From f5f28968c6680545f1a6f1b784d3763dc74895f1 Mon Sep 17 00:00:00 2001
From: soraefir <soraefir+git@helcel>
Date: Sun, 10 May 2026 18:58:13 +0200
Subject: [PATCH] test blueprint fix

---
 .../containers/data/authentik/nextcloud.yaml  | 32 +++++++++++++++++--
 .../containers/data/authentik/traefik.yaml    |  4 ++-
 2 files changed, 32 insertions(+), 4 deletions(-)

diff --git a/modules/server/containers/data/authentik/nextcloud.yaml b/modules/server/containers/data/authentik/nextcloud.yaml
index c187158..759b55a 100644
--- a/modules/server/containers/data/authentik/nextcloud.yaml
+++ b/modules/server/containers/data/authentik/nextcloud.yaml
@@ -24,16 +24,42 @@ entries:
       property_mappings:
         - !Find [
             authentik_core.propertymapping,
-            [managed, goauthentik.io/providers/saml/ms-name],
+            [name, "authentik default SAML Mapping: Name"],
           ]
         - !Find [
             authentik_core.propertymapping,
-            [managed, goauthentik.io/providers/saml/ms-email],
+            [name, "authentik default SAML Mapping: Email"],
           ]
         - !Find [
             authentik_core.propertymapping,
-            [managed, goauthentik.io/providers/saml/ms-groups],
+            [name, "authentik default SAML Mapping: Groups"],
           ]
+
+        # - !Find [
+        #     authentik_providers_saml.samlpropertymapping,
+        #     [managed, "goauthentik.io/providers/saml/ms-name"],
+        #   ]
+        # - !Find [
+        #     authentik_providers_saml.samlpropertymapping,
+        #     [managed, "goauthentik.io/providers/saml/ms-email"],
+        #   ]
+        # - !Find [
+        #     authentik_providers_saml.samlpropertymapping,
+        #     [managed, "goauthentik.io/providers/saml/ms-groups"],
+        #   ]
+
+        # - !Find [
+        #     authentik_core.propertymapping,
+        #     [managed, goauthentik.io/providers/saml/ms-name],
+        #   ]
+        # - !Find [
+        #     authentik_core.propertymapping,
+        #     [managed, goauthentik.io/providers/saml/ms-email],
+        #   ]
+        # - !Find [
+        #     authentik_core.propertymapping,
+        #     [managed, goauthentik.io/providers/saml/ms-groups],
+        #   ]
       # Select your signing certificate (default is usually self-signed)
       signing_kp:
         !Find [
diff --git a/modules/server/containers/data/authentik/traefik.yaml b/modules/server/containers/data/authentik/traefik.yaml
index 4378474..2f11d42 100644
--- a/modules/server/containers/data/authentik/traefik.yaml
+++ b/modules/server/containers/data/authentik/traefik.yaml
@@ -10,8 +10,10 @@ entries:
       authorization_flow:
         !Find [
           authentik_flows.flow,
-          [slug, default-provider-authorization-explicit-consent],
+          [slug, default-provider-authorization-implicit-consent],
         ]
+      invalidation_flow:
+        !Find [authentik_flows.flow, [slug, default-provider-invalidation-flow]]
 
       # For domain-wide, external_host must be the root domain or the auth domain
       external_host: https://@AUTHENTIK_DOMAIN@