Jens Langhammer
e15f7d7f28
flows: fix potential open redirect vuln
2020-07-14 21:57:28 +02:00
Jens Langhammer
fbf9554a9e
flows: fix SESSION_KEY_GET being deleted too early
2020-07-14 21:42:47 +02:00
Jens Langhammer
b452e751ea
flows: add SESSION_KEY_APPLICATION_PRE
...
whenever a user tries to access an application without being authenticated to passbook, we now show notice which application they are going to continue to.
2020-07-12 22:47:46 +02:00
Jens Langhammer
4caa4be476
sources/oauth: fix UserOAuthSourceConnection not being assigned to user after enrollment
...
sources/oauth: separate handle_new_connection into handle_existing_user_link and handle_enroll
2020-07-10 00:07:59 +02:00
Jens Langhammer
9518cefdd7
flows: fix default-source-enrollment-if-username expression
2020-07-09 00:20:42 +02:00
Jens Langhammer
1524880eec
core: add generic login/base_full template for static login views
2020-07-08 14:17:29 +02:00
Jens Langhammer
429627494c
root: fix passbook.footer_links not being rendered
2020-07-08 13:18:33 +02:00
Jens Langhammer
9021bbd5de
root: implement APM support
2020-07-07 17:43:10 +02:00
Jens Langhammer
b26882a450
flows: FlowStageBinding group Stage by type
2020-07-04 15:02:21 +02:00
Jens Langhammer
d3b0992456
flows: FlowStageBinding: rename .flow to .target to fix select_subclasses()
2020-07-04 00:14:21 +02:00
Jens Langhammer
bead19c64c
flows: cleanup denied view, use everywhere
2020-07-02 13:48:42 +02:00
Jens Langhammer
9613fcde89
Squashed commit of the following:
...
commit 885a2ed057
Author: Jens Langhammer <jens.langhammer@beryju.org>
Date: Tue Jun 30 12:17:23 2020 +0200
flows: fix linting error
2020-06-30 12:18:01 +02:00
Jens Langhammer
b270fb0742
stages/otp_time: implement TOTP Setup stage
2020-06-30 12:14:40 +02:00
Jens Langhammer
285a69d91f
Merge branch 'master' into otp-rework
2020-06-30 11:23:09 +02:00
Jens Langhammer
de3b753a26
flows: show error message in flow when stage raises
2020-06-30 11:18:39 +02:00
Jens Langhammer
d33f632203
flows: add CancelView to cancel current flow execution
2020-06-30 00:11:01 +02:00
Jens Langhammer
920858ff72
Merge branch 'master' into otp-rework
...
# Conflicts:
# passbook/flows/models.py
# passbook/stages/otp/models.py
# swagger.yaml
2020-06-29 22:54:18 +02:00
Jens Langhammer
96a6ac85df
audit: add cleanse_dict function to ensure no passwords end in logs
2020-06-29 19:13:07 +02:00
Jens Langhammer
d6a8d8292d
core: UIUserSettings: remove icon, rename view_name to URL for complete URL
2020-06-29 16:20:33 +02:00
Jens Langhammer
ec823aebed
flows: update migrations to use update_or_create
2020-06-29 16:19:39 +02:00
Jens Langhammer
b8654c06bf
flows: remove generic "password change" designation and add setup_stage
2020-06-29 11:12:51 +02:00
Jens Langhammer
9d03c4c7d2
flows: Stage ui_user_settings -> staticmethod with context as argument
2020-06-28 10:31:26 +02:00
Jens Langhammer
57a7bed99d
sources/oauth: fix facebook provider
2020-06-25 10:24:53 +02:00
Jens Langhammer
9eaceb9ec6
e2e: add tests for SAML source
2020-06-24 23:24:45 +02:00
Jens Langhammer
de1be2df88
flows: save entire GET params from shell executor
2020-06-21 20:46:38 +02:00
Jens Langhammer
6122dcacc7
flows: fix flow cache not being cleared correctly when stages are saved
2020-06-21 12:40:01 +02:00
Jens Langhammer
68efcc7bf2
e2e: add custom testcase class to simplify code
2020-06-20 17:06:00 +02:00
Jens Langhammer
af8cdb34ee
*: fix not all migrations using db_alias
2020-06-19 20:43:27 +02:00
Jens Langhammer
03b1a67b44
flows: change wording of consent on flows
2020-06-19 20:33:41 +02:00
Jens Langhammer
73e7158178
e2e: add OIDC Provider test against grafana, more formatting, minor bug fixes
2020-06-19 19:45:27 +02:00
Jens Langhammer
c83216ece0
Merge branch 'master' into e2e
...
