entrouvert
/
authentic
16
0
Fork 0
Code Issues Pull Requests 35 Releases Activity
1,494 Commits 190 Branches 448 Tags 29 MiB
Commit Graph

1494 Commits

Author SHA1 Message Date
Benjamin Dauvergne 443c4fa8fd settings: use cached template loader unless DEBUG is True 2013-12-09 16:02:31 +01:00
Mikaël Ates c537e228a9 idp/saml, authsaml2: fix lasso method name to process logout response. 2013-12-09 15:42:11 +01:00
Mikaël Ates 0d6b057e29 idp: local logout only need to set a correct next page parameter (fixes #3859). 2013-12-08 17:28:12 +01:00
Mikaël Ates b83da0d83e idp: reuse parametrable redirection timeout in logout template. 2013-12-08 17:24:51 +01:00
Mikaël Ates a9bb695909 idp/saml2_endpoints: load attributes once in sso_after_process_request (fixes #3377). 2013-12-08 17:00:00 +01:00
Mikaël Ates 7db38bb11a idp/saml2_endpoints: load attributes sooner and send them in decision signal. 2013-12-08 16:22:26 +01:00
Mikaël Ates 1f0845a911 idp/saml2_endpoints: don't use the same variable name for the two kinds of policies. 2013-12-08 16:18:10 +01:00
Benjamin Dauvergne 03a74dbe61 authsaml2: restore use of LibertyIdpOptionsPolicy.want_force_authn_request in setAuthnrequestOptions 2013-12-08 15:40:50 +01:00
Benjamin Dauvergne f08dfc5a12 authsaml2: do not force the assertionConsumerServiceIndex in setAuthnrequestOptions 2013-12-08 15:32:43 +01:00
Benjamin Dauvergne d50616690b settings: set logging level to DEBUG in the syslog handler when DEBUG is True 2013-12-06 08:37:04 +01:00
Benjamin Dauvergne c02b89e86c attribute_aggregator: fix bug where a dictionary is reused in user_profile module 2013-12-06 00:17:14 +01:00
Benjamin Dauvergne c094b7864d attribute_aggregator: fix loop error in user_profile module 2013-12-06 00:16:32 +01:00
Benjamin Dauvergne e3d075042f backends: convert ldap attribute names to str 2013-12-06 00:16:11 +01:00
Benjamin Dauvergne 600ebffa2f backends: store password and ldap attribute for one full day 2013-12-06 00:15:53 +01:00
Benjamin Dauvergne 61eac6c25b backends: ldap search function only accepts str not unicode 2013-12-05 22:19:04 +01:00
Benjamin Dauvergne 69d60e952f attribute_aggregator: if user object has a get_attributes method, try to import those attributes 2013-12-05 16:51:54 +01:00
Benjamin Dauvergne 8ae9003008 backends: add new settings for LDAP servers: attributes, attribute_mappings and attributes_mandatory_values 
The setting 'attributes' is a list of attribute to retrieve from the
user record.

The setting 'attribute_mappings' gives rule to map some attributes
values to another attribute, it's a list of pair of attribute names:
(from_attribute, to_attribute).

