From 5d858020f64841035de033cc5d7aad406be78c72 Mon Sep 17 00:00:00 2001 From: Jens L Date: Thu, 6 Jun 2024 13:20:26 +0900 Subject: [PATCH] stages/email: fix sanitization of email addresses (#9999) Signed-off-by: Jens Langhammer --- authentik/stages/email/tests/test_templates.py | 2 +- authentik/stages/email/utils.py | 6 ++---- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/authentik/stages/email/tests/test_templates.py b/authentik/stages/email/tests/test_templates.py index a9bee2ed138a..4904cace8f2e 100644 --- a/authentik/stages/email/tests/test_templates.py +++ b/authentik/stages/email/tests/test_templates.py @@ -96,7 +96,7 @@ def test_template_address(self): """Test addresses are correctly parsed""" message = TemplateEmailMessage(to=[("foo@bar.baz", "foo@bar.baz")]) [sanitize_address(addr, "utf-8") for addr in message.recipients()] - self.assertEqual(message.recipients(), ["foo@bar.baz"]) + self.assertEqual(message.recipients(), ['"foo@bar.baz" ']) message = TemplateEmailMessage(to=[("some-name", "foo@bar.baz")]) [sanitize_address(addr, "utf-8") for addr in message.recipients()] self.assertEqual(message.recipients(), ["some-name "]) diff --git a/authentik/stages/email/utils.py b/authentik/stages/email/utils.py index 8ec37e9b6a27..22beb1294c0e 100644 --- a/authentik/stages/email/utils.py +++ b/authentik/stages/email/utils.py @@ -5,6 +5,7 @@ from pathlib import Path from django.core.mail import EmailMultiAlternatives +from django.core.mail.message import sanitize_address from django.template.exceptions import TemplateDoesNotExist from django.template.loader import render_to_string from django.utils import translation @@ -31,10 +32,7 @@ def __init__( sanitized_to = [] # Ensure that all recipients are valid for recipient_name, recipient_email in to: - if recipient_name == recipient_email: - sanitized_to.append(recipient_email) - else: - sanitized_to.append(f"{recipient_name} <{recipient_email}>") + sanitized_to.append(sanitize_address((recipient_name, recipient_email), "utf-8")) super().__init__(to=sanitized_to, **kwargs) if not template_name: return