Paul Marillonnet
a6dba11961
python3: oidc client jwk secret encoding in tests ( #32447 )
2020-02-06 11:22:14 +01:00
Paul Marillonnet
45ef1177b7
python3: encode oidc authn test claims ( #32452 )
2020-02-06 10:37:30 +01:00
Paul Marillonnet
1f19c39df9
python3: ascii-decode user credentials for register API testing ( #32451 )
2020-02-06 10:34:30 +01:00
Paul Marillonnet
1bbe769778
python3: enforce text type on django's HttpResponse.content ( #32450 )
2020-02-06 10:30:36 +01:00
Paul Marillonnet
ac65fa8c4f
python3: explicit file opening mode ( #32448 )
2020-02-06 10:21:58 +01:00
Paul Marillonnet
89f1a4fd76
idp_oidc: py3-compliant authn header encoding in tests ( #32446 )
2020-02-06 10:18:43 +01:00
Paul Marillonnet
9c9db933f6
python3: define a base64 decoding exception ( #31180 )
2020-02-06 10:15:45 +01:00
Paul Marillonnet
2c3d0e5898
idp_oidc: add ou selection on ropc grant ( #39383 )
2020-02-03 15:48:33 +01:00
Valentin Deniaud
86fe3b2958
manager: replace invalid widget split term operator ( #39380 )
2020-02-03 10:07:23 +01:00
Benjamin Dauvergne
64abfdca0c
auth2_fc: set novalidate on unlink cancel button ( #39445 )
2020-01-31 12:09:09 +01:00
Lauréline Guérin
f03e3aae66
ldap: do not fail if Role.MultipleObjectsReturned is raised ( #39274 )
2020-01-30 11:16:41 +01:00
Frédéric Péters
82532d5bd2
tests: disable kerberos plugin that coud be parallel-installed ( #39393 )
2020-01-29 16:08:19 +01:00
Benjamin Dauvergne
27f4e2b13e
auth2_fc: set default scopes to profile and email ( #39231 )
...
And move default value to app_settings file. Support for FC data
provider had to be modified.
2020-01-27 17:58:31 +01:00
Paul Marillonnet
dda27fe488
idp_oidc: support oauth2 resource owner password credential grant ( #35205 )
2020-01-24 14:38:42 +01:00
Serghei Mihai
ba597c14d5
auth_saml: allow custom template for each idp login block ( #39154 )
2020-01-22 11:00:18 +01:00
Valentin Deniaud
abed3fa8cc
views: better display password reset instructions ( #38054 )
2020-01-15 16:36:05 +01:00
Serghei Mihai
a2c3bc9cce
auth_saml: separate idps blocks on login page ( #38248 )
2019-12-19 15:39:48 +01:00
Thomas NOËL
ad3f27ef3c
registration: show only email address in post-registration message ( #37923 )
2019-12-11 14:41:59 +01:00
Thomas NOËL
f17dad5213
registration: simplify post-registration message ( #38053 )
2019-12-11 13:51:07 +01:00
Benjamin Dauvergne
94f4ec8c7d
authenticators: add easy accesible OU based on service's ACL ( #36783 )
...
It replaces changes from #35213 . OU are added after OU remembered
through cookies; they are ordered based on their user subset's count
(how many of their users can access the targeted service).
2019-12-05 12:30:09 +01:00
Serghei Mihai
216323c7ad
auth: separate OIDC providers in blocks on login page ( #31259 )
2019-11-29 10:06:52 +01:00
Thomas NOËL
0fc5a97113
crypto: use pycrytodomex, replace Crypto with Cryptodome ( #38017 )
...
mainly because Debian python-cryptodome package use pycrytodomex, which
is a library independent of the old PyCrypto, available under the
Cryptodome name.
