Benjamin Dauvergne
387252a3d0
views: forbid automatic linking based on email if multiples users are found or if target user has already a link ( fixes #20078 )
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
ccffde71b0
backends: make sub parameter non optional in authenticate()
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
ccb4db5a21
always unlink from all FC accounts ( fixes #19947 )
2019-05-31 14:51:55 +02:00
Serghei Mihai
2de20af107
update FC logos ( #19585 )
2019-05-31 14:51:55 +02:00
Serghei Mihai
8cae4f5132
update login and register buttons images ( #19162 )
2019-05-31 14:51:55 +02:00
Serghei
42bc28067c
replace logo image for account linking ( #17391 )
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
4894bb1f57
views: force fc-register to always redirect post registration to fc-login-or-link ( fixes #19270 )
...
Without it linking to FC does not happen
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
8a5d976659
utils: allow a mapping to depend from another using tags ( fixes #19251 )
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
ee2a823866
utils: add an if-empty modifier to only set a value from FC if the existing value is empty ( fixes #19250 )
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
6d01145b88
utils: normalize mapping in apply_user_info_mappings ( #19250 )
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
a55a6f5b45
views: block DisplayMessageBeforeRedirectMiddleware on redirect to FC ( fixes #19247 )
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
7a289dcf3f
utils: add a notempty transformation for attribute mappings ( fixes #19233 )
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
2b333eb18c
django 1.9 compatibility
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
1c5b76452f
backends: always create new accounts in the default OU ( fixes #18764 )
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
20de25fe0e
views: automatically link user with existing email if email is unique ( fixes #18763 )
...
Email must be unique if settings.A2_EMAIL_IS_UNIQUE is True or
get_default_ou().email_is_unique is True.
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
fbb562a894
models: check issuer using only URL scheme and netloc ( fixes #18766 )
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
922cea34d3
tests: test with non ASCII characters
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
ea0a2541a9
utils: do not set absent references to None, ignore them instead ( fixes #18765 )
2019-05-31 14:51:55 +02:00
Frédéric Péters
e1b125b3a3
style: switch to extra-body-class for custom body class ( #17983 )
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
219e0ce884
views: remove dead code
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
3c189a5bda
utils: allow referencing a sub object of user_info in attribute mapping
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
c05bb4804f
views: add setting for FC scopes
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
22c88a1941
backends: fix logging of unicode strings
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
7723df78cc
utils: fix mapping of user attributes
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
be4a827dce
indicate registration URL is coming from france connect module
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
e11e14605c
redirect to auth_logout if no post logout redirect URI is found
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
a086047684
fix typo introduced in commit a7677f4bc0
( #17331 )
2019-05-31 14:51:55 +02:00
Serghei
860c57f293
templates: use different ids for link and its container ( #17421 )
2019-05-31 14:51:55 +02:00
Josue Kouka
f06b342716
allow fc unlinking through api ( #15297 )
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
fecfd38f9e
do not logout from local session on unlink (bis #17331 )
...
Fix bug introduced in previous commit.
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
21ca2bb5a0
do not logout from local session on unlink ( fixes #17331 )
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
ad43f17f47
fix issuer check
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
5a8bf44e5d
use only underscores in session variables to allow access from templates
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
673ddea9db
improve reporting of error on access token requests
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
f94461ea86
validate id_token
...
Signature is validated, exp, aud and iis fields are checked.
Also add tests using tox and py.test. Proper validation of signature is verified
using jwcrypto.
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
7d34d13e88
use state as nonce and check nonce returned in id_token
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
f3671f1206
add missing data files insee-communes.json and insee-countries.json
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
b32567115c
pep8ness
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
17ff1e7928
generate a random state linked to the session
...
Instead of encoding the redirect_uri in the state we:
* generate a random state with 128 bits of entropy
* store the state and the redirect_uri in the session
* verify that the state exist when receivng the callback
* retrieving the redirect_uri linked to this state from the session
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
642782bbec
set confirm_data="required" when auto_register is used ( fixes #16771 )
...
When auto_register is used, users should not see the registration page at all,
even if optionnal attribute fields are unfilled.
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
115b550199
redirect to logout on unlink
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
ded531a8d4
do not log an error for normal oauth2 errors
...
Such error happens when authorization code is out of date or already used.
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
ce4dbae90e
improve mapping of FC attributes to A2 attributes ( #10062 )
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
4d08e88ac8
pep8ness
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
becc4f893d
always return to /logout/ after FC logout ( fixes #15223 )
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
51950e59ee
update french translation
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
2f325c5a80
use authentic2.utils.login instead of django.contrib.auth.login ( fixes #14338 )
2019-05-31 14:51:55 +02:00
Benjamin Dauvergne
805a5d352e
fix deprecation warning about get_cache()
...
Since Django 1.8 get_cache() is deprecated in favor of caches[].
2019-05-31 14:51:55 +02:00
Frédéric Péters
d10b357fb1
style: don't let button oversize its container ( #13216 )
2019-05-31 14:51:55 +02:00
Frédéric Péters
dd2fb7350a
add a brief explanation after "what is franceconnect?" ( #13174 )
2019-05-31 14:51:55 +02:00