Benjamin Dauvergne
443c4fa8fd
settings: use cached template loader unless DEBUG is True
2013-12-09 16:02:31 +01:00
Mikaël Ates
c537e228a9
idp/saml, authsaml2: fix lasso method name to process logout response.
2013-12-09 15:42:11 +01:00
Mikaël Ates
0d6b057e29
idp: local logout only need to set a correct next page parameter ( fixes #3859 ).
2013-12-08 17:28:12 +01:00
Mikaël Ates
b83da0d83e
idp: reuse parametrable redirection timeout in logout template.
2013-12-08 17:24:51 +01:00
Mikaël Ates
a9bb695909
idp/saml2_endpoints: load attributes once in sso_after_process_request ( fixes #3377 ).
2013-12-08 17:00:00 +01:00
Mikaël Ates
7db38bb11a
idp/saml2_endpoints: load attributes sooner and send them in decision signal.
2013-12-08 16:22:26 +01:00
Mikaël Ates
1f0845a911
idp/saml2_endpoints: don't use the same variable name for the two kinds of policies.
2013-12-08 16:18:10 +01:00
Benjamin Dauvergne
03a74dbe61
authsaml2: restore use of LibertyIdpOptionsPolicy.want_force_authn_request in setAuthnrequestOptions
2013-12-08 15:40:50 +01:00
Benjamin Dauvergne
f08dfc5a12
authsaml2: do not force the assertionConsumerServiceIndex in setAuthnrequestOptions
2013-12-08 15:32:43 +01:00
Benjamin Dauvergne
d50616690b
settings: set logging level to DEBUG in the syslog handler when DEBUG is True
2013-12-06 08:37:04 +01:00
Benjamin Dauvergne
c02b89e86c
attribute_aggregator: fix bug where a dictionary is reused in user_profile module
2013-12-06 00:17:14 +01:00
Benjamin Dauvergne
c094b7864d
attribute_aggregator: fix loop error in user_profile module
2013-12-06 00:16:32 +01:00
Benjamin Dauvergne
e3d075042f
backends: convert ldap attribute names to str
2013-12-06 00:16:11 +01:00
Benjamin Dauvergne
600ebffa2f
backends: store password and ldap attribute for one full day
2013-12-06 00:15:53 +01:00
Benjamin Dauvergne
61eac6c25b
backends: ldap search function only accepts str not unicode
2013-12-05 22:19:04 +01:00
Benjamin Dauvergne
69d60e952f
attribute_aggregator: if user object has a get_attributes method, try to import those attributes
2013-12-05 16:51:54 +01:00
Benjamin Dauvergne
8ae9003008
backends: add new settings for LDAP servers: attributes, attribute_mappings and attributes_mandatory_values
...
The setting 'attributes' is a list of attribute to retrieve from the
user record.
The setting 'attribute_mappings' gives rule to map some attributes
values to another attribute, it's a list of pair of attribute names:
(from_attribute, to_attribute).
The setting 'attributes_mandatory_values' force some values for some
attributes. It's a dictionary {attribute_name: [attribute_value1,
attribute_value2, ...]}.
