trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

build(deps-dev): bump pylint from 2.7.2 to 2.7.3 (#674) 

* build(deps-dev): bump pylint from 2.7.2 to 2.7.3

Bumps [pylint](https://github.com/PyCQA/pylint) from 2.7.2 to 2.7.3.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/master/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/pylint-2.7.2...pylint-2.7.3)

Signed-off-by: dependabot[bot] <support@github.com>

* sources/saml: fix linting for SAMLBindingTypes.Redirect

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* sources/oauth: Fix linting for RequestKind

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* flows: fix linting for ChallengeTypes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
dependabot[bot] 2021-03-30 10:05:14 +02:00 committed by GitHub
parent 59f5846d1a
commit c180a521ec
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
42 changed files with 120 additions and 134 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
.prospector.yaml
View File

@ -1,12 +0,0 @@
strictness: medium
test-warnings: true
doc-warnings: false
ignore-paths:
- migrations
- docs
- node_modules
uses:
- django
- celery

29
.pylintrc
View File

@ -1,29 +0,0 @@
[MASTER]
disable =
arguments-differ,
no-self-use,
fixme,
locally-disabled,
too-many-ancestors,
too-few-public-methods,
import-outside-toplevel,
bad-continuation,
signature-differs,
similarities,
cyclic-import,
protected-access,
raise-missing-from
load-plugins=pylint_django,pylint.extensions.bad_builtin
django-settings-module=authentik.root.settings
extension-pkg-whitelist=lxml,xmlsec
# Allow constants to be shorter than normal (and lowercase, for settings.py)
const-rgx=[a-zA-Z0-9_]{1,40}$
ignored-modules=django-otp
generated-members=xmlsec.constants.*,xmlsec.tree.*,xmlsec.template.*
ignore=migrations
max-attributes=12
max-branches=20

