Merge branch 'master' into new-forms

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	Pipfile.lock
#	authentik/api/decorators.py
#	authentik/core/api/applications.py
#	authentik/core/api/users.py
#	authentik/events/api/event.py
#	authentik/events/api/notification_transport.py
#	authentik/flows/api/flows.py
#	swagger.yaml
This commit is contained in:
Jens Langhammer 2021-03-30 10:13:40 +02:00
commit 69ee18e13d
47 changed files with 235 additions and 193 deletions

View File

@ -1,12 +0,0 @@
strictness: medium
test-warnings: true
doc-warnings: false
ignore-paths:
- migrations
- docs
- node_modules
uses:
- django
- celery

View File

@ -1,29 +0,0 @@
[MASTER]
disable =
arguments-differ,
no-self-use,
fixme,
locally-disabled,
too-many-ancestors,
too-few-public-methods,
import-outside-toplevel,
bad-continuation,
signature-differs,
similarities,
cyclic-import,
protected-access,
raise-missing-from
load-plugins=pylint_django,pylint.extensions.bad_builtin
django-settings-module=authentik.root.settings
extension-pkg-whitelist=lxml,xmlsec
# Allow constants to be shorter than normal (and lowercase, for settings.py)
const-rgx=[a-zA-Z0-9_]{1,40}$
ignored-modules=django-otp
generated-members=xmlsec.constants.*,xmlsec.tree.*,xmlsec.template.*
ignore=migrations
max-attributes=12
max-branches=20

View File

@ -51,7 +51,7 @@ python_version = "3.9"
[dev-packages]
bandit = "*"
black = "==20.8b1"
bumpversion = "*"
bump2version = "*"
colorama = "*"
coverage = "*"
pylint = "*"

