entrouvert
/
authentic
16
0
Fork 0
Code Issues Pull Requests 32 Releases Activity
2,234 Commits 187 Branches 448 Tags 29 MiB
Commit Graph

2234 Commits

Author SHA1 Message Date
Benjamin Dauvergne c7ab4200af LDAP attribute can be multivalued, any reference to a mono-valued attribute must be suffixed with [0] 2015-01-22 12:26:52 +01:00
Benjamin Dauvergne eafe34fa77 Fix app_settings of SAML and OpenID IdP, they forced their prefix on all access to the settings module 2015-01-22 12:26:52 +01:00
Benjamin Dauvergne ed4be3dd68 Come back to explicit path for LOGIN_URL and LOGOUT_URL and it break compatibility with Django 1.5 2015-01-22 12:26:52 +01:00
Benjamin Dauvergne f30c356784 Replace use of authentic2.idp.saml.common.redirect_to_login by authentic2.utils.login_require 2015-01-22 12:26:52 +01:00
Benjamin Dauvergne 53c23d9114 Add a next_url parameter to login_require to come back to another URL than the current one 2015-01-22 10:39:51 +01:00
Benjamin Dauvergne 7ee6f4bc1f Do not change the type of INSTALLED_APPS keep it as a tuple 
It prevents problems with configuration file trying to concatenate
tuples with it (they should not expect a tuple, but sometimes they do).
 2015-01-22 10:19:13 +01:00
Benjamin Dauvergne 1a3440c842 Remove unused imported symbols 2015-01-22 10:11:49 +01:00
Benjamin Dauvergne 6b96d6e0ff Change default external_id_tuple to use uid as the primary key with the LDAP server 
dn:noquote is kept as a second possibility for backward compatibility.
 2015-01-21 14:37:55 +01:00
Serghei Mihai 2e939d522f user's account history information display updated 2015-01-21 10:28:45 +01:00
Serghei Mihai 461c3e465d username is uuid, not viewable or editable by user 2015-01-21 10:28:40 +01:00
Serghei Mihai 33e7c8014b user full name and account creation, last login date displayed on login choices 2015-01-21 10:23:40 +01:00
Serghei Mihai 14ca8a7c9f login page text fix 2015-01-21 10:23:40 +01:00
Serghei Mihai 3027128ef2 account creation and login urls refactored 2015-01-21 10:23:40 +01:00
Serghei Mihai c6a9960fca on user multiple accounts propose to log in with one of them or create a new 
account
 2015-01-21 10:23:40 +01:00
Serghei Mihai efa4305df0 Registration refactored: email validation done first and registration process 
finished on profile completion.

django-registration removed
 2015-01-21 10:23:32 +01:00
Serghei Mihai 717c7ee65d ldap to database users synchronization command. 
ldap backend's methods refactored

