providers: Add ability to choose a default authentication flow (#5070)
* core: add ability to choose a default authentication flow for a provider Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * update web to use correct ak-search-select I don't think this element existed when the PR was initially created, lol Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only use provider authentication flow for authentication designation Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
@ -22,6 +22,7 @@ from sentry_sdk.api import set_tag
|
||||
from sentry_sdk.hub import Hub
|
||||
from structlog.stdlib import BoundLogger, get_logger
|
||||
|
||||
from authentik.core.models import Application
|
||||
from authentik.events.models import Event, EventAction, cleanse_dict
|
||||
from authentik.flows.challenge import (
|
||||
Challenge,
|
||||
@ -480,8 +481,14 @@ class ToDefaultFlow(View):
|
||||
flow = None
|
||||
# First, attempt to get default flow from tenant
|
||||
if self.designation == FlowDesignation.AUTHENTICATION:
|
||||
flow = tenant.flow_authentication
|
||||
if self.designation == FlowDesignation.INVALIDATION:
|
||||
# Attempt to get default flow from application
|
||||
if SESSION_KEY_APPLICATION_PRE in self.request.session:
|
||||
application: Application = self.request.session[SESSION_KEY_APPLICATION_PRE]
|
||||
if application.provider:
|
||||
flow = application.provider.authentication_flow
|
||||
else:
|
||||
flow = tenant.flow_authentication
|
||||
elif self.designation == FlowDesignation.INVALIDATION:
|
||||
flow = tenant.flow_invalidation
|
||||
# If no flow was set, get the first based on slug and policy
|
||||
if not flow:
|
||||
|
Reference in New Issue
Block a user