def test_native(self, configure_for_pf, capsys):
"""
If the log entry comes from structlog, it's unpackaged and processed.
"""
configure_logging(None)
get_logger().warning("foo")
assert (
"",
"[warning ] foo [in test_native]\n",
) == capsys.readouterr()
def retry(max_retires=RETRIES, exceptions=None):
"""Retry test multiple times. Default to catching Selenium Timeout Exception"""
if not exceptions:
exceptions = [WebDriverException, TimeoutException, NoSuchElementException]
logger = get_logger()
def retry_actual(func: Callable):
"""Retry test multiple times"""
count = 1
@wraps(func)
def wrapper(self: TransactionTestCase, *args, **kwargs):
"""Run test again if we're below max_retries, including tearDown and
setUp. Otherwise raise the error"""
nonlocal count
try:
return func(self, *args, **kwargs)
# pylint: disable=catching-non-exception
except tuple(exceptions) as exc:
count += 1
if count > max_retires:
logger.debug("Exceeded retry count", exc=exc, test=self)
# pylint: disable=raising-non-exception
raise exc
logger.debug("Retrying on error", exc=exc, test=self)
self.tearDown()
self._post_teardown() # noqa
self.setUp()
return wrapper(self, *args, **kwargs)
return wrapper
return retry_actual
def __init__(self, connection: DockerServiceConnection):
self.tls = None
self.ssh = None
if connection.local:
# Same result as DockerClient.from_env
super().__init__(**kwargs_from_env())
else:
parsed_url = urlparse(connection.url)
tls_config = False
if parsed_url.scheme == "ssh":
self.ssh = DockerInlineSSH(parsed_url.hostname,
connection.tls_authentication)
self.ssh.write()
else:
self.tls = DockerInlineTLS(
verification_kp=connection.tls_verification,
authentication_kp=connection.tls_authentication,
)
tls_config = self.tls.write()
try:
super().__init__(
base_url=connection.url,
tls=tls_config,
)
except SSHException as exc:
raise ServiceConnectionInvalid from exc
self.logger = get_logger()
# Ensure the client actually works
self.containers.list()
def __init__(self, policy_name: str):
super().__init__()
self._messages = []
self._context["ak_logger"] = get_logger(policy_name)
self._context["ak_message"] = self.expr_func_message
self._context["ip_address"] = ip_address
self._context["ip_network"] = ip_network
self._filename = policy_name or "PolicyEvaluator"
def __init__(self, json_input: str):
self.__pk_map: dict[Any, Model] = {}
self.logger = get_logger()
import_dict = loads(json_input)
try:
self.__import = from_dict(FlowBundle, import_dict)
except DaciteError as exc:
raise EntryInvalidError from exc
def setUp(self):
super().setUp()
self.wait_timeout = 60
self.driver = self._get_driver()
self.driver.maximize_window()
self.driver.implicitly_wait(30)
self.wait = WebDriverWait(self.driver, self.wait_timeout)
self.logger = get_logger()
if specs := self.get_container_specs():
self.container = self._start_container(specs)
def __init__(
self,
source: Source,
request: HttpRequest,
identifier: str,
enroll_info: dict[str, Any],
) -> None:
self.source = source
self.request = request
self.identifier = identifier
self.enroll_info = enroll_info
self._logger = get_logger().bind(source=source, identifier=identifier)
def user_model_handler(sender, instance: User, created: bool, **kwargs):
"""
Python 的 signal and slot 函数
比在 admin 中 保存其他的 StackInline 之前执行
"""
if created:
