stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs #11383

authentik-automation · 2024-09-15T02:06:18Z

stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

netlify · 2024-09-15T02:06:35Z

✅ Deploy Preview for authentik-storybook canceled.

Name	Link
🔨 Latest commit	`0d2cd20`
🔍 Latest deploy log	https://app.netlify.com/sites/authentik-storybook/deploys/66e6411d30cd9000084e95b1

netlify · 2024-09-15T02:06:36Z

✅ Deploy Preview for authentik-docs canceled.

Name	Link
🔨 Latest commit	`0d2cd20`
🔍 Latest deploy log	https://app.netlify.com/sites/authentik-docs/deploys/66e6411d468e08000806c900

codecov · 2024-09-15T02:11:54Z

❌ 1 Tests Failed:

Tests completed	Failed	Passed	Skipped
1531	1	1530	1

View the top 1 failed tests by shortest run time

tests.e2e.test_provider_ldap.TestProviderLDAP test_ldap_bind_search_no_perms

Stack Traces | 36.6s run time

self = &lt;unittest.case._Outcome object at 0x7f071974bd10&gt;
test_case = &lt;tests.e2e.test_provider_ldap.TestProviderLDAP testMethod=test_ldap_bind_search_no_perms&gt;
subTest = False

    @contextlib.contextmanager
    def testPartExecutor(self, test_case, subTest=False):
        old_success = self.success
        self.success = True
        try:
&gt;           yield

.../hostedtoolcache/Python/3.12.5.............../x64/lib/python3.12/unittest/case.py:58: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = &lt;tests.e2e.test_provider_ldap.TestProviderLDAP testMethod=test_ldap_bind_search_no_perms&gt;
result = &lt;TestCaseFunction test_ldap_bind_search_no_perms&gt;

    def run(self, result=None):
        if result is None:
            result = self.defaultTestResult()
            startTestRun = getattr(result, 'startTestRun', None)
            stopTestRun = getattr(result, 'stopTestRun', None)
            if startTestRun is not None:
                startTestRun()
        else:
            stopTestRun = None
    
        result.startTest(self)
        try:
            testMethod = getattr(self, self._testMethodName)
            if (getattr(self.__class__, "__unittest_skip__", False) or
                getattr(testMethod, "__unittest_skip__", False)):
                # If the class or method was skipped.
                skip_why = (getattr(self.__class__, '__unittest_skip_why__', '')
                            or getattr(testMethod, '__unittest_skip_why__', ''))
                _addSkip(result, self, skip_why)
                return result
    
            expecting_failure = (
                getattr(self, "__unittest_expecting_failure__", False) or
                getattr(testMethod, "__unittest_expecting_failure__", False)
            )
            outcome = _Outcome(result)
            start_time = time.perf_counter()
            try:
                self._outcome = outcome
    
                with outcome.testPartExecutor(self):
                    self._callSetUp()
                if outcome.success:
                    outcome.expecting_failure = expecting_failure
                    with outcome.testPartExecutor(self):
&gt;                       self._callTestMethod(testMethod)

.../hostedtoolcache/Python/3.12.5.............../x64/lib/python3.12/unittest/case.py:634: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = &lt;tests.e2e.test_provider_ldap.TestProviderLDAP testMethod=test_ldap_bind_search_no_perms&gt;
method = &lt;bound method TestProviderLDAP.test_ldap_bind_search_no_perms of &lt;tests.e2e.test_provider_ldap.TestProviderLDAP testMethod=test_ldap_bind_search_no_perms&gt;&gt;

    def _callTestMethod(self, method):
&gt;       if method() is not None:

.../hostedtoolcache/Python/3.12.5.............../x64/lib/python3.12/unittest/case.py:589: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = &lt;tests.e2e.test_provider_ldap.TestProviderLDAP testMethod=test_ldap_bind_search_no_perms&gt;
args = (), kwargs = {}

    @wraps(func)
    def wrapper(self: TransactionTestCase, *args, **kwargs):
        """Run test again if we're below max_retries, including tearDown and
        setUp. Otherwise raise the error"""
        nonlocal count
        try:
&gt;           return func(self, *args, **kwargs)

tests/e2e/utils.py:253: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

args = (&lt;tests.e2e.test_provider_ldap.TestProviderLDAP testMethod=test_ldap_bind_search_no_perms&gt;,)
kwargs = {}, file = 'default/flow-default-invalidation-flow.yaml'
content = 'version: 1\nmetadata:\n  name: Default - Invalidation flow\nentries:\n- attrs:\n    designation: invalidation\n    na...0\n    stage: !KeyOf default-invalidation-logout\n    target: !KeyOf flow\n  model: authentik_flows.flowstagebinding\n'

