Jens Langhammer
|
b6d7847eae
|
providers/oauth2: fix token introspection view
|
2020-09-28 09:04:31 +02:00 |
Jens Langhammer
|
ad0d339794
|
flows: add benchmark command
|
2020-09-27 21:21:30 +02:00 |
Jens Langhammer
|
d74fa4abbf
|
admin: fix categories in sidebar being collapsible
|
2020-09-27 18:40:50 +02:00 |
Jens Langhammer
|
b24938fc6b
|
stages/consent: fix formatting
|
2020-09-26 21:06:01 +02:00 |
Jens Langhammer
|
ea1564548c
|
stages/consent: support pending_user from flow
|
2020-09-26 20:43:41 +02:00 |
Jens Langhammer
|
3663c3c8a1
|
sources/saml: cleanup SLO Implementation
|
2020-09-26 20:38:38 +02:00 |
Jens Langhammer
|
07e20a2950
|
core: add AuthJsonConsumer to handle websocket authentication
|
2020-09-26 20:11:04 +02:00 |
Jens Langhammer
|
6366d50a0e
|
core: show 'Create Application' button based on perms
|
2020-09-26 19:54:52 +02:00 |
Jens Langhammer
|
c3e64df95b
|
new release: 0.10.7-stable
|
2020-09-26 19:26:12 +02:00 |
Jens Langhammer
|
c1058c7438
|
e2e: fix formatting
|
2020-09-26 18:18:01 +02:00 |
Jens Langhammer
|
44b815efae
|
sources/oauth: fix data being sent in body and header for oauth1
|
2020-09-26 17:43:58 +02:00 |
Jens Langhammer
|
64a71a3663
|
flows: fix planner removing too many stages
|
2020-09-26 14:58:13 +02:00 |
Jens Langhammer
|
7aa89c6d4f
|
flows: fix formatting
|
2020-09-26 14:19:42 +02:00 |
Jens Langhammer
|
7e9d7e5198
|
flows: fix two stages being removed when reevaluate_marker was enabled
|
2020-09-26 14:13:10 +02:00 |
Jens Langhammer
|
2be6cd70d9
|
sources/oauth: fix handling of token for do_request
|
2020-09-26 14:00:48 +02:00 |
Jens Langhammer
|
2b9705b33c
|
policies/expression: remove pb_flow_plan, save flow context directly in context
|
2020-09-26 13:58:32 +02:00 |
Jens Langhammer
|
40f1de3b11
|
admin: load info about latest version in celery task
|
2020-09-26 02:16:35 +02:00 |
Jens Langhammer
|
899c5b63ea
|
admin: add BackSuccessUrlMixin to redirect to correct url after form edit
|
2020-09-26 02:04:16 +02:00 |
Jens Langhammer
|
e104c74761
|
admin: make pagination size configurable
|
2020-09-26 01:55:40 +02:00 |
Jens Langhammer
|
5d46c1ea5a
|
flows: improve strings, ensure default-source-enrollment's first stage has re_evaluate_policies
|
2020-09-26 01:37:54 +02:00 |
Jens Langhammer
|
7d533889bc
|
sources/oauth: fix OAuth1 not working, cleanup
|
2020-09-26 01:27:33 +02:00 |
Jens Langhammer
|
d9c2b32cba
|
sources/oauth: cleanup clients, add type annotations
|
2020-09-26 00:34:57 +02:00 |
Jens Langhammer
|
6e4ce8dbaa
|
core: cache user's is_superuser
|
2020-09-26 00:34:35 +02:00 |
Jens Langhammer
|
03d58b439f
|
sources/oauth: separate clients into separate modules
|
2020-09-25 23:58:58 +02:00 |
Jens Langhammer
|
bdaf0111c2
|
stages/password: fix formatting
|
2020-09-25 21:12:42 +02:00 |
Jens Langhammer
|
974c2ddb11
|
stages/password: fix change_flow being deleted instead of renamed
|
2020-09-25 20:33:06 +02:00 |
Jens Langhammer
|
f294791d41
|
stages/otp_time: fix redirect uri after setup
|
2020-09-25 19:39:19 +02:00 |
Jens Langhammer
|
4ee22f8ec1
|
