diff --git a/authentik/stages/authenticator_mobile/migrations/0001_initial.py b/authentik/stages/authenticator_mobile/migrations/0001_initial.py index 9ebc5a851..bfe3bbdba 100644 --- a/authentik/stages/authenticator_mobile/migrations/0001_initial.py +++ b/authentik/stages/authenticator_mobile/migrations/0001_initial.py @@ -45,7 +45,7 @@ class Migration(migrations.Migration): default="number_matching_3", ), ), - ("cgw_endpoint", models.URLField()), + ("cgw_endpoint", models.TextField()), ( "configure_flow", models.ForeignKey( diff --git a/authentik/stages/authenticator_mobile/models.py b/authentik/stages/authenticator_mobile/models.py index 7177aa83c..c20b91651 100644 --- a/authentik/stages/authenticator_mobile/models.py +++ b/authentik/stages/authenticator_mobile/models.py @@ -50,7 +50,7 @@ class AuthenticatorMobileStage(ConfigurableStage, FriendlyNamedStage, Stage): item_matching_mode = models.TextField( choices=ItemMatchingMode.choices, default=ItemMatchingMode.NUMBER_MATCHING_3 ) - cgw_endpoint = models.URLField() + cgw_endpoint = models.TextField() def create_transaction(self, device: "MobileDevice") -> "MobileTransaction": """Create a transaction for `device` with the config of this stage.""" diff --git a/authentik/stages/authenticator_mobile/stage.py b/authentik/stages/authenticator_mobile/stage.py index b4e560af7..717746ff5 100644 --- a/authentik/stages/authenticator_mobile/stage.py +++ b/authentik/stages/authenticator_mobile/stage.py @@ -1,7 +1,7 @@ """Mobile stage""" from django.http import HttpResponse from rest_framework.fields import CharField - +from django.conf import settings from authentik.core.api.utils import PassiveSerializer from authentik.flows.challenge import ( Challenge, @@ -65,10 +65,13 @@ class AuthenticatorMobileStageView(ChallengeStageView): def get_challenge(self, *args, **kwargs) -> Challenge: self.prepare() + endpoint = f"https://{self.executor.current_stage.cgw_endpoint}/" + if settings.DEBUG: + endpoint = endpoint.replace(":3415", ":3416") + endpoint = endpoint.replace("https", "http") payload = AuthenticatorMobilePayloadChallenge( data={ - # TODO: use cloud gateway? - "u": self.request.build_absolute_uri("/"), + "u": endpoint, "s": str(self.executor.plan.context[FLOW_PLAN_MOBILE_ENROLL_DEVICE].pk), "t": self.executor.plan.context[FLOW_PLAN_MOBILE_ENROLL_TOKEN].token, } diff --git a/blueprints/schema.json b/blueprints/schema.json index fc740b729..b2ba6736d 100644 --- a/blueprints/schema.json +++ b/blueprints/schema.json @@ -6155,8 +6155,6 @@ }, "cgw_endpoint": { "type": "string", - "format": "uri", - "maxLength": 200, "minLength": 1, "title": "Cgw endpoint" } diff --git a/schema.yml b/schema.yml index 9f731b14c..c546a79e3 100644 --- a/schema.yml +++ b/schema.yml @@ -30429,8 +30429,6 @@ components: $ref: '#/components/schemas/ItemMatchingModeEnum' cgw_endpoint: type: string - format: uri - maxLength: 200 required: - cgw_endpoint - component @@ -30464,9 +30462,7 @@ components: $ref: '#/components/schemas/ItemMatchingModeEnum' cgw_endpoint: type: string - format: uri minLength: 1 - maxLength: 200 required: - cgw_endpoint - name @@ -38236,9 +38232,7 @@ components: $ref: '#/components/schemas/ItemMatchingModeEnum' cgw_endpoint: type: string - format: uri minLength: 1 - maxLength: 200 PatchedAuthenticatorSMSStageRequest: type: object description: AuthenticatorSMSStage Serializer