Commit graph

117 commits

Author SHA1 Message Date
Jens Langhammer 03b1a67b44 flows: change wording of consent on flows 2020-06-19 20:33:41 +02:00
Jens Langhammer 3a40e50fa0 providers/oidc: add template for consent 2020-06-19 20:19:31 +02:00
Jens Langhammer 73e7158178 e2e: add OIDC Provider test against grafana, more formatting, minor bug fixes 2020-06-19 19:45:27 +02:00
Jens Langhammer 8c6a4a4968 e2e: test against standalone chrome instance, start implementing oidc provider test 2020-06-19 18:19:20 +02:00
Jens Langhammer bdf0e74af3 docs: add supported scopes of oauth provider 2020-06-18 19:39:58 +02:00
Jens Langhammer 5e8a1e3c0d *: make email naming consistent 2020-06-18 19:35:59 +02:00
Jens Langhammer 6f0e292c43 root: add lgtm 2020-06-15 11:56:20 +02:00
Jens Langhammer bd312b60fc gatekeeper: update upstream docker image 2020-06-09 09:26:03 +02:00
Jens Langhammer ee8313142f Merge branch 'docs-flows'
# Conflicts:
#	passbook/core/templates/partials/form_horizontal.html
2020-06-08 15:43:46 +02:00
Jens L 4915205678
WIP Use Flows for Sources and Providers (#32)
* core: start migrating to flows for authorisation

* sources/oauth: start type-hinting

* core: create default user

* core: only show user delete button if an unenrollment flow exists

* flows: Correctly check initial policies on flow with context

* policies: add more verbosity to engine

* sources/oauth: migrate to flows

* sources/oauth: fix typing errors

* flows: add more tests

* sources/oauth: start implementing unittests

* sources/ldap: add option to disable user sync, move connection init to model

* sources/ldap: re-add default PropertyMappings

* providers/saml: re-add default PropertyMappings

* admin: fix missing stage count

* stages/identification: fix sources not being shown

* crypto: fix being unable to save with private key

* crypto: re-add default self-signed keypair

* policies: rewrite cache_key to prevent wrong cache

* sources/saml: migrate to flows for auth and enrollment

* stages/consent: add new stage

* admin: fix PropertyMapping widget not rendering properly

* core: provider.authorization_flow is mandatory

* flows: add support for "autosubmit" attribute on form

* flows: add InMemoryStage for dynamic stages

* flows: optionally allow empty flows from FlowPlanner

* providers/saml: update to authorization_flow

* sources/*: fix flow executor URL

* flows: fix pylint error

* flows: wrap responses in JSON object to easily handle redirects

* flow: dont cache plan's context

* providers/oauth: rewrite OAuth2 Provider to use flows

* providers/*: update docstrings of models

* core: fix forms not passing help_text through safe

* flows: fix HttpResponses not being converted to JSON

* providers/oidc: rewrite to use flows

* flows: fix linting
2020-06-07 16:35:08 +02:00
Jens Langhammer 7664b428e7 sources/ldap: fix expression field not being CodeMirror 2020-06-05 20:18:45 +02:00
Jens Langhammer 30ca926b38 docs: remove last occurrences to jinja2 2020-06-05 20:18:11 +02:00
Jens L 73116b9d1a
policies/expression: migrate to raw python instead of jinja2 (#49)
* policies/expression: migrate to raw python instead of jinja2

* lib/expression: create base evaluator, custom subclass for policies

* core: rewrite propertymappings to use python

* providers/saml: update to new PropertyMappings

* sources/ldap: update to new PropertyMappings

* docs: update docs for new propertymappings

* root: remove jinja2

* root: re-add jinja to lock file as its implicitly required
2020-06-05 12:00:27 +02:00
Jens Langhammer 8080b0380e providers/saml: re-add default PropertyMappings 2020-06-02 17:00:03 +02:00
Jens L df8995deed
policies/*: remove Policy.negate, order, timeout (#39)
policies: rewrite engine to use PolicyBinding for order/negate/timeout
policies: rewrite engine to use PolicyResult instead of tuple
2020-05-28 21:45:54 +02:00
Jens Langhammer e2804b9755 root: fix linting errors 2020-05-27 11:26:48 +02:00
Jens L beabba2890
flows: Load Stages without refreshing the whole page (#33)
* flows: initial implementation of FlowExecutorShell

* flows: load messages dynamically upon card refresh
2020-05-24 00:57:25 +02:00
Jens L 24a3e787dd
migrate to per-model UUID Primary key, remove UUIDModel (#26)
* *: migrate to per-model UUID Primary key, remove UUIDModel