stages/otp_static: fix redirect URL after setup, fix stage not being passed to setup
|
2020-09-25 19:38:51 +02:00 |
Jens Langhammer
|
74d3cfbba0
|
stages/otp_time: show OTP URI as aria-label
|
2020-09-25 19:03:12 +02:00 |
Jens Langhammer
|
d278acb83b
|
stages/otp_: fix flows having no title
|
2020-09-25 18:50:29 +02:00 |
Jens Langhammer
|
84da454612
|
stages/otp_: ensure stage.configure_flow is set
|
2020-09-25 17:45:13 +02:00 |
Jens Langhammer
|
52101007aa
|
e2e: bump chrome version
|
2020-09-25 17:39:25 +02:00 |
Jens Langhammer
|
dc57f433fd
|
stages/password: update to use ConfigurableStage
|
2020-09-25 16:51:22 +02:00 |
Jens Langhammer
|
3d4c5b8f4e
|
stages/otp_time: implement configure_flow
|
2020-09-25 12:56:27 +02:00 |
Jens Langhammer
|
e66424cc49
|
stages/otp_static: implement configure_flow
|
2020-09-25 12:56:14 +02:00 |
Jens Langhammer
|
8fa83a8d08
|
flows: change setup_stage to configure_stage in migration
|
2020-09-25 12:55:33 +02:00 |
Jens Langhammer
|
397892b282
|
stages/consent: cleanup
|
2020-09-25 12:49:19 +02:00 |
Jens Langhammer
|
7be50c2574
|
flows: add ConfigurableStage base class and ConfigureFlowInitView
|
2020-09-25 12:49:19 +02:00 |
Jens Langhammer
|
52c4fb431f
|
core: add user.group_attributes
|
2020-09-24 15:45:58 +02:00 |
dependabot-preview[bot]
|
6966c119a7
|
build(deps): bump codemirror in /passbook/static/static (#231)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.58.0 to 5.58.1.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.58.0...5.58.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
|
2020-09-24 14:31:49 +02:00 |
Jens Langhammer
|
9d93da3d45
|
providers/proxy: fix formatting
|
2020-09-23 12:33:33 +02:00 |
Jens Langhammer
|
6458b1dbf8
|
providers/proxy: make upstream SSL Validation configurable
|
2020-09-23 12:20:14 +02:00 |
dependabot-preview[bot]
|
9fd9b2611c
|
build(deps): bump codemirror in /passbook/static/static (#225)
Bumps [codemirror](https://github.com/codemirror/CodeMirror) from 5.57.0 to 5.58.0.
- [Release notes](https://github.com/codemirror/CodeMirror/releases)
- [Changelog](https://github.com/codemirror/CodeMirror/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codemirror/CodeMirror/compare/5.57.0...5.58.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
|
2020-09-23 00:29:01 +02:00 |
Jens Langhammer
|
464b2cce88
|
audit: fix model information being saved nested
|
2020-09-21 22:34:03 +02:00 |
Jens Langhammer
|
4eaa46e717
|
new release: 0.10.6-stable
|
2020-09-21 22:07:59 +02:00 |
Jens Langhammer
|
59e8dca499
|
sources/ldap: divide connector into password, sync and auth, add unittests for password
|
2020-09-21 21:40:41 +02:00 |
Jens Langhammer
|
945d5bfaf6
|
*: use Audit custom event action, add SOURCE_LINKED event action
|
2020-09-21 20:40:45 +02:00 |
Jens Langhammer
|
dbcdab05ff
|
audit: create audit logs for model creation/updating/deletion
|
2020-09-21 20:26:30 +02:00 |
Jens Langhammer
|
e2cc2843d8
|
core: add X-passbook-id to every request with unique ID
|
2020-09-21 19:37:44 +02:00 |
Jens Langhammer
|
585afd1bcd
