Jens Langhammer
31e0d74495
sources/saml: correctly cleanup transient users, update forms
2020-06-24 22:27:14 +02:00
Jens Langhammer
05999cb8c7
sources/saml: start implementing transient NameID format
2020-06-24 21:50:30 +02:00
Jens Langhammer
c0d8aa2303
sources/saml: fix SAMLRequest not being encoded properly for Redirect bindings
2020-06-24 13:12:34 +02:00
Jens Langhammer
52f138d402
sources/saml: improve error handing of invalid signatures
2020-06-23 21:49:27 +02:00
Jens Langhammer
6f0e292c43
root: add lgtm
2020-06-15 11:56:20 +02:00
Jens Langhammer
26aa7e1fef
sources/ldap: fix 'LDAPSource' object has no attribute '_connection'
2020-06-09 01:17:17 +02:00
Jens Langhammer
ee8313142f
Merge branch 'docs-flows'
...
# Conflicts:
# passbook/core/templates/partials/form_horizontal.html
2020-06-08 15:43:46 +02:00
Jens L
4915205678
WIP Use Flows for Sources and Providers ( #32 )
...
* core: start migrating to flows for authorisation
* sources/oauth: start type-hinting
* core: create default user
* core: only show user delete button if an unenrollment flow exists
* flows: Correctly check initial policies on flow with context
* policies: add more verbosity to engine
* sources/oauth: migrate to flows
* sources/oauth: fix typing errors
* flows: add more tests
* sources/oauth: start implementing unittests
* sources/ldap: add option to disable user sync, move connection init to model
* sources/ldap: re-add default PropertyMappings
* providers/saml: re-add default PropertyMappings
* admin: fix missing stage count
* stages/identification: fix sources not being shown
* crypto: fix being unable to save with private key
* crypto: re-add default self-signed keypair
* policies: rewrite cache_key to prevent wrong cache
* sources/saml: migrate to flows for auth and enrollment
* stages/consent: add new stage
* admin: fix PropertyMapping widget not rendering properly
* core: provider.authorization_flow is mandatory
* flows: add support for "autosubmit" attribute on form
* flows: add InMemoryStage for dynamic stages
* flows: optionally allow empty flows from FlowPlanner
* providers/saml: update to authorization_flow
* sources/*: fix flow executor URL
* flows: fix pylint error
* flows: wrap responses in JSON object to easily handle redirects
* flow: dont cache plan's context
* providers/oauth: rewrite OAuth2 Provider to use flows
* providers/*: update docstrings of models
* core: fix forms not passing help_text through safe
* flows: fix HttpResponses not being converted to JSON
* providers/oidc: rewrite to use flows
* flows: fix linting
2020-06-07 16:35:08 +02:00
Jens Langhammer
7664b428e7
sources/ldap: fix expression field not being CodeMirror
2020-06-05 20:18:45 +02:00
Jens Langhammer
30ca926b38
docs: remove last occurrences to jinja2
2020-06-05 20:18:11 +02:00
Jens L
73116b9d1a
policies/expression: migrate to raw python instead of jinja2 ( #49 )
...
* policies/expression: migrate to raw python instead of jinja2
* lib/expression: create base evaluator, custom subclass for policies
* core: rewrite propertymappings to use python
* providers/saml: update to new PropertyMappings
* sources/ldap: update to new PropertyMappings
* docs: update docs for new propertymappings
* root: remove jinja2
* root: re-add jinja to lock file as its implicitly required
2020-06-05 12:00:27 +02:00
Jens Langhammer
ef913abc7a
sources/ldap: add option to disable user sync, move connection init to model
2020-06-02 17:15:59 +02:00
Jens Langhammer
ddfa2abbaa
sources/ldap: re-add default PropertyMappings
2020-06-02 17:00:03 +02:00
Jens Langhammer
5fc5e54f47
sources/oauth: fix typing errors
...
# Conflicts:
# passbook/sources/oauth/clients.py
2020-06-02 16:57:38 +02:00
Jens Langhammer
e2804b9755
root: fix linting errors
2020-05-27 11:26:48 +02:00
Jens L
beabba2890
flows: Load Stages without refreshing the whole page ( #33 )
...
* flows: initial implementation of FlowExecutorShell
* flows: load messages dynamically upon card refresh
2020-05-24 00:57:25 +02:00
Jens Langhammer
0664f0b6b2
flows: add support for default_context, etc
...
default_context can be used to influence policies during the planning. This should be used when the Planner is called from other views to correctly preseed the plan.
This also checks if there is a PENDING_USER set, and uses that user for the cache key instead
2020-05-20 16:15:16 +02:00
Jens Langhammer
cafe2f1e1f
admin: fix linting
2020-05-20 13:59:56 +02:00
Jens Langhammer
969da05437
admin: show object's docstring on inheritance based lists
2020-05-20 13:47:58 +02:00
Jens L
24a3e787dd
migrate to per-model UUID Primary key, remove UUIDModel ( #26 )
...