52
Pipfile.lock generated
View File

@ -122,8 +122,8 @@
}, },
"boto3": { "boto3": {
"hashes": [ "hashes": [
"sha256:ee999b46b2c630e50e7b052d6dfe224203a348d83b00e168ca50009af0f276c1", "sha256:54380395ba52502a9877cd0c4c9c9834341ce74c96c9f1ecc6fd77bade1b201a",
"sha256:54380395ba52502a9877cd0c4c9c9834341ce74c96c9f1ecc6fd77bade1b201a" "sha256:ee999b46b2c630e50e7b052d6dfe224203a348d83b00e168ca50009af0f276c1"
], ],
"index": "pypi", "index": "pypi",
"version": "==1.17.40" "version": "==1.17.40"
@ -611,11 +611,11 @@
}, },
"ldap3": { "ldap3": {
"hashes": [ "hashes": [
"sha256:afc6fc0d01f02af82cd7bfabd3bbfd5dc96a6ae91e97db0a2dab8a0f1b436056", "sha256:18c3ee656a6775b9b0d60f7c6c5b094d878d1d90fc03d56731039f0a4b546a91",
"sha256:c1df41d89459be6f304e0ceec4b00fdea533dbbcd83c802b1272dcdb94620b57",
"sha256:8c949edbad2be8a03e719ba48bd6779f327ec156929562814b3e84ab56889c8c",
"sha256:4139c91f0eef9782df7b77c8cbc6243086affcb6a8a249b768a9658438e5da59", "sha256:4139c91f0eef9782df7b77c8cbc6243086affcb6a8a249b768a9658438e5da59",
"sha256:18c3ee656a6775b9b0d60f7c6c5b094d878d1d90fc03d56731039f0a4b546a91" "sha256:8c949edbad2be8a03e719ba48bd6779f327ec156929562814b3e84ab56889c8c",
"sha256:afc6fc0d01f02af82cd7bfabd3bbfd5dc96a6ae91e97db0a2dab8a0f1b436056",
"sha256:c1df41d89459be6f304e0ceec4b00fdea533dbbcd83c802b1272dcdb94620b57"
], ],
"index": "pypi", "index": "pypi",
"version": "==2.9" "version": "==2.9"
@ -877,37 +877,37 @@
}, },
"pyasn1": { "pyasn1": {
"hashes": [ "hashes": [
"sha256:7ab8a544af125fb704feadb008c99a88805126fb525280b2270bb25cc1d78a12",
"sha256:014c0e9976956a08139dc0712ae195324a75e142284d5f87f1a87ee1b068a359", "sha256:014c0e9976956a08139dc0712ae195324a75e142284d5f87f1a87ee1b068a359",
"sha256:99fcc3c8d804d1bc6d9a099921e39d827026409a58f2a720dcdb89374ea0c776",
"sha256:6e7545f1a61025a4e58bb336952c5061697da694db1cae97b116e9c46abcf7c8",
"sha256:fec3e9d8e36808a28efb59b489e4528c10ad0f480e57dcc32b4de5c9d8c9fdf3",
"sha256:78fa6da68ed2727915c4767bb386ab32cdba863caa7dbe473eaae45f9959da86",
"sha256:aef77c9fb94a3ac588e87841208bdec464471d9871bd5050a287cc9a475cd0ba",
"sha256:08c3c53b75eaa48d71cf8c710312316392ed40899cb34710d092e96745a358b7",
"sha256:e89bf84b5437b532b0803ba5c9a5e054d21fec423a89952a74f87fa2c9b7bce2",
"sha256:5c9414dcfede6e441f7e8f81b43b34e834731003427e5b09e4e00e3172a10f00",
"sha256:03840c999ba71680a131cfaee6fab142e1ed9bbd9c693e285cc6aca0d555e576", "sha256:03840c999ba71680a131cfaee6fab142e1ed9bbd9c693e285cc6aca0d555e576",
"sha256:0458773cfe65b153891ac249bcf1b5f8f320b7c2ce462151f8fa74de8934becf", "sha256:0458773cfe65b153891ac249bcf1b5f8f320b7c2ce462151f8fa74de8934becf",
"sha256:39c7e2ec30515947ff4e87fb6f456dfc6e84857d34be479c9d4a4ba4bf46aa5d" "sha256:08c3c53b75eaa48d71cf8c710312316392ed40899cb34710d092e96745a358b7",
"sha256:39c7e2ec30515947ff4e87fb6f456dfc6e84857d34be479c9d4a4ba4bf46aa5d",
"sha256:5c9414dcfede6e441f7e8f81b43b34e834731003427e5b09e4e00e3172a10f00",
"sha256:6e7545f1a61025a4e58bb336952c5061697da694db1cae97b116e9c46abcf7c8",
"sha256:78fa6da68ed2727915c4767bb386ab32cdba863caa7dbe473eaae45f9959da86",
"sha256:7ab8a544af125fb704feadb008c99a88805126fb525280b2270bb25cc1d78a12",
"sha256:99fcc3c8d804d1bc6d9a099921e39d827026409a58f2a720dcdb89374ea0c776",
"sha256:aef77c9fb94a3ac588e87841208bdec464471d9871bd5050a287cc9a475cd0ba",
"sha256:e89bf84b5437b532b0803ba5c9a5e054d21fec423a89952a74f87fa2c9b7bce2",
"sha256:fec3e9d8e36808a28efb59b489e4528c10ad0f480e57dcc32b4de5c9d8c9fdf3"
], ],
"version": "==0.4.8" "version": "==0.4.8"
}, },
"pyasn1-modules": { "pyasn1-modules": {
"hashes": [ "hashes": [
"sha256:b80486a6c77252ea3a3e9b1e360bc9cf28eaac41263d173c032581ad2f20fe45", "sha256:0845a5582f6a02bb3e1bde9ecfc4bfcae6ec3210dd270522fee602365430c3f8",
"sha256:0fe1b68d1e486a1ed5473f1302bd991c1611d319bba158e98b106ff86e1d7199",
"sha256:15b7c67fabc7fc240d87fb9aabf999cf82311a6d6fb2c70d00d3d0604878c811",
"sha256:426edb7a5e8879f1ec54a1864f16b882c2837bfd06eee62f2c982315ee2473ed",
"sha256:65cebbaffc913f4fe9e4808735c95ea22d7a7775646ab690518c056784bc21b4",
"sha256:905f84c712230b2c592c19470d3ca8d552de726050d1d1716282a1f6146be65e",
"sha256:a50b808ffeb97cb3601dd25981f6b016cbb3d31fbf57a8b8a87428e6158d0c74", "sha256:a50b808ffeb97cb3601dd25981f6b016cbb3d31fbf57a8b8a87428e6158d0c74",
"sha256:a99324196732f53093a84c4369c996713eb8c89d360a496b599fb1a9c47fc3eb", "sha256:a99324196732f53093a84c4369c996713eb8c89d360a496b599fb1a9c47fc3eb",
"sha256:b80486a6c77252ea3a3e9b1e360bc9cf28eaac41263d173c032581ad2f20fe45",
"sha256:c29a5e5cc7a3f05926aff34e097e84f8589cd790ce0ed41b67aed6857b26aafd", "sha256:c29a5e5cc7a3f05926aff34e097e84f8589cd790ce0ed41b67aed6857b26aafd",
"sha256:cbac4bc38d117f2a49aeedec4407d23e8866ea4ac27ff2cf7fb3e5b570df19e0", "sha256:cbac4bc38d117f2a49aeedec4407d23e8866ea4ac27ff2cf7fb3e5b570df19e0",
"sha256:fe0644d9ab041506b62782e92b06b8c68cca799e1a9636ec398675459e031405",
"sha256:0845a5582f6a02bb3e1bde9ecfc4bfcae6ec3210dd270522fee602365430c3f8",
"sha256:f39edd8c4ecaa4556e989147ebf219227e2cd2e8a43c7e7fcb1f1c18c5fd6a3d", "sha256:f39edd8c4ecaa4556e989147ebf219227e2cd2e8a43c7e7fcb1f1c18c5fd6a3d",
"sha256:65cebbaffc913f4fe9e4808735c95ea22d7a7775646ab690518c056784bc21b4", "sha256:fe0644d9ab041506b62782e92b06b8c68cca799e1a9636ec398675459e031405"
"sha256:426edb7a5e8879f1ec54a1864f16b882c2837bfd06eee62f2c982315ee2473ed",
"sha256:905f84c712230b2c592c19470d3ca8d552de726050d1d1716282a1f6146be65e",
"sha256:0fe1b68d1e486a1ed5473f1302bd991c1611d319bba158e98b106ff86e1d7199",
"sha256:15b7c67fabc7fc240d87fb9aabf999cf82311a6d6fb2c70d00d3d0604878c811"
], ],
"version": "==0.2.8" "version": "==0.2.8"
}, },
@ -1103,9 +1103,9 @@
}, },
"requests-oauthlib": { "requests-oauthlib": {
"hashes": [ "hashes": [
"sha256:7f71572defaecd16372f9006f33c2ec8c077c3cfa6f5911a9a90202beb513f3d",
"sha256:b4261601a71fd721a8bd6d7aa1cc1d6a8a93b4a9f5e96626f8e4d91e8beeaa6a", "sha256:b4261601a71fd721a8bd6d7aa1cc1d6a8a93b4a9f5e96626f8e4d91e8beeaa6a",
"sha256:fa6c47b933f01060936d87ae9327fead68768b69c6c9ea2109c48be30f2d4dbc", "sha256:fa6c47b933f01060936d87ae9327fead68768b69c6c9ea2109c48be30f2d4dbc"
"sha256:7f71572defaecd16372f9006f33c2ec8c077c3cfa6f5911a9a90202beb513f3d"
], ],
"index": "pypi", "index": "pypi",
"version": "==1.3.0" "version": "==1.3.0"