# Conflicts:
# Pipfile.lock
# docs/installation/docker-compose.md
2020-06-19 09:00:46 +02:00
Jens Langhammer
dab53cfd03
flows/executor: call plan.next before pop so we can save plan
...
ReevaluateMarker: use PolicyEngine without cache
2020-06-18 22:54:09 +02:00
Jens L
6a4086c490
flows: introduce FlowPlan markers, which indicate when a stage needs … ( #79 )
...
* flows: introduce FlowPlan markers, which indicate when a stage needs re-evaluation
Implement re_evaluate_policies
add unittests for several different scenarios
closes #78
* flows: move markers to separate files, cleanup formatting
* flows: fix self.next is not callable
2020-06-18 22:43:51 +02:00
Jens Langhammer
afc8baff5f
flows/shell: check for elements with autofocus attribute and call .focus();
...
closes #76
2020-06-18 19:09:12 +02:00
Jens Langhammer
ee8313142f
Merge branch 'docs-flows'
...
# Conflicts:
# passbook/core/templates/partials/form_horizontal.html
2020-06-08 15:43:46 +02:00
Jens Langhammer
fc2eb003ea
e2e: add apply_default_data to load data from migrations after tables have been truncated
2020-06-07 19:31:16 +02:00
Jens L
4915205678
WIP Use Flows for Sources and Providers ( #32 )
...
* core: start migrating to flows for authorisation
* sources/oauth: start type-hinting
* core: create default user
* core: only show user delete button if an unenrollment flow exists
* flows: Correctly check initial policies on flow with context
* policies: add more verbosity to engine
* sources/oauth: migrate to flows
* sources/oauth: fix typing errors
* flows: add more tests
* sources/oauth: start implementing unittests
* sources/ldap: add option to disable user sync, move connection init to model
* sources/ldap: re-add default PropertyMappings
* providers/saml: re-add default PropertyMappings
* admin: fix missing stage count
* stages/identification: fix sources not being shown
* crypto: fix being unable to save with private key
* crypto: re-add default self-signed keypair
* policies: rewrite cache_key to prevent wrong cache
* sources/saml: migrate to flows for auth and enrollment
* stages/consent: add new stage
* admin: fix PropertyMapping widget not rendering properly
* core: provider.authorization_flow is mandatory
* flows: add support for "autosubmit" attribute on form
* flows: add InMemoryStage for dynamic stages
* flows: optionally allow empty flows from FlowPlanner
* providers/saml: update to authorization_flow
* sources/*: fix flow executor URL
* flows: fix pylint error
* flows: wrap responses in JSON object to easily handle redirects
* flow: dont cache plan's context
* providers/oauth: rewrite OAuth2 Provider to use flows
* providers/*: update docstrings of models
* core: fix forms not passing help_text through safe
* flows: fix HttpResponses not being converted to JSON
* providers/oidc: rewrite to use flows
* flows: fix linting
2020-06-07 16:35:08 +02:00
Jens Langhammer
07da5f7122
Merge branch 'master' into docs-flows
2020-06-05 20:30:59 +02:00
Jens Langhammer
f91e02a0ec
flows: allow username for default flow
2020-06-05 20:30:47 +02:00
Jens Langhammer
9f3f34389e
root: update docs URL
2020-06-05 20:18:26 +02:00
Jens Langhammer
c4facd53b4
Merge branch 'master' into docs-flows
2020-06-02 20:25:43 +02:00
Jens Langhammer
3f92d1c420
flows: Correctly check initial policies on flow with context
...
