providers/oauth2: add migration from "*" to ".*"

closes #2970 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-27 10:18:27 +02:00 · 2022-05-27 10:18:27 +02:00 · 1b3aacfa1d
parent 3a994ab2a4
commit 1b3aacfa1d
2 changed files with 7 additions and 1 deletions
--- a/authentik/providers/oauth2/tests/test_authorize.py
+++ b/authentik/providers/oauth2/tests/test_authorize.py
@ -84,7 +84,7 @@ class TestAuthorize(OAuthTestCase):
            name="test",
            client_id="test",
            authorization_flow=create_test_flow(),
-            redirect_uris="*",
+            redirect_uris="+",
        )
        with self.assertRaises(RedirectUriError):
            request = self.factory.get("/", data={"response_type": "code", "client_id": "test"})
--- a/authentik/providers/oauth2/views/authorize.py
+++ b/authentik/providers/oauth2/views/authorize.py
@ -185,6 +185,12 @@ class OAuthAuthorizationParams:
            self.provider.save()
            allowed_redirect_urls = self.provider.redirect_uris.split()

+        if self.provider.redirect_uris == "*":
+            LOGGER.info("Converting redirect_uris to regex", redirect=self.redirect_uri)
+            self.provider.redirect_uris = ".*"
+            self.provider.save()
+            allowed_redirect_urls = self.provider.redirect_uris.split()
+
        try:
            if not any(fullmatch(x, self.redirect_uri) for x in allowed_redirect_urls):
                LOGGER.warning(