68
Pipfile.lock generated
View File

@ -1,7 +1,7 @@
{
"_meta": {
"hash": {
"sha256": "7830a9bde580b67d4e39a7f51dbdcb93757eba7eee67842029c83ed1468ffafe"
"sha256": "a9d504f00ee8820017f26a4fda2938de456cb72b4bc2f8735fc8c6a6c615d46a"
},
"pipfile-spec": 6,
"requires": {
@ -122,19 +122,19 @@
},
"boto3": {
"hashes": [
"sha256:6ec718f5a75724f6117a47944a3b2dd79aef02ed75b356060cede74fb91e2616",
"sha256:b5814ff73b5b8fc8601c1b73b70675807f9ce64713562e183a08415a2516eed4"
"sha256:54380395ba52502a9877cd0c4c9c9834341ce74c96c9f1ecc6fd77bade1b201a",
"sha256:ee999b46b2c630e50e7b052d6dfe224203a348d83b00e168ca50009af0f276c1"
],
"index": "pypi",
"version": "==1.17.39"
"version": "==1.17.40"
},
"botocore": {
"hashes": [
"sha256:28506d23ffa9abf5666c2c909c7edc83a1112cd44fe74eb1a4960df561531e98",
"sha256:54587d3c9d0d98ac579681245ea36f547cd5048e2bb9212e5e7166a963bcb562"
"sha256:6a35a9977cdbd7a839d948dd5f9e3d260c19b7dde74e0a844c97206884d3bba0",
"sha256:f2b68119050211139f21278166c9023d9251da84b500a4ccede4a4545d6a9514"
],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'",
"version": "==1.20.39"
"version": "==1.20.40"
},
"cachetools": {
"hashes": [
@ -611,11 +611,11 @@
},
"ldap3": {
"hashes": [
"sha256:18c3ee656a6775b9b0d60f7c6c5b094d878d1d90fc03d56731039f0a4b546a91",
"sha256:4139c91f0eef9782df7b77c8cbc6243086affcb6a8a249b768a9658438e5da59",
"sha256:8c949edbad2be8a03e719ba48bd6779f327ec156929562814b3e84ab56889c8c",
"sha256:c1df41d89459be6f304e0ceec4b00fdea533dbbcd83c802b1272dcdb94620b57",
"sha256:afc6fc0d01f02af82cd7bfabd3bbfd5dc96a6ae91e97db0a2dab8a0f1b436056",
"sha256:18c3ee656a6775b9b0d60f7c6c5b094d878d1d90fc03d56731039f0a4b546a91"
"sha256:c1df41d89459be6f304e0ceec4b00fdea533dbbcd83c802b1272dcdb94620b57"
],
"index": "pypi",
"version": "==2.9"
@ -877,37 +877,37 @@
},
"pyasn1": {
"hashes": [
"sha256:fec3e9d8e36808a28efb59b489e4528c10ad0f480e57dcc32b4de5c9d8c9fdf3",
"sha256:39c7e2ec30515947ff4e87fb6f456dfc6e84857d34be479c9d4a4ba4bf46aa5d",
"sha256:0458773cfe65b153891ac249bcf1b5f8f320b7c2ce462151f8fa74de8934becf",
"sha256:e89bf84b5437b532b0803ba5c9a5e054d21fec423a89952a74f87fa2c9b7bce2",
"sha256:99fcc3c8d804d1bc6d9a099921e39d827026409a58f2a720dcdb89374ea0c776",
"sha256:6e7545f1a61025a4e58bb336952c5061697da694db1cae97b116e9c46abcf7c8",
"sha256:7ab8a544af125fb704feadb008c99a88805126fb525280b2270bb25cc1d78a12",
"sha256:78fa6da68ed2727915c4767bb386ab32cdba863caa7dbe473eaae45f9959da86",
"sha256:014c0e9976956a08139dc0712ae195324a75e142284d5f87f1a87ee1b068a359",
"sha256:03840c999ba71680a131cfaee6fab142e1ed9bbd9c693e285cc6aca0d555e576",
"sha256:0458773cfe65b153891ac249bcf1b5f8f320b7c2ce462151f8fa74de8934becf",
"sha256:08c3c53b75eaa48d71cf8c710312316392ed40899cb34710d092e96745a358b7",
"sha256:39c7e2ec30515947ff4e87fb6f456dfc6e84857d34be479c9d4a4ba4bf46aa5d",
"sha256:5c9414dcfede6e441f7e8f81b43b34e834731003427e5b09e4e00e3172a10f00",
"sha256:6e7545f1a61025a4e58bb336952c5061697da694db1cae97b116e9c46abcf7c8",
"sha256:78fa6da68ed2727915c4767bb386ab32cdba863caa7dbe473eaae45f9959da86",
"sha256:7ab8a544af125fb704feadb008c99a88805126fb525280b2270bb25cc1d78a12",
"sha256:99fcc3c8d804d1bc6d9a099921e39d827026409a58f2a720dcdb89374ea0c776",
"sha256:aef77c9fb94a3ac588e87841208bdec464471d9871bd5050a287cc9a475cd0ba",
"sha256:5c9414dcfede6e441f7e8f81b43b34e834731003427e5b09e4e00e3172a10f00"
"sha256:e89bf84b5437b532b0803ba5c9a5e054d21fec423a89952a74f87fa2c9b7bce2",
"sha256:fec3e9d8e36808a28efb59b489e4528c10ad0f480e57dcc32b4de5c9d8c9fdf3"
],
"version": "==0.4.8"
},
"pyasn1-modules": {
"hashes": [
"sha256:a50b808ffeb97cb3601dd25981f6b016cbb3d31fbf57a8b8a87428e6158d0c74",
"sha256:b80486a6c77252ea3a3e9b1e360bc9cf28eaac41263d173c032581ad2f20fe45",
"sha256:15b7c67fabc7fc240d87fb9aabf999cf82311a6d6fb2c70d00d3d0604878c811",
"sha256:0845a5582f6a02bb3e1bde9ecfc4bfcae6ec3210dd270522fee602365430c3f8",
"sha256:fe0644d9ab041506b62782e92b06b8c68cca799e1a9636ec398675459e031405",
"sha256:426edb7a5e8879f1ec54a1864f16b882c2837bfd06eee62f2c982315ee2473ed",
"sha256:a99324196732f53093a84c4369c996713eb8c89d360a496b599fb1a9c47fc3eb",
"sha256:c29a5e5cc7a3f05926aff34e097e84f8589cd790ce0ed41b67aed6857b26aafd",
"sha256:0fe1b68d1e486a1ed5473f1302bd991c1611d319bba158e98b106ff86e1d7199",
"sha256:15b7c67fabc7fc240d87fb9aabf999cf82311a6d6fb2c70d00d3d0604878c811",
"sha256:426edb7a5e8879f1ec54a1864f16b882c2837bfd06eee62f2c982315ee2473ed",
"sha256:65cebbaffc913f4fe9e4808735c95ea22d7a7775646ab690518c056784bc21b4",
"sha256:905f84c712230b2c592c19470d3ca8d552de726050d1d1716282a1f6146be65e",
"sha256:a50b808ffeb97cb3601dd25981f6b016cbb3d31fbf57a8b8a87428e6158d0c74",
"sha256:a99324196732f53093a84c4369c996713eb8c89d360a496b599fb1a9c47fc3eb",
"sha256:b80486a6c77252ea3a3e9b1e360bc9cf28eaac41263d173c032581ad2f20fe45",
"sha256:c29a5e5cc7a3f05926aff34e097e84f8589cd790ce0ed41b67aed6857b26aafd",
"sha256:cbac4bc38d117f2a49aeedec4407d23e8866ea4ac27ff2cf7fb3e5b570df19e0",
"sha256:f39edd8c4ecaa4556e989147ebf219227e2cd2e8a43c7e7fcb1f1c18c5fd6a3d",
"sha256:cbac4bc38d117f2a49aeedec4407d23e8866ea4ac27ff2cf7fb3e5b570df19e0"
"sha256:fe0644d9ab041506b62782e92b06b8c68cca799e1a9636ec398675459e031405"
],
"version": "==0.2.8"
},
@ -1540,16 +1540,8 @@
"sha256:37f927ea17cde7ae2d7baf832f8e80ce3777624554a653006c9144f8017fe410",
"sha256:762cb2bfad61f4ec8e2bdf452c7c267416f8c70dd9ecb1653fd0bbb01fa936e6"
],
"markers": "python_version >= '3.5'",
"version": "==1.0.1"
},
"bumpversion": {
"hashes": [
"sha256:4ba55e4080d373f80177b4dabef146c07ce73c7d1377aabf9d3c3ae1f94584a6",
"sha256:4eb3267a38194d09f048a2179980bb4803701969bff2c85fa8f6d1ce050be15e"
],
"index": "pypi",
"version": "==0.6.0"
"version": "==1.0.1"
},
"click": {
"hashes": [
@ -1739,11 +1731,11 @@
},
"pylint": {
"hashes": [
"sha256:0e21d3b80b96740909d77206d741aa3ce0b06b41be375d92e1f3244a274c1f8a",
"sha256:d09b0b07ba06bcdff463958f53f23df25e740ecd81895f7d2699ec04bbd8dc3b"
"sha256:209d712ec870a0182df034ae19f347e725c1e615b2269519ab58a35b3fcbbe7a",
"sha256:bd38914c7731cdc518634a8d3c5585951302b6e2b6de60fbb3f7a0220e21eeee"
],
"index": "pypi",
"version": "==2.7.2"
"version": "==2.7.4"
},
"pylint-django": {
"hashes": [

