Skip to content

core: fix source_flow_manager throwing error when authenticated user attempts to re-authenticate with existing link#12080

Merged
BeryJu merged 1 commit intomainfrom
core/fix-sfm-existing-auth
Nov 19, 2024
Merged

core: fix source_flow_manager throwing error when authenticated user attempts to re-authenticate with existing link#12080
BeryJu merged 1 commit intomainfrom
core/fix-sfm-existing-auth

Conversation

@BeryJu
Copy link
Member

@BeryJu BeryJu commented Nov 19, 2024

Details

In previous versions we used to save the connection earlier which caused an Integrity Error which was caused and did a root redirect, however this was refactored to save the connection later and as such we don't redirect and don't catch the exception for this one specific user flow.

This user flow was also not tested, as it was assumed that the user would only authenticate with their source connection when they're not already authenticated, however this is something that might happen accidentally

Checklist

  • Local tests pass (ak test authentik/)
  • The code has been formatted (make lint-fix)

If an API change has been made

  • The API schema has been updated (make gen-build)

If changes to the frontend have been made

  • The code has been formatted (make web)

If applicable

  • The documentation has been updated
  • The documentation has been formatted (make website)

@BeryJu
core: fix source_flow_manager throwing error when authenticated user …
8933eff 
…attempts to re-authenticate with existing link

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@BeryJu BeryJu requested a review from a team as a code owner November 19, 2024 16:34
@netlify
Copy link

netlify bot commented Nov 19, 2024
edited
Loading

Deploy Preview for authentik-storybook canceled.

Name Link
🔨 Latest commit 8933eff
🔍 Latest deploy log https://app.netlify.com/sites/authentik-storybook/deploys/673cbe33d2a9560008640f93

@netlify
Copy link

netlify bot commented Nov 19, 2024
edited
Loading

Deploy Preview for authentik-docs canceled.

Name Link
🔨 Latest commit 8933eff
🔍 Latest deploy log https://app.netlify.com/sites/authentik-docs/deploys/673cbe33614a9c0008f7b960

@BeryJu BeryJu requested a review from rissson November 19, 2024 16:38
@codecov
Copy link

codecov bot commented Nov 19, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 92.60%. Comparing base (9e96f19) to head (8933eff).
Report is 3 commits behind head on main.

✅ All tests successful. No failed tests found.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main   #12080      +/-   ##
==========================================
- Coverage   92.60%   92.60%   -0.01%     
==========================================
  Files         761      761              
  Lines       37916    37929      +13     
==========================================
+ Hits        35112    35124      +12     
- Misses       2804     2805       +1
Flag Coverage Δ
e2e 49.09% <7.69%> (-0.02%) ⬇️
integration 24.85% <0.00%> (-0.01%) ⬇️
unit 90.19% <100.00%> (+<0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚨 Try these New Features:

@BeryJu
Copy link
Member Author

BeryJu commented Nov 19, 2024

/cherry-pick version-2024.10

@github-actions
Copy link
Contributor

github-actions bot commented Nov 19, 2024

authentik PR Installation instructions

Instructions for docker-compose

Add the following block to your .env file:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-8933eff17266bf1b8d31b32c93056a49bc484b09
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

For arm64, use these values:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-8933eff17266bf1b8d31b32c93056a49bc484b09-arm64
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

Afterwards, run the upgrade commands from the latest release notes.

Instructions for Kubernetes

Add the following block to your values.yml file:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
    image:
        repository: ghcr.io/goauthentik/dev-server
        tag: gh-8933eff17266bf1b8d31b32c93056a49bc484b09

For arm64, use these values:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
    image:
        repository: ghcr.io/goauthentik/dev-server
        tag: gh-8933eff17266bf1b8d31b32c93056a49bc484b09-arm64

Afterwards, run the upgrade commands from the latest release notes.

