Skip to content

sources/saml: improve exception handling for saml response parsing#20125

Merged
PeshekDotDev merged 1 commit intomainfrom
saml-source-exceptions
Feb 23, 2026
Merged

sources/saml: improve exception handling for saml response parsing#20125
PeshekDotDev merged 1 commit intomainfrom
saml-source-exceptions

Conversation

@PeshekDotDev
Copy link
Contributor

@PeshekDotDev PeshekDotDev commented Feb 9, 2026

Details

Improve exception handling for saml response parsing

Checklist

  • Local tests pass (ak test authentik/)
  • The code has been formatted (make lint-fix)

If an API change has been made

  • The API schema has been updated (make gen-build)

If changes to the frontend have been made

  • The code has been formatted (make web)

If applicable

  • The documentation has been updated
  • The documentation has been formatted (make docs)

@PeshekDotDev PeshekDotDev self-assigned this Feb 9, 2026
@netlify
Copy link

netlify bot commented Feb 9, 2026

Deploy Preview for authentik-docs ready!

Name Link
🔨 Latest commit 10b13e3
🔍 Latest deploy log https://app.netlify.com/projects/authentik-docs/deploys/698a329fcbf0830008f21dbe
😎 Deploy Preview https://deploy-preview-20125--authentik-docs.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@codecov
Copy link

codecov bot commented Feb 9, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 90.00000% with 1 line in your changes missing coverage. Please review.
✅ Project coverage is 93.19%. Comparing base (8fb9daf) to head (10b13e3).
⚠️ Report is 175 commits behind head on main.
✅ All tests successful. No failed tests found.

Files with missing lines Patch % Lines
authentik/sources/saml/views.py 50.00% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main   #20125      +/-   ##
==========================================
- Coverage   93.21%   93.19%   -0.03%     
==========================================
  Files         968      968              
  Lines       53616    53617       +1     
==========================================
- Hits        49980    49967      -13     
- Misses       3636     3650      +14
Flag Coverage Δ
conformance 37.96% <90.00%> (+<0.01%) ⬆️
e2e 43.93% <90.00%> (-0.01%) ⬇️
integration 22.66% <80.00%> (-0.05%) ⬇️
unit 91.40% <90.00%> (+<0.01%) ⬆️
unit-migrate 91.43% <90.00%> (+0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@PeshekDotDev PeshekDotDev marked this pull request as ready for review February 11, 2026 23:58
@PeshekDotDev PeshekDotDev requested a review from a team as a code owner February 11, 2026 23:58
@github-project-automation github-project-automation bot moved this from Todo to In Progress in authentik Core Feb 23, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Feb 23, 2026

authentik PR Installation instructions

Instructions for docker-compose

Add the following block to your .env file:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-10b13e3c1edb895ff082873c630416e1a02859e2
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

Afterwards, run the upgrade commands from the latest release notes.

Instructions for Kubernetes

Add the following block to your values.yml file:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
    image:
        repository: ghcr.io/goauthentik/dev-server
        tag: gh-10b13e3c1edb895ff082873c630416e1a02859e2

Afterwards, run the upgrade commands from the latest release notes.

@PeshekDotDev PeshekDotDev merged commit 8b6be1d into main Feb 23, 2026
149 of 151 checks passed
@github-project-automation github-project-automation bot moved this from In Progress to Done in authentik Core Feb 23, 2026
@PeshekDotDev PeshekDotDev deleted the saml-source-exceptions branch February 23, 2026 21:31
kensternberg-authentik added a commit that referenced this pull request Feb 24, 2026
@kensternberg-authentik
Merge branch 'main' into web/flow/tidy-identification-stage
7277872 
* main: (104 commits)
  sources/saml: improve exception handling for saml response parsing (#20125)
  web/flow: separate flow inspector lifecycle from flow executor lifecycle (#20063)
  web/maintenance: no unknown attributes part 2 (#19014)
  website/docs: add info about make install and recovery key (#20447)
  web: bump ajv from 6.12.6 to 6.14.0 in /web (#20479)
  providers/proxy: preserve URL-encoded path characters in redirect (#20476)
  policies: measure policy process from manager (#20477)
  enterprise: monkey patch pyjwt to accept mismatching key (#20402)
  enterprise/lifecycle: use datetime instead of date to track review cycles (#20283)
  root: run `npm i` with `npm@11.10.1` in all subdirectories (#20471)
  providers/oauth2: device code flow client id via auth header (#20457)
  core: bump goauthentik/fips-debian from `4419749` to `d6def0a` in /lifecycle/container (#20467)
  core: bump goauthentik/fips-python from `d973c46` to `bccefee` in /lifecycle/container (#20466)
  core, web: bump ajv from 6.12.6 to 6.14.0 in /packages/prettier-config (#20462)
  ci: bump and fix daily (#20461)
  website/integrations: fix Vaultwarden SSO_SCOPES syntax (#20459)
  stages/user_login: log correct user when session binding is broken (#20094)
  web/flow: generate a single API object for network transactions and use it for the lifetime of the FlowExecutor (#20030)
  web/flow: refactor flow executor so component selection is in an easy-to-maintain table (#19999)
  website/integrations: gatus: fix config block  (#20446)
  ...
kensternberg-authentik added a commit that referenced this pull request Feb 25, 2026
@kensternberg-authentik
Merge branch 'web/flow/20261-tidy-identification-stage' into web/flow…
1f35644 
…/soc-captchas-and-webauthn

* web/flow/20261-tidy-identification-stage: (107 commits)
  Added some visibility keys, as per @GirlBossRush
  sources/saml: improve exception handling for saml response parsing (#20125)
  web/flow: separate flow inspector lifecycle from flow executor lifecycle (#20063)
  web/maintenance: no unknown attributes part 2 (#19014)
  website/docs: add info about make install and recovery key (#20447)
  web: bump ajv from 6.12.6 to 6.14.0 in /web (#20479)
  providers/proxy: preserve URL-encoded path characters in redirect (#20476)
  Weird merge bug: same function appeared twice.
  policies: measure policy process from manager (#20477)
  enterprise: monkey patch pyjwt to accept mismatching key (#20402)
  enterprise/lifecycle: use datetime instead of date to track review cycles (#20283)
  root: run `npm i` with `npm@11.10.1` in all subdirectories (#20471)
  providers/oauth2: device code flow client id via auth header (#20457)
  core: bump goauthentik/fips-debian from `4419749` to `d6def0a` in /lifecycle/container (#20467)
  core: bump goauthentik/fips-python from `d973c46` to `bccefee` in /lifecycle/container (#20466)
  core, web: bump ajv from 6.12.6 to 6.14.0 in /packages/prettier-config (#20462)
  ci: bump and fix daily (#20461)
  website/integrations: fix Vaultwarden SSO_SCOPES syntax (#20459)
  stages/user_login: log correct user when session binding is broken (#20094)
  web/flow: generate a single API object for network transactions and use it for the lifetime of the FlowExecutor (#20030)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@BeryJu BeryJu BeryJu approved these changes

Assignees

@PeshekDotDev PeshekDotDev

Labels

None yet

Projects

authentik Core
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@PeshekDotDev @BeryJu