Commit Graph

90 Commits

Author SHA1 Message Date
Jens Langhammer 5ff1dd8426 core: move impersonation to core, add tests, add better permission checks 2020-09-17 16:24:53 +02:00
Jens Langhammer 4b39c71de0 providers/oauth2: accept token as post param 2020-09-16 23:38:55 +02:00
Jens Langhammer 818f417fd8 providers/oauth2: only send id_token as access_token if ADFS compat mode is enabled 2020-09-16 23:31:03 +02:00
Jens Langhammer ea9687c30b core: don't fail migrations if no pbadmin exists 2020-09-15 23:37:39 +02:00
Jens Langhammer 0a5e14a352 core: make is_superuser a group property, remove from user 2020-09-15 23:10:31 +02:00
Jens L 268de20872
Proxy v2 (#189) 2020-09-03 00:04:12 +02:00
Jens Langhammer 7334599efd *: update JSON fields to django 3.1 2020-08-15 21:04:22 +02:00
Jens Langhammer 2d2b2d08f4 core: fix source slug not being unique 2020-07-09 23:05:46 +02:00
Jens Langhammer d5a3e09a98 core: add token Intents 2020-07-05 23:14:57 +02:00
Jens Langhammer 16b966c16e policies: Show grouped Dropdown for Target 2020-07-04 00:16:16 +02:00
Jens Langhammer af8cdb34ee *: fix not all migrations using db_alias 2020-06-19 20:43:27 +02:00
Jens Langhammer 3713d111a4 core: fix integrity error for default user
closes #75
2020-06-18 19:04:13 +02:00
Jens L 4915205678
WIP Use Flows for Sources and Providers (#32)
* core: start migrating to flows for authorisation

* sources/oauth: start type-hinting

* core: create default user

* core: only show user delete button if an unenrollment flow exists

* flows: Correctly check initial policies on flow with context

* policies: add more verbosity to engine

* sources/oauth: migrate to flows

* sources/oauth: fix typing errors

* flows: add more tests

* sources/oauth: start implementing unittests

* sources/ldap: add option to disable user sync, move connection init to model

* sources/ldap: re-add default PropertyMappings

* providers/saml: re-add default PropertyMappings

* admin: fix missing stage count

* stages/identification: fix sources not being shown

* crypto: fix being unable to save with private key

* crypto: re-add default self-signed keypair

* policies: rewrite cache_key to prevent wrong cache

* sources/saml: migrate to flows for auth and enrollment

* stages/consent: add new stage

* admin: fix PropertyMapping widget not rendering properly

* core: provider.authorization_flow is mandatory

* flows: add support for "autosubmit" attribute on form

* flows: add InMemoryStage for dynamic stages

* flows: optionally allow empty flows from FlowPlanner

* providers/saml: update to authorization_flow

* sources/*: fix flow executor URL

* flows: fix pylint error

* flows: wrap responses in JSON object to easily handle redirects

* flow: dont cache plan's context

* providers/oauth: rewrite OAuth2 Provider to use flows

* providers/*: update docstrings of models

* core: fix forms not passing help_text through safe

* flows: fix HttpResponses not being converted to JSON

* providers/oidc: rewrite to use flows

* flows: fix linting
2020-06-07 16:35:08 +02:00
Jens Langhammer c62794c738 admin: fix PropertyMapping widget not rendering properly 2020-06-05 20:27:18 +02:00
Jens L 73116b9d1a
policies/expression: migrate to raw python instead of jinja2 (#49)
* policies/expression: migrate to raw python instead of jinja2

* lib/expression: create base evaluator, custom subclass for policies

* core: rewrite propertymappings to use python

* providers/saml: update to new PropertyMappings

* sources/ldap: update to new PropertyMappings

* docs: update docs for new propertymappings

* root: remove jinja2

* root: re-add jinja to lock file as its implicitly required
2020-06-05 12:00:27 +02:00
Jens Langhammer 3f92d1c420 flows: Correctly check initial policies on flow with context
# Conflicts:
#	passbook/flows/planner.py
#	passbook/flows/tests/test_planner.py
#	passbook/flows/tests/test_views.py
#	passbook/flows/views.py
2020-06-02 16:53:40 +02:00
Jens Langhammer 052bf88c3d core: create default user
# Conflicts:
#	README.md
2020-06-02 16:42:44 +02:00
Jens L 24a3e787dd
migrate to per-model UUID Primary key, remove UUIDModel (#26)
* *: migrate to per-model UUID Primary key, remove UUIDModel

