entrouvert
/
authentic
16
0
Fork 0
Code Issues Pull Requests 33 Releases Activity
220 Commits 188 Branches 445 Tags 29 MiB
Commit Graph

220 Commits

Author SHA1 Message Date
Benjamin Dauvergne 54ba992b15 views: remove dead code 2017-07-28 16:58:04 +02:00
Benjamin Dauvergne 9f3ec479ad utils: allow referencing a sub object of user_info in attribute mapping 2017-07-28 16:57:56 +02:00
Benjamin Dauvergne d5c76ccee0 views: add setting for FC scopes 2017-07-28 16:57:45 +02:00
Benjamin Dauvergne 8aed0278c3 backends: fix logging of unicode strings 2017-07-26 19:05:38 +02:00
Benjamin Dauvergne 44d8bfb472 utils: fix mapping of user attributes 2017-07-18 19:29:37 +02:00
Benjamin Dauvergne 2ee9cc3a7d setup.py: distribute insee files 2017-07-18 00:44:30 +02:00
Benjamin Dauvergne e32a2acd58 indicate registration URL is coming from france connect module 2017-07-11 16:45:51 +02:00
Benjamin Dauvergne fb59436835 redirect to auth_logout if no post logout redirect URI is found 2017-07-11 16:45:25 +02:00
Benjamin Dauvergne 4e09a681ce fix typo introduced in commit a7677f4bc0 (#17331) 2017-07-11 16:24:03 +02:00
Serghei 6bf6ff6c8c templates: use different ids for link and its container (#17421) 2017-07-06 18:59:08 +02:00
Josue Kouka ffdf6047dc allow fc unlinking through api (#15297) 2017-07-05 15:33:05 +02:00
Benjamin Dauvergne a7677f4bc0 do not logout from local session on unlink (bis #17331) 
Fix bug introduced in previous commit.
 2017-07-05 09:59:39 +02:00
Benjamin Dauvergne 212d41fdbe do not logout from local session on unlink (fixes #17331) 2017-07-04 12:06:26 +02:00
Benjamin Dauvergne 9587e13780 fix issuer check 2017-06-22 13:41:22 +02:00
Benjamin Dauvergne 68fdf61c9a use only underscores in session variables to allow access from templates 2017-06-21 11:16:51 +02:00
Benjamin Dauvergne 6461daab81 setup.py: change compile_translations to work with tox 2017-06-15 18:46:27 +02:00
Benjamin Dauvergne c91411d8be improve reporting of error on access token requests 2017-06-15 18:46:27 +02:00
Benjamin Dauvergne 9ee35f8e19 validate id_token 
Signature is validated, exp, aud and iis fields are checked.