|
core: remove migration dependency on ldap
|
2020-09-21 13:21:03 +02:00 |
Jens Langhammer
|
8358574484
|
audit: remove foreign key to user, save user data as json
|
2020-09-21 13:20:50 +02:00 |
Jens Langhammer
|
cbcdaaf532
|
providers/oauth2: fix creation of new refresh token
|
2020-09-21 11:48:23 +02:00 |
Jens Langhammer
|
f99eaa85ac
|
sources/ldap: implement LDAP password validation and syncing
|
2020-09-21 11:46:35 +02:00 |
Jens Langhammer
|
5007a6befe
|
stages/prompt: integrate password comparison when multiple password fields are given
|
2020-09-21 11:04:31 +02:00 |
Jens Langhammer
|
50c75087b8
|
lifecycle: fix startup logs not being full json
|
2020-09-21 11:04:31 +02:00 |
Jens Langhammer
|
c7ca95ff2b
|
new release: 0.10.5-stable
|
2020-09-20 13:58:33 +02:00 |
Jens Langhammer
|
9f403a71ed
|
root: fix IP detection when using multiple reverse proxies
|
2020-09-20 13:36:23 +02:00 |
Jens Langhammer
|
f3ee8f7d9c
|
admin: fix permissions not being checked for policybinding list
|
2020-09-19 23:07:39 +02:00 |
Jens Langhammer
|
5fa3729702
|
audit: fix fields for events from impersonation being swapped
|
2020-09-19 22:54:36 +02:00 |
Jens Langhammer
|
87f44fada4
|
providers/oauth2: fix refreshtoken being initialised wrong
|
2020-09-19 22:23:11 +02:00 |
Jens Langhammer
|
c0026f3e16
|
admin: move pf-m-success to base css
|
2020-09-19 21:12:39 +02:00 |
Jens Langhammer
|
c25eda63ba
|
new release: 0.10.4-stable
|
2020-09-19 19:40:58 +02:00 |
Jens Langhammer
|
c90906c968
|
outposts: fix formatting
|
2020-09-19 19:12:49 +02:00 |
Jens Langhammer
|
b04f92c8b4
|
admin: outposts show should-be version
|
2020-09-19 19:03:54 +02:00 |
Jens Langhammer
|
a02fcb0a7a
|
providers/oauth2: use # as separate for code#adfs, check if # exists in response_type and trim
|
2020-09-19 18:37:50 +02:00 |
dependabot-preview[bot]
|
c1ea605c7e
|
build(deps): bump @patternfly/patternfly from 4.35.2 to 4.42.2 in /passbook/static/static (#222)
Bumps [@patternfly/patternfly](https://github.com/patternfly/patternfly) from 4.35.2 to 4.42.2.
- [Release notes](https://github.com/patternfly/patternfly/releases)
- [Changelog](https://github.com/patternfly/patternfly/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/patternfly/patternfly/compare/prerelease-v4.35.2...prerelease-v4.42.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
|
2020-09-19 18:30:23 +02:00 |
Jens Langhammer
|
116be0b3c0
|
sources/ldap: add status display to show last sync
|
2020-09-19 17:50:39 +02:00 |
Jens Langhammer
|
438250b3a9
|
policies: improve wording on denied tempaltes
|
2020-09-19 15:24:52 +02:00 |
Jens Langhammer
|
5e6acee2a5
|
root: increase limit of max-attributes in pylint
|
2020-09-19 13:40:23 +02:00 |
Jens Langhammer
|
8b4222e7bb
|
providers/proxy: fix formatting
|
2020-09-19 12:21:31 +02:00 |
Jens Langhammer
|
5689f25c39
|
providers/proxy: add option to skip authentication for paths matching regular expressions
|
2020-09-19 11:32:04 +02:00 |
Jens Langhammer
|
83408b6ae0
|
stages/password: add failed_attempts_before_cancel to cancel a flow after x failed entries
