Benjamin Dauvergne
e1deb96f8c
tests: clear caplog between sessions ( #41949 )
2020-06-21 13:13:57 +02:00
Benjamin Dauvergne
482aa09f92
misc: add support for SOAP SLO ( #41949 )
2020-06-21 13:13:57 +02:00
Benjamin Dauvergne
65cbdcefc3
misc: support asynchronous logout ( #41949 )
...
It means that will lookup for other Django sessions linked to the
received logout request; logout request can specify session indexes or
ask for logout of all sessions of the user targeted by the NameID.
2020-06-21 13:13:57 +02:00
Benjamin Dauvergne
c05f4a3129
views: ignore XML content in SAML attributes ( #43193 )
2020-05-21 21:04:51 +02:00
Frédéric Péters
d67297c7aa
misc: return bad request messages as plain text ( #41602 )
2020-04-10 16:45:29 +02:00
Frédéric Péters
74230b51ec
general: remove compatibility with django < 1.11 ( #38616 )
2020-01-29 20:33:02 +01:00
Frédéric Péters
7802e85d52
misc: allow all views to receive template_base/context_hook kwargs ( #38610 )
2019-12-18 09:39:48 +01:00
Frédéric Péters
b1b85cf0d2
add possibility to define a hook to alter login template context ( #38533 )
2019-12-16 14:22:18 +01:00
Benjamin Dauvergne
09c32c83d5
misc: make login_hint works without next parameter ( #38163 )
2019-12-03 19:53:37 +01:00
Benjamin Dauvergne
63c7cdc151
tests: fix passive authentication tests ( #30497 )
...
Passive authentication only works for text/html requests by browsers
now.
2019-12-03 19:11:04 +01:00
Benjamin Dauvergne
d5e5701899
add kwargs template_base to LoginView ( #35083 )
2019-12-02 17:47:13 +01:00
Benjamin Dauvergne
7095b1368b
use MiddlewareMixin on middleware ( #36509 )
...
Remove OPENED_SESSION_COOKIE_DOMAIN which has no use.
2019-10-04 17:45:25 +02:00
Benjamin Dauvergne
83abc78605
factorize compatibility layer ( #36509 )
2019-10-04 17:45:25 +02:00
Benjamin Dauvergne
a4a659d04e
make DiscoveryResponse optional in metadata ( #15260 )
2019-10-01 12:31:52 +02:00
Frédéric Péters
389e6d790b
tests: update for compatibility with django 2.2 ( #36330 )
2019-09-22 10:10:15 +02:00
Benjamin Dauvergne
ab92ca9a07
use unicode_literals ( #34008 )
2019-07-02 17:44:03 +02:00
Benjamin Dauvergne
39e2e7e5ac
update and cache metadata from URL and path ( #10196 )
2019-06-18 00:53:01 +02:00
Benjamin Dauvergne
83a09d874e
code style ( #10196 )
2019-06-18 00:53:01 +02:00
Benjamin Dauvergne
968aa07faf
really retrieve XML encoding ( #10196 )
2019-06-18 00:53:01 +02:00
Benjamin Dauvergne
31015e6580
add user lookup by attributes ( #33739 )
2019-06-11 16:46:02 +02:00
Benjamin Dauvergne
e1fa70d28d
add setting MELLON_SIGNATURE_METHOD ( #32008 )
...
It defaults to RSA-SHA256 as RSA-SHA1 which is the default in Lasso is
deprecated.
2019-04-19 11:09:11 +02:00
Benjamin Dauvergne
c5da4db69c
tests: use RSA-SHA256 certificates ( fixes #31963 )
2019-04-03 12:41:32 +02:00
Benjamin Dauvergne
b640f5b334
tests: test failed request path with artifact ( #31690 )
2019-03-25 15:24:13 +01:00
Benjamin Dauvergne
ca6ce92781
views: fix discovery URL building ( #31581 )
2019-03-20 14:28:05 +01:00
Benjamin Dauvergne
b3e1b9c533
views: add new setting LOGIN_HINTS ( fixes #30966 )
...
You can set MELLON_LOGIN_HINTS = ['backoffice'] to get a node
eo:login-hint set to "backoffice" in AuthnRequest when next_url for the
login view is among /manage/, /admin/ or /manager/.
Another value is 'always_backoffice' which always set the 'backoffice'
login_hint.
2019-03-07 23:12:56 +01:00
Benjamin Dauvergne
f2e05b84ae
prevent redirection loop on artifact resolution errors ( fixes #14810 )
...
