entrouvert
/
authentic
16
0
Fork 0
Code Issues Pull Requests 33 Releases Activity
6,548 Commits 188 Branches 447 Tags 29 MiB
Commit Graph

6548 Commits

Author SHA1 Message Date
Paul Marillonnet a179cb1dc9 translation update 2022-12-12 16:39:35 +01:00
Paul Marillonnet 3582bad6b3 views: make sms code trigger a standard registration finalization (#69223) 2022-12-12 16:10:15 +01:00
Paul Marillonnet 26f9d2098d add a page for users to input their sms registration code (#69223) 2022-12-12 16:10:15 +01:00
Paul Marillonnet e35275fe45 use phone number as registration means in form validation (#69223) 2022-12-12 16:09:15 +01:00
Paul Marillonnet d40f5d382c utils: add registration sms code sending logic (#69223) 2022-12-12 16:09:15 +01:00
Paul Marillonnet c9906d4a62 app_settings: add sms-related authentic2 settings (#69223) 2022-12-12 15:11:47 +01:00
Paul Marillonnet bd17c8915a add sms code model (#69223) 2022-12-12 15:11:47 +01:00
Paul Marillonnet ff50dcf4f0 utils/misc: add sms code creation utilitary function (#69223) 2022-12-12 15:11:47 +01:00
Paul Marillonnet 2741f474b0 add sms code related settings (#69223) 2022-12-12 15:11:47 +01:00
Paul Marillonnet 57da31b3f7 registration: display phone number in form (#69223) 2022-12-12 15:11:47 +01:00
Valentin Deniaud 728e9a410a authenticators: add idp configuration info for saml and oidc (#67987) 2022-12-12 12:24:43 +01:00
Paul Marillonnet dad0a9193d authn: make username required when it is the only identifier (#72269) 2022-12-12 12:00:30 +01:00
Valentin Deniaud a8f3390de8 data_transfer: export new role attributes (#71844) 2022-12-12 10:29:58 +01:00
Valentin Deniaud 0ad917ac04 manager: change role parents view title (#62617) 2022-12-12 10:29:41 +01:00
Paul Marillonnet 43ccdfea68 custom_user: set email verification sources (#66054) 2022-12-12 09:45:45 +01:00
Paul Marillonnet bf85976e04 translation update (#65612) 2022-12-12 09:28:43 +01:00
Paul Marillonnet 8f17030eab api_views: set api as verification source for custom attributes (#65612) 2022-12-12 09:18:34 +01:00
Paul Marillonnet 5cd75e69e5 auth_fc: set fc as verification source for custom attributes (#65612) 2022-12-12 09:18:34 +01:00
Paul Marillonnet 9c340c8a5f manage custom attribute's verification sources (#65612) 2022-12-12 09:18:34 +01:00
Paul Marillonnet 1be3b3d57e translation update (#49212) 2022-12-12 08:52:32 +01:00
Paul Marillonnet f7d6895b94 authentication/forms: add user phone as identifier (#69221) 2022-12-12 08:42:45 +01:00
Paul Marillonnet 3086948b0e csv_import adapt user csv logic to new phone_number kind (#69365) 2022-12-09 12:02:52 +01:00
Paul Marillonnet 2c0443d1bf attribute_kinds: use custom PhoneField for phone_number type (#69365) 2022-12-09 11:31:26 +01:00
Paul Marillonnet 62bb199d56 utils/misc: add parse_phone_number_utility (#69365) 2022-12-09 11:31:26 +01:00
Paul Marillonnet 9ebd736adb widgets: use libphonenumbers' local formatting (#69365) 2022-12-09 11:31:26 +01:00
Paul Marillonnet 0b6f7e1b80 fields: fix default dial code retrieval in PhoneField (#69365) 2022-12-09 11:31:26 +01:00
Paul Marillonnet 29893d530a ci: limit tox version used while running tests (#72162) 2022-12-08 10:15:31 +01:00
Frédéric Péters 7a3d11293f build: limit to django-ratelimit version (#71991) 2022-12-04 17:33:05 +01:00
Frédéric Péters aae3053b16 translation update 2022-12-01 19:01:52 +01:00
Benjamin Dauvergne 2480687f3f auth_oidc: show a warning message if target user is already linked to another provider (#65692) 2022-12-01 13:00:20 +01:00
Benjamin Dauvergne 855bb179b0 misc: use PIL.Image.Resampling.LANCZOS instead of PIL.Image.LANCZOS (#71899) 
PIL.Image.LANCZOS is deprecated.
 2022-12-01 12:00:42 +01:00
Benjamin Dauvergne 3fcbe2198c django.contrib.postgres's JSONField is deprecated (#71619) 2022-12-01 11:54:32 +01:00
Benjamin Dauvergne 5788e9f0cd NullBooleanField is deprecated since Django 3.1 (#71619) 
It must be replaced by BooleanField(null=True).
 2022-12-01 11:54:32 +01:00
Benjamin Dauvergne 896819fce8 tox.ini: remove unused tox dependencies 2022-12-01 11:54:13 +01:00
Benjamin Dauvergne ea5366ac0d tox.ini: pass posargs to pylint 2022-12-01 11:54:09 +01:00
Benjamin Dauvergne 4b3bcd0149 settings: set samesite flag on cookies when possible (#71880) 2022-12-01 10:00:07 +01:00
Benjamin Dauvergne d8d29e2daa settings: set secure flag on cookies (#71880) 
Tests fixes :
* force https scheme in webtest HTTP client
* add secure=True to call with the django HTTP client
* replace http scheme by https in URLs assertions,
* properly use response.form in tests directly using app.post, as CSRF checks on secure connection also test the Referrer
* manually add Referer header in other cases,
 2022-12-01 10:00:07 +01:00
Paul Marillonnet 97a5ebf63a Revert "idp_oidc: add api access and profile […] (#71820)" (#71890) 
This reverts commit 9141583b58.