|
2020-09-19 02:18:43 +02:00 |
Jens Langhammer
|
d30abc64d0
|
flows: improve _full template being used for stage_invalid
|
2020-09-19 02:15:15 +02:00 |
Jens Langhammer
|
4749c3fad0
|
proxy: improve reconnect logic, send version, properly version proxy
|
2020-09-19 01:37:08 +02:00 |
Jens Langhammer
|
18886697d6
|
outposts: add support for version checking
|
2020-09-19 01:34:11 +02:00 |
Jens Langhammer
|
e75c9e9a79
|
providers/oauth2: make openid-configuration easily readable
|
2020-09-19 01:34:11 +02:00 |
Jens Langhammer
|
5a3c1137ab
|
providers/oauth2: add more info to configuration modal
|
2020-09-19 01:34:11 +02:00 |
Jens Langhammer
|
ddca46e24a
|
outposts: add modal to show setup information
|
2020-09-19 01:34:11 +02:00 |
Jens Langhammer
|
421bd13ddf
|
admin: make YAMLField return empty dict when empty yaml is given
|
2020-09-19 00:00:55 +02:00 |
Jens Langhammer
|
404c9ef753
|
providers/saml: improve __str__ of SAMLPropertyMapping
|
2020-09-18 23:50:31 +02:00 |
Jens Langhammer
|
fe4a0c3b44
|
core: add impersonation start/end to audit log
also add impersonated user as context to other logs
|
2020-09-18 23:39:37 +02:00 |
Jens Langhammer
|
e0c104ee5c
|
providers/oauth2: remove post_logout_redirect_uris
|
2020-09-18 23:37:40 +02:00 |
Jens Langhammer
|
316e6cb17f
|
admin: set default host for outposts based on HTTP host
|
2020-09-18 21:51:08 +02:00 |
Jens Langhammer
|
9d5d99290c
|
outposts: only show proxy providers
|
2020-09-18 21:50:49 +02:00 |
Jens Langhammer
|
20ffe833de
|
admin: fix create link for outposts
|
2020-09-18 21:28:48 +02:00 |
Jens Langhammer
|
d4d026bf6a
|
stages/user_write: add migration that removes unintended data
|
2020-09-18 18:58:07 +02:00 |
Jens Langhammer
|
dfe093b2b9
|
stages/user_write: fix unittests
|
2020-09-18 18:52:19 +02:00 |
Jens Langhammer
|
60739e620e
|
stages/user_write: fix formatting
|
2020-09-18 18:41:11 +02:00 |
Jens Langhammer
|
d6cc6770b8
|
stages/user_write: fix data being saved as attributes without intent
|
2020-09-18 18:15:33 +02:00 |
Jens Langhammer
|
ddc1022461
|
stages/user_write: check if session hash should be updated early
|
2020-09-18 18:15:25 +02:00 |
Jens Langhammer
|
2c2226610e
|
providers/oauth2: fix end-session view not working, add tests
|
2020-09-17 21:55:01 +02:00 |
Jens Langhammer
|
cba78b4de7
|
providers/*: fix launch_url not working
|
2020-09-17 21:53:57 +02:00 |
Jens Langhammer
|
1eeb64ee39
|
docs: fix environment variable for error reporting
|
2020-09-17 21:22:46 +02:00 |
Jens Langhammer
|
22dea62084
|
root: fix startup log not showing in docker
|
2020-09-17 21:16:31 +02:00 |
Jens Langhammer
|
5ff1dd8426
|
core: move impersonation to core, add tests, add better permission checks
|
2020-09-17 16:24:53 +02:00 |
Jens Langhammer
|
da15a8878f
|
stages/password: improve labelling of LDAP backend
|
2020-09-17 15:54:48 +02:00 |
Jens Langhammer
|
bf33828ac1
|
core: fix overview template for non-rectangular icons
|
2020-09-17 10:44:10 +02:00 |
Jens Langhammer
|
895e7d7393
|
new release: 0.10.3-stable
|