View File

@ -58,6 +58,18 @@ class SessionUserSerializer(Serializer):
raise NotImplementedError
class UserRecoverySerializer(Serializer):
"""Recovery link for a user to reset their password"""
link = CharField()
def create(self, validated_data: dict) -> Model:
raise NotImplementedError
def update(self, instance: Model, validated_data: dict) -> Model:
raise NotImplementedError
class UserMetricsSerializer(Serializer):
"""User Metrics"""

View File

@ -16,9 +16,9 @@ if TYPE_CHECKING:
class ChallengeTypes(Enum):
"""Currently defined challenge types"""
native = "native"
shell = "shell"
redirect = "redirect"
NATIVE = "native"
SHELL = "shell"
REDIRECT = "redirect"
class ErrorDetailSerializer(Serializer):

View File

@ -94,7 +94,7 @@ class TestFlowExecutor(TestCase):
"component": "ak-stage-access-denied",
"error_message": FlowNonApplicableException.__doc__,
"title": "",
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
},
)
@ -415,7 +415,7 @@ class TestFlowExecutor(TestCase):
force_str(response.content),
{
"background": flow.background.url,
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-dummy",
"title": binding.stage.name,
},
@ -446,7 +446,7 @@ class TestFlowExecutor(TestCase):
force_str(response.content),
{
"background": flow.background.url,
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-dummy",
"title": binding4.stage.name,
},

View File

@ -241,7 +241,7 @@ class FlowExecutorView(APIView):
{
"error_message": error_message,
"title": self.flow.title,
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-access-denied",
}
)
@ -334,14 +334,14 @@ def to_stage_response(request: HttpRequest, source: HttpResponse) -> HttpRespons
)
return HttpChallengeResponse(
RedirectChallenge(
{"type": ChallengeTypes.redirect, "to": str(redirect_url)}
{"type": ChallengeTypes.REDIRECT, "to": str(redirect_url)}
)
)
if isinstance(source, TemplateResponse):
return HttpChallengeResponse(
ShellChallenge(
{
"type": ChallengeTypes.shell,
"type": ChallengeTypes.SHELL,
"body": source.render().content.decode("utf-8"),
}
)
@ -351,7 +351,7 @@ def to_stage_response(request: HttpRequest, source: HttpResponse) -> HttpRespons
return HttpChallengeResponse(
ShellChallenge(
{
"type": ChallengeTypes.shell,
"type": ChallengeTypes.SHELL,
"body": source.content.decode("utf-8"),
}
)

View File

@ -7,14 +7,9 @@ from guardian.shortcuts import get_objects_for_user
from rest_framework import mixins
from rest_framework.decorators import action
from rest_framework.exceptions import PermissionDenied
from rest_framework.relations import PrimaryKeyRelatedField
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import (
ModelSerializer,
Serializer,
SerializerMethodField,
)
from rest_framework.serializers import ModelSerializer, SerializerMethodField
from rest_framework.viewsets import GenericViewSet
from structlog.stdlib import get_logger

View File

@ -74,7 +74,7 @@ class SAMLFlowFinalView(ChallengeStageView):
return super().get(
self.request,
**{
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-autosubmit",
"title": "Redirecting to %(app)s..." % {"app": application.name},
"url": provider.acs_url,

View File

@ -7,7 +7,7 @@ from authentik.sources.oauth.types.manager import MANAGER, RequestKind
from authentik.sources.oauth.views.callback import OAuthCallback
@MANAGER.source(kind=RequestKind.callback, name="Azure AD")
@MANAGER.source(kind=RequestKind.CALLBACK, name="Azure AD")
class AzureADOAuthCallback(OAuthCallback):
"""AzureAD OAuth2 Callback"""