6
authentik/flows/challenge.py
View File

@ -16,9 +16,9 @@ if TYPE_CHECKING:
class ChallengeTypes(Enum): class ChallengeTypes(Enum):
"""Currently defined challenge types""" """Currently defined challenge types"""
native = "native" NATIVE = "native"
shell = "shell" SHELL = "shell"
redirect = "redirect" REDIRECT = "redirect"
class ErrorDetailSerializer(Serializer): class ErrorDetailSerializer(Serializer):

6
authentik/flows/tests/test_views.py
View File

@ -94,7 +94,7 @@ class TestFlowExecutor(TestCase):
"component": "ak-stage-access-denied", "component": "ak-stage-access-denied",
"error_message": FlowNonApplicableException.__doc__, "error_message": FlowNonApplicableException.__doc__,
"title": "", "title": "",
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
}, },
) )
@ -415,7 +415,7 @@ class TestFlowExecutor(TestCase):
force_str(response.content), force_str(response.content),
{ {
"background": flow.background.url, "background": flow.background.url,
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-dummy", "component": "ak-stage-dummy",
"title": binding.stage.name, "title": binding.stage.name,
}, },
@ -446,7 +446,7 @@ class TestFlowExecutor(TestCase):
force_str(response.content), force_str(response.content),
{ {
"background": flow.background.url, "background": flow.background.url,
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-dummy", "component": "ak-stage-dummy",
"title": binding4.stage.name, "title": binding4.stage.name,
}, },

8
authentik/flows/views.py
View File

@ -241,7 +241,7 @@ class FlowExecutorView(APIView):
{ {
"error_message": error_message, "error_message": error_message,
"title": self.flow.title, "title": self.flow.title,
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-access-denied", "component": "ak-stage-access-denied",
} }
) )
@ -334,14 +334,14 @@ def to_stage_response(request: HttpRequest, source: HttpResponse) -> HttpRespons
) )
return HttpChallengeResponse( return HttpChallengeResponse(
RedirectChallenge( RedirectChallenge(
{"type": ChallengeTypes.redirect, "to": str(redirect_url)} {"type": ChallengeTypes.REDIRECT, "to": str(redirect_url)}
) )
) )
if isinstance(source, TemplateResponse): if isinstance(source, TemplateResponse):
return HttpChallengeResponse( return HttpChallengeResponse(
ShellChallenge( ShellChallenge(
{ {
"type": ChallengeTypes.shell, "type": ChallengeTypes.SHELL,
"body": source.render().content.decode("utf-8"), "body": source.render().content.decode("utf-8"),
} }
) )
@ -351,7 +351,7 @@ def to_stage_response(request: HttpRequest, source: HttpResponse) -> HttpRespons
return HttpChallengeResponse( return HttpChallengeResponse(
ShellChallenge( ShellChallenge(
{ {
"type": ChallengeTypes.shell, "type": ChallengeTypes.SHELL,
"body": source.content.decode("utf-8"), "body": source.content.decode("utf-8"),
} }
) )

