stages/email: fix duplicate querystring encoding (#7386) Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens L <jens@goauthentik.io>
This commit is contained in:
parent
88057db0b0
commit
0fefd5f522
|
@ -52,17 +52,13 @@ class EmailStageView(ChallengeStageView):
|
||||||
kwargs={"flow_slug": self.executor.flow.slug},
|
kwargs={"flow_slug": self.executor.flow.slug},
|
||||||
)
|
)
|
||||||
# Parse query string from current URL (full query string)
|
# Parse query string from current URL (full query string)
|
||||||
query_params = QueryDict(self.request.META.get("QUERY_STRING", ""), mutable=True)
|
# this view is only run within a flow executor, where we need to get the query string
|
||||||
|
# from the query= parameter (double encoded); but for the redirect
|
||||||
|
# we need to expand it since it'll go through the flow interface
|
||||||
|
query_params = QueryDict(self.request.GET.get(QS_QUERY), mutable=True)
|
||||||
query_params.pop(QS_KEY_TOKEN, None)
|
query_params.pop(QS_KEY_TOKEN, None)
|
||||||
|
|
||||||
# Check for nested query string used by flow executor, and remove any
|
|
||||||
# kind of flow token from that
|
|
||||||
if QS_QUERY in query_params:
|
|
||||||
inner_query_params = QueryDict(query_params.get(QS_QUERY), mutable=True)
|
|
||||||
inner_query_params.pop(QS_KEY_TOKEN, None)
|
|
||||||
query_params[QS_QUERY] = inner_query_params.urlencode()
|
|
||||||
|
|
||||||
query_params.update(kwargs)
|
query_params.update(kwargs)
|
||||||
|
print(query_params)
|
||||||
full_url = base_url
|
full_url = base_url
|
||||||
if len(query_params) > 0:
|
if len(query_params) > 0:
|
||||||
full_url = f"{full_url}?{query_params.urlencode()}"
|
full_url = f"{full_url}?{query_params.urlencode()}"
|
||||||
|
|
|
@ -259,7 +259,7 @@ class TestEmailStage(FlowTestCase):
|
||||||
session.save()
|
session.save()
|
||||||
|
|
||||||
url = reverse("authentik_api:flow-executor", kwargs={"flow_slug": self.flow.slug})
|
url = reverse("authentik_api:flow-executor", kwargs={"flow_slug": self.flow.slug})
|
||||||
url += "?foo=bar"
|
url += "?query=" + urlencode({"foo": "bar"})
|
||||||
request = self.factory.get(url)
|
request = self.factory.get(url)
|
||||||
stage_view = EmailStageView(
|
stage_view = EmailStageView(
|
||||||
FlowExecutorView(
|
FlowExecutorView(
|
||||||
|
@ -273,31 +273,3 @@ class TestEmailStage(FlowTestCase):
|
||||||
stage_view.get_full_url(**{QS_KEY_TOKEN: token}),
|
stage_view.get_full_url(**{QS_KEY_TOKEN: token}),
|
||||||
f"http://testserver/if/flow/{self.flow.slug}/?foo=bar&flow_token={token}",
|
f"http://testserver/if/flow/{self.flow.slug}/?foo=bar&flow_token={token}",
|
||||||
)
|
)
|
||||||
|
|
||||||
def test_url_existing_params_nested(self):
|
|
||||||
"""Test to ensure that URL params are preserved in the URL being sent (including nested)"""
|
|
||||||
plan = FlowPlan(flow_pk=self.flow.pk.hex, bindings=[self.binding], markers=[StageMarker()])
|
|
||||||
plan.context[PLAN_CONTEXT_PENDING_USER] = self.user
|
|
||||||
session = self.client.session
|
|
||||||
session[SESSION_KEY_PLAN] = plan
|
|
||||||
session.save()
|
|
||||||
|
|
||||||
url = reverse("authentik_api:flow-executor", kwargs={"flow_slug": self.flow.slug})
|
|
||||||
url += "?foo=bar&"
|
|
||||||
url += "query=" + urlencode({"nested": "value"})
|
|
||||||
request = self.factory.get(url)
|
|
||||||
stage_view = EmailStageView(
|
|
||||||
FlowExecutorView(
|
|
||||||
request=request,
|
|
||||||
flow=self.flow,
|
|
||||||
),
|
|
||||||
request=request,
|
|
||||||
)
|
|
||||||
token = generate_id()
|
|
||||||
self.assertEqual(
|
|
||||||
stage_view.get_full_url(**{QS_KEY_TOKEN: token}),
|
|
||||||
(
|
|
||||||
f"http://testserver/if/flow/{self.flow.slug}"
|
|
||||||
f"/?foo=bar&query=nested%3Dvalue&flow_token={token}"
|
|
||||||
),
|
|
||||||
)
|
|
||||||
|
|
Reference in a new issue