View File

@ -7,7 +7,7 @@ from authentik.sources.oauth.views.callback import OAuthCallback
from authentik.sources.oauth.views.redirect import OAuthRedirect
@MANAGER.source(kind=RequestKind.redirect, name="Discord")
@MANAGER.source(kind=RequestKind.REDIRECT, name="Discord")
class DiscordOAuthRedirect(OAuthRedirect):
"""Discord OAuth2 Redirect"""
@ -17,7 +17,7 @@ class DiscordOAuthRedirect(OAuthRedirect):
}
@MANAGER.source(kind=RequestKind.callback, name="Discord")
@MANAGER.source(kind=RequestKind.CALLBACK, name="Discord")
class DiscordOAuth2Callback(OAuthCallback):
"""Discord OAuth2 Callback"""

View File

@ -10,7 +10,7 @@ from authentik.sources.oauth.views.callback import OAuthCallback
from authentik.sources.oauth.views.redirect import OAuthRedirect
@MANAGER.source(kind=RequestKind.redirect, name="Facebook")
@MANAGER.source(kind=RequestKind.REDIRECT, name="Facebook")
class FacebookOAuthRedirect(OAuthRedirect):
"""Facebook OAuth2 Redirect"""
@ -28,7 +28,7 @@ class FacebookOAuth2Client(OAuth2Client):
return api.get_object("me", fields="id,name,email")
@MANAGER.source(kind=RequestKind.callback, name="Facebook")
@MANAGER.source(kind=RequestKind.CALLBACK, name="Facebook")
class FacebookOAuth2Callback(OAuthCallback):
"""Facebook OAuth2 Callback"""

View File

@ -6,7 +6,7 @@ from authentik.sources.oauth.types.manager import MANAGER, RequestKind
from authentik.sources.oauth.views.callback import OAuthCallback
@MANAGER.source(kind=RequestKind.callback, name="GitHub")
@MANAGER.source(kind=RequestKind.CALLBACK, name="GitHub")
class GitHubOAuth2Callback(OAuthCallback):
"""GitHub OAuth2 Callback"""

View File

@ -7,7 +7,7 @@ from authentik.sources.oauth.views.callback import OAuthCallback
from authentik.sources.oauth.views.redirect import OAuthRedirect
@MANAGER.source(kind=RequestKind.redirect, name="Google")
@MANAGER.source(kind=RequestKind.REDIRECT, name="Google")
class GoogleOAuthRedirect(OAuthRedirect):
"""Google OAuth2 Redirect"""
@ -17,7 +17,7 @@ class GoogleOAuthRedirect(OAuthRedirect):
}
@MANAGER.source(kind=RequestKind.callback, name="Google")
@MANAGER.source(kind=RequestKind.CALLBACK, name="Google")
class GoogleOAuth2Callback(OAuthCallback):
"""Google OAuth2 Callback"""

View File

@ -15,8 +15,8 @@ LOGGER = get_logger()
class RequestKind(Enum):
"""Enum of OAuth Request types"""
callback = "callback"
redirect = "redirect"
CALLBACK = "callback"
REDIRECT = "redirect"
class SourceTypeManager:
@ -52,9 +52,9 @@ class SourceTypeManager:
have=self.__source_types[kind.value].keys(),
)
# Return defaults
if kind == RequestKind.callback:
if kind == RequestKind.CALLBACK:
return OAuthCallback
if kind == RequestKind.redirect:
if kind == RequestKind.REDIRECT:
return OAuthRedirect
raise KeyError(
f"Provider Type {source.provider_type} (type {kind.value}) not found."

View File

@ -7,7 +7,7 @@ from authentik.sources.oauth.views.callback import OAuthCallback
from authentik.sources.oauth.views.redirect import OAuthRedirect
@MANAGER.source(kind=RequestKind.redirect, name="OpenID Connect")
@MANAGER.source(kind=RequestKind.REDIRECT, name="OpenID Connect")
class OpenIDConnectOAuthRedirect(OAuthRedirect):
"""OpenIDConnect OAuth2 Redirect"""
@ -17,7 +17,7 @@ class OpenIDConnectOAuthRedirect(OAuthRedirect):
}
@MANAGER.source(kind=RequestKind.callback, name="OpenID Connect")
@MANAGER.source(kind=RequestKind.CALLBACK, name="OpenID Connect")
class OpenIDConnectOAuth2Callback(OAuthCallback):
"""OpenIDConnect OAuth2 Callback"""

View File

@ -10,7 +10,7 @@ from authentik.sources.oauth.views.callback import OAuthCallback
from authentik.sources.oauth.views.redirect import OAuthRedirect
@MANAGER.source(kind=RequestKind.redirect, name="reddit")
@MANAGER.source(kind=RequestKind.REDIRECT, name="reddit")
class RedditOAuthRedirect(OAuthRedirect):
"""Reddit OAuth2 Redirect"""
@ -30,7 +30,7 @@ class RedditOAuth2Client(OAuth2Client):
return super().get_access_token(auth=auth)
@MANAGER.source(kind=RequestKind.callback, name="reddit")
@MANAGER.source(kind=RequestKind.CALLBACK, name="reddit")
class RedditOAuth2Callback(OAuthCallback):
"""Reddit OAuth2 Callback"""

View File

@ -6,7 +6,7 @@ from authentik.sources.oauth.types.manager import MANAGER, RequestKind
from authentik.sources.oauth.views.callback import OAuthCallback
@MANAGER.source(kind=RequestKind.callback, name="Twitter")
@MANAGER.source(kind=RequestKind.CALLBACK, name="Twitter")
class TwitterOAuthCallback(OAuthCallback):
"""Twitter OAuth2 Callback"""

