stages/authenticator_duo: fix bad request being sent to duo when calling enrollment_status outside a flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #2666
This commit is contained in:
parent
957bb1c5ef
commit
9da439623b
|
@ -68,6 +68,8 @@ class AuthenticatorDuoStageViewSet(UsedByMixin, ModelViewSet):
|
||||||
client = stage.client
|
client = stage.client
|
||||||
user_id = self.request.session.get(SESSION_KEY_DUO_USER_ID)
|
user_id = self.request.session.get(SESSION_KEY_DUO_USER_ID)
|
||||||
activation_code = self.request.session.get(SESSION_KEY_DUO_ACTIVATION_CODE)
|
activation_code = self.request.session.get(SESSION_KEY_DUO_ACTIVATION_CODE)
|
||||||
|
if not user_id or not activation_code:
|
||||||
|
return Response(status=420)
|
||||||
status = client.enroll_status(user_id, activation_code)
|
status = client.enroll_status(user_id, activation_code)
|
||||||
if status == "success":
|
if status == "success":
|
||||||
return Response(status=204)
|
return Response(status=204)
|
||||||
|
@ -95,18 +97,20 @@ class AuthenticatorDuoStageViewSet(UsedByMixin, ModelViewSet):
|
||||||
def import_devices(self, request: Request, pk: str) -> Response:
|
def import_devices(self, request: Request, pk: str) -> Response:
|
||||||
"""Import duo devices into authentik"""
|
"""Import duo devices into authentik"""
|
||||||
stage: AuthenticatorDuoStage = self.get_object()
|
stage: AuthenticatorDuoStage = self.get_object()
|
||||||
users = get_objects_for_user(request.user, "authentik_core.view_user").filter(
|
user = (
|
||||||
username=request.query_params.get("username", "")
|
get_objects_for_user(request.user, "authentik_core.view_user")
|
||||||
|
.filter(username=request.query_params.get("username", ""))
|
||||||
|
.first()
|
||||||
)
|
)
|
||||||
if not users.exists():
|
if not user:
|
||||||
return Response(data={"non_field_errors": ["user does not exist"]}, status=400)
|
return Response(data={"non_field_errors": ["user does not exist"]}, status=400)
|
||||||
devices = DuoDevice.objects.filter(
|
device = DuoDevice.objects.filter(
|
||||||
duo_user_id=request.query_params.get("duo_user_id"), user=users.first(), stage=stage
|
duo_user_id=request.query_params.get("duo_user_id"), user=user, stage=stage
|
||||||
)
|
).first()
|
||||||
if devices.exists():
|
if device:
|
||||||
return Response(data={"non_field_errors": ["device exists already"]}, status=400)
|
return Response(data={"non_field_errors": ["device exists already"]}, status=400)
|
||||||
DuoDevice.objects.create(
|
DuoDevice.objects.create(
|
||||||
duo_user_id=request.query_params.get("duo_user_id"), user=users.first(), stage=stage
|
duo_user_id=request.query_params.get("duo_user_id"), user=user, stage=stage
|
||||||
)
|
)
|
||||||
return Response(status=204)
|
return Response(status=204)
|
||||||
|
|
||||||
|
|
Reference in a new issue