stages: always use get_pending_user instead of getting context user

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens Langhammer 2023-01-19 17:57:21 +01:00
parent 92090ced9f
commit fc8fe5317a
No known key found for this signature in database
4 changed files with 3 additions and 23 deletions

View file

@ -1,5 +1,5 @@
"""Duo stage"""
from django.http import HttpRequest, HttpResponse
from django.http import HttpResponse
from django.utils.timezone import now
from rest_framework.fields import CharField
@ -10,7 +10,6 @@ from authentik.flows.challenge import (
ChallengeTypes,
WithUserInfoChallenge,
)
from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER
from authentik.flows.stage import ChallengeStageView
from authentik.flows.views.executor import InvalidStageError
from authentik.stages.authenticator_duo.models import AuthenticatorDuoStage, DuoDevice
@ -68,13 +67,6 @@ class AuthenticatorDuoStageView(ChallengeStageView):
}
)
def get(self, request: HttpRequest, *args, **kwargs) -> HttpResponse:
user = self.executor.plan.context.get(PLAN_CONTEXT_PENDING_USER)
if not user:
self.logger.debug("No pending user, continuing")
return self.executor.stage_ok()
return super().get(request, *args, **kwargs)
def challenge_valid(self, response: ChallengeResponse) -> HttpResponse:
# Duo Challenge has already been validated
stage: AuthenticatorDuoStage = self.executor.current_stage

View file

@ -14,7 +14,6 @@ from authentik.flows.challenge import (
ChallengeTypes,
WithUserInfoChallenge,
)
from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER
from authentik.flows.stage import ChallengeStageView
from authentik.stages.authenticator_sms.models import (
AuthenticatorSMSStage,
@ -95,10 +94,7 @@ class AuthenticatorSMSStageView(ChallengeStageView):
return response
def get(self, request: HttpRequest, *args, **kwargs) -> HttpResponse:
user = self.executor.plan.context.get(PLAN_CONTEXT_PENDING_USER)
if not user:
self.logger.debug("No pending user, continuing")
return self.executor.stage_ok()
user = self.get_pending_user()
# Currently, this stage only supports one device per user. If the user already
# has a device, just skip to the next stage

View file

@ -376,7 +376,7 @@ class AuthenticatorValidateStageView(ChallengeStageView):
def challenge_valid(self, response: AuthenticatorValidationChallengeResponse) -> HttpResponse:
# All validation is done by the serializer
user = self.executor.plan.context.get(PLAN_CONTEXT_PENDING_USER)
user = self.get_pending_user()
if not user:
if "webauthn" not in response.data:
return self.executor.stage_invalid()

View file

@ -26,7 +26,6 @@ from authentik.flows.challenge import (
ChallengeTypes,
WithUserInfoChallenge,
)
from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER
from authentik.flows.stage import ChallengeStageView
from authentik.stages.authenticator_webauthn.models import AuthenticateWebAuthnStage, WebAuthnDevice
from authentik.stages.authenticator_webauthn.utils import get_origin, get_rp_id
@ -113,13 +112,6 @@ class AuthenticatorWebAuthnStageView(ChallengeStageView):
}
)
def get(self, request: HttpRequest, *args, **kwargs) -> HttpResponse:
user = self.executor.plan.context.get(PLAN_CONTEXT_PENDING_USER)
if not user:
self.logger.debug("No pending user, continuing")
return self.executor.stage_ok()
return super().get(request, *args, **kwargs)
def get_response_instance(self, data: QueryDict) -> AuthenticatorWebAuthnChallengeResponse:
response: AuthenticatorWebAuthnChallengeResponse = super().get_response_instance(data)
response.request = self.request