stages/user_write: ensure user data is json-serializable (#8926)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2024-03-15 18:04:52 +01:00
parent ac1ef5139c
commit cf6bbbae70
2 changed files with 3 additions and 2 deletions
--- a/authentik/stages/user_write/stage.py
+++ b/authentik/stages/user_write/stage.py
@ -12,6 +12,7 @@ from rest_framework.exceptions import ValidationError
 from authentik.core.middleware import SESSION_KEY_IMPERSONATE_USER
 from authentik.core.models import USER_ATTRIBUTE_SOURCES, User, UserSourceConnection, UserTypes
 from authentik.core.sources.stage import PLAN_CONTEXT_SOURCES_CONNECTION
+from authentik.events.utils import sanitize_item
 from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER
 from authentik.flows.stage import StageView
 from authentik.flows.views.executor import FlowExecutorView
@ -47,7 +48,7 @@ class UserWriteStageView(StageView):
        # this is just a sanity check to ensure that is removed
        if parts[0] == "attributes":
            parts = parts[1:]
-        set_path_in_dict(user.attributes, ".".join(parts), value)
+        set_path_in_dict(user.attributes, ".".join(parts), sanitize_item(value))

    def ensure_user(self) -> tuple[User | None, bool]:
        """Ensure a user exists"""
--- a/web/src/user/user-settings/details/UserSettingsFlowExecutor.ts
+++ b/web/src/user/user-settings/details/UserSettingsFlowExecutor.ts
@ -180,7 +180,7 @@ export class UserSettingsFlowExecutor
                            `authentik/user/flows: unsupported stage type ${this.challenge.component}`,
                        );
                        return html`
-                            <a href="/if/flow/${this.flowSlug}" class="pf-c-button pf-m-primary">
+                            <a href="/if/flow/${this.flowSlug}/" class="pf-c-button pf-m-primary">
                                ${msg("Open settings")}
                            </a>
                        `;