Benjamin Dauvergne
8da5807298
middleware: do not apply autologin to mellon views ( fixes #9131 )
2015-11-27 10:29:21 +01:00
Benjamin Dauvergne
ad2a575a35
middleware: disallow passive authentication when no IdP is found ( fixes #8123 )
2015-09-25 16:12:30 +02:00
Benjamin Dauvergne
7f70dbcb9f
Revert "views: add an iframe mode to the login view"
...
This reverts commit 0e57f99312
.
2015-09-25 15:38:13 +02:00
Benjamin Dauvergne
9667aa5f18
add PassiveAuthenticationMiddleware using a common domain cookie ( fixes #8123 )
...
Name of the cookie must be put in MELLON_OPENED_SESSION_COOKIE_NAME and
common domain can be defined in MELLON_OPENED_SESSION_COOKIE_DOMAIN, if
unset the common domain is guessed by removing the first part of the
domain name (www.xxx.com -> xxx.com).
2015-09-25 15:03:49 +02:00
Benjamin Dauvergne
0e57f99312
views: add an iframe mode to the login view
...
Use it by putting a tag:
<iframe height="0" width="0" src="{% url "mellon_login" %}?{{ request.GET.urlencode }}&passive&iframe"></iframe>
in your page. It will do a passive authentication inside the iframe and
will use JS to reload the top frame if authentication is successfull.
2015-08-27 14:37:44 +02:00
Benjamin Dauvergne
b1b0494ccc
adapters: truncate attributes assigned to user fields ( fixes #7907 )
2015-07-22 16:22:59 +02:00
Benjamin Dauvergne
7ff1969bf5
views: add missing exception for case of status is not success ( fixes #7878 )
2015-07-21 14:06:54 +02:00
Serghei Mihai
c3481b570c
use requests to retreive metadata ( #7785 )
2015-07-06 12:01:58 +02:00
Benjamin Dauvergne
06f3380eb4
Use the lasso thin-sessions feature
2015-06-25 11:26:50 +02:00
Benjamin Dauvergne
00b7fe396c
Send log message about logout before effective logout so that request.user is not Anonymous
2015-06-25 11:26:37 +02:00
Benjamin Dauvergne
1719127cae
Do not store a name_id_name_qualifier or name_id_sp_name_qualifier if there is not ( fixes #7680 )
2015-06-25 11:25:57 +02:00
Benjamin Dauvergne
d064fad15b
Add debug log of rebuilt session dumps in create_logout() ( #7680 )
2015-06-25 11:25:17 +02:00
Frédéric Péters
8438b53a3f
doc: fix typo
2015-06-17 11:16:23 +02:00
Frédéric Péters
9e5bb02b3f
handle artifact response as a byte string ( #7544 )
2015-06-11 16:37:59 +02:00
Benjamin Dauvergne
9d8528968c
views: add a VERIFY_SSL_CERTIFICATE setting
...
It controls the validation of certificates by requests on artifact
resolve requests. It's a global and by idp setting.
Also improve logs in errors paths around when calling the artifact
resolver.
fixes #7521
2015-06-10 15:07:59 +02:00
Benjamin Dauvergne
e1284efa6c
update changelog
2015-06-05 21:47:37 +02:00
Benjamin Dauvergne
da384ec770
Add migrations for south
2015-06-05 21:46:36 +02:00
Benjamin Dauvergne
44ad739558
update changelog
2015-06-04 15:31:28 +02:00
Benjamin Dauvergne
2b6ce04423
authentication_failed.html: show the StatusMessage to the user if there is one
2015-06-01 02:44:21 +02:00
Benjamin Dauvergne
56336823aa
MANIFEST.in: include Changelog, COPYING, testsettings.py and tests/*.py
2015-05-29 11:53:41 +02:00
Benjamin Dauvergne
6539045ff9
add a Changelog
2015-05-29 11:53:41 +02:00
Benjamin Dauvergne
d5b8ec81a9
app_settings,views: make the default assertion consumer binding customizable, and restore POST as the default
...
And restore default to POST.
fixes #7406
2015-05-29 11:53:30 +02:00
Benjamin Dauvergne
c9b4663033
setup.py,MANIFEST.in: include the VERSION file in distribution
2015-05-29 11:52:01 +02:00
Jérôme Schneider
1bf26c3bc3
setup.py: requests is an install_requires not a setup_