    @wraps(func)
    def wrapper(*args, **kwargs):
        for file in files:
            content = BlueprintInstance(path=file).retrieve()
            Importer.from_string(content).apply()
&gt;       return func(*args, **kwargs)

.../blueprints/tests/__init__.py:25: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

args = (&lt;tests.e2e.test_provider_ldap.TestProviderLDAP testMethod=test_ldap_bind_search_no_perms&gt;,)
kwargs = {}, config = &lt;AuthentikTenantsConfig: authentik_tenants&gt;

    @wraps(func)
    def wrapper(*args, **kwargs):
        config = apps.get_app_config(app_name)
        if isinstance(config, ManagedAppConfig):
            config._on_startup_callback(None)
&gt;       return func(*args, **kwargs)

.../blueprints/tests/__init__.py:43: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

args = (&lt;tests.e2e.test_provider_ldap.TestProviderLDAP testMethod=test_ldap_bind_search_no_perms&gt;,)
kwargs = {}, config = &lt;AuthentikOutpostConfig: authentik_outposts&gt;

    @wraps(func)
    def wrapper(*args, **kwargs):
        config = apps.get_app_config(app_name)
        if isinstance(config, ManagedAppConfig):
            config._on_startup_callback(None)
&gt;       return func(*args, **kwargs)

.../blueprints/tests/__init__.py:43: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = &lt;tests.e2e.test_provider_ldap.TestProviderLDAP testMethod=test_ldap_bind_search_no_perms&gt;

    @retry()
    @apply_blueprint(
        "default/flow-default-authentication-flow.yaml",
        "default/flow-default-invalidation-flow.yaml",
    )
    @reconcile_app("authentik_tenants")
    @reconcile_app("authentik_outposts")
    def test_ldap_bind_search_no_perms(self):
        """Test simple bind + search"""
        user = create_test_user()
        self._prepare()
        server = Server("ldap://localhost:3389", get_info=ALL)
        _connection = Connection(
            server,
            raise_exceptions=True,
            user=f"cn={user.username},ou=users,dc=ldap,dc=goauthentik,dc=io",
            password=user.username,
        )
        _connection.bind()
        self.assertTrue(
            Event.objects.filter(
                action=EventAction.LOGIN,
                user={
                    "pk": user.pk,
                    "email": user.email,
                    "username": user.username,
                },
            )
        )
    
        _connection.search(
            "ou=Users,DC=ldaP,dc=goauthentik,dc=io",
            "(objectClass=user)",
            search_scope=SUBTREE,
            attributes=[ALL_ATTRIBUTES, ALL_OPERATIONAL_ATTRIBUTES],
        )
        response: list = _connection.response
        # Remove raw_attributes to make checking easier
        for obj in response:
            del obj["raw_attributes"]
            del obj["raw_dn"]
            obj["attributes"] = dict(obj["attributes"])
        expected = [
            {
                "dn": f"cn={user.username},ou=users,dc=ldap,dc=goauthentik,dc=io",
                "attributes": {
                    "cn": user.username,
                    "sAMAccountName": user.username,
                    "uid": user.uid,
                    "name": user.name,
                    "displayName": user.name,
                    "sn": user.name,
                    "mail": user.email,
                    "objectClass": [
                        "top",
                        "person",
                        "organizationalPerson",
                        "inetOrgPerson",
                        "user",
                        "posixAccount",
                        "goauthentik.io/ldap/user",
                    ],
                    "uidNumber": 2000 + user.pk,
                    "gidNumber": 2000 + user.pk,
                    "memberOf": [
                        f"cn={group.name},ou=groups,dc=ldap,dc=goauthentik,dc=io"
                        for group in user.ak_groups.all()
                    ],
                    "homeDirectory": f"/home/{user.username}",
                    "ak-active": True,
                    "ak-superuser": False,
                },
                "type": "searchResEntry",
            },
        ]
&gt;       self.assert_list_dict_equal(expected, response)

tests/e2e/test_provider_ldap.py:410: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = &lt;tests.e2e.test_provider_ldap.TestProviderLDAP testMethod=test_ldap_bind_search_no_perms&gt;
expected = [{'attributes': {'ak-active': True, 'ak-superuser': False, 'cn': 'VULW26U7KvD1jRIJdBzF', 'displayName': 'VULW26U7KvD1jRIJdBzF', ...}, 'dn': 'cn=VULW26U7KvD1jRIJdBzF,ou=users,dc=ldap,dc=goauthentik,dc=io', 'type': 'searchResEntry'}]
actual = [{'attributes': {'ak-active': True, 'ak-superuser': True, 'cn': '4iVcEuOdpvTEFNtdYdZ5', 'displayName': '4iVcEuOdpvTEFN...7KvD1jRIJdBzF', ...}, 'dn': 'cn=VULW26U7KvD1jRIJdBzF,ou=users,dc=ldap,dc=goauthentik,dc=io', 'type': 'searchResEntry'}]
match_key = 'dn'