* *: migrate to per-model UUID Primary key, remove UUIDModel
* *: fix import order, fix unittests
2020-05-20 09:17:06 +02:00
Jens Langhammer
13a20478fd
sources/oauth: add OIDC client
2020-05-19 21:53:46 +02:00
Jens Langhammer
f58ee7fb52
sources/oauth: fix handling of sources with spaces in their name
2020-05-19 21:53:36 +02:00
Jens Langhammer
a5319fc2fe
*: rename templatetags to clearly identify
2020-05-15 10:54:31 +02:00
Jens Langhammer
212e966dd4
factors: -> stage
2020-05-08 20:59:51 +02:00
Jens Langhammer
2a85e5ae87
flows: complete migration to FlowExecutorView, fully use context
2020-05-08 16:10:27 +02:00
Jens Langhammer
114bb1b0bd
flows: implement planner, start new executor
2020-05-08 14:33:14 +02:00
Jens Langhammer
5400882d78
flows/: more migration progress, consolidate views
2020-05-07 21:30:52 +02:00
Jens Langhammer
80d90b91e8
core: add general admin.py loader, remove individual files
2020-05-07 00:05:10 +02:00
Jens Langhammer
dc8b89a6b9
sources/saml: switch to new crypto
2020-03-03 23:35:38 +01:00
Jens Langhammer
81b66ecdcd
core: remove some more dead code, add more help texts for factors
2020-02-27 16:39:30 +01:00
Jens Langhammer
f8599438df
ui: fix lists not being rendered correctly
2020-02-24 13:13:42 +01:00
Jens Langhammer
64d7b009ab
sources/oauth: fix invalid headers, fix invalid function signature
2020-02-23 19:42:57 +01:00
Jens Langhammer
fa2870afe0
sources: remove policies as they are not used currently
2020-02-23 14:40:06 +01:00
Jens Langhammer
f4a676e2fb
sources/oauth: slugify provider type instead of just lowercase
2020-02-23 13:53:16 +01:00
Jens Langhammer
88c1ad4c1c
providers/saml: fix 500 when SAML Provider not assigned to application
2020-02-21 20:54:00 +01:00
Jens Langhammer
1285ba6fbb
ui: include font-awesome
2020-02-21 18:00:09 +01:00
Jens Langhammer
a09a1793ec
ui: update templates for jinja2-related fields
2020-02-21 15:36:37 +01:00
Jens Langhammer
8fd86a28ff
ui: fixup minor issues, add static app
2020-02-21 11:20:55 +01:00
Jens Langhammer
32a15f84c0
root: run bandit as part of pre-commit
2020-02-21 09:03:59 +01:00
Jens Langhammer
d988f37afc
lib: add SentryIgnoredException, to easily ignore exceptions from sentry
2020-02-20 21:38:53 +01:00
Jens Langhammer
295c0bae3f
sources/saml: validate SAMLResponse signature
2020-02-20 21:34:25 +01:00
Jens Langhammer
84fc54ddaa
sources/saml: entity_id -> issuer
2020-02-20 17:23:27 +01:00
Jens Langhammer
0b5caa85f5
all: sort imports and cleanup
2020-02-20 17:23:05 +01:00
Jens Langhammer
14e0a17dbc
ui: don't remove dashes when auto generating slug
2020-02-20 17:13:50 +01:00
Jens Langhammer
40a2a26904
sources/saml: fix Metadata cert including PEM header
2020-02-20 17:05:11 +01:00
Jens Langhammer
c8b3c6e51a
sources/saml: fix build_full_url
using incorrect URL parameter
2020-02-20 17:04:54 +01:00
Jens Langhammer
6c889eff27
core: fix application icons not loading, fix with_sources being broken
2020-02-20 14:30:06 +01:00
Jens Langhammer
3c2b8e5ee1
all: prefix all UI related methods with ui_, switch to property and return dataclass
2020-02-20 13:51:41 +01:00
Jens Langhammer
07b7951390
sources/ldap: handle user_sync errors better, show warning when user exists already
2020-02-19 16:20:33 +01:00
Jens Langhammer
9267d0c1dd
all: general maintenance, prepare for pyright
2020-02-18 22:12:51 +01:00
Jens Langhammer
865abc005a
sources/oauth: remove leading spaces in default URLs
2020-02-18 21:49:53 +01:00
Jens Langhammer
a2725d5b82
sources/oauth: remove redundant OAuth2Clients
2020-02-18 21:49:40 +01:00
Jens Langhammer
4a05bc6e02
sources/oauth: improve default OAuth2 Client, send access_token as Bearer Authz
2020-02-18 21:49:23 +01:00
Jens Langhammer
4e8238603a
all: cleanup logging to be structured
2020-02-18 21:35:58 +01:00
Jens Langhammer
7c353f9297
sources/oauth: remove supervisr
2020-02-18 17:01:08 +01:00
Jens Langhammer
95416623b3
sources/ldap: better handle property mapping evaluation errors
2020-02-18 10:13:05 +01:00
Jens Langhammer
3aa2f1e892
*: propertymapping template -> expression
2020-02-17 20:38:14 +01:00
Jens Langhammer
bc4b7ef44d
providers/saml: add custom help text for templates, add docs for User Object reference
2020-02-17 20:30:14 +01:00
Jens Langhammer
e57da71dcf
sources/ldap: update LDAP source to use new property mappings
2020-02-17 17:55:48 +01:00
Jens Langhammer
41689fe3ce
sources/* add missing migrations
2020-02-17 16:27:35 +01:00
Jens Langhammer
e138076e1d
sources/saml: move labels from forms to models
2020-02-16 12:34:46 +01:00
Jens Langhammer
721d133dc3
sources/oauth: move labels from form to models
2020-02-16 12:34:33 +01:00
Jens Langhammer
75b687ecbe
sources/ldap: move labels from form to models
2020-02-16 12:30:45 +01:00
Jens Langhammer
e36d7928e4
providers/saml: big cleanup, simplify base processor
...
