Commit graph

1507 commits

Author SHA1 Message Date
Jens Langhammer b3262e2a82 docs: add docs for passbook_user_debug 2020-09-14 22:51:50 +02:00
Jens Langhammer 40614a65fc flows: move complete denied view and template to flows 2020-09-14 21:52:43 +02:00
Jens Langhammer 3cf558d594 providers/*: pass policy result objects when access denied 2020-09-14 21:52:25 +02:00
Jens Langhammer 812cc0d2f1 policies: add references for source_policy and source_results 2020-09-14 21:51:59 +02:00
Jens Langhammer e21ed92848 providers/oauth2: ensure flow is cleaned up on error 2020-09-14 18:40:44 +02:00
Jens Langhammer 5184c4b7ef flows: fix FlowNonApplicableException and EmptyFlowException leading to infinite spinners 2020-09-14 18:40:26 +02:00
Jens Langhammer 2c07859b68 core: add automatic launch_url detection based on provider 2020-09-14 18:12:42 +02:00
Jens Langhammer ae6304c05e providers/proxy: fix provider requiring a certificate to be selected 2020-09-14 17:37:06 +02:00
Jens Langhammer 501683e3cb outposts: add tests for permissions 2020-09-14 17:34:07 +02:00
Jens Langhammer cc8afa8706 admin: don't show policy as unbound when used as validation policy 2020-09-14 15:44:33 +02:00
Jens Langhammer 6a669992a8 outposts: fix permissions not being updated when providers are modified 2020-09-14 15:41:02 +02:00
Jens Langhammer 7ea5c22b6c root: fix channels not loading redis connection details 2020-09-14 14:21:43 +02:00
Jens Langhammer c7026407c6 policies: fix type error 2020-09-14 00:28:23 +02:00
Jens Langhammer 810f10edfe providers/oauth2: fix several small implicit flow errors 2020-09-14 00:11:11 +02:00
Jens Langhammer 1c57128f11 providers/oauth2: fix token to code_token 2020-09-13 23:42:45 +02:00
Jens Langhammer 82eade3eb1 new release: 0.10.0-stable 2020-09-13 23:03:38 +02:00
Jens Langhammer bb4e39aab6 docs: add outpost deployment docs, link in outposts list 2020-09-13 22:20:17 +02:00
Jens Langhammer a8744f443c outposts: fix Kubernetes Controller not exporting dicts, secrets not being b64 encoded 2020-09-13 22:19:26 +02:00
Jens Langhammer 7fe9b8f0b4 providers/proxy: add domainless URL Validator 2020-09-13 21:52:34 +02:00
Jens Langhammer 696aa7e5f6 core: fix path to default icon 2020-09-13 20:47:17 +02:00
Jens Langhammer 151374f565 stages/email: fix loading of static files when path is a directory 2020-09-13 18:24:49 +02:00
Jens Langhammer bebeff9f7f root: allow for changing of logo and branding 2020-09-13 17:52:33 +02:00
Jens Langhammer 8b99afa34d stages/email: fix binary files not being encoded correctly 2020-09-13 17:40:13 +02:00
Jens Langhammer b317852e8a static: replace brand.svg with text and font 2020-09-13 17:33:30 +02:00
Jens Langhammer 8e6bb48227 sources/saml: add mitigation for idp-initiated requests 2020-09-13 15:39:25 +02:00
Jens Langhammer 7a4e8af1ae outpost: fix outpost update signal only being sent to outposts connected to the same passbook instance 2020-09-13 14:29:40 +02:00
Jens Langhammer 0161205c82 sources/saml: fix previous request ID being wrongly compared
request ID was compared to request ID not InResponseTo field
2020-09-13 14:00:56 +02:00
Jens Langhammer ca0ba85023 providers/saml: disallow idp-initiated SSO by default and validate Request ID 2020-09-12 00:53:44 +02:00
Jens L 23cccebb96
pytest (#209) 2020-09-11 23:21:11 +02:00
Jens Langhammer 081ac0bcdb root/asgi: hide healthcheck logs from sentry 2020-09-10 17:29:13 +02:00
Jens Langhammer 8a07b349ee root: fix IP detection in ASGI logger, attempt to fix out of order issues 2020-09-10 16:58:25 +02:00
Jens Langhammer b3468bc265 providers/oauth2: fix comparison to undefined ResponseTypes 2020-09-10 16:26:55 +02:00
Jens Langhammer 404f5d7912 new release: 0.10.0-rc6 2020-09-10 14:35:17 +02:00
Jens Langhammer 0b0ba33dce new release: 0.10.0-rc5 2020-09-10 14:24:31 +02:00
Jens Langhammer 17a90adf3e new release: 0.10.0-rc4 2020-09-10 13:17:38 +02:00
Jens Langhammer 7471415e7f new release: 0.10.0-rc3 2020-09-10 13:13:32 +02:00
Jens Langhammer e72000eb06 new release: 0.10.0-rc2 2020-09-10 13:11:34 +02:00
Jens Langhammer 43cb08b433 new release: 0.10.0-rc1 2020-09-10 13:05:12 +02:00
Jens Langhammer 1356a8108b docs: add docs for outposts 2020-09-09 19:34:19 +02:00
Jens Langhammer 349e536d14 flows/tests: add tests to ensure flows in documentation are valid 2020-09-09 17:23:16 +02:00
Jens Langhammer cddc9bc1b7 flows/tests: update transfer tests to use same rollback function as importer 2020-09-09 17:22:44 +02:00
Jens Langhammer 6d27408a10 transfer/exporter: ensure policies are exported before stages, ensure policies for new prompt stages are included 2020-09-09 17:22:24 +02:00
Jens Langhammer 50a5959f6c flows/importer: fix validate writing to database not being reverted 2020-09-09 17:21:43 +02:00
Jens Langhammer 18f42a0edf flows/importer: fix multiple uses of an importer instance causing errors 2020-09-09 17:21:16 +02:00
Jens Langhammer 860ba994a6 policies/api: fix PolicyBinding's target being validated against the wrong pks 2020-09-09 17:20:37 +02:00
Jens Langhammer 1776b72356 stages/prompt: remove PolicyBindingModel from PromptStage *breaking*
This resolves issues caused by the multiple primary keys, but also requires re-creation of the model.
2020-09-09 17:16:43 +02:00
Jens Langhammer 3b6341bf41 flow/transfer: fix pk's not being replaced in lists 2020-09-08 23:01:42 +02:00
Jens Langhammer 3b97389833 asgi: revert ignore lifespan requests, remove healthcheck events from sentry
fixes PASSBOOK-5K
2020-09-08 18:29:01 +02:00
Jens Langhammer 102d536a72 flows: fix incorrect pk being used in FlowStageBinding Form 2020-09-08 18:18:06 +02:00
Jens Langhammer 9712be847c policies/api: fix target returning pbm_uuid instead of proper primary key of the object 2020-09-08 18:05:50 +02:00
Jens Langhammer f0b5e8143e admin: fix flow export view raising error 2020-09-08 16:49:15 +02:00
Jens Langhammer 87b14e8761 flows/planner: optimise db queries during plan building 2020-09-07 11:27:02 +02:00
Jens Langhammer 28893b9695 flows/transfer: fix missing unique fields for PolicyBinding 2020-09-07 11:26:37 +02:00
Jens Langhammer bf4763d946 asgi: ignore lifespan requests, remove healthcheck events from sentry 2020-09-06 16:51:50 +02:00
Jens Langhammer 219e16f8e5 *: use direct sentry Hub for start_span 2020-09-06 16:12:17 +02:00
Jens Langhammer 6ebefc9f17 root: fix some logs not being json 2020-09-06 15:52:54 +02:00
Jens Langhammer dd017e7190 flows: fix exporting and importing for models with multiple unique fields 2020-09-06 01:07:06 +02:00
Jens L 268de20872
Proxy v2 (#189) 2020-09-03 00:04:12 +02:00
Jens Langhammer 14e47f3195 flows: fix default flows not having titles 2020-09-02 13:05:34 +02:00
Jens Langhammer c39d136383 flows: add title field 2020-08-28 15:23:03 +02:00
Jens Langhammer a977184577 flows: export export/import functions in UI 2020-08-28 15:06:25 +02:00
dependabot-preview[bot] b2cb794865
build(deps): bump @patternfly/patternfly in /passbook/static/static (#192)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.31.6 to 4.35.2.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.31.6...prerelease-v4.35.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-27 10:38:27 +02:00
Jens L 0e0898c3cf
Flow exporting/importing (#187)
* stages/*: Add SerializerModel as base model, implement serializer property