2020-09-17 10:10:39 +02:00 |
Jens Langhammer
|
da3c640343
|
admin: fix type annotation for latest_version()
|
2020-09-16 23:54:55 +02:00 |
Jens Langhammer
|
4b39c71de0
|
providers/oauth2: accept token as post param
|
2020-09-16 23:38:55 +02:00 |
Jens Langhammer
|
818f417fd8
|
providers/oauth2: only send id_token as access_token if ADFS compat mode is enabled
|
2020-09-16 23:31:03 +02:00 |
Jens Langhammer
|
f1ccef7f6a
|
e2e: add tests for proxy provider and outposts
|
2020-09-16 23:22:17 +02:00 |
Jens Langhammer
|
ea9687c30b
|
core: don't fail migrations if no pbadmin exists
|
2020-09-15 23:37:39 +02:00 |
Jens Langhammer
|
0a5e14a352
|
core: make is_superuser a group property, remove from user
|
2020-09-15 23:10:31 +02:00 |
Jens Langhammer
|
491dcc1159
|
sources/ldap: improve default Property Mappings
|
2020-09-15 21:51:08 +02:00 |
Jens Langhammer
|
6292049c74
|
sources/ldap: add limited support for attributes as object_fields on LDAPPropertyMappings
|
2020-09-15 21:08:14 +02:00 |
Jens Langhammer
|
1e97af772f
|
providers/oauth2: add workaround for vcenter
|
2020-09-15 20:54:54 +02:00 |
Jens Langhammer
|
5c622cd4d2
|
providers/oauth2: make sub configurable based on hash, username, email and upn
|
2020-09-15 20:54:42 +02:00 |
Jens Langhammer
|
8c604d225b
|
static: update flow background
|
2020-09-15 16:14:13 +02:00 |
Jens Langhammer
|
c7daadfb18
|
core: fix logic error in expired models cleanup
|
2020-09-15 12:53:02 +02:00 |
Jens Langhammer
|
683968c96e
|
sources/ldap: register ldap sources
|
2020-09-15 12:36:33 +02:00 |
Jens Langhammer
|
566ebae065
|
new release: 0.10.2-stable
|
2020-09-15 12:04:00 +02:00 |
Jens Langhammer
|
8c465b2026
|
outposts: remove unused import
|
2020-09-15 11:32:25 +02:00 |
Jens Langhammer
|
6b7da71aa8
|
lib: improve error handling for sentry
|
2020-09-15 11:29:43 +02:00 |
Jens Langhammer
|
e95bbfab9a
|
outposts: disable WIP k8s controller
|
2020-09-15 11:25:59 +02:00 |
Jens Langhammer
|
3e13c13619
|
flows: replace passbook_flows:denied with AccessDenied Reeponse
|
2020-09-15 09:54:19 +02:00 |
Jens Langhammer
|
92f79eb30e
|
policies: add AccessDeniedResponse as general response when access was denied
|
2020-09-15 09:53:59 +02:00 |
Jens Langhammer
|
e7472de4bf
|
sources/ldap: sync source on save
|
2020-09-14 23:35:01 +02:00 |
Jens Langhammer
|
494950ac65
|
admin: fix anonymous user not being removed from user count
|
2020-09-14 23:19:16 +02:00 |
Jens Langhammer
|
4d51295db2
|
new release: 0.10.1-stable
|
2020-09-14 23:08:57 +02:00 |
Jens Langhammer
|
3bbded3555
|
docs: remove default password for docker-compose, improve instructions
|
2020-09-14 23:08:04 +02:00 |
Jens Langhammer
|
b3262e2a82
|
docs: add docs for passbook_user_debug
|
2020-09-14 22:51:50 +02:00 |
Jens Langhammer
|
40614a65fc
|
flows: move complete denied view and template to flows
|
2020-09-14 21:52:43 +02:00 |
Jens Langhammer
|
3cf558d594
|
providers/*: pass policy result objects when access denied
|
2020-09-14 21:52:25 +02:00 |
Jens Langhammer
|
812cc0d2f1
|
policies: add references for source_policy and source_results
