entrouvert
/
django-mellon
17
0
Fork 0
Code Issues Pull Requests Releases Activity
250 Commits 7 Branches 99 Tags 793 KiB
Commit Graph

250 Commits

Author SHA1 Message Date
Benjamin Dauvergne 6aa9170982 Fix removal of admin right when users have admin attributes but is already admin (fixes #10195) 2016-03-04 10:07:54 +01:00
Benjamin Dauvergne bac013c19f release 1.2.23 2016-03-02 20:53:28 +01:00
Benjamin Dauvergne 6b1dd11f18 debian: declare it breaks hobo before release 0.34.5 2016-03-02 18:47:03 +01:00
Benjamin Dauvergne 3f0f0be180 silence Django 1.10 deprecration warnings 2016-03-02 18:14:46 +01:00
Benjamin Dauvergne ec27553789 adapters: factorize user creation in lookup_user() (fixes #10164) 
User creation can have peculiarities.
 2016-03-02 17:39:15 +01:00
Benjamin Dauvergne fe53dab9ca trivial: move utils import 2016-02-26 21:36:08 +01:00
Benjamin Dauvergne 3d91d40cb2 django 1.9 adaptations 
- django.utils.same_origin was removed
- HttpRequest.REQUEST was removed
- settings.USE_TZ is True by default
- get_default_timezone() is now wrapped by an lrucache(), when modifying
  settings.TIME_ZONE we must also clear the cache.
 2016-02-26 21:35:21 +01:00
Benjamin Dauvergne cd4e33f47f tests: add test on SP initiated login 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 40cc598904 views: change HTTP 400 message when no idp is found 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne c1d2fb1a32 trivial: move lasso import 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 7602d7b79d tests: add tests on mellon.utils 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 6af1ebfc55 views: do not traceback in get_idp() when no idp is declared 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne afd7d519ec tests: remove unused variable 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne bb9451e6ba add discovery service support (fixes #10111) 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 8961a743f5 move idp settings building in adapters 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 9fe8aaf0be adapters: improve logging during provisionning 
- user creation is logged
- attributes are only changed if different from the provisionning value,
  and changes are logged.
 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne cf63b7e0ce templates: fix default_assertion_consumer_binding check, use of = instead of == 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 66922a5f29 app_settings: fix import of ImproperlyConfigured exception 
As sys.modules is modified, global imports do not work.
 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 33d305f7a7 add support for Organization and ContactPerson elements in metadata (fixes #6656) 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne aa95501d8b templates: fix public key representation in metadata 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne c504f7e8db tests: add helper to check XML documents 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 26ffe9af97 utils: fix iso8601_to_datetime, make_naive amd make_aware need a timezone parameter 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 4320f4fa78 utils: fix flatten_datetime, isoformat() already add a timezone if needed 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 75382c9ab1 pep8ness 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne bd216c7ab7 store cached metadata in settings 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 4f77ee0e24 do not pass strings contening null characters to Lasso, return 400 or ignore (fixes #8939) 2016-02-26 18:09:17 +01:00
Benjamin Dauvergne f2cf86f7a6 add tox.ini to test on django 1.7, 1.8, 1.9 and with sqlite and pg 2016-02-26 18:09:11 +01:00
Benjamin Dauvergne 3ca64e7eaf report lasso error at debug level 2016-02-12 19:44:24 +01:00
Benjamin Dauvergne a597839d14 log errors when loading IdP metadata instead of throwing a traceback (fixes #9745) 2016-02-12 19:44:19 +01:00
Benjamin Dauvergne fc7fd250cd pep8ness 2016-02-12 19:44:19 +01:00
Benjamin Dauvergne e641c6ec96 fix concurrency error when creating new users (fixes #9965) 
UserSAMLIdentifier is retrieved using get_or_create() first, and if is new
we proceed with the creation of the new user, otherwise we delete the temporaru
user we created use the one attached to the existing UserSAMLIdentifier.
 2016-02-12 19:44:19 +01:00
Benjamin Dauvergne 359a2f4be0 reset is_staff when superuser mapping fails (fixes #9736) 2016-01-21 20:02:34 +01:00
Benjamin Dauvergne 2289b8350e implement session_not_on_or_after using new session engines (fixes #9640) 2016-01-15 12:29:31 +01:00
Benjamin Dauvergne 9143056569 use dateutil to parse datetime strings (#9640) 2016-01-15 12:26:58 +01:00
Benjamin Dauvergne f45bb8b2d0 utils: return naive datetime if USE_TZ=False (fixes #9521) 2016-01-06 09:54:52 +01:00
Benjamin Dauvergne 9b7da116ea setup.py: hide DJANGO_SETTINGS_MODULE value when calling compilemessages 2015-12-17 11:06:42 +01:00
Benjamin Dauvergne dc1e4e56ea do not flatten attributes inplace, and convert expiry to seconds (fixes #9359) 
Original datetime must be kept for setting the expiry, but expiry using datetime
is not supported when using JSON sessions, so we convert it to seconds expiry
before setting it.

