entrouvert
/
django-mellon
17
0
Fork 0
Code Issues Pull Requests Releases Activity
250 Commits 7 Branches 99 Tags 793 KiB
Commit Graph

49 Commits

Author SHA1 Message Date
Benjamin Dauvergne b640f5b334 tests: test failed request path with artifact (#31690) 2019-03-25 15:24:13 +01:00
Benjamin Dauvergne ca6ce92781 views: fix discovery URL building (#31581) 2019-03-20 14:28:05 +01:00
Benjamin Dauvergne b3e1b9c533 views: add new setting LOGIN_HINTS (fixes #30966) 
You can set MELLON_LOGIN_HINTS = ['backoffice'] to get a node
eo:login-hint set to "backoffice" in AuthnRequest when next_url for the
login view is among /manage/, /admin/ or /manager/.

Another value is 'always_backoffice' which always set the 'backoffice'
login_hint.
 2019-03-07 23:12:56 +01:00
Benjamin Dauvergne f2e05b84ae prevent redirection loop on artifact resolution errors (fixes #14810) 
Signature of method sso_failure() is changed to match the name name of
the context variable in template mellon/authentication_failed.html
(idp_message => reason).
 2019-03-02 16:42:46 +01:00
Frédéric Péters a1fa7d36df don't cache local metadata anymore (#13881) 2018-09-05 17:09:31 +02:00
Paul Marillonnet 349a4ec3bc skip test if number of concurrent connections above default pg limit (#25252) 2018-07-18 18:07:24 +02:00
Paul Marillonnet c5fddd13cd tests: adapt to lasso PEM-formatting deprecation (#24531) 2018-07-18 18:06:18 +02:00
Benjamin Dauvergne d4d0b85944 use good API from lasso to set Extensions node content (#23003) 
- use extensions.any tuple to set the content of the Extensions node
- add tests for the presence of the eo:next_url node when
  ADD_AUTHNREQUEST_NEXT_URL_EXTENSION is used
- add tests for next_url propagation through the RelayState value
 2018-06-06 11:05:59 +02:00
Frédéric Péters edb09ed8fd use force_text for python2/3 compatibility (#24139) 2018-05-29 12:21:13 +02:00
Frédéric Péters 8252e948e7 tests: adapt to python 3 2018-04-05 14:38:49 +02:00
Frédéric Péters ffadd1a618 python3: use urlparse compatibility module in tests 2018-04-05 14:31:45 +02:00
Frédéric Péters d342971a45 python3: use open() to open files 2018-04-05 14:25:54 +02:00
Frédéric Péters 7ac7c48f67 tests: don't use a leading 0 in numbers 2018-03-27 09:05:39 +02:00
Benjamin Dauvergne f1af12e6a1 tests: prevent "Database is locked" error during concurrency test (fixes #19678) 
SQLite has a default timeout of 5 seconds, we augment it to 400 seconds. We also
replace our custom thread pool by the one provided by multiprocessing.
 2018-03-12 14:27:27 +01:00
Benjamin Dauvergne be791d54a8 set a default value for IDENTITY_PROVIDERS ((fixes #20221) 2018-03-07 18:09:44 +01:00
Benjamin Dauvergne 6c528dd2c3 Revert "support federation file loading (#19396)" 
This reverts commit 63993e360c.
 2018-01-09 21:43:25 +01:00
Paul Marillonnet 63993e360c support federation file loading (#19396) 2018-01-09 17:50:25 +01:00
Frédéric Péters 18eb3a8632 tests: remove django < 1.8 leftovers (#19659) 2018-01-09 15:30:00 +01:00
Benjamin Dauvergne cb3e18c8ba tests: fix discovery service tests (#19018 #19016) 2017-09-27 21:59:15 +02:00
Benjamin Dauvergne 83388d396c tests: replace unmaintained pytest-capturelog by its maintained fork pytest-catchlog 2017-03-22 23:06:50 +01:00
Benjamin Dauvergne 0aae0ad4dd tests: adapt to changes in django-webtest 2017-03-22 23:06:50 +01:00
Benjamin Dauvergne 09ff054f57 retry login when artifact resolution return an empty message (fixes #12795) 
This commit also add a test of artifact login.
 2016-07-29 11:53:36 +02:00
Benjamin Dauvergne 958cb65acd tests: use dummy metadata from lasso, starts tests of SSO/SLO (fixes #11476) 2016-06-22 11:06:20 +02:00
Benjamin Dauvergne 49a5254363 allow federating transient NameID using an attribute (fixes #10619) 2016-04-27 09:22:05 +02:00
Frédéric Péters 6a6405d75f misc: allow unicode strings as authn classref (#10666) 2016-04-15 10:28:31 +02:00
Benjamin Dauvergne 7db1d7d7ed pep8ness 2016-04-06 01:33:39 +02:00
Benjamin Dauvergne 66d1811e2f refactor next_url and RelayState use (fixes #10372) 
The next_url parameter is  no more stored directly in the RelayState, as it
RelayState should only contain strings of no more thant 80 bytes, instead
generate an uuid as the relaystate and store the next_url value in session using
a key based on this uuid.

