Benjamin Dauvergne
7b002f861f
auth_oidc: use a signed state ( #47825 )
...
State is no more stored in the session, it's made using signing.dumps()
instead, to be more resilient. It's associated to a cookie scoped to the
callback path and the nonce created from the state id using an HMAC
construction with settings.SECRET_KEY.
2020-10-29 00:34:41 +01:00
Benjamin Dauvergne
6cd84ac407
auth_saml: always add mapping as MappingError details ( #47760 )
2020-10-29 00:18:25 +01:00
Benjamin Dauvergne
d47bc8e1ad
misc: prevent internal URL leak in browser history ( #47302 )
2020-10-29 00:17:58 +01:00
Benjamin Dauvergne
dcb4b40b39
misc: add registration redirect URL to whitelist ( #47302 )
2020-10-29 00:17:58 +01:00
Benjamin Dauvergne
e5e560982e
misc: coding style ( #47302 )
2020-10-29 00:17:48 +01:00
Benjamin Dauvergne
7a3be23b0d
validators: work around lack of NULL char check in forms.CharField ( #46625 )
2020-10-28 23:33:36 +01:00
Benjamin Dauvergne
d3c962e095
misc: check null characters in query-string and form data ( #46625 )
2020-10-28 23:33:36 +01:00
Benjamin Dauvergne
2600bfab90
auth_fc: update first_name and last_name only when required ( #47566 )
2020-10-28 23:33:08 +01:00
Benjamin Dauvergne
cbd43d4f4c
auth fc: make fc_display_name more resilient ( #47566 )
2020-10-28 23:33:08 +01:00
Benjamin Dauvergne
4e0be8c7c3
auth_fc: add tests on login with minimal user_info ( #47566 )
2020-10-28 23:33:08 +01:00
Benjamin Dauvergne
e28713c583
tests: simplify FranceConnect tests ( #48042 )
2020-10-28 23:32:47 +01:00
Frédéric Péters
9f08f5c475
auth saml: put newly created user in default OU ( #46484 )
2020-10-27 20:06:49 +01:00
Serghei Mihai
79045bf99d
api: allow anonymous requests to address autocomplete endpoint ( #48031 )
2020-10-27 10:36:09 +01:00
Benjamin Dauvergne
976dec4225
idp_oidc: make ending slash optional ( #47918 )
2020-10-27 09:52:59 +01:00
Benjamin Dauvergne
b4b23cdf63
debian: disable write exception in uwsgi.ini ( #47809 )
2020-10-27 09:52:30 +01:00
Valentin Deniaud
d2d0372b44
auth_saml: rename toggle-role action to add-role ( #46857 )
2020-10-26 10:25:50 +01:00
Benjamin Dauvergne
f7228347ce
misc: add caption before external ids in check-and-repair ( #42179 )
2020-10-23 10:35:55 +02:00
Benjamin Dauvergne
89814b519b
misc: fix admin role bad permissions using get_admin_role ( #42179 )
2020-10-23 10:35:55 +02:00
Paul Marillonnet
7c4f725bfc
a2_rbac: do not break unicity when get-or-creating admin role ( #42179 )
2020-10-23 10:35:52 +02:00
Paul Marillonnet
45a93bb273
manage: hide journal app whose icon is missing ( #47891 )
2020-10-21 14:04:27 +02:00
Valentin Deniaud
911f847b24
test_journal: add missing make_naive ( #47872 )
2020-10-20 10:31:40 +02:00
Frédéric Péters
1fc76fd66e
misc: don't expose journal in publik menu ( #47813 )
2020-10-19 09:42:41 +02:00
Benjamin Dauvergne
e8fa64c228
MANIFEST.in: add templates from journal
2020-10-17 09:13:10 +02:00
Benjamin Dauvergne
db0789ee2e
translation update ( #47773 )
2020-10-17 08:46:27 +02:00
Benjamin Dauvergne
13bb51ecef
misc: modify strings for translation ( #47773 )
2020-10-17 08:46:20 +02:00
Lauréline Guérin
11869fb4b8
profile: fix address autocomplete JS loading ( #47796 )
2020-10-16 15:22:05 +02:00
Serghei Mihai
4fed275ba3
auth_saml: raise error when no saml attribute value received ( #47706 )
2020-10-15 17:35:15 +02:00
Benjamin Dauvergne
8487d33cff
misc: integration of journal in manager ( #47155 )
2020-10-15 15:22:31 +02:00
Benjamin Dauvergne
1cc04e3ad7
misc: integration of journal authentic views ( #47155 )
2020-10-15 15:22:31 +02:00
Benjamin Dauvergne
9a1631b18a
misc: add journal application ( #47155 )
2020-10-15 15:22:31 +02:00
Nicolas Roche
8899d25376
manager: use selected ou by default in add roles form ( #46643 )
2020-10-14 17:46:36 +02:00
Valentin Deniaud
8ae42a05d8
manager: look for duplicates on user creation ( #45419 )
2020-10-14 15:00:02 +02:00
Valentin Deniaud
41ef79557c
models: add missing migration ( #47627 )
2020-10-13 16:15:53 +02:00
Valentin Deniaud
7216172fd0
models: order AttributeValue according to corresponding attribute ( #47627 )
2020-10-13 14:54:26 +02:00
Frédéric Péters
c0590210ab
translation update
2020-10-13 11:26:30 +02:00
Frédéric Péters
89be5e16f8
auth oidc: update user sub when linking existing user during SSO ( #47544 )
2020-10-12 10:05:48 +02:00
Frédéric Péters
5f7ae0e000
jenkins: create parent directory if necessary
2020-10-12 10:05:18 +02:00
Lauréline Guérin
7b130d6ffc
profile_views: address autocomplete field ( #41919 )
2020-10-09 14:15:32 +02:00
Nicolas Roche
3b6d2cc4cd
manager: add a generic template for user roles ( #47240 )
2020-10-09 11:42:30 +02:00
Nicolas Roche
9c812a25e8
manager: remind OU in user roles breadcrumb ( #47240 )
2020-10-09 11:42:17 +02:00
Nicolas Roche
9c00b35242
manager: remind OU in user consent breadcrumb ( #47238 )
2020-10-09 11:25:17 +02:00
Nicolas Roche
69ec66052f
manager: allow role slug edition ( #46656 )
2020-10-09 11:23:15 +02:00
Nicolas Roche
233b289139
manager: correct model field on tables ( #47408 )
2020-10-09 11:21:18 +02:00
Nicolas Roche
03f2b80a98
manager: allow ou slug edition ( #46655 )
2020-10-09 11:19:15 +02:00
Nicolas Roche
9a07dc2a18
manager: move and rename consents button ( #47266 )
2020-10-09 11:16:59 +02:00
Nicolas Roche
bb428414e8
manager: hide authorizations page if no oidc service defined ( #47305 )
2020-10-09 11:15:07 +02:00
Benjamin Dauvergne
6c231ae2b9
misc: prevent cleaning of unused LDAP and OIDC accounts ( #47387 )
2020-10-06 13:49:46 +02:00
Frédéric Péters
ed6be9daed
tox: limit mock version for compatibility with python 3.5
2020-10-06 09:29:48 +02:00
Paul Marillonnet
361511d7a5
translation update
2020-10-05 17:28:21 +02:00
Valentin Deniaud
b6b6652156
custom_user: exclude deleted users from duplicates ( #47353 )
2020-10-05 16:54:19 +02:00