* *: fix import order, fix unittests
2020-05-20 09:17:06 +02:00
Jens Langhammer 7bd65120b9 *: migrate from PolicyModel to PolicyBindingModel, move Policy to passbook_policies 2020-05-16 18:07:00 +02:00
Jens Langhammer 227966e727 core: rename nonce to token 2020-05-16 16:11:53 +02:00
Jens Langhammer 406f69080b Revert "*: providers and sources -> channels, PolicyModel to PolicyBindingModel that uses custom M2M through"
This reverts commit 7ed3ceb960.
2020-05-16 16:02:42 +02:00
Jens Langhammer 7ed3ceb960 *: providers and sources -> channels, PolicyModel to PolicyBindingModel that uses custom M2M through 2020-05-16 14:03:57 +02:00
Jens Langhammer 7500e622f6 stages/invitation: start extracting invitation from core 2020-05-11 21:58:02 +02:00
Jens Langhammer c27d257146 core: fix migrations 2020-05-10 12:07:40 +02:00
Jens Langhammer 9bccf9bb0a policies/dummy: separate dummy policy from core into app 2020-05-10 02:14:55 +02:00
Jens Langhammer 212e966dd4 factors: -> stage 2020-05-08 20:59:51 +02:00
Jens Langhammer 8c329dca7d core: add migration to fix null fields in core.application 2020-02-22 19:26:34 +01:00
Jens Langhammer 995c87938f core: fix default Null causing issues in translation 2020-02-21 23:10:00 +01:00
Jens Langhammer 26bf6fd22f all: add more helpful help_text to models 2020-02-21 15:12:16 +01:00
Jens Langhammer 2dfd93afb1 core: add more fields for metadata of applications 2020-02-20 13:45:22 +01:00
Jens Langhammer 3aa2f1e892 *: propertymapping template -> expression 2020-02-17 20:38:14 +01:00
Jens Langhammer e6c47fee26 core: add template field to PropertyMapping 2020-02-17 17:47:51 +01:00
Jens Langhammer 3bd1eadd51 all: implement black as code formatter 2019-12-31 12:51:16 +01:00
Langhammer, Jens 543e949a48 api(minor): start with api v2 2019-10-28 14:26:07 +01:00
Langhammer, Jens 261d57ad7b Merge branch 'master' into guardian
# Conflicts:
#	Pipfile
#	Pipfile.lock
#	passbook/admin/views/invitations.py
#	passbook/admin/views/policy.py
#	passbook/admin/views/providers.py
#	passbook/admin/views/sources.py
#	passbook/admin/views/users.py
2019-10-15 15:09:11 +02:00
Langhammer, Jens 358e39ced0 core(major): remove action field from policy 2019-10-14 13:57:38 +02:00
Langhammer, Jens fc69b6851d core(minor): tags -> attributes, add attributes to user, add propertymappings to source 2019-10-11 12:47:06 +02:00
Langhammer, Jens 37111fd07b core(minor): merge migrations 2019-10-10 17:41:22 +02:00
Langhammer, Jens 143a575369 Merge branch 'master' into guardian
# Conflicts:
#	Pipfile
#	Pipfile.lock
#	passbook/core/models.py
2019-10-10 17:29:34 +02:00
Langhammer, Jens 3d8242be06 core(minor): add new, optional description field to nonce 2019-10-10 14:04:58 +02:00
Langhammer, Jens 3185a86b22 core(minor): add separate permission to reset user's password 2019-10-10 13:01:36 +02:00
Langhammer, Jens f2acc154cd *(minor): small refactor 2019-10-07 16:33:48 +02:00
Jens Langhammer 5d1a3043b2 create SSOLoginPolicy, which allows factors to be applied when user comes from SSO login
implement SESSIION_IS_SSO_LOGIN for OAuth Client and core MFA
2019-04-29 23:19:37 +02:00
Jens Langhammer e7129d18f6 fix inconsistent migrations 2019-04-13 17:52:11 +02:00
Jens Langhammer 8536ef9e23 Add guardian for Application permissions 2019-04-10 18:46:33 +02:00
Jens Langhammer 660972e303 add ability to have non-expiring nonces, clean up expired nonces 2019-04-04 21:49:10 +02:00
Jens Langhammer 883d439544 add timeout field to policy to prevent stuck policies 2019-03-21 14:48:51 +01:00
Jens Langhammer 501fed1922 rewrite PasswordFactor to use backends setting instead of trying all backends 2019-03-10 21:47:08 +01:00
Jens Langhammer e4baf8c21e Add Group Member policy 2019-03-10 19:32:18 +01:00
Jens Langhammer 2b8c2b2346 use Django's Admin FilteredSelectMultiple for Group Membership 2019-03-10 18:06:06 +01:00