The implementation is generic enough to accomodate storing any other kind of
data during an SSO or SLO workflow.
 2016-03-22 15:20:29 +01:00
Benjamin Dauvergne 2aec7a3294 views: handle ProfileInvalidMsgError when resolving an artifact (#10270) 2016-03-11 17:10:52 +01:00
Benjamin Dauvergne dba3f32c3a views: handle ProfileInvalidArtifactError exception when resolving an artifact (#10270) 2016-03-11 17:10:52 +01:00
Benjamin Dauvergne 65b492fee3 tests: move HTTMock templates to utils 2016-03-11 17:10:18 +01:00
Benjamin Dauvergne 1fd8489932 tests: add base.html template 2016-03-11 17:10:18 +01:00
Frédéric Péters a3bc087890 misc: fix passing of RequestedAuthnContext (#10243) 2016-03-09 09:14:38 +01:00
Benjamin Dauvergne 78a35d9313 tests: fix test to comply with commit eb89a86ef 2016-03-04 18:30:47 +01:00
Benjamin Dauvergne eb89a86ef3 add DiscoveryResponse endpoint to metadata (fixes #10197) 2016-03-04 11:05:01 +01:00
Benjamin Dauvergne 6aa9170982 Fix removal of admin right when users have admin attributes but is already admin (fixes #10195) 2016-03-04 10:07:54 +01:00
Benjamin Dauvergne 3d91d40cb2 django 1.9 adaptations 
- django.utils.same_origin was removed
- HttpRequest.REQUEST was removed
- settings.USE_TZ is True by default
- get_default_timezone() is now wrapped by an lrucache(), when modifying
  settings.TIME_ZONE we must also clear the cache.
 2016-02-26 21:35:21 +01:00
Benjamin Dauvergne cd4e33f47f tests: add test on SP initiated login 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 7602d7b79d tests: add tests on mellon.utils 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne afd7d519ec tests: remove unused variable 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 9fe8aaf0be adapters: improve logging during provisionning 
- user creation is logged
- attributes are only changed if different from the provisionning value,
  and changes are logged.
 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 33d305f7a7 add support for Organization and ContactPerson elements in metadata (fixes #6656) 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne c504f7e8db tests: add helper to check XML documents 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 4f77ee0e24 do not pass strings contening null characters to Lasso, return 400 or ignore (fixes #8939) 2016-02-26 18:09:17 +01:00
Benjamin Dauvergne fc7fd250cd pep8ness 2016-02-12 19:44:19 +01:00
Benjamin Dauvergne e641c6ec96 fix concurrency error when creating new users (fixes #9965) 
UserSAMLIdentifier is retrieved using get_or_create() first, and if is new
we proceed with the creation of the new user, otherwise we delete the temporaru
user we created use the one attached to the existing UserSAMLIdentifier.
 2016-02-12 19:44:19 +01:00
Benjamin Dauvergne e18dd7c7e5 adapters: prevent collision in provision_groups() (fixes #9327) 
Assiging related m2m fields provokes a bulk insert which is not safe with
respect to concurrent writes, we replace this by use of get_or_create() and
delete() on the through model of the User.groups field.
 2015-12-15 10:52:10 +01:00
Benjamin Dauvergne b1b0494ccc adapters: truncate attributes assigned to user fields (fixes #7907) 2015-07-22 16:22:59 +02:00
Frédéric Péters eac5d90da8 tests: adapt to usernames cut at 30 characters 2015-05-07 11:32:53 +02:00
Frédéric Péters 0315d395bf tests: initial adapter tests 2015-05-07 11:32:53 +02:00