entrouvert
/
authentic
16
0
Fork 0
Code Issues Pull Requests 33 Releases Activity
233 Commits 188 Branches 447 Tags 29 MiB
Commit Graph

233 Commits

Author SHA1 Message Date
Benjamin Dauvergne b9987366ca views: force fc-register to always redirect post registration to fc-login-or-link (fixes #19270) 
Without it linking to FC does not happen
 2017-10-09 15:15:04 +02:00
Benjamin Dauvergne 73c774d1b2 utils: allow a mapping to depend from another using tags (fixes #19251) 2017-10-06 14:26:51 +02:00
Benjamin Dauvergne 4c9dab9784 utils: add an if-empty modifier to only set a value from FC if the existing value is empty (fixes #19250) 2017-10-06 14:26:03 +02:00
Benjamin Dauvergne 9789aca728 utils: normalize mapping in apply_user_info_mappings (#19250) 2017-10-06 14:25:58 +02:00
Benjamin Dauvergne 5dcdf8ead8 views: block DisplayMessageBeforeRedirectMiddleware on redirect to FC (fixes #19247) 2017-10-06 13:15:15 +02:00
Benjamin Dauvergne 39ea7fb75c utils: add a notempty transformation for attribute mappings (fixes #19233) 2017-10-05 15:33:08 +02:00
Benjamin Dauvergne 0597b3e27e django 1.9 compatibility 2017-09-19 16:45:30 +02:00
Benjamin Dauvergne 48f4210106 backends: always create new accounts in the default OU (fixes #18764) 2017-09-19 16:45:30 +02:00
Benjamin Dauvergne 6249926666 views: automatically link user with existing email if email is unique (fixes #18763) 
Email must be unique if settings.A2_EMAIL_IS_UNIQUE is True or
get_default_ou().email_is_unique is True.
 2017-09-19 16:45:30 +02:00
Benjamin Dauvergne 4fb66cc6fb models: check issuer using only URL scheme and netloc (fixes #18766) 2017-09-18 17:18:12 +02:00
Benjamin Dauvergne d36f1110d3 tests: test with non ASCII characters 2017-09-18 17:18:12 +02:00
Benjamin Dauvergne 7a91aa07cb utils: do not set absent references to None, ignore them instead (fixes #18765) 2017-09-18 17:18:12 +02:00
Frédéric Péters 8e68ccdef1 style: switch to extra-body-class for custom body class (#17983) 2017-08-12 17:50:35 +02:00
Benjamin Dauvergne 54ba992b15 views: remove dead code 2017-07-28 16:58:04 +02:00
Benjamin Dauvergne 9f3ec479ad utils: allow referencing a sub object of user_info in attribute mapping 2017-07-28 16:57:56 +02:00
Benjamin Dauvergne d5c76ccee0 views: add setting for FC scopes 2017-07-28 16:57:45 +02:00
Benjamin Dauvergne 8aed0278c3 backends: fix logging of unicode strings 2017-07-26 19:05:38 +02:00
Benjamin Dauvergne 44d8bfb472 utils: fix mapping of user attributes 2017-07-18 19:29:37 +02:00
Benjamin Dauvergne 2ee9cc3a7d setup.py: distribute insee files 2017-07-18 00:44:30 +02:00
Benjamin Dauvergne e32a2acd58 indicate registration URL is coming from france connect module 2017-07-11 16:45:51 +02:00
Benjamin Dauvergne fb59436835 redirect to auth_logout if no post logout redirect URI is found 2017-07-11 16:45:25 +02:00
Benjamin Dauvergne 4e09a681ce fix typo introduced in commit a7677f4bc0 (#17331) 2017-07-11 16:24:03 +02:00
Serghei 6bf6ff6c8c templates: use different ids for link and its container (#17421) 2017-07-06 18:59:08 +02:00
Josue Kouka ffdf6047dc allow fc unlinking through api (#15297) 2017-07-05 15:33:05 +02:00
Benjamin Dauvergne a7677f4bc0 do not logout from local session on unlink (bis #17331) 
Fix bug introduced in previous commit.
 2017-07-05 09:59:39 +02:00
Benjamin Dauvergne 212d41fdbe do not logout from local session on unlink (fixes #17331) 2017-07-04 12:06:26 +02:00
Benjamin Dauvergne 9587e13780 fix issuer check 2017-06-22 13:41:22 +02:00
Benjamin Dauvergne 68fdf61c9a use only underscores in session variables to allow access from templates 2017-06-21 11:16:51 +02:00
Benjamin Dauvergne 6461daab81 setup.py: change compile_translations to work with tox 2017-06-15 18:46:27 +02:00
Benjamin Dauvergne c91411d8be improve reporting of error on access token requests 2017-06-15 18:46:27 +02:00
Benjamin Dauvergne 9ee35f8e19 validate id_token 
Signature is validated, exp, aud and iis fields are checked.