View File

@ -8,12 +8,12 @@ from authentik.sources.oauth.views.dispatcher import DispatcherView
urlpatterns = [
path(
"login/<slug:source_slug>/",
DispatcherView.as_view(kind=RequestKind.redirect),
DispatcherView.as_view(kind=RequestKind.REDIRECT),
name="oauth-client-login",
),
path(
"callback/<slug:source_slug>/",
DispatcherView.as_view(kind=RequestKind.callback),
DispatcherView.as_view(kind=RequestKind.CALLBACK),
name="oauth-client-callback",
),
]

View File

@ -34,7 +34,7 @@ from authentik.sources.saml.processors.constants import (
class SAMLBindingTypes(models.TextChoices):
"""SAML Binding types"""
Redirect = "REDIRECT", _("Redirect Binding")
REDIRECT = "REDIRECT", _("Redirect Binding")
POST = "POST", _("POST Binding")
POST_AUTO = "POST_AUTO", _("POST Binding with auto-confirmation")
@ -95,7 +95,7 @@ class SAMLSource(Source):
binding_type = models.CharField(
max_length=100,
choices=SAMLBindingTypes.choices,
default=SAMLBindingTypes.Redirect,
default=SAMLBindingTypes.REDIRECT,
)
temporary_user_delete_after = models.TextField(

View File

@ -50,7 +50,7 @@ class AutosubmitStageView(ChallengeStageView):
def get_challenge(self, *args, **kwargs) -> Challenge:
return AutosubmitChallenge(
data={
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-autosubmit",
"title": self.executor.plan.context.get(PLAN_CONTEXT_TITLE, ""),
"url": self.executor.plan.context.get(PLAN_CONTEXT_URL, ""),
@ -103,7 +103,7 @@ class InitiateView(View):
relay_state = request.GET.get("next", "")
auth_n_req = RequestProcessor(source, request, relay_state)
# If the source is configured for Redirect bindings, we can just redirect there
if source.binding_type == SAMLBindingTypes.Redirect:
if source.binding_type == SAMLBindingTypes.REDIRECT:
url_args = urlencode(auth_n_req.build_auth_n_detached())
return redirect(f"{source.sso_url}?{url_args}")
# As POST Binding we show a form

View File

@ -31,7 +31,7 @@ class AuthenticatorStaticStageView(ChallengeStageView):
tokens: list[StaticToken] = self.request.session[SESSION_STATIC_TOKENS]
return AuthenticatorStaticChallenge(
data={
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-authenticator-static",
"codes": [token.token for token in tokens],
}

View File

@ -51,7 +51,7 @@ class AuthenticatorTOTPStageView(ChallengeStageView):
device: TOTPDevice = self.request.session[SESSION_TOTP_DEVICE]
return AuthenticatorTOTPChallenge(
data={
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-authenticator-totp",
"config_url": device.config_url,
}

View File

@ -145,7 +145,7 @@ class AuthenticatorValidateStageView(ChallengeStageView):
challenges = self.request.session["device_challenges"]
return AuthenticatorChallenge(
data={
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-authenticator-validate",
"device_challenges": challenges,
}

View File

@ -128,7 +128,7 @@ class AuthenticatorWebAuthnStageView(ChallengeStageView):
return AuthenticatorWebAuthnChallenge(
data={
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-authenticator-webauthn",
"registration": registration_dict,
}

View File

@ -63,7 +63,7 @@ class CaptchaStageView(ChallengeStageView):
def get_challenge(self, *args, **kwargs) -> Challenge:
return CaptchaChallenge(
data={
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-captcha",
"site_key": self.executor.current_stage.public_key,
}

View File

@ -39,7 +39,7 @@ class ConsentStageView(ChallengeStageView):
def get_challenge(self) -> Challenge:
challenge = ConsentChallenge(
data={
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-consent",
}
)

View File

@ -49,7 +49,7 @@ class TestUserDenyStage(TestCase):
"component": "ak-stage-access-denied",
"error_message": None,
"title": "",
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
},
)

View File

@ -24,7 +24,7 @@ class DummyStageView(ChallengeStageView):
def get_challenge(self, *args, **kwargs) -> Challenge:
return DummyChallenge(
data={
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-dummy",
"title": self.executor.current_stage.name,
}

View File

@ -96,7 +96,7 @@ class EmailStageView(ChallengeStageView):
def get_challenge(self) -> Challenge:
challenge = EmailChallenge(
data={
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-email",
"title": "Email sent.",
}

View File

@ -78,7 +78,7 @@ class IdentificationStageView(ChallengeStageView):
current_stage: IdentificationStage = self.executor.current_stage
challenge = IdentificationChallenge(
data={
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-identification",
"primary_action": _("Log in"),
"input_type": "text",

View File

@ -104,7 +104,7 @@ class TestIdentificationStage(TestCase):
force_str(response.content),
{
"background": flow.background.url,
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-identification",
"input_type": "email",
"enroll_url": reverse(
@ -147,7 +147,7 @@ class TestIdentificationStage(TestCase):
force_str(response.content),
{
"background": flow.background.url,
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-identification",
"input_type": "email",
"recovery_url": reverse(

