entrouvert
/
authentic
16
0
Fork 0
Code Issues Pull Requests 35 Releases Activity
4,795 Commits 190 Branches 448 Tags 29 MiB
Commit Graph

491 Commits

Author SHA1 Message Date
Paul Marillonnet a6dba11961 python3: oidc client jwk secret encoding in tests (#32447) 2020-02-06 11:22:14 +01:00
Paul Marillonnet 45ef1177b7 python3: encode oidc authn test claims (#32452) 2020-02-06 10:37:30 +01:00
Paul Marillonnet 1f19c39df9 python3: ascii-decode user credentials for register API testing (#32451) 2020-02-06 10:34:30 +01:00
Paul Marillonnet 1bbe769778 python3: enforce text type on django's HttpResponse.content (#32450) 2020-02-06 10:30:36 +01:00
Paul Marillonnet ac65fa8c4f python3: explicit file opening mode (#32448) 2020-02-06 10:21:58 +01:00
Paul Marillonnet 89f1a4fd76 idp_oidc: py3-compliant authn header encoding in tests (#32446) 2020-02-06 10:18:43 +01:00
Paul Marillonnet 9c9db933f6 python3: define a base64 decoding exception (#31180) 2020-02-06 10:15:45 +01:00
Paul Marillonnet 2c3d0e5898 idp_oidc: add ou selection on ropc grant (#39383) 2020-02-03 15:48:33 +01:00
Valentin Deniaud 86fe3b2958 manager: replace invalid widget split term operator (#39380) 2020-02-03 10:07:23 +01:00
Benjamin Dauvergne 64abfdca0c auth2_fc: set novalidate on unlink cancel button (#39445) 2020-01-31 12:09:09 +01:00
Lauréline Guérin f03e3aae66
ldap: do not fail if Role.MultipleObjectsReturned is raised (#39274) 2020-01-30 11:16:41 +01:00
Frédéric Péters 82532d5bd2 tests: disable kerberos plugin that coud be parallel-installed (#39393) 2020-01-29 16:08:19 +01:00
Benjamin Dauvergne 27f4e2b13e auth2_fc: set default scopes to profile and email (#39231) 
And move default value to app_settings file. Support for FC data
provider had to be modified.
 2020-01-27 17:58:31 +01:00
Paul Marillonnet dda27fe488 idp_oidc: support oauth2 resource owner password credential grant (#35205) 2020-01-24 14:38:42 +01:00
Serghei Mihai ba597c14d5 auth_saml: allow custom template for each idp login block (#39154) 2020-01-22 11:00:18 +01:00
Valentin Deniaud abed3fa8cc views: better display password reset instructions (#38054) 2020-01-15 16:36:05 +01:00
Serghei Mihai a2c3bc9cce auth_saml: separate idps blocks on login page (#38248) 2019-12-19 15:39:48 +01:00
Thomas NOËL ad3f27ef3c registration: show only email address in post-registration message (#37923) 2019-12-11 14:41:59 +01:00
Thomas NOËL f17dad5213 registration: simplify post-registration message (#38053) 2019-12-11 13:51:07 +01:00
Benjamin Dauvergne 94f4ec8c7d authenticators: add easy accesible OU based on service's ACL (#36783) 
It replaces changes from #35213. OU are added after OU remembered
through cookies; they are ordered based on their user subset's count
(how many of their users can access the targeted service).
 2019-12-05 12:30:09 +01:00
Serghei Mihai 216323c7ad auth: separate OIDC providers in blocks on login page (#31259) 2019-11-29 10:06:52 +01:00
Thomas NOËL 0fc5a97113 crypto: use pycrytodomex, replace Crypto with Cryptodome (#38017) 
mainly because Debian python-cryptodome package use pycrytodomex, which
is a library independent of the old PyCrypto, available under the
Cryptodome name.