# Conflicts:
# passbook/flows/planner.py
# passbook/flows/tests/test_planner.py
# passbook/flows/tests/test_views.py
# passbook/flows/views.py
2020-06-02 16:53:40 +02:00
Jens Langhammer
23193314f1
Merge branch 'master' into docs-flows
2020-06-02 15:20:24 +02:00
Jens Langhammer
4d1658b35e
stages/identification: explicitly define enrollment and recovery
2020-05-31 23:01:08 +02:00
Jens Langhammer
08302a04bf
docs: add docs for flows, start docs for stages
2020-05-30 22:36:01 +02:00
Jens Langhammer
b1b63fbb7f
stages/prompt: add prompt order field
2020-05-28 23:21:43 +02:00
Jens Langhammer
270739a45a
admin: fix policy testing form not showing the correct result
2020-05-28 21:50:43 +02:00
Jens L
df8995deed
policies/*: remove Policy.negate, order, timeout ( #39 )
...
policies: rewrite engine to use PolicyBinding for order/negate/timeout
policies: rewrite engine to use PolicyResult instead of tuple
2020-05-28 21:45:54 +02:00
Jens Langhammer
fdfc6472d2
admin: fixup some urls
2020-05-28 10:36:27 +02:00
Jens L
beabba2890
flows: Load Stages without refreshing the whole page ( #33 )
...
* flows: initial implementation of FlowExecutorShell
* flows: load messages dynamically upon card refresh
2020-05-24 00:57:25 +02:00
Jens Langhammer
0664f0b6b2
flows: add support for default_context, etc
...
default_context can be used to influence policies during the planning. This should be used when the Planner is called from other views to correctly preseed the plan.
This also checks if there is a PENDING_USER set, and uses that user for the cache key instead
2020-05-20 16:15:16 +02:00
Jens Langhammer
e08c5ff875
helm: fully remove domain, add log_level
2020-05-20 12:16:56 +02:00
Jens L
24a3e787dd
migrate to per-model UUID Primary key, remove UUIDModel ( #26 )
...
* *: migrate to per-model UUID Primary key, remove UUIDModel
* *: fix import order, fix unittests
2020-05-20 09:17:06 +02:00
Jens Langhammer
09ef58350c
flows: rename AuthenticationStage to StageView as its a general base view
2020-05-17 00:03:06 +02:00
Jens Langhammer
e68352b09c
admin: add flow-stage-bindings, add policy-bindings, add prompts
2020-05-16 19:55:59 +02:00
Jens Langhammer
7bd65120b9
*: migrate from PolicyModel to PolicyBindingModel, move Policy to passbook_policies
2020-05-16 18:07:00 +02:00
Jens Langhammer
406f69080b
Revert "*: providers and sources -> channels, PolicyModel to PolicyBindingModel that uses custom M2M through"
...
This reverts commit 7ed3ceb960
.
