flows: stage_invalid() makes flow restart depending on invalid_response_action setting

[BeryJu]

Details

Instead of always stopping the flow as-is when calling executor.stage_invalid(), honour the invalid_response_action setting and restart the flow

---

Checklist

• Local tests pass (ak test authentik/)
• The code has been formatted (make lint-fix)

If an API change has been made

• The API schema has been updated (make gen-build)

If changes to the frontend have been made

• The code has been formatted (make web)
• The translation files have been updated (make i18n-extract)

If applicable

• The documentation has been updated
• The documentation has been formatted (make website)

[netlify]

✅ Deploy Preview for authentik-storybook canceled.

Name	Link
🔨 Latest commit	4f506e9
🔍 Latest deploy log	https://app.netlify.com/sites/authentik-storybook/deploys/651357b518a1f30008f64af4

[codecov]

Codecov Report

All modified lines are covered by tests ✅

Comparison is base (5ea6739) 91.46% compared to head (4f506e9) 92.70%.
Report is 186 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #6780      +/-   ##
==========================================
+ Coverage   91.46%   92.70%   +1.24%     
==========================================
  Files         565      567       +2     
  Lines       27769    27965     +196     
==========================================
+ Hits        25397    25923     +526     
+ Misses       2372     2042     -330     

Flag	Coverage Δ
e2e	51.12% <100.00%> (+6.31%)	⬆️
integration	26.27% <50.00%> (-0.16%)	⬇️
unit	89.60% <100.00%> (+0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files	Coverage Δ
authentik/flows/views/executor.py	82.08% <100.00%> (-0.47%)	⬇️

... and 62 files with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[smusali]

lgtm

[netlify]

✅ Deploy Preview for authentik ready!

Name	Link
🔨 Latest commit	ef04298
🔍 Latest deploy log	https://app.netlify.com/sites/authentik/deploys/65135499d71de6000806701b
😎 Deploy Preview	https://deploy-preview-6780--authentik.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
Lighthouse	1 paths audited Performance: 96 (no change from production) Accessibility: 90 (no change from production) Best Practices: 100 (no change from production) SEO: 80 (no change from production) PWA: - View the detailed breakdown and full score reports

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[github-actions]

authentik PR Installation instructions

Instructions for docker-compose

Add the following block to your .env file:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-flows-restart-stage_invalid-1695807671-4f506e9
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

For arm64, use these values:

AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-flows-restart-stage_invalid-1695807671-4f506e9-arm64
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s

Afterwards, run the upgrade commands from the latest release notes.

Instructions for Kubernetes

Add the following block to your values.yml file:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
image:
    repository: ghcr.io/goauthentik/dev-server
    tag: gh-flows-restart-stage_invalid-1695807671-4f506e9

For arm64, use these values:

authentik:
    outposts:
        container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
image:
    repository: ghcr.io/goauthentik/dev-server
    tag: gh-flows-restart-stage_invalid-1695807671-4f506e9-arm64

Afterwards, run the upgrade commands from the latest release notes.