Jens Langhammer
edbea9ccff
audit: fix list not having loginrequired
...
closes #127
2020-07-15 18:34:53 +02:00
Jens Langhammer
6b26e10ea2
new release: 0.9.0-rc1
2020-07-15 12:00:47 +02:00
Jens Langhammer
e15f7d7f28
flows: fix potential open redirect vuln
2020-07-14 21:57:28 +02:00
Jens Langhammer
fbf9554a9e
flows: fix SESSION_KEY_GET being deleted too early
2020-07-14 21:42:47 +02:00
Jens Langhammer
b452e751ea
flows: add SESSION_KEY_APPLICATION_PRE
...
whenever a user tries to access an application without being authenticated to passbook, we now show notice which application they are going to continue to.
2020-07-12 22:47:46 +02:00
Jens Langhammer
a3baa100d4
sources/saml: remove unused import
2020-07-12 18:55:26 +02:00
Jens Langhammer
f7b9de1261
*/saml: fix MetadataProcessor having generic namespace prefixes
2020-07-12 18:40:43 +02:00
Jens Langhammer
47ca566d06
sources/saml: fix MetadataProcessor not working, add unittests
2020-07-12 18:40:18 +02:00
Jens Langhammer
a943d060d2
core: add separate autosubmit form for use without flows
2020-07-12 18:24:36 +02:00
Jens Langhammer
1675dab314
providers/saml: fix encoding for POST bindings
2020-07-12 17:58:38 +02:00
Jens Langhammer
996aa367d3
core: fix autosubmit_form loading full template
2020-07-12 17:45:03 +02:00
Jens Langhammer
be6f342e58
providers/saml: fix RelayState being included when None given
2020-07-12 17:22:14 +02:00
Jens Langhammer
464b558a02
*/saml: fix typo
2020-07-12 17:20:41 +02:00
Jens Langhammer
d1151091cd
providers/saml: Generate NameID Value based on NameID Policy received
2020-07-12 17:06:35 +02:00
Jens Langhammer
f8e5383ba2
providers/saml: parse NameID Policy from AuthnRequest
2020-07-12 17:05:48 +02:00
Jens Langhammer
06f73512df
lib/evaluator: add support for IP Address comparison
2020-07-12 16:36:49 +02:00
Jens Langhammer
0ff4545bab
providers/saml: fix AuthnRequest Signature validation, add unittests
2020-07-12 16:17:53 +02:00
Jens Langhammer
ff6e270886
sources/saml: fix AuthnRequest Singing for redirect bindings
2020-07-12 16:17:35 +02:00
Jens Langhammer
91766a2162
sources/saml: automatically add RelayState to build_auth_n_detached
2020-07-12 01:46:46 +02:00
Jens Langhammer
a393097504
*/saml: start implementing unittests, fix signing
2020-07-12 01:44:34 +02:00
Jens Langhammer
2056b86ce7
providers/saml: rewrite SAML AuthNRequest Parser and Response Processor
2020-07-11 14:06:42 +02:00
Jens Langhammer
1b0c013d8e
providers/saml: remove processor_path field
2020-07-11 13:28:10 +02:00
Jens Langhammer
92a09be8c0
sources/saml: rewrite Processors and Views to directly build XML without templates
2020-07-11 01:02:55 +02:00
Jens Langhammer
d74366f413
policies/hibp: update for flows, add unittests
2020-07-10 20:57:15 +02:00
Jens Langhammer
5bcf2aef8c
policies/password: Add Password Policy tests, update password policy for flows
2020-07-10 20:53:08 +02:00
Jens Langhammer
8de3c4fbd6
sources/ldap: improve unittests
2020-07-10 20:21:51 +02:00
Jens Langhammer
7ac4242a38
e2e: add test for OAuth Enrollment -> OAuth Authentication
2020-07-10 00:14:48 +02:00
Jens Langhammer
4caa4be476
sources/oauth: fix UserOAuthSourceConnection not being assigned to user after enrollment
...