View File

@ -67,7 +67,7 @@ class TestUserLoginStage(TestCase):
"component": "ak-stage-access-denied",
"error_message": None,
"title": "",
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
},
)

View File

@ -78,7 +78,7 @@ class PasswordStageView(ChallengeStageView):
def get_challenge(self) -> Challenge:
challenge = PasswordChallenge(
data={
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-password",
}
)

View File

@ -72,7 +72,7 @@ class TestPasswordStage(TestCase):
"component": "ak-stage-access-denied",
"error_message": None,
"title": "",
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
},
)
@ -206,6 +206,6 @@ class TestPasswordStage(TestCase):
"component": "ak-stage-access-denied",
"error_message": None,
"title": "",
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
},
)

View File

@ -164,7 +164,7 @@ class PromptStageView(ChallengeStageView):
fields = list(self.executor.current_stage.fields.all().order_by("order"))
challenge = PromptChallenge(
data={
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
"component": "ak-stage-prompt",
"fields": [PromptSerializer(field).data for field in fields],
},

View File

@ -55,7 +55,7 @@ class TestUserDeleteStage(TestCase):
"component": "ak-stage-access-denied",
"error_message": None,
"title": "",
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
},
)

View File

@ -80,7 +80,7 @@ class TestUserLoginStage(TestCase):
"component": "ak-stage-access-denied",
"error_message": None,
"title": "",
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
},
)
@ -109,7 +109,7 @@ class TestUserLoginStage(TestCase):
"component": "ak-stage-access-denied",
"error_message": None,
"title": "",
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
},
)

View File

@ -132,7 +132,7 @@ class TestUserWriteStage(TestCase):
"component": "ak-stage-access-denied",
"error_message": None,
"title": "",
"type": ChallengeTypes.native.value,
"type": ChallengeTypes.NATIVE.value,
},
)

View File

@ -41,3 +41,38 @@ exclude_lines = [
"if __name__ == .__main__.:",
]
show_missing = true
[tool.pylint.master]
disable =[
"arguments-differ",
"no-self-use",
"fixme",
"locally-disabled",
"too-many-ancestors",
"too-few-public-methods",
"import-outside-toplevel",
"bad-continuation",
"signature-differs",
"similarities",
"cyclic-import",
"protected-access",
"raise-missing-from",]
load-plugins=["pylint_django","pylint.extensions.bad_builtin"]
django-settings-module="authentik.root.settings"
extension-pkg-whitelist=["lxml","xmlsec"]
# Allow constants to be shorter than normal (and lowercase, for settings.py)
const-rgx="[a-zA-Z0-9_]{1,40}$"
ignored-modules=["django-otp"]
generated-members=["xmlsec.constants.*","xmlsec.tree.*","xmlsec.template.*"]
ignore="migrations"
max-attributes=12
max-branches=20
[tool.pytest.ini_options]
DJANGO_SETTINGS_MODULE = "authentik.root.settings"
python_files = ["tests.py", "test_*.py", "*_tests.py"]
junit_family = "xunit2"
addopts = "-p no:celery --junitxml=unittest.xml"

View File

@ -1,5 +0,0 @@
[pytest]
DJANGO_SETTINGS_MODULE = authentik.root.settings
python_files = tests.py test_*.py *_tests.py
junit_family = xunit2
addopts = -p no:celery --junitxml=unittest.xml

View File

@ -1,3 +0,0 @@
[pycodestyle]
ignore = E731,E121,W503
max-line-length = 100

View File

@ -15515,9 +15515,9 @@ definitions:
title: Type
type: string
enum:
- native
- shell
- redirect
- NATIVE
- SHELL
- REDIRECT
component:
title: Component
type: string

View File

@ -124,7 +124,7 @@ class TestSourceSAML(SeleniumTestCase):
pre_authentication_flow=pre_authentication_flow,
issuer="entity-id",
sso_url="http://localhost:8080/simplesaml/saml2/idp/SSOService.php",
binding_type=SAMLBindingTypes.Redirect,
binding_type=SAMLBindingTypes.REDIRECT,
signing_kp=keypair,
)