* flows: add initial flow exporter and importer

* policies/*: implement .serializer for all policies

* root: fix missing dacite requirement
2020-08-22 00:42:15 +02:00
dependabot-preview[bot] 8b17e8be99
build(deps): bump codemirror in /passbook/static/static (#185)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.56.0 to 5.57.0.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.56.0...5.57.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-21 10:52:03 +02:00
Jens Langhammer 9826bb4d01 root: fix sentry's being passed incorrectly 2020-08-20 23:12:54 +02:00
Jens Langhammer f7c629ec9b root: when error_reporting is enabled, don't sent pii data by default 2020-08-20 22:19:49 +02:00
Jens Langhammer e2aeb96a6a root: fix invalid import for clean_expired_models 2020-08-20 21:53:20 +02:00
Jens L ff810c689f
Replace Elastic APM with Sentry APM (#183) 2020-08-20 20:39:21 +02:00
Jens Langhammer 0eb94df1f7 providers/oauth2: fix redirect_uri not being checked correctly if multiple redirect_uris are configured 2020-08-20 16:41:00 +02:00
Jens Langhammer 0394adaf46 *: fix general Linting errors 2020-08-19 10:49:14 +02:00
Jens L c7a2410b1d
OAuth Provider Rewrite (#182) 2020-08-19 10:32:44 +02:00
dependabot-preview[bot] b9076b5fd4
build(deps): bump @patternfly/patternfly from 4.31.4 to 4.31.6 in /passbook/static/static (#179)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.31.4 to 4.31.6.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.31.4...prerelease-v4.31.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-08-18 21:42:39 +02:00
Jens Langhammer 7923468a01 admin: fix incorrect view name for groups 2020-08-16 17:41:48 +02:00
Jens Langhammer bd25cadb71 lib: fix config possibly iterating None 2020-08-15 21:12:38 +02:00
Jens Langhammer 7334599efd *: update JSON fields to django 3.1 2020-08-15 21:04:22 +02:00
dependabot-preview[bot] 086a3c0548
build(deps): bump @patternfly/patternfly in /passbook/static/static
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.23.3 to 4.31.4.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.23.3...prerelease-v4.31.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-14 20:58:38 +00:00
Jens Langhammer 45df127f18 e2e: lock mailhog docker image 2020-08-14 17:55:44 +02:00
Jens Langhammer 55cf49bb8a root: attempt to fix broken e2e tests 2020-08-14 17:39:41 +02:00
Jens Langhammer 316ac78e49 new release: 0.9.0-stable 2020-08-01 22:17:59 +02:00
Jens Langhammer de2b67b111 providers/app_gw: improve templates 2020-08-01 22:13:12 +02:00
Jens Langhammer e1bbbe6671 providers/app_gw: disable client authz to use passbook 2020-08-01 20:53:55 +02:00
Jens Langhammer 8b3839343c providers/oidc: remove static lookup for OIDCProvider, get related object for app_gw 2020-08-01 20:53:33 +02:00
Jens Langhammer 7897ca4744 providers/app_gw: fix Client scopes and URLs 2020-08-01 20:33:38 +02:00
Jens Langhammer 1a21012911 providers/app_gw: fix URL Validation not working for internal and external host 2020-08-01 20:02:43 +02:00
Jens Langhammer d4a5269bf1 *: Adjust forms to only show respective types of Flows and PropertyMappings 2020-08-01 20:02:23 +02:00
Jens Langhammer fcf70a3cd4 providers/app_gw: Fix K8s template labels, add missing ISSUER_URL 2020-08-01 19:47:40 +02:00
Jens Langhammer 1a6dd00681 providers/saml: fix X509Data container linebreaks 2020-08-01 19:38:59 +02:00
Jens Langhammer 330bd0932b providers/saml: fix NotOnOrAfter using incorrect timestamp 2020-08-01 19:38:41 +02:00
Jens Langhammer c58658d820 new release: 0.9.0-rc2 2020-07-26 23:34:36 +02:00
Jens Langhammer a9b5e6ea13 flows: fix shell not showing spinner after submit 2020-07-26 22:15:50 +02:00
Jens Langhammer ddb0fdee98 providers/app_gw: generate docker-compose in code 2020-07-26 22:01:37 +02:00
Jens Langhammer 83205f1b49 providers/app_gw: use full URL with protocol for internal/external_host 2020-07-26 22:01:20 +02:00
Jens Langhammer ae629d1159 providers/oauth: remove LoginRequired from AuthorizationFlowInitView as user is redirected within 2020-07-25 21:36:50 +02:00
Jens Langhammer 72a6f9cbe0 providers/saml: remove LoginRequired from SAMLSSOView as user is redirected within 2020-07-25 21:36:28 +02:00
Jens Langhammer 9793b7461b providers/oidc: remove LoginRequired from AuthorizationFlowInitView as user is redirected within 2020-07-25 21:35:38 +02:00
Jens Langhammer 9c1a824dc4 providers/app_gw: fix Issuer URL being incorrect, fix incorrect length cookie secret 2020-07-25 21:34:14 +02:00
dependabot-preview[bot] 94f3e6d0c5
build(deps): bump codemirror in /passbook/static/static
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.55.0 to 5.56.0.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.55.0...5.56.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-21 05:16:34 +00:00
Jens Langhammer ffff69ada0 stages/consent: add unittests for new modes 2020-07-20 18:47:52 +02:00
Jens Langhammer 37a432267d Squashed commit of the following:
commit 88029a4335
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Mon Jul 20 16:55:55 2020 +0200

    admin: update to work with new form

commit 4040eb9619
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Mon Jul 20 16:43:30 2020 +0200

    *: remove path-based import from all PropertyMappings

commit c9663a08da
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Mon Jul 20 16:33:34 2020 +0200

    flows: update work with new stages

commit a3d92ebc0a
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Mon Jul 20 16:23:30 2020 +0200

    stages/*: remove path-based import from all stages

commit 6fa825e372
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Mon Jul 20 16:03:55 2020 +0200

    providers/*: remove path-based import from all providers

commit 6aefd072c8
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Mon Jul 20 15:58:48 2020 +0200

    policies/*: remove path-based import from all policies

commit ac2dd3611f
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Mon Jul 20 15:11:27 2020 +0200

    sources/*: remove path-based import from all sources

commit 74e628ce9c
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Mon Jul 20 14:43:38 2020 +0200

    ui: allow overriding of verbose_name

commit d4ee18ee32
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Mon Jul 20 14:08:27 2020 +0200