2019-11-28 14:25:33 +01:00
Paul Marillonnet
2cc2cf4200
tests: drop partial sqlite support
2019-11-21 17:02:06 +01:00
Valentin Deniaud
2936f25623
csv_import: display error message on bad encoding ( #37374 )
2019-11-21 10:20:21 +01:00
Benjamin Dauvergne
3d3df4e858
models: lock user model when changing multiple attribute values ( #37390 )
2019-11-12 11:32:31 +01:00
Benjamin Dauvergne
173f63f647
api: work around ambiguous time error on DST change ( #37238 )
2019-11-12 11:06:32 +01:00
Paul Marillonnet
9d85720a87
adapt registration test to template changes ( #37390 )
2019-10-31 18:18:20 +01:00
Paul Marillonnet
072f36779a
crypto: key-derivation must have at least one iteration ( #35584 )
2019-10-31 14:28:37 +01:00
Paul Marillonnet
8879c1d83b
delete old values when set new multiple attribute values ( #32025 )
2019-10-31 14:23:03 +01:00
Paul Marillonnet
e3bf9767ca
user: replace use of Attribe.set_value in concurrency test ( #32025 )
2019-10-31 14:23:03 +01:00
Valentin Deniaud
f12353d81c
csv_import: allow adding roles ( #35773 )
2019-10-21 17:35:15 +02:00
Paul Marillonnet
4cc45665b7
oidc authn: verify id token signature ( #31862 )
2019-10-17 16:13:11 +02:00
Valentin Deniaud
e472246f3c
csv_import: display all row errors ( #36832 )
2019-10-16 17:44:31 +02:00
Paul Marillonnet
20a9676ef2
python3: basic authz header encoding in tests ( #31175 )
2019-10-16 15:20:38 +02:00
Frédéric Péters
6438cffd29
api: allow patch/put API to empty a role ( #36918 )
2019-10-15 11:26:40 +02:00
Benjamin Dauvergne
da9857d8b7
manager: show user deletion status ( #36788 )
2019-10-10 18:52:58 +02:00
Valentin Deniaud
d177f4a296
data_transfer: fail importing on empty role uuid ( #31083 )
2019-10-08 16:16:34 +02:00
Paul Marillonnet
5b8b62a19f
set upper bound on django-import-export dependency version ( #36774 )
...
* so as to maintain the role CSV export feature
2019-10-08 14:02:22 +02:00
Paul Marillonnet
9e0b32b71d
api: handle wrong payload types in role memberships direct definition ( #36727 )
2019-10-08 10:56:18 +02:00
Paul Marillonnet
1cedef29c9
api: role members direct definition ( #36377 )
2019-10-04 18:49:06 +02:00
Nicolas Roche
05340b110b
api: extend DRF date field to accept empty string ( #36365 )
2019-10-03 16:11:33 +02:00
Benjamin Dauvergne
96f8538a08
api: returns no user if service-slug is unknown ( #35189 )
2019-10-03 16:01:06 +02:00
Benjamin Dauvergne
d9918e3467
api: filter users based on OIDC client authorized roles ( #35191 )
2019-10-03 10:41:03 +02:00
Paul Marillonnet
2349e21a01
adapt manager tests ( #34133 )
2019-10-02 12:16:39 +02:00
Benjamin Dauvergne
f93c71a58b
tests: add tests on a2_rbac post_migrate handlers ( #34133 )
2019-10-02 12:16:34 +02:00
Paul Marillonnet
62441e2340
accounts: send validation email before self-triggered account deletion ( #27823 )
2019-10-02 11:33:20 +02:00
Benjamin Dauvergne
b7b0b93e7a
Copy attribute's DRF field kwargs before use ( #36098 )
...
Without it we get parameters from previous calls to
Attribute.get_kind().
2019-09-13 11:14:41 +02:00
Nicolas Roche
6a3a1c3ebe
csv_import: import cleaned fields ( #35800 )
2019-09-12 18:45:18 +02:00
Benjamin Dauvergne
beb8327f40
a2_rbac: add ROLE_ADMIN_RESTRICT_TO_OU_USERS setting ( fixes #35391 )
...
It limits visibility of role's administrators to users of the same OU as
the role administered.
2019-09-09 13:05:20 +02:00
Benjamin Dauvergne
1a8783b8e7
a2_rbac: move tests ( #35767 )
2019-09-09 13:04:48 +02:00