|
2020-09-14 21:51:59 +02:00 |
Jens Langhammer
|
e21ed92848
|
providers/oauth2: ensure flow is cleaned up on error
|
2020-09-14 18:40:44 +02:00 |
Jens Langhammer
|
5184c4b7ef
|
flows: fix FlowNonApplicableException and EmptyFlowException leading to infinite spinners
|
2020-09-14 18:40:26 +02:00 |
Jens Langhammer
|
2c07859b68
|
core: add automatic launch_url detection based on provider
|
2020-09-14 18:12:42 +02:00 |
Jens Langhammer
|
ae6304c05e
|
providers/proxy: fix provider requiring a certificate to be selected
|
2020-09-14 17:37:06 +02:00 |
Jens Langhammer
|
501683e3cb
|
outposts: add tests for permissions
|
2020-09-14 17:34:07 +02:00 |
Jens Langhammer
|
cc8afa8706
|
admin: don't show policy as unbound when used as validation policy
|
2020-09-14 15:44:33 +02:00 |
Jens Langhammer
|
6a669992a8
|
outposts: fix permissions not being updated when providers are modified
|
2020-09-14 15:41:02 +02:00 |
Jens Langhammer
|
7ea5c22b6c
|
root: fix channels not loading redis connection details
|
2020-09-14 14:21:43 +02:00 |
Jens Langhammer
|
c7026407c6
|
policies: fix type error
|
2020-09-14 00:28:23 +02:00 |
Jens Langhammer
|
810f10edfe
|
providers/oauth2: fix several small implicit flow errors
|
2020-09-14 00:11:11 +02:00 |
Jens Langhammer
|
1c57128f11
|
providers/oauth2: fix token to code_token
|
2020-09-13 23:42:45 +02:00 |
Jens Langhammer
|
82eade3eb1
|
new release: 0.10.0-stable
|
2020-09-13 23:03:38 +02:00 |
Jens Langhammer
|
bb4e39aab6
|
docs: add outpost deployment docs, link in outposts list
|
2020-09-13 22:20:17 +02:00 |
Jens Langhammer
|
a8744f443c
|
outposts: fix Kubernetes Controller not exporting dicts, secrets not being b64 encoded
|
2020-09-13 22:19:26 +02:00 |
Jens Langhammer
|
7fe9b8f0b4
|
providers/proxy: add domainless URL Validator
|
2020-09-13 21:52:34 +02:00 |
Jens Langhammer
|
696aa7e5f6
|
core: fix path to default icon
|
2020-09-13 20:47:17 +02:00 |
Jens Langhammer
|
151374f565
|
stages/email: fix loading of static files when path is a directory
|
2020-09-13 18:24:49 +02:00 |
Jens Langhammer
|
bebeff9f7f
|
root: allow for changing of logo and branding
|
2020-09-13 17:52:33 +02:00 |
Jens Langhammer
|
8b99afa34d
|
stages/email: fix binary files not being encoded correctly
|
2020-09-13 17:40:13 +02:00 |
Jens Langhammer
|
b317852e8a
|
static: replace brand.svg with text and font
|
2020-09-13 17:33:30 +02:00 |
Jens Langhammer
|
8e6bb48227
|
sources/saml: add mitigation for idp-initiated requests
|
2020-09-13 15:39:25 +02:00 |
Jens Langhammer
|
7a4e8af1ae
|
outpost: fix outpost update signal only being sent to outposts connected to the same passbook instance
|
2020-09-13 14:29:40 +02:00 |
Jens Langhammer
|
0161205c82
|
sources/saml: fix previous request ID being wrongly compared
request ID was compared to request ID not InResponseTo field
|
2020-09-13 14:00:56 +02:00 |
Jens Langhammer
|
ca0ba85023
|
providers/saml: disallow idp-initiated SSO by default and validate Request ID
|
2020-09-12 00:53:44 +02:00 |
Jens L
|
23cccebb96
|
pytest (#209)
|
2020-09-11 23:21:11 +02:00 |