133
web/package-lock.json generated
View File

@ -525,13 +525,13 @@
}
},
"@typescript-eslint/eslint-plugin": {
"version": "4.19.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-4.19.0.tgz",
"integrity": "sha512-CRQNQ0mC2Pa7VLwKFbrGVTArfdVDdefS+gTw0oC98vSI98IX5A8EVH4BzJ2FOB0YlCmm8Im36Elad/Jgtvveaw==",
"version": "4.20.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-4.20.0.tgz",
"integrity": "sha512-sw+3HO5aehYqn5w177z2D82ZQlqHCwcKSMboueo7oE4KU9QiC0SAgfS/D4z9xXvpTc8Bt41Raa9fBR8T2tIhoQ==",
"dev": true,
"requires": {
"@typescript-eslint/experimental-utils": "4.19.0",
"@typescript-eslint/scope-manager": "4.19.0",
"@typescript-eslint/experimental-utils": "4.20.0",
"@typescript-eslint/scope-manager": "4.20.0",
"debug": "^4.1.1",
"functional-red-black-tree": "^1.0.1",
"lodash": "^4.17.15",
@ -541,55 +541,112 @@
}
},
"@typescript-eslint/experimental-utils": {
"version": "4.19.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/experimental-utils/-/experimental-utils-4.19.0.tgz",
"integrity": "sha512-9/23F1nnyzbHKuoTqFN1iXwN3bvOm/PRIXSBR3qFAYotK/0LveEOHr5JT1WZSzcD6BESl8kPOG3OoDRKO84bHA==",
"version": "4.20.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/experimental-utils/-/experimental-utils-4.20.0.tgz",
"integrity": "sha512-sQNlf6rjLq2yB5lELl3gOE7OuoA/6IVXJUJ+Vs7emrQMva14CkOwyQwD7CW+TkmOJ4Q/YGmoDLmbfFrpGmbKng==",
"dev": true,
"requires": {
"@types/json-schema": "^7.0.3",
"@typescript-eslint/scope-manager": "4.19.0",
"@typescript-eslint/types": "4.19.0",
"@typescript-eslint/typescript-estree": "4.19.0",
"@typescript-eslint/scope-manager": "4.20.0",
"@typescript-eslint/types": "4.20.0",
"@typescript-eslint/typescript-estree": "4.20.0",
"eslint-scope": "^5.0.0",
"eslint-utils": "^2.0.0"
}
},
"@typescript-eslint/parser": {
"version": "4.19.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-4.19.0.tgz",
"integrity": "sha512-/uabZjo2ZZhm66rdAu21HA8nQebl3lAIDcybUoOxoI7VbZBYavLIwtOOmykKCJy+Xq6Vw6ugkiwn8Js7D6wieA==",
"version": "4.20.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-4.20.0.tgz",
"integrity": "sha512-m6vDtgL9EABdjMtKVw5rr6DdeMCH3OA1vFb0dAyuZSa3e5yw1YRzlwFnm9knma9Lz6b2GPvoNSa8vOXrqsaglA==",
"dev": true,
"requires": {
"@typescript-eslint/scope-manager": "4.19.0",
"@typescript-eslint/types": "4.19.0",
"@typescript-eslint/typescript-estree": "4.19.0",
"@typescript-eslint/scope-manager": "4.20.0",
"@typescript-eslint/types": "4.20.0",
"@typescript-eslint/typescript-estree": "4.20.0",
"debug": "^4.1.1"
}
},
"dependencies": {
"@typescript-eslint/scope-manager": {
"version": "4.19.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-4.19.0.tgz",
"integrity": "sha512-GGy4Ba/hLXwJXygkXqMzduqOMc+Na6LrJTZXJWVhRrSuZeXmu8TAnniQVKgj8uTRKe4igO2ysYzH+Np879G75g==",
"version": "4.20.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-4.20.0.tgz",
"integrity": "sha512-/zm6WR6iclD5HhGpcwl/GOYDTzrTHmvf8LLLkwKqqPKG6+KZt/CfSgPCiybshmck66M2L5fWSF/MKNuCwtKQSQ==",
"dev": true,
"requires": {
"@typescript-eslint/types": "4.19.0",
"@typescript-eslint/visitor-keys": "4.19.0"
"@typescript-eslint/types": "4.20.0",
"@typescript-eslint/visitor-keys": "4.20.0"
}
},
"@typescript-eslint/types": {
"version": "4.19.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-4.19.0.tgz",
"integrity": "sha512-A4iAlexVvd4IBsSTNxdvdepW0D4uR/fwxDrKUa+iEY9UWvGREu2ZyB8ylTENM1SH8F7bVC9ac9+si3LWNxcBuA==",
"version": "4.20.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-4.20.0.tgz",
"integrity": "sha512-cYY+1PIjei1nk49JAPnH1VEnu7OYdWRdJhYI5wiKOUMhLTG1qsx5cQxCUTuwWCmQoyriadz3Ni8HZmGSofeC+w==",
"dev": true
},
"@typescript-eslint/typescript-estree": {
"version": "4.19.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-4.19.0.tgz",
"integrity": "sha512-3xqArJ/A62smaQYRv2ZFyTA+XxGGWmlDYrsfZG68zJeNbeqRScnhf81rUVa6QG4UgzHnXw5VnMT5cg75dQGDkA==",
