provider Type {source.provider_type} (type {kind.value}) not found." diff --git a/authentik/sources/oauth/types/oidc.py b/authentik/sources/oauth/types/oidc.py index 00d4723e1..7fafaead2 100644 --- a/authentik/sources/oauth/types/oidc.py +++ b/authentik/sources/oauth/types/oidc.py @@ -7,7 +7,7 @@ from authentik.sources.oauth.views.callback import OAuthCallback from authentik.sources.oauth.views.redirect import OAuthRedirect -@MANAGER.source(kind=RequestKind.redirect, name="OpenID Connect") +@MANAGER.source(kind=RequestKind.REDIRECT, name="OpenID Connect") class OpenIDConnectOAuthRedirect(OAuthRedirect): """OpenIDConnect OAuth2 Redirect""" @@ -17,7 +17,7 @@ class OpenIDConnectOAuthRedirect(OAuthRedirect): } -@MANAGER.source(kind=RequestKind.callback, name="OpenID Connect") +@MANAGER.source(kind=RequestKind.CALLBACK, name="OpenID Connect") class OpenIDConnectOAuth2Callback(OAuthCallback): """OpenIDConnect OAuth2 Callback""" diff --git a/authentik/sources/oauth/types/reddit.py b/authentik/sources/oauth/types/reddit.py index d032642ff..868bb23dc 100644 --- a/authentik/sources/oauth/types/reddit.py +++ b/authentik/sources/oauth/types/reddit.py @@ -10,7 +10,7 @@ from authentik.sources.oauth.views.callback import OAuthCallback from authentik.sources.oauth.views.redirect import OAuthRedirect -@MANAGER.source(kind=RequestKind.redirect, name="reddit") +@MANAGER.source(kind=RequestKind.REDIRECT, name="reddit") class RedditOAuthRedirect(OAuthRedirect): """Reddit OAuth2 Redirect""" @@ -30,7 +30,7 @@ class RedditOAuth2Client(OAuth2Client): return super().get_access_token(auth=auth) -@MANAGER.source(kind=RequestKind.callback, name="reddit") +@MANAGER.source(kind=RequestKind.CALLBACK, name="reddit") class RedditOAuth2Callback(OAuthCallback): """Reddit OAuth2 Callback""" diff --git a/authentik/sources/oauth/types/twitter.py b/authentik/sources/oauth/types/twitter.py index ba90237bd..ff4105ee6 100644 --- a/authentik/sources/oauth/types/twitter.py +++ b/authentik/sources/oauth/types/twitter.py @@ -6,7 +6,7 @@ from authentik.sources.oauth.types.manager import MANAGER, RequestKind from authentik.sources.oauth.views.callback import OAuthCallback -@MANAGER.source(kind=RequestKind.callback, name="Twitter") +@MANAGER.source(kind=RequestKind.CALLBACK, name="Twitter") class TwitterOAuthCallback(OAuthCallback): """Twitter OAuth2 Callback""" diff --git a/authentik/sources/oauth/urls.py b/authentik/sources/oauth/urls.py index fabe02acf..7b38afe53 100644 --- a/authentik/sources/oauth/urls.py +++ b/authentik/sources/oauth/urls.py @@ -8,12 +8,12 @@ from authentik.sources.oauth.views.dispatcher import DispatcherView urlpatterns = [ path( "login//", - DispatcherView.as_view(kind=RequestKind.redirect), + DispatcherView.as_view(kind=RequestKind.REDIRECT), name="oauth-client-login", ), path( "callback//", - DispatcherView.as_view(kind=RequestKind.callback), + DispatcherView.as_view(kind=RequestKind.CALLBACK), name="oauth-client-callback", ), ] diff --git a/authentik/sources/saml/models.py b/authentik/sources/saml/models.py index aba16f81d..64f2b3f63 100644 --- a/authentik/sources/saml/models.py +++ b/authentik/sources/saml/models.py @@ -34,7 +34,7 @@ from authentik.sources.saml.processors.constants import ( class SAMLBindingTypes(models.TextChoices): """SAML Binding types""" - Redirect = "REDIRECT", _("Redirect Binding") + REDIRECT = "REDIRECT", _("Redirect Binding") POST = "POST", _("POST Binding") POST_AUTO = "POST_AUTO", _("POST Binding with auto-confirmation") @@ -95,7 +95,7 @@ class SAMLSource(Source): binding_type = models.CharField( max_length=100, choices=SAMLBindingTypes.choices, - default=SAMLBindingTypes.Redirect, + default=SAMLBindingTypes.REDIRECT, ) temporary_user_delete_after = models.TextField( diff --git a/authentik/sources/saml/views.py b/authentik/sources/saml/views.py index 8a60b6828..8b27895fc 100644 --- a/authentik/sources/saml/views.py +++ b/authentik/sources/saml/views.py @@ -50,7 +50,7 @@ class AutosubmitStageView(ChallengeStageView): def get_challenge(self, *args, **kwargs) -> Challenge: return AutosubmitChallenge( data={ - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, "component": "ak-stage-autosubmit", "title": self.executor.plan.context.get(PLAN_CONTEXT_TITLE, ""), "url": self.executor.plan.context.get(PLAN_CONTEXT_URL, ""), @@ -103,7 +103,7 @@ class InitiateView(View): relay_state = request.GET.get("next", "") auth_n_req = RequestProcessor(source, request, relay_state) # If the source is configured for Redirect bindings, we can just redirect there - if source.binding_type == SAMLBindingTypes.Redirect: + if source.binding_type == SAMLBindingTypes.REDIRECT: url_args = urlencode(auth_n_req.build_auth_n_detached()) return redirect(f"{source.sso_url}?{url_args}") # As POST Binding we show a form diff --git a/authentik/stages/authenticator_static/stage.py b/authentik/stages/authenticator_static/stage.py index f0a834464..6cab085c5 100644 --- a/authentik/stages/authenticator_static/stage.py +++ b/authentik/stages/authenticator_static/stage.py @@ -31,7 +31,7 @@ class AuthenticatorStaticStageView(ChallengeStageView): tokens: list[StaticToken] = self.request.session[SESSION_STATIC_TOKENS] return AuthenticatorStaticChallenge( data={ - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, "component": "ak-stage-authenticator-static", "codes": [token.token for token in tokens], } diff --git a/authentik/stages/authenticator_totp/stage.py b/authentik/stages/authenticator_totp/stage.py index 060b1b6f8..84adbd398 100644 --- a/authentik/stages/authenticator_totp/stage.py +++ b/authentik/stages/authenticator_totp/stage.py @@ -51,7 +51,7 @@ class AuthenticatorTOTPStageView(ChallengeStageView): device: TOTPDevice = self.request.session[SESSION_TOTP_DEVICE] return AuthenticatorTOTPChallenge( data={ - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, "component": "ak-stage-authenticator-totp", "config_url": device.config_url, } diff --git a/authentik/stages/authenticator_validate/stage.py b/authentik/stages/authenticator_validate/stage.py index 4e2e9f86a..c900437e0 100644 --- a/authentik/stages/authenticator_validate/stage.py +++ b/authentik/stages/authenticator_validate/stage.py @@ -145,7 +145,7 @@ class AuthenticatorValidateStageView(ChallengeStageView): challenges = self.request.session["device_challenges"] return AuthenticatorChallenge( data={ - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, "component": "ak-stage-authenticator-validate", "device_challenges": challenges, } diff --git a/authentik/stages/authenticator_webauthn/stage.py b/authentik/stages/authenticator_webauthn/stage.py index d16e42615..8da09c44a 100644 --- a/authentik/stages/authenticator_webauthn/stage.py +++ b/authentik/stages/authenticator_webauthn/stage.py @@ -128,7 +128,7 @@ class AuthenticatorWebAuthnStageView(ChallengeStageView): return AuthenticatorWebAuthnChallenge( data={ - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, "component": "ak-stage-authenticator-webauthn", "registration": registration_dict, } diff --git a/authentik/stages/captcha/stage.py b/authentik/stages/captcha/stage.py index 8b26a054c..98db7728a 100644 --- a/authentik/stages/captcha/stage.py +++ b/authentik/stages/captcha/stage.py @@ -63,7 +63,7 @@ class CaptchaStageView(ChallengeStageView): def get_challenge(self, *args, **kwargs) -> Challenge: return CaptchaChallenge( data={ - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, "component": "ak-stage-captcha", "site_key": self.executor.current_stage.public_key, } diff --git a/authentik/stages/consent/stage.py b/authentik/stages/consent/stage.py index 387ea0783..aba15031b 100644 --- a/authentik/stages/consent/stage.py +++ b/authentik/stages/consent/stage.py @@ -39,7 +39,7 @@ class ConsentStageView(ChallengeStageView): def get_challenge(self) -> Challenge: challenge = ConsentChallenge( data={ - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, "component": "ak-stage-consent", } ) diff --git a/authentik/stages/deny/tests.py b/authentik/stages/deny/tests.py index d82fdbaca..22b4babc9 100644 --- a/authentik/stages/deny/tests.py +++ b/authentik/stages/deny/tests.py @@ -49,7 +49,7 @@ class