    sources/oauth: migrate from discordapp.com to discord.com
2020-07-20 18:17:14 +02:00
Jens Langhammer 50612991fa stages/consent: start implementing user consent 2020-07-20 13:19:58 +02:00
Jens Langhammer 37b2400cdb lib: move SAML timestring utils into lib 2020-07-20 11:35:16 +02:00
Jens Langhammer c60d1e1f9a core: separate expiry logic from tokens and make re-usable 2020-07-20 10:57:12 +02:00
dependabot-preview[bot] 5552aca079
build(deps): bump @patternfly/patternfly in /passbook/static/static
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.16.7 to 4.23.3.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.16.7...prerelease-v4.23.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-20 05:14:37 +00:00
Jens Langhammer ff2456dcfa root: clean log output, always show logger 2020-07-19 22:48:52 +02:00
dependabot-preview[bot] aff074420b
build(deps): bump @fortawesome/fontawesome-free
Bumps [@fortawesome/fontawesome-free](https://github.com/FortAwesome/Font-Awesome) from 5.13.1 to 5.14.0.
- [Release notes](https://github.com/FortAwesome/Font-Awesome/releases)
- [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/master/CHANGELOG.md)
- [Commits](https://github.com/FortAwesome/Font-Awesome/compare/5.13.1...5.14.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-16 05:15:24 +00:00
Jens Langhammer edbea9ccff audit: fix list not having loginrequired
closes #127
2020-07-15 18:34:53 +02:00
Jens Langhammer 6b26e10ea2 new release: 0.9.0-rc1 2020-07-15 12:00:47 +02:00
Jens Langhammer e15f7d7f28 flows: fix potential open redirect vuln 2020-07-14 21:57:28 +02:00
Jens Langhammer fbf9554a9e flows: fix SESSION_KEY_GET being deleted too early 2020-07-14 21:42:47 +02:00
Jens Langhammer b452e751ea flows: add SESSION_KEY_APPLICATION_PRE
whenever a user tries to access an application without being authenticated to passbook, we now show notice which application they are going to continue to.
2020-07-12 22:47:46 +02:00
Jens Langhammer a3baa100d4 sources/saml: remove unused import 2020-07-12 18:55:26 +02:00
Jens Langhammer f7b9de1261 */saml: fix MetadataProcessor having generic namespace prefixes 2020-07-12 18:40:43 +02:00
Jens Langhammer 47ca566d06 sources/saml: fix MetadataProcessor not working, add unittests 2020-07-12 18:40:18 +02:00
Jens Langhammer a943d060d2 core: add separate autosubmit form for use without flows 2020-07-12 18:24:36 +02:00
Jens Langhammer 1675dab314 providers/saml: fix encoding for POST bindings 2020-07-12 17:58:38 +02:00
Jens Langhammer 996aa367d3 core: fix autosubmit_form loading full template 2020-07-12 17:45:03 +02:00
Jens Langhammer be6f342e58 providers/saml: fix RelayState being included when None given 2020-07-12 17:22:14 +02:00
Jens Langhammer 464b558a02 */saml: fix typo 2020-07-12 17:20:41 +02:00
Jens Langhammer d1151091cd providers/saml: Generate NameID Value based on NameID Policy received 2020-07-12 17:06:35 +02:00
Jens Langhammer f8e5383ba2 providers/saml: parse NameID Policy from AuthnRequest 2020-07-12 17:05:48 +02:00
Jens Langhammer 06f73512df lib/evaluator: add support for IP Address comparison 2020-07-12 16:36:49 +02:00
Jens Langhammer 0ff4545bab providers/saml: fix AuthnRequest Signature validation, add unittests 2020-07-12 16:17:53 +02:00
Jens Langhammer ff6e270886 sources/saml: fix AuthnRequest Singing for redirect bindings 2020-07-12 16:17:35 +02:00
Jens Langhammer 91766a2162 sources/saml: automatically add RelayState to build_auth_n_detached 2020-07-12 01:46:46 +02:00
Jens Langhammer a393097504 */saml: start implementing unittests, fix signing 2020-07-12 01:44:34 +02:00
Jens Langhammer 2056b86ce7 providers/saml: rewrite SAML AuthNRequest Parser and Response Processor 2020-07-11 14:06:42 +02:00
Jens Langhammer 1b0c013d8e providers/saml: remove processor_path field 2020-07-11 13:28:10 +02:00
Jens Langhammer 92a09be8c0 sources/saml: rewrite Processors and Views to directly build XML without templates 2020-07-11 01:02:55 +02:00
Jens Langhammer d74366f413 policies/hibp: update for flows, add unittests 2020-07-10 20:57:15 +02:00
Jens Langhammer 5bcf2aef8c policies/password: Add Password Policy tests, update password policy for flows 2020-07-10 20:53:08 +02:00
Jens Langhammer 8de3c4fbd6 sources/ldap: improve unittests 2020-07-10 20:21:51 +02:00
