entrouvert
/
django-mellon
16
0
Fork 0
Code Issues Pull Requests Releases Activity
341 Commits 7 Branches 101 Tags 867 KiB
Commit Graph

109 Commits

Author SHA1 Message Date
Benjamin Dauvergne 4941fd7281 show an error page when create_server fails (#57176) 2021-09-23 10:39:04 +02:00
Benjamin Dauvergne 73bfa476ef drop and rename issuer field (#56819) 2021-09-15 16:55:59 +02:00
Benjamin Dauvergne fbc3588f1b add MELLON_ASSERTION_CONSUMER_BINDINGS (#52063) 
The default value is ['post', 'artifact'].
 2021-08-05 15:57:39 +02:00
Benjamin Dauvergne 4729ef9a3b apply isort and pyupgrade (#55990) 2021-08-05 11:13:19 +02:00
Benjamin Dauvergne 2704f4feaa views: keep a nonce during a forceAuthn request (#55953) 
Nonce value and forceAuthn is linked to the request id which is randomly
generated by lasso and returned by IdPs as part of a SAML SSO.
 2021-08-03 17:20:49 +02:00
Valentin Deniaud dbdd6fd70b views: add debug login view (#55557) 2021-08-03 11:59:17 +02:00
Valentin Deniaud dde8fa5d02 views: move login code to separate method (#55557) 2021-08-03 11:12:18 +02:00
Benjamin Dauvergne 5b9bc1ff57 trivial: apply black (#51575) 2021-03-02 14:52:10 +01:00
Benjamin Dauvergne 3678c49fc0 misc: pass request to django.contrib.auth.authenticate() (#51566) 2021-03-02 12:05:30 +01:00
Lauréline Guérin 7cd78e96ab
views: fix logout is user is already logged out (#50155) 2021-01-15 10:51:51 +01:00
Valentin Deniaud bdbc251291 views: handle empty session at authentication (#45461) 2020-07-28 09:33:12 +02:00
Benjamin Dauvergne 24f96bb6c9 misc: style (#41949) 2020-06-21 13:13:57 +02:00
Benjamin Dauvergne 482aa09f92 misc: add support for SOAP SLO (#41949) 2020-06-21 13:13:57 +02:00
Benjamin Dauvergne 65cbdcefc3 misc: support asynchronous logout (#41949) 
It means that will lookup for other Django sessions linked to the
received logout request; logout request can specify session indexes or
ask for logout of all sessions of the user targeted by the NameID.
 2020-06-21 13:13:57 +02:00
Benjamin Dauvergne c05f4a3129 views: ignore XML content in SAML attributes (#43193) 2020-05-21 21:04:51 +02:00
Frédéric Péters d67297c7aa misc: return bad request messages as plain text (#41602) 2020-04-10 16:45:29 +02:00
Frédéric Péters 74230b51ec general: remove compatibility with django < 1.11 (#38616) 2020-01-29 20:33:02 +01:00
Frédéric Péters b4a08778bf misc: use compat.is_authenticated() in logout views (#38613) 2019-12-18 10:25:44 +01:00
Frédéric Péters 7802e85d52 misc: allow all views to receive template_base/context_hook kwargs (#38610) 2019-12-18 09:39:48 +01:00
Frédéric Péters b1b85cf0d2 add possibility to define a hook to alter login template context (#38533) 2019-12-16 14:22:18 +01:00
Benjamin Dauvergne 09c32c83d5 misc: make login_hint works without next parameter (#38163) 2019-12-03 19:53:37 +01:00
Benjamin Dauvergne d5e5701899 add kwargs template_base to LoginView (#35083) 2019-12-02 17:47:13 +01:00
Benjamin Dauvergne b673b3a7fe do not crash if no idp is found (#19260) 
Also improve logging of no idp situation in default backend.
 2019-12-02 17:46:42 +01:00
Benjamin Dauvergne 83abc78605 factorize compatibility layer (#36509) 2019-10-04 17:45:25 +02:00
Frédéric Péters 785969fc11 misc: add support for new django.urls module (#36330) 2019-09-22 08:33:08 +02:00
Benjamin Dauvergne ab92ca9a07 use unicode_literals (#34008) 2019-07-02 17:44:03 +02:00
Frédéric Péters 6284da2ae6 misc: catch all unicode exceptions when checking next_url (#33083) 2019-06-25 17:46:08 +02:00
Benjamin Dauvergne 39e2e7e5ac update and cache metadata from URL and path (#10196) 2019-06-18 00:53:01 +02:00
Benjamin Dauvergne 83a09d874e code style (#10196) 2019-06-18 00:53:01 +02:00
Frédéric Péters 99a60c1d88 update sso_failure call to new method signature (#31690) 2019-03-25 14:03:04 +01:00
Benjamin Dauvergne ca6ce92781 views: fix discovery URL building (#31581) 2019-03-20 14:28:05 +01:00
Benjamin Dauvergne d0e6f46f9b views: keep next URL on disco requests (fixes #31043) 2019-03-19 23:43:37 +01:00
Benjamin Dauvergne b3e1b9c533 views: add new setting LOGIN_HINTS (fixes #30966) 
You can set MELLON_LOGIN_HINTS = ['backoffice'] to get a node
eo:login-hint set to "backoffice" in AuthnRequest when next_url for the
login view is among /manage/, /admin/ or /manager/.