Closes #6183
 2015-01-21 10:02:14 +01:00
Serghei Mihai c984435a57 ldap_backend: username computed from uid by default 2015-01-21 10:02:06 +01:00
Benjamin Dauvergne 0ab6736d6c Set DJANGO_CONFIG_FILE only if local_settings.py exists 2015-01-21 09:44:52 +01:00
Benjamin Dauvergne e3082f8ee9 Adapt tox tests to cleaned settings 2015-01-20 23:51:55 +01:00
Benjamin Dauvergne 50c4737b01 Make authentic2-ctl default to load the local_settings.py file in the current directory 2015-01-20 23:51:55 +01:00
Benjamin Dauvergne e4c9362ca3 Improve test on the login_require helper function 2015-01-20 23:51:55 +01:00
Benjamin Dauvergne 1f979f83c1 Fix assertEqualsURL, query string is index 3 in a splitted URL 2015-01-20 17:20:47 +01:00
Benjamin Dauvergne 7ae6ffd6a7 Add new --config flag to authentic2-ctl (fixes #5960) 
--config expects the path to the config file, it --config is not used
the environment variable DJANGO_CONFIG_FILE is used instead.
 2015-01-20 12:02:59 +01:00
Benjamin Dauvergne b47b15191b Simplify settings, remove all extraction from environment (refs #5960) 
* Remove loading of settings using YAML
* Remove settings for the debug toolbar
* Remove default TEMPLATE_VARS from settings
* Remove USE_I18N from settings.py, default is already True
* Replace all methods of loading configuration files by the environment
	variable DJANGO_CONFIG_FILE
* Remove magic around cache settings
* USE_MEMCACHED is now a normal setting variable, it just configure the
	default cache to be memcached and set the session storage to
	cached_db.
* Remove extraction of LDAP settings from environment
* Remove extraction of SENTRY_DSN from environment
* Remove extraction of STATIC_ROOT from environment
* Remove settings TEMPLATE_LOADER based on DEBUG
* Remove extraction of all debug related settings from environment
* Remove extraction of ADMINS and MANAGERS from environment
* Remove extraction of DATABASES settings from environment
* Remove extracction of INTERNAL_IPS from environment
* Use Django default for message storage
* Remove platform defaults and extraction from environement for
	TEMPLATE_DIRS, STATICFILES_DIRS and LOCALE_PATHS, only keep projects
	paths
* Remove extraction from environment for PASSWORD_HASHERS
* Remove extraction of A2_IDP_SAML_ENABLE from environment
* Remove setting variable PROJECT_DIR, PROJECT_NAME, VAR_DIR and ETC_DIR
	which are no more used
* Remove defaults from settings.py which have default in app_settings.py
	or in Django, or for which we added default value in the code
	- A2_ACCEPT_EMAIL_AUTHENTICATION
	- A2_CAN_RESET_PASSWORD
	- A2_REGISTRATION_CAN_DELETE_ACCOUNT
	- A2_REGISTRATION_EMAIL_IS_UNIQUE
	- REGISTRATION_OPEN
	- ACCOUNT_ACTIVATION_DAYS
	- PASSWORD_RESET_TIMEOUT_DAYS
* Set acccount activation days
* Remove SOUTH_TESTS_MIGRATE as we want to test migrations
* Remove all remaining extractions from environment keep only defaults, segregate legacy settings for later removal
* Remove LOCAL_METADATA_CACHE_TIMEOUT from settings
* Remove SENTRY configuration support
* Remove PUSH_PROFILE_UPDATE from settings
* Remove IDP_SAML2 setting, it\'s better to keep supporting it from the debian configuration
* Remove USE_MEMCACHED setting
* Rename settings.py to default_settings.py
* Add minimal default settings allowing to start without a local setting
	file
 2015-01-20 12:02:51 +01:00
Benjamin Dauvergne 3addecea72 Remove caching of server object in SAML 2.0 IdP, it's incompatible with multi-tenant (refs #5960) 2015-01-20 12:02:46 +01:00
Benjamin Dauvergne 97d4e14cf4 Remove the PUSH_PROFILE_UPDATES feature (refs #5960) 2015-01-20 12:02:43 +01:00
Benjamin Dauvergne 155f89506e Use app_settings to set default value for TEMPLATE_VARS settings (refs #5960) 2015-01-20 12:02:36 +01:00
Benjamin Dauvergne 1892fefc51 Remove loading of debug toolbar in urls.py (refs #5960) 2015-01-20 12:02:33 +01:00
Benjamin Dauvergne 6556776831 Refactor default settings for the SAML 2.0 IdP (refs #5960) 2015-01-20 12:02:22 +01:00
Benjamin Dauvergne e7535f03b9 Do not cache settings in disco_responder use late binding (refs #5960) 2015-01-20 12:02:13 +01:00
Benjamin Dauvergne f3481b367b Remove IDP_OPENID setting, rename it A2_IDP_OPENID_ENABLE and store default in an app_settings.py file (refs #5960) 2015-01-20 12:01:55 +01:00
Benjamin Dauvergne 54d03aa54a Convert urls.py in OpenID IdP for direct import of views (refs #5960) 2015-01-20 12:01:40 +01:00
Benjamin Dauvergne f3e884a696 Add a feature to force users to change before using the IdP 2015-01-20 11:59:57 +01:00
Benjamin Dauvergne 7f8aef2590 Add helper function to compare URLs in tests 2015-01-19 17:44:30 +01:00
Benjamin Dauvergne 8d8cb91a6c In utils.make_url if the target URL contains a query string, extract it and use it as a base for building the new query string (fixes #6314) 2015-01-19 11:59:42 +01:00
Benjamin Dauvergne 7766d653f4 Add a default value for the user_basedn setting 
Without this default value, the setting was refused as it was not part
of the set of known setting keys.
 2015-01-16 16:40:26 +01:00
Benjamin Dauvergne 383093561a Do not traceback when request is too old during SAML login or logout request handling (fixes #6306) 2015-01-16 10:49:32 +01:00
Benjamin Dauvergne 76dff5f4a8 Add missing start_tls_s() in the LDAP authentication code 2015-01-16 10:34:11 +01:00
Benjamin Dauvergne 6ffa1a1fe7 Try to not overflow the limit on SQL statement length by doing filtering client side instead of using a NOT IN clause 
The ORM statement .exclude(xx__in=list_of_xx) send the list object as
part of the SQL statement. If it is too long, the SQL server is going to
complain.
 2015-01-15 17:11:35 +01:00
Benjamin Dauvergne f1a41e2930 Remove SSL registration view as it's not working anymore, must be redone using new registration views 2015-01-15 14:59:34 +01:00
Benjamin Dauvergne 62e351cf1b Update idp_openid with new redirect helpers 2015-01-15 14:59:34 +01:00
Benjamin Dauvergne 84124024f1 Remove legacy redirect_to_login helper method 2015-01-15 14:59:34 +01:00
Benjamin Dauvergne d58ddf28ed Use new helper methods in decorators 2015-01-15 14:59:34 +01:00
Benjamin Dauvergne 822ab9ab99 Use new helper methods in default login/password authentication frontend 2015-01-15 14:59:34 +01:00
Benjamin Dauvergne e86916dc5c Use new helper method in auth2_ssl 2015-01-15 14:59:34 +01:00
Benjamin Dauvergne 6c72edf3e9 Add helper method to require a login 2015-01-15 14:59:34 +01:00
Benjamin Dauvergne 67e2c2d63c Add helper method for logging in an user doing all needed bookkeeping 2015-01-15 14:59:34 +01:00
Benjamin Dauvergne b9f5b1bc08 Add helper method to record an authentication event 2015-01-15 14:59:34 +01:00
Benjamin Dauvergne 072df70c79 Add helper method to redirect user to next URL 2015-01-15 14:59:34 +01:00
Benjamin Dauvergne c1dd7700c7 Add helper method to request a login, copying nonce and next parameters 2015-01-15 14:59:34 +01:00