Paul Marillonnet
3582bad6b3
views: make sms code trigger a standard registration finalization ( #69223 )
2022-12-12 16:10:15 +01:00
Paul Marillonnet
26f9d2098d
add a page for users to input their sms registration code ( #69223 )
2022-12-12 16:10:15 +01:00
Paul Marillonnet
e35275fe45
use phone number as registration means in form validation ( #69223 )
2022-12-12 16:09:15 +01:00
Paul Marillonnet
d40f5d382c
utils: add registration sms code sending logic ( #69223 )
2022-12-12 16:09:15 +01:00
Paul Marillonnet
c9906d4a62
app_settings: add sms-related authentic2 settings ( #69223 )
2022-12-12 15:11:47 +01:00
Paul Marillonnet
bd17c8915a
add sms code model ( #69223 )
2022-12-12 15:11:47 +01:00
Paul Marillonnet
ff50dcf4f0
utils/misc: add sms code creation utilitary function ( #69223 )
2022-12-12 15:11:47 +01:00
Paul Marillonnet
2741f474b0
add sms code related settings ( #69223 )
2022-12-12 15:11:47 +01:00
Paul Marillonnet
57da31b3f7
registration: display phone number in form ( #69223 )
2022-12-12 15:11:47 +01:00
Valentin Deniaud
728e9a410a
authenticators: add idp configuration info for saml and oidc ( #67987 )
2022-12-12 12:24:43 +01:00
Paul Marillonnet
dad0a9193d
authn: make username required when it is the only identifier ( #72269 )
2022-12-12 12:00:30 +01:00
Valentin Deniaud
a8f3390de8
data_transfer: export new role attributes ( #71844 )
2022-12-12 10:29:58 +01:00
Valentin Deniaud
0ad917ac04
manager: change role parents view title ( #62617 )
2022-12-12 10:29:41 +01:00
Paul Marillonnet
43ccdfea68
custom_user: set email verification sources ( #66054 )
2022-12-12 09:45:45 +01:00
Paul Marillonnet
bf85976e04
translation update ( #65612 )
2022-12-12 09:28:43 +01:00
Paul Marillonnet
8f17030eab
api_views: set api as verification source for custom attributes ( #65612 )
2022-12-12 09:18:34 +01:00
Paul Marillonnet
5cd75e69e5
auth_fc: set fc as verification source for custom attributes ( #65612 )
2022-12-12 09:18:34 +01:00
Paul Marillonnet
9c340c8a5f
manage custom attribute's verification sources ( #65612 )
2022-12-12 09:18:34 +01:00
Paul Marillonnet
1be3b3d57e
translation update ( #49212 )
2022-12-12 08:52:32 +01:00
Paul Marillonnet
f7d6895b94
authentication/forms: add user phone as identifier ( #69221 )
2022-12-12 08:42:45 +01:00
Paul Marillonnet
3086948b0e
csv_import adapt user csv logic to new phone_number kind ( #69365 )
2022-12-09 12:02:52 +01:00
Paul Marillonnet
2c0443d1bf
attribute_kinds: use custom PhoneField for phone_number type ( #69365 )
2022-12-09 11:31:26 +01:00
Paul Marillonnet
62bb199d56
utils/misc: add parse_phone_number_utility ( #69365 )
2022-12-09 11:31:26 +01:00
Paul Marillonnet
9ebd736adb
widgets: use libphonenumbers' local formatting ( #69365 )
2022-12-09 11:31:26 +01:00
Paul Marillonnet
0b6f7e1b80
fields: fix default dial code retrieval in PhoneField ( #69365 )
2022-12-09 11:31:26 +01:00
Paul Marillonnet
29893d530a
ci: limit tox version used while running tests ( #72162 )
2022-12-08 10:15:31 +01:00
Frédéric Péters
7a3d11293f
build: limit to django-ratelimit version ( #71991 )
2022-12-04 17:33:05 +01:00
Frédéric Péters
aae3053b16
translation update
2022-12-01 19:01:52 +01:00
Benjamin Dauvergne
2480687f3f
auth_oidc: show a warning message if target user is already linked to another provider ( #65692 )
2022-12-01 13:00:20 +01:00
Benjamin Dauvergne
855bb179b0
misc: use PIL.Image.Resampling.LANCZOS instead of PIL.Image.LANCZOS ( #71899 )
...
