From f2b3a2ec91b48713cc1649ca2f92cef9e30dec06 Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@beryju.org>
Date: Mon, 13 Dec 2021 16:38:38 +0100
Subject: [PATCH] providers/saml: optimise excessive queries to user when
 evaluating attributes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
---
 authentik/providers/saml/processors/assertion.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/authentik/providers/saml/processors/assertion.py b/authentik/providers/saml/processors/assertion.py
index fff3b7b67..c97f30e87 100644
--- a/authentik/providers/saml/processors/assertion.py
+++ b/authentik/providers/saml/processors/assertion.py
@@ -70,13 +70,14 @@ class AssertionProcessor:
         """Get AttributeStatement Element with Attributes from Property Mappings."""
         # https://commons.lbl.gov/display/IDMgmt/Attribute+Definitions
         attribute_statement = Element(f"{{{NS_SAML_ASSERTION}}}AttributeStatement")
+        user = self.http_request.user
         for mapping in self.provider.property_mappings.all().select_subclasses():
             if not isinstance(mapping, SAMLPropertyMapping):
                 continue
             try:
                 mapping: SAMLPropertyMapping
                 value = mapping.evaluate(
-                    user=self.http_request.user,
+                    user=user,
                     request=self.http_request,
                     provider=self.provider,
                 )