    def assert_list_dict_equal(self, expected: list[dict], actual: list[dict], match_key="dn"):
        """Assert a list of dictionaries is identical, ignoring the ordering of items"""
&gt;       self.assertEqual(len(expected), len(actual))

tests/e2e/test_provider_ldap.py:414: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = &lt;tests.e2e.test_provider_ldap.TestProviderLDAP testMethod=test_ldap_bind_search_no_perms&gt;
first = 1, second = 4, msg = None

    def assertEqual(self, first, second, msg=None):
        """Fail if the two objects are unequal as determined by the '=='
           operator.
        """
        assertion_func = self._getAssertEqualityFunc(first, second)
&gt;       assertion_func(first, second, msg=msg)

.../hostedtoolcache/Python/3.12.5.............../x64/lib/python3.12/unittest/case.py:885: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = &lt;tests.e2e.test_provider_ldap.TestProviderLDAP testMethod=test_ldap_bind_search_no_perms&gt;
first = 1, second = 4, msg = '1 != 4'

    def _baseAssertEqual(self, first, second, msg=None):
        """The default assertEqual implementation, not type specific."""
        if not first == second:
            standardMsg = '%s != %s' % _common_shorten_repr(first, second)
            msg = self._formatMessage(msg, standardMsg)
&gt;           raise self.failureException(msg)
E           AssertionError: 1 != 4

.../hostedtoolcache/Python/3.12.5.............../x64/lib/python3.12/unittest/case.py:878: AssertionError

To view individual test run time comparison to the main branch, go to the Test Analytics Dashboard

* main: (25 commits) web: bump rapidoc from 9.3.4 to 9.3.5 in /web (#11410) website: bump dompurify from 3.0.6 to 3.1.6 in /website (#11402) website: bump @types/react from 18.3.5 to 18.3.6 in /website (#11405) core: bump goauthentik.io/api/v3 from 3.2024081.1 to 3.2024082.1 (#11406) web: bump the storybook group across 1 directory with 7 updates (#11408) web: bump typescript-eslint from 8.5.0 to 8.6.0 in /tests/wdio (#11409) web: bump typescript-eslint from 8.5.0 to 8.6.0 in /web (#11411) web: bump mermaid from 11.2.0 to 11.2.1 in /web (#11412) website/docs: upgrade: fix helm command (#11403) web: bump API Client version (#11396) release: 2024.8.2 (#11395) website/docs: prepare release notes for 2024.8.2 (#11394) core: bump paramiko from 3.4.1 to 3.5.0 (#11388) stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#11383) core, web: update translations (#11375) core: bump django-pglock from 1.6.1 to 1.6.2 (#11389) website: bump postcss from 8.4.45 to 8.4.47 in /website (#11390) core: bump ruff from 0.6.4 to 0.6.5 (#11391) core: bump psycopg from 3.2.1 to 3.2.2 (#11392) web: bump @floating-ui/dom from 1.6.10 to 1.6.11 in /web (#11393) ...

stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs

0d2cd20

Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

authentik-automation bot requested a review from a team as a code owner September 15, 2024 02:06

authentik-automation bot enabled auto-merge (squash) September 15, 2024 02:06

BeryJu disabled auto-merge September 16, 2024 11:25

BeryJu merged commit 1892112 into main Sep 16, 2024
68 of 70 checks passed

BeryJu deleted the update-fido-mds-client branch September 16, 2024 11:25

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs #11383

stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs #11383

Uh oh!

authentik-automation bot commented Sep 15, 2024

Uh oh!

netlify bot commented Sep 15, 2024 •

edited

Loading

Uh oh!

netlify bot commented Sep 15, 2024 •

edited

Loading

Uh oh!

codecov bot commented Sep 15, 2024 •

edited

Loading

Uh oh!

Uh oh!

Uh oh!

Uh oh!

stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs #11383

stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs #11383

Uh oh!

Conversation

authentik-automation bot commented Sep 15, 2024

Uh oh!

netlify bot commented Sep 15, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

✅ Deploy Preview for authentik-storybook canceled.

Uh oh!

netlify bot commented Sep 15, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

✅ Deploy Preview for authentik-docs canceled.

Uh oh!

codecov bot commented Sep 15, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

❌ 1 Tests Failed:

Uh oh!

Uh oh!

Uh oh!

netlify bot commented Sep 15, 2024 •

edited

Loading

netlify bot commented Sep 15, 2024 •

edited

Loading

codecov bot commented Sep 15, 2024 •

edited

Loading