Commit graph

576 commits

Author SHA1 Message Date
Langhammer, Jens 17eea4a10c new release: 0.6.1-beta 2019-10-07 18:53:04 +02:00
Langhammer, Jens ec73b53340 providers/saml(minor): fix last wrong urls names 2019-10-07 18:36:09 +02:00
Langhammer, Jens 8f42a7f0b4 new release: 0.6.0-beta 2019-10-07 17:18:19 +02:00
Langhammer, Jens 2c221ea819 providers/oauth(minor): fix import order 2019-10-07 17:14:52 +02:00
Langhammer, Jens 93e0441b58 helm(minor): don't directly mount configmap 2019-10-07 17:14:08 +02:00
Langhammer, Jens 59fc223a85 factors/captcha(minor): load correct keys 2019-10-07 16:58:06 +02:00
Langhammer, Jens 0a6f555c23 otp(minor): disable autocomplete for code input 2019-10-07 16:57:54 +02:00
Langhammer, Jens 6a4233d6fd providers/oauth(minor): fix urls not being mounted in the right path 2019-10-07 16:57:36 +02:00
Langhammer, Jens 15fa7e9652 ui(minor): merge menus 2019-10-07 16:50:13 +02:00
Langhammer, Jens f2acc154cd *(minor): small refactor 2019-10-07 16:33:48 +02:00
Langhammer, Jens d21ec6c9a5 root(minor): get rid of duplicate settings 2019-10-04 16:09:35 +02:00
Langhammer, Jens 34cbf5f702 new release: 0.5.0-beta 2019-10-04 13:55:13 +02:00
Langhammer, Jens 1cd149c815 policy(minor): fix linting 2019-10-04 13:49:27 +02:00
Langhammer, Jens 4c6f562805 policy(minor): fix deadlock issue 2019-10-04 13:44:26 +02:00
Langhammer, Jens e59c4ec1c7 root(minor): cleanup, remove unused log 2019-10-04 13:43:47 +02:00
Langhammer, Jens 1169db7530 docker(minor): move docker-related files into separate folder 2019-10-04 12:45:19 +02:00
Langhammer, Jens 1453008796 wsgi(minor): add proper request logging 2019-10-04 12:44:59 +02:00
Langhammer, Jens 2209b6d603 deploy(minor): fix robots.txt not being in the right path
fix path matching in docker compose
2019-10-04 12:01:38 +02:00
Langhammer, Jens ccbc0384f9 deploy(minor): remove app-gw, add robots.txt 2019-10-04 11:57:41 +02:00
Langhammer, Jens a48924c896 docker(minor): switch to debian based image so we can use wheels 2019-10-04 11:50:52 +02:00
Langhammer, Jens afca94ceb8 policy(minor): improve loading of policy subclasses 2019-10-04 10:22:06 +02:00
Langhammer, Jens 0b86231a36 *(minor): make better use of structured logging 2019-10-04 10:21:33 +02:00
Langhammer, Jens c0df1f38b8 *(minor): remove __name__ param from get_logger 2019-10-04 10:08:53 +02:00
Langhammer, Jens 2b8fed8f4e saml_idp(minor): rewrite to use defusedxml instead of bs4 2019-10-04 09:50:25 +02:00
Langhammer, Jens c7322a32a0 app_gw(minor): remove current implementation 2019-10-04 09:28:28 +02:00
Jens Langhammer 64b75cab84 policy(minor): add data class for policy request 2019-10-03 10:45:31 +02:00
Jens Langhammer f58bc61999 new release: 0.4.2-beta 2019-10-02 21:05:51 +00:00
Jens Langhammer fb8ccc0283 lint(minor): fix import order 2019-10-02 21:05:37 +00:00
Jens Langhammer c38012f147 new release: 0.4.1-beta 2019-10-02 21:04:16 +00:00
Jens Langhammer 920e705d75 policy(minor): lookup correct policy subclass 2019-10-02 22:28:58 +02:00
Jens Langhammer de0b137b1e policy(minor): improve error handling 2019-10-02 22:28:39 +02:00
Langhammer, Jens 8745ac7932 new release: 0.4.0-beta 2019-10-01 17:01:30 +02:00