Signature of method sso_failure() is changed to match the name name of
the context variable in template mellon/authentication_failed.html
(idp_message => reason).
2019-03-02 16:42:46 +01:00
Frédéric Péters
a1fa7d36df
don't cache local metadata anymore ( #13881 )
2018-09-05 17:09:31 +02:00
Paul Marillonnet
349a4ec3bc
skip test if number of concurrent connections above default pg limit ( #25252 )
2018-07-18 18:07:24 +02:00
Paul Marillonnet
c5fddd13cd
tests: adapt to lasso PEM-formatting deprecation ( #24531 )
2018-07-18 18:06:18 +02:00
Benjamin Dauvergne
d4d0b85944
use good API from lasso to set Extensions node content ( #23003 )
...
- use extensions.any tuple to set the content of the Extensions node
- add tests for the presence of the eo:next_url node when
ADD_AUTHNREQUEST_NEXT_URL_EXTENSION is used
- add tests for next_url propagation through the RelayState value
2018-06-06 11:05:59 +02:00
Frédéric Péters
edb09ed8fd
use force_text for python2/3 compatibility ( #24139 )
2018-05-29 12:21:13 +02:00
Frédéric Péters
8252e948e7
tests: adapt to python 3
2018-04-05 14:38:49 +02:00
Frédéric Péters
ffadd1a618
python3: use urlparse compatibility module in tests
2018-04-05 14:31:45 +02:00
Frédéric Péters
d342971a45
python3: use open() to open files
2018-04-05 14:25:54 +02:00
Frédéric Péters
7ac7c48f67
tests: don't use a leading 0 in numbers
2018-03-27 09:05:39 +02:00
Benjamin Dauvergne
f1af12e6a1
tests: prevent "Database is locked" error during concurrency test ( fixes #19678 )
...
SQLite has a default timeout of 5 seconds, we augment it to 400 seconds. We also
replace our custom thread pool by the one provided by multiprocessing.
2018-03-12 14:27:27 +01:00
Benjamin Dauvergne
be791d54a8
set a default value for IDENTITY_PROVIDERS (( fixes #20221 )
2018-03-07 18:09:44 +01:00
Benjamin Dauvergne
6c528dd2c3
Revert "support federation file loading ( #19396 )"
...
This reverts commit 63993e360c
.
2018-01-09 21:43:25 +01:00
Paul Marillonnet
63993e360c
support federation file loading ( #19396 )
2018-01-09 17:50:25 +01:00
Frédéric Péters
18eb3a8632
tests: remove django < 1.8 leftovers ( #19659 )
2018-01-09 15:30:00 +01:00
Benjamin Dauvergne
cb3e18c8ba
tests: fix discovery service tests ( #19018 #19016 )
2017-09-27 21:59:15 +02:00
Benjamin Dauvergne
83388d396c
tests: replace unmaintained pytest-capturelog by its maintained fork pytest-catchlog
2017-03-22 23:06:50 +01:00
Benjamin Dauvergne
0aae0ad4dd
tests: adapt to changes in django-webtest
2017-03-22 23:06:50 +01:00
Benjamin Dauvergne
09ff054f57
retry login when artifact resolution return an empty message ( fixes #12795 )
...
This commit also add a test of artifact login.
2016-07-29 11:53:36 +02:00
Benjamin Dauvergne
958cb65acd
tests: use dummy metadata from lasso, starts tests of SSO/SLO ( fixes #11476 )
2016-06-22 11:06:20 +02:00
Benjamin Dauvergne
49a5254363
allow federating transient NameID using an attribute ( fixes #10619 )
2016-04-27 09:22:05 +02:00
Frédéric Péters
6a6405d75f
misc: allow unicode strings as authn classref ( #10666 )
2016-04-15 10:28:31 +02:00
Benjamin Dauvergne
7db1d7d7ed
pep8ness
2016-04-06 01:33:39 +02:00
Benjamin Dauvergne
66d1811e2f
refactor next_url and RelayState use ( fixes #10372 )
...
The next_url parameter is no more stored directly in the RelayState, as it
RelayState should only contain strings of no more thant 80 bytes, instead
generate an uuid as the relaystate and store the next_url value in session using
a key based on this uuid.
The implementation is generic enough to accomodate storing any other kind of
data during an SSO or SLO workflow.
2016-03-22 15:20:29 +01:00
Benjamin Dauvergne
2aec7a3294
views: handle ProfileInvalidMsgError when resolving an artifact ( #10270 )
2016-03-11 17:10:52 +01:00