providers/saml: fix Autosubmit Challenge
This commit is contained in:
parent
9cdfd8b75a
commit
0958740b51
|
@ -1,12 +1,10 @@
|
||||||
"""authentik SAML IDP Views"""
|
"""authentik SAML IDP Views"""
|
||||||
from django.core.validators import URLValidator
|
from django.core.validators import URLValidator
|
||||||
from django.db.models.fields import CharField
|
|
||||||
from django.http import HttpRequest, HttpResponse
|
from django.http import HttpRequest, HttpResponse
|
||||||
from django.http.response import HttpResponseBadRequest
|
from django.http.response import HttpResponseBadRequest
|
||||||
from django.shortcuts import get_object_or_404, redirect
|
from django.shortcuts import get_object_or_404, redirect
|
||||||
from django.utils.http import urlencode
|
from django.utils.http import urlencode
|
||||||
from django.utils.translation import gettext_lazy as _
|
from rest_framework.fields import CharField, DictField
|
||||||
from rest_framework.fields import DictField
|
|
||||||
from structlog.stdlib import get_logger
|
from structlog.stdlib import get_logger
|
||||||
|
|
||||||
from authentik.core.models import Application
|
from authentik.core.models import Application
|
||||||
|
@ -35,7 +33,7 @@ class AutosubmitChallenge(Challenge):
|
||||||
"""Autosubmit challenge used to send and navigate a POST request"""
|
"""Autosubmit challenge used to send and navigate a POST request"""
|
||||||
|
|
||||||
url = CharField()
|
url = CharField()
|
||||||
attrs = DictField(CharField())
|
attrs = DictField(child=CharField())
|
||||||
|
|
||||||
|
|
||||||
# This View doesn't have a URL on purpose, as its called by the FlowExecutor
|
# This View doesn't have a URL on purpose, as its called by the FlowExecutor
|
||||||
|
@ -73,14 +71,15 @@ class SAMLFlowFinalView(ChallengeStageView):
|
||||||
}
|
}
|
||||||
if auth_n_request.relay_state:
|
if auth_n_request.relay_state:
|
||||||
form_attrs[REQUEST_KEY_RELAY_STATE] = auth_n_request.relay_state
|
form_attrs[REQUEST_KEY_RELAY_STATE] = auth_n_request.relay_state
|
||||||
return self.get_challenge(
|
return super().get(
|
||||||
{
|
self.request,
|
||||||
|
**{
|
||||||
"type": ChallengeTypes.native,
|
"type": ChallengeTypes.native,
|
||||||
"component": "ak-stage-autosubmit",
|
"component": "ak-stage-autosubmit",
|
||||||
"title": _("Redirecting to %(app)s..." % {"app": application.name}),
|
"title": "Redirecting to %(app)s..." % {"app": application.name},
|
||||||
"url": provider.acs_url,
|
"url": provider.acs_url,
|
||||||
"attrs": form_attrs,
|
"attrs": form_attrs,
|
||||||
}
|
},
|
||||||
)
|
)
|
||||||
if provider.sp_binding == SAMLBindings.REDIRECT:
|
if provider.sp_binding == SAMLBindings.REDIRECT:
|
||||||
url_args = {
|
url_args = {
|
||||||
|
@ -93,7 +92,7 @@ class SAMLFlowFinalView(ChallengeStageView):
|
||||||
return bad_request_message(request, "Invalid sp_binding specified")
|
return bad_request_message(request, "Invalid sp_binding specified")
|
||||||
|
|
||||||
def get_challenge(self, *args, **kwargs) -> Challenge:
|
def get_challenge(self, *args, **kwargs) -> Challenge:
|
||||||
return Challenge(data=kwargs)
|
return AutosubmitChallenge(data=kwargs)
|
||||||
|
|
||||||
def challenge_valid(self, response: ChallengeResponse) -> HttpResponse:
|
def challenge_valid(self, response: ChallengeResponse) -> HttpResponse:
|
||||||
# We'll never get here since the challenge redirects to the SP
|
# We'll never get here since the challenge redirects to the SP
|
||||||
|
|
|
@ -34,7 +34,7 @@ export class AutosubmitStage extends BaseStage {
|
||||||
</h1>
|
</h1>
|
||||||
</header>
|
</header>
|
||||||
<div class="pf-c-login__main-body">
|
<div class="pf-c-login__main-body">
|
||||||
<form class="pf-c-form" >
|
<form class="pf-c-form" action="${this.challenge.url}" method="POST">
|
||||||
${Object.entries(this.challenge.attrs).map(([ key, value ]) => {
|
${Object.entries(this.challenge.attrs).map(([ key, value ]) => {
|
||||||
return html`<input type="hidden" name="${key}" value="${value}">`;
|
return html`<input type="hidden" name="${key}" value="${value}">`;
|
||||||
})}
|
})}
|
||||||
|
|
Reference in a new issue