Jens Langhammer 7ac4242a38 e2e: add test for OAuth Enrollment -> OAuth Authentication 2020-07-10 00:14:48 +02:00
Jens Langhammer 4caa4be476 sources/oauth: fix UserOAuthSourceConnection not being assigned to user after enrollment
sources/oauth: separate handle_new_connection into handle_existing_user_link and handle_enroll
2020-07-10 00:07:59 +02:00
Jens Langhammer c6d8bae147 e2e: generate dex config dynamically 2020-07-09 23:15:22 +02:00
Jens Langhammer c70310730a sources/oauth: split up single large "core" views 2020-07-09 23:09:32 +02:00
Jens Langhammer 2d2b2d08f4 core: fix source slug not being unique 2020-07-09 23:05:46 +02:00
Jens Langhammer 8fe6a5b62d stages/prompt: fix checkbox not working, fix date and datetime not using HTML5 input types 2020-07-09 22:55:44 +02:00
Jens Langhammer 64c47a59f8 e2e: add tests for OAuth Source, update tests for new base templates 2020-07-09 00:53:18 +02:00
Jens Langhammer 9518cefdd7 flows: fix default-source-enrollment-if-username expression 2020-07-09 00:20:42 +02:00
Jens Langhammer 32d5c26577 core: fix base_full template missing messages 2020-07-09 00:18:45 +02:00
Jens Langhammer ef2cdf27b3 stages/prompt: add static and separator elements 2020-07-09 00:00:15 +02:00
Jens Langhammer e58ac7ae90 polices: add helper to remove None-value keys from dict for policies 2020-07-08 23:07:16 +02:00
Jens Langhammer d786fa4b7c sources/oauth: rewrite to not directly create user, pre-seed data into flow 2020-07-08 20:39:20 +02:00
Jens Langhammer 0e3e73989d sources/saml: Add NameID Policy field, sent with AuthnRequest 2020-07-08 16:18:09 +02:00
Jens Langhammer d831599608 core: make autosubmit_form generic template 2020-07-08 14:27:58 +02:00
Jens Langhammer 1e57926603 sources/saml: add POST_AUTO binding which auto redirects to IdP 2020-07-08 14:18:08 +02:00
Jens Langhammer 1524880eec core: add generic login/base_full template for static login views 2020-07-08 14:17:29 +02:00
Jens Langhammer 0bfb623f97 providers/saml: fix autosubmit_form using wrong template 2020-07-08 14:12:44 +02:00
Jens Langhammer 429627494c root: fix passbook.footer_links not being rendered 2020-07-08 13:18:33 +02:00
Jens Langhammer c7f078ffcc new release: 0.9.0-pre7 2020-07-07 22:34:44 +02:00
Jens Langhammer 571cb3d65f sources/oauth: disable twitter source while its broken 2020-07-07 22:25:50 +02:00
Jens Langhammer 8c500c38b1 policies/reputation: only change score when credentials contain username 2020-07-07 22:25:37 +02:00
Jens Langhammer 5644e57e6a sources/oauth: directly call AuthorizedServiceBackend instead of authenticate() 2020-07-07 22:23:45 +02:00
Jens Langhammer cfc181eed1 sources/oauth: fix wrong comparions
closes #118
2020-07-07 21:46:16 +02:00
Jens Langhammer 91bea38b8e lib: ignore APM errors 2020-07-07 21:45:36 +02:00
Jens Langhammer d95c5aa739 root: allow changing of APM verify_server_cert setting 2020-07-07 19:59:32 +02:00
Jens Langhammer 0b250b897e new release: 0.9.0-pre6 2020-07-07 19:14:29 +02:00
Jens L c6880a0f16
Merge pull request #117 from BeryJu/apm
Support for Elastic APM
2020-07-07 18:48:40 +02:00
Jens Langhammer 231e448b1a lib/eval: fix import order 2020-07-07 18:05:38 +02:00
Jens Langhammer b3b8cd807d root: expose APM settings in helm chart 2020-07-07 17:54:07 +02:00
Jens Langhammer 9021bbd5de root: implement APM support 2020-07-07 17:43:10 +02:00
Jens Langhammer 169475ab39 crypto: add colon seperator for fingerprint 2020-07-07 17:05:31 +02:00
Jens Langhammer c00e01626e sources/ldap: adjust task schedule name 2020-07-07 17:04:07 +02:00
Jens Langhammer 05d4a9ef62 policies/reputation: rewrite to save score into cache and save into DB via worker 2020-07-07 17:03:57 +02:00
Jens Langhammer 17a2ac73e7 stages/user_write: add signals 2020-07-07 15:49:02 +02:00
Jens Langhammer 6bc6f947dd stages/invitation: move invite signals from core to app 2020-07-07 15:46:13 +02:00
Jens Langhammer 363940ee8d root: fix API requests erroring 2020-07-07 14:02:20 +02:00
Jens Langhammer b12182c1d1 admin: improve overview layout 2020-07-07 13:13:15 +02:00
Jens Langhammer d8f27f595a admin: use django cache for admin version (expiry) 2020-07-07 13:12:54 +02:00
Jens Langhammer 2dc1b65718 ui: fix modal layout 2020-07-06 20:50:14 +02:00
Jens Langhammer af22f507f4 sources/oauth: fix template for user settings 2020-07-06 17:48:53 +02:00