2
authentik/providers/saml/views/flows.py
View File

@ -74,7 +74,7 @@ class SAMLFlowFinalView(ChallengeStageView):
return super().get( return super().get(
self.request, self.request,
**{ **{
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-autosubmit", "component": "ak-stage-autosubmit",
"title": "Redirecting to %(app)s..." % {"app": application.name}, "title": "Redirecting to %(app)s..." % {"app": application.name},
"url": provider.acs_url, "url": provider.acs_url,

2
authentik/sources/oauth/types/azure_ad.py
View File

@ -7,7 +7,7 @@ from authentik.sources.oauth.types.manager import MANAGER, RequestKind
from authentik.sources.oauth.views.callback import OAuthCallback from authentik.sources.oauth.views.callback import OAuthCallback
@MANAGER.source(kind=RequestKind.callback, name="Azure AD") @MANAGER.source(kind=RequestKind.CALLBACK, name="Azure AD")
class AzureADOAuthCallback(OAuthCallback): class AzureADOAuthCallback(OAuthCallback):
"""AzureAD OAuth2 Callback""" """AzureAD OAuth2 Callback"""

4
authentik/sources/oauth/types/discord.py
View File

@ -7,7 +7,7 @@ from authentik.sources.oauth.views.callback import OAuthCallback
from authentik.sources.oauth.views.redirect import OAuthRedirect from authentik.sources.oauth.views.redirect import OAuthRedirect
@MANAGER.source(kind=RequestKind.redirect, name="Discord") @MANAGER.source(kind=RequestKind.REDIRECT, name="Discord")
class DiscordOAuthRedirect(OAuthRedirect): class DiscordOAuthRedirect(OAuthRedirect):
"""Discord OAuth2 Redirect""" """Discord OAuth2 Redirect"""
@ -17,7 +17,7 @@ class DiscordOAuthRedirect(OAuthRedirect):
} }
@MANAGER.source(kind=RequestKind.callback, name="Discord") @MANAGER.source(kind=RequestKind.CALLBACK, name="Discord")
class DiscordOAuth2Callback(OAuthCallback): class DiscordOAuth2Callback(OAuthCallback):
"""Discord OAuth2 Callback""" """Discord OAuth2 Callback"""

4
authentik/sources/oauth/types/facebook.py
View File

@ -10,7 +10,7 @@ from authentik.sources.oauth.views.callback import OAuthCallback
from authentik.sources.oauth.views.redirect import OAuthRedirect from authentik.sources.oauth.views.redirect import OAuthRedirect
@MANAGER.source(kind=RequestKind.redirect, name="Facebook") @MANAGER.source(kind=RequestKind.REDIRECT, name="Facebook")
class FacebookOAuthRedirect(OAuthRedirect): class FacebookOAuthRedirect(OAuthRedirect):
"""Facebook OAuth2 Redirect""" """Facebook OAuth2 Redirect"""
@ -28,7 +28,7 @@ class FacebookOAuth2Client(OAuth2Client):
return api.get_object("me", fields="id,name,email") return api.get_object("me", fields="id,name,email")
@MANAGER.source(kind=RequestKind.callback, name="Facebook") @MANAGER.source(kind=RequestKind.CALLBACK, name="Facebook")
class FacebookOAuth2Callback(OAuthCallback): class FacebookOAuth2Callback(OAuthCallback):
"""Facebook OAuth2 Callback""" """Facebook OAuth2 Callback"""

2
authentik/sources/oauth/types/github.py
View File

@ -6,7 +6,7 @@ from authentik.sources.oauth.types.manager import MANAGER, RequestKind
from authentik.sources.oauth.views.callback import OAuthCallback from authentik.sources.oauth.views.callback import OAuthCallback
@MANAGER.source(kind=RequestKind.callback, name="GitHub") @MANAGER.source(kind=RequestKind.CALLBACK, name="GitHub")
class GitHubOAuth2Callback(OAuthCallback): class GitHubOAuth2Callback(OAuthCallback):
"""GitHub OAuth2 Callback""" """GitHub OAuth2 Callback"""

