entrouvert
/
django-mellon
16
0
Fork 0
Code Issues Pull Requests Releases Activity
311 Commits 7 Branches 101 Tags 867 KiB
Commit Graph

71 Commits

Author SHA1 Message Date
Benjamin Dauvergne e1deb96f8c tests: clear caplog between sessions (#41949) 2020-06-21 13:13:57 +02:00
Benjamin Dauvergne 482aa09f92 misc: add support for SOAP SLO (#41949) 2020-06-21 13:13:57 +02:00
Benjamin Dauvergne 65cbdcefc3 misc: support asynchronous logout (#41949) 
It means that will lookup for other Django sessions linked to the
received logout request; logout request can specify session indexes or
ask for logout of all sessions of the user targeted by the NameID.
 2020-06-21 13:13:57 +02:00
Benjamin Dauvergne c05f4a3129 views: ignore XML content in SAML attributes (#43193) 2020-05-21 21:04:51 +02:00
Frédéric Péters d67297c7aa misc: return bad request messages as plain text (#41602) 2020-04-10 16:45:29 +02:00
Frédéric Péters 74230b51ec general: remove compatibility with django < 1.11 (#38616) 2020-01-29 20:33:02 +01:00
Frédéric Péters 7802e85d52 misc: allow all views to receive template_base/context_hook kwargs (#38610) 2019-12-18 09:39:48 +01:00
Frédéric Péters b1b85cf0d2 add possibility to define a hook to alter login template context (#38533) 2019-12-16 14:22:18 +01:00
Benjamin Dauvergne 09c32c83d5 misc: make login_hint works without next parameter (#38163) 2019-12-03 19:53:37 +01:00
Benjamin Dauvergne 63c7cdc151 tests: fix passive authentication tests (#30497) 
Passive authentication only works for text/html requests by browsers
now.
 2019-12-03 19:11:04 +01:00
Benjamin Dauvergne d5e5701899 add kwargs template_base to LoginView (#35083) 2019-12-02 17:47:13 +01:00
Benjamin Dauvergne 7095b1368b use MiddlewareMixin on middleware (#36509) 
Remove OPENED_SESSION_COOKIE_DOMAIN which has no use.
 2019-10-04 17:45:25 +02:00
Benjamin Dauvergne 83abc78605 factorize compatibility layer (#36509) 2019-10-04 17:45:25 +02:00
Benjamin Dauvergne a4a659d04e make DiscoveryResponse optional in metadata (#15260) 2019-10-01 12:31:52 +02:00
Frédéric Péters 389e6d790b tests: update for compatibility with django 2.2 (#36330) 2019-09-22 10:10:15 +02:00
Benjamin Dauvergne ab92ca9a07 use unicode_literals (#34008) 2019-07-02 17:44:03 +02:00
Benjamin Dauvergne 39e2e7e5ac update and cache metadata from URL and path (#10196) 2019-06-18 00:53:01 +02:00
Benjamin Dauvergne 83a09d874e code style (#10196) 2019-06-18 00:53:01 +02:00
Benjamin Dauvergne 968aa07faf really retrieve XML encoding (#10196) 2019-06-18 00:53:01 +02:00
Benjamin Dauvergne 31015e6580 add user lookup by attributes (#33739) 2019-06-11 16:46:02 +02:00
Benjamin Dauvergne e1fa70d28d add setting MELLON_SIGNATURE_METHOD (#32008) 
It defaults to RSA-SHA256 as RSA-SHA1 which is the default in Lasso is
deprecated.
 2019-04-19 11:09:11 +02:00
Benjamin Dauvergne c5da4db69c tests: use RSA-SHA256 certificates (fixes #31963) 2019-04-03 12:41:32 +02:00
Benjamin Dauvergne b640f5b334 tests: test failed request path with artifact (#31690) 2019-03-25 15:24:13 +01:00
Benjamin Dauvergne ca6ce92781 views: fix discovery URL building (#31581) 2019-03-20 14:28:05 +01:00
Benjamin Dauvergne b3e1b9c533 views: add new setting LOGIN_HINTS (fixes #30966) 
You can set MELLON_LOGIN_HINTS = ['backoffice'] to get a node
eo:login-hint set to "backoffice" in AuthnRequest when next_url for the
login view is among /manage/, /admin/ or /manager/.

