1675dab314
providers/saml: fix encoding for POST bindings
2020-07-12 17:58:38 +02:00
996aa367d3
core: fix autosubmit_form loading full template
2020-07-12 17:45:03 +02:00
464b558a02
*/saml: fix typo
2020-07-12 17:20:41 +02:00
ff6e270886
sources/saml: fix AuthnRequest Singing for redirect bindings
2020-07-12 16:17:35 +02:00
91766a2162
sources/saml: automatically add RelayState to build_auth_n_detached
2020-07-12 01:46:46 +02:00
a393097504
*/saml: start implementing unittests, fix signing
2020-07-12 01:44:34 +02:00
92a09be8c0
sources/saml: rewrite Processors and Views to directly build XML without templates
2020-07-11 01:02:55 +02:00
8de3c4fbd6
sources/ldap: improve unittests
2020-07-10 20:21:51 +02:00
7ac4242a38
e2e: add test for OAuth Enrollment -> OAuth Authentication
2020-07-10 00:14:48 +02:00
4caa4be476
sources/oauth: fix UserOAuthSourceConnection not being assigned to user after enrollment
...
sources/oauth: separate handle_new_connection into handle_existing_user_link and handle_enroll
2020-07-10 00:07:59 +02:00
c6d8bae147
e2e: generate dex config dynamically
2020-07-09 23:15:22 +02:00
c70310730a
sources/oauth: split up single large "core" views
2020-07-09 23:09:32 +02:00
e58ac7ae90
polices: add helper to remove None-value keys from dict for policies
2020-07-08 23:07:16 +02:00
d786fa4b7c
sources/oauth: rewrite to not directly create user, pre-seed data into flow
2020-07-08 20:39:20 +02:00
0e3e73989d
sources/saml: Add NameID Policy field, sent with AuthnRequest
2020-07-08 16:18:09 +02:00
d831599608
core: make autosubmit_form generic template
2020-07-08 14:27:58 +02:00
1e57926603
sources/saml: add POST_AUTO binding which auto redirects to IdP
2020-07-08 14:18:08 +02:00
1524880eec
core: add generic login/base_full template for static login views
2020-07-08 14:17:29 +02:00
571cb3d65f
sources/oauth: disable twitter source while its broken
2020-07-07 22:25:50 +02:00
5644e57e6a
sources/oauth: directly call AuthorizedServiceBackend instead of authenticate()
2020-07-07 22:23:45 +02:00
cfc181eed1
sources/oauth: fix wrong comparions
...
closes #118
2020-07-07 21:46:16 +02:00
c00e01626e
sources/ldap: adjust task schedule name
2020-07-07 17:04:07 +02:00
af22f507f4
sources/oauth: fix template for user settings
2020-07-06 17:48:53 +02:00
3b70d12a5f
*: rephrase strings
2020-07-01 18:40:52 +02:00
920858ff72
Merge branch 'master' into otp-rework
...
# Conflicts:
# passbook/flows/models.py
# passbook/stages/otp/models.py
# swagger.yaml
2020-06-29 22:54:18 +02:00
d6a8d8292d
core: UIUserSettings: remove icon, rename view_name to URL for complete URL
2020-06-29 16:20:33 +02:00
ec823aebed
flows: update migrations to use update_or_create
2020-06-29 16:19:39 +02:00
57a7bed99d
sources/oauth: fix facebook provider
2020-06-25 10:24:53 +02:00
05778d8065
sources/saml: minor formatting fixes
2020-06-24 22:46:20 +02:00
31e0d74495
sources/saml: correctly cleanup transient users, update forms
2020-06-24 22:27:14 +02:00
05999cb8c7
sources/saml: start implementing transient NameID format
2020-06-24 21:50:30 +02:00
c0d8aa2303
sources/saml: fix SAMLRequest not being encoded properly for Redirect bindings
2020-06-24 13:12:34 +02:00
52f138d402
sources/saml: improve error handing of invalid signatures
2020-06-23 21:49:27 +02:00
6f0e292c43
root: add lgtm
2020-06-15 11:56:20 +02:00
26aa7e1fef
sources/ldap: fix 'LDAPSource' object has no attribute '_connection'
2020-06-09 01:17:17 +02:00
ee8313142f
Merge branch 'docs-flows'
...
# Conflicts:
# passbook/core/templates/partials/form_horizontal.html
2020-06-08 15:43:46 +02:00
4915205678
WIP Use Flows for Sources and Providers ( #32 )
...