Also add tests using tox and py.test. Proper validation of signature is verified
using jwcrypto.
 2017-06-15 18:46:27 +02:00
Benjamin Dauvergne 690fde2f6b use state as nonce and check nonce returned in id_token 2017-06-14 09:43:41 +02:00
Benjamin Dauvergne 6a57e1f0ec add missing data files insee-communes.json and insee-countries.json 2017-06-14 09:36:54 +02:00
Benjamin Dauvergne ecd2af964f pep8ness 2017-06-14 09:35:53 +02:00
Benjamin Dauvergne 27642283cc generate a random state linked to the session 
Instead of encoding the redirect_uri in the state we:
* generate a random state with 128 bits of entropy
* store the state and the redirect_uri in the session
* verify that the state exist when receivng the callback
* retrieving the redirect_uri linked to this state from the session
 2017-06-14 09:35:41 +02:00
Benjamin Dauvergne d888f1f8ac set confirm_data="required" when auto_register is used (fixes #16771) 
When auto_register is used, users should not see the registration page at all,
even if optionnal attribute fields are unfilled.
 2017-06-08 17:12:48 +02:00
Benjamin Dauvergne 7b0517e1dd redirect to logout on unlink 2017-03-21 17:02:59 +01:00
Benjamin Dauvergne 321651c6b2 do not log an error for normal oauth2 errors 
Such error happens when authorization code is out of date or already used.
 2017-03-21 11:02:26 +01:00
Benjamin Dauvergne f0a7266451 improve mapping of FC attributes to A2 attributes (#10062) 2017-03-21 11:02:26 +01:00
Benjamin Dauvergne 74aadc0508 pep8ness 2017-03-07 11:32:12 +01:00
Benjamin Dauvergne 5d422c2296 always return to /logout/ after FC logout (fixes #15223) 2017-03-07 11:32:12 +01:00
Benjamin Dauvergne a141b520a7 update french translation 2017-02-02 21:24:26 +01:00
Benjamin Dauvergne c486ec1050 use authentic2.utils.login instead of django.contrib.auth.login (fixes #14338) 2016-12-16 18:43:28 +01:00
Benjamin Dauvergne ae6ddcc35e fix deprecation warning about get_cache() 
Since Django 1.8 get_cache() is deprecated in favor of caches[].
 2016-10-21 20:54:28 +02:00
Frédéric Péters c64df77a6e style: don't let button oversize its container (#13216) 2016-09-19 08:45:08 +02:00
Frédéric Péters 166c31a161 add a brief explanation after "what is franceconnect?" (#13174) 2016-09-14 09:35:45 +02:00
Frédéric Péters bd894374cd add initial migration (#13077) 2016-09-06 14:32:26 +02:00
Mikaël Ates c97337a125 Update official about link. 2016-06-20 16:18:09 +02:00
Mikaël Ates 277c428778 Fix bad version number in last commit. 2016-06-16 15:28:28 +02:00
Mikaël Ates 7a3e9983e1 Update dependency to authentic2. 2016-06-16 15:15:57 +02:00
Mikaël Ates c2af4c9770 Move registration frontend method to the Frontend (fixes #11351). 
Needs authentic2 >= v2.1.20-1010.
 2016-06-16 14:36:31 +02:00
Mikaël Ates 40ff5afd57 Hide linking button on profile frontend if the user is already linked (fixes #11328). 2016-06-16 09:23:54 +02:00
Mikaël Ates b4f0b51777 Add email in linking message (fixes #10912). 2016-05-13 17:06:00 +02:00
Mikaël Ates bea99539f5 Improve wording on unlinking page. 2016-05-12 17:34:40 +02:00
Mikaël Ates 8becabe272 Fix bad translation. 2016-05-04 13:10:23 +02:00
Mikaël Ates 2ed8588583 Prevent to add a link with an FC account already linked with another user (fixes #10791). 2016-05-04 11:42:50 +02:00
Mikaël Ates ca29f7564a Remove obsolete setting. 2016-04-29 18:24:11 +02:00
Mikaël Ates ff30392ddc Hide unlinking link if the user has no password and can't set it (fixes #10775). 2016-04-29 18:24:11 +02:00
Mikaël Ates 121e62a9e8 Prevent unlinking if the user has no password and can't set it (fixes #10775). 
Unlinking is now prevented if the user has no usable password and can't
    change it because A2_REGISTRATION_CAN_CHANGE_PASSWORD is False.
    For now it is thus assumed that the password is the unique other mean of
    authentication and unlinking would make the account unreachable.

    Also use A2_REGISTRATION_SET_PASSWORD_FORM_CLASS setting instead of
    importing the form.
 2016-04-29 18:24:11 +02:00
Mikaël Ates 922d075236 Update login or create account message. 2016-04-15 15:38:14 +02:00
Mikaël Ates d3d9aab919 Ask password at unlinking when the user has no usable password (fixes #10524) (ter). 2016-04-14 10:44:13 +02:00
Mikaël Ates 5704e98495 Ask password at unlinking when the user has no usable password (fixes #10524) (bis). 2016-04-14 10:21:08 +02:00
Mikaël Ates f1b2ced61b Ask password at unlinking when the user has no usable password (fixes #10524). 2016-04-13 23:03:31 +02:00