Jens Langhammer
91766a2162
sources/saml: automatically add RelayState to build_auth_n_detached
2020-07-12 01:46:46 +02:00
Jens Langhammer
a393097504
*/saml: start implementing unittests, fix signing
2020-07-12 01:44:34 +02:00
Jens Langhammer
92a09be8c0
sources/saml: rewrite Processors and Views to directly build XML without templates
2020-07-11 01:02:55 +02:00
Jens Langhammer
8de3c4fbd6
sources/ldap: improve unittests
2020-07-10 20:21:51 +02:00
Jens Langhammer
7ac4242a38
e2e: add test for OAuth Enrollment -> OAuth Authentication
2020-07-10 00:14:48 +02:00
Jens Langhammer
4caa4be476
sources/oauth: fix UserOAuthSourceConnection not being assigned to user after enrollment
...
sources/oauth: separate handle_new_connection into handle_existing_user_link and handle_enroll
2020-07-10 00:07:59 +02:00
Jens Langhammer
c6d8bae147
e2e: generate dex config dynamically
2020-07-09 23:15:22 +02:00
Jens Langhammer
c70310730a
sources/oauth: split up single large "core" views
2020-07-09 23:09:32 +02:00
Jens Langhammer
e58ac7ae90
polices: add helper to remove None-value keys from dict for policies
2020-07-08 23:07:16 +02:00
Jens Langhammer
d786fa4b7c
sources/oauth: rewrite to not directly create user, pre-seed data into flow
2020-07-08 20:39:20 +02:00
Jens Langhammer
0e3e73989d
sources/saml: Add NameID Policy field, sent with AuthnRequest
2020-07-08 16:18:09 +02:00
Jens Langhammer
d831599608
core: make autosubmit_form generic template
2020-07-08 14:27:58 +02:00
Jens Langhammer
1e57926603
sources/saml: add POST_AUTO binding which auto redirects to IdP
2020-07-08 14:18:08 +02:00
Jens Langhammer
1524880eec
core: add generic login/base_full template for static login views
2020-07-08 14:17:29 +02:00
Jens Langhammer
571cb3d65f
sources/oauth: disable twitter source while its broken
2020-07-07 22:25:50 +02:00
Jens Langhammer
5644e57e6a
sources/oauth: directly call AuthorizedServiceBackend instead of authenticate()
2020-07-07 22:23:45 +02:00
Jens Langhammer
cfc181eed1
sources/oauth: fix wrong comparions
...
closes #118
2020-07-07 21:46:16 +02:00
Jens Langhammer
c00e01626e
sources/ldap: adjust task schedule name
2020-07-07 17:04:07 +02:00
Jens Langhammer
af22f507f4
sources/oauth: fix template for user settings
2020-07-06 17:48:53 +02:00
Jens Langhammer
3b70d12a5f
*: rephrase strings
2020-07-01 18:40:52 +02:00
Jens Langhammer
920858ff72
Merge branch 'master' into otp-rework
...
# Conflicts:
# passbook/flows/models.py
# passbook/stages/otp/models.py
# swagger.yaml
2020-06-29 22:54:18 +02:00
Jens Langhammer
d6a8d8292d
core: UIUserSettings: remove icon, rename view_name to URL for complete URL
2020-06-29 16:20:33 +02:00
Jens Langhammer
ec823aebed
flows: update migrations to use update_or_create
2020-06-29 16:19:39 +02:00
Jens Langhammer
57a7bed99d
sources/oauth: fix facebook provider
2020-06-25 10:24:53 +02:00
Jens Langhammer
05778d8065
sources/saml: minor formatting fixes
2020-06-24 22:46:20 +02:00
Jens Langhammer
31e0d74495
sources/saml: correctly cleanup transient users, update forms
2020-06-24 22:27:14 +02:00
Jens Langhammer
05999cb8c7
sources/saml: start implementing transient NameID format
2020-06-24 21:50:30 +02:00
Jens Langhammer
c0d8aa2303
sources/saml: fix SAMLRequest not being encoded properly for Redirect bindings
2020-06-24 13:12:34 +02:00
Jens Langhammer
52f138d402
sources/saml: improve error handing of invalid signatures
2020-06-23 21:49:27 +02:00
Jens Langhammer
6f0e292c43
root: add lgtm
2020-06-15 11:56:20 +02:00
Jens Langhammer
26aa7e1fef
sources/ldap: fix 'LDAPSource' object has no attribute '_connection'
2020-06-09 01:17:17 +02:00
Jens Langhammer
ee8313142f
Merge branch 'docs-flows'
...
# Conflicts:
# passbook/core/templates/partials/form_horizontal.html
2020-06-08 15:43:46 +02:00
Jens L
4915205678
WIP Use Flows for Sources and Providers ( #32 )
...
* core: start migrating to flows for authorisation
* sources/oauth: start type-hinting
* core: create default user
* core: only show user delete button if an unenrollment flow exists
* flows: Correctly check initial policies on flow with context
* policies: add more verbosity to engine
* sources/oauth: migrate to flows
* sources/oauth: fix typing errors
* flows: add more tests
* sources/oauth: start implementing unittests
* sources/ldap: add option to disable user sync, move connection init to model
* sources/ldap: re-add default PropertyMappings
* providers/saml: re-add default PropertyMappings
* admin: fix missing stage count
* stages/identification: fix sources not being shown
* crypto: fix being unable to save with private key
* crypto: re-add default self-signed keypair
* policies: rewrite cache_key to prevent wrong cache
* sources/saml: migrate to flows for auth and enrollment
* stages/consent: add new stage
* admin: fix PropertyMapping widget not rendering properly
* core: provider.authorization_flow is mandatory
* flows: add support for "autosubmit" attribute on form
* flows: add InMemoryStage for dynamic stages
* flows: optionally allow empty flows from FlowPlanner
* providers/saml: update to authorization_flow
* sources/*: fix flow executor URL
* flows: fix pylint error
* flows: wrap responses in JSON object to easily handle redirects
* flow: dont cache plan's context
* providers/oauth: rewrite OAuth2 Provider to use flows
* providers/*: update docstrings of models
* core: fix forms not passing help_text through safe
* flows: fix HttpResponses not being converted to JSON
* providers/oidc: rewrite to use flows
* flows: fix linting
2020-06-07 16:35:08 +02:00
Jens Langhammer
7664b428e7
sources/ldap: fix expression field not being CodeMirror
2020-06-05 20:18:45 +02:00
Jens Langhammer
30ca926b38
docs: remove last occurrences to jinja2
2020-06-05 20:18:11 +02:00
Jens L
73116b9d1a
policies/expression: migrate to raw python instead of jinja2 ( #49 )
...
* policies/expression: migrate to raw python instead of jinja2
* lib/expression: create base evaluator, custom subclass for policies
* core: rewrite propertymappings to use python
* providers/saml: update to new PropertyMappings
* sources/ldap: update to new PropertyMappings
* docs: update docs for new propertymappings
* root: remove jinja2
* root: re-add jinja to lock file as its implicitly required
2020-06-05 12:00:27 +02:00
Jens Langhammer
ef913abc7a
sources/ldap: add option to disable user sync, move connection init to model
2020-06-02 17:15:59 +02:00
Jens Langhammer
ddfa2abbaa
sources/ldap: re-add default PropertyMappings
2020-06-02 17:00:03 +02:00
Jens Langhammer
5fc5e54f47
sources/oauth: fix typing errors
...
# Conflicts:
# passbook/sources/oauth/clients.py
2020-06-02 16:57:38 +02:00
Jens Langhammer
e2804b9755
root: fix linting errors
2020-05-27 11:26:48 +02:00
Jens L
beabba2890
flows: Load Stages without refreshing the whole page ( #33 )
...
* flows: initial implementation of FlowExecutorShell
* flows: load messages dynamically upon card refresh
2020-05-24 00:57:25 +02:00
Jens Langhammer
0664f0b6b2
flows: add support for default_context, etc
...
default_context can be used to influence policies during the planning. This should be used when the Planner is called from other views to correctly preseed the plan.
This also checks if there is a PENDING_USER set, and uses that user for the cache key instead
2020-05-20 16:15:16 +02:00
Jens Langhammer
cafe2f1e1f
admin: fix linting
2020-05-20 13:59:56 +02:00
Jens Langhammer
969da05437
admin: show object's docstring on inheritance based lists
2020-05-20 13:47:58 +02:00
Jens L
24a3e787dd
migrate to per-model UUID Primary key, remove UUIDModel ( #26 )
...
* *: migrate to per-model UUID Primary key, remove UUIDModel
* *: fix import order, fix unittests
2020-05-20 09:17:06 +02:00
Jens Langhammer
13a20478fd
sources/oauth: add OIDC client
2020-05-19 21:53:46 +02:00
Jens Langhammer
f58ee7fb52
sources/oauth: fix handling of sources with spaces in their name
2020-05-19 21:53:36 +02:00
Jens Langhammer
a5319fc2fe
*: rename templatetags to clearly identify
2020-05-15 10:54:31 +02:00
Jens Langhammer
212e966dd4
factors: -> stage
2020-05-08 20:59:51 +02:00
Jens Langhammer
2a85e5ae87
flows: complete migration to FlowExecutorView, fully use context
2020-05-08 16:10:27 +02:00
Jens Langhammer
114bb1b0bd
flows: implement planner, start new executor
2020-05-08 14:33:14 +02:00
Jens Langhammer
5400882d78
flows/: more migration progress, consolidate views
2020-05-07 21:30:52 +02:00
Jens Langhammer
80d90b91e8
core: add general admin.py loader, remove individual files
2020-05-07 00:05:10 +02:00
Jens Langhammer
dc8b89a6b9
sources/saml: switch to new crypto
2020-03-03 23:35:38 +01:00
Jens Langhammer
81b66ecdcd
core: remove some more dead code, add more help texts for factors
2020-02-27 16:39:30 +01:00
Jens Langhammer
f8599438df
ui: fix lists not being rendered correctly
2020-02-24 13:13:42 +01:00
Jens Langhammer
64d7b009ab
sources/oauth: fix invalid headers, fix invalid function signature
2020-02-23 19:42:57 +01:00
Jens Langhammer
fa2870afe0
sources: remove policies as they are not used currently
2020-02-23 14:40:06 +01:00
Jens Langhammer
f4a676e2fb
sources/oauth: slugify provider type instead of just lowercase
2020-02-23 13:53:16 +01:00
Jens Langhammer
88c1ad4c1c
providers/saml: fix 500 when SAML Provider not assigned to application
2020-02-21 20:54:00 +01:00
Jens Langhammer
1285ba6fbb
ui: include font-awesome
2020-02-21 18:00:09 +01:00
Jens Langhammer
a09a1793ec
ui: update templates for jinja2-related fields
2020-02-21 15:36:37 +01:00
Jens Langhammer
8fd86a28ff
ui: fixup minor issues, add static app
2020-02-21 11:20:55 +01:00
Jens Langhammer
32a15f84c0
root: run bandit as part of pre-commit
2020-02-21 09:03:59 +01:00
Jens Langhammer
d988f37afc
lib: add SentryIgnoredException, to easily ignore exceptions from sentry
2020-02-20 21:38:53 +01:00
Jens Langhammer
295c0bae3f
sources/saml: validate SAMLResponse signature
2020-02-20 21:34:25 +01:00
Jens Langhammer
84fc54ddaa
sources/saml: entity_id -> issuer
2020-02-20 17:23:27 +01:00
Jens Langhammer
0b5caa85f5
all: sort imports and cleanup
2020-02-20 17:23:05 +01:00
Jens Langhammer
14e0a17dbc
ui: don't remove dashes when auto generating slug
2020-02-20 17:13:50 +01:00
Jens Langhammer
40a2a26904
sources/saml: fix Metadata cert including PEM header
2020-02-20 17:05:11 +01:00
Jens Langhammer
c8b3c6e51a
sources/saml: fix `build_full_url` using incorrect URL parameter
2020-02-20 17:04:54 +01:00
Jens Langhammer
6c889eff27
core: fix application icons not loading, fix with_sources being broken
2020-02-20 14:30:06 +01:00
Jens Langhammer
3c2b8e5ee1
all: prefix all UI related methods with ui_, switch to property and return dataclass
2020-02-20 13:51:41 +01:00
Jens Langhammer
07b7951390
sources/ldap: handle user_sync errors better, show warning when user exists already
2020-02-19 16:20:33 +01:00
Jens Langhammer
9267d0c1dd
all: general maintenance, prepare for pyright
2020-02-18 22:12:51 +01:00
Jens Langhammer
865abc005a
sources/oauth: remove leading spaces in default URLs
2020-02-18 21:49:53 +01:00
Jens Langhammer
a2725d5b82
sources/oauth: remove redundant OAuth2Clients
2020-02-18 21:49:40 +01:00
Jens Langhammer
4a05bc6e02
sources/oauth: improve default OAuth2 Client, send access_token as Bearer Authz
2020-02-18 21:49:23 +01:00
Jens Langhammer
4e8238603a
all: cleanup logging to be structured
2020-02-18 21:35:58 +01:00
Jens Langhammer
7c353f9297
sources/oauth: remove supervisr
2020-02-18 17:01:08 +01:00
Jens Langhammer
95416623b3
sources/ldap: better handle property mapping evaluation errors
2020-02-18 10:13:05 +01:00
Jens Langhammer
3aa2f1e892
*: propertymapping template -> expression
2020-02-17 20:38:14 +01:00
Jens Langhammer
bc4b7ef44d
providers/saml: add custom help text for templates, add docs for User Object reference
2020-02-17 20:30:14 +01:00
Jens Langhammer
e57da71dcf
sources/ldap: update LDAP source to use new property mappings
2020-02-17 17:55:48 +01:00
Jens Langhammer
41689fe3ce
sources/* add missing migrations
2020-02-17 16:27:35 +01:00
Jens Langhammer
e138076e1d
sources/saml: move labels from forms to models
2020-02-16 12:34:46 +01:00
Jens Langhammer
721d133dc3
sources/oauth: move labels from form to models
2020-02-16 12:34:33 +01:00
Jens Langhammer
75b687ecbe
sources/ldap: move labels from form to models
2020-02-16 12:30:45 +01:00
Jens Langhammer
e36d7928e4
providers/saml: big cleanup, simplify base processor
...
add New fields for
- assertion_valid_not_before
- assertion_valid_not_on_or_after
- session_valid_not_on_or_after
allow flexible time durations for these fields
fall back to Provider's ACS if none is specified in AuthNRequest
2020-02-14 15:19:48 +01:00
Jens Langhammer
766518ee0e
audit: sanitize kwargs when creating audit event
2019-12-31 13:33:07 +01:00
Jens Langhammer
3bd1eadd51
all: implement black as code formatter
2019-12-31 12:51:16 +01:00
Jens Langhammer
8eb3f0f708
ci: upgrade pylint to latest version
...
core: also upgrade kombu as https://github.com/celery/kombu/issues/1101 is fixed now
2019-12-31 12:45:29 +01:00
Jens Langhammer
31ea2e7139
audit: fix internal server error from passing models
2019-12-31 11:40:03 +01:00
Jens Langhammer
807cbbeaaf
audit: rewrite to be independent of django http requests, allow custom actions
2019-12-05 16:14:08 +01:00
Jens Langhammer
74cd0bc08f
all(minor): remove old, unused code
2019-12-05 15:07:37 +01:00
Langhammer, Jens
44c0eb37cf
sources/saml(minor): fix lint issue
2019-11-07 18:02:59 +01:00
Langhammer, Jens
adc3dcc2c4
sources/saml(minor): disallow login if source is not enabled
2019-11-07 17:35:25 +01:00
Langhammer, Jens
bac8227371
sources/saml(minor): fix fields not being shown
2019-11-07 17:28:59 +01:00
Langhammer, Jens
dabce36667
sources/saml(major): add saml SP
2019-11-07 17:02:56 +01:00
Langhammer, Jens
3bd56ce522
api(minor): fix invalid fieldls being selected
2019-11-07 10:30:22 +01:00