Jens Langhammer
ca0ba85023
providers/saml: disallow idp-initiated SSO by default and validate Request ID
2020-09-12 00:53:44 +02:00
Jens L
268de20872
Proxy v2 ( #189 )
2020-09-03 00:04:12 +02:00
Jens Langhammer
d4a5269bf1
*: Adjust forms to only show respective types of Flows and PropertyMappings
2020-08-01 20:02:23 +02:00
Jens Langhammer
37a432267d
Squashed commit of the following:
...
commit 88029a4335
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date: Mon Jul 20 16:55:55 2020 +0200
admin: update to work with new form
commit 4040eb9619
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date: Mon Jul 20 16:43:30 2020 +0200
*: remove path-based import from all PropertyMappings
commit c9663a08da
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date: Mon Jul 20 16:33:34 2020 +0200
flows: update work with new stages
commit a3d92ebc0a
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date: Mon Jul 20 16:23:30 2020 +0200
stages/*: remove path-based import from all stages
commit 6fa825e372
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date: Mon Jul 20 16:03:55 2020 +0200
providers/*: remove path-based import from all providers
commit 6aefd072c8
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date: Mon Jul 20 15:58:48 2020 +0200
policies/*: remove path-based import from all policies
commit ac2dd3611f
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date: Mon Jul 20 15:11:27 2020 +0200
sources/*: remove path-based import from all sources
commit 74e628ce9c
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date: Mon Jul 20 14:43:38 2020 +0200
ui: allow overriding of verbose_name
commit d4ee18ee32
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date: Mon Jul 20 14:08:27 2020 +0200
sources/oauth: migrate from discordapp.com to discord.com
2020-07-20 18:17:14 +02:00
Jens Langhammer
37b2400cdb
lib: move SAML timestring utils into lib
2020-07-20 11:35:16 +02:00
Jens Langhammer
a3baa100d4
sources/saml: remove unused import
2020-07-12 18:55:26 +02:00
Jens Langhammer
f7b9de1261
*/saml: fix MetadataProcessor having generic namespace prefixes
2020-07-12 18:40:43 +02:00
Jens Langhammer
47ca566d06
sources/saml: fix MetadataProcessor not working, add unittests
2020-07-12 18:40:18 +02:00
Jens Langhammer
a943d060d2
core: add separate autosubmit form for use without flows
2020-07-12 18:24:36 +02:00
Jens Langhammer
1675dab314
providers/saml: fix encoding for POST bindings
2020-07-12 17:58:38 +02:00
Jens Langhammer
996aa367d3
core: fix autosubmit_form loading full template
2020-07-12 17:45:03 +02:00
Jens Langhammer
464b558a02
*/saml: fix typo
2020-07-12 17:20:41 +02:00
Jens Langhammer
ff6e270886
sources/saml: fix AuthnRequest Singing for redirect bindings
2020-07-12 16:17:35 +02:00
Jens Langhammer
91766a2162
sources/saml: automatically add RelayState to build_auth_n_detached
2020-07-12 01:46:46 +02:00
Jens Langhammer
a393097504
*/saml: start implementing unittests, fix signing
2020-07-12 01:44:34 +02:00
Jens Langhammer
92a09be8c0
sources/saml: rewrite Processors and Views to directly build XML without templates
2020-07-11 01:02:55 +02:00
Jens Langhammer
e58ac7ae90
polices: add helper to remove None-value keys from dict for policies
2020-07-08 23:07:16 +02:00
Jens Langhammer
0e3e73989d
sources/saml: Add NameID Policy field, sent with AuthnRequest
2020-07-08 16:18:09 +02:00
Jens Langhammer
d831599608
core: make autosubmit_form generic template
2020-07-08 14:27:58 +02:00
Jens Langhammer
1e57926603
sources/saml: add POST_AUTO binding which auto redirects to IdP
2020-07-08 14:18:08 +02:00
Jens Langhammer
1524880eec
core: add generic login/base_full template for static login views
2020-07-08 14:17:29 +02:00
Jens Langhammer
3b70d12a5f
*: rephrase strings
2020-07-01 18:40:52 +02:00
Jens Langhammer
ec823aebed
flows: update migrations to use update_or_create
2020-06-29 16:19:39 +02:00
Jens Langhammer
05778d8065
sources/saml: minor formatting fixes
2020-06-24 22:46:20 +02:00
Jens Langhammer
31e0d74495
sources/saml: correctly cleanup transient users, update forms
2020-06-24 22:27:14 +02:00
Jens Langhammer
05999cb8c7
sources/saml: start implementing transient NameID format
2020-06-24 21:50:30 +02:00
Jens Langhammer
c0d8aa2303
sources/saml: fix SAMLRequest not being encoded properly for Redirect bindings
2020-06-24 13:12:34 +02:00
Jens Langhammer
52f138d402
sources/saml: improve error handing of invalid signatures
2020-06-23 21:49:27 +02:00
Jens L
4915205678
WIP Use Flows for Sources and Providers ( #32 )
...