Another value is 'always_backoffice' which always set the 'backoffice'
login_hint.
 2019-03-07 23:12:56 +01:00
Benjamin Dauvergne f2e05b84ae prevent redirection loop on artifact resolution errors (fixes #14810) 
Signature of method sso_failure() is changed to match the name name of
the context variable in template mellon/authentication_failed.html
(idp_message => reason).
 2019-03-02 16:42:46 +01:00
Frédéric Péters a1fa7d36df don't cache local metadata anymore (#13881) 2018-09-05 17:09:31 +02:00
Paul Marillonnet 349a4ec3bc skip test if number of concurrent connections above default pg limit (#25252) 2018-07-18 18:07:24 +02:00
Paul Marillonnet c5fddd13cd tests: adapt to lasso PEM-formatting deprecation (#24531) 2018-07-18 18:06:18 +02:00
Benjamin Dauvergne d4d0b85944 use good API from lasso to set Extensions node content (#23003) 
- use extensions.any tuple to set the content of the Extensions node
- add tests for the presence of the eo:next_url node when
  ADD_AUTHNREQUEST_NEXT_URL_EXTENSION is used
- add tests for next_url propagation through the RelayState value
 2018-06-06 11:05:59 +02:00
Frédéric Péters edb09ed8fd use force_text for python2/3 compatibility (#24139) 2018-05-29 12:21:13 +02:00
Frédéric Péters 8252e948e7 tests: adapt to python 3 2018-04-05 14:38:49 +02:00
Frédéric Péters ffadd1a618 python3: use urlparse compatibility module in tests 2018-04-05 14:31:45 +02:00
Frédéric Péters d342971a45 python3: use open() to open files 2018-04-05 14:25:54 +02:00
Frédéric Péters 7ac7c48f67 tests: don't use a leading 0 in numbers 2018-03-27 09:05:39 +02:00
Benjamin Dauvergne f1af12e6a1 tests: prevent "Database is locked" error during concurrency test (fixes #19678) 
SQLite has a default timeout of 5 seconds, we augment it to 400 seconds. We also
replace our custom thread pool by the one provided by multiprocessing.
 2018-03-12 14:27:27 +01:00
Benjamin Dauvergne be791d54a8 set a default value for IDENTITY_PROVIDERS ((fixes #20221) 2018-03-07 18:09:44 +01:00
Benjamin Dauvergne 6c528dd2c3 Revert "support federation file loading (#19396)" 
This reverts commit 63993e360c.
 2018-01-09 21:43:25 +01:00
Paul Marillonnet 63993e360c support federation file loading (#19396) 2018-01-09 17:50:25 +01:00
Frédéric Péters 18eb3a8632 tests: remove django < 1.8 leftovers (#19659) 2018-01-09 15:30:00 +01:00
Benjamin Dauvergne cb3e18c8ba tests: fix discovery service tests (#19018 #19016) 2017-09-27 21:59:15 +02:00
Benjamin Dauvergne 83388d396c tests: replace unmaintained pytest-capturelog by its maintained fork pytest-catchlog 2017-03-22 23:06:50 +01:00
Benjamin Dauvergne 0aae0ad4dd tests: adapt to changes in django-webtest 2017-03-22 23:06:50 +01:00
Benjamin Dauvergne 09ff054f57 retry login when artifact resolution return an empty message (fixes #12795) 
This commit also add a test of artifact login.
 2016-07-29 11:53:36 +02:00
Benjamin Dauvergne 958cb65acd tests: use dummy metadata from lasso, starts tests of SSO/SLO (fixes #11476) 2016-06-22 11:06:20 +02:00
Benjamin Dauvergne 49a5254363 allow federating transient NameID using an attribute (fixes #10619) 2016-04-27 09:22:05 +02:00
Frédéric Péters 6a6405d75f misc: allow unicode strings as authn classref (#10666) 2016-04-15 10:28:31 +02:00
Benjamin Dauvergne 7db1d7d7ed pep8ness 2016-04-06 01:33:39 +02:00
Benjamin Dauvergne 66d1811e2f refactor next_url and RelayState use (fixes #10372) 
The next_url parameter is  no more stored directly in the RelayState, as it
RelayState should only contain strings of no more thant 80 bytes, instead
generate an uuid as the relaystate and store the next_url value in session using
a key based on this uuid.

The implementation is generic enough to accomodate storing any other kind of
data during an SSO or SLO workflow.
 2016-03-22 15:20:29 +01:00
Benjamin Dauvergne 2aec7a3294 views: handle ProfileInvalidMsgError when resolving an artifact (#10270) 2016-03-11 17:10:52 +01:00