Langhammer, Jens b8656858ec k8s(minor): load secrets as env vars 2019-10-01 15:42:14 +02:00
Langhammer, Jens aec1ccd88d root(minor): fix redis password not being loaded 2019-10-01 15:30:35 +02:00
Langhammer, Jens 9d640efc88 new release: 0.3.0-beta 2019-10-01 13:50:50 +02:00
Langhammer, Jens 2bffc12ef9 ci(minor): fix default settings so CI works 2019-10-01 13:22:38 +02:00
Langhammer, Jens 7bff2734aa lint(minor): fix all remaining pylint and prospector errors 2019-10-01 11:08:56 +02:00
Langhammer, Jens 84768c0ec6 helm(minor): remove rabbitmq 2019-10-01 10:48:55 +02:00
Langhammer, Jens f4499a5459 *(minor): stdlib logging to structlog 2019-10-01 10:24:10 +02:00
Langhammer, Jens b3aede5bba policy(minor): Move policy-related code to separate package 2019-10-01 10:17:39 +02:00
Langhammer, Jens c2c5ff6912 config(minor): CONFIG.get -> CONFIG.y 2019-09-30 18:04:04 +02:00
Langhammer, Jens 06d15d8a27 new release: 0.2.8-beta 2019-07-22 17:18:07 +02:00
Langhammer, Jens 4cf6c36f34 new release: 0.2.7-beta 2019-07-22 15:54:34 +02:00
Langhammer, Jens 62abe3f256 suspicious_policy: fix Request IP lookup 2019-07-22 15:46:41 +02:00
Langhammer, Jens 174472bb45 all: get rid of individual requirements file, remove version from every module 2019-07-22 15:20:17 +02:00
Jens Langhammer f97a5eeefb api: *actually* fix drf dependency issue 2019-07-15 15:05:54 +00:00
Jens Langhammer 10fd96981e new release: 0.2.6-beta 2019-07-15 13:42:18 +00:00
Jens Langhammer 67e3eb549c api: fix wrong django-rest-framework dependency 2019-07-15 13:42:03 +00:00
Jens Langhammer 30a6d1f0b1 new release: 0.2.5-beta 2019-07-15 13:31:04 +00:00
Langhammer, Jens 3d1fa9f048 app_gw: Rewrite redirect responses (replace upstream location with server_name) 2019-07-09 15:28:52 +02:00
Jens Langhammer 1d2be6e68b root: fix sentry sending wrong release 2019-07-05 16:00:01 +02:00
Jens Langhammer c21e343986 oidc_provider: fix error when creating a new provider 2019-07-05 15:59:52 +02:00
Jens Langhammer ff37ed095c new release: 0.2.4-beta 2019-07-05 15:30:13 +02:00
Jens Langhammer 8623a2c3fc oidc_provider: fix error trying to create RSA Key before migrations are run 2019-07-05 15:27:04 +02:00
Jens Langhammer 23d277eaf1 remove oidc from OAuth2, add dedicated OIDC provider 2019-07-05 15:21:48 +02:00
Jens Langhammer bccf424c5e new release: 0.2.3-beta 2019-07-04 16:25:33 +02:00
Jens Langhammer ed25801e6e core: revert to cherrypy for main webserver and use daphne only for app_gw 2019-07-04 15:23:05 +02:00
Jens Langhammer 4d0148193f root: migrate to new sentry instance 2019-07-03 17:35:54 +02:00
Jens Langhammer 804ae15c2e new release: 0.2.2-beta 2019-06-25 18:50:41 +02:00
Jens Langhammer b35a9fad86 Fix linting errors with current build-base image 2019-06-25 18:50:37 +02:00
Jens Langhammer a4f83bd28a new release: 0.2.1-beta 2019-06-25 18:25:27 +02:00
Jens Langhammer 2099bbb713 new release: 0.2.0-beta 2019-06-25 18:16:14 +02:00
Jens Langhammer 67beba8f78 Fix wrong URLConf being loaded 2019-06-25 18:11:08 +02:00
Jens Langhammer a798412e17 separate passbook.core into passbook.root and passbook.core
Move Main Django Project into passbook.root while passbook.core holds core functionality.

passbook.root contains main settings, ASGI & WSGI, celery and URLs.