* core: start migrating to flows for authorisation
* sources/oauth: start type-hinting
* core: create default user
* core: only show user delete button if an unenrollment flow exists
* flows: Correctly check initial policies on flow with context
* policies: add more verbosity to engine
* sources/oauth: migrate to flows
* sources/oauth: fix typing errors
* flows: add more tests
* sources/oauth: start implementing unittests
* sources/ldap: add option to disable user sync, move connection init to model
* sources/ldap: re-add default PropertyMappings
* providers/saml: re-add default PropertyMappings
* admin: fix missing stage count
* stages/identification: fix sources not being shown
* crypto: fix being unable to save with private key
* crypto: re-add default self-signed keypair
* policies: rewrite cache_key to prevent wrong cache
* sources/saml: migrate to flows for auth and enrollment
* stages/consent: add new stage
* admin: fix PropertyMapping widget not rendering properly
* core: provider.authorization_flow is mandatory
* flows: add support for "autosubmit" attribute on form
* flows: add InMemoryStage for dynamic stages
* flows: optionally allow empty flows from FlowPlanner
* providers/saml: update to authorization_flow
* sources/*: fix flow executor URL
* flows: fix pylint error
* flows: wrap responses in JSON object to easily handle redirects
* flow: dont cache plan's context
* providers/oauth: rewrite OAuth2 Provider to use flows
* providers/*: update docstrings of models
* core: fix forms not passing help_text through safe
* flows: fix HttpResponses not being converted to JSON
* providers/oidc: rewrite to use flows
* flows: fix linting
2020-06-07 16:35:08 +02:00
Jens L
24a3e787dd
migrate to per-model UUID Primary key, remove UUIDModel ( #26 )
...
* *: migrate to per-model UUID Primary key, remove UUIDModel
* *: fix import order, fix unittests
2020-05-20 09:17:06 +02:00
Jens Langhammer
a5319fc2fe
*: rename templatetags to clearly identify
2020-05-15 10:54:31 +02:00
Jens Langhammer
80d90b91e8
core: add general admin.py loader, remove individual files
2020-05-07 00:05:10 +02:00
Jens Langhammer
dc8b89a6b9
sources/saml: switch to new crypto
2020-03-03 23:35:38 +01:00
Jens Langhammer
81b66ecdcd
core: remove some more dead code, add more help texts for factors
2020-02-27 16:39:30 +01:00
Jens Langhammer
88c1ad4c1c
providers/saml: fix 500 when SAML Provider not assigned to application
2020-02-21 20:54:00 +01:00
Jens Langhammer
32a15f84c0
root: run bandit as part of pre-commit
2020-02-21 09:03:59 +01:00
Jens Langhammer
d988f37afc
lib: add SentryIgnoredException, to easily ignore exceptions from sentry
2020-02-20 21:38:53 +01:00
Jens Langhammer
295c0bae3f
sources/saml: validate SAMLResponse signature
2020-02-20 21:34:25 +01:00
Jens Langhammer
84fc54ddaa
sources/saml: entity_id -> issuer
2020-02-20 17:23:27 +01:00
Jens Langhammer
14e0a17dbc
ui: don't remove dashes when auto generating slug
2020-02-20 17:13:50 +01:00
Jens Langhammer
40a2a26904
sources/saml: fix Metadata cert including PEM header
2020-02-20 17:05:11 +01:00
Jens Langhammer
c8b3c6e51a
sources/saml: fix `build_full_url` using incorrect URL parameter
2020-02-20 17:04:54 +01:00
Jens Langhammer
3c2b8e5ee1
all: prefix all UI related methods with ui_, switch to property and return dataclass
2020-02-20 13:51:41 +01:00
Jens Langhammer
9267d0c1dd
all: general maintenance, prepare for pyright
2020-02-18 22:12:51 +01:00
Jens Langhammer
41689fe3ce
sources/* add missing migrations
2020-02-17 16:27:35 +01:00
Jens Langhammer
e138076e1d
sources/saml: move labels from forms to models
2020-02-16 12:34:46 +01:00
Jens Langhammer
e36d7928e4
providers/saml: big cleanup, simplify base processor
...
add New fields for
- assertion_valid_not_before
- assertion_valid_not_on_or_after
- session_valid_not_on_or_after
allow flexible time durations for these fields
fall back to Provider's ACS if none is specified in AuthNRequest
2020-02-14 15:19:48 +01:00
Jens Langhammer
3bd1eadd51
all: implement black as code formatter
2019-12-31 12:51:16 +01:00
Jens Langhammer
74cd0bc08f
all(minor): remove old, unused code
2019-12-05 15:07:37 +01:00
Langhammer, Jens
44c0eb37cf
sources/saml(minor): fix lint issue
2019-11-07 18:02:59 +01:00