Jens Langhammer 9958019bf3 core: fix user's sidebar links for sources 2020-07-06 17:46:41 +02:00
Jens Langhammer 02d65972cb admin: fix submit button on update form 2020-07-06 17:46:30 +02:00
Jens Langhammer 24ad893350 admin: fix token_list template 2020-07-06 17:43:20 +02:00
Jens Langhammer 094d191bff new release: 0.9.0-pre5 2020-07-06 12:52:34 +02:00
Jens Langhammer 78e5d471e3 core: fix type annotation for user settings 2020-07-05 23:49:33 +02:00
Jens Langhammer 2e2c9f5287 api: add token authentication 2020-07-05 23:37:58 +02:00
Jens Langhammer d5a3e09a98 core: add token Intents 2020-07-05 23:14:57 +02:00
Jens Langhammer 2402cfe29d providers/* use name for __str__ 2020-07-05 23:00:40 +02:00
Jens Langhammer 26613b6ea9 core: fix application overview 2020-07-05 22:58:52 +02:00
Jens Langhammer e5165abf04 stages/user_login: Allow changing of session duration 2020-07-04 15:20:45 +02:00
Jens Langhammer b26882a450 flows: FlowStageBinding group Stage by type 2020-07-04 15:02:21 +02:00
Jens Langhammer 94281bee88 admin: improve policy binding listing by showing Target object type 2020-07-04 00:18:19 +02:00
Jens Langhammer 16b966c16e policies: Show grouped Dropdown for Target 2020-07-04 00:16:16 +02:00
Jens Langhammer d3b0992456 flows: FlowStageBinding: rename .flow to .target to fix select_subclasses() 2020-07-04 00:14:21 +02:00
Jens Langhammer 1d9c92d548 admin: add generic form tests 2020-07-02 22:29:30 +02:00
Jens Langhammer bead19c64c flows: cleanup denied view, use everywhere 2020-07-02 13:48:42 +02:00
Jens Langhammer ae83ee6d31 providers/saml: fix access result not being checked properly 2020-07-02 00:23:52 +02:00
Jens Langhammer 4701374021 admin: remove duplicate code into new base classes 2020-07-02 00:13:33 +02:00
Jens Langhammer bd40585247 providers/samlv2: remove SAMLv2 from master 2020-07-01 23:21:58 +02:00
Jens Langhammer cc0b8164b0 providers/*: use PolicyAccessMixin to simplify 2020-07-01 23:18:10 +02:00
Jens Langhammer 310b31a8b7 core: fix linting 2020-07-01 22:35:38 +02:00
Jens Langhammer 13900bc603 lib: cleanup unused widgets 2020-07-01 22:27:58 +02:00
Jens Langhammer 6634cc2edf root: add group_membership policy 2020-07-01 21:18:05 +02:00
Jens Langhammer 3478a2cf6d admin: add filter to hide classes with __debug_only__ when Debug is disabled 2020-07-01 18:53:13 +02:00
Jens Langhammer 3b70d12a5f *: rephrase strings 2020-07-01 18:40:52 +02:00
Jens Langhammer 219acf76d5 core: fix forms for radio buttons 2020-07-01 12:47:27 +02:00
Jens Langhammer ec6f467fa2 ui: Make Checkbox label click trigger checkbox toggle 2020-07-01 12:37:13 +02:00
Jens Langhammer 0e6561987e admin: fix user and group create not triggering sidebar 2020-07-01 12:36:44 +02:00
Jens Langhammer 62c20b6e67 admin: add list of all tokens 2020-07-01 12:27:30 +02:00
Jens Langhammer 13084562c5 admin: fix Password Recovery function not working 2020-07-01 12:10:12 +02:00
Jens Langhammer 02c1c434a2 core: update styling of impersonate banner 2020-07-01 12:01:58 +02:00
Jens Langhammer 5f04a75878 new release: 0.9.0-pre4 2020-07-01 09:50:21 +02:00
Jens Langhammer 89c33060d4 core: fix user settings sidebar buttons not being enabled 2020-06-30 21:26:43 +02:00
Jens Langhammer b61f595562 core: ensure user settings are sorted by name 2020-06-30 21:24:58 +02:00
Jens Langhammer ce2230f774 stages/otp_*: update user setting design 2020-06-30 21:23:37 +02:00
Jens Langhammer c59c6aa728 stages/*: minor UI updates, cleanup 2020-06-30 19:06:41 +02:00
Jens Langhammer 729910c383 stages/*: minor string updates 2020-06-30 18:52:18 +02:00
Jens Langhammer 37fe637422 stages/password: make template inherit form_with_user 2020-06-30 18:50:24 +02:00
Jens Langhammer 2ca5e1eedb stages/otp_*: fix linting 2020-06-30 16:12:19 +02:00
Jens Langhammer d2bf579ff6 stages/otp_static: start implementing static stage 2020-06-30 15:44:34 +02:00
Jens Langhammer 3716bda76e stages/otp_time: fix linting 2020-06-30 13:44:09 +02:00
Jens Langhammer a76eb4d30f stages/otp_time: Cleanup, use django_otp's URL generator 2020-06-30 12:42:39 +02:00
Jens Langhammer 7c191b0984 stages/otp_validate: Implement OTP Validation stage 2020-06-30 12:42:12 +02:00
Jens Langhammer 9613fcde89 Squashed commit of the following:
commit 885a2ed057
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date:   Tue Jun 30 12:17:23 2020 +0200

    flows: fix linting error
2020-06-30 12:18:01 +02:00
Jens Langhammer b270fb0742 stages/otp_time: implement TOTP Setup stage 2020-06-30 12:14:40 +02:00
Jens Langhammer 285a69d91f Merge branch 'master' into otp-rework 2020-06-30 11:23:09 +02:00
Jens Langhammer de3b753a26 flows: show error message in flow when stage raises 2020-06-30 11:18:39 +02:00
Jens Langhammer 34be1dd9f4 admin: add execute button to flow which executes flow without cache 2020-06-30 11:18:20 +02:00
Jens Langhammer a4c0fb9e75 otp_time: fix linting 2020-06-30 10:42:27 +02:00
Jens Langhammer f040223646 audit: move events list from admin to audit app 2020-06-30 10:23:54 +02:00
Jens Langhammer bf297b8593 admin: add info about latest version 2020-06-30 10:23:39 +02:00
Jens L b746ce97ba
Merge branch 'master' into flows-cancel 2020-06-30 00:20:33 +02:00
Jens Langhammer dbee714dac api: fix consent stage missing from API 2020-06-30 00:19:06 +02:00
Jens Langhammer d33f632203 flows: add CancelView to cancel current flow execution 2020-06-30 00:11:01 +02:00
Jens Langhammer 920858ff72 Merge branch 'master' into otp-rework
# Conflicts:
#	passbook/flows/models.py
#	passbook/stages/otp/models.py
#	swagger.yaml
2020-06-29 22:54:18 +02:00
Jens Langhammer 8d31eef47d stages/password: assign default password change flow to password stage
add e2e tests for password change flow
2020-06-29 21:47:20 +02:00
Jens Langhammer 96a6ac85df audit: add cleanse_dict function to ensure no passwords end in logs 2020-06-29 19:13:07 +02:00
Jens Langhammer 21ba969072 stages/password: create default password change flow 2020-06-29 16:26:21 +02:00
Jens Langhammer d6a8d8292d core: UIUserSettings: remove icon, rename view_name to URL for complete URL 2020-06-29 16:20:33 +02:00
Jens Langhammer 693a92ada5 audit: fix sanitize_dict updating source dict 2020-06-29 16:19:56 +02:00
Jens Langhammer ec823aebed flows: update migrations to use update_or_create 2020-06-29 16:19:39 +02:00
Jens Langhammer b8654c06bf flows: remove generic "password change" designation and add setup_stage 2020-06-29 11:12:51 +02:00
Jens Langhammer 9d03c4c7d2 flows: Stage ui_user_settings -> staticmethod with context as argument 2020-06-28 10:31:26 +02:00
Jens Langhammer 8c36ab89e8 stages/otp: start separation into 3 stages, otp_time, otp_static and otp_validate 2020-06-28 10:30:35 +02:00
Jens Langhammer cc7e4ad0e2 e2e: show browser logs to debug CI issues 2020-06-26 15:06:46 +02:00
Jens Langhammer 768464dc6a new release: 0.9.0-pre3 2020-06-25 20:39:50 +02:00
Jens Langhammer 5a11206fe9 Merge branch 'master' into e2e 2020-06-25 17:58:51 +02:00
Jens Langhammer 9675fbb07d e2e: add tests for enrollment with email 2020-06-25 17:45:06 +02:00
Jens Langhammer 57a7bed99d sources/oauth: fix facebook provider 2020-06-25 10:24:53 +02:00
dependabot-preview[bot] b8b5069df1 build(deps): bump @patternfly/patternfly in /passbook/static/static
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.10.31 to 4.16.7.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.10.31...prerelease-v4.16.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-06-25 09:21:20 +02:00
Jens Langhammer 9eaceb9ec6 e2e: add tests for SAML source 2020-06-24 23:24:45 +02:00
Jens Langhammer 05778d8065 sources/saml: minor formatting fixes 2020-06-24 22:46:20 +02:00
Jens Langhammer 831e228f80 api: fix SAMLSource missing from API 2020-06-24 22:28:40 +02:00
Jens Langhammer 31e0d74495 sources/saml: correctly cleanup transient users, update forms 2020-06-24 22:27:14 +02:00
Jens Langhammer 05999cb8c7 sources/saml: start implementing transient NameID format 2020-06-24 21:50:30 +02:00
Jens Langhammer c0d8aa2303 sources/saml: fix SAMLRequest not being encoded properly for Redirect bindings 2020-06-24 13:12:34 +02:00
Jens Langhammer db6cb5ad51 core: make generic error template work with shell executor 2020-06-23 21:49:43 +02:00
Jens Langhammer 52f138d402 sources/saml: improve error handing of invalid signatures 2020-06-23 21:49:27 +02:00
dependabot-preview[bot] 59b8b1e92a
build(deps): bump codemirror in /passbook/static/static (#86)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.54.0 to 5.55.0.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.54.0...5.55.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-22 10:55:16 +02:00
Jens Langhammer 491e507d49 stages/email: check saved get params for token 2020-06-21 20:46:48 +02:00
Jens Langhammer de1be2df88 flows: save entire GET params from shell executor 2020-06-21 20:46:38 +02:00
Jens Langhammer 39f51ec33d stages/email: fix email account confirmation email template 2020-06-21 20:13:59 +02:00
Jens Langhammer 1b3c0adf75 e2e: cleanup, always take screenshots on teardown 2020-06-21 15:09:01 +02:00
Jens Langhammer 6122dcacc7 flows: fix flow cache not being cleared correctly when stages are saved 2020-06-21 12:40:01 +02:00
Jens Langhammer 4d81172a48 providers/oauth: add support for consent stage, cleanup 2020-06-20 23:30:53 +02:00
Jens Langhammer c97b946a00 providers/saml: make SAML provider compatible with consent 2020-06-20 22:30:45 +02:00
Jens Langhammer 3753275453 providers/saml: make metadata accessible without authentication 2020-06-20 21:51:52 +02:00
Jens Langhammer e4cb9b7ff9 providers/saml: fix provider has no attribute sp_binding 2020-06-20 21:49:48 +02:00
Jens Langhammer a0f05caf8e providers/saml: move templates into correct folder 2020-06-20 21:49:16 +02:00
Jens Langhammer 42e9ce4f72 providers/*: fix plan stages not being injected properly 2020-06-20 19:40:25 +02:00
Jens Langhammer 331faa53bc providers/saml: fix metadata template using wrong templates 2020-06-20 19:35:48 +02:00
Jens Langhammer 68efcc7bf2 e2e: add custom testcase class to simplify code 2020-06-20 17:06:00 +02:00
Jens Langhammer 7b7305607c root: enable debug logging when testing 2020-06-20 15:48:54 +02:00
Jens Langhammer 14fd137f89 root: improve test detection 2020-06-19 22:27:20 +02:00
Jens Langhammer af8cdb34ee *: fix not all migrations using db_alias 2020-06-19 20:43:27 +02:00
Jens Langhammer 03b1a67b44 flows: change wording of consent on flows 2020-06-19 20:33:41 +02:00
Jens Langhammer 3a40e50fa0 providers/oidc: add template for consent 2020-06-19 20:19:31 +02:00
Jens Langhammer fa5c2bd85c stages/consent: add FlowPlan context variable for template name 2020-06-19 20:19:18 +02:00
Jens Langhammer 73e7158178 e2e: add OIDC Provider test against grafana, more formatting, minor bug fixes 2020-06-19 19:45:27 +02:00
Jens Langhammer 8c6a4a4968 e2e: test against standalone chrome instance, start implementing oidc provider test 2020-06-19 18:19:20 +02:00
Jens Langhammer c83216ece0 Merge branch 'master' into e2e
# Conflicts:
#	Pipfile.lock
#	docs/installation/docker-compose.md
2020-06-19 09:00:46 +02:00
dependabot-preview[bot] b0fec4f3e2
build(deps): bump @fortawesome/fontawesome-free (#80)
Bumps [@fortawesome/fontawesome-free](https://github.com/FortAwesome/Font-Awesome) from 5.13.0 to 5.13.1.
- [Release notes](https://github.com/FortAwesome/Font-Awesome/releases)
- [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/master/CHANGELOG.md)
- [Commits](https://github.com/FortAwesome/Font-Awesome/compare/5.13.0...5.13.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-19 08:53:29 +02:00
Jens Langhammer dab53cfd03 flows/executor: call plan.next before pop so we can save plan
ReevaluateMarker: use PolicyEngine without cache
2020-06-18 22:54:09 +02:00
Jens L 6a4086c490
flows: introduce FlowPlan markers, which indicate when a stage needs … (#79)
* flows: introduce FlowPlan markers, which indicate when a stage needs re-evaluation

Implement re_evaluate_policies
add unittests for several different scenarios
closes #78

* flows: move markers to separate files, cleanup formatting

* flows: fix self.next is not callable
2020-06-18 22:43:51 +02:00
Jens Langhammer bdf0e74af3 docs: add supported scopes of oauth provider 2020-06-18 19:39:58 +02:00
Jens Langhammer 5e8a1e3c0d *: make email naming consistent 2020-06-18 19:35:59 +02:00
Jens Langhammer afc8baff5f flows/shell: check for elements with autofocus attribute and call .focus();
closes #76
2020-06-18 19:09:12 +02:00
Jens Langhammer 3713d111a4 core: fix integrity error for default user
closes #75
2020-06-18 19:04:13 +02:00
Jens Langhammer 1d3460b670 new release: 0.9.0-pre2 2020-06-15 19:08:17 +02:00
Jens Langhammer feba3e2430 stages/prompt: Add username type field
add autocomplete attributes for username and password
2020-06-15 19:05:18 +02:00
Jens Langhammer b49d39a685 stages/identification: improve support for password managers 2020-06-15 18:38:09 +02:00
Jens Langhammer 34c1b3b68b stages/password: Improve support for password managers 2020-06-15 18:37:59 +02:00
Jens Langhammer e3d6ca6ab4 root: revert to non-prometheus db backend 2020-06-15 12:12:32 +02:00
Jens Langhammer 6f0e292c43 root: add lgtm 2020-06-15 11:56:20 +02:00
Jens Langhammer 9df1e7900d stages/email: add noopener noreferrer 2020-06-15 11:56:14 +02:00
Jens Langhammer 2a3166bf7e ui: (pf4) Update pagination and toolbar 2020-06-09 13:40:03 +02:00
Jens Langhammer 62fe4d617b ui: (pf4) update admin overview 2020-06-09 13:39:44 +02:00
Jens Langhammer b86b36f947 ui: (pf4) update forms 2020-06-09 13:39:35 +02:00
Jens Langhammer d6b9e67e78 ui: (pf4) fix navbar 2020-06-09 13:11:54 +02:00
Jens Langhammer f589da4e72 ui: (pf4) fix empty state 2020-06-09 09:52:25 +02:00
dependabot-preview[bot] 2e5170f631
build(deps): bump @patternfly/patternfly in /passbook/static/static (#58)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 2.71.6 to 4.10.31.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/v2.71.6...prerelease-v4.10.31)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-06-09 09:32:56 +02:00
Jens Langhammer bd312b60fc gatekeeper: update upstream docker image 2020-06-09 09:26:03 +02:00
Jens Langhammer 26aa7e1fef sources/ldap: fix 'LDAPSource' object has no attribute '_connection' 2020-06-09 01:17:17 +02:00
Jens Langhammer 5265064b10 new release: 0.9.0-pre1 2020-06-08 15:47:22 +02:00
Jens Langhammer ee8313142f Merge branch 'docs-flows'
# Conflicts:
#	passbook/core/templates/partials/form_horizontal.html
2020-06-08 15:43:46 +02:00
Jens Langhammer fc2eb003ea e2e: add apply_default_data to load data from migrations after tables have been truncated 2020-06-07 19:31:16 +02:00
Jens Langhammer aa440c17b7 Merge branch 'master' into e2e 2020-06-07 17:52:51 +02:00
Jens L 4915205678
WIP Use Flows for Sources and Providers (#32)
* core: start migrating to flows for authorisation

* sources/oauth: start type-hinting

* core: create default user

* core: only show user delete button if an unenrollment flow exists

* flows: Correctly check initial policies on flow with context

* policies: add more verbosity to engine

* sources/oauth: migrate to flows

* sources/oauth: fix typing errors

* flows: add more tests

* sources/oauth: start implementing unittests

* sources/ldap: add option to disable user sync, move connection init to model

* sources/ldap: re-add default PropertyMappings

* providers/saml: re-add default PropertyMappings

* admin: fix missing stage count

* stages/identification: fix sources not being shown

* crypto: fix being unable to save with private key

* crypto: re-add default self-signed keypair

* policies: rewrite cache_key to prevent wrong cache

* sources/saml: migrate to flows for auth and enrollment

* stages/consent: add new stage

* admin: fix PropertyMapping widget not rendering properly

* core: provider.authorization_flow is mandatory

* flows: add support for "autosubmit" attribute on form

* flows: add InMemoryStage for dynamic stages

* flows: optionally allow empty flows from FlowPlanner

* providers/saml: update to authorization_flow

* sources/*: fix flow executor URL

* flows: fix pylint error

* flows: wrap responses in JSON object to easily handle redirects

* flow: dont cache plan's context

* providers/oauth: rewrite OAuth2 Provider to use flows

* providers/*: update docstrings of models

* core: fix forms not passing help_text through safe

* flows: fix HttpResponses not being converted to JSON

* providers/oidc: rewrite to use flows

* flows: fix linting
2020-06-07 16:35:08 +02:00
Jens Langhammer 07da5f7122 Merge branch 'master' into docs-flows 2020-06-05 20:30:59 +02:00