2020-05-16 16:02:42 +02:00
Jens Langhammer
7ed3ceb960
*: providers and sources -> channels, PolicyModel to PolicyBindingModel that uses custom M2M through
2020-05-16 14:03:57 +02:00
Jens Langhammer
a5319fc2fe
*: rename templatetags to clearly identify
2020-05-15 10:54:31 +02:00
Jens Langhammer
80c3246333
policies/expression: add pb_flow_plan variable
2020-05-13 18:44:36 +02:00
Jens Langhammer
c42ed6bc99
admin: sort types, minor fixups
2020-05-13 11:57:10 +02:00
Jens Langhammer
57fed2b92b
stages/user_delete: fix formatting
2020-05-12 15:23:17 +02:00
Jens Langhammer
e45b33c6c2
stages/user_delete: add user delete stage, remove view from core
2020-05-12 14:50:00 +02:00
Jens Langhammer
137e90355b
flows: default-auth -> default-authentication
2020-05-12 14:49:47 +02:00
Jens Langhammer
d49c58f326
flows: fix linting
2020-05-11 21:27:46 +02:00
Jens Langhammer
9814d3be03
flows: add Planner and Executor unittests
2020-05-11 15:01:14 +02:00
Jens Langhammer
6fd19c0a37
flows: add caching of plan, add planner unittests
2020-05-11 11:39:58 +02:00
Jens Langhammer
10cb412532
flows: fix linting of migrations
2020-05-11 09:08:15 +02:00
Jens Langhammer
e12780f78f
flows: add invalidation designation, use as default logout action
2020-05-11 01:12:57 +02:00
Jens Langhammer
69120da45c
core: remove redundant views/forms
2020-05-11 00:49:48 +02:00
Jens Langhammer
5b2bf7519a
stages/user_create -> user_write: Stage can create and update existing users
2020-05-10 23:38:15 +02:00
Jens Langhammer
d4f149bc02
stages/email: add form for sending email to prevent spam
...
stages/email: make token validity configurable
2020-05-10 20:50:27 +02:00
Jens Langhammer
99bab03cce
flows: add check if current plan matches current flow
2020-05-10 20:15:24 +02:00
Jens Langhammer
1d03b36750
stages/identification: show sign up url when related flow exists
2020-05-10 18:14:10 +02:00
Jens Langhammer
f111604b70
stages/login: -> stages/user_login: rename login to user_login for user_create stage
2020-05-10 16:20:44 +02:00
Jens Langhammer
fbc3ac6b30
flows: make FlowExecutor fully working without pending user
2020-05-10 15:28:52 +02:00
Jens Langhammer
9a700e506b
stages/identification: simplify unittests
2020-05-10 01:01:58 +02:00
Jens Langhammer
8e488670ad
stages/identification: load uid_fields from stage in form, add more unit tests
2020-05-10 00:05:36 +02:00
Jens Langhammer
fd5b2298e5
flows: fix unittests and migrations
2020-05-09 23:31:35 +02:00
Jens Langhammer
c46f0781fc
flows: separate final login step from flow executor
2020-05-09 23:19:36 +02:00
Jens Langhammer
0aad0604d8
stages/identification: migrate from core to separate stage
2020-05-09 21:31:29 +02:00
Jens Langhammer
8a6009c278
flows: enum to django TextChoices
2020-05-09 20:54:56 +02:00
Jens Langhammer
212e966dd4
factors: -> stage
2020-05-08 20:59:51 +02:00
Jens Langhammer
08c0eb2ec6
admin: add flows
2020-05-08 18:45:53 +02:00
Jens Langhammer
872ecd93a6
flows: add to api and add forms
2020-05-08 18:29:18 +02:00
Jens Langhammer
f8af9d6ce0
flows: make sure flow_slug is logged consistently
2020-05-08 17:18:43 +02:00
Jens Langhammer
c3e43a7c2f
flows: fix denied view not being registered
2020-05-08 16:50:50 +02:00
Jens Langhammer
273af0f1cb
core/auth: fix unittests for flows
2020-05-08 16:43:22 +02:00
Jens Langhammer
2a85e5ae87
flows: complete migration to FlowExecutorView, fully use context
2020-05-08 16:10:27 +02:00
Jens Langhammer
114bb1b0bd
flows: implement planner, start new executor
2020-05-08 14:33:14 +02:00
Jens Langhammer
5400882d78
flows/: more migration progress, consolidate views
2020-05-07 21:30:52 +02:00
Jens Langhammer
8de66b27ad
flows/*: Initial flows stage1 implementation
2020-05-07 20:51:06 +02:00