providers/oauth2: add revoked field, create suspicious event when previous token is used

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-03 15:59:01 +02:00
parent 3e60e956f4
commit 77a507d2f8
8 changed files with 169 additions and 16 deletions
--- a/authentik/events/middleware.py
+++ b/authentik/events/middleware.py
@ -3,6 +3,7 @@ from functools import partial
 from typing import Callable

 from django.conf import settings
+from django.core.exceptions import SuspiciousOperation
 from django.db.models import Model
 from django.db.models.signals import post_save, pre_delete
 from django.http import HttpRequest, HttpResponse
@ -63,7 +64,15 @@ class AuditMiddleware:

        if settings.DEBUG:
            return
-        if before_send({}, {"exc_info": (None, exception, None)}) is not None:
+        # Special case for SuspiciousOperation, we have a special event action for that
+        if isinstance(exception, SuspiciousOperation):
+            thread = EventNewThread(
+                EventAction.SUSPICIOUS_REQUEST,
+                request,
+                message=str(exception),
+            )
+            thread.run()
+        elif before_send({}, {"exc_info": (None, exception, None)}) is not None:
            thread = EventNewThread(
                EventAction.SYSTEM_EXCEPTION,
                request,