From 0cc83c23c48457b946438abae9d60c46a784a908 Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@beryju.org>
Date: Thu, 18 Aug 2022 21:10:35 +0200
Subject: [PATCH] providers/proxy: fix duplicate proxy set default

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
---
 authentik/providers/oauth2/views/authorize.py       | 2 +-
 authentik/providers/proxy/apps.py                   | 6 ------
 internal/outpost/proxyv2/application/application.go | 6 ++++--
 3 files changed, 5 insertions(+), 9 deletions(-)

diff --git a/authentik/providers/oauth2/views/authorize.py b/authentik/providers/oauth2/views/authorize.py
index b09605be7..5aaee32d9 100644
--- a/authentik/providers/oauth2/views/authorize.py
+++ b/authentik/providers/oauth2/views/authorize.py
@@ -477,7 +477,7 @@ class OAuthFulfillmentStage(StageView):
                 GrantTypes.HYBRID,
             ]:
                 code = self.params.create_code(self.request)
-                code.save(force_insert=True)
+                code.save()
 
             if self.params.response_mode == ResponseMode.QUERY:
                 query_params = parse_qs(uri.query)
diff --git a/authentik/providers/proxy/apps.py b/authentik/providers/proxy/apps.py
index f0b064ff9..afe1e242c 100644
--- a/authentik/providers/proxy/apps.py
+++ b/authentik/providers/proxy/apps.py
@@ -9,9 +9,3 @@ class AuthentikProviderProxyConfig(ManagedAppConfig):
     label = "authentik_providers_proxy"
     verbose_name = "authentik Providers.Proxy"
     default = True
-
-    def reconcile_trigger_proxy_set_defaults(self):
-        """Trigger set_defaults task"""
-        from authentik.providers.proxy.tasks import proxy_set_defaults
-
-        proxy_set_defaults.delay()
diff --git a/internal/outpost/proxyv2/application/application.go b/internal/outpost/proxyv2/application/application.go
index aa0dae765..14f1fa07f 100644
--- a/internal/outpost/proxyv2/application/application.go
+++ b/internal/outpost/proxyv2/application/application.go
@@ -148,9 +148,11 @@ func NewApplication(p api.ProxyOutpostConfig, c *http.Client, cs *ak.CryptoStore
 	mux.Use(sentryhttp.New(sentryhttp.Options{}).Handle)
 	mux.Use(func(inner http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-			if _, set := r.URL.Query()[CallbackSignature]; set {
+			if strings.EqualFold(r.URL.Query().Get(CallbackSignature), "true") {
+				a.log.Debug("handling OAuth Callback from querystring signature")
 				a.handleAuthCallback(w, r)
-			} else if _, set := r.URL.Query()[LogoutSignature]; set {
+			} else if strings.EqualFold(r.URL.Query().Get(LogoutSignature), "true") {
+				a.log.Debug("handling OAuth Logout from querystring signature")
 				a.handleSignOut(w, r)
 			} else {
 				inner.ServeHTTP(w, r)