We also make iso8601 parsed datetime timezone aware, to match with other
datetimes in Django.
 2015-12-16 18:06:07 +01:00
Benjamin Dauvergne e18dd7c7e5 adapters: prevent collision in provision_groups() (fixes #9327) 
Assiging related m2m fields provokes a bulk insert which is not safe with
respect to concurrent writes, we replace this by use of get_or_create() and
delete() on the through model of the User.groups field.
 2015-12-15 10:52:10 +01:00
Benjamin Dauvergne 78762accf7 middleware: handle process_view (#9131) 
In process_request request.resolver_match is not yet defined.
 2015-11-27 12:00:24 +01:00
Benjamin Dauvergne 8da5807298 middleware: do not apply autologin to mellon views (fixes #9131) 2015-11-27 10:29:21 +01:00
Benjamin Dauvergne ad2a575a35 middleware: disallow passive authentication when no IdP is found (fixes #8123) 2015-09-25 16:12:30 +02:00
Benjamin Dauvergne 7f70dbcb9f Revert "views: add an iframe mode to the login view" 
This reverts commit 0e57f99312.
 2015-09-25 15:38:13 +02:00
Benjamin Dauvergne 9667aa5f18 add PassiveAuthenticationMiddleware using a common domain cookie (fixes #8123) 
Name of the cookie must be put in MELLON_OPENED_SESSION_COOKIE_NAME and
common domain can be defined in MELLON_OPENED_SESSION_COOKIE_DOMAIN, if
unset the common domain is guessed by removing the first part of the
domain name (www.xxx.com -> xxx.com).
 2015-09-25 15:03:49 +02:00
Benjamin Dauvergne 0e57f99312 views: add an iframe mode to the login view 
Use it by putting a tag:

  <iframe height="0" width="0" src="{% url "mellon_login" %}?{{ request.GET.urlencode }}&passive&iframe"></iframe>

in your page. It will do a passive authentication inside the iframe and
will use JS to reload the top frame if authentication is successfull.
 2015-08-27 14:37:44 +02:00
Benjamin Dauvergne b1b0494ccc adapters: truncate attributes assigned to user fields (fixes #7907) 2015-07-22 16:22:59 +02:00
Benjamin Dauvergne 7ff1969bf5 views: add missing exception for case of status is not success (fixes #7878) 2015-07-21 14:06:54 +02:00
Serghei Mihai c3481b570c use requests to retreive metadata (#7785) 2015-07-06 12:01:58 +02:00
Benjamin Dauvergne 06f3380eb4 Use the lasso thin-sessions feature 2015-06-25 11:26:50 +02:00
Benjamin Dauvergne 00b7fe396c Send log message about logout before effective logout so that request.user is not Anonymous 2015-06-25 11:26:37 +02:00
Benjamin Dauvergne 1719127cae Do not store a name_id_name_qualifier or name_id_sp_name_qualifier if there is not (fixes #7680) 2015-06-25 11:25:57 +02:00