fix(authentik-application): invalidation_flow on oidc

2025-01-08 22:33:17 +01:00 · 2025-01-08 22:33:17 +01:00 · 50d64e2bfb
commit 50d64e2bfb
parent 1dd3eeb6b2
4 changed files with 7 additions and 3 deletions
--- a/authentik-application/Chart.yaml
+++ b/authentik-application/Chart.yaml
@ -2,7 +2,7 @@ apiVersion: v2
 name: authentik-application
 description: "A Chart to deploy a secret for the authentik blueprint-sidecar."
 type: application
-version: "0.4.4"
+version: "0.4.5"
 maintainers:
  - name: WrenIX
    url: https://wrenix.eu
--- a/authentik-application/README.md
+++ b/authentik-application/README.md
@ -7,7 +7,7 @@ description: "A Chart to deploy a secret for the authentik blueprint-sidecar."

 # authentik-application

-![Version: 0.4.4](https://img.shields.io/badge/Version-0.4.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
+![Version: 0.4.5](https://img.shields.io/badge/Version-0.4.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)

 A Chart to deploy a secret for the authentik blueprint-sidecar.

@ -121,6 +121,7 @@ helm uninstall authentik-application-release
 | blueprint.labels | object | `{"goauthentik_blueprint":"1"}` | label of generated secret with blueprint |
 | blueprint.provider.authorizationFlow | string | `"default-provider-authorization-implicit-consent"` |  |
 | blueprint.provider.enabled | bool | `true` | creat an provider for authentification (otherwise just a like in menu is created) |
+| blueprint.provider.invalidationFlow | string | `"default-provider-invalidation-flow"` |  |
 | blueprint.provider.name | string | `""` |  |
 | blueprint.provider.oidc.clientID | string | `nil` | client id - generated if secret enabled |
 | blueprint.provider.oidc.clientSecret | string | `nil` | client secret - generated if secret enabled |
--- a/authentik-application/files/provider/oidc.yaml.gotmpl
+++ b/authentik-application/files/provider/oidc.yaml.gotmpl
@ -22,12 +22,14 @@
  state: present
  attrs:
    authorization_flow: !Find [authentik_flows.flow, [slug, {{ .Values.blueprint.provider.authorizationFlow }}]]
+    invalidation_flow: !Find [authentik_flows.flow, [slug, {{ .Values.blueprint.provider.invalidationFlow }}]]
    {{- with .Values.blueprint.provider.oidc }}
    client_type: {{ .clientType | quote }}
    client_id: {{ $clientID | quote }}
    client_secret: {{ $clientSecret | quote }}
    redirect_uris:
-      - {{ .redirectURL | quote }}
+      - matching_mode: "strict"
+        url: {{ .redirectURL | quote }}
    {{- with .tokenDuration }}
    access_token_validity: {{ . | quote }}
    {{- end }} 
--- a/authentik-application/values.yaml
+++ b/authentik-application/values.yaml
@ -16,6 +16,7 @@ blueprint:
    enabled: true
    name: ""
    authorizationFlow: "default-provider-authorization-implicit-consent"
+    invalidationFlow: "default-provider-invalidation-flow"
    # -- type of application connection, current support: oidc, saml and proxy
    type: "oidc"
    oidc: