Commit graph

1703 commits

Author SHA1 Message Date
Jens Langhammer dfa6ed8ac2 add help to show how SAML Property Mapping substitutes variables 2019-04-29 22:19:13 +02:00
Jens Langhammer 66fe10299e new release: 0.1.37-beta 2019-04-29 21:43:18 +02:00
Jens Langhammer e0a3ec033f fix IDP-Initiated SAML Login 2019-04-29 21:39:41 +02:00
Jens Langhammer 7033ec0ab9 remove debug print 2019-04-29 21:39:30 +02:00
Jens Langhammer 4004579905 remove nexus_upload command 2019-04-29 21:39:16 +02:00
Jens Langhammer 9fe9e48a5c new release: 0.1.36-beta 2019-04-29 20:57:57 +02:00
Jens Langhammer 595a6c7fe6 remove guardian completely 2019-04-29 20:57:54 +02:00
Jens Langhammer 11b5860d4a new release: 0.1.35-beta 2019-04-29 20:47:32 +02:00
Jens Langhammer 9bdbff4cda fix gitlab-ci using incorrect variables for docker access 2019-04-29 20:42:24 +02:00
Jens Langhammer e0d597eeac show cache on admin overview, add modal to clear cache, re-add logging to policy 2019-04-29 20:37:44 +02:00
Jens Langhammer f576985cc9 remove django guardian and check application access via PolicyEngine 2019-04-29 20:07:18 +02:00
Jens Langhammer 22a6aef60b fix wrong import 2019-04-29 20:06:52 +02:00
Jens Langhammer ec0a6e7854 new release: 0.1.34-beta 2019-04-29 19:22:20 +02:00
Jens Langhammer 6904608e6f fix clicking on administration always loading admin interface 2019-04-29 19:22:14 +02:00
Jens Langhammer cb3732cb2b filter out connection errors for sentry 2019-04-29 19:16:49 +02:00
Jens Langhammer 9f8fb7378a add audience field, switch base processor, better handle processor loading failure 2019-04-18 11:30:21 +02:00
Jens Langhammer 98cd646044 remove unneeded processors 2019-04-18 11:09:12 +02:00
Jens Langhammer 53918462b6 new release: 0.1.33-beta 2019-04-18 10:28:12 +02:00
Jens Langhammer 8e5c3f2f31 remove unused import 2019-04-17 17:53:45 +02:00
Jens Langhammer 5a3b2fdd49 add Rancher SAML processor 2019-04-17 17:53:15 +02:00
Jens Langhammer e47b9f0d57 fix SAML Request not being parsed all the time 2019-04-17 17:53:05 +02:00
Jens Langhammer 146dd747f1 fix EntityID being None in SAML Metadata 2019-04-17 17:52:24 +02:00
Jens Langhammer f2ce56063b bump version: 0.1.31-beta -> 0.1.32-beta 2019-04-17 14:27:41 +02:00
Jens Langhammer 9072b836c6 automatically add response_type if not given in OAuth Request 2019-04-17 14:25:51 +02:00
Jens Langhammer 2fa57d064e bump version: 0.1.30-beta -> 0.1.31-beta 2019-04-13 17:58:09 +02:00
Jens Langhammer e7129d18f6 fix inconsistent migrations 2019-04-13 17:52:11 +02:00
Jens Langhammer d2bf9f81d6 remove raven middleware 2019-04-13 17:46:51 +02:00
Jens Langhammer 30acf0660b Merge branch 'master' into 37-guardian 2019-04-13 17:43:02 +02:00
Jens Langhammer dda41af5c8 remove logging to increase speed, add more caching to policy and rewriter 2019-04-13 17:22:03 +02:00
Jens Langhammer 9b5b03647b move actual proxying logic to separate class 2019-04-13 16:05:11 +02:00
Jens Langhammer 940b3eb943 move logging to separate thread 2019-04-13 16:04:48 +02:00
Jens Langhammer 16eb629b71 only enable sentry when not DEBUG 2019-04-11 15:30:42 +02:00
Jens Langhammer 755045b226 try to fix app_gw being null 2019-04-11 15:30:07 +02:00
Jens Langhammer 61478db94e use global urllib Pools 2019-04-11 15:29:35 +02:00
Jens Langhammer f69f959bdb allow setting authentication_header to empty string (disabling the header) 2019-04-11 15:29:01 +02:00
Jens Langhammer 146edb45d4 bump version: 0.1.29-beta -> 0.1.30-beta 2019-04-11 14:22:34 +02:00
Jens Langhammer 045a802365 don't use context manager in web command 2019-04-11 14:22:32 +02:00
Jens Langhammer c90d8ddcff bump version: 0.1.28-beta -> 0.1.29-beta 2019-04-11 14:03:08 +02:00
Jens Langhammer a3ef26b7ad Run collectstatic before coverage, use autoreload on celery worker 2019-04-11 13:54:11 +02:00
Jens Langhammer 19cd1624c1 replace cherrypy with daphne 2019-04-11 13:43:49 +02:00
Jens Langhammer 366ef352c6 switch to whitenoise for static files 2019-04-11 13:43:08 +02:00
Jens Langhammer a1a5223b58 bump version: 0.1.27-beta -> 0.1.28-beta 2019-04-11 10:48:31 +02:00
Jens Langhammer b369eb28f1 set default log level to warn, fix clean_nonces not working 2019-04-11 10:43:13 +02:00
Jens Langhammer 9b8f390e31 Merge branch '38-websocket-proxying' into 'master'
Resolve "Websocket Proxying"

Closes #38

See merge request BeryJu.org/passbook!24
2019-04-10 20:42:24 +00:00
Jens Langhammer 11630c9a74 switch kubernetes deployment to daphne server 2019-04-10 22:38:25 +02:00
Jens Langhammer c9ac10f6f6 Implement websocket proxy 2019-04-10 19:03:42 +02:00
Jens Langhammer 04d613cb28 Move code from django-revproxy to app_gw to fix cookie bug 2019-04-10 19:03:22 +02:00
Jens Langhammer 40866f9ecd Choose upstream more cleverly 2019-04-10 18:49:33 +02:00
Jens Langhammer d8585eb872 trigger autoreload from config files 2019-04-10 18:48:55 +02:00
Jens Langhammer 15aaeda475 remove unused import 2019-04-10 18:47:21 +02:00
Jens Langhammer 8536ef9e23 Add guardian for Application permissions 2019-04-10 18:46:33 +02:00
Jens Langhammer 35b6bb6b3f fix failing CI 2019-04-09 17:26:53 +02:00
Jens Langhammer eaa573c715 fully remove raven and switch WSGI and logging to sentry_sdk 2019-04-05 16:11:53 +02:00
Jens Langhammer 660972e303 add ability to have non-expiring nonces, clean up expired nonces 2019-04-04 21:49:10 +02:00
Jens Langhammer a21012bf0c switch from raven to sentry_sdk 2019-04-04 21:48:50 +02:00
Jens Langhammer 80049413f0 bump version: 0.1.26-beta -> 0.1.27-beta 2019-03-22 14:51:13 +01:00
Jens Langhammer 2739442d4a prepare 0.1.27 2019-03-22 14:51:09 +01:00
Jens Langhammer c679f0a67c bump version: 0.1.25-beta -> 0.1.26-beta 2019-03-22 12:48:00 +01:00
Jens Langhammer 4d6bb60134 add custom template views 2019-03-22 12:16:30 +01:00
Jens Langhammer 81ac951872 validate upstream in form 2019-03-22 10:55:26 +01:00
Jens Langhammer f33e553cfd always parse url instead of once 2019-03-22 10:55:04 +01:00
Jens Langhammer 9b0240dc26 bump version: 0.1.24-beta -> 0.1.25-beta 2019-03-21 16:50:00 +01:00
Jens Langhammer c327310392 prepare 0.1.24-beta release 2019-03-21 16:49:57 +01:00
Jens Langhammer 7e87bfef5b validate server_name in form 2019-03-21 16:36:38 +01:00
Jens Langhammer a7af5268de Invalidate cache when ApplicationGateway instance is saved 2019-03-21 16:27:37 +01:00
Jens Langhammer 6d916029bb implement actual Rewriting logic 2019-03-21 16:22:07 +01:00
Jens Langhammer 81fdcbadad add compiled regex to RewriteRule 2019-03-21 16:21:51 +01:00
Jens Langhammer ec1e25fe71 cleanup property_mapping list 2019-03-21 16:21:11 +01:00
Jens Langhammer b5306e4a94 Redirect to login on reverse proxy 2019-03-21 15:15:01 +01:00
Jens Langhammer 801b8a1e59 prevent ZeroDivisionError 2019-03-21 15:05:04 +01:00
Jens Langhammer 3a52059793 cleanup post-migration mess 2019-03-21 15:02:33 +01:00
Jens Langhammer 10b7d99b37 Merge branch 'master' into 30-application-security-gateway
# Conflicts:
#	passbook/core/policies.py
#	passbook/core/settings.py
2019-03-21 14:58:10 +01:00
Jens Langhammer 6be8d0cbb2 Better handle policy timeouts 2019-03-21 14:53:57 +01:00
Jens Langhammer 5b8e3689ec Check for policies in app_gw 2019-03-21 14:53:47 +01:00
Jens Langhammer 25a5d8f5da Don't use LoginRequired for PermissionDenied View 2019-03-21 14:53:38 +01:00
Jens Langhammer 883d439544 add timeout field to policy to prevent stuck policies 2019-03-21 14:48:51 +01:00
Jens Langhammer 29913773a7 invalidate cache when policy is saved 2019-03-21 11:29:11 +01:00
Jens Langhammer 0bc6a4fed4 explicitly use redis db 2019-03-21 11:28:57 +01:00
Jens Langhammer 4645d8353f utilise cache in PolicyEngine 2019-03-21 11:08:32 +01:00
Jens Langhammer 260c5555fa add redis dependency back in for caching 2019-03-21 11:08:08 +01:00
Jens Langhammer 6f7b917c38 bump version: 0.1.23-beta -> 0.1.24-beta 2019-03-20 23:00:33 +01:00
Jens Langhammer ae3d3d0295 fix TypeError: can only concatenate list (not "str") to list 2019-03-20 22:50:09 +01:00
Jens Langhammer c23ceacd0b initial implementation of reverse proxy, using django-revproxy from within a middleware
add new config entry "primary_domain" which is used to set the cookie domain
2019-03-20 22:42:47 +01:00
Jens Langhammer 5155204283 Merge branch '32-automatically-set-owner-field-when-creating-oauth-provider' into 'master'
Resolve "Automatically set owner field when creating OAuth Provider"

Closes #32

See merge request BeryJu.org/passbook!16
2019-03-20 21:20:54 +00:00
Jens Langhammer d6f9b2e47d remove user field from form. Closes #32 2019-03-20 20:09:27 +01:00
Jens Langhammer 67aa4aef11 add modal for OAuth Providers showing the URLs 2019-03-20 20:03:28 +01:00
Jens Langhammer 9e46c8bfec bump version: 0.1.22-beta -> 0.1.23-beta 2019-03-18 20:54:31 +01:00
Jens Langhammer fccc8f4959 set issuer to root address instead of well-known path 2019-03-18 20:42:32 +01:00
Jens Langhammer c9f73d718e start implementing openid connect discovery 2019-03-18 20:35:11 +01:00
Jens Langhammer bfa58be721 bump version: 0.1.21-beta -> 0.1.22-beta 2019-03-14 21:22:15 +01:00
Jens Langhammer 81ab9092fc Fix OAuth Client's disconnect view having invalid URL names 2019-03-14 21:19:14 +01:00
Jens Langhammer 29d5962c4c add Azure AD Source 2019-03-14 21:18:55 +01:00
Jens Langhammer 5c75339946 point to correct icons 2019-03-14 21:18:13 +01:00
Jens Langhammer 4774d9a46c fix delete form not working 2019-03-14 21:17:41 +01:00
Jens Langhammer dbe16ba4fd fix layout when on mobile viewport and scrolling 2019-03-14 21:17:28 +01:00
Jens Langhammer 6972cf00a0 move icons to single folder, cleanup 2019-03-14 21:17:07 +01:00
Jens Langhammer 0445be9712 fix missing debug template 2019-03-14 21:16:27 +01:00
Jens Langhammer 89dbdd9585 bump version: 0.1.20-beta -> 0.1.21-beta 2019-03-14 18:08:02 +01:00
Jens Langhammer 5f50fcfcf5 detect HTTPS from reverse proxy 2019-03-14 18:01:41 +01:00
Jens Langhammer 96be087221 add request debug view 2019-03-14 18:01:27 +01:00
Jens Langhammer a53a269a8c bump version: 0.1.19-beta -> 0.1.20-beta 2019-03-13 16:51:43 +01:00
Jens Langhammer ae3c092238 add user settings for Sources 2019-03-13 16:49:30 +01:00
Jens Langhammer e98e5e4e3e fix GitHub Pretend again 2019-03-13 15:52:05 +01:00
Jens Langhammer d50c7ec8d4 bump version: 0.1.18-beta -> 0.1.19-beta 2019-03-13 15:16:48 +01:00
Jens Langhammer 70c11c8988 fix GitHub Pretend throwing a 500 error 2019-03-13 15:12:13 +01:00
Jens Langhammer ae64024ef4 bump version: 0.1.17-beta -> 0.1.18-beta 2019-03-13 11:31:05 +01:00
Jens Langhammer 01b0eb159a fix Server Error when downloading metadata 2019-03-12 17:08:53 +01:00
Jens Langhammer 63aa48d981 bump version: 0.1.16-beta -> 0.1.17-beta 2019-03-12 15:55:18 +01:00
Jens Langhammer b2ac57bb67 switch to vertical navigation 2019-03-12 13:35:09 +01:00
Jens Langhammer 4c22e5c2c8 don't use celery heartbeat, use TCP keepalive instead 2019-03-12 13:34:54 +01:00
Jens Langhammer 4a7b0ec8a9 remove Application.user_is_authorized 2019-03-12 10:56:01 +01:00
Jens Langhammer 330118249e bump version: 0.1.15-beta -> 0.1.16-beta 2019-03-11 21:35:11 +01:00
Jens Langhammer 8d4dabde02 finalize RabbitMQ replacement, update debian package, remove redis tgz 2019-03-11 21:35:06 +01:00
Jens Langhammer cf7323c41b bump version: 0.1.14-beta -> 0.1.15-beta 2019-03-11 21:01:18 +01:00
Jens Langhammer edd856df7d redis -> rabbitmq 2019-03-11 20:46:19 +01:00
Jens Langhammer 5e35859db6 bump version: 0.1.13-beta -> 0.1.14-beta 2019-03-11 11:44:34 +01:00
Jens Langhammer acabb2df54 fix unittests 2019-03-11 11:44:12 +01:00
Jens Langhammer e6376a05f7 bump version: 0.1.12-beta -> 0.1.13-beta 2019-03-11 11:31:12 +01:00
Jens Langhammer e1f1f617b6 fix UserChangePasswordView not requiring Login 2019-03-11 11:25:59 +01:00
Jens Langhammer 7529b51358 Fix DoesNotExist error when running PolicyEngine against None user 2019-03-11 10:52:50 +01:00
Jens Langhammer c394066d99 bump version: 0.1.11-beta -> 0.1.12-beta 2019-03-11 09:51:00 +01:00
Jens Langhammer d408031304 fix OAuth Authorization View not requiring authentication 2019-03-11 09:48:36 +01:00
Jens Langhammer 501fed1922 rewrite PasswordFactor to use backends setting instead of trying all backends 2019-03-10 21:47:08 +01:00
Jens Langhammer ad8125ac1c bump version: 0.1.10-beta -> 0.1.11-beta 2019-03-10 19:56:30 +01:00
Jens Langhammer f7c0c0146a add LDAP Group Membership Policy 2019-03-10 19:45:16 +01:00
Jens Langhammer e4baf8c21e Add Group Member policy 2019-03-10 19:32:18 +01:00
Jens Langhammer 364f040b36 always use FilteredSelectMultiple for many-to-many fields 2019-03-10 18:34:09 +01:00
Jens Langhammer 2b8c2b2346 use Django's Admin FilteredSelectMultiple for Group Membership 2019-03-10 18:06:06 +01:00
Jens Langhammer 5f861189e4 Merge branch 'master' into 23-groups
# Conflicts:
#	passbook/admin/templates/administration/base.html
2019-03-10 17:13:29 +01:00
Jens Langhammer eebbae0677 bump version: 0.1.9-beta -> 0.1.10-beta 2019-03-10 15:54:50 +01:00
Jens Langhammer 0e425418df better show loading state when testing a policy 2019-03-10 15:46:49 +01:00
Jens Langhammer 7fe0300b86 Fix button on policy test page 2019-03-10 15:36:49 +01:00
Jens Langhammer a5dc193cfd bump version: 0.1.8-beta -> 0.1.9-beta 2019-03-10 12:17:48 +01:00
Jens Langhammer f1291fec8d add impersonation middleware, add to templates 2019-03-10 02:41:31 +01:00
Jens Langhammer 37aeeea239 slightly refactor Factor View, add more unittests 2019-03-10 02:08:09 +01:00
Jens Langhammer 0fa1fc86da add more Verbosity to PolicyEngine, rewrite SAML Authorisation check 2019-03-10 02:07:48 +01:00
Jens Langhammer c3034ab9ac consistently using PolicyEngine 2019-03-10 02:07:18 +01:00
Jens Langhammer 76694e037a bump version: 0.1.7-beta -> 0.1.8-beta 2019-03-08 21:43:35 +01:00
Jens Langhammer 787db41cc3 prepare for 0.1.7 2019-03-08 21:43:33 +01:00
Jens Langhammer 74da3df7cd bump version: 0.1.6-beta -> 0.1.7-beta 2019-03-08 21:37:59 +01:00
Jens Langhammer c313b496aa Improve access control for saml 2019-03-08 21:30:16 +01:00
Jens Langhammer a7eaa74191 fix MATCH_EXACT not working as intended 2019-03-08 21:20:38 +01:00
Jens Langhammer 11ecdc4fcf bump version: 0.1.5-beta -> 0.1.6-beta 2019-03-08 20:39:27 +01:00
Jens Langhammer 2f7781b67a fix captcha factor not loading keys from Factor class 2019-03-08 20:08:28 +01:00
Jens Langhammer 296d4f691a add passing property to PolicyEngine 2019-03-08 19:49:53 +01:00
Jens Langhammer 64033031b1 remove audit's login attempt 2019-03-08 19:45:50 +01:00
Jens Langhammer 9daff7608d fix password not getting set on user import 2019-03-08 19:45:41 +01:00
Jens Langhammer a54adb05c4 bump version: 0.1.4-beta -> 0.1.5-beta 2019-03-08 16:03:52 +01:00
Jens Langhammer 2d7e8f1b50 add group administration 2019-03-08 15:49:45 +01:00
Jens Langhammer cf11f6b121 format data before inserting it 2019-03-08 15:16:25 +01:00
Jens Langhammer 6dcdf7bcce add custom DynamicArrayField to better handle arrays 2019-03-08 15:11:01 +01:00
Jens Langhammer 56d872af15 add PropertyMapping Model, add Subclass for SAML, test with AWS 2019-03-08 12:47:50 +01:00
Jens Langhammer a7b86e46bc bump version: 0.1.3-beta -> 0.1.4-beta 2019-03-07 16:24:09 +01:00
Jens Langhammer 1232c487e9 bump version: 0.1.2-beta -> 0.1.3-beta 2019-03-07 16:13:05 +01:00
Jens Langhammer d7fd5a7fa6 Fix redis dependency being too old 2019-03-07 14:39:00 +01:00
Jens Langhammer 4439378fd4 bump version: 0.1.1-beta -> 0.1.2-beta 2019-03-07 14:14:51 +01:00
Jens Langhammer acf65eafdd make naming of Providers more consistent 2019-03-07 14:14:49 +01:00
Jens Langhammer c2ebff55ef fix IDP-initiated login not working 2019-03-07 14:10:06 +01:00
Jens Langhammer 99c82676b6 Add some more failsafe for administration 2019-03-07 14:09:52 +01:00
Jens Langhammer 4991e9b825 Merge branch '1-suspicious-request' into 'master'
fix broken E-Mail templatetag

Closes #1

See merge request BeryJu.org/passbook!5
2019-03-03 20:18:23 +00:00
Jens Langhammer 612f95c3ba fix broken E-Mail templatetag 2019-03-03 21:05:17 +01:00
Jens Langhammer cd91d5ca15 Merge branch '1-suspicious-request' into 'master'
Resolve "Suspicious request detector (many invalid logins from one IP, many attempts on one username, etc)"

Closes #1

See merge request BeryJu.org/passbook!3
2019-03-03 20:04:56 +00:00
Jens Langhammer c1640b9411 fix prospector/isort errors 2019-03-03 20:54:23 +01:00
Jens Langhammer a4842c1f95 add sentry configuration 2019-03-03 20:48:31 +01:00
Jens Langhammer a4707ddc54 fix failing unittests 2019-03-03 20:34:00 +01:00
Jens Langhammer fb82d56307 create suspicious request detector and policy, add request to policy engine 2019-03-03 20:26:25 +01:00
Jens Langhammer 1a1005f80d remove audit's LoginAttempt 2019-03-03 20:13:54 +01:00
Jens Langhammer e86cae6cac Merge branch '18-password-expiry' into 'master'
Resolve "Password Expiry"

Closes #18

See merge request BeryJu.org/passbook!2
2019-03-03 16:53:31 +00:00
Jens Langhammer 0b282f45e0 fix pylint messages 2019-03-03 17:45:20 +01:00
Jens Langhammer 791e88ffc1 Fix negate on FieldMatcherPolicy 2019-03-03 17:21:58 +01:00
Jens Langhammer 7bd3c4bccf Better handle Policy.action and Policy.negate 2019-03-03 17:12:53 +01:00
Jens Langhammer 722e2e4050 Show warning when un-attached policies exist 2019-03-03 17:12:35 +01:00
Jens Langhammer c7fc444c95 add password policy 2019-03-03 17:12:05 +01:00
Jens Langhammer 20ad062814 Log SAML Authorization actions 2019-03-03 00:34:34 +01:00
Jens Langhammer fcb5d36e07 cleanup SAML urls 2019-03-03 00:07:40 +01:00
Jens Langhammer 9b131b619f Show warning message when no Factor exists 2019-03-02 23:54:40 +01:00
Jens Langhammer 54427f7c68 use HTML5 autocomplete values to better handle password managers 2019-03-02 23:19:58 +01:00
Jens Langhammer 35eef9c28d improve worker warning 2019-03-02 22:41:25 +01:00
Jens Langhammer e88a82553d use separate Form for Admin user editing (allow is_staff and is_active) 2019-03-02 22:41:14 +01:00
Jens Langhammer 01a9520140 add import_users script to import users from CSV with already hashed passwords 2019-03-02 22:40:47 +01:00
Jens Langhammer c6721a83a4 bump version: 0.1.1-alpha -> 0.1.1-beta 2019-02-27 17:45:10 +01:00
Jens Langhammer 46866e8ef0 bump version: 0.1.0-beta -> 0.1.1-alpha 2019-02-27 17:43:28 +01:00
Jens Langhammer 4c3fced4e9 bump version: 0.1.0-alpha -> 0.1.0-beta 2019-02-27 16:45:52 +01:00
Jens Langhammer 172347d90f bump version: 0.0.13-alpha -> 0.1.0-alpha 2019-02-27 16:42:52 +01:00
Jens Langhammer f54520b5cf bump version: 0.0.12-alpha -> 0.0.13-alpha 2019-02-27 16:06:28 +01:00
Jens Langhammer d7c4697625 Only use one create template, get title from Form's Model 2019-02-27 16:06:20 +01:00
Jens Langhammer 5584f5bda8 switch to PolicyEngine everywhere 2019-02-27 15:49:20 +01:00
Jens Langhammer 2ce6f5a714 improve error display on forms 2019-02-27 15:49:05 +01:00
Jens Langhammer c66945623a Improve admin interface more (back links, better headlines) 2019-02-27 15:48:33 +01:00
Jens Langhammer cbae05c74c show more useful information on admin overview 2019-02-27 15:45:42 +01:00
Jens Langhammer 5b771da972 switch from first_name and last_name to name 2019-02-27 15:09:05 +01:00
Jens Langhammer 2db1738e4a make Admin UI more consistent, better show when provider has no application assigned 2019-02-27 14:47:11 +01:00
Jens Langhammer 95de6a14fd bump version: 0.0.11-alpha -> 0.0.12-alpha 2019-02-27 13:18:28 +01:00
Jens Langhammer 17132ebc19 Verify OAuth Username vuln and fix closes #9 2019-02-27 13:18:16 +01:00
Jens Langhammer 289be46388 fix SAML Views not having LoginRequiredMixin 2019-02-27 12:36:18 +01:00
Jens Langhammer 6c300b7b31 autofocus password field 2019-02-27 12:35:57 +01:00
Jens Langhammer b726583084 Keep GET parameters throughout entire login process 2019-02-27 12:35:48 +01:00
Jens Langhammer 48055d1cfd fix CSRF Bug in SAML 2019-02-27 11:20:52 +01:00
Jens Langhammer e7a02104db fix display on mobile 2019-02-27 09:33:12 +01:00
Jens Langhammer 556740d7bc add PasswordPolicyForm back in 2019-02-26 15:41:11 +01:00
Jens Langhammer 421f51770c implement password policy checking on signup and password change closes #8 2019-02-26 15:40:58 +01:00
Jens Langhammer 96f7e70f9e enable always_eager when unittesting 2019-02-26 14:24:50 +01:00
Jens Langhammer ad96f7dbb8 add E-Mail support via celery task, untested, closes #17 2019-02-26 14:10:53 +01:00
Jens Langhammer e7fb48eba2 bump version: 0.0.10-alpha -> 0.0.11-alpha 2019-02-26 13:06:26 +01:00
Jens Langhammer b19b5b644d remove hardcoded passwords 2019-02-26 13:06:22 +01:00
Jens Langhammer 250b6691d4 bump version: 0.0.9-alpha -> 0.0.10-alpha 2019-02-26 12:44:02 +01:00
Jens Langhammer e3b02a6e78 fix isort/pylint issues 2019-02-26 12:43:59 +01:00
Jens Langhammer e94ef34d8f bump version: 0.0.8-alpha -> 0.0.9-alpha 2019-02-26 12:35:28 +01:00
Jens Langhammer 49e945307a Re-enable OTP Disable View 2019-02-26 12:35:24 +01:00
Jens Langhammer edfe0e5450 fix broken Docker build and helm package 2019-02-26 12:34:51 +01:00
Jens Langhammer 06b65a7882 add unittests, woo 2019-02-26 10:57:05 +01:00
Jens Langhammer ff9bc8aa70 Automatically create PasswordFactor on initial setup closes #16 2019-02-26 09:54:51 +01:00
Jens Langhammer 28da67abe6 Improve partially broken Delete Views, show success message on deletion 2019-02-26 09:49:42 +01:00
Jens Langhammer 39d9fe9bf0 add passbook.pretend to use passbook in applications which don't support generic OAuth 2019-02-26 09:10:37 +01:00
Jens Langhammer 750117b0fd Cleanup templates, handle OAuth Provider without application better 2019-02-26 09:09:19 +01:00
Jens Langhammer 983462f80d user/ -> _/user/ to prevent duplicate URLs 2019-02-26 09:08:49 +01:00
Jens Langhammer 4ae31d409b directly use paths instead of including oauth2_provider's 2019-02-26 09:08:22 +01:00
Jens Langhammer 98b414f3e2
add SignUp Confirmation (required by default, can be disabled in invitations) closes #6 2019-02-25 21:03:24 +01:00
Jens Langhammer a0d42092e3
add Nonce (one-time links), add password reset function (missing e-mail verification), closes #7 2019-02-25 20:46:23 +01:00
Jens Langhammer f2569b6424
improve placeholder on login template 2019-02-25 19:43:33 +01:00
Jens Langhammer 9d344d887c add more information to administrator Overview 2019-02-25 17:52:51 +01:00
Jens Langhammer 7e9154a0ea bump version: 0.0.7-alpha -> 0.0.8-alpha 2019-02-25 17:39:39 +01:00
Jens Langhammer e0ef061771 fix pylint errors.... 2019-02-25 17:32:52 +01:00
Jens Langhammer b8694a7ade fix bandit error (SHA1 has to be used) 2019-02-25 17:23:42 +01:00
Jens Langhammer 10d6a30f2c add experimental HaveIBeenPwned Password Policy 2019-02-25 17:21:56 +01:00
Jens Langhammer 8c94aef6d0 add stub test so coverage doesn't crash 2019-02-25 17:21:06 +01:00
Jens Langhammer 8611ac624c Make links on admin overview site actually useful 2019-02-25 17:11:52 +01:00
Jens Langhammer fa93b59a8c switch to toast notifications everywhere 2019-02-25 16:41:53 +01:00
Jens Langhammer 8b66b40f0d move forgot password to PasswordFactor 2019-02-25 16:41:33 +01:00
Jens Langhammer c2756f15fc Correctly display action on Create/Update templates 2019-02-25 16:40:46 +01:00
Jens Langhammer 408e205c5f add signal for password change, add field for password policies 2019-02-25 15:41:36 +01:00
Jens Langhammer 5f3ab49535 fix bug when Empty username is given to LoginAttempt.attempt 2019-02-25 14:10:29 +01:00
Jens Langhammer 33431ae013 improve OAuth Source Setup process, fix login template, closes #3 2019-02-25 14:10:10 +01:00
Jens Langhammer b40ac6dc5d more Icons cause everyone loves icons 2019-02-25 13:31:11 +01:00
Jens Langhammer fec9b5cf94 bump version: 0.0.6-alpha -> 0.0.7-alpha 2019-02-25 13:20:12 +01:00
Jens Langhammer 986fed3e7c add hook for Factors to show user settings. closes #5 2019-02-25 13:20:07 +01:00
Jens Langhammer da5568b571 cleanup, fix Permission Denied when Cancelling login, fix display of messages on login template 2019-02-25 13:02:50 +01:00
Jens Langhammer bb81bb5a8d totp => otp, integrate with factors, new setup form 2019-02-25 12:29:40 +01:00
Jens Langhammer 9c2cfd7db4 use Inheritance for Factors instead of JSONField 2019-02-24 22:39:09 +01:00
Jens Langhammer 292fbecca0 add password change view 2019-02-23 20:56:41 +01:00
Jens Langhammer e5a405bf43 Register applications with Branded name for UI Dropdown 2019-02-23 20:42:14 +01:00
Jens Langhammer 66c0fc9d9a Move factor base template to form_with_user 2019-02-23 20:41:43 +01:00
Jens Langhammer 5fa8711bfa change hostname to localhost for k8s CI 2019-02-21 17:04:46 +01:00
Jens Langhammer dd9cd7aa0c automatically fill slug field while typing 2019-02-21 17:01:12 +01:00
Jens Langhammer 8bc8765035 use postgres service for CI 2019-02-21 16:50:36 +01:00
Jens Langhammer b7ac4f1dd2 add psycopg2 as dependency 2019-02-21 16:30:56 +01:00
Jens Langhammer 183308e444 fix Contains not working correctly 2019-02-21 16:21:45 +01:00
Jens Langhammer c941107d42 Rules -> Policies, more things 2019-02-21 16:06:57 +01:00
Jens Langhammer d3d75737ed switch to drf_yasg 2019-02-21 16:05:59 +01:00
Jens Langhammer 7601351f51 add help texts to explain naming 2019-02-16 11:25:53 +01:00
Jens Langhammer df45797b4a fix inconsistent naming again 2019-02-16 11:13:00 +01:00
Jens Langhammer 744a320731 fix inconsistent naming 2019-02-16 10:59:23 +01:00
Jens Langhammer 89722336e3 fix duplicate Class naming 2019-02-16 10:54:15 +01:00
Jens Langhammer d6f4832e90 Rule -> Policies 2019-02-16 10:24:31 +01:00
Jens Langhammer d32699b332 remove reversion 2019-02-16 09:53:32 +01:00
Jens Langhammer 59a15c988f Move Factor instances to database 2019-02-16 09:52:37 +01:00
Jens Langhammer 6649eb401e bump version: 0.0.5-alpha -> 0.0.6-alpha 2019-02-13 16:41:59 +01:00
Jens Langhammer b657d7319d fix failing docker build and failing helm packaging 2019-02-13 16:41:51 +01:00
Jens Langhammer a9d29067bf bump version: 0.0.4-alpha -> 0.0.5-alpha 2019-02-11 18:01:45 +01:00
Jens Langhammer b4cb157257 bump version: 0.0.3-alpha -> 0.0.4-alpha 2019-02-11 17:44:42 +01:00
Jens Langhammer d5ab20ee12 fix coverage failing 2019-02-11 17:36:36 +01:00
Jens Langhammer 0e73702fca add PasswordPolicyRule (not used yet) 2019-02-10 20:09:47 +01:00
Jens Langhammer 58ebd15ada fix mismatched Version numbers and missing verbose_names 2019-02-10 20:08:29 +01:00
Jens Langhammer 1a998e5020 bump version: 0.0.2-alpha -> 0.0.3-alpha 2019-02-08 15:19:31 +01:00
Jens Langhammer d8eb926a76 fix migration import order 2019-02-08 15:19:29 +01:00
Jens Langhammer 4459f9c529 bump version: 0.0.1-alpha -> 0.0.2-alpha 2019-02-08 15:09:22 +01:00
Jens Langhammer 648f614a1a redo migrations, cleanup 2019-02-08 14:57:59 +01:00
Jens Langhammer 26a23a448d
admin: fix requirements not being installed 2018-12-27 12:36:30 +01:00
Jens Langhammer d4a6e28fe6
core: add custom group model with hierarchy , add tree admin 2018-12-27 00:38:42 +01:00
Jens Langhammer ebda84bcaf
saml_idp: cleanup, fix XML signing 2018-12-26 21:56:08 +01:00
Jens Langhammer aa7e3c2a15
saml_idp: cleanup settings, add was processor 2018-12-26 21:55:37 +01:00
Jens Langhammer 0c9a00acbe
admin: only add link if function returns not None 2018-12-26 21:55:14 +01:00
Jens Langhammer 4d5f688a44
saml_idp: fix bandit issues 2018-12-26 17:26:17 +01:00
Jens Langhammer 60d4a30992
saml_idp: cleanup urls, codex -> utils, remove registry 2018-12-26 17:21:20 +01:00
Jens Langhammer 2eae37107d
core: add slug to application 2018-12-26 17:17:39 +01:00
Jens Langhammer 7178468135
admin: add support for extra links 2018-12-26 17:17:24 +01:00
Jens Langhammer 70afabec7e
Switch to explicit AppConfig declaration 2018-12-26 14:32:33 +01:00
Jens Langhammer 856687475d core: show text if no applications are defined 2018-12-19 10:17:30 +01:00
Jens Langhammer af77a768fb core: only show Admin menu if user is admin 2018-12-19 10:17:17 +01:00
Jens Langhammer 85468f386e audit: fix usage of timezone-naive date-time 2018-12-19 10:16:52 +01:00
Jens Langhammer 9abcc8852d core: add more logging 2018-12-18 15:35:30 +01:00
Jens Langhammer 2e4a0297a4 audit: add basic login attempt tracking 2018-12-18 15:35:23 +01:00
Jens Langhammer 0c53a95b06 core: mfa cleanup session after successful login 2018-12-18 15:34:26 +01:00
Jens Langhammer c140c6f524 core: better handle MFA BackendFactor failures 2018-12-18 15:34:15 +01:00
Jens Langhammer f26962268e core: fix error display on login form 2018-12-18 15:33:52 +01:00
Jens Langhammer 1d4f49d269 core: fix invalid mfa-denied URL declaration 2018-12-18 15:33:06 +01:00
Jens Langhammer d729dc45d5 lib: enable email as uid field by default 2018-12-18 15:32:52 +01:00
Jens Langhammer b718be6593 Audit: fix invalid signal signature 2018-12-18 13:27:01 +01:00
Jens Langhammer 5f9befb5ee core: load db from yml 2018-12-18 13:26:47 +01:00
Jens Langhammer 8383df2441 core: add temporary login form with support for sources 2018-12-18 13:26:14 +01:00
Jens Langhammer b0fa302718 core: add is_link and get_url property to base Source 2018-12-18 13:24:58 +01:00
Jens Langhammer f6c5f10d65 oauth_client: cleanup 2018-12-18 13:24:26 +01:00
Jens Langhammer 76d70ed3b0 core: slightly adjust login form 2018-12-18 10:40:59 +01:00
Jens Langhammer 65bdca30ae oauth_client: add separate forms for Provider Types 2018-12-18 10:40:46 +01:00
Jens Langhammer 8d5abeaede saml_idp: fix open todos 2018-12-17 11:52:02 +01:00
Jens Langhammer 764282ea9e
saml_idp: Rewrite to CBV 2018-12-16 17:09:26 +01:00
Jens Langhammer 7a62bf9829
oauth_provider: log authorisation to audit 2018-12-16 17:09:14 +01:00
Jens Langhammer 9e289e9937
core: add about modal 2018-12-16 16:02:03 +01:00
Jens Langhammer 9117e09f1c
core: update brand 2018-12-16 15:43:23 +01:00
Jens Langhammer 5c56888451 saml_idp: fix recursive import 2018-12-14 15:44:46 +01:00
Jens Langhammer 625835a266 saml_idp: start rewriting to use DB Certs 2018-12-14 15:30:11 +01:00
Jens Langhammer e81f525cea core,oauth_provider: cleanup templates, add MFA error view 2018-12-14 15:18:02 +01:00
Jens Langhammer 6314ffab46 admin: fix import errors 2018-12-14 14:33:15 +01:00
Jens Langhammer 25fbadc813 admin: add basic user admin 2018-12-14 14:24:04 +01:00
Jens Langhammer 196be4b3b0 Add captcha_factor 2018-12-14 13:51:12 +01:00
Jens Langhammer c4cd602fcb core: cleanup templates, add template for backend authentication 2018-12-14 13:50:58 +01:00
Jens Langhammer a373054e90 admin: add basic audit display 2018-12-14 10:28:37 +01:00
Jens Langhammer 258d59ef1b totp: fix invalid settings 2018-12-14 10:28:25 +01:00
Jens Langhammer fbf58801ec totp: rename tfa to totp 2018-12-14 10:09:57 +01:00
Jens Langhammer 52d1920914 core: fix mfa, split up into multiple files, move factors to settings 2018-12-14 09:49:34 +01:00
Jens Langhammer 83ed1d857b core: implement new mfa authentication 2018-12-13 18:02:08 +01:00
Jens Langhammer 32a73cbbf3 audit: add created field 2018-12-13 18:01:45 +01:00
Jens Langhammer 3267d7fb99 core: shrink login wallpaper 2018-12-13 18:01:21 +01:00
Jens Langhammer 2e2752c2e2 core: fix url being active in navbar 2018-12-11 15:30:15 +01:00
Jens Langhammer 26618afb5a core: add generic error view 2018-12-11 15:29:58 +01:00
Jens Langhammer d77bbd2120 saml_idp: fix form path 2018-12-10 16:58:48 +01:00
Jens Langhammer 71f41e655f core: add user settings and user delete 2018-12-10 16:58:35 +01:00
Jens Langhammer 276c6fb297 admin: send invitation signal 2018-12-10 16:54:28 +01:00
Jens Langhammer 85a2280eaf core; fix variable being shadowed 2018-12-10 15:42:13 +01:00
Jens Langhammer bba10c6db4 core: set request.user after signup for audit 2018-12-10 15:28:08 +01:00
Jens Langhammer 564483cab8 core: prevent duplicate fixed_username/email 2018-12-10 15:27:55 +01:00
Jens Langhammer 4111ca96a7 admin: fix form error display 2018-12-10 15:27:01 +01:00
Jens Langhammer 111b0ec4fb core: make SignUpForm’s fields readonly if there is an initial value 2018-12-10 15:26:53 +01:00
Jens Langhammer 7f2bae4c2c admin: link to invitation on list 2018-12-10 15:26:28 +01:00
Jens Langhammer d0099edac4 all: fully switch to Invitation 2018-12-10 14:49:15 +01:00
Jens Langhammer 57f285ae54 admin: set invitation’s created_by properly, remove edit of invite 2018-12-10 14:38:44 +01:00
Jens Langhammer 6bcb5ef8ef Fix bandit and prospector errors 2018-12-10 14:26:10 +01:00
Jens Langhammer 545795ebc6 all: invites -> invitations 2018-12-10 14:21:42 +01:00
Jens Langhammer 89c2b8d49c admin: add invite administration 2018-12-10 14:13:18 +01:00
Jens Langhammer 64c8458c90 core: properly handle invites; audit: log invite creation and usage 2018-12-10 14:05:27 +01:00
Jens Langhammer 274c9daded core: switch to dynamic login form 2018-12-10 13:51:50 +01:00
Jens Langhammer 2a500b3e4a core: add placeholders for forms, add sign-up view 2018-12-10 13:51:38 +01:00
Jens Langhammer cc12f1d8b3 Fix import order 2018-12-10 13:51:16 +01:00
Jens Langhammer 4b25924274 core: add invite model for sign-up 2018-12-10 13:48:22 +01:00
Jens Langhammer a63f2be999 Audit: implement logging of basic events like login, logout, failed login 2018-12-10 13:47:51 +01:00
Jens Langhammer 633660c602 core: make FieldMatcherRule’s user_field into dropdown 2018-12-10 11:15:53 +01:00
Jens Langhammer 19a8ecb55a core: show applications on overview page 2018-12-10 10:50:19 +01:00
Jens Langhammer 1a8f3fb18a Cleanup migrations (again) 2018-12-10 10:49:50 +01:00
Jens Langhammer 9cccc0a757
saml_idp: Add Certificate, Key and other settings to DB 2018-12-09 23:06:14 +01:00
Jens Langhammer dae5fc6265
core: cleanup provider select 2018-12-09 23:05:55 +01:00
Jens Langhammer 43fe9e062d
core: add static root 2018-12-09 22:12:41 +01:00
Jens Langhammer 57f01952bd
core: fix bandit issues 2018-12-09 21:20:34 +01:00
Jens Langhammer bc691f4f4c
ci: fix dependencies 2018-12-09 21:11:43 +01:00
Jens Langhammer 0754b07765
core: cleanup 2018-12-09 21:07:38 +01:00
Jens Langhammer e7f7a3127c
core: add loading view for authorisation views 2018-12-09 21:07:18 +01:00
Jens Langhammer db3ae58a21
core: switch to different cookie names 2018-12-09 21:06:36 +01:00
Jens Langhammer 60b1c1b493
core: add DebugRule which takes random amount of time to process 2018-12-09 21:06:21 +01:00
Jens Langhammer af3df16b90
core: add uuid to user, use as sub for OpenID 2018-12-09 21:05:25 +01:00
Jens Langhammer 1ab445ab8e
admin: fix provider table breaking 2018-12-09 21:04:57 +01:00
Jens Langhammer 10bb06cc7e
Add bandit to CI 2018-12-09 17:44:54 +01:00
Jens Langhammer f4c5ba27cc disable pymysql import 2018-12-09 17:41:25 +01:00
Jens Langhammer 4b3959787e admin: update list templates to show buttons in one column 2018-11-30 15:50:45 +01:00
Jens Langhammer 520e991393 admin: add view to test rules 2018-11-30 15:50:27 +01:00
Jens Langhammer 0ce242e956 core: fix rule engine not working 2018-11-30 14:33:33 +01:00
Jens Langhammer b5ed371575 core: add basic rule engine, needs celery debugging 2018-11-28 14:01:59 +01:00
Jens Langhammer 62ee5db752 core: Remove AppTask Inheritance from Models 2018-11-28 14:01:46 +01:00
Jens Langhammer bc65fae4b2 Admin: remove .cast() calls and replace with select_subclasses() 2018-11-28 14:01:18 +01:00
Jens Langhammer 005d0f1c8f core: fix prospector error 2018-11-27 16:38:34 +01:00
Jens Langhammer a4046ea264 Add missing PyMySQL to requirements 2018-11-27 16:35:37 +01:00
Jens Langhammer 65f34ece8b core: add celery and redis to requirements 2018-11-27 16:30:42 +01:00
Jens Langhammer 731b745d0c core: switch role evaluating to celery worker 2018-11-27 16:23:29 +01:00
Jens Langhammer 4b047802c0 core: Add Webhook Rule 2018-11-27 16:23:04 +01:00
Jens Langhammer cde35515c7 Fix prospector errors and move secret_key to yaml config 2018-11-27 10:56:40 +01:00
Jens Langhammer c0c51981ba admin: add provider admin 2018-11-26 22:40:10 +01:00
Jens Langhammer 755997a9c7 admin: add generic create and delete template 2018-11-26 22:30:14 +01:00
Jens Langhammer 5c5c865c0b admin: add ?back to everything 2018-11-26 22:29:59 +01:00
Jens Langhammer b656cd1139 admin: add source admin 2018-11-26 22:09:04 +01:00
Jens Langhammer caf6580ccb Admin: add rule admin 2018-11-26 22:08:48 +01:00
Jens Langhammer 2aa12801a8 admin: add application admin 2018-11-26 22:08:18 +01:00
Jens Langhammer c507e310b5 switch to self-rendered forms 2018-11-26 22:07:40 +01:00
Jens Langhammer 225dc112e7 ldap: add Source Creation form 2018-11-26 18:22:38 +01:00
Jens Langhammer 08a5c98823 admin: fix source creation view 2018-11-26 18:22:22 +01:00
Jens Langhammer 6c0e7b9741 ldap: rewrite Connector to use Source DB Entries 2018-11-26 18:12:04 +01:00
Jens Langhammer 98e10a1ca9 Move LDAP Source to DB 2018-11-26 17:18:56 +01:00
Jens Langhammer 15ed14046e Fixup verbose names 2018-11-26 17:17:32 +01:00
Jens Langhammer ca80ebc0cc use logo on favicon and login 2018-11-26 17:17:04 +01:00
Jens Langhammer 15c624b16f Add better logo 2018-11-26 17:16:47 +01:00
Jens Langhammer 4eb105eace
oauth_provider: rewrite view to check for access 2018-11-25 20:39:09 +01:00
Jens Langhammer 6c4e3fde6e
core: add order to rule 2018-11-25 20:38:49 +01:00
Jens Langhammer 1039555113
core: change provider to one-to-one field 2018-11-25 20:38:37 +01:00
Jens Langhammer 76a43a7818
Fix oauth2 authorisation form not working 2018-11-25 12:31:55 +01:00
Jens Langhammer 9967319294
always send email with OpenID userinfo 2018-11-25 12:31:21 +01:00
Jens Langhammer 2a3107ea3c
Rebuild migrations again 2018-11-25 12:31:11 +01:00
Jens Langhammer 28557806c5
Fix some settings not being overwritten 2018-11-24 22:27:02 +01:00
Jens Langhammer cb46c70670
Rewrite OAuth Provider Models again 2018-11-24 22:26:53 +01:00
Jens Langhammer 32945250b6
Move skip_authorization to base Provider 2018-11-24 22:26:28 +01:00
Jens Langhammer f298c42adc
Add OpenID API 2018-11-24 22:24:11 +01:00
Jens Langhammer d0a7bf5ecc Add api and audit structure 2018-11-23 17:05:41 +01:00
Jens Langhammer 00cf64ef31 add logout view 2018-11-23 09:44:30 +01:00
Jens Langhammer e9e6f632e3 Fix message icons and show messages on login view 2018-11-23 09:44:22 +01:00
Jens Langhammer 095a5c0268 core: add basic model against which rules can be checked 2018-11-22 13:12:59 +01:00
Jens Langhammer 849f9c9251 lib: add ifapp-like function 2018-11-22 13:12:36 +01:00
Jens Langhammer 20752b4382 oauth_client: add form, cleanup views 2018-11-22 13:12:24 +01:00
Jens Langhammer 6748241905 *: redo migrations again 2018-11-22 13:12:07 +01:00
Jens Langhammer e44f6cff7e admin: add source delete view 2018-11-22 13:11:46 +01:00
Jens Langhammer 61b79e90e5 passbook: implement dynamic URL loading 2018-11-22 10:28:13 +01:00
Jens Langhammer b5bc371a04 code is now clean but still not working 2018-11-16 13:08:37 +01:00
Jens Langhammer c1276e9695 redo models again 2018-11-16 11:41:14 +01:00
Jens Langhammer de7a2fa034 add more info to admin overview 2018-11-16 11:40:24 +01:00
Jens Langhammer a2904d3ade more cleanup, remove supervisr imports 2018-11-16 10:08:15 +01:00
Jens Langhammer fbaab4efaf
Many broken things 2018-11-16 09:10:35 +01:00
Jens Langhammer 79490984d1
add lib 2018-11-14 19:14:14 +01:00
Jens Langhammer 5aa245cac0
add working oauth and ldap client 2018-11-11 13:41:48 +01:00