4
authentik/sources/oauth/types/google.py
View File

@ -7,7 +7,7 @@ from authentik.sources.oauth.views.callback import OAuthCallback
from authentik.sources.oauth.views.redirect import OAuthRedirect from authentik.sources.oauth.views.redirect import OAuthRedirect
@MANAGER.source(kind=RequestKind.redirect, name="Google") @MANAGER.source(kind=RequestKind.REDIRECT, name="Google")
class GoogleOAuthRedirect(OAuthRedirect): class GoogleOAuthRedirect(OAuthRedirect):
"""Google OAuth2 Redirect""" """Google OAuth2 Redirect"""
@ -17,7 +17,7 @@ class GoogleOAuthRedirect(OAuthRedirect):
} }
@MANAGER.source(kind=RequestKind.callback, name="Google") @MANAGER.source(kind=RequestKind.CALLBACK, name="Google")
class GoogleOAuth2Callback(OAuthCallback): class GoogleOAuth2Callback(OAuthCallback):
"""Google OAuth2 Callback""" """Google OAuth2 Callback"""

8
authentik/sources/oauth/types/manager.py
View File

@ -15,8 +15,8 @@ LOGGER = get_logger()
class RequestKind(Enum): class RequestKind(Enum):
"""Enum of OAuth Request types""" """Enum of OAuth Request types"""
callback = "callback" CALLBACK = "callback"
redirect = "redirect" REDIRECT = "redirect"
class SourceTypeManager: class SourceTypeManager:
@ -52,9 +52,9 @@ class SourceTypeManager:
have=self.__source_types[kind.value].keys(), have=self.__source_types[kind.value].keys(),
) )
# Return defaults # Return defaults
if kind == RequestKind.callback: if kind == RequestKind.CALLBACK:
return OAuthCallback return OAuthCallback
if kind == RequestKind.redirect: if kind == RequestKind.REDIRECT:
return OAuthRedirect return OAuthRedirect
raise KeyError( raise KeyError(
f"Provider Type {source.provider_type} (type {kind.value}) not found." f"Provider Type {source.provider_type} (type {kind.value}) not found."

4
authentik/sources/oauth/types/oidc.py
View File

@ -7,7 +7,7 @@ from authentik.sources.oauth.views.callback import OAuthCallback
from authentik.sources.oauth.views.redirect import OAuthRedirect from authentik.sources.oauth.views.redirect import OAuthRedirect
@MANAGER.source(kind=RequestKind.redirect, name="OpenID Connect") @MANAGER.source(kind=RequestKind.REDIRECT, name="OpenID Connect")
class OpenIDConnectOAuthRedirect(OAuthRedirect): class OpenIDConnectOAuthRedirect(OAuthRedirect):
"""OpenIDConnect OAuth2 Redirect""" """OpenIDConnect OAuth2 Redirect"""
@ -17,7 +17,7 @@ class OpenIDConnectOAuthRedirect(OAuthRedirect):
} }
@MANAGER.source(kind=RequestKind.callback, name="OpenID Connect") @MANAGER.source(kind=RequestKind.CALLBACK, name="OpenID Connect")
class OpenIDConnectOAuth2Callback(OAuthCallback): class OpenIDConnectOAuth2Callback(OAuthCallback):
"""OpenIDConnect OAuth2 Callback""" """OpenIDConnect OAuth2 Callback"""

4
authentik/sources/oauth/types/reddit.py
View File

@ -10,7 +10,7 @@ from authentik.sources.oauth.views.callback import OAuthCallback
from authentik.sources.oauth.views.redirect import OAuthRedirect from authentik.sources.oauth.views.redirect import OAuthRedirect
@MANAGER.source(kind=RequestKind.redirect, name="reddit") @MANAGER.source(kind=RequestKind.REDIRECT, name="reddit")
class RedditOAuthRedirect(OAuthRedirect): class RedditOAuthRedirect(OAuthRedirect):
"""Reddit OAuth2 Redirect""" """Reddit OAuth2 Redirect"""
@ -30,7 +30,7 @@ class RedditOAuth2Client(OAuth2Client):
return super().get_access_token(auth=auth) return super().get_access_token(auth=auth)
@MANAGER.source(kind=RequestKind.callback, name="reddit") @MANAGER.source(kind=RequestKind.CALLBACK, name="reddit")
class RedditOAuth2Callback(OAuthCallback): class RedditOAuth2Callback(OAuthCallback):
"""Reddit OAuth2 Callback""" """Reddit OAuth2 Callback"""

2
authentik/sources/oauth/types/twitter.py
View File

@ -6,7 +6,7 @@ from authentik.sources.oauth.types.manager import MANAGER, RequestKind
from authentik.sources.oauth.views.callback import OAuthCallback from authentik.sources.oauth.views.callback import OAuthCallback
@MANAGER.source(kind=RequestKind.callback, name="Twitter") @MANAGER.source(kind=RequestKind.CALLBACK, name="Twitter")
class TwitterOAuthCallback(OAuthCallback): class TwitterOAuthCallback(OAuthCallback):
"""Twitter OAuth2 Callback""" """Twitter OAuth2 Callback"""