Profile.objects.create(mobile=instance.username,
user=instance,
nickname="奇遇淘客")
logger = get_logger("webhook")
json_data = {"username": instance.username}
send_webhook_request(SConfig.WEBHOOK_NEW_USER, json_data=json_data)
def setUp(self):
super().setUp()
# pylint: disable=invalid-name
self.maxDiff = None
self.wait_timeout = 60
self.driver = self._get_driver()
self.driver.maximize_window()
self.driver.implicitly_wait(30)
self.wait = WebDriverWait(self.driver, self.wait_timeout)
self.logger = get_logger()
self.user = create_test_admin_user()
if specs := self.get_container_specs():
self.container = self._start_container(specs)
def __init__(self):
# update website/docs/expressions/_objects.md
# update website/docs/expressions/_functions.md
self._globals = {
"regex_match": BaseEvaluator.expr_filter_regex_match,
"regex_replace": BaseEvaluator.expr_filter_regex_replace,
"ak_is_group_member": BaseEvaluator.expr_func_is_group_member,
"ak_user_by": BaseEvaluator.expr_func_user_by,
"ak_logger": get_logger(),
"requests": Session(),
}
self._context = {}
self._filename = "BaseEvalautor"
def __init__(self):
# update authentik/policies/expression/templates/policy/expression/form.html
# update website/docs/policies/expression.md
self._globals = {
"regex_match": BaseEvaluator.expr_filter_regex_match,
"regex_replace": BaseEvaluator.expr_filter_regex_replace,
"ak_is_group_member": BaseEvaluator.expr_func_is_group_member,
"ak_user_by": BaseEvaluator.expr_func_user_by,
"ak_logger": get_logger(),
"requests": Session(),
}
self._context = {}
self._filename = "BaseEvalautor"
def connect(self):
super().connect()
uuid = self.scope["url_route"]["kwargs"]["pk"]
outpost = (get_objects_for_user(
self.user,
"authentik_outposts.view_outpost").filter(pk=uuid).first())
if not outpost:
raise DenyConnection()
self.logger = get_logger().bind(outpost=outpost)
try:
self.accept()
except RuntimeError as exc:
self.logger.warning("runtime error during accept", exc=exc)
raise DenyConnection()
self.outpost = outpost
self.last_uid = self.channel_name
def send_webhook_request(webhook: Optional[str], json_data: dict) -> None:
"""
发送 WebHook 请求
:param webhook: WebHook 的地址
:param json_data: 发送的 data 数据
"""
if webhook is None or webhook == "":
return
logger = get_logger("webhook")
try:
resp = requests.post(webhook, json=json_data, timeout=(5.0, 5.0))
if resp.ok:
return
logger.warning(f"send webhook request: {webhook=} failed {resp=}")
except Exception as e:
logger.error(f"send webhook request failed with exception: {e=}")
def __init__(self,
pbm: PolicyBindingModel,
user: User,
request: HttpRequest = None):
self.logger = get_logger().bind()
self.mode = pbm.policy_engine_mode
# For backwards compatibility, set empty_result to true
# objects with no policies attached will pass.
self.empty_result = True
if not isinstance(pbm, PolicyBindingModel): # pragma: no cover
raise ValueError(f"{pbm} is not instance of PolicyBindingModel")
self.__pbm = pbm
self.request = PolicyRequest(user)
self.request.obj = pbm
if request:
self.request.set_http_request(request)
self.__cached_policies: list[PolicyResult] = []
self.__processes: list[PolicyProcessInfo] = []
self.use_cache = True
self.__expected_result_count = 0
async def test_integration(self, capsys):
"""
Configure and log an actual entry.
