Benjamin Dauvergne
0e57f99312
views: add an iframe mode to the login view
...
Use it by putting a tag:
<iframe height="0" width="0" src="{% url "mellon_login" %}?{{ request.GET.urlencode }}&passive&iframe"></iframe>
in your page. It will do a passive authentication inside the iframe and
will use JS to reload the top frame if authentication is successfull.
2015-08-27 14:37:44 +02:00
Benjamin Dauvergne
7ff1969bf5
views: add missing exception for case of status is not success ( fixes #7878 )
2015-07-21 14:06:54 +02:00
Benjamin Dauvergne
06f3380eb4
Use the lasso thin-sessions feature
2015-06-25 11:26:50 +02:00
Benjamin Dauvergne
00b7fe396c
Send log message about logout before effective logout so that request.user is not Anonymous
2015-06-25 11:26:37 +02:00
Benjamin Dauvergne
1719127cae
Do not store a name_id_name_qualifier or name_id_sp_name_qualifier if there is not ( fixes #7680 )
2015-06-25 11:25:57 +02:00
Frédéric Péters
9e5bb02b3f
handle artifact response as a byte string ( #7544 )
2015-06-11 16:37:59 +02:00
Benjamin Dauvergne
9d8528968c
views: add a VERIFY_SSL_CERTIFICATE setting
...
It controls the validation of certificates by requests on artifact
resolve requests. It's a global and by idp setting.
Also improve logs in errors paths around when calling the artifact
resolver.
fixes #7521
2015-06-10 15:07:59 +02:00
Frédéric Péters
8dc0fd969a
add support for artifact GET protocol binding ( #7267 )
2015-05-18 18:09:15 +02:00
Benjamin Dauvergne
4b71bbca3a
views: in sso_failure() the call to self.get_id() could never work, replace by utils.get_idp()
...
In SSO response treatment we do not know anymore the requested IdP from the query string
we must look in the LassoLogin object.
fixes #7271
2015-05-18 16:16:27 +02:00
Benjamin Dauvergne
6dab31ace8
views: fix setting of isPassive and forceAuthn ( fixes #7100 )
2015-05-18 11:01:40 +02:00
Serghei Mihai
5dcde8614e
login view refactored ( #6801 )
...
Authentication logic split into another, overridable, method
2015-03-24 09:40:25 +01:00
Frédéric Péters
adb72da954
set login.msgRelayState to the value from POST ( #6384 )
2015-03-09 12:59:01 +01:00
Benjamin Dauvergne
9525e29b03
Always use adapters to get to IdP settings
2015-02-13 18:10:51 +01:00
Jérôme Schneider
4f0f50f816
mellon/views.py: store and load the liberty session dump for slo
2015-02-05 18:26:29 +01:00
Benjamin Dauvergne
b0f5c49893
Always set the issuer attribtute to the AuthnResponse issuer
2014-12-09 10:30:32 +01:00
Benjamin Dauvergne
96a51c4952
Use IdP entity id for default name qualifier and SP entity id for default sp name qualifier
2014-12-09 00:33:40 +01:00
Benjamin Dauvergne
94cfed8a8e
If name qualifier are missing use the implicit IdP or SP name qualifiers
2014-12-07 20:55:52 +01:00
Benjamin Dauvergne
ff548d020d
Force unicode on NameID qualifiers to enforce them being ASCII
2014-11-24 10:35:39 +01:00
Benjamin Dauvergne
15d420f728
Improve logging in views
2014-11-24 10:35:01 +01:00
Benjamin Dauvergne
9a2caa3a6a
Set AllowCreate flag on emitted AuthnRequest
2014-11-17 17:35:36 +01:00
Benjamin Dauvergne
84b616fe22
Fix extraction of the assertion's issuer
2014-09-05 15:05:34 +02:00
Benjamin Dauvergne
e5e9dcf86a
rename get_parameter() to get_setting()
2014-09-03 09:12:01 +02:00
Benjamin Dauvergne
9f587f1cc2
views: do not assume a nameIdentifier is available
...
Only populate NameID keys if a NameID was stored in
login.nameIdentifier.
2014-09-03 09:12:01 +02:00
Benjamin Dauvergne
b90059feef
views: delete dead imports
2014-09-03 09:12:01 +02:00
Benjamin Dauvergne
bcb055263b
improve handling of authentication errors
...
All errors are logged as warnings, status message and status codes are
logged, and if DEBUG is True, shown to the user.
2014-05-28 20:19:54 +02:00
Benjamin Dauvergne
ca4cad75a6
views: formatting
2014-05-02 17:18:53 +02:00
Benjamin Dauvergne
371d6bc941
views: apply django.shortcuts.resolve_url() to all use of settings.LOGIN_REDIRECT_URL
2014-05-02 17:18:39 +02:00
Benjamin Dauvergne
0e3b0272f0
views,utils: keep the NameQualifier and SPNameQualifier attribut of NameID as they could be mandatory for some IdPs
2014-05-02 16:01:47 +02:00
Benjamin Dauvergne
cf7da749cb
views: fix processing of logout responses
2014-05-02 16:01:47 +02:00
Benjamin Dauvergne
d2feb75bb6
views: always do the local logout
2014-05-02 16:01:47 +02:00
Benjamin Dauvergne
6b8dcc5e78
views: improve display of authentication failures
2014-05-02 16:01:47 +02:00
Benjamin Dauvergne
565d7a07f2
add logout support
2014-05-02 11:48:05 +02:00
Benjamin Dauvergne
a1646489e2
first commit
2014-04-30 14:34:39 +02:00