The setting 'attributes_mandatory_values' force some values for some
attributes. It's a dictionary {attribute_name: [attribute_value1,
attribute_value2, ...]}.
 2013-12-05 16:48:45 +01:00
Benjamin Dauvergne 9a634543e1 attribute_aggregator: add accessors to retrieve all aliases of a definition and to test if a name is defined 2013-12-05 16:47:29 +01:00
Benjamin Dauvergne 889eb940f7 attribute_aggreator: insert a hack in the attribute signal so that request.user can be accessed from the user profile attribute loader 2013-12-05 16:46:32 +01:00
Benjamin Dauvergne 3737ea69d3 attribute_aggregator: try/except block to prevent UserProfile linked exceptions has become useless 2013-12-05 15:39:34 +01:00
Benjamin Dauvergne 42f00815e4 idp/saml: only save federation when nid_format is persistent, prevent double federation creation when using eduPersonTargetedId 2013-12-04 18:19:50 +01:00
Benjamin Dauvergne fcdca82f19 update fr translation 2013-12-02 16:21:01 +01:00
Benjamin Dauvergne 18613956bb templates: add templates for the email change view 2013-11-29 23:50:11 +01:00
Benjamin Dauvergne f728077522 update fr translation 2013-11-29 17:22:51 +01:00
Benjamin Dauvergne d4c0cff2ee views: improve and fix messages around email change 2013-11-29 17:22:28 +01:00
Benjamin Dauvergne 7903fac239 update fr translations 2013-11-29 16:50:24 +01:00
Benjamin Dauvergne ec9a55c574 idp: add a link to the email change page on the account management page 2013-11-29 16:40:21 +01:00
Benjamin Dauvergne c2177b844e update french translations 2013-11-29 16:40:21 +01:00
Benjamin Dauvergne 20062bb2b4 add email change forms and views with email validation 2013-11-29 16:40:21 +01:00
Benjamin Dauvergne 5175741163 views: refer to get_object_or_404 throught its module 2013-11-29 16:40:21 +01:00
Benjamin Dauvergne d3aadba8c3 saml/common: in load_federation() remove useless debug logs 2013-11-29 16:40:21 +01:00
Benjamin Dauvergne 881e02b162 saml/common: in load_federation() user is mandatory, so add an assertion 2013-11-29 16:40:21 +01:00
Benjamin Dauvergne fa14d495c8 forms: in UserProfileForm() do not allow editing the email field, it's sensitive 2013-11-29 16:40:21 +01:00
Benjamin Dauvergne d67b7fe414 forms: in UserProfileForm only mark present field as required 2013-11-29 16:40:21 +01:00
Benjamin Dauvergne 8e2f186fac setup.py: do not refuser to run when workdir is dirty 2013-11-29 16:40:21 +01:00
Benjamin Dauvergne 434e8288bc backends: handle ldap server connection errors and log them 2013-11-29 16:40:21 +01:00
Benjamin Dauvergne 93b4777b78 saml: remove obsolete todo 2013-11-29 16:40:21 +01:00
Benjamin Dauvergne 011dc5a08b saml: add the edupersontargetedid NameID format 
This format must be used to fake Shibboleth identity provider behaviour around
persistent name identifiers toward Shibboleth service providers.
 2013-11-29 16:40:21 +01:00
Benjamin Dauvergne 3a910cbae2 saml: add the username NameID format 
This NameID format must be used to federate with Google apps.
 2013-11-29 16:40:21 +01:00
Benjamin Dauvergne 73f215b469 idp/saml2/saml2_endpoints: simplify fill_assertion 2013-11-29 16:40:21 +01:00
Benjamin Dauvergne 08b54968da idp/utils: add a get_username method to adapt to new custom user models 2013-11-29 16:40:21 +01:00
Benjamin Dauvergne 6ed15a8991 idp: restrict cleanup to authentic2 models, rename cleanup to cleanupauthentic 2013-11-29 16:40:21 +01:00
Serghei Mihai 666a3bbba3 cleanup for 'empty' federations emitting a signal 'federation_delete' 2013-11-28 17:30:48 +01:00
Benjamin Dauvergne 79804d68c0 idp_openid/models: fix name collision in NonceManager.cleanup() 
fixes #4003
 2013-11-28 10:01:35 +01:00
Benjamin Dauvergne a9e23b89db saml: in SessionLinkedManager.cleanup() never clean django sessions 
fixes #3991
 2013-11-27 15:34:19 +01:00
Mikaël Ates e8d23c6b02 idp_openid: allow to add actions in service list directly with a template. 
For specific OpenID RP you may want to do a specific action, e.g.
    perform a SSO from the IdP.

    An easy way for this example is to perform the POST (if any) of the
    OpenID login form on the RP. So you can include the html fragment of
    this form as an action, e.g.:

    <-- my-template.html -->
    <form method="post" action="http://rp.example.com/accounts/openid/signin/">
    <input name="action" value="verify" type="hidden">
    <input id="id_openid_url" name="openid_url" value="http://idp.example.com/" type="hidden">
    <input id="openid_submit" value="login" type="submit">
    </form>
 2013-11-27 13:48:17 +01:00
Mikaël Ates 53cbb3d809 auth2_openid: fix last commit. 2013-11-27 13:11:19 +01:00
Mikaël Ates 389cfa1e9c auth2_openid: message passed to on_failure is a list. 2013-11-27 12:48:45 +01:00
Mikaël Ates fca34410c2 auth2_openid: fix dissociation page, deprecated message_set and undeclared redirect_to shortcut. 2013-11-27 12:27:13 +01:00
Mikaël Ates f082e730de auth2_openid: minor changes in few templates and bits of translation. 2013-11-27 12:09:49 +01:00