4
authentik/sources/oauth/urls.py
View File

@ -8,12 +8,12 @@ from authentik.sources.oauth.views.dispatcher import DispatcherView
urlpatterns = [ urlpatterns = [
path( path(
"login/<slug:source_slug>/", "login/<slug:source_slug>/",
DispatcherView.as_view(kind=RequestKind.redirect), DispatcherView.as_view(kind=RequestKind.REDIRECT),
name="oauth-client-login", name="oauth-client-login",
), ),
path( path(
"callback/<slug:source_slug>/", "callback/<slug:source_slug>/",
DispatcherView.as_view(kind=RequestKind.callback), DispatcherView.as_view(kind=RequestKind.CALLBACK),
name="oauth-client-callback", name="oauth-client-callback",
), ),
] ]

4
authentik/sources/saml/models.py
View File

@ -34,7 +34,7 @@ from authentik.sources.saml.processors.constants import (
class SAMLBindingTypes(models.TextChoices): class SAMLBindingTypes(models.TextChoices):
"""SAML Binding types""" """SAML Binding types"""
Redirect = "REDIRECT", _("Redirect Binding") REDIRECT = "REDIRECT", _("Redirect Binding")
POST = "POST", _("POST Binding") POST = "POST", _("POST Binding")
POST_AUTO = "POST_AUTO", _("POST Binding with auto-confirmation") POST_AUTO = "POST_AUTO", _("POST Binding with auto-confirmation")
@ -95,7 +95,7 @@ class SAMLSource(Source):
binding_type = models.CharField( binding_type = models.CharField(
max_length=100, max_length=100,
choices=SAMLBindingTypes.choices, choices=SAMLBindingTypes.choices,
default=SAMLBindingTypes.Redirect, default=SAMLBindingTypes.REDIRECT,
) )
temporary_user_delete_after = models.TextField( temporary_user_delete_after = models.TextField(

4
authentik/sources/saml/views.py
View File

@ -50,7 +50,7 @@ class AutosubmitStageView(ChallengeStageView):
def get_challenge(self, *args, **kwargs) -> Challenge: def get_challenge(self, *args, **kwargs) -> Challenge:
return AutosubmitChallenge( return AutosubmitChallenge(
data={ data={
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-autosubmit", "component": "ak-stage-autosubmit",
"title": self.executor.plan.context.get(PLAN_CONTEXT_TITLE, ""), "title": self.executor.plan.context.get(PLAN_CONTEXT_TITLE, ""),
"url": self.executor.plan.context.get(PLAN_CONTEXT_URL, ""), "url": self.executor.plan.context.get(PLAN_CONTEXT_URL, ""),
@ -103,7 +103,7 @@ class InitiateView(View):
relay_state = request.GET.get("next", "") relay_state = request.GET.get("next", "")
auth_n_req = RequestProcessor(source, request, relay_state) auth_n_req = RequestProcessor(source, request, relay_state)
# If the source is configured for Redirect bindings, we can just redirect there # If the source is configured for Redirect bindings, we can just redirect there
if source.binding_type == SAMLBindingTypes.Redirect: if source.binding_type == SAMLBindingTypes.REDIRECT:
url_args = urlencode(auth_n_req.build_auth_n_detached()) url_args = urlencode(auth_n_req.build_auth_n_detached())
return redirect(f"{source.sso_url}?{url_args}") return redirect(f"{source.sso_url}?{url_args}")
# As POST Binding we show a form # As POST Binding we show a form

2
authentik/stages/authenticator_static/stage.py
View File

@ -31,7 +31,7 @@ class AuthenticatorStaticStageView(ChallengeStageView):
tokens: list[StaticToken] = self.request.session[SESSION_STATIC_TOKENS] tokens: list[StaticToken] = self.request.session[SESSION_STATIC_TOKENS]
return AuthenticatorStaticChallenge( return AuthenticatorStaticChallenge(
data={ data={
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-authenticator-static", "component": "ak-stage-authenticator-static",
"codes": [token.token for token in tokens], "codes": [token.token for token in tokens],
} }

2
authentik/stages/authenticator_totp/stage.py
View File

@ -51,7 +51,7 @@ class AuthenticatorTOTPStageView(ChallengeStageView):
device: TOTPDevice = self.request.session[SESSION_TOTP_DEVICE] device: TOTPDevice = self.request.session[SESSION_TOTP_DEVICE]
return AuthenticatorTOTPChallenge( return AuthenticatorTOTPChallenge(
data={ data={
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-authenticator-totp", "component": "ak-stage-authenticator-totp",
"config_url": device.config_url, "config_url": device.config_url,
} }

