Commit Graph

12779 Commits

Author SHA1 Message Date
Jens L a6d0c8c26c
providers/saml: Metadata Import (#432)
* providers/saml: add basic metadata parser

* providers/saml: add importer for Singing certificate, validate signature, add tests

* providers/saml: add provider name to form,

* web: don't use trailing slash for spa URLs

* providers/saml: formatting fixes

* sources/*: add verbose_name to source serializers

* admin: add button launch import modal
2020-12-27 22:38:04 +01:00
Jens Langhammer 5797a3743a docs: prepare 0.14 release 2020-12-27 22:16:31 +01:00
Jens Langhammer b7e43efb34 docs: use version-0.13 branch for 0.13 instructions 2020-12-27 22:11:53 +01:00
Jens Langhammer 48df12d045 proxy: update to latest stable oauth2_proxy version 2020-12-27 20:14:08 +01:00
Jens Langhammer 4fea0f5939 web: fix error when applications have no provider assigned 2020-12-27 19:40:50 +01:00
Jens Langhammer a7bdd63e4d web: make siteshell's loading be relative to parent 2020-12-27 19:36:30 +01:00
Jens Langhammer e216efb6ec providers/oauth2: create access tokens as JWT 2020-12-27 19:36:17 +01:00
Jens Langhammer 378fe38b12 providers/oauth2: ensure response is URL fragment only when implicit or hybrid 2020-12-27 19:07:42 +01:00
Jens Langhammer ce9fb8801c providers/oauth2: ensure nonce is validated on all OIDC flows 2020-12-27 18:13:41 +01:00
Jens Langhammer 67ca83c228 providers/oauth2: add c_hash field 2020-12-27 18:13:13 +01:00
Jens Langhammer ee2e737782 providers/oauth2: remove response_type field as spec doesn't require validation 2020-12-27 18:12:47 +01:00
Jens Langhammer b04c9a2098 providers/oauth2: check redirect_uri before request object 2020-12-27 17:15:36 +01:00
Jens Langhammer 7f7b7e37c1 docs: rename upgrading to release notes 2020-12-27 15:35:58 +01:00
Jens Langhammer e7c96eb70d providers/oauth2: Make AuthorizeError's state parameter requireed 2020-12-27 15:33:29 +01:00
Jens Langhammer e8debce9c8 providers/oauth2: fix infinite loops when prompt=login 2020-12-27 15:23:26 +01:00
Jens Langhammer bcd0686a33 providers/oauth2: redirect back correctly with state on AuthorizationError 2020-12-27 15:22:53 +01:00
Jens Langhammer 55322995a1 providers/oauth2: make iss field configurable 2020-12-27 15:02:12 +01:00
Jens Langhammer dff5eb69c8 providers/oauth2: fix token endpoint creating invalid token when no scopes are passed 2020-12-27 14:48:44 +01:00
Jens Langhammer b747022bc1 providers/oauth2: fix old id_token being sent when using token endpoint with grant_type=refresh_token 2020-12-27 14:33:51 +01:00
Jens Langhammer 885fcff495 providers/oauth2: add grant_types_supported to discovery endpoint 2020-12-27 14:17:40 +01:00
Jens Langhammer 5b18e28753 providers/oauth2: fix include_claims_in_id_token not being shown in form/API 2020-12-27 14:05:10 +01:00
Jens Langhammer 9848c5f3eb providers/oauth2: implement discovery's scopes_supported better 2020-12-27 13:36:14 +01:00
Jens Langhammer fc98c3934a providers/*: implement configuration_error 2020-12-27 13:15:31 +01:00
Jens Langhammer 7964061466 events: add configuration_error action 2020-12-27 13:11:38 +01:00
Jens Langhammer 5f90f54195 stages/invitation: ensure created_by is set when creating from API 2020-12-27 13:11:28 +01:00
Jens Langhammer 49eb568d3c stages/invitation: remove invitation_created signal as model_created functions the same 2020-12-27 13:00:52 +01:00
Jens Langhammer d47d9103c7 tests: fix e2e tests for redirect_uri errors 2020-12-27 13:00:05 +01:00
Jens Langhammer 12cbe464fc web: fix table styling on mobile 2020-12-27 12:50:12 +01:00
Jens Langhammer d17b2b0d1b providers/oauth2: add request_parameter_supported 2020-12-27 12:18:23 +01:00
Jens Langhammer f17d809219 providers/oauth2: add scopes_supported to discovery endpoint 2020-12-26 21:18:16 +01:00
Jens Langhammer 6c8e9fb553 providers/oauth2: add ACR support 2020-12-26 20:16:50 +01:00
Jens Langhammer 43bb29e16a providers/oauth2: implement max_age param 2020-12-26 20:05:31 +01:00
Jens Langhammer 29edbb0357 providers/oauth2: use auth_time from LOGIN event 2020-12-26 19:05:02 +01:00
Jens Langhammer 12ae867759 providers/oauth2: redirect back on prompt=none error instead of showing message 2020-12-26 18:58:18 +01:00
Jens Langhammer a20ca9136b providers/oauth2: use in for prompt check 2020-12-26 18:53:47 +01:00
Jens Langhammer 3759e96e7d providers/oauth2: ensure interaction_required is raised when prompt=none and user not logged in 2020-12-26 18:45:23 +01:00
Jens Langhammer 480d882a82 policies: add pre_permission_check to PolicyAccessView for request validity checks 2020-12-26 18:43:45 +01:00
Jens Langhammer e5e1e3737d providers/oauth2: fix query using user model not dict 2020-12-26 18:20:34 +01:00
Jens Langhammer 8dddcf891e providers/oauth2: fix "auth_time" being based on user.last_login 2020-12-26 18:11:29 +01:00
Jens Langhammer 319104c39b providers/oauth2: improve error handling, ensure correct message is shown to user 2020-12-26 17:50:16 +01:00
Jens L a9336f069c
flows: add diagrams (#415)
* flows: initial diagram implementation

* web: install flowchart.js, add flow diagram page

* web: adjust diagram colours for dark mode

* flows: add permission checks for diagram

* flows: fix formatting

* web: fix formatting for web

* flows: add fix when last stage has policy

* flows: add test for diagram

* web: flows/diagram: add support for light mode

* flows: make Flows's Diagram API return json, add more tests and fix swagger response
2020-12-26 17:05:11 +01:00
Jens Langhammer 33f5169f36 core: fix formatting 2020-12-26 15:28:29 +01:00
Jens Langhammer 4c690a20ef core: fix token update/delete not working 2020-12-26 01:23:34 +01:00
Jens Langhammer f68c8f7d90 core: fix User's token creation not working 2020-12-26 01:23:18 +01:00
Jens Langhammer 95b56a0005 release: 0.13.5-stable 2020-12-26 00:52:42 +01:00
Jens Langhammer 811c569b54 core: show multi-select notice for SelectMultiple Widgets 2020-12-26 00:43:40 +01:00
Jens Langhammer 3ac3a8eebe core: fix error during migrations 2020-12-25 23:51:40 +01:00
Jens Langhammer 6a5a243dac stages/invitation: fix optional field being required 2020-12-25 23:41:34 +01:00
Jens Langhammer 3549a9ecdd docs: add notice about password stage to AD integration 2020-12-25 23:38:19 +01:00
Jens Langhammer ee916a68a4 stages/password: fix PasswordStageForm not showing backends 2020-12-25 23:34:26 +01:00