stages/user_write: Fix user attributes are not sanitized under certains conditions

[se7kn8]

Details

This PR fixes a case where certain prompt types (like the date prompt) lead to a failure in the user write stage, because of unsanitized attributes. The original issue was reported in #8708 and later fixed in #8926. However, the fix in #8926 only worked if the prompt would write to attributes_foo or attributes.foo.bar. If the normal syntax is used attributes.foo the stage would try to directly update the user attributes, which lead to unsanitized values. This PR fixes that case.

---

Checklist

• Local tests pass (ak test authentik/)
• The code has been formatted (make lint-fix)

If an API change has been made

• The API schema has been updated (make gen-build)

If changes to the frontend have been made

• The code has been formatted (make web)

If applicable

• The documentation has been updated
• The documentation has been formatted (make docs)

[netlify]

✅ Deploy Preview for authentik-docs ready!

Name	Link
🔨 Latest commit	198e2f8
🔍 Latest deploy log	https://app.netlify.com/projects/authentik-docs/deploys/692d8eeecc76e800085c5def
😎 Deploy Preview	https://deploy-preview-17890--authentik-docs.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[netlify]

✅ Deploy Preview for authentik-storybook ready!

Name	Link
🔨 Latest commit	198e2f8
🔍 Latest deploy log	https://app.netlify.com/projects/authentik-storybook/deploys/692d8eee88063e00088d7ac2
😎 Deploy Preview	https://deploy-preview-17890--authentik-storybook.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[netlify]

✅ Deploy Preview for authentik-integrations ready!

Name	Link
🔨 Latest commit	198e2f8
🔍 Latest deploy log	https://app.netlify.com/projects/authentik-integrations/deploys/692d8eeec3c68c0008ad1677
😎 Deploy Preview	https://deploy-preview-17890--authentik-integrations.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[BeryJu]

needs tests @BeryJu

[codecov]

Codecov Report

❌ Patch coverage is 95.23810% with 1 line in your changes missing coverage. Please review.
✅ Project coverage is 92.97%. Comparing base (9763cf3) to head (198e2f8).
⚠️ Report is 305 commits behind head on main.

Files with missing lines	Patch %	Lines
authentik/stages/user_write/stage.py	75.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #17890      +/-   ##
==========================================
+ Coverage   92.64%   92.97%   +0.32%     
==========================================
  Files         869      911      +42     
  Lines       47960    49775    +1815     
==========================================
+ Hits        44431    46276    +1845     
+ Misses       3529     3499      -30     

Flag	Coverage Δ
e2e	45.31% <14.28%> (+1.29%)	⬆️
integration	22.86% <4.76%> (-0.34%)	⬇️
unit	91.19% <95.23%> (+0.11%)	⬆️
unit-migrate	91.24% <95.23%> (+0.11%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.