2
authentik/stages/authenticator_validate/stage.py
View File

@ -145,7 +145,7 @@ class AuthenticatorValidateStageView(ChallengeStageView):
challenges = self.request.session["device_challenges"] challenges = self.request.session["device_challenges"]
return AuthenticatorChallenge( return AuthenticatorChallenge(
data={ data={
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-authenticator-validate", "component": "ak-stage-authenticator-validate",
"device_challenges": challenges, "device_challenges": challenges,
} }

2
authentik/stages/authenticator_webauthn/stage.py
View File

@ -128,7 +128,7 @@ class AuthenticatorWebAuthnStageView(ChallengeStageView):
return AuthenticatorWebAuthnChallenge( return AuthenticatorWebAuthnChallenge(
data={ data={
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-authenticator-webauthn", "component": "ak-stage-authenticator-webauthn",
"registration": registration_dict, "registration": registration_dict,
} }

2
authentik/stages/captcha/stage.py
View File

@ -63,7 +63,7 @@ class CaptchaStageView(ChallengeStageView):
def get_challenge(self, *args, **kwargs) -> Challenge: def get_challenge(self, *args, **kwargs) -> Challenge:
return CaptchaChallenge( return CaptchaChallenge(
data={ data={
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-captcha", "component": "ak-stage-captcha",
"site_key": self.executor.current_stage.public_key, "site_key": self.executor.current_stage.public_key,
} }

2
authentik/stages/consent/stage.py
View File

@ -39,7 +39,7 @@ class ConsentStageView(ChallengeStageView):
def get_challenge(self) -> Challenge: def get_challenge(self) -> Challenge:
challenge = ConsentChallenge( challenge = ConsentChallenge(
data={ data={
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-consent", "component": "ak-stage-consent",
} }
) )

2
authentik/stages/deny/tests.py
View File

@ -49,7 +49,7 @@ class TestUserDenyStage(TestCase):
"component": "ak-stage-access-denied", "component": "ak-stage-access-denied",
"error_message": None, "error_message": None,
"title": "", "title": "",
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
}, },
) )

2
authentik/stages/dummy/stage.py
View File

@ -24,7 +24,7 @@ class DummyStageView(ChallengeStageView):
def get_challenge(self, *args, **kwargs) -> Challenge: def get_challenge(self, *args, **kwargs) -> Challenge:
return DummyChallenge( return DummyChallenge(
data={ data={
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-dummy", "component": "ak-stage-dummy",
"title": self.executor.current_stage.name, "title": self.executor.current_stage.name,
} }

2
authentik/stages/email/stage.py
View File

@ -96,7 +96,7 @@ class EmailStageView(ChallengeStageView):
def get_challenge(self) -> Challenge: def get_challenge(self) -> Challenge:
challenge = EmailChallenge( challenge = EmailChallenge(
data={ data={
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-email", "component": "ak-stage-email",
"title": "Email sent.", "title": "Email sent.",
} }

2
authentik/stages/identification/stage.py
View File

@ -78,7 +78,7 @@ class IdentificationStageView(ChallengeStageView):
current_stage: IdentificationStage = self.executor.current_stage current_stage: IdentificationStage = self.executor.current_stage
challenge = IdentificationChallenge( challenge = IdentificationChallenge(
data={ data={
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-identification", "component": "ak-stage-identification",
"primary_action": _("Log in"), "primary_action": _("Log in"),
"input_type": "text", "input_type": "text",

4
authentik/stages/identification/tests.py
View File

@ -104,7 +104,7 @@ class TestIdentificationStage(TestCase):
force_str(response.content), force_str(response.content),
{ {
"background": flow.background.url, "background": flow.background.url,
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-identification", "component": "ak-stage-identification",
"input_type": "email", "input_type": "email",
"enroll_url": reverse( "enroll_url": reverse(
@ -147,7 +147,7 @@ class TestIdentificationStage(TestCase):
force_str(response.content), force_str(response.content),
{ {
"background": flow.background.url, "background": flow.background.url,
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-identification", "component": "ak-stage-identification",
"input_type": "email", "input_type": "email",
"recovery_url": reverse( "recovery_url": reverse(

2
authentik/stages/invitation/tests.py
View File

@ -67,7 +67,7 @@ class TestUserLoginStage(TestCase):
"component": "ak-stage-access-denied", "component": "ak-stage-access-denied",
"error_message": None, "error_message": None,
"title": "", "title": "",
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
}, },
) )

2
authentik/stages/password/stage.py
View File

@ -78,7 +78,7 @@ class PasswordStageView(ChallengeStageView):
def get_challenge(self) -> Challenge: def get_challenge(self) -> Challenge:
challenge = PasswordChallenge( challenge = PasswordChallenge(
data={ data={
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-password", "component": "ak-stage-password",
} }
) )