@BeryJu BeryJu merged commit 01fc5eb into main Nov 19, 2024
@BeryJu BeryJu deleted the core/fix-sfm-existing-auth branch November 19, 2024 17:27
gcp-cherry-pick-bot bot pushed a commit that referenced this pull request Nov 19, 2024
@BeryJu
core: fix source_flow_manager throwing error when authenticated user …
eb0ba11 
…attempts to re-authenticate with existing link (#12080)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
@gcp-cherry-pick-bot gcp-cherry-pick-bot bot mentioned this pull request Nov 19, 2024
Merged
BeryJu added a commit that referenced this pull request Nov 19, 2024
@gcp-cherry-pick-bot @BeryJu
core: fix source_flow_manager throwing error when authenticated user …
40a970e 
…attempts to re-authenticate with existing link (cherry-pick #12080) (#12081)

core: fix source_flow_manager throwing error when authenticated user attempts to re-authenticate with existing link (#12080)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L. <jens@goauthentik.io>
@BeryJu BeryJu mentioned this pull request Nov 20, 2024
Closed
kensternberg-authentik added a commit that referenced this pull request Nov 20, 2024
@kensternberg-authentik
Merge branch 'main' into dev
9809b94 
* main: (28 commits)
  providers/scim: accept string and int for SCIM IDs (#12093)
  website: bump the docusaurus group in /website with 9 updates (#12086)
  core: fix source_flow_manager throwing error when authenticated user attempts to re-authenticate with existing link (#12080)
  translate: Updates for file locale/en/LC_MESSAGES/django.po in de (#12079)
  scripts: remove read_replicas from generated dev config (#12078)
  core: bump geoip2 from 4.8.0 to 4.8.1 (#12071)
  core: bump goauthentik.io/api/v3 from 3.2024100.2 to 3.2024102.2 (#12072)
  core: bump maxmind/geoipupdate from v7.0.1 to v7.1.0 (#12073)
  translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#12074)
  translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#12075)
  translate: Updates for file web/xliff/en.xlf in zh-Hans (#12076)
  translate: Updates for file web/xliff/en.xlf in zh_CN (#12077)
  web/admin: auto-prefill user path for new users based on selected path (#12070)
  core: bump aiohttp from 3.10.2 to 3.10.11 (#12069)
  web/admin: fix brand title not respected in application list (#12068)
  core: bump pyjwt from 2.9.0 to 2.10.0 (#12063)
  web: add italian locale (#11958)
  web/admin: better footer links (#12004)
  core, web: update translations (#12052)
  core: bump twilio from 9.3.6 to 9.3.7 (#12061)
  ...
kensternberg-authentik added a commit that referenced this pull request Nov 20, 2024
@kensternberg-authentik
Merge branch 'dev' into web/bugfix/bad-error-reporting-in-wizard
366515e 
* dev: (38 commits)
  providers/scim: accept string and int for SCIM IDs (#12093)
  website: bump the docusaurus group in /website with 9 updates (#12086)
  core: fix source_flow_manager throwing error when authenticated user attempts to re-authenticate with existing link (#12080)
  translate: Updates for file locale/en/LC_MESSAGES/django.po in de (#12079)
  scripts: remove read_replicas from generated dev config (#12078)
  core: bump geoip2 from 4.8.0 to 4.8.1 (#12071)
  core: bump goauthentik.io/api/v3 from 3.2024100.2 to 3.2024102.2 (#12072)
  core: bump maxmind/geoipupdate from v7.0.1 to v7.1.0 (#12073)
  translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#12074)
  translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#12075)
  translate: Updates for file web/xliff/en.xlf in zh-Hans (#12076)
  translate: Updates for file web/xliff/en.xlf in zh_CN (#12077)
  web/admin: auto-prefill user path for new users based on selected path (#12070)
  core: bump aiohttp from 3.10.2 to 3.10.11 (#12069)
  web/admin: fix brand title not respected in application list (#12068)
  core: bump pyjwt from 2.9.0 to 2.10.0 (#12063)
  web: add italian locale (#11958)
  web/admin: better footer links (#12004)
  core, web: update translations (#12052)
  core: bump twilio from 9.3.6 to 9.3.7 (#12061)
  ...
@prohtex prohtex mentioned this pull request Feb 12, 2025
Closed
@williamhatcher
Copy link

williamhatcher commented Apr 8, 2025

This appears to still be an issue with SAML.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rissson rissson rissson approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@BeryJu @williamhatcher @rissson