2013-12-05 16:48:45 +01:00
Benjamin Dauvergne
9a634543e1
attribute_aggregator: add accessors to retrieve all aliases of a definition and to test if a name is defined
2013-12-05 16:47:29 +01:00
Benjamin Dauvergne
889eb940f7
attribute_aggreator: insert a hack in the attribute signal so that request.user can be accessed from the user profile attribute loader
2013-12-05 16:46:32 +01:00
Benjamin Dauvergne
3737ea69d3
attribute_aggregator: try/except block to prevent UserProfile linked exceptions has become useless
2013-12-05 15:39:34 +01:00
Benjamin Dauvergne
42f00815e4
idp/saml: only save federation when nid_format is persistent, prevent double federation creation when using eduPersonTargetedId
2013-12-04 18:19:50 +01:00
Benjamin Dauvergne
fcdca82f19
update fr translation
2013-12-02 16:21:01 +01:00
Benjamin Dauvergne
18613956bb
templates: add templates for the email change view
2013-11-29 23:50:11 +01:00
Benjamin Dauvergne
f728077522
update fr translation
2013-11-29 17:22:51 +01:00
Benjamin Dauvergne
d4c0cff2ee
views: improve and fix messages around email change
2013-11-29 17:22:28 +01:00
Benjamin Dauvergne
7903fac239
update fr translations
2013-11-29 16:50:24 +01:00
Benjamin Dauvergne
ec9a55c574
idp: add a link to the email change page on the account management page
2013-11-29 16:40:21 +01:00
Benjamin Dauvergne
c2177b844e
update french translations
2013-11-29 16:40:21 +01:00
Benjamin Dauvergne
20062bb2b4
add email change forms and views with email validation
2013-11-29 16:40:21 +01:00
Benjamin Dauvergne
5175741163
views: refer to get_object_or_404 throught its module
2013-11-29 16:40:21 +01:00
Benjamin Dauvergne
d3aadba8c3
saml/common: in load_federation() remove useless debug logs
2013-11-29 16:40:21 +01:00
Benjamin Dauvergne
881e02b162
saml/common: in load_federation() user is mandatory, so add an assertion
2013-11-29 16:40:21 +01:00
Benjamin Dauvergne
fa14d495c8
forms: in UserProfileForm() do not allow editing the email field, it's sensitive
2013-11-29 16:40:21 +01:00
Benjamin Dauvergne
d67b7fe414
forms: in UserProfileForm only mark present field as required
2013-11-29 16:40:21 +01:00
Benjamin Dauvergne
8e2f186fac
setup.py: do not refuser to run when workdir is dirty
2013-11-29 16:40:21 +01:00
Benjamin Dauvergne
434e8288bc
backends: handle ldap server connection errors and log them
2013-11-29 16:40:21 +01:00
Benjamin Dauvergne
93b4777b78
saml: remove obsolete todo
2013-11-29 16:40:21 +01:00
Benjamin Dauvergne
011dc5a08b
saml: add the edupersontargetedid NameID format
...
This format must be used to fake Shibboleth identity provider behaviour around
persistent name identifiers toward Shibboleth service providers.
2013-11-29 16:40:21 +01:00
Benjamin Dauvergne
3a910cbae2
saml: add the username NameID format
...
This NameID format must be used to federate with Google apps.
2013-11-29 16:40:21 +01:00
Benjamin Dauvergne
73f215b469
idp/saml2/saml2_endpoints: simplify fill_assertion
2013-11-29 16:40:21 +01:00
Benjamin Dauvergne
08b54968da
idp/utils: add a get_username method to adapt to new custom user models
2013-11-29 16:40:21 +01:00
Benjamin Dauvergne
6ed15a8991
idp: restrict cleanup to authentic2 models, rename cleanup to cleanupauthentic
2013-11-29 16:40:21 +01:00
Serghei Mihai
666a3bbba3
cleanup for 'empty' federations emitting a signal 'federation_delete'
2013-11-28 17:30:48 +01:00
Benjamin Dauvergne
79804d68c0
idp_openid/models: fix name collision in NonceManager.cleanup()
...
fixes #4003
2013-11-28 10:01:35 +01:00
Benjamin Dauvergne
a9e23b89db
saml: in SessionLinkedManager.cleanup() never clean django sessions
...
fixes #3991
2013-11-27 15:34:19 +01:00
Mikaël Ates
e8d23c6b02
idp_openid: allow to add actions in service list directly with a template.
...
For specific OpenID RP you may want to do a specific action, e.g.
perform a SSO from the IdP.
An easy way for this example is to perform the POST (if any) of the
OpenID login form on the RP. So you can include the html fragment of
this form as an action, e.g.:
<-- my-template.html -->
<form method="post" action="http://rp.example.com/accounts/openid/signin/ ">
<input name="action" value="verify" type="hidden">
<input id="id_openid_url" name="openid_url" value="http://idp.example.com/ " type="hidden">
<input id="openid_submit" value="login" type="submit">
</form>
2013-11-27 13:48:17 +01:00
Mikaël Ates
53cbb3d809
auth2_openid: fix last commit.
2013-11-27 13:11:19 +01:00
Mikaël Ates
389cfa1e9c
auth2_openid: message passed to on_failure is a list.
2013-11-27 12:48:45 +01:00
Mikaël Ates
fca34410c2
auth2_openid: fix dissociation page, deprecated message_set and undeclared redirect_to shortcut.
2013-11-27 12:27:13 +01:00
Mikaël Ates
f082e730de
auth2_openid: minor changes in few templates and bits of translation.
2013-11-27 12:09:49 +01:00