"""
configure(
processors=[add_log_level, JSONRenderer()],
logger_factory=PrintLogger,
wrapper_class=AsyncBoundLogger,
cache_logger_on_first_use=True,
)
logger = get_logger()
await logger.bind(foo="bar").info("baz", x="42")
assert {
"foo": "bar",
"x": "42",
"event": "baz",
"level": "info",
} == json.loads(capsys.readouterr().out)
reset_defaults()
"""Plex Views"""
from urllib.parse import urlencode
from django.http.response import Http404
from requests.exceptions import RequestException
from structlog.stdlib import get_logger
from authentik import __version__
from authentik.core.sources.flow_manager import SourceFlowManager
from authentik.lib.utils.http import get_http_session
from authentik.sources.plex.models import PlexSource, PlexSourceConnection
LOGGER = get_logger()
SESSION_ID_KEY = "PLEX_ID"
SESSION_CODE_KEY = "PLEX_CODE"
class PlexAuth:
"""Plex authentication utilities"""
_source: PlexSource
_token: str
def __init__(self, source: PlexSource, token: str):
self._source = source
self._token = token
self._session = get_http_session()
self._session.headers.update({
"Accept": "application/json",
"Content-Type": "application/json"
})
from structlog.stdlib import get_logger
from authentik import __version__
from authentik.core.middleware import (
SESSION_IMPERSONATE_ORIGINAL_USER,
SESSION_IMPERSONATE_USER,
)
from authentik.core.models import ExpiringModel, Group, User
from authentik.events.geo import GEOIP_READER
from authentik.events.utils import cleanse_dict, get_user, sanitize_dict
from authentik.lib.sentry import SentryIgnoredException
from authentik.lib.utils.http import get_client_ip
from authentik.policies.models import PolicyBindingModel
from authentik.stages.email.utils import TemplateEmailMessage
LOGGER = get_logger("authentik.events")
GAUGE_EVENTS = Gauge(
"authentik_events",
"Events in authentik",
["action", "user_username", "app", "client_ip"],
)
def default_event_duration():
"""Default duration an Event is saved"""
return now() + timedelta(days=365)
class NotificationTransportError(SentryIgnoredException):
"""Error raised when a notification fails to be delivered"""
def setup(self, request: HttpRequest, flow_slug: str):
super().setup(request, flow_slug=flow_slug)
self.flow = get_object_or_404(Flow.objects.select_related(), slug=flow_slug)
self._logger = get_logger().bind(flow_slug=flow_slug)
def get_ztk_std() -> ZTKStd:
set_up_env()
logger = get_logger()
return ZTKStd(ztk_sid=sid, logger=logger)
def __init__(self, flow: Flow):
self.use_cache = True
self.allow_empty_flows = False
self.flow = flow
self._logger = get_logger().bind(flow=flow)
from time import time
from typing import Callable
from django.conf import settings
from django.contrib.sessions.backends.base import UpdateError
from django.contrib.sessions.exceptions import SessionInterrupted
from django.contrib.sessions.middleware import SessionMiddleware as UpstreamSessionMiddleware
from django.http.request import HttpRequest
from django.http.response import HttpResponse
from django.utils.cache import patch_vary_headers
from django.utils.http import http_date
from structlog.stdlib import get_logger
from authentik.lib.utils.http import get_client_ip
LOGGER = get_logger("authentik.asgi")
class SessionMiddleware(UpstreamSessionMiddleware):
"""Dynamically set SameSite depending if the upstream connection is TLS or not"""
@staticmethod
def is_secure(request: HttpRequest) -> bool:
"""Check if request is TLS'd or localhost"""
if request.is_secure():
return True
host, _, _ = request.get_host().partition(":")
if host == "localhost" and settings.DEBUG:
# Since go does not consider localhost with http a secure origin
# we can't set the secure flag.
user_agent = request.META.get("HTTP_USER_AGENT", "")
if user_agent.startswith(
def __init__(self, controller: "KubernetesController"):
self.controller = controller
self.namespace = controller.outpost.config.kubernetes_namespace
self.logger = get_logger().bind(type=self.__class__.__name__)
def __init__(self, source: LDAPSource):
self._source = source
self._messages = []
self._logger = get_logger().bind(source=source,
syncer=self.__class__.__name__)
def __init__(self, controller: "KubernetesController"):
self.controller = controller
self.namespace = controller.outpost.config.kubernetes_namespace
self.logger = get_logger()
def __init__(self, outpost: Outpost, connection: OutpostServiceConnection):
self.outpost = outpost
self.connection = connection
self.logger = get_logger()
self.deployment_ports = []
def __init__(self, source: LDAPSource):
self._source = source
self._logger = get_logger().bind(source=source)