PIL.Image.LANCZOS is deprecated.
2022-12-01 12:00:42 +01:00
Benjamin Dauvergne
3fcbe2198c
django.contrib.postgres's JSONField is deprecated ( #71619 )
2022-12-01 11:54:32 +01:00
Benjamin Dauvergne
5788e9f0cd
NullBooleanField is deprecated since Django 3.1 ( #71619 )
...
It must be replaced by BooleanField(null=True).
2022-12-01 11:54:32 +01:00
Benjamin Dauvergne
896819fce8
tox.ini: remove unused tox dependencies
2022-12-01 11:54:13 +01:00
Benjamin Dauvergne
ea5366ac0d
tox.ini: pass posargs to pylint
2022-12-01 11:54:09 +01:00
Benjamin Dauvergne
4b3bcd0149
settings: set samesite flag on cookies when possible ( #71880 )
2022-12-01 10:00:07 +01:00
Benjamin Dauvergne
d8d29e2daa
settings: set secure flag on cookies ( #71880 )
...
Tests fixes :
* force https scheme in webtest HTTP client
* add secure=True to call with the django HTTP client
* replace http scheme by https in URLs assertions,
* properly use response.form in tests directly using app.post, as CSRF checks on secure connection also test the Referrer
* manually add Referer header in other cases,
2022-12-01 10:00:07 +01:00
Paul Marillonnet
97a5ebf63a
Revert "idp_oidc: add api access and profile […] ( #71820 )" ( #71890 )
...
This reverts commit 9141583b58
.
The (erroneously added) parameters are for Publik's out-of-spec
synchronization purposes, they shouldn't appear on the vanilla OIDC
client configuration interface.
2022-12-01 09:22:55 +01:00
Paul Marillonnet
d62d23203f
auth_fc: discard deprecated scopes ( #71868 )
2022-11-30 12:10:11 +01:00
Valentin Deniaud
8e6a95b6ce
attributes_ng: restore setting superuser flag ( #71855 )
2022-11-29 18:55:27 +01:00
Valentin Deniaud
5f0c03e32f
a2_rbac: move role attributes to real model fields ( #69895 )
2022-11-29 14:05:38 +01:00
Paul Marillonnet
9ba3df609b
translation update
2022-11-29 12:34:35 +01:00
Paul Marillonnet
9141583b58
idp_oidc: add api access and profile management to BO config ( #71820 )
2022-11-29 11:26:43 +01:00
Paul Marillonnet
0c5da1c832
idp_oidc: remove client config through django's admin pages ( #71700 )
...
This removal ensures that OIDC configuration happens through
/manage/ pages as part of Publik's backoffice interface.
2022-11-29 11:09:16 +01:00
Benjamin Dauvergne
d19ac19469
auth_fc: close FranceConnect session when linking fails ( #71607 )
2022-11-28 15:05:46 +01:00
Benjamin Dauvergne
cfefbd553c
tests: do not follow redirects in login_with_fc ( #71607 )
...
Because it will break when we introduce a redirection to FranceConnect
to close the FranceConnect session on failure to link.
2022-11-28 15:05:46 +01:00
Benjamin Dauvergne
a8ebccc5aa
translation update ( #69989 )
2022-11-28 15:05:01 +01:00
Benjamin Dauvergne
9171c30feb
auth_fc: show warning on password change page if user is linked to FranceConnect ( #69989 )
2022-11-28 15:05:01 +01:00
Benjamin Dauvergne
89b526066d
auth_fc: store id_token in session when linking ( #69989 )
...
Password change view is hidden only if the current session was opened
with FranceConnect and if the id_token is visible in the session, this
change will enforce the second condition when during the same session
the account is unlinked and linked again to FranceConnect.
It will also permit to launch a logout if the link fails.
2022-11-28 15:05:01 +01:00
Paul Marillonnet
5a821a8883
a2_rbac: add global management role for api clients ( #71267 )
...
ou-wise api-client management roles will be added in #71275 .
2022-11-28 09:12:47 +01:00
Thomas NOËL
e9ccac7303
MANIFEST.in: add missing auth_fc txt templates ( #71695 )
2022-11-25 00:56:39 +01:00