 2019-11-28 14:25:33 +01:00
Paul Marillonnet 2cc2cf4200 tests: drop partial sqlite support 2019-11-21 17:02:06 +01:00
Valentin Deniaud 2936f25623 csv_import: display error message on bad encoding (#37374) 2019-11-21 10:20:21 +01:00
Benjamin Dauvergne 3d3df4e858 models: lock user model when changing multiple attribute values (#37390) 2019-11-12 11:32:31 +01:00
Benjamin Dauvergne 173f63f647 api: work around ambiguous time error on DST change (#37238) 2019-11-12 11:06:32 +01:00
Paul Marillonnet 9d85720a87 adapt registration test to template changes (#37390) 2019-10-31 18:18:20 +01:00
Paul Marillonnet 072f36779a crypto: key-derivation must have at least one iteration (#35584) 2019-10-31 14:28:37 +01:00
Paul Marillonnet 8879c1d83b delete old values when set new multiple attribute values (#32025) 2019-10-31 14:23:03 +01:00
Paul Marillonnet e3bf9767ca user: replace use of Attribe.set_value in concurrency test (#32025) 2019-10-31 14:23:03 +01:00
Valentin Deniaud f12353d81c csv_import: allow adding roles (#35773) 2019-10-21 17:35:15 +02:00
Paul Marillonnet 4cc45665b7 oidc authn: verify id token signature (#31862) 2019-10-17 16:13:11 +02:00
Valentin Deniaud e472246f3c csv_import: display all row errors (#36832) 2019-10-16 17:44:31 +02:00
Paul Marillonnet 20a9676ef2 python3: basic authz header encoding in tests (#31175) 2019-10-16 15:20:38 +02:00
Frédéric Péters 6438cffd29 api: allow patch/put API to empty a role (#36918) 2019-10-15 11:26:40 +02:00
Benjamin Dauvergne da9857d8b7 manager: show user deletion status (#36788) 2019-10-10 18:52:58 +02:00
Valentin Deniaud d177f4a296 data_transfer: fail importing on empty role uuid (#31083) 2019-10-08 16:16:34 +02:00
Paul Marillonnet 5b8b62a19f set upper bound on django-import-export dependency version (#36774) 
* so as to maintain the role CSV export feature
 2019-10-08 14:02:22 +02:00
Paul Marillonnet 9e0b32b71d api: handle wrong payload types in role memberships direct definition (#36727) 2019-10-08 10:56:18 +02:00
Paul Marillonnet 1cedef29c9 api: role members direct definition (#36377) 2019-10-04 18:49:06 +02:00
Nicolas Roche 05340b110b api: extend DRF date field to accept empty string (#36365) 2019-10-03 16:11:33 +02:00
Benjamin Dauvergne 96f8538a08 api: returns no user if service-slug is unknown (#35189) 2019-10-03 16:01:06 +02:00
Benjamin Dauvergne d9918e3467 api: filter users based on OIDC client authorized roles (#35191) 2019-10-03 10:41:03 +02:00
Paul Marillonnet 2349e21a01 adapt manager tests (#34133) 2019-10-02 12:16:39 +02:00
Benjamin Dauvergne f93c71a58b tests: add tests on a2_rbac post_migrate handlers (#34133) 2019-10-02 12:16:34 +02:00
Paul Marillonnet 62441e2340 accounts: send validation email before self-triggered account deletion (#27823) 2019-10-02 11:33:20 +02:00
Benjamin Dauvergne b7b0b93e7a Copy attribute's DRF field kwargs before use (#36098) 
Without it we get parameters from previous calls to
Attribute.get_kind().
 2019-09-13 11:14:41 +02:00
Nicolas Roche 6a3a1c3ebe csv_import: import cleaned fields (#35800) 2019-09-12 18:45:18 +02:00
Benjamin Dauvergne beb8327f40 a2_rbac: add ROLE_ADMIN_RESTRICT_TO_OU_USERS setting (fixes #35391) 
It limits visibility of role's administrators to users of the same OU as
the role administered.
 2019-09-09 13:05:20 +02:00
Benjamin Dauvergne 1a8783b8e7 a2_rbac: move tests (#35767) 2019-09-09 13:04:48 +02:00