Merge branch 'master' into outpost-ldap

This commit is contained in:
Jens Langhammer 2021-05-04 23:34:31 +02:00
commit d84d7c26ca
5 changed files with 21475 additions and 55 deletions

24
Pipfile.lock generated
View file

@ -116,18 +116,18 @@
},
"boto3": {
"hashes": [
"sha256:ac10d832ad716281da6ca77cea824d723af479f8611087dee4b0489c48c32fd9",
"sha256:e2ef25afc36a301199bfbd662aef46dd11ed0db9baf96fce111db4043928065b"
"sha256:3a763ccf872e21e99c2ee0dd9e03f8377dbd1408ac20467a2a967ac0a0344ee9",
"sha256:e27c005fdbc0871275d6a223d6797d819d7116c8c64f07ae51ea78cc10b08c19"
],
"index": "pypi",
"version": "==1.17.64"
"version": "==1.17.65"
},
"botocore": {
"hashes": [
"sha256:42dde7c699b3710e5c3a944cd8ce8b7a80b9f610d8857a0ad36bdc9743cc3375",
"sha256:ec418c273c37efd33d39bb4559f7df09de46df1f87fdbb064d8ebb281849a625"
"sha256:bf5ebe11a737fa29b530ba0b8d787e112b4637e28b8fd516e8718c917ed76c14",
"sha256:e31c3bc0e917ee8733055f3732b8cef9c5d4512f1e2e6c3bcc78a464c56aab49"
],
"version": "==1.20.64"
"version": "==1.20.65"
},
"cachetools": {
"hashes": [
@ -312,11 +312,11 @@
},
"django": {
"hashes": [
"sha256:0604e84c4fb698a5e53e5857b5aea945b2f19a18f25f10b8748dbdf935788927",
"sha256:21f0f9643722675976004eb683c55d33c05486f94506672df3d6a141546f389d"
"sha256:95c13c750f1f214abadec92b82c2768a5e795e6c2ebd0b4126f895ce9efffcdd",
"sha256:e2f73790c60188d3f94f08f644de249d956b3789161e7604509d128a13fb2fcc"
],
"index": "pypi",
"version": "==3.2"
"version": "==3.2.1"
},
"django-dbbackup": {
"hashes": [
@ -1683,11 +1683,11 @@
},
"pytest": {
"hashes": [
"sha256:671238a46e4df0f3498d1c3270e5deb9b32d25134c99b7d75370a68cfbe9b634",
"sha256:6ad9c7bdf517a808242b998ac20063c41532a570d088d77eec1ee12b0b5574bc"
"sha256:50bcad0a0b9c5a72c8e4e7c9855a3ad496ca6a881a3641b4260605450772c54b",
"sha256:91ef2131a9bd6be8f76f1f08eac5c5317221d6ad1e143ae03894b862e8976890"
],
"index": "pypi",
"version": "==6.2.3"
"version": "==6.2.4"
},
"pytest-django": {
"hashes": [

View file

@ -148,22 +148,24 @@ class SourceFlowManager:
def get_flow(self, **kwargs) -> HttpResponse:
"""Get the flow response based on user_matching_mode"""
action, connection = self.get_action()
if not connection:
return redirect("/")
if action == Action.LINK:
self._logger.debug("Linking existing user")
return self.handle_existing_user_link(connection)
if action == Action.AUTH:
self._logger.debug("Handling auth user")
return self.handle_auth_user(connection)
if action == Action.ENROLL:
self._logger.debug("Handling enrollment of new user")
return self.handle_enroll(connection)
if connection:
if action == Action.LINK:
self._logger.debug("Linking existing user")
return self.handle_existing_user_link(connection)
if action == Action.AUTH:
self._logger.debug("Handling auth user")
return self.handle_auth_user(connection)
if action == Action.ENROLL:
self._logger.debug("Handling enrollment of new user")
return self.handle_enroll(connection)
# Default case, assume deny
messages.error(
self.request,
_(
"Request to authenticate with %(source)s has been denied!"
(
"Request to authenticate with %(source)s has been denied. Please authenticate "
"with the source you've previously signed up with."
)
% {"source": self.source.name}
),
)

8083
web/package-lock.json generated

File diff suppressed because it is too large Load diff

View file

@ -29,11 +29,11 @@ title: Next
Now you can configure how the matching should be done:
- Identifier: Keeps the old behaviour, can lead to duplicate user accounts
- Email (link): If a user with the same Email address exists, they are linked. Can have security implications when a source doesn't validate email addresses.
- Email (deny): Deny the flow if the Email address is already used.
- Username (link): If a user with the same username address exists, they are linked. Can have security implications when a username is used with another source.
- Username (deny): Deny the flow if the username address is already used.
- Identifier: Keeps the old behaviour, can lead to duplicate user accounts
- Email (link): If a user with the same Email address exists, they are linked. Can have security implications when a source doesn't validate email addresses.
- Email (deny): Deny the flow if the Email address is already used.
- Username (link): If a user with the same username address exists, they are linked. Can have security implications when a username is used with another source.
- Username (deny): Deny the flow if the username address is already used.
## Minor changes

13387
website/package-lock.json generated

File diff suppressed because it is too large Load diff