search

goauthentik / authentik

The authentication glue you need.
https://goauthentik.io
Other
13.67k stars 916 forks source link

SCIM provider sync to BitWarden fails #11972

Open sebgab opened 2 weeks ago

sebgab commented 2 weeks ago

Describe the bug When running the SCIM provider sync against BitWarden with default user and group mappings the SCIM fails with raise value builtins.TypeError: 'NoneType' object is not iterable. The sync exits early and all info is not synchronized.

To Reproduce Steps to reproduce the behavior:

  1. Setup BitWarden with SCIM
  2. Create Application for BitWarden
  3. Create OIDC provider for BitWarden
  4. Assign OIDC provider as provider for BitWarden application
  5. Create SCIM provider for BitWarden with default user and group mappings, and a user filter for a specific group
  6. Assign SCIM provider as backchannel provider for BitWarden application
  7. Run sync
  8. See error

Expected behavior Users and groups synchronize to the server without the sync failing.

Logs

Stacktrace from authentik ``` Traceback (most recent call last): File "/ak-root/venv/lib/python3.12/site-packages/celery/app/trace.py", line 453, in trace_task R = retval = fun(*args, **kwargs) ^^^^^^^^^^^^^^^^^^^^ File "/ak-root/venv/lib/python3.12/site-packages/sentry_sdk/utils.py", line 1788, in runner return sentry_patched_function(*args, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/ak-root/venv/lib/python3.12/site-packages/sentry_sdk/integrations/celery/__init__.py", line 416, in _inner reraise(*exc_info) File "/ak-root/venv/lib/python3.12/site-packages/sentry_sdk/utils.py", line 1723, in reraise raise value File "/ak-root/venv/lib/python3.12/site-packages/sentry_sdk/integrations/celery/__init__.py", line 411, in _inner return f(*args, **kwargs) ^^^^^^^^^^^^^^^^^^ File "/ak-root/venv/lib/python3.12/site-packages/celery/app/trace.py", line 736, in __protected_call__ return self.run(*args, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^ File "/ak-root/venv/lib/python3.12/site-packages/celery/app/autoretry.py", line 38, in run return task._orig_run(*args, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/authentik/providers/scim/tasks.py", line 22, in scim_sync return sync_tasks.sync_single(self, provider_pk, scim_sync_objects) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/authentik/lib/sync/outgoing/tasks.py", line 98, in sync_single ).get(): ^^^^^ File "/ak-root/venv/lib/python3.12/site-packages/celery/result.py", line 251, in get return self.backend.wait_for_pending( ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/ak-root/venv/lib/python3.12/site-packages/celery/backends/asynchronous.py", line 223, in wait_for_pending return result.maybe_throw(callback=callback, propagate=propagate) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/ak-root/venv/lib/python3.12/site-packages/celery/result.py", line 365, in maybe_throw self.throw(value, self._to_remote_traceback(tb)) File "/ak-root/venv/lib/python3.12/site-packages/celery/result.py", line 358, in throw self.on_ready.throw(*args, **kwargs) File "/ak-root/venv/lib/python3.12/site-packages/vine/promises.py", line 235, in throw reraise(type(exc), exc, tb) File "/ak-root/venv/lib/python3.12/site-packages/vine/utils.py", line 27, in reraise raise value builtins.TypeError: 'NoneType' object is not iterable ```

Version and Deployment (please complete the following information):

Additional context The users seem to have been provisioned properly, however the groups do not sync. I did also have issues with user sync previously, but that seems to have fixed itself after a few syncs. The groups did not