TestUserDenyStage(TestCase): "component": "ak-stage-access-denied", "error_message": None, "title": "", - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, }, ) diff --git a/authentik/stages/dummy/stage.py b/authentik/stages/dummy/stage.py index b4c2f844c..3ecef6f65 100644 --- a/authentik/stages/dummy/stage.py +++ b/authentik/stages/dummy/stage.py @@ -24,7 +24,7 @@ class DummyStageView(ChallengeStageView): def get_challenge(self, *args, **kwargs) -> Challenge: return DummyChallenge( data={ - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, "component": "ak-stage-dummy", "title": self.executor.current_stage.name, } diff --git a/authentik/stages/email/stage.py b/authentik/stages/email/stage.py index 03c2e5086..7c4c55831 100644 --- a/authentik/stages/email/stage.py +++ b/authentik/stages/email/stage.py @@ -96,7 +96,7 @@ class EmailStageView(ChallengeStageView): def get_challenge(self) -> Challenge: challenge = EmailChallenge( data={ - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, "component": "ak-stage-email", "title": "Email sent.", } diff --git a/authentik/stages/identification/stage.py b/authentik/stages/identification/stage.py index 4338af217..87f416789 100644 --- a/authentik/stages/identification/stage.py +++ b/authentik/stages/identification/stage.py @@ -78,7 +78,7 @@ class IdentificationStageView(ChallengeStageView): current_stage: IdentificationStage = self.executor.current_stage challenge = IdentificationChallenge( data={ - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, "component": "ak-stage-identification", "primary_action": _("Log in"), "input_type": "text", diff --git a/authentik/stages/identification/tests.py b/authentik/stages/identification/tests.py index 1e0daebb6..525f3250a 100644 --- a/authentik/stages/identification/tests.py +++ b/authentik/stages/identification/tests.py @@ -104,7 +104,7 @@ class TestIdentificationStage(TestCase): force_str(response.content), { "background": flow.background.url, - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, "component": "ak-stage-identification", "input_type": "email", "enroll_url": reverse( @@ -147,7 +147,7 @@ class TestIdentificationStage(TestCase): force_str(response.content), { "background": flow.background.url, - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, "component": "ak-stage-identification", "input_type": "email", "recovery_url": reverse( diff --git a/authentik/stages/invitation/tests.py b/authentik/stages/invitation/tests.py index 3f9220939..85b263c31 100644 --- a/authentik/stages/invitation/tests.py +++ b/authentik/stages/invitation/tests.py @@ -67,7 +67,7 @@ class TestUserLoginStage(TestCase): "component": "ak-stage-access-denied", "error_message": None, "title": "", - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, }, ) diff --git a/authentik/stages/password/stage.py b/authentik/stages/password/stage.py index d7ea70f41..1f2e7d6fb 100644 --- a/authentik/stages/password/stage.py +++ b/authentik/stages/password/stage.py @@ -78,7 +78,7 @@ class PasswordStageView(ChallengeStageView): def get_challenge(self) -> Challenge: challenge = PasswordChallenge( data={ - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, "component": "ak-stage-password", } ) diff --git a/authentik/stages/password/tests.py b/authentik/stages/password/tests.py index 9cb27c7a9..273c9834b 100644 --- a/authentik/stages/password/tests.py +++ b/authentik/stages/password/tests.py @@ -72,7 +72,7 @@ class TestPasswordStage(TestCase): "component": "ak-stage-access-denied", "error_message": None, "title": "", - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, }, ) @@ -206,6 +206,6 @@ class TestPasswordStage(TestCase): "component": "ak-stage-access-denied", "error_message": None, "title": "", - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, }, ) diff --git a/authentik/stages/prompt/stage.py b/authentik/stages/prompt/stage.py index 6d895e659..c926a20dd 100644 --- a/authentik/stages/prompt/stage.py +++ b/authentik/stages/prompt/stage.py @@ -164,7 +164,7 @@ class PromptStageView(ChallengeStageView): fields = list(self.executor.current_stage.fields.all().order_by("order")) challenge = PromptChallenge( data={ - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, "component": "ak-stage-prompt", "fields": [PromptSerializer(field).data for field in fields], }, diff --git a/authentik/stages/user_delete/tests.py b/authentik/stages/user_delete/tests.py index 135474c61..75d876b1c 100644 --- a/authentik/stages/user_delete/tests.py +++ b/authentik/stages/user_delete/tests.py @@ -55,7 +55,7 @@ class TestUserDeleteStage(TestCase): "component": "ak-stage-access-denied", "error_message": None, "title": "", - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, }, ) diff --git a/authentik/stages/user_login/tests.py b/authentik/stages/user_login/tests.py index 99ba9fe63..d05e6dc07 100644 --- a/authentik/stages/user_login/tests.py +++ b/authentik/stages/user_login/tests.py @@ -80,7 +80,7 @@ class TestUserLoginStage(TestCase): "component": "ak-stage-access-denied", "error_message": None, "title": "", - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, }, ) @@ -109,7 +109,7 @@ class TestUserLoginStage(TestCase): "component": "ak-stage-access-denied", "error_message": None, "title": "", - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, }, ) diff --git a/authentik/stages/user_write/tests.py b/authentik/stages/user_write/tests.py index 037f581ee..bd83b2e72 100644 --- a/authentik/stages/user_write/tests.py +++ b/authentik/stages/user_write/tests.py @@ -132,7 +132,7 @@ class TestUserWriteStage(TestCase): "component": "ak-stage-access-denied", "error_message": None, "title": "", - "type": ChallengeTypes.native.value, + "type": ChallengeTypes.NATIVE.value, }, ) diff --git a/pyproject.toml b/pyproject.toml index 12962af8b..6dcfd6a0d 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -41,3 +41,38 @@ exclude_lines = [ "if __name__ == .__main__.:", ] show_missing = true + +[tool.pylint.master] +disable =[ + "arguments-differ", + "no-self-use", + "fixme", + "locally-disabled", + "too-many-ancestors", + "too-few-public-methods", + "import-outside-toplevel", + "bad-continuation", + "signature-differs", + "similarities", + "cyclic-import", + "protected-access", + "raise-missing-from",] + +load-plugins=["pylint_django","pylint.extensions.bad_builtin"] +django-settings-module="authentik.root.settings" +extension-pkg-whitelist=["lxml","xmlsec"] + +# Allow constants to be shorter than normal (and lowercase, for settings.py) +const-rgx="[a-zA-Z0-9_]{1,40}$" + +ignored-modules=["django-otp"] +generated-members=["xmlsec.constants.*","xmlsec.tree.*","xmlsec.template.*"] +ignore="migrations" +max-attributes=12 +max-branches=20 + +[tool.pytest.ini_options] +DJANGO_SETTINGS_MODULE = "authentik.root.settings" +python_files = ["tests.py", "test_*.py", "*_tests.py"] +junit_family = "xunit2" +addopts = "-p no:celery --junitxml=unittest.xml" diff --git a/pytest.ini b/pytest.ini deleted file mode 100644 index 59ca91fc1..000000000 --- a/pytest.ini +++ /dev/null @@ -1,5 +0,0 @@ -[pytest] -DJANGO_SETTINGS_MODULE = authentik.root.settings -python_files = tests.py test_*.py *_tests.py -junit_family = xunit2 -addopts = -p no:celery --junitxml=unittest.xml diff --git a/setup.cfg b/setup.cfg deleted file mode 100644 index ab259ac2d..000000000 --- a/setup.cfg +++ /dev/null @@ -1,3 +0,0 @@ -[pycodestyle] -ignore = E731,E121,W503 -max-line-length = 100 diff --git a/swagger.yaml b/swagger.yaml index 27d16815e..249a99719 100755 --- a/swagger.yaml +++ b/swagger.yaml @@ -11619,9 +11619,9 @@ definitions: title: Type type: string enum: - - native - - shell - - redirect + - NATIVE + - SHELL + - REDIRECT component: title: Component type: string diff --git a/tests/e2e/test_source_saml.py b/tests/e2e/test_source_saml.py index 413b3e69a..92faf70da 100644 --- a/tests/e2e/test_source_saml.py +++ b/tests/e2e/test_source_saml.py @@ -124,7 +124,7 @@ class TestSourceSAML(SeleniumTestCase): pre_authentication_flow=pre_authentication_flow, issuer="entity-id", sso_url="http://localhost:8080/simplesaml/saml2/idp/SSOService.php", - binding_type=SAMLBindingTypes.Redirect, + binding_type=SAMLBindingTypes.REDIRECT, signing_kp=keypair, )