sources/oauth: separate handle_new_connection into handle_existing_user_link and handle_enroll
2020-07-10 00:07:59 +02:00
Jens Langhammer
c6d8bae147
e2e: generate dex config dynamically
2020-07-09 23:15:22 +02:00
Jens Langhammer
c70310730a
sources/oauth: split up single large "core" views
2020-07-09 23:09:32 +02:00
Jens Langhammer
2d2b2d08f4
core: fix source slug not being unique
2020-07-09 23:05:46 +02:00
Jens Langhammer
8fe6a5b62d
stages/prompt: fix checkbox not working, fix date and datetime not using HTML5 input types
2020-07-09 22:55:44 +02:00
Jens Langhammer
64c47a59f8
e2e: add tests for OAuth Source, update tests for new base templates
2020-07-09 00:53:18 +02:00
Jens Langhammer
9518cefdd7
flows: fix default-source-enrollment-if-username expression
2020-07-09 00:20:42 +02:00
Jens Langhammer
32d5c26577
core: fix base_full template missing messages
2020-07-09 00:18:45 +02:00
Jens Langhammer
ef2cdf27b3
stages/prompt: add static and separator elements
2020-07-09 00:00:15 +02:00
Jens Langhammer
e58ac7ae90
polices: add helper to remove None-value keys from dict for policies
2020-07-08 23:07:16 +02:00
Jens Langhammer
d786fa4b7c
sources/oauth: rewrite to not directly create user, pre-seed data into flow
2020-07-08 20:39:20 +02:00
Jens Langhammer
0e3e73989d
sources/saml: Add NameID Policy field, sent with AuthnRequest
2020-07-08 16:18:09 +02:00
Jens Langhammer
d831599608
core: make autosubmit_form generic template
2020-07-08 14:27:58 +02:00
Jens Langhammer
1e57926603
sources/saml: add POST_AUTO binding which auto redirects to IdP
2020-07-08 14:18:08 +02:00
Jens Langhammer
1524880eec
core: add generic login/base_full template for static login views
2020-07-08 14:17:29 +02:00
Jens Langhammer
0bfb623f97
providers/saml: fix autosubmit_form using wrong template
2020-07-08 14:12:44 +02:00
Jens Langhammer
429627494c
root: fix passbook.footer_links not being rendered
2020-07-08 13:18:33 +02:00
Jens Langhammer
c7f078ffcc
new release: 0.9.0-pre7
2020-07-07 22:34:44 +02:00
Jens Langhammer
571cb3d65f
sources/oauth: disable twitter source while its broken
2020-07-07 22:25:50 +02:00
Jens Langhammer
8c500c38b1
policies/reputation: only change score when credentials contain username
2020-07-07 22:25:37 +02:00
Jens Langhammer
5644e57e6a
sources/oauth: directly call AuthorizedServiceBackend instead of authenticate()
2020-07-07 22:23:45 +02:00
Jens Langhammer
cfc181eed1
sources/oauth: fix wrong comparions
...
closes #118
2020-07-07 21:46:16 +02:00
Jens Langhammer
91bea38b8e
lib: ignore APM errors
2020-07-07 21:45:36 +02:00
Jens Langhammer
d95c5aa739
root: allow changing of APM verify_server_cert setting
2020-07-07 19:59:32 +02:00
Jens Langhammer
0b250b897e
new release: 0.9.0-pre6
2020-07-07 19:14:29 +02:00
Jens L
c6880a0f16
Merge pull request #117 from BeryJu/apm
...