* *: fix import order, fix unittests
2020-05-20 09:17:06 +02:00
Jens Langhammer c903c81bd5 root: update pylint ignore list 2020-05-18 18:15:39 +02:00
Jens Langhammer 7bd65120b9 *: migrate from PolicyModel to PolicyBindingModel, move Policy to passbook_policies 2020-05-16 18:07:00 +02:00
Jens Langhammer 406f69080b Revert "*: providers and sources -> channels, PolicyModel to PolicyBindingModel that uses custom M2M through"
This reverts commit 7ed3ceb960.
2020-05-16 16:02:42 +02:00
Jens Langhammer 7ed3ceb960 *: providers and sources -> channels, PolicyModel to PolicyBindingModel that uses custom M2M through 2020-05-16 14:03:57 +02:00
Jens Langhammer a5319fc2fe *: rename templatetags to clearly identify 2020-05-15 10:54:31 +02:00
Jens Langhammer 80c3246333 policies/expression: add pb_flow_plan variable 2020-05-13 18:44:36 +02:00
Jens Langhammer e12780f78f flows: add invalidation designation, use as default logout action 2020-05-11 01:12:57 +02:00
Jens Langhammer 3456527f10 providers/saml: fix minor typing issue 2020-05-09 20:54:11 +02:00
Jens Langhammer 114bb1b0bd flows: implement planner, start new executor 2020-05-08 14:33:14 +02:00
Jens Langhammer 97b5d120f8 providers/oauth: fix default cors settings 2020-05-08 11:26:26 +02:00
Jens Langhammer 179f0097c0 provider/samlv2: more samlv2 progres 2020-05-07 19:25:15 +02:00
Jens Langhammer b40bffdf38 providers/samlv2: start implementing new SAML Provider 2020-05-07 01:20:08 +02:00
Jens Langhammer 813dd2894f *: add pyright type checking 2020-05-07 00:32:03 +02:00
Jens Langhammer 80d90b91e8 core: add general admin.py loader, remove individual files 2020-05-07 00:05:10 +02:00
Jens Langhammer fff05e35ac providers/saml: optionally verify SAML Signature 2020-05-06 18:03:12 +02:00
Jens Langhammer 5f4452470b providers/saml: fix metadata rendering when no singing keypair is selected
closes PASSBOOK-44
2020-04-10 21:54:23 +02:00
Jens Langhammer 9a1270c693 providers/saml: fix wrong signing property being checked
closes PASSBOOK-45
2020-04-10 21:52:03 +02:00
Jens Langhammer f2119ce567 providers/saml: fix signing_kp typo 2020-03-05 17:09:08 +01:00
Jens Langhammer 80a50f9bdb providers/saml: switch to new crypto 2020-03-03 23:35:50 +01:00
Jens Langhammer f6c322be27 providers/oidc: fix skip_authorization not being synced to oidc_client 2020-03-02 17:40:38 +01:00
Jens Langhammer a144552059 providers/oidc: fill claims with userinfo 2020-03-01 22:55:56 +01:00
Jens Langhammer 45bd63c720 api: update old field names 2020-02-28 11:48:55 +01:00
Jens Langhammer 64f15eadbd providers/saml: fix CSRF errors with POST binding 2020-02-28 10:50:16 +01:00
Jens Langhammer 81b66ecdcd core: remove some more dead code, add more help texts for factors 2020-02-27 16:39:30 +01:00
Jens Langhammer 9b72c604dd docs: fix some typos 2020-02-27 13:00:55 +01:00
Jens Langhammer b8daab4377 providers/saml: fix AccessRequiredView.dispatch not being called 2020-02-25 11:38:26 +01:00
Jens Langhammer c5b91bdae8 providers/saml: fix CannotHandleAssertion Error still being sent to sentry 2020-02-24 19:14:43 +01:00
Jens Langhammer 39a208c55f providers/saml: fix wrong key being used for params 2020-02-24 17:48:03 +01:00
Jens Langhammer a5bfef9b6b providers/saml: fix leftover data in session, fix IdP initiated login
move can_handle calls to binding endpoints (/login/ and /login/initiate/), so that /login/authorize/ works either way, can clean up the session and audit
2020-02-24 17:34:52 +01:00
Jens Langhammer 22838e66fe providers/saml: fix users being able to authenticate without audit logs being created 2020-02-24 14:40:12 +01:00
Jens Langhammer 484dd6de09 providers/oidc: add error template 2020-02-24 14:19:02 +01:00
Jens Langhammer 4daa70c894 core: fix saving of policy not correctly clearing it's cache 2020-02-24 13:15:52 +01:00