entrouvert
/
authentic
16
0
Fork 0
Code Issues Pull Requests 35 Releases Activity
6,544 Commits 190 Branches 448 Tags 29 MiB
Commit Graph

1252 Commits

Author SHA1 Message Date
Paul Marillonnet 041a27c0e6 auth_oidc: prompt login on passive requests for buggy providers (#734123) 2023-01-17 09:48:07 +01:00
Paul Marillonnet 74e6f1f248 auth_oidc: add passive authn deactivation flag (#73412) 2023-01-17 09:36:37 +01:00
Paul Marillonnet 86fc21ed42 manager: disable globally-overriden options on OU edition page (#72384) 2023-01-16 12:00:11 +01:00
Paul Marillonnet 043c7abf6d forms: provide stricter PhoneField validation (#73345) 2023-01-16 11:50:51 +01:00
Paul Marillonnet 789c1714d3 auth_oidc: exclude last_sync_time from authn editable fields (#73227) 2023-01-10 15:58:50 +01:00
Paul Marillonnet 1da9c9b3fb manager: display ldap information even when erroneous (#73018)
gitea/authentic/pipeline/head Something is wrong with the build of this commit Details
2023-01-05 11:17:37 +01:00
Paul Marillonnet c5b67aaae1 idp_oidc: get user profile selection or consent even when prompt=none (#72507) 2022-12-20 11:52:12 +01:00
Paul Marillonnet 0443245e1e registration: provide a more user-friendly input code form (#72604) 2022-12-20 11:02:28 +01:00
Paul Marillonnet 38e12e840c views: fix sms-registration phone-number ratelimit key (#72597) 2022-12-19 16:13:45 +01:00
Frédéric Péters c9d6ce0ffd misc: move configuration URLs to new lines in idp configuration infos (#72553) 2022-12-17 08:57:13 +01:00
Frédéric Péters 9846a2e515 api client: fix casing of labels in detail view (#72562) 2022-12-17 08:54:21 +01:00
Paul Marillonnet 86f919e306 forms/authn: define explicit fields order (#72430)
gitea/authentic/pipeline/head Something is wrong with the build of this commit Details
2022-12-14 17:12:55 +01:00
Paul Marillonnet 73ac9f079a auth_oidc: add an oidc-sync-provider command (#62710)
gitea/authentic/pipeline/head Something is wrong with the build of this commit Details
2022-12-14 15:31:47 +01:00
Benjamin Dauvergne 0848d1cb3b auth_fc: add flag to disable link by email (#68360) 2022-12-14 14:38:02 +01:00
Benjamin Dauvergne e524c5f94d misc: proxy passive SSO from SAML2 services to OIDC idps (#27135) 
Behaviour of the SAML2 when receiving a Passive AuthnRequest and not
user is logged is modified. Before an immediate response with StatusCode
no-passive was returned. Now if one authenticator with the method
passive_login is found, the request is transferred to this authentication
source.
 2022-12-14 12:34:33 +01:00
Benjamin Dauvergne 9d0d83b0e5 auth_oidc: make autorun go directly to the OP (#27135) 2022-12-14 12:31:04 +01:00
Benjamin Dauvergne f34b2af379 misc: add next_url parameter to Authenticator.autorun() (#27135) 2022-12-14 12:31:04 +01:00
Benjamin Dauvergne 9e7e6dcfba auth_fc: provision user's informations on registration (#72358) 2022-12-13 16:44:23 +01:00
Benjamin Dauvergne 5dddd1c674 auth_fc: set the created user in the registration mail template context (#72358) 2022-12-13 16:40:58 +01:00
Paul Marillonnet 4240f989ae api_views: handle ou-wise api-client checks (#71275)
gitea/authentic/pipeline/head Build queued... Details
2022-12-13 14:39:33 +01:00
Paul Marillonnet a7ffb583f8 models: add ou field to api clients (#71275) 2022-12-13 14:39:00 +01:00
Paul Marillonnet d542d33af8 api: make sync endpoint adapt to permissions by OU (#71506)
gitea/authentic/pipeline/head Build queued... Details
2022-12-13 14:05:04 +01:00
Paul Marillonnet 68fec48b39 idp_oidc: display BO custom client config to superusers only (#71905)
gitea/authentic/pipeline/head Something is wrong with the build of this commit Details
2022-12-13 12:29:50 +01:00
Paul Marillonnet 2f7d0618e4 authn: make phone field optional (#72337) 2022-12-13 10:53:56 +01:00
Paul Marillonnet 5fd1c9d2f4 manager: test user free search for local and e164 phones (#69907)
gitea/authentic/pipeline/head Something is wrong with the build of this commit Details
2022-12-13 10:14:02 +01:00
Paul Marillonnet 3e53e2ecf8 api: let free text search accept local phone numbers (#69906)
gitea/authentic/pipeline/head Something is wrong with the build of this commit Details
2022-12-13 09:56:17 +01:00
Paul Marillonnet 8ee074f6ed api: test user phone number basic authz (#69314)
gitea/authentic/pipeline/head Build started... Details
2022-12-13 09:29:55 +01:00
Paul Marillonnet b3036b4cc0 api: update phone drf field to handle E164 format (#69430)
gitea/authentic/pipeline/head Build started... Details
2022-12-12 17:44:19 +01:00
Paul Marillonnet 3582bad6b3 views: make sms code trigger a standard registration finalization (#69223) 2022-12-12 16:10:15 +01:00
Paul Marillonnet 57da31b3f7 registration: display phone number in form (#69223) 2022-12-12 15:11:47 +01:00
Valentin Deniaud 728e9a410a authenticators: add idp configuration info for saml and oidc (#67987) 2022-12-12 12:24:43 +01:00
Paul Marillonnet dad0a9193d authn: make username required when it is the only identifier (#72269) 2022-12-12 12:00:30 +01:00
Valentin Deniaud a8f3390de8 data_transfer: export new role attributes (#71844) 2022-12-12 10:29:58 +01:00
Paul Marillonnet 43ccdfea68 custom_user: set email verification sources (#66054) 2022-12-12 09:45:45 +01:00
Paul Marillonnet 8f17030eab api_views: set api as verification source for custom attributes (#65612) 2022-12-12 09:18:34 +01:00
Paul Marillonnet 5cd75e69e5 auth_fc: set fc as verification source for custom attributes (#65612) 2022-12-12 09:18:34 +01:00
Paul Marillonnet 9c340c8a5f manage custom attribute's verification sources (#65612) 2022-12-12 09:18:34 +01:00
Paul Marillonnet f7d6895b94 authentication/forms: add user phone as identifier (#69221) 2022-12-12 08:42:45 +01:00
Paul Marillonnet 3086948b0e csv_import adapt user csv logic to new phone_number kind (#69365) 2022-12-09 12:02:52 +01:00
Paul Marillonnet 2c0443d1bf attribute_kinds: use custom PhoneField for phone_number type (#69365) 2022-12-09 11:31:26 +01:00
Benjamin Dauvergne 2480687f3f auth_oidc: show a warning message if target user is already linked to another provider (#65692) 2022-12-01 13:00:20 +01:00
Benjamin Dauvergne d8d29e2daa settings: set secure flag on cookies (#71880) 
Tests fixes :
* force https scheme in webtest HTTP client
* add secure=True to call with the django HTTP client
* replace http scheme by https in URLs assertions,
* properly use response.form in tests directly using app.post, as CSRF checks on secure connection also test the Referrer
* manually add Referer header in other cases,
 2022-12-01 10:00:07 +01:00
Paul Marillonnet 97a5ebf63a Revert "idp_oidc: add api access and profile […] (#71820)" (#71890) 
This reverts commit 9141583b58.