Support for Elastic APM
2020-07-07 18:48:40 +02:00
Jens Langhammer
231e448b1a
lib/eval: fix import order
2020-07-07 18:05:38 +02:00
Jens Langhammer
b3b8cd807d
root: expose APM settings in helm chart
2020-07-07 17:54:07 +02:00
Jens Langhammer
9021bbd5de
root: implement APM support
2020-07-07 17:43:10 +02:00
Jens Langhammer
169475ab39
crypto: add colon seperator for fingerprint
2020-07-07 17:05:31 +02:00
Jens Langhammer
c00e01626e
sources/ldap: adjust task schedule name
2020-07-07 17:04:07 +02:00
Jens Langhammer
05d4a9ef62
policies/reputation: rewrite to save score into cache and save into DB via worker
2020-07-07 17:03:57 +02:00
Jens Langhammer
17a2ac73e7
stages/user_write: add signals
2020-07-07 15:49:02 +02:00
Jens Langhammer
6bc6f947dd
stages/invitation: move invite signals from core to app
2020-07-07 15:46:13 +02:00
Jens Langhammer
363940ee8d
root: fix API requests erroring
2020-07-07 14:02:20 +02:00
Jens Langhammer
b12182c1d1
admin: improve overview layout
2020-07-07 13:13:15 +02:00
Jens Langhammer
d8f27f595a
admin: use django cache for admin version (expiry)
2020-07-07 13:12:54 +02:00
Jens Langhammer
2dc1b65718
ui: fix modal layout
2020-07-06 20:50:14 +02:00
Jens Langhammer
af22f507f4
sources/oauth: fix template for user settings
2020-07-06 17:48:53 +02:00
Jens Langhammer
9958019bf3
core: fix user's sidebar links for sources
2020-07-06 17:46:41 +02:00
Jens Langhammer
02d65972cb
admin: fix submit button on update form
2020-07-06 17:46:30 +02:00
Jens Langhammer
24ad893350
admin: fix token_list template
2020-07-06 17:43:20 +02:00
Jens Langhammer
094d191bff
new release: 0.9.0-pre5
2020-07-06 12:52:34 +02:00
Jens Langhammer
78e5d471e3
core: fix type annotation for user settings
2020-07-05 23:49:33 +02:00
Jens Langhammer
2e2c9f5287
api: add token authentication
2020-07-05 23:37:58 +02:00
Jens Langhammer
d5a3e09a98
core: add token Intents
2020-07-05 23:14:57 +02:00
Jens Langhammer
2402cfe29d
providers/* use name for __str__
2020-07-05 23:00:40 +02:00
Jens Langhammer
26613b6ea9
core: fix application overview
2020-07-05 22:58:52 +02:00
Jens Langhammer
e5165abf04
stages/user_login: Allow changing of session duration
2020-07-04 15:20:45 +02:00
Jens Langhammer
b26882a450
flows: FlowStageBinding group Stage by type
2020-07-04 15:02:21 +02:00
Jens Langhammer
94281bee88
admin: improve policy binding listing by showing Target object type
2020-07-04 00:18:19 +02:00
Jens Langhammer
16b966c16e
policies: Show grouped Dropdown for Target
2020-07-04 00:16:16 +02:00
Jens Langhammer
d3b0992456
flows: FlowStageBinding: rename .flow to .target to fix select_subclasses()
2020-07-04 00:14:21 +02:00
Jens Langhammer
1d9c92d548
admin: add generic form tests
2020-07-02 22:29:30 +02:00
Jens Langhammer
bead19c64c
flows: cleanup denied view, use everywhere
2020-07-02 13:48:42 +02:00
Jens Langhammer
ae83ee6d31
providers/saml: fix access result not being checked properly
2020-07-02 00:23:52 +02:00
Jens Langhammer
4701374021
admin: remove duplicate code into new base classes
2020-07-02 00:13:33 +02:00
Jens Langhammer
bd40585247
providers/samlv2: remove SAMLv2 from master
2020-07-01 23:21:58 +02:00
Jens Langhammer
cc0b8164b0
providers/*: use PolicyAccessMixin to simplify
2020-07-01 23:18:10 +02:00
Jens Langhammer
310b31a8b7
core: fix linting
2020-07-01 22:35:38 +02:00
Jens Langhammer
13900bc603
lib: cleanup unused widgets
