core: move end-session to core
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
		| @ -1,4 +1,5 @@ | ||||
| """authentik URL Configuration""" | ||||
| from authentik.core.views.session import EndSessionView | ||||
| from django.contrib.auth.decorators import login_required | ||||
| from django.urls import path | ||||
| from django.views.decorators.csrf import ensure_csrf_cookie | ||||
| @ -36,6 +37,11 @@ urlpatterns = [ | ||||
|         ensure_csrf_cookie(FlowInterfaceView.as_view()), | ||||
|         name="if-flow", | ||||
|     ), | ||||
|     path( | ||||
|         "if/session-end/<slug:application_slug>/", | ||||
|         ensure_csrf_cookie(EndSessionView.as_view()), | ||||
|         name="if-session-end", | ||||
|     ), | ||||
|     # Fallback for WS | ||||
|     path("ws/outpost/<uuid:pk>/", TemplateView.as_view(template_name="if/admin.html")), | ||||
|     path( | ||||
|  | ||||
| @ -1,4 +1,4 @@ | ||||
| """authentik OAuth2 Session Views""" | ||||
| """authentik Session Views""" | ||||
| from typing import Any | ||||
| 
 | ||||
| from django.shortcuts import get_object_or_404 | ||||
| @ -10,7 +10,7 @@ from authentik.core.models import Application | ||||
| class EndSessionView(TemplateView): | ||||
|     """Allow the client to end the Session""" | ||||
| 
 | ||||
|     template_name = "providers/oauth2/end_session.html" | ||||
|     template_name = "if/end_session.html" | ||||
| 
 | ||||
|     def get_context_data(self, **kwargs: Any) -> dict[str, Any]: | ||||
|         context = super().get_context_data(**kwargs) | ||||
| @ -107,7 +107,7 @@ class OAuth2ProviderViewSet(ModelViewSet): | ||||
|             ) | ||||
|             data["logout"] = request.build_absolute_uri( | ||||
|                 reverse( | ||||
|                     "authentik_providers_oauth2:end-session", | ||||
|                     "authentik_core:if-session-end", | ||||
|                     kwargs={"application_slug": provider.application.slug}, | ||||
|                 ) | ||||
|             ) | ||||
|  | ||||
| @ -11,8 +11,8 @@ class AuthentikProviderOAuth2Config(AppConfig): | ||||
|     label = "authentik_providers_oauth2" | ||||
|     verbose_name = "authentik Providers.OAuth2" | ||||
|     mountpoints = { | ||||
|         "authentik.providers.oauth2.urls": "application/o/", | ||||
|         "authentik.providers.oauth2.urls_github": "", | ||||
|         "authentik.providers.oauth2.urls": "application/o/", | ||||
|     } | ||||
|  | ||||
|     def ready(self) -> None: | ||||
|  | ||||
| @ -1,6 +1,7 @@ | ||||
| """OAuth provider URLs""" | ||||
| from django.urls import path | ||||
| from django.views.decorators.csrf import csrf_exempt | ||||
| from django.views.generic.base import RedirectView | ||||
|  | ||||
| from authentik.providers.oauth2.constants import SCOPE_OPENID | ||||
| from authentik.providers.oauth2.utils import protected_resource_view | ||||
| @ -8,7 +9,6 @@ from authentik.providers.oauth2.views.authorize import AuthorizationFlowInitView | ||||
| from authentik.providers.oauth2.views.introspection import TokenIntrospectionView | ||||
| from authentik.providers.oauth2.views.jwks import JWKSView | ||||
| from authentik.providers.oauth2.views.provider import ProviderInfoView | ||||
| from authentik.providers.oauth2.views.session import EndSessionView | ||||
| from authentik.providers.oauth2.views.token import TokenView | ||||
| from authentik.providers.oauth2.views.userinfo import UserInfoView | ||||
|  | ||||
| @ -31,7 +31,7 @@ urlpatterns = [ | ||||
|     ), | ||||
|     path( | ||||
|         "<slug:application_slug>/end-session/", | ||||
|         EndSessionView.as_view(), | ||||
|         RedirectView.as_view(pattern_name="authentik_core:if-session-end"), | ||||
|         name="end-session", | ||||
|     ), | ||||
|     path("<slug:application_slug>/jwks/", JWKSView.as_view(), name="jwks"), | ||||
|  | ||||
| @ -54,7 +54,7 @@ class ProviderInfoView(View): | ||||
|             ), | ||||
|             "end_session_endpoint": self.request.build_absolute_uri( | ||||
|                 reverse( | ||||
|                     "authentik_providers_oauth2:end-session", | ||||
|                     "authentik_core:if-session-end", | ||||
|                     kwargs={"application_slug": provider.application.slug}, | ||||
|                 ) | ||||
|             ), | ||||
|  | ||||
| @ -72,7 +72,7 @@ class TestProviderOAuth2OAuth(SeleniumTestCase): | ||||
|                 ), | ||||
|                 "GF_AUTH_SIGNOUT_REDIRECT_URL": ( | ||||
|                     self.url( | ||||
|                         "authentik_providers_oauth2:end-session", | ||||
|                         "authentik_core:if-session-end", | ||||
|                         application_slug=APPLICATION_SLUG, | ||||
|                     ) | ||||
|                 ), | ||||
| @ -250,7 +250,7 @@ class TestProviderOAuth2OAuth(SeleniumTestCase): | ||||
|         self.driver.get("http://localhost:3000/logout") | ||||
|         self.wait_for_url( | ||||
|             self.url( | ||||
|                 "authentik_providers_oauth2:end-session", | ||||
|                 "authentik_core:if-session-end", | ||||
|                 application_slug=APPLICATION_SLUG, | ||||
|             ) | ||||
|         ) | ||||
|  | ||||
| @ -46,6 +46,7 @@ Set the following values: | ||||
| - Optional display name of the identity provider (default: "SSO & SAML log in"): `authentik` | ||||
| - Identifier of the IdP entity (must be a URI): `https://authentik.company` | ||||
| - URL Target of the IdP where the SP will send the Authentication Request Message: `https://authentik.company/application/saml/<application-slug>/sso/binding/redirect/` | ||||
| - URL Location of IdP where the SP will send the SLO Request: `https://authentik.company/if/session-end/<application-slug>/` | ||||
| - Public X.509 certificate of the IdP: Copy the PEM of the Selected Signing Certificate | ||||
|  | ||||
| Under Attribute mapping, set these values: | ||||
|  | ||||
		Reference in New Issue
	
	Block a user
	 Jens Langhammer
					Jens Langhammer