Commit Graph

246 Commits

Author SHA1 Message Date
Jens Langhammer e5e4824920 */saml: fully migrate to xmlsec, remove signxml dependency 2020-11-15 15:20:56 +01:00
Jens Langhammer 9877ef99c4 */saml: fix creation and validation of detached signatures 2020-11-12 11:59:07 +01:00
Jens Langhammer c304b40e1b providers/saml: improve verification for detached signatures 2020-11-12 11:58:51 +01:00
Jens Langhammer 54de5c981e providers/saml: fix signatures being required 2020-11-12 11:58:51 +01:00
Jens Langhammer e99f6e289b outposts: fix kubernetes ApiClient not being used 2020-11-09 10:45:08 +01:00
Jens Langhammer a202679bfb crypto: fix "Could not deserialize key data." with empty private key 2020-11-08 22:43:35 +01:00
Jens Langhammer 1edcda58ba providers/saml: add verification_kp when verifying assertions against certificates without private key 2020-11-08 22:24:54 +01:00
Jens Langhammer 6c72a9e2e8 providers/proxy: fix k8s integration tests 2020-11-04 14:02:29 +01:00
Jens Langhammer bd74e518a7 outposts: add *ServiceConnection API 2020-11-04 11:05:40 +01:00
Jens Langhammer 3b76af4eaa outposts: fix defaults and tests for outposts 2020-11-04 10:57:06 +01:00
Jens Langhammer f3df3a0157 providers/proxy: add sticky sessions to ingress 2020-10-29 17:25:51 +01:00
Jens Langhammer 774b9c8a61 outposts: update kubernetes controller to use pk as identifier instead of name 2020-10-19 17:39:12 +02:00
Jens Langhammer 05866d3544 providers/proxy: fix creation of ingress 2020-10-19 15:06:50 +02:00
Jens Langhammer e87d52a76b providers/proxy: implement Ingress diff checking 2020-10-18 21:34:45 +02:00
Jens Langhammer 8b09cf55a2 root: upgrade to traefik 2.3 2020-10-18 18:48:19 +02:00
Jens Langhammer 0203d20759 providers/proxy: add traefik labels to outposts deployed with docker integration 2020-10-18 17:46:20 +02:00
Jens Langhammer 7861e2e0bd provider/proxy: add K8s ingress support 2020-10-18 17:13:44 +02:00
Jens Langhammer dd0d7e7481 root: switch from drf-yasg to drf_yasg2 and up rest_framework 2020-10-16 23:32:35 +02:00
Jens Langhammer 5135d828b4 outposts: rename run to up, add down method for deleting 2020-10-16 22:22:15 +02:00
Jens Langhammer 7806cff96f lib: save task's call arguments for manual retry 2020-10-16 13:35:40 +02:00
Jens Langhammer fa504e4bf9 outposts: pass outpost reference instead of PK, implement TaskResult.uid 2020-10-16 12:54:52 +02:00
Jens Langhammer 91ce7f7363 root: implement monitored tasks 2020-10-16 11:28:54 +02:00
Jens Langhammer 69d2a1cf3b providers/proxy: add more kubernetes tests 2020-10-14 20:21:47 +02:00
Jens Langhammer b6eb0bf53d providers/oauth2: add missing property_mapping template 2020-10-11 19:29:13 +02:00
Jens Langhammer 610b6c7f70 policies: add PolicyAccessView, which does complete access checking 2020-10-11 19:26:20 +02:00
Jens Langhammer c1eb8317f7 providers/proxy: update phrasing for basic_auth_* attributes
closes #265
2020-10-07 19:27:06 +02:00
Jens Langhammer da9aaf69df admin: add metrics and charts 2020-10-05 22:10:03 +02:00
Jens Langhammer d506e8f1a3 outposts: implement docker controller 2020-10-04 00:41:12 +02:00
Jens L 9fb1ac98ec
Backup/Restore (#256)
* lifecycle: move s3 backup settings to s3 name

* providers/oauth2: fix for alerting for missing certificatekeypair

* lifecycle: add backup commands

see #252

* lifecycle: install postgres-client for 11 and 12

* root: migrate to DBBACKUP_STORAGE_OPTIONS, add region setting

* lifecycle: auto-clean last backups

* helm: add s3 region parameter, add cronjob for backups

* docs: add backup docs

* root: remove backup scheduled task for now
2020-10-03 20:36:36 +02:00
Jens Langhammer 195d8fe71f core: move name field to base Provider 2020-10-03 20:05:16 +02:00
Jens Langhammer e9a1a18ba3 providers/oauth2: ensure that when rs256 is selected, a certificate key pair is selected 2020-10-01 20:01:45 +02:00
Jens Langhammer 6cd9edd38a providers/oauth2: add missing token_validity field to Forms and API 2020-10-01 20:01:28 +02:00
Jens Langhammer a5420fe019 providers/saml: lowercase acs URLs before checking
closes #249
2020-10-01 10:04:20 +02:00
Jens Langhammer 2e1849a732 providers/oauth2: lowercase all uris before checking redirect URI
see #249
2020-10-01 10:00:44 +02:00
Jens Langhammer 525d271535 *: apply new black styling 2020-09-30 19:34:22 +02:00
Jens Langhammer 9d5dd896f3 providers/proxy: start implementing basic_auth_enabled
see #244
2020-09-30 11:15:22 +02:00
Jens Langhammer 02f5f12089 providers/proxy: use external_url for launch URL, hide setup URLs 2020-09-30 11:14:50 +02:00
Jens Langhammer 90ea6dba90 providers/proxy: add pb_proxy scope for proxy that sends user_attributes 2020-09-30 11:13:59 +02:00
Jens Langhammer 760352202e admin: fix get_form_class 2020-09-29 11:42:34 +02:00
Jens Langhammer 9724ded194 policies: change .form() and .serializer() to properties, add tests 2020-09-29 10:32:58 +02:00
Jens Langhammer e54b98a80e e2e: cleanup tests, remove XPATH selectors 2020-09-28 18:19:46 +02:00
Jens Langhammer bd78087582 root: fix RemovedInDjango40Warning being triggered 2020-09-28 11:47:50 +02:00
Jens Langhammer 8f4e954160 providers/oauth2: rewrite introspection endpoint to allow basic or bearer auth 2020-09-28 11:42:27 +02:00
Jens Langhammer b6d7847eae providers/oauth2: fix token introspection view 2020-09-28 09:04:31 +02:00
Jens Langhammer 9d93da3d45 providers/proxy: fix formatting 2020-09-23 12:33:33 +02:00
Jens Langhammer 6458b1dbf8 providers/proxy: make upstream SSL Validation configurable 2020-09-23 12:20:14 +02:00
Jens Langhammer cbcdaaf532 providers/oauth2: fix creation of new refresh token 2020-09-21 11:48:23 +02:00
Jens Langhammer 50c75087b8 lifecycle: fix startup logs not being full json 2020-09-21 11:04:31 +02:00
Jens Langhammer 87f44fada4 providers/oauth2: fix refreshtoken being initialised wrong 2020-09-19 22:23:11 +02:00
Jens Langhammer a02fcb0a7a providers/oauth2: use # as separate for code#adfs, check if # exists in response_type and trim 2020-09-19 18:37:50 +02:00