entrouvert
/
authentic
16
0
Fork 0
Code Issues Pull Requests 32 Releases Activity
4,612 Commits 187 Branches 448 Tags 29 MiB
Commit Graph

4612 Commits

Author SHA1 Message Date
Benjamin Dauvergne 387252a3d0 views: forbid automatic linking based on email if multiples users are found or if target user has already a link (fixes #20078) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne ccffde71b0 backends: make sub parameter non optional in authenticate() 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne ccb4db5a21 always unlink from all FC accounts (fixes #19947) 2019-05-31 14:51:55 +02:00
Serghei Mihai 2de20af107 update FC logos (#19585) 2019-05-31 14:51:55 +02:00
Serghei Mihai 8cae4f5132 update login and register buttons images (#19162) 2019-05-31 14:51:55 +02:00
Serghei 42bc28067c replace logo image for account linking (#17391) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 4894bb1f57 views: force fc-register to always redirect post registration to fc-login-or-link (fixes #19270) 
Without it linking to FC does not happen
 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 8a5d976659 utils: allow a mapping to depend from another using tags (fixes #19251) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne ee2a823866 utils: add an if-empty modifier to only set a value from FC if the existing value is empty (fixes #19250) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 6d01145b88 utils: normalize mapping in apply_user_info_mappings (#19250) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne a55a6f5b45 views: block DisplayMessageBeforeRedirectMiddleware on redirect to FC (fixes #19247) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 7a289dcf3f utils: add a notempty transformation for attribute mappings (fixes #19233) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 2b333eb18c django 1.9 compatibility 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 1c5b76452f backends: always create new accounts in the default OU (fixes #18764) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 20de25fe0e views: automatically link user with existing email if email is unique (fixes #18763) 
Email must be unique if settings.A2_EMAIL_IS_UNIQUE is True or
get_default_ou().email_is_unique is True.
 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne fbb562a894 models: check issuer using only URL scheme and netloc (fixes #18766) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 922cea34d3 tests: test with non ASCII characters 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne ea0a2541a9 utils: do not set absent references to None, ignore them instead (fixes #18765) 2019-05-31 14:51:55 +02:00
Frédéric Péters e1b125b3a3 style: switch to extra-body-class for custom body class (#17983) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 219e0ce884 views: remove dead code 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 3c189a5bda utils: allow referencing a sub object of user_info in attribute mapping 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne c05bb4804f views: add setting for FC scopes 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 22c88a1941 backends: fix logging of unicode strings 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 7723df78cc utils: fix mapping of user attributes 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne be4a827dce indicate registration URL is coming from france connect module 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne e11e14605c redirect to auth_logout if no post logout redirect URI is found 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne a086047684 fix typo introduced in commit a7677f4bc0 (#17331) 2019-05-31 14:51:55 +02:00
Serghei 860c57f293 templates: use different ids for link and its container (#17421) 2019-05-31 14:51:55 +02:00
Josue Kouka f06b342716 allow fc unlinking through api (#15297) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne fecfd38f9e do not logout from local session on unlink (bis #17331) 
Fix bug introduced in previous commit.
 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 21ca2bb5a0 do not logout from local session on unlink (fixes #17331) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne ad43f17f47 fix issuer check 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 5a8bf44e5d use only underscores in session variables to allow access from templates 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 673ddea9db improve reporting of error on access token requests 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne f94461ea86 validate id_token 
Signature is validated, exp, aud and iis fields are checked.

Also add tests using tox and py.test. Proper validation of signature is verified
using jwcrypto.
 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 7d34d13e88 use state as nonce and check nonce returned in id_token 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne f3671f1206 add missing data files insee-communes.json and insee-countries.json 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne b32567115c pep8ness 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 17ff1e7928 generate a random state linked to the session 
Instead of encoding the redirect_uri in the state we:
* generate a random state with 128 bits of entropy
* store the state and the redirect_uri in the session
* verify that the state exist when receivng the callback
* retrieving the redirect_uri linked to this state from the session
 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 642782bbec set confirm_data="required" when auto_register is used (fixes #16771) 
When auto_register is used, users should not see the registration page at all,
even if optionnal attribute fields are unfilled.
 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 115b550199 redirect to logout on unlink 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne ded531a8d4 do not log an error for normal oauth2 errors 
Such error happens when authorization code is out of date or already used.
 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne ce4dbae90e improve mapping of FC attributes to A2 attributes (#10062) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 4d08e88ac8 pep8ness 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne becc4f893d always return to /logout/ after FC logout (fixes #15223) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 51950e59ee update french translation 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 2f325c5a80 use authentic2.utils.login instead of django.contrib.auth.login (fixes #14338) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 805a5d352e fix deprecation warning about get_cache() 
Since Django 1.8 get_cache() is deprecated in favor of caches[].
 2019-05-31 14:51:55 +02:00
Frédéric Péters d10b357fb1 style: don't let button oversize its container (#13216) 2019-05-31 14:51:55 +02:00
Frédéric Péters dd2fb7350a add a brief explanation after "what is franceconnect?" (#13174) 2019-05-31 14:51:55 +02:00