api: fix sentry endpoint not working due to mime-media

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-02 16:46:12 +02:00
parent e512f085db
commit cc5cc43baa
3 changed files with 27 additions and 547 deletions
--- a/authentik/api/v2/sentry.py
+++ b/authentik/api/v2/sentry.py
@ -6,20 +6,41 @@ from django.http.request import HttpRequest
 from django.http.response import HttpResponse
 from requests import post
 from requests.exceptions import RequestException
+from rest_framework.authentication import SessionAuthentication
+from rest_framework.parsers import BaseParser
 from rest_framework.permissions import AllowAny
-from rest_framework.throttling import AnonRateThrottle, UserRateThrottle
+from rest_framework.request import Request
+from rest_framework.throttling import AnonRateThrottle
 from rest_framework.views import APIView

 from authentik.lib.config import CONFIG


+class PlainTextParser(BaseParser):
+    """Plain text parser."""
+
+    media_type = "text/plain"
+
+    def parse(self, stream, media_type=None, parser_context=None) -> str:
+        """Simply return a string representing the body of the request."""
+        return stream.read()
+
+
+class CsrfExemptSessionAuthentication(SessionAuthentication):
+    """CSRF-exempt Session authentication"""
+
+    def enforce_csrf(self, request: Request):
+        return  # To not perform the csrf check previously happening
+
+
 class SentryTunnelView(APIView):
    """Sentry tunnel, to prevent ad blockers from blocking sentry"""

    serializer_class = None
-    parser_classes = []
-    throttle_classes = [AnonRateThrottle, UserRateThrottle]
+    parser_classes = [PlainTextParser]
+    throttle_classes = [AnonRateThrottle]
    permission_classes = [AllowAny]
+    authentication_classes = [CsrfExemptSessionAuthentication]

    def post(self, request: HttpRequest, *args, **kwargs) -> HttpResponse:
        """Sentry tunnel, to prevent ad blockers from blocking sentry"""
--- a/authentik/root/settings.py
+++ b/authentik/root/settings.py
@ -153,6 +153,9 @@ SPECTACULAR_SETTINGS = {
    "CONTACT": {
        "email": "hello@beryju.org",
    },
+    'AUTHENTICATION_WHITELIST': [
+        "authentik.api.authentication.TokenAuthentication"
+    ],
    "LICENSE": {
        "name": "GNU GPLv3",
        "url": "https://github.com/goauthentik/authentik/blob/master/LICENSE",
--- a/schema.yml
+++ b/schema.yml