2020-07-01 22:27:58 +02:00
Jens Langhammer
6634cc2edf
root: add group_membership policy
2020-07-01 21:18:05 +02:00
Jens Langhammer
3478a2cf6d
admin: add filter to hide classes with __debug_only__
when Debug is disabled
2020-07-01 18:53:13 +02:00
Jens Langhammer
3b70d12a5f
*: rephrase strings
2020-07-01 18:40:52 +02:00
Jens Langhammer
219acf76d5
core: fix forms for radio buttons
2020-07-01 12:47:27 +02:00
Jens Langhammer
ec6f467fa2
ui: Make Checkbox label click trigger checkbox toggle
2020-07-01 12:37:13 +02:00
Jens Langhammer
0e6561987e
admin: fix user and group create not triggering sidebar
2020-07-01 12:36:44 +02:00
Jens Langhammer
62c20b6e67
admin: add list of all tokens
2020-07-01 12:27:30 +02:00
Jens Langhammer
13084562c5
admin: fix Password Recovery function not working
2020-07-01 12:10:12 +02:00
Jens Langhammer
02c1c434a2
core: update styling of impersonate banner
2020-07-01 12:01:58 +02:00
Jens Langhammer
5f04a75878
new release: 0.9.0-pre4
2020-07-01 09:50:21 +02:00
Jens Langhammer
89c33060d4
core: fix user settings sidebar buttons not being enabled
2020-06-30 21:26:43 +02:00
Jens Langhammer
b61f595562
core: ensure user settings are sorted by name
2020-06-30 21:24:58 +02:00
Jens Langhammer
ce2230f774
stages/otp_*: update user setting design
2020-06-30 21:23:37 +02:00
Jens Langhammer
c59c6aa728
stages/*: minor UI updates, cleanup
2020-06-30 19:06:41 +02:00
Jens Langhammer
729910c383
stages/*: minor string updates
2020-06-30 18:52:18 +02:00
Jens Langhammer
37fe637422
stages/password: make template inherit form_with_user
2020-06-30 18:50:24 +02:00
Jens Langhammer
2ca5e1eedb
stages/otp_*: fix linting
2020-06-30 16:12:19 +02:00
Jens Langhammer
d2bf579ff6
stages/otp_static: start implementing static stage
2020-06-30 15:44:34 +02:00
Jens Langhammer
3716bda76e
stages/otp_time: fix linting
2020-06-30 13:44:09 +02:00
Jens Langhammer
a76eb4d30f
stages/otp_time: Cleanup, use django_otp's URL generator
2020-06-30 12:42:39 +02:00
Jens Langhammer
7c191b0984
stages/otp_validate: Implement OTP Validation stage
2020-06-30 12:42:12 +02:00
Jens Langhammer
9613fcde89
Squashed commit of the following:
...
commit 885a2ed057
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date: Tue Jun 30 12:17:23 2020 +0200
flows: fix linting error
2020-06-30 12:18:01 +02:00
Jens Langhammer
b270fb0742
stages/otp_time: implement TOTP Setup stage
2020-06-30 12:14:40 +02:00
Jens Langhammer
285a69d91f
Merge branch 'master' into otp-rework
2020-06-30 11:23:09 +02:00
Jens Langhammer
de3b753a26
flows: show error message in flow when stage raises
2020-06-30 11:18:39 +02:00
Jens Langhammer
34be1dd9f4
admin: add execute button to flow which executes flow without cache
2020-06-30 11:18:20 +02:00
Jens Langhammer
a4c0fb9e75
otp_time: fix linting
2020-06-30 10:42:27 +02:00
Jens Langhammer
f040223646
audit: move events list from admin to audit app
2020-06-30 10:23:54 +02:00
Jens Langhammer
bf297b8593
admin: add info about latest version
2020-06-30 10:23:39 +02:00
Jens L
b746ce97ba
Merge branch 'master' into flows-cancel
2020-06-30 00:20:33 +02:00
Jens Langhammer
dbee714dac
api: fix consent stage missing from API
2020-06-30 00:19:06 +02:00
Jens Langhammer
d33f632203
flows: add CancelView to cancel current flow execution
2020-06-30 00:11:01 +02:00
Jens Langhammer
920858ff72
Merge branch 'master' into otp-rework
...
