providers/oauth2: don't allow spaces in scope_name

closes #4094

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens Langhammer 2023-01-13 15:42:35 +01:00
parent 20931ccc1d
commit 31c6ea9fda
No known key found for this signature in database
2 changed files with 14 additions and 3 deletions

View file

@ -3,6 +3,8 @@ from django_filters.filters import AllValuesMultipleFilter
from django_filters.filterset import FilterSet from django_filters.filterset import FilterSet
from drf_spectacular.types import OpenApiTypes from drf_spectacular.types import OpenApiTypes
from drf_spectacular.utils import extend_schema_field from drf_spectacular.utils import extend_schema_field
from rest_framework.fields import CharField
from rest_framework.serializers import ValidationError
from rest_framework.viewsets import ModelViewSet from rest_framework.viewsets import ModelViewSet
from authentik.core.api.propertymappings import PropertyMappingSerializer from authentik.core.api.propertymappings import PropertyMappingSerializer
@ -10,9 +12,18 @@ from authentik.core.api.used_by import UsedByMixin
from authentik.providers.oauth2.models import ScopeMapping from authentik.providers.oauth2.models import ScopeMapping
def no_space(value: str) -> str:
"""Ensure value contains no spaces"""
if " " in value:
raise ValidationError("Value must not contain spaces.")
return value
class ScopeMappingSerializer(PropertyMappingSerializer): class ScopeMappingSerializer(PropertyMappingSerializer):
"""ScopeMapping Serializer""" """ScopeMapping Serializer"""
scope_name = CharField(help_text="Scope name requested by the client", validators=[no_space])
class Meta: class Meta:
model = ScopeMapping model = ScopeMapping

View file

@ -34599,7 +34599,7 @@ components:
scope_name: scope_name:
type: string type: string
minLength: 1 minLength: 1
description: Scope used by the client description: Scope name requested by the client
description: description:
type: string type: string
description: Description shown to the user when consenting. If left empty, description: Description shown to the user when consenting. If left empty,
@ -36604,7 +36604,7 @@ components:
readOnly: true readOnly: true
scope_name: scope_name:
type: string type: string
description: Scope used by the client description: Scope name requested by the client
description: description:
type: string type: string
description: Description shown to the user when consenting. If left empty, description: Description shown to the user when consenting. If left empty,
@ -36640,7 +36640,7 @@ components:
scope_name: scope_name:
type: string type: string
minLength: 1 minLength: 1
description: Scope used by the client description: Scope name requested by the client
description: description:
type: string type: string
description: Description shown to the user when consenting. If left empty, description: Description shown to the user when consenting. If left empty,