core: fix token identifier not being set to unique

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-03 11:45:48 +02:00
parent cde056825e
commit 48e68d6852
3 changed files with 47 additions and 7 deletions
--- a/authentik/outposts/models.py
+++ b/authentik/outposts/models.py
@ -376,20 +376,25 @@ class Outpost(models.Model):
    @property
    def token(self) -> Token:
        """Get/create token for auto-generated user"""
-        token = Token.filter_not_expired(
-            user=self.user,
+        managed = f"goauthentik.io/outpost/{self.token_identifier}"
+        tokens = Token.filter_not_expired(
+            identifier=self.token_identifier,
            intent=TokenIntents.INTENT_API,
-            managed=f"goauthentik.io/outpost/{self.token_identifier}",
+            managed=managed,
        )
-        if token.exists():
-            return token.first()
+        if tokens.exists():
+            token = tokens.first()
+            if not token.managed:
+                token.managed = managed
+                token.save()
+            return token
        return Token.objects.create(
            user=self.user,
            identifier=self.token_identifier,
            intent=TokenIntents.INTENT_API,
            description=f"Autogenerated by authentik for Outpost {self.name}",
            expiring=False,
-            managed=f"goauthentik.io/outpost/{self.token_identifier}",
+            managed=managed,
        )

    def get_required_objects(self) -> Iterable[Union[models.Model, str]]: