fix

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

authentik/outposts/authentication.py

@@ -40,7 +40,7 @@ def auth_user_lookup(raw_header: bytes) -> User | None:
     if user:
         CTX_AUTH_VIA.set("secret_key")
         return user
-    raise AuthenticationFailed("Token invalid/expired")
+    return None
 
 
 def token_secret_key(value: str) -> User | None:

authentik/outposts/tests/test_auth.py

@@ -2,12 +2,11 @@
 
 from django.conf import settings
 from django.test import TestCase
-from rest_framework.exceptions import AuthenticationFailed
 
-from authentik.api.authentication import bearer_auth
 from authentik.blueprints.tests import reconcile_app
 from authentik.core.models import User, UserTypes
 from authentik.outposts.apps import MANAGED_OUTPOST
+from authentik.outposts.authentication import bearer_auth
 from authentik.outposts.models import Outpost
 
 
@@ -20,8 +19,7 @@ class TestAPIAuth(TestCase):
         outpost = Outpost.objects.filter(managed=MANAGED_OUTPOST).first()
         outpost.user.delete()
         outpost.delete()
-        with self.assertRaises(AuthenticationFailed):
+        self.assertIsNone(bearer_auth(f"Bearer {settings.SECRET_KEY}".encode()))
-            bearer_auth(f"Bearer {settings.SECRET_KEY}".encode())
 
     @reconcile_app("authentik_outposts")
     def test_managed_outpost_success(self):