The (erroneously added) parameters are for Publik's out-of-spec
synchronization purposes, they shouldn't appear on the vanilla OIDC
client configuration interface.
 2022-12-01 09:22:55 +01:00
Paul Marillonnet d62d23203f auth_fc: discard deprecated scopes (#71868) 2022-11-30 12:10:11 +01:00
Valentin Deniaud 8e6a95b6ce attributes_ng: restore setting superuser flag (#71855) 2022-11-29 18:55:27 +01:00
Valentin Deniaud 5f0c03e32f a2_rbac: move role attributes to real model fields (#69895) 2022-11-29 14:05:38 +01:00
Paul Marillonnet 9141583b58 idp_oidc: add api access and profile management to BO config (#71820) 2022-11-29 11:26:43 +01:00
Paul Marillonnet 0c5da1c832 idp_oidc: remove client config through django's admin pages (#71700) 
This removal ensures that OIDC configuration happens through
/manage/ pages as part of Publik's backoffice interface.
 2022-11-29 11:09:16 +01:00
Benjamin Dauvergne d19ac19469 auth_fc: close FranceConnect session when linking fails (#71607) 2022-11-28 15:05:46 +01:00
Benjamin Dauvergne cfefbd553c tests: do not follow redirects in login_with_fc (#71607) 
Because it will break when we introduce a redirection to FranceConnect
to close the FranceConnect session on failure to link.
 2022-11-28 15:05:46 +01:00