Also add tests using tox and py.test. Proper validation of signature is verified
using jwcrypto.
 2017-06-15 18:46:27 +02:00
Benjamin Dauvergne 690fde2f6b use state as nonce and check nonce returned in id_token 2017-06-14 09:43:41 +02:00
Benjamin Dauvergne 6a57e1f0ec add missing data files insee-communes.json and insee-countries.json 2017-06-14 09:36:54 +02:00
Benjamin Dauvergne ecd2af964f pep8ness 2017-06-14 09:35:53 +02:00
Benjamin Dauvergne 27642283cc generate a random state linked to the session 
Instead of encoding the redirect_uri in the state we:
* generate a random state with 128 bits of entropy
* store the state and the redirect_uri in the session
* verify that the state exist when receivng the callback
* retrieving the redirect_uri linked to this state from the session
 2017-06-14 09:35:41 +02:00
Benjamin Dauvergne d888f1f8ac set confirm_data="required" when auto_register is used (fixes #16771) 
When auto_register is used, users should not see the registration page at all,
even if optionnal attribute fields are unfilled.
 2017-06-08 17:12:48 +02:00
Benjamin Dauvergne 7b0517e1dd redirect to logout on unlink 2017-03-21 17:02:59 +01:00
Benjamin Dauvergne 321651c6b2 do not log an error for normal oauth2 errors 
Such error happens when authorization code is out of date or already used.
 2017-03-21 11:02:26 +01:00
Benjamin Dauvergne f0a7266451 improve mapping of FC attributes to A2 attributes (#10062) 2017-03-21 11:02:26 +01:00
Benjamin Dauvergne 74aadc0508 pep8ness 2017-03-07 11:32:12 +01:00
Benjamin Dauvergne 5d422c2296 always return to /logout/ after FC logout (fixes #15223) 2017-03-07 11:32:12 +01:00
Benjamin Dauvergne a141b520a7 update french translation 2017-02-02 21:24:26 +01:00
Benjamin Dauvergne c486ec1050 use authentic2.utils.login instead of django.contrib.auth.login (fixes #14338) 2016-12-16 18:43:28 +01:00
Benjamin Dauvergne ae6ddcc35e fix deprecation warning about get_cache() 
Since Django 1.8 get_cache() is deprecated in favor of caches[].
 2016-10-21 20:54:28 +02:00
Frédéric Péters c64df77a6e style: don't let button oversize its container (#13216) 2016-09-19 08:45:08 +02:00
Frédéric Péters 166c31a161 add a brief explanation after "what is franceconnect?" (#13174) 2016-09-14 09:35:45 +02:00
Frédéric Péters bd894374cd add initial migration (#13077) 2016-09-06 14:32:26 +02:00
Mikaël Ates c97337a125 Update official about link. 2016-06-20 16:18:09 +02:00
Mikaël Ates 277c428778 Fix bad version number in last commit. 2016-06-16 15:28:28 +02:00
Mikaël Ates 7a3e9983e1 Update dependency to authentic2. 2016-06-16 15:15:57 +02:00