4
authentik/stages/password/tests.py
View File

@ -72,7 +72,7 @@ class TestPasswordStage(TestCase):
"component": "ak-stage-access-denied", "component": "ak-stage-access-denied",
"error_message": None, "error_message": None,
"title": "", "title": "",
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
}, },
) )
@ -206,6 +206,6 @@ class TestPasswordStage(TestCase):
"component": "ak-stage-access-denied", "component": "ak-stage-access-denied",
"error_message": None, "error_message": None,
"title": "", "title": "",
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
}, },
) )

2
authentik/stages/prompt/stage.py
View File

@ -164,7 +164,7 @@ class PromptStageView(ChallengeStageView):
fields = list(self.executor.current_stage.fields.all().order_by("order")) fields = list(self.executor.current_stage.fields.all().order_by("order"))
challenge = PromptChallenge( challenge = PromptChallenge(
data={ data={
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-prompt", "component": "ak-stage-prompt",
"fields": [PromptSerializer(field).data for field in fields], "fields": [PromptSerializer(field).data for field in fields],
}, },

2
authentik/stages/user_delete/tests.py
View File

@ -55,7 +55,7 @@ class TestUserDeleteStage(TestCase):
"component": "ak-stage-access-denied", "component": "ak-stage-access-denied",
"error_message": None, "error_message": None,
"title": "", "title": "",
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
}, },
) )

4
authentik/stages/user_login/tests.py
View File

@ -80,7 +80,7 @@ class TestUserLoginStage(TestCase):
"component": "ak-stage-access-denied", "component": "ak-stage-access-denied",
"error_message": None, "error_message": None,
"title": "", "title": "",
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
}, },
) )
@ -109,7 +109,7 @@ class TestUserLoginStage(TestCase):
"component": "ak-stage-access-denied", "component": "ak-stage-access-denied",
"error_message": None, "error_message": None,
"title": "", "title": "",
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
}, },
) )

2
authentik/stages/user_write/tests.py
View File

@ -132,7 +132,7 @@ class TestUserWriteStage(TestCase):
"component": "ak-stage-access-denied", "component": "ak-stage-access-denied",
"error_message": None, "error_message": None,
"title": "", "title": "",
"type": ChallengeTypes.native.value, "type": ChallengeTypes.NATIVE.value,
}, },
) )

35
pyproject.toml
View File

@ -41,3 +41,38 @@ exclude_lines = [
"if __name__ == .__main__.:", "if __name__ == .__main__.:",
] ]
show_missing = true show_missing = true
[tool.pylint.master]
disable =[
"arguments-differ",
"no-self-use",
"fixme",
"locally-disabled",
"too-many-ancestors",
"too-few-public-methods",
"import-outside-toplevel",
"bad-continuation",
"signature-differs",
"similarities",
"cyclic-import",
"protected-access",
"raise-missing-from",]
load-plugins=["pylint_django","pylint.extensions.bad_builtin"]
django-settings-module="authentik.root.settings"
extension-pkg-whitelist=["lxml","xmlsec"]
# Allow constants to be shorter than normal (and lowercase, for settings.py)
const-rgx="[a-zA-Z0-9_]{1,40}$"
ignored-modules=["django-otp"]
generated-members=["xmlsec.constants.*","xmlsec.tree.*","xmlsec.template.*"]
ignore="migrations"
max-attributes=12
max-branches=20
[tool.pytest.ini_options]
DJANGO_SETTINGS_MODULE = "authentik.root.settings"
python_files = ["tests.py", "test_*.py", "*_tests.py"]
junit_family = "xunit2"
addopts = "-p no:celery --junitxml=unittest.xml"

5
pytest.ini
View File

@ -1,5 +0,0 @@
[pytest]
DJANGO_SETTINGS_MODULE = authentik.root.settings
python_files = tests.py test_*.py *_tests.py
junit_family = xunit2
addopts = -p no:celery --junitxml=unittest.xml

3
setup.cfg
View File

@ -1,3 +0,0 @@
[pycodestyle]
ignore = E731,E121,W503
max-line-length = 100

6
swagger.yaml
View File

@ -11619,9 +11619,9 @@ definitions:
title: Type title: Type
type: string type: string
enum: enum:
- native - NATIVE
- shell - SHELL
- redirect - REDIRECT
component: component:
title: Component title: Component
type: string type: string

2
tests/e2e/test_source_saml.py
View File

@ -124,7 +124,7 @@ class TestSourceSAML(SeleniumTestCase):
pre_authentication_flow=pre_authentication_flow, pre_authentication_flow=pre_authentication_flow,
issuer="entity-id", issuer="entity-id",
sso_url="http://localhost:8080/simplesaml/saml2/idp/SSOService.php", sso_url="http://localhost:8080/simplesaml/saml2/idp/SSOService.php",
binding_type=SAMLBindingTypes.Redirect, binding_type=SAMLBindingTypes.REDIRECT,
signing_kp=keypair, signing_kp=keypair,
) )