2019-06-25 18:00:54 +02:00
Jens Langhammer 3b2c2d781f Fix typo 2019-06-25 17:59:51 +02:00
Jens Langhammer 98c844f3d6 improve OIDC compatibility 2019-06-25 17:57:25 +02:00
Jens Langhammer 2645bd0132 new release: 0.1.38-beta 2019-04-29 23:26:18 +02:00
Jens Langhammer 0ec1468058 remove unused import 2019-04-29 23:22:54 +02:00
Jens Langhammer 5d1a3043b2 create SSOLoginPolicy, which allows factors to be applied when user comes from SSO login
implement SESSIION_IS_SSO_LOGIN for OAuth Client and core MFA
2019-04-29 23:19:37 +02:00
Jens Langhammer b46958d1f9 send session to task 2019-04-29 23:18:51 +02:00
Jens Langhammer 5daa8d5fe3 fix missing/wrong widget inputs 2019-04-29 23:16:04 +02:00
Jens Langhammer 31846f1d05 Show redirect URL in <pre> element 2019-04-29 22:32:22 +02:00
Jens Langhammer 1fac964b8b increase application close timeout 2019-04-29 22:19:26 +02:00
Jens Langhammer dfa6ed8ac2 add help to show how SAML Property Mapping substitutes variables 2019-04-29 22:19:13 +02:00
Jens Langhammer 66fe10299e new release: 0.1.37-beta 2019-04-29 21:43:18 +02:00
Jens Langhammer e0a3ec033f fix IDP-Initiated SAML Login 2019-04-29 21:39:41 +02:00
Jens Langhammer 7033ec0ab9 remove debug print 2019-04-29 21:39:30 +02:00
Jens Langhammer 4004579905 remove nexus_upload command 2019-04-29 21:39:16 +02:00
Jens Langhammer 9fe9e48a5c new release: 0.1.36-beta 2019-04-29 20:57:57 +02:00
Jens Langhammer 595a6c7fe6 remove guardian completely 2019-04-29 20:57:54 +02:00
Jens Langhammer 11b5860d4a new release: 0.1.35-beta 2019-04-29 20:47:32 +02:00
Jens Langhammer 9bdbff4cda fix gitlab-ci using incorrect variables for docker access 2019-04-29 20:42:24 +02:00
Jens Langhammer e0d597eeac show cache on admin overview, add modal to clear cache, re-add logging to policy 2019-04-29 20:37:44 +02:00
Jens Langhammer f576985cc9 remove django guardian and check application access via PolicyEngine 2019-04-29 20:07:18 +02:00
Jens Langhammer 22a6aef60b fix wrong import 2019-04-29 20:06:52 +02:00
Jens Langhammer ec0a6e7854 new release: 0.1.34-beta 2019-04-29 19:22:20 +02:00
Jens Langhammer 6904608e6f fix clicking on administration always loading admin interface 2019-04-29 19:22:14 +02:00
Jens Langhammer cb3732cb2b filter out connection errors for sentry 2019-04-29 19:16:49 +02:00
Jens Langhammer 9f8fb7378a add audience field, switch base processor, better handle processor loading failure 2019-04-18 11:30:21 +02:00
Jens Langhammer 98cd646044 remove unneeded processors 2019-04-18 11:09:12 +02:00
Jens Langhammer 53918462b6 new release: 0.1.33-beta 2019-04-18 10:28:12 +02:00
Jens Langhammer 8e5c3f2f31 remove unused import 2019-04-17 17:53:45 +02:00
Jens Langhammer 5a3b2fdd49 add Rancher SAML processor 2019-04-17 17:53:15 +02:00
Jens Langhammer e47b9f0d57 fix SAML Request not being parsed all the time 2019-04-17 17:53:05 +02:00
Jens Langhammer 146dd747f1 fix EntityID being None in SAML Metadata 2019-04-17 17:52:24 +02:00
Jens Langhammer f2ce56063b bump version: 0.1.31-beta -> 0.1.32-beta 2019-04-17 14:27:41 +02:00
Jens Langhammer 9072b836c6 automatically add response_type if not given in OAuth Request 2019-04-17 14:25:51 +02:00
Jens Langhammer 2fa57d064e bump version: 0.1.30-beta -> 0.1.31-beta 2019-04-13 17:58:09 +02:00
Jens Langhammer e7129d18f6 fix inconsistent migrations 2019-04-13 17:52:11 +02:00
Jens Langhammer d2bf9f81d6 remove raven middleware 2019-04-13 17:46:51 +02:00
Jens Langhammer 30acf0660b Merge branch 'master' into 37-guardian 2019-04-13 17:43:02 +02:00
Jens Langhammer dda41af5c8 remove logging to increase speed, add more caching to policy and rewriter 2019-04-13 17:22:03 +02:00
Jens Langhammer 9b5b03647b move actual proxying logic to separate class 2019-04-13 16:05:11 +02:00
Jens Langhammer 940b3eb943 move logging to separate thread 2019-04-13 16:04:48 +02:00
Jens Langhammer 16eb629b71 only enable sentry when not DEBUG 2019-04-11 15:30:42 +02:00
Jens Langhammer 755045b226 try to fix app_gw being null 2019-04-11 15:30:07 +02:00
Jens Langhammer 61478db94e use global urllib Pools 2019-04-11 15:29:35 +02:00
Jens Langhammer f69f959bdb allow setting authentication_header to empty string (disabling the header) 2019-04-11 15:29:01 +02:00
Jens Langhammer 146edb45d4 bump version: 0.1.29-beta -> 0.1.30-beta 2019-04-11 14:22:34 +02:00
Jens Langhammer 045a802365 don't use context manager in web command 2019-04-11 14:22:32 +02:00
Jens Langhammer c90d8ddcff bump version: 0.1.28-beta -> 0.1.29-beta 2019-04-11 14:03:08 +02:00
Jens Langhammer a3ef26b7ad Run collectstatic before coverage, use autoreload on celery worker 2019-04-11 13:54:11 +02:00
Jens Langhammer 19cd1624c1 replace cherrypy with daphne 2019-04-11 13:43:49 +02:00
Jens Langhammer 366ef352c6 switch to whitenoise for static files 2019-04-11 13:43:08 +02:00
Jens Langhammer a1a5223b58 bump version: 0.1.27-beta -> 0.1.28-beta 2019-04-11 10:48:31 +02:00
Jens Langhammer b369eb28f1 set default log level to warn, fix clean_nonces not working 2019-04-11 10:43:13 +02:00
Jens Langhammer 9b8f390e31 Merge branch '38-websocket-proxying' into 'master'
Resolve "Websocket Proxying"

Closes #38

See merge request BeryJu.org/passbook!24
2019-04-10 20:42:24 +00:00
Jens Langhammer 11630c9a74 switch kubernetes deployment to daphne server 2019-04-10 22:38:25 +02:00
Jens Langhammer c9ac10f6f6 Implement websocket proxy 2019-04-10 19:03:42 +02:00
Jens Langhammer 04d613cb28 Move code from django-revproxy to app_gw to fix cookie bug 2019-04-10 19:03:22 +02:00
Jens Langhammer 40866f9ecd Choose upstream more cleverly 2019-04-10 18:49:33 +02:00
Jens Langhammer d8585eb872 trigger autoreload from config files 2019-04-10 18:48:55 +02:00
Jens Langhammer 15aaeda475 remove unused import 2019-04-10 18:47:21 +02:00
Jens Langhammer 8536ef9e23 Add guardian for Application permissions 2019-04-10 18:46:33 +02:00
Jens Langhammer 35b6bb6b3f fix failing CI 2019-04-09 17:26:53 +02:00
Jens Langhammer eaa573c715 fully remove raven and switch WSGI and logging to sentry_sdk 2019-04-05 16:11:53 +02:00
Jens Langhammer 660972e303 add ability to have non-expiring nonces, clean up expired nonces 2019-04-04 21:49:10 +02:00
Jens Langhammer a21012bf0c switch from raven to sentry_sdk 2019-04-04 21:48:50 +02:00
Jens Langhammer 80049413f0 bump version: 0.1.26-beta -> 0.1.27-beta 2019-03-22 14:51:13 +01:00
Jens Langhammer 2739442d4a prepare 0.1.27 2019-03-22 14:51:09 +01:00
Jens Langhammer c679f0a67c bump version: 0.1.25-beta -> 0.1.26-beta 2019-03-22 12:48:00 +01:00
Jens Langhammer 4d6bb60134 add custom template views 2019-03-22 12:16:30 +01:00
Jens Langhammer 81ac951872 validate upstream in form 2019-03-22 10:55:26 +01:00
Jens Langhammer f33e553cfd always parse url instead of once 2019-03-22 10:55:04 +01:00
Jens Langhammer 9b0240dc26 bump version: 0.1.24-beta -> 0.1.25-beta 2019-03-21 16:50:00 +01:00
Jens Langhammer c327310392 prepare 0.1.24-beta release 2019-03-21 16:49:57 +01:00
Jens Langhammer 7e87bfef5b validate server_name in form 2019-03-21 16:36:38 +01:00
Jens Langhammer a7af5268de Invalidate cache when ApplicationGateway instance is saved 2019-03-21 16:27:37 +01:00
Jens Langhammer 6d916029bb implement actual Rewriting logic 2019-03-21 16:22:07 +01:00
Jens Langhammer 81fdcbadad add compiled regex to RewriteRule 2019-03-21 16:21:51 +01:00
Jens Langhammer ec1e25fe71 cleanup property_mapping list 2019-03-21 16:21:11 +01:00
Jens Langhammer b5306e4a94 Redirect to login on reverse proxy 2019-03-21 15:15:01 +01:00
Jens Langhammer 801b8a1e59 prevent ZeroDivisionError 2019-03-21 15:05:04 +01:00
Jens Langhammer 3a52059793 cleanup post-migration mess 2019-03-21 15:02:33 +01:00
Jens Langhammer 10b7d99b37 Merge branch 'master' into 30-application-security-gateway
# Conflicts:
#	passbook/core/policies.py
#	passbook/core/settings.py
2019-03-21 14:58:10 +01:00
Jens Langhammer 6be8d0cbb2 Better handle policy timeouts 2019-03-21 14:53:57 +01:00
Jens Langhammer 5b8e3689ec Check for policies in app_gw 2019-03-21 14:53:47 +01:00
Jens Langhammer 25a5d8f5da Don't use LoginRequired for PermissionDenied View 2019-03-21 14:53:38 +01:00
Jens Langhammer 883d439544 add timeout field to policy to prevent stuck policies 2019-03-21 14:48:51 +01:00
Jens Langhammer 29913773a7 invalidate cache when policy is saved 2019-03-21 11:29:11 +01:00