From 72db17f23be91a31d8ca85da3bf7f2362cee632b Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@beryju.org>
Date: Tue, 14 Dec 2021 23:31:08 +0100
Subject: [PATCH] stages/identification: fix miscalculated sleep

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
---
 authentik/stages/identification/stage.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/authentik/stages/identification/stage.py b/authentik/stages/identification/stage.py
index 8b0368441..97f8a6c06 100644
--- a/authentik/stages/identification/stage.py
+++ b/authentik/stages/identification/stage.py
@@ -96,7 +96,7 @@ class IdentificationChallengeResponse(ChallengeResponse):
                 description="Sleep random time on invalid user identifier",
             ):
                 # Sleep a random time (between 90 and 210ms) to "prevent" user enumeration attacks
-                sleep(0.30 * SystemRandom().randint(3, 7))
+                sleep(0.030 * SystemRandom().randint(3, 7))
             LOGGER.debug("invalid_login", identifier=uid_field)
             identification_failed.send(sender=self, request=self.stage.request, uid_field=uid_field)
             # We set the pending_user even on failure so it's part of the context, even