entrouvert
/
authentic
16
0
Fork 0
Code Issues Pull Requests 35 Releases Activity
5,345 Commits 190 Branches 448 Tags 29 MiB
Commit Graph

106 Commits

Author SHA1 Message Date
Benjamin Dauvergne cbd43d4f4c auth fc: make fc_display_name more resilient (#47566) 2020-10-28 23:33:08 +01:00
Benjamin Dauvergne 41b97f0bb2 misc: validate and use a real identifier for services (#45672) 2020-09-03 11:55:13 +02:00
Benjamin Dauvergne 442dc74bab misc: use long duration cookie to check for cookie support in browser (#44055) 2020-06-26 12:02:38 +02:00
Benjamin Dauvergne cc3b90eab9 auth_fc: check current user is authenticated (#43970) 
Uniqueness can fail on linking of current account but also on creation
of a new account *if* FC sub is already linked to an inactive account.
 2020-06-12 15:32:09 +02:00
Benjamin Dauvergne eb83cad1f5 auth_fc: do not resolve next url (#42822) 2020-05-15 15:35:48 +02:00
Benjamin Dauvergne a5e372707e misc: test cookies are working in login view (#42280) 
It's also tested in auth-fc login view.
 2020-05-07 18:36:53 +02:00
Benjamin Dauvergne b439593203 auth_fc: make user and sub relatively unique (#19959) 
As we are not sure they are unique in all deployments, we make them
unique relative to a new order integer field. New federations with
FranceConnect with be forced to have the column order to be 0, making
them unique.
 2020-04-27 18:09:03 +02:00
Paul Marillonnet 6ac5e1646a auth_fc: http util signature variation (#41238) 2020-04-27 14:34:56 +02:00
Paul Marillonnet 1da5389209 dj2.2: user.is_authenticated is not a callable anymore (#41238) 2020-04-27 14:34:56 +02:00
Paul Marillonnet 8804de70b7 dj2:2: fix 'reverse' import (#41238) 2020-04-27 14:34:24 +02:00
Benjamin Dauvergne 79134e00fb auth_fc: log transport format/errors as errors (#40862) 2020-03-27 17:24:35 +01:00
Benjamin Dauvergne 77cda88658 auth_fc: set session to expire at browser close on login (#40479) 2020-03-16 11:36:48 +01:00
Paul Marillonnet dc58feac77 python3: use url-parsing utilities from django (#28276) 2020-03-03 22:34:17 +01:00
Benjamin Dauvergne 27f4e2b13e auth2_fc: set default scopes to profile and email (#39231) 
And move default value to app_settings file. Support for FC data
provider had to be modified.
 2020-01-27 17:58:31 +01:00
Benjamin Dauvergne c561651d4f auth2_fc: display an error message on misc error code (#38748) 
An error message is displayed after receiving an error code from FC
different from access_denied. The same error code is logged at level
ERROR instead of DEBUG.
 2020-01-03 11:55:32 +01:00
Benjamin Dauvergne 00aae04963 auth_fc: force acr_values to eidas1 (#34448) 2019-07-03 19:56:25 +02:00
Benjamin Dauvergne 27702e72c7 add request as first argument to all backends (#33992) 2019-07-02 12:49:28 +02:00
Benjamin Dauvergne 30dc69eeb5 views: do not set password on unlink for LDAP users (#24710) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 95d59c86d0 views: clean FranceConnect session variable on unlink (#32953) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 1c40ec3f41 adapts to spring cleaning in authentic (#32866) 
See #32934.
 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 338b02cd99 py3ize obviously non-compatible code (#32866) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 72d48a8326 add copyright headers (#32866) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 0525533f85 views: search email case insensitively (fixes #29007) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 1b8ee0a38a launch tests with Django 1.11 (fixes #27095) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 929b58d989 views: pass service field to fc login post registration (fixes #21908) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne a041be4668 keep authentication context (fixes #21908) 
- simplify and reorganize login templates,
- URL are not built inside templates anymore,
- we have now 3 different templates:
  - login.html for the login page
  - registration.html for the registration page
  - linking.html for the account page
- using feature from #25623, authentication_method is kept by the
  registration view.
- the service slug is correctly threaded between every views.
- explanations about FranceConnect are now done in a common template
  "explanation.html".
- restore popup mode, use it through setting A2_FC_POPUP=True, it works
  for:
  - login and login with registration (workflow for login with
    registration is a bit complicated),
  - registration,
  - and linking (linking your existing to FC through the "My account"
   page)
  unlinking is not handled with a popup.
 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 1995891e5f views: ask for new passord on unlink only if logged using FC (#24835) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne e688ba4076 views: prevent None success URL in unlink view (fixes #24708) 
Logout URL to FC can be None if the current session was not opened
through an FC authentication.
 2019-05-31 14:51:55 +02:00
Frédéric Péters 21b4f96e8d do not allow unauthenticated access to unlink page (fixes #22405) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 10337ad952 locale: update french translations for release 0.10 (fixes #21874) 
email was replaced by « adresse de courriel » everywhere.
 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne c0f2d4d940 views: show warning to users with a mail linked to another FC account (fixes #21292) 
The warning will help them connect their FC account to normally
registered account.
 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne a8cc9cc6ac retry HTTP requests 3 times (fixes #21783) 
Retry is applied to access token request and user info requests (through
OAuth2Session). There is a small exponential backoff of 0.5 and 1s.

Also decrease log level of message for failure of retrieval of the
access token or the user info to the level WARNING, that's never been a
problem for the user, as he was correctly redirected to its origin
(usually and IdP endpoint).
 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne e4a6e58b06 add support for service slugs on login 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 7fb822048e fix login with a non-unique email where an account linked to another FC account already exists 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne b5b1749dd8 augment timeout on POST to FC to 10 seconds (fixes #21596) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 7a76b9e951 add request to fc-link hook (fixes #20288) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 6bce73ec97 call a2 hooks for linking and unlinking events (fixes #20228) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 3594460be5 views: change messages levels (#20078) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 8c3387c459 views: do not permit linking if the user has already a link to FC (#20078) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 387252a3d0 views: forbid automatic linking based on email if multiples users are found or if target user has already a link (fixes #20078) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne ccb4db5a21 always unlink from all FC accounts (fixes #19947) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 4894bb1f57 views: force fc-register to always redirect post registration to fc-login-or-link (fixes #19270) 
Without it linking to FC does not happen
 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne a55a6f5b45 views: block DisplayMessageBeforeRedirectMiddleware on redirect to FC (fixes #19247) 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 2b333eb18c django 1.9 compatibility 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 20de25fe0e views: automatically link user with existing email if email is unique (fixes #18763) 
Email must be unique if settings.A2_EMAIL_IS_UNIQUE is True or
get_default_ou().email_is_unique is True.
 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne 219e0ce884 views: remove dead code 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne c05bb4804f views: add setting for FC scopes 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne be4a827dce indicate registration URL is coming from france connect module 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne e11e14605c redirect to auth_logout if no post logout redirect URI is found 2019-05-31 14:51:55 +02:00
Benjamin Dauvergne fecfd38f9e do not logout from local session on unlink (bis #17331) 
Fix bug introduced in previous commit.
 2019-05-31 14:51:55 +02:00