From acc3b5986995eaca718bddc9d75d091aa7b86bc4 Mon Sep 17 00:00:00 2001 From: "gcp-cherry-pick-bot[bot]" <98988430+gcp-cherry-pick-bot[bot]@users.noreply.github.com> Date: Tue, 19 Dec 2023 18:31:20 +0100 Subject: [PATCH] events: add better fallback for sanitize_item to ensure everything can be saved as JSON (cherry-pick #7694) (#7937) events: add better fallback for sanitize_item to ensure everything can be saved as JSON (#7694) * events: fix events sanitizing not handling all types * remove some leftover prints --------- Signed-off-by: Jens Langhammer Co-authored-by: Jens L --- authentik/events/utils.py | 11 +++++++++-- authentik/stages/authenticator_sms/stage.py | 1 - authentik/stages/authenticator_sms/tests.py | 2 -- authentik/stages/email/stage.py | 1 - 4 files changed, 9 insertions(+), 6 deletions(-) diff --git a/authentik/events/utils.py b/authentik/events/utils.py index d910e4a2d..2bc3587d6 100644 --- a/authentik/events/utils.py +++ b/authentik/events/utils.py @@ -5,12 +5,13 @@ from datetime import date, datetime, time, timedelta from enum import Enum from pathlib import Path -from types import GeneratorType +from types import GeneratorType, NoneType from typing import Any, Optional from uuid import UUID from django.contrib.auth.models import AnonymousUser from django.core.handlers.wsgi import WSGIRequest +from django.core.serializers.json import DjangoJSONEncoder from django.db import models from django.db.models.base import Model from django.http.request import HttpRequest @@ -159,7 +160,13 @@ def sanitize_item(value: Any) -> Any: "name": value.__name__, "module": value.__module__, } - return value + # List taken from the stdlib's JSON encoder (_make_iterencode, encoder.py:415) + if isinstance(value, (bool, int, float, NoneType, list, tuple, dict)): + return value + try: + return DjangoJSONEncoder.default(value) + finally: + return str(value) def sanitize_dict(source: dict[Any, Any]) -> dict[Any, Any]: diff --git a/authentik/stages/authenticator_sms/stage.py b/authentik/stages/authenticator_sms/stage.py index dfbf48c68..e2c661089 100644 --- a/authentik/stages/authenticator_sms/stage.py +++ b/authentik/stages/authenticator_sms/stage.py @@ -69,7 +69,6 @@ def validate_and_send(self, phone_number: str): stage: AuthenticatorSMSStage = self.executor.current_stage hashed_number = hash_phone_number(phone_number) query = Q(phone_number=hashed_number) | Q(phone_number=phone_number) - print(SMSDevice.objects.filter(query, stage=stage.pk)) if SMSDevice.objects.filter(query, stage=stage.pk).exists(): raise ValidationError(_("Invalid phone number")) # No code yet, but we have a phone number, so send a verification message diff --git a/authentik/stages/authenticator_sms/tests.py b/authentik/stages/authenticator_sms/tests.py index 9601cf886..1ab16aa56 100644 --- a/authentik/stages/authenticator_sms/tests.py +++ b/authentik/stages/authenticator_sms/tests.py @@ -199,11 +199,9 @@ def test_stage_context_data_duplicate(self): sms_send_mock, ), ): - print(self.client.session[SESSION_KEY_PLAN]) response = self.client.get( reverse("authentik_api:flow-executor", kwargs={"flow_slug": self.flow.slug}), ) - print(response.content.decode()) self.assertStageResponse( response, self.flow, diff --git a/authentik/stages/email/stage.py b/authentik/stages/email/stage.py index 1aaaa7482..0fa36bfbe 100644 --- a/authentik/stages/email/stage.py +++ b/authentik/stages/email/stage.py @@ -63,7 +63,6 @@ def get_full_url(self, **kwargs) -> str: query_params = QueryDict(self.request.GET.get(QS_QUERY), mutable=True) query_params.pop(QS_KEY_TOKEN, None) query_params.update(kwargs) - print(query_params) full_url = base_url if len(query_params) > 0: full_url = f"{full_url}?{query_params.urlencode()}"