-
-
Notifications
You must be signed in to change notification settings - Fork 884
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
website/integrations: Update discord integration with guild and role check #5701
Conversation
Adds two sections to this document describing how the required expression policies needed to check users are a member of a certain guild or a member of a certain guild with a certain role. Signed-off-by: Aterfax <Aterfax@users.noreply.github.com>
✅ Deploy Preview for authentik ready!
To edit notification comments on pull requests, go to your Netlify site settings. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Couple of minor adjustments to the expression code, thanks for the PR!
Refactor as per BeryJu's suggestions. Co-authored-by: Jens L. <jens@beryju.org> Signed-off-by: Aterfax <Aterfax@users.noreply.github.com>
integrations/sources/discord/
page with example expression policies
Codecov ReportPatch coverage has no change and project coverage change:
Additional details and impacted files@@ Coverage Diff @@
## main #5701 +/- ##
==========================================
+ Coverage 92.58% 92.59% +0.01%
==========================================
Files 546 546
Lines 26198 26198
==========================================
+ Hits 24254 24255 +1
+ Misses 1944 1943 -1
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
In the later code If the user is not in said guild you will get the error I suggest implementing some error handling for that case. |
My intended idea for the role checking expression policy would be a denied access for not having the role, so not being a member of the guild is certainly a different case of that too. If no one objects I think there should be an earlier check that the user is a member of the guild and if not, the expression ends immediately with Edit: I suppose we could just check that the There does not appear to be anything fancy going nor anything more detailed explained in the Discord API docs, so adding the following before evaluating the role is probably sufficient? snip Edit: Wasn't good code above - please instead see #5709 |
If I am correct this will fail if the user actually is in the guild since the dictionary will not have a key for Imo my code above would be a nice way of handling that specific error and from my knowledge no other exception comes to mind that could throw further exceptions so we should be in the clear. If you really wanted to be sure you could check
as a last resort. |
As per our chat and exploration in Discord it seems like the following might be the best solution? # The response for JSON errors is held within guild_member_object['code']
# See: https://discord.com/developers/docs/topics/opcodes-and-status-codes#json
# If the user isn't in the queried guild, it gives the somewhat misleading code = 10004.
if "code" in guild_member_object:
if guild_member_object['code'] == 10004:
ak_message(f"User is not a member of {GUILD_NAME_STRING}.")
else:
ak_message(f"Error, check https://discord.com/developers/docs/topics/opcodes-and-status-codes#json for error code {guild_member_object['code']}.")
# Policy does not match if there is any error.
return False |
…n error handling. (#5709) * website/integrations: Update discord integration expression error handling As per discussion in #5701 after merge, we could do with handling the case where the user is not in the guild being queried! Signed-off-by: Aterfax <Aterfax@users.noreply.github.com> * Correct lowercase f in False. Signed-off-by: Aterfax <Aterfax@users.noreply.github.com> * Update website/integrations/sources/discord/index.md Co-authored-by: Jens L. <jens@beryju.org> Signed-off-by: Aterfax <Aterfax@users.noreply.github.com> --------- Signed-off-by: Aterfax <Aterfax@users.noreply.github.com> Co-authored-by: Jens L. <jens@beryju.org>
…check (goauthentik#5701) * Update Discord OAuth instructions - index.md Adds two sections to this document describing how the required expression policies needed to check users are a member of a certain guild or a member of a certain guild with a certain role. Signed-off-by: Aterfax <Aterfax@users.noreply.github.com> * Linting and styleguide amendments. * Remove spurious empty lines. * Add an extra line to space comments out. * Moved warning in wrong place. * Apply suggestions from code review Refactor as per BeryJu's suggestions. Co-authored-by: Jens L. <jens@beryju.org> Signed-off-by: Aterfax <Aterfax@users.noreply.github.com> --------- Signed-off-by: Aterfax <Aterfax@users.noreply.github.com> Co-authored-by: Jens L. <jens@beryju.org>
…n error handling. (goauthentik#5709) * website/integrations: Update discord integration expression error handling As per discussion in goauthentik#5701 after merge, we could do with handling the case where the user is not in the guild being queried! Signed-off-by: Aterfax <Aterfax@users.noreply.github.com> * Correct lowercase f in False. Signed-off-by: Aterfax <Aterfax@users.noreply.github.com> * Update website/integrations/sources/discord/index.md Co-authored-by: Jens L. <jens@beryju.org> Signed-off-by: Aterfax <Aterfax@users.noreply.github.com> --------- Signed-off-by: Aterfax <Aterfax@users.noreply.github.com> Co-authored-by: Jens L. <jens@beryju.org>
Details
Adds two sections to this document describing how the required expression policies needed to check users are a member of a certain guild or a member of a certain guild with a certain role.
I've tried to keep this closely aligned with the same syntax / style used for the equivalent Github OAuth social login page.
I've tested these and both appeared to work as intended. I'd recommend that someone else also give these a second check for functionality before merging.
Please squash merge.
I tried to name this PR according to the styleguide but it was a bit unclear what the 'package' would be.
Changes
New Features
Breaking Changes
If applicable
make website
)