Skip to content

Commit

Permalink
providers/scim: default to None for fields instead of empty list (#5642)
Browse files Browse the repository at this point in the history
* providers/scim: default to None for fields instead of empty list

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make name of delete_none_keys clearer

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
  • Loading branch information
BeryJu authored May 16, 2023
1 parent daa3c91 commit f4b0d6e
Show file tree
Hide file tree
Showing 8 changed files with 13 additions and 19 deletions.
4 changes: 2 additions & 2 deletions authentik/core/sources/flow_manager.py
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@
from authentik.lib.utils.urls import redirect_with_qs
from authentik.lib.views import bad_request_message
from authentik.policies.denied import AccessDeniedResponse
from authentik.policies.utils import delete_none_keys
from authentik.policies.utils import delete_none_values
from authentik.stages.password import BACKEND_INBUILT
from authentik.stages.password.stage import PLAN_CONTEXT_AUTHENTICATION_BACKEND
from authentik.stages.prompt.stage import PLAN_CONTEXT_PROMPT
Expand Down Expand Up @@ -329,7 +329,7 @@ def handle_enroll(
)
],
**{
PLAN_CONTEXT_PROMPT: delete_none_keys(self.enroll_info),
PLAN_CONTEXT_PROMPT: delete_none_values(self.enroll_info),
PLAN_CONTEXT_USER_PATH: self.source.get_user_path(),
},
)
2 changes: 1 addition & 1 deletion authentik/policies/utils.py
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
from typing import Any


def delete_none_keys(dict_: dict[Any, Any]) -> dict[Any, Any]:
def delete_none_values(dict_: dict[Any, Any]) -> dict[Any, Any]:
"""Remove any keys from `dict_` that are None."""
new_dict = {}
for key, value in dict_.items():
Expand Down
4 changes: 2 additions & 2 deletions authentik/providers/scim/clients/group.py
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
from authentik.core.models import Group
from authentik.events.models import Event, EventAction
from authentik.lib.utils.errors import exception_to_string
from authentik.policies.utils import delete_none_keys
from authentik.policies.utils import delete_none_values
from authentik.providers.scim.clients.base import SCIMClient
from authentik.providers.scim.clients.exceptions import (
ResourceMissing,
Expand Down Expand Up @@ -74,7 +74,7 @@ def to_scim(self, obj: Group) -> SCIMGroupSchema:
if not raw_scim_group:
raise StopSync(ValueError("No group mappings configured"), obj)
try:
scim_group = SCIMGroupSchema.parse_obj(delete_none_keys(raw_scim_group))
scim_group = SCIMGroupSchema.parse_obj(delete_none_values(raw_scim_group))
except ValidationError as exc:
raise StopSync(exc, obj) from exc
if not scim_group.externalId:
Expand Down
4 changes: 2 additions & 2 deletions authentik/providers/scim/clients/user.py
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
from authentik.core.models import User
from authentik.events.models import Event, EventAction
from authentik.lib.utils.errors import exception_to_string
from authentik.policies.utils import delete_none_keys
from authentik.policies.utils import delete_none_values
from authentik.providers.scim.clients.base import SCIMClient
from authentik.providers.scim.clients.exceptions import ResourceMissing, StopSync
from authentik.providers.scim.clients.schema import User as SCIMUserSchema
Expand Down Expand Up @@ -64,7 +64,7 @@ def to_scim(self, obj: User) -> SCIMUserSchema:
if not raw_scim_user:
raise StopSync(ValueError("No user mappings configured"), obj)
try:
scim_user = SCIMUserSchema.parse_obj(delete_none_keys(raw_scim_user))
scim_user = SCIMUserSchema.parse_obj(delete_none_values(raw_scim_user))
except ValidationError as exc:
raise StopSync(exc, obj) from exc
if not scim_user.externalId:
Expand Down
2 changes: 0 additions & 2 deletions authentik/providers/scim/tests/test_membership.py
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,6 @@ def test_member_add(self):
"active": True,
"externalId": user.uid,
"name": {"familyName": "", "formatted": "", "givenName": ""},
"photos": [],
"displayName": "",
"userName": user.username,
},
Expand Down Expand Up @@ -177,7 +176,6 @@ def test_member_remove(self):
"emails": [],
"externalId": user.uid,
"name": {"familyName": "", "formatted": "", "givenName": ""},
"photos": [],
"userName": user.username,
},
)
Expand Down
4 changes: 0 additions & 4 deletions authentik/providers/scim/tests/test_user.py
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,6 @@ def test_user_create(self, mock: Mocker):
"givenName": uid,
},
"displayName": uid,
"photos": [],
"userName": uid,
},
)
Expand Down Expand Up @@ -137,7 +136,6 @@ def test_user_create_update(self, mock: Mocker):
"formatted": uid,
"givenName": uid,
},
"photos": [],
"userName": uid,
},
)
Expand Down Expand Up @@ -190,7 +188,6 @@ def test_user_create_delete(self, mock: Mocker):
"givenName": uid,
},
"displayName": uid,
"photos": [],
"userName": uid,
},
)
Expand Down Expand Up @@ -258,7 +255,6 @@ def test_sync_task(self, mock: Mocker):
"givenName": uid,
},
"displayName": uid,
"photos": [],
"userName": uid,
},
)
6 changes: 3 additions & 3 deletions authentik/sources/saml/processors/response.py
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@
from authentik.core.sources.flow_manager import SourceFlowManager
from authentik.lib.expression.evaluator import BaseEvaluator
from authentik.lib.utils.time import timedelta_from_string
from authentik.policies.utils import delete_none_keys
from authentik.policies.utils import delete_none_values
from authentik.sources.saml.exceptions import (
InvalidSignature,
MismatchedRequestID,
Expand Down Expand Up @@ -160,7 +160,7 @@ def _handle_name_id_transient(self) -> SourceFlowManager:
self._source,
self._http_request,
name_id,
delete_none_keys(self.get_attributes()),
delete_none_values(self.get_attributes()),
)

def _get_name_id(self) -> "Element":
Expand Down Expand Up @@ -237,7 +237,7 @@ def prepare_flow_manager(self) -> SourceFlowManager:
self._source,
self._http_request,
name_id.text,
delete_none_keys(self.get_attributes()),
delete_none_values(self.get_attributes()),
)


Expand Down
6 changes: 3 additions & 3 deletions blueprints/system/providers-scim.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ entries:
# photos supports URLs to images, however authentik might return data URIs
avatar = request.user.avatar
photos = []
photos = None
if "://" in avatar:
photos = [{"value": avatar, "type": "photo"}]
Expand All @@ -31,11 +31,11 @@ entries:
emails = []
if request.user.email != "":
emails.append({
emails = [{
"value": request.user.email,
"type": "other",
"primary": True,
})
}]
return {
"userName": request.user.username,
"name": {
Expand Down

0 comments on commit f4b0d6e

Please sign in to comment.