Git Product home page Git Product logo

Comments (3)

BeryJu avatar BeryJu commented on May 24, 2024 1

The actual bug I can confirm, however this issue is only triggered by having execution logging enabled in the policy. Once that is disabled this error shouldn't happen anymore

from authentik.

ToshY avatar ToshY commented on May 24, 2024

Hey @BeryJu πŸ‘‹

Thanks for the quick response. I totally forgot to mention that detail in my policy, but you're right, I have the logging enabled. I just disabled it and works like you said, so I'm totally fine with that workaround for the time being.

from authentik.

ToshY avatar ToshY commented on May 24, 2024

Hey @BeryJu πŸ‘‹

Maybe you've already taken this into account in #9480, but I just tested that if I add another expression policy (e.g. custom-enrollment-group) with execution logging disabled, and bind the policy to the default-source-enrollment as well, I get both the policy message that user is not allowed to login (from the previous google-email-expression policy), but also again the error UserSourceConnection has no user. probably originating from the new policy.

google-email-expression (existing policy with execution logging disabled)

image

custom-enrollment-group (new policy with execution logging disabled)

image

Note: group app-user exists

default-source-enrollment

image

Response for [email protected] (allowed)

image

Response for [email protected] (not allowed)

image

TLDR; I still get the UserSourceConnection has no user. if the execution logging is disabled on new policies added to the enrollment.

  • Tried removing the custom-enrollment-group and recreate it; didn't help
  • Tried to down/up my stack; didn't help
  • Tried Clear cache button on the policies; didn't help

If you have any ideas on why this still happens on newly added policies, please let me know.

Saw in #9480 an image tag ghcr.io/goauthentik/dev-server:gh-a80fe279e7011a58b32d77e51942d385555743d0, so tested it with the additional policy.

Response for [email protected] (allowed)

image

Response for [email protected] (not allowed)

image

It now shows flow_plan for some reason. Looking in the UI notification the following message is shown:

Traceback (most recent call last):\n  File \"custom-enrollment-group-v2\", line 6, in <module>\n  File \"custom-enrollment-group-v2\", line 4, in handler\nbuiltins.KeyError: 'flow_plan'"

So apparently now my second expression policy is broken due to the usage of request.context["flow_plan"] ?

from authentik.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    πŸ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. πŸ“ŠπŸ“ˆπŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❀️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.