Another value is 'always_backoffice' which always set the 'backoffice'
login_hint.
 2019-03-07 23:12:56 +01:00
Benjamin Dauvergne b7712516ee views: PEP8ness (#30966) 2019-03-07 23:12:07 +01:00
Benjamin Dauvergne f2e05b84ae prevent redirection loop on artifact resolution errors (fixes #14810) 
Signature of method sso_failure() is changed to match the name name of
the context variable in template mellon/authentication_failed.html
(idp_message => reason).
 2019-03-02 16:42:46 +01:00
Frédéric Péters d026ce40e1 don't use RelayState as continuation URL in case of errors (#25522) 2018-07-29 23:12:10 +02:00
Benjamin Dauvergne d4d0b85944 use good API from lasso to set Extensions node content (#23003) 
- use extensions.any tuple to set the content of the Extensions node
- add tests for the presence of the eo:next_url node when
  ADD_AUTHNREQUEST_NEXT_URL_EXTENSION is used
- add tests for next_url propagation through the RelayState value
 2018-06-06 11:05:59 +02:00
Frédéric Péters edb09ed8fd use force_text for python2/3 compatibility (#24139) 2018-05-29 12:21:13 +02:00
Frédéric Péters 163639501c python3: always use %s to get user representation in logs 2018-04-05 14:31:45 +02:00
Frédéric Péters 24e85adc5a python3: handle differences in lasso/py2/py3 encodings 2018-04-05 14:31:45 +02:00
Frédéric Péters 239f39c097 python3: add detection of xml encoding 2018-04-05 14:25:54 +02:00
Thomas NOËL ac75dce84f misc: disable AuthnRequest eo:next_url Extensions by default (fixes #20229) 2018-03-07 15:59:10 +01:00
Benjamin Dauvergne 6c528dd2c3 Revert "support federation file loading (#19396)" 
This reverts commit 63993e360c.
 2018-01-09 21:43:25 +01:00
Paul Marillonnet 63993e360c support federation file loading (#19396) 2018-01-09 17:50:25 +01:00
Frédéric Péters 343be40b6f misc: update exception handling for Python 3 (#20925) 2017-12-30 11:53:31 +01:00
Benjamin Dauvergne cb3e18c8ba tests: fix discovery service tests (#19018 #19016) 2017-09-27 21:59:15 +02:00
Benjamin Dauvergne 1703cc5da2 views: send entityID to discovery service (fixes #19016) 2017-09-27 14:28:44 +02:00
Benjamin Dauvergne afe3d4a83f views: add nodisco=1 to discovery service return url (fixes #19018) 2017-09-27 14:28:43 +02:00
Benjamin Dauvergne 850a192bcb add a timeout to artifact resolve HTTP calls (fixes #18098) 2017-09-27 14:28:43 +02:00
Frédéric Péters 646132c661 misc: include target URL in AuthnRequest Extensions node (#18452) 2017-09-06 11:02:12 +02:00