# Conflicts:
# passbook/flows/models.py
# passbook/stages/otp/models.py
# swagger.yaml
2020-06-29 22:54:18 +02:00
Jens Langhammer
8d31eef47d
stages/password: assign default password change flow to password stage
...
add e2e tests for password change flow
2020-06-29 21:47:20 +02:00
Jens Langhammer
96a6ac85df
audit: add cleanse_dict function to ensure no passwords end in logs
2020-06-29 19:13:07 +02:00
Jens Langhammer
21ba969072
stages/password: create default password change flow
2020-06-29 16:26:21 +02:00
Jens Langhammer
d6a8d8292d
core: UIUserSettings: remove icon, rename view_name to URL for complete URL
2020-06-29 16:20:33 +02:00
Jens Langhammer
693a92ada5
audit: fix sanitize_dict updating source dict
2020-06-29 16:19:56 +02:00
Jens Langhammer
ec823aebed
flows: update migrations to use update_or_create
2020-06-29 16:19:39 +02:00
Jens Langhammer
b8654c06bf
flows: remove generic "password change" designation and add setup_stage
2020-06-29 11:12:51 +02:00
Jens Langhammer
9d03c4c7d2
flows: Stage ui_user_settings -> staticmethod with context as argument
2020-06-28 10:31:26 +02:00
Jens Langhammer
8c36ab89e8
stages/otp: start separation into 3 stages, otp_time, otp_static and otp_validate
2020-06-28 10:30:35 +02:00
Jens Langhammer
cc7e4ad0e2
e2e: show browser logs to debug CI issues
2020-06-26 15:06:46 +02:00
Jens Langhammer
768464dc6a
new release: 0.9.0-pre3
2020-06-25 20:39:50 +02:00
Jens Langhammer
5a11206fe9
Merge branch 'master' into e2e
2020-06-25 17:58:51 +02:00
Jens Langhammer
9675fbb07d
e2e: add tests for enrollment with email
2020-06-25 17:45:06 +02:00
Jens Langhammer
57a7bed99d
sources/oauth: fix facebook provider
2020-06-25 10:24:53 +02:00
dependabot-preview[bot]
b8b5069df1
build(deps): bump @patternfly/patternfly in /passbook/static/static
...
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly ) from 4.10.31 to 4.16.7.
- [Release notes](https://github.com/patternfly/patternfly/releases )
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md )
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.10.31...prerelease-v4.16.7 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-06-25 09:21:20 +02:00
Jens Langhammer
9eaceb9ec6
e2e: add tests for SAML source
2020-06-24 23:24:45 +02:00
Jens Langhammer
05778d8065
sources/saml: minor formatting fixes
2020-06-24 22:46:20 +02:00
Jens Langhammer
831e228f80
api: fix SAMLSource missing from API
2020-06-24 22:28:40 +02:00
Jens Langhammer
31e0d74495
sources/saml: correctly cleanup transient users, update forms
2020-06-24 22:27:14 +02:00
Jens Langhammer
05999cb8c7
sources/saml: start implementing transient NameID format
2020-06-24 21:50:30 +02:00
Jens Langhammer
c0d8aa2303
sources/saml: fix SAMLRequest not being encoded properly for Redirect bindings
2020-06-24 13:12:34 +02:00
Jens Langhammer
db6cb5ad51
core: make generic error template work with shell executor
2020-06-23 21:49:43 +02:00
Jens Langhammer
52f138d402
sources/saml: improve error handing of invalid signatures
2020-06-23 21:49:27 +02:00
dependabot-preview[bot]
59b8b1e92a
build(deps): bump codemirror in /passbook/static/static ( #86 )
...
Bumps [codemirror](https://github.com/codemirror/CodeMirror ) from 5.54.0 to 5.55.0.
- [Release notes](https://github.com/codemirror/CodeMirror/releases )
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md )
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.54.0...5.55.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-22 10:55:16 +02:00
Jens Langhammer
491e507d49
stages/email: check saved get params for token
2020-06-21 20:46:48 +02:00
Jens Langhammer
de1be2df88
flows: save entire GET params from shell executor
2020-06-21 20:46:38 +02:00
Jens Langhammer
39f51ec33d
stages/email: fix email account confirmation email template
2020-06-21 20:13:59 +02:00
Jens Langhammer
1b3c0adf75
e2e: cleanup, always take screenshots on teardown
2020-06-21 15:09:01 +02:00
Jens Langhammer
6122dcacc7
flows: fix flow cache not being cleared correctly when stages are saved
2020-06-21 12:40:01 +02:00