habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

flows: remove stage challenge type (#10476)

Browse Source 
* flows: remove stage challenge type

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* improve coverage

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens L
2024-07-13 18:37:29 +02:00
committed by GitHub
parent 8f7fe8e744
commit 8db1d86c6b
46 changed files with 75 additions and 255 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
internal/outpost/flow/executor.go
View File

@ -110,9 +110,8 @@ func (fe *FlowExecutor) ApiClient() *api.APIClient {
return fe.api
}
type challengeInt interface {
type challengeCommon interface {
GetComponent() string
GetType() api.ChallengeChoices
GetResponseErrors() map[string][]api.ErrorDetail
}
@ -181,9 +180,8 @@ func (fe *FlowExecutor) getInitialChallenge() (*api.ChallengeTypes, error) {
if i == nil {
return nil, errors.New("response instance was null")
}
ch := i.(challengeInt)
fe.log.WithField("component", ch.GetComponent()).WithField("type", ch.GetType()).Debug("Got challenge")
gcsp.SetTag("authentik.flow.challenge", string(ch.GetType()))
ch := i.(challengeCommon)
fe.log.WithField("component", ch.GetComponent()).Debug("Got challenge")
gcsp.SetTag("authentik.flow.component", ch.GetComponent())
gcsp.Finish()
FlowTimingGet.With(prometheus.Labels{
@ -201,7 +199,7 @@ func (fe *FlowExecutor) solveFlowChallenge(challenge *api.ChallengeTypes, depth
if i == nil {
return false, errors.New("response request instance was null")
}
ch := i.(challengeInt)
ch := i.(challengeCommon)
// Check for any validation errors that we might've gotten
if len(ch.GetResponseErrors()) > 0 {
@ -212,13 +210,12 @@ func (fe *FlowExecutor) solveFlowChallenge(challenge *api.ChallengeTypes, depth
}
}
switch ch.GetType() {
case api.CHALLENGECHOICES_REDIRECT:
switch ch.GetComponent() {
case string(StageAccessDenied):
return false, nil
case string(StageRedirect):
return true, nil
case api.CHALLENGECHOICES_NATIVE:
if ch.GetComponent() == string(StageAccessDenied) {
return false, nil
}
default:
solver, ok := fe.solvers[StageComponent(ch.GetComponent())]
if !ok {
return false, fmt.Errorf("unsupported challenge type %s", ch.GetComponent())
@ -238,9 +235,8 @@ func (fe *FlowExecutor) solveFlowChallenge(challenge *api.ChallengeTypes, depth
if i == nil {
return false, errors.New("response instance was null")
}
ch = i.(challengeInt)
fe.log.WithField("component", ch.GetComponent()).WithField("type", ch.GetType()).Debug("Got response")
scsp.SetTag("authentik.flow.challenge", string(ch.GetType()))
ch = i.(challengeCommon)
fe.log.WithField("component", ch.GetComponent()).Debug("Got response")
scsp.SetTag("authentik.flow.component", ch.GetComponent())
scsp.Finish()
FlowTimingPost.With(prometheus.Labels{