The (erroneously added) parameters are for Publik's out-of-spec
synchronization purposes, they shouldn't appear on the vanilla OIDC
client configuration interface.
 2022-12-01 09:22:55 +01:00
Paul Marillonnet d62d23203f auth_fc: discard deprecated scopes (#71868) 2022-11-30 12:10:11 +01:00
Valentin Deniaud 8e6a95b6ce attributes_ng: restore setting superuser flag (#71855) 2022-11-29 18:55:27 +01:00
Valentin Deniaud 5f0c03e32f a2_rbac: move role attributes to real model fields (#69895) 2022-11-29 14:05:38 +01:00
Paul Marillonnet 9ba3df609b translation update 2022-11-29 12:34:35 +01:00
Paul Marillonnet 9141583b58 idp_oidc: add api access and profile management to BO config (#71820) 2022-11-29 11:26:43 +01:00
Paul Marillonnet 0c5da1c832 idp_oidc: remove client config through django's admin pages (#71700) 
This removal ensures that OIDC configuration happens through
/manage/ pages as part of Publik's backoffice interface.
 2022-11-29 11:09:16 +01:00
Benjamin Dauvergne d19ac19469 auth_fc: close FranceConnect session when linking fails (#71607) 2022-11-28 15:05:46 +01:00
Benjamin Dauvergne cfefbd553c tests: do not follow redirects in login_with_fc (#71607) 
Because it will break when we introduce a redirection to FranceConnect
to close the FranceConnect session on failure to link.
 2022-11-28 15:05:46 +01:00
Benjamin Dauvergne a8ebccc5aa translation update (#69989) 2022-11-28 15:05:01 +01:00
Benjamin Dauvergne 9171c30feb auth_fc: show warning on password change page if user is linked to FranceConnect (#69989) 2022-11-28 15:05:01 +01:00
Benjamin Dauvergne 89b526066d auth_fc: store id_token in session when linking (#69989) 
Password change view is hidden only if the current session was opened
with FranceConnect and if the id_token is visible in the session, this
change will enforce the second condition when during the same session
the account is unlinked and linked again to FranceConnect.

It will also permit to launch a logout if the link fails.
 2022-11-28 15:05:01 +01:00
Paul Marillonnet 5a821a8883 a2_rbac: add global management role for api clients (#71267) 
ou-wise api-client management roles will be added in #71275.
 2022-11-28 09:12:47 +01:00