* core: start migrating to flows for authorisation
* sources/oauth: start type-hinting
* core: create default user
* core: only show user delete button if an unenrollment flow exists
* flows: Correctly check initial policies on flow with context
* policies: add more verbosity to engine
* sources/oauth: migrate to flows
* sources/oauth: fix typing errors
* flows: add more tests
* sources/oauth: start implementing unittests
* sources/ldap: add option to disable user sync, move connection init to model
* sources/ldap: re-add default PropertyMappings
* providers/saml: re-add default PropertyMappings
* admin: fix missing stage count
* stages/identification: fix sources not being shown
* crypto: fix being unable to save with private key
* crypto: re-add default self-signed keypair
* policies: rewrite cache_key to prevent wrong cache
* sources/saml: migrate to flows for auth and enrollment
* stages/consent: add new stage
* admin: fix PropertyMapping widget not rendering properly
* core: provider.authorization_flow is mandatory
* flows: add support for "autosubmit" attribute on form
* flows: add InMemoryStage for dynamic stages
* flows: optionally allow empty flows from FlowPlanner
* providers/saml: update to authorization_flow
* sources/*: fix flow executor URL
* flows: fix pylint error
* flows: wrap responses in JSON object to easily handle redirects
* flow: dont cache plan's context
* providers/oauth: rewrite OAuth2 Provider to use flows
* providers/*: update docstrings of models
* core: fix forms not passing help_text through safe
* flows: fix HttpResponses not being converted to JSON
* providers/oidc: rewrite to use flows
* flows: fix linting
2020-06-07 16:35:08 +02:00
7664b428e7
sources/ldap: fix expression field not being CodeMirror
2020-06-05 20:18:45 +02:00
30ca926b38
docs: remove last occurrences to jinja2
2020-06-05 20:18:11 +02:00
73116b9d1a
policies/expression: migrate to raw python instead of jinja2 ( #49 )
...
* policies/expression: migrate to raw python instead of jinja2
* lib/expression: create base evaluator, custom subclass for policies
* core: rewrite propertymappings to use python
* providers/saml: update to new PropertyMappings
* sources/ldap: update to new PropertyMappings
* docs: update docs for new propertymappings
* root: remove jinja2
* root: re-add jinja to lock file as its implicitly required
2020-06-05 12:00:27 +02:00
ef913abc7a
sources/ldap: add option to disable user sync, move connection init to model
2020-06-02 17:15:59 +02:00
ddfa2abbaa
sources/ldap: re-add default PropertyMappings
2020-06-02 17:00:03 +02:00
5fc5e54f47
sources/oauth: fix typing errors
...
# Conflicts:
# passbook/sources/oauth/clients.py
2020-06-02 16:57:38 +02:00
e2804b9755
root: fix linting errors
2020-05-27 11:26:48 +02:00
beabba2890
flows: Load Stages without refreshing the whole page ( #33 )
...
* flows: initial implementation of FlowExecutorShell
* flows: load messages dynamically upon card refresh
2020-05-24 00:57:25 +02:00
0664f0b6b2
flows: add support for default_context, etc
...
default_context can be used to influence policies during the planning. This should be used when the Planner is called from other views to correctly preseed the plan.
This also checks if there is a PENDING_USER set, and uses that user for the cache key instead
2020-05-20 16:15:16 +02:00
cafe2f1e1f
admin: fix linting
2020-05-20 13:59:56 +02:00
969da05437
admin: show object's docstring on inheritance based lists
2020-05-20 13:47:58 +02:00
24a3e787dd
migrate to per-model UUID Primary key, remove UUIDModel ( #26 )
...
* *: migrate to per-model UUID Primary key, remove UUIDModel
* *: fix import order, fix unittests
2020-05-20 09:17:06 +02:00
13a20478fd
sources/oauth: add OIDC client
2020-05-19 21:53:46 +02:00
f58ee7fb52
sources/oauth: fix handling of sources with spaces in their name
2020-05-19 21:53:36 +02:00
a5319fc2fe
*: rename templatetags to clearly identify
2020-05-15 10:54:31 +02:00
212e966dd4
factors: -> stage
2020-05-08 20:59:51 +02:00
2a85e5ae87
flows: complete migration to FlowExecutorView, fully use context
2020-05-08 16:10:27 +02:00
114bb1b0bd
flows: implement planner, start new executor
2020-05-08 14:33:14 +02:00
5400882d78
flows/: more migration progress, consolidate views
2020-05-07 21:30:52 +02:00
80d90b91e8
core: add general admin.py loader, remove individual files
2020-05-07 00:05:10 +02:00
dc8b89a6b9
sources/saml: switch to new crypto
2020-03-03 23:35:38 +01:00
81b66ecdcd
core: remove some more dead code, add more help texts for factors
2020-02-27 16:39:30 +01:00
f8599438df
ui: fix lists not being rendered correctly
2020-02-24 13:13:42 +01:00
64d7b009ab
sources/oauth: fix invalid headers, fix invalid function signature
2020-02-23 19:42:57 +01:00
fa2870afe0
sources: remove policies as they are not used currently
2020-02-23 14:40:06 +01:00
f4a676e2fb
sources/oauth: slugify provider type instead of just lowercase
2020-02-23 13:53:16 +01:00
88c1ad4c1c
providers/saml: fix 500 when SAML Provider not assigned to application
2020-02-21 20:54:00 +01:00
1285ba6fbb
ui: include font-awesome
2020-02-21 18:00:09 +01:00
a09a1793ec
ui: update templates for jinja2-related fields
2020-02-21 15:36:37 +01:00
8fd86a28ff
ui: fixup minor issues, add static app
2020-02-21 11:20:55 +01:00
32a15f84c0
root: run bandit as part of pre-commit
2020-02-21 09:03:59 +01:00
d988f37afc
lib: add SentryIgnoredException, to easily ignore exceptions from sentry
2020-02-20 21:38:53 +01:00
295c0bae3f
sources/saml: validate SAMLResponse signature
2020-02-20 21:34:25 +01:00
84fc54ddaa
sources/saml: entity_id -> issuer
2020-02-20 17:23:27 +01:00
0b5caa85f5
all: sort imports and cleanup
2020-02-20 17:23:05 +01:00
14e0a17dbc
ui: don't remove dashes when auto generating slug
2020-02-20 17:13:50 +01:00
40a2a26904
sources/saml: fix Metadata cert including PEM header
2020-02-20 17:05:11 +01:00
c8b3c6e51a
sources/saml: fix `build_full_url` using incorrect URL parameter
2020-02-20 17:04:54 +01:00
6c889eff27
core: fix application icons not loading, fix with_sources being broken
2020-02-20 14:30:06 +01:00
3c2b8e5ee1
all: prefix all UI related methods with ui_, switch to property and return dataclass
2020-02-20 13:51:41 +01:00
07b7951390
sources/ldap: handle user_sync errors better, show warning when user exists already
2020-02-19 16:20:33 +01:00
9267d0c1dd
all: general maintenance, prepare for pyright
2020-02-18 22:12:51 +01:00
865abc005a
sources/oauth: remove leading spaces in default URLs
2020-02-18 21:49:53 +01:00
a2725d5b82
sources/oauth: remove redundant OAuth2Clients
2020-02-18 21:49:40 +01:00
4a05bc6e02
sources/oauth: improve default OAuth2 Client, send access_token as Bearer Authz
2020-02-18 21:49:23 +01:00
4e8238603a
all: cleanup logging to be structured
2020-02-18 21:35:58 +01:00
7c353f9297
sources/oauth: remove supervisr
2020-02-18 17:01:08 +01:00
95416623b3
sources/ldap: better handle property mapping evaluation errors
2020-02-18 10:13:05 +01:00
3aa2f1e892
*: propertymapping template -> expression
2020-02-17 20:38:14 +01:00
bc4b7ef44d
providers/saml: add custom help text for templates, add docs for User Object reference
2020-02-17 20:30:14 +01:00
e57da71dcf
sources/ldap: update LDAP source to use new property mappings
2020-02-17 17:55:48 +01:00
41689fe3ce
sources/* add missing migrations
2020-02-17 16:27:35 +01:00
e138076e1d
sources/saml: move labels from forms to models
2020-02-16 12:34:46 +01:00
721d133dc3
sources/oauth: move labels from form to models
2020-02-16 12:34:33 +01:00
75b687ecbe
sources/ldap: move labels from form to models
2020-02-16 12:30:45 +01:00
e36d7928e4
providers/saml: big cleanup, simplify base processor
...
add New fields for
- assertion_valid_not_before
- assertion_valid_not_on_or_after
- session_valid_not_on_or_after
allow flexible time durations for these fields
fall back to Provider's ACS if none is specified in AuthNRequest
2020-02-14 15:19:48 +01:00
766518ee0e
audit: sanitize kwargs when creating audit event
2019-12-31 13:33:07 +01:00
3bd1eadd51
all: implement black as code formatter
2019-12-31 12:51:16 +01:00
8eb3f0f708
ci: upgrade pylint to latest version
...
core: also upgrade kombu as https://github.com/celery/kombu/issues/1101 is fixed now
2019-12-31 12:45:29 +01:00
31ea2e7139
audit: fix internal server error from passing models
2019-12-31 11:40:03 +01:00
807cbbeaaf
audit: rewrite to be independent of django http requests, allow custom actions
2019-12-05 16:14:08 +01:00
74cd0bc08f
all(minor): remove old, unused code
2019-12-05 15:07:37 +01:00
44c0eb37cf
sources/saml(minor): fix lint issue
2019-11-07 18:02:59 +01:00
Jens Langhammer
Jens L
Langhammer, Jens