add New fields for
- assertion_valid_not_before
- assertion_valid_not_on_or_after
- session_valid_not_on_or_after
allow flexible time durations for these fields
fall back to Provider's ACS if none is specified in AuthNRequest
2020-02-14 15:19:48 +01:00
Jens Langhammer
766518ee0e
audit: sanitize kwargs when creating audit event
2019-12-31 13:33:07 +01:00
Jens Langhammer
3bd1eadd51
all: implement black as code formatter
2019-12-31 12:51:16 +01:00
Jens Langhammer
8eb3f0f708
ci: upgrade pylint to latest version
...
core: also upgrade kombu as https://github.com/celery/kombu/issues/1101 is fixed now
2019-12-31 12:45:29 +01:00
Jens Langhammer
31ea2e7139
audit: fix internal server error from passing models
2019-12-31 11:40:03 +01:00
Jens Langhammer
807cbbeaaf
audit: rewrite to be independent of django http requests, allow custom actions
2019-12-05 16:14:08 +01:00
Jens Langhammer
74cd0bc08f
all(minor): remove old, unused code
2019-12-05 15:07:37 +01:00
Langhammer, Jens
44c0eb37cf
sources/saml(minor): fix lint issue
2019-11-07 18:02:59 +01:00
Langhammer, Jens
adc3dcc2c4
sources/saml(minor): disallow login if source is not enabled
2019-11-07 17:35:25 +01:00
Langhammer, Jens
bac8227371
sources/saml(minor): fix fields not being shown
2019-11-07 17:28:59 +01:00
Langhammer, Jens
dabce36667
sources/saml(major): add saml SP
2019-11-07 17:02:56 +01:00
Langhammer, Jens
3bd56ce522
api(minor): fix invalid fieldls being selected
2019-11-07 10:30:22 +01:00
Langhammer, Jens
e862b97005
all(major): add API for all objects
2019-10-28 17:55:36 +01:00
Langhammer, Jens
cffe09b02e
all(major): add most models to API
2019-10-28 17:40:57 +01:00
Langhammer, Jens
2a27325dfd
admin(major): add pagination to all listviews
2019-10-14 13:15:42 +02:00
Langhammer, Jens
2ff1635696
core/sources(minor): refactor Source's property
2019-10-13 16:47:13 +02:00
Langhammer, Jens
50172e58d8
sources/ldap(minor): save ldap password for user upon successful bind
2019-10-12 14:00:34 +02:00
Langhammer, Jens
d7483d129f
sources/ldap(minor): call set_unusable_password when creating new user
2019-10-12 13:59:52 +02:00
Langhammer, Jens
32abb27e61
sources/ldap(minor): fix lint
2019-10-11 13:43:35 +02:00
Langhammer, Jens
8478b03892
sources/ldap(major): implement membership sync, add more settings
2019-10-11 13:41:12 +02:00
Langhammer, Jens
22c4fb1414
sources/ldap(major): add sync_users and sync_groups, rewrite auth_user method
2019-10-11 12:53:48 +02:00
Langhammer, Jens
44a3c7fa5f
Merge branch 'master' into ldap-rewrite
2019-10-11 10:24:12 +02:00
Jens Langhammer
4e6653e299
ldap(major): start rewrite
2019-10-10 17:36:09 +02:00
Langhammer, Jens
c782585287
ci(minor): re-enable pylint
2019-10-10 17:22:56 +02:00
Jens Langhammer
c1dae0b599
sources/oauth(minor): fix wrong settings reference
2019-10-09 19:46:23 +02:00
Langhammer, Jens
17e6bc921b
core(minor): fix import order
2019-10-09 14:37:40 +02:00
Langhammer, Jens
2e15b24f0a
*(minor): switch has_user_settings to return Optional dataclass instead of tuple
2019-10-09 12:47:14 +02:00
Langhammer, Jens
ec73b53340
providers/saml(minor): fix last wrong urls names
2019-10-07 18:36:09 +02:00
Langhammer, Jens
f2acc154cd
*(minor): small refactor
2019-10-07 16:33:48 +02:00