"version": "4.20.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-4.20.0.tgz",
"integrity": "sha512-Knpp0reOd4ZsyoEJdW8i/sK3mtZ47Ls7ZHvD8WVABNx5Xnn7KhenMTRGegoyMTx6TiXlOVgMz9r0pDgXTEEIHA==",
"dev": true,
"requires": {
"@typescript-eslint/types": "4.19.0",
"@typescript-eslint/visitor-keys": "4.19.0",
"@typescript-eslint/types": "4.20.0",
"@typescript-eslint/visitor-keys": "4.20.0",
"debug": "^4.1.1",
"globby": "^11.0.1",
"is-glob": "^4.0.1",
"semver": "^7.3.2",
"tsutils": "^3.17.1"
}
},
"@typescript-eslint/visitor-keys": {
"version": "4.20.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-4.20.0.tgz",
"integrity": "sha512-NXKRM3oOVQL8yNFDNCZuieRIwZ5UtjNLYtmMx2PacEAGmbaEYtGgVHUHVyZvU/0rYZcizdrWjDo+WBtRPSgq+A==",
"dev": true,
"requires": {
"@typescript-eslint/types": "4.20.0",
"eslint-visitor-keys": "^2.0.0"
}
},
"globby": {
"version": "11.0.3",
"resolved": "https://registry.npmjs.org/globby/-/globby-11.0.3.tgz",
"integrity": "sha512-ffdmosjA807y7+lA1NM0jELARVmYul/715xiILEjo3hBLPTcirgQNnXECn5g3mtR8TOLCVbkfua1Hpen25/Xcg==",
"dev": true,
"requires": {
"array-union": "^2.1.0",
"dir-glob": "^3.0.1",
"fast-glob": "^3.1.1",
"ignore": "^5.1.4",
"merge2": "^1.3.0",
"slash": "^3.0.0"
}
}
}
},
"@typescript-eslint/scope-manager": {
"version": "4.20.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-4.20.0.tgz",
"integrity": "sha512-/zm6WR6iclD5HhGpcwl/GOYDTzrTHmvf8LLLkwKqqPKG6+KZt/CfSgPCiybshmck66M2L5fWSF/MKNuCwtKQSQ==",
"dev": true,
"requires": {
"@typescript-eslint/types": "4.20.0",
"@typescript-eslint/visitor-keys": "4.20.0"
}
},
"@typescript-eslint/types": {
"version": "4.20.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-4.20.0.tgz",
"integrity": "sha512-cYY+1PIjei1nk49JAPnH1VEnu7OYdWRdJhYI5wiKOUMhLTG1qsx5cQxCUTuwWCmQoyriadz3Ni8HZmGSofeC+w==",
"dev": true
},
"@typescript-eslint/typescript-estree": {
"version": "4.20.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-4.20.0.tgz",
"integrity": "sha512-Knpp0reOd4ZsyoEJdW8i/sK3mtZ47Ls7ZHvD8WVABNx5Xnn7KhenMTRGegoyMTx6TiXlOVgMz9r0pDgXTEEIHA==",
"dev": true,
"requires": {
"@typescript-eslint/types": "4.20.0",
"@typescript-eslint/visitor-keys": "4.20.0",
"debug": "^4.1.1",
"globby": "^11.0.1",
"is-glob": "^4.0.1",
@ -614,12 +671,12 @@
}
},
"@typescript-eslint/visitor-keys": {
"version": "4.19.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-4.19.0.tgz",
"integrity": "sha512-aGPS6kz//j7XLSlgpzU2SeTqHPsmRYxFztj2vPuMMFJXZudpRSehE3WCV+BaxwZFvfAqMoSd86TEuM0PQ59E/A==",
"version": "4.20.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-4.20.0.tgz",
"integrity": "sha512-NXKRM3oOVQL8yNFDNCZuieRIwZ5UtjNLYtmMx2PacEAGmbaEYtGgVHUHVyZvU/0rYZcizdrWjDo+WBtRPSgq+A==",
"dev": true,
"requires": {
"@typescript-eslint/types": "4.19.0",
"@typescript-eslint/types": "4.20.0",
"eslint-visitor-keys": "^2.0.0"
}
},
@ -3036,9 +3093,9 @@
}
},
"rollup": {
"version": "2.43.1",
"resolved": "https://registry.npmjs.org/rollup/-/rollup-2.43.1.tgz",
"integrity": "sha512-kvRE6VJbiv4d8m2nGeccc3qRpzOMghAhu2KeITjyZVCjneIFLPQ3zm2Wmqnl0LcUg3FvDaV0MfKnG4NCMbiSfw==",
"version": "2.44.0",
"resolved": "https://registry.npmjs.org/rollup/-/rollup-2.44.0.tgz",
"integrity": "sha512-rGSF4pLwvuaH/x4nAS+zP6UNn5YUDWf/TeEU5IoXSZKBbKRNTCI3qMnYXKZgrC0D2KzS2baiOZt1OlqhMu5rnQ==",
"requires": {
"fsevents": "~2.3.1"
}

View File

@ -28,7 +28,7 @@
"lit-element": "^2.4.0",
"lit-html": "^1.3.0",
"rapidoc": "^8.4.9",
"rollup": "^2.43.1",
"rollup": "^2.44.0",
"rollup-plugin-copy": "^3.4.0",
"rollup-plugin-cssimport": "^1.0.2",
"rollup-plugin-external-globals": "^0.6.1",
@ -38,8 +38,8 @@
},
"devDependencies": {
"@rollup/plugin-typescript": "^8.2.1",
"@typescript-eslint/eslint-plugin": "^4.19.0",
"@typescript-eslint/parser": "^4.19.0",
"@typescript-eslint/eslint-plugin": "^4.20.0",
"@typescript-eslint/parser": "^4.20.0",
"eslint": "^7.23.0",
"eslint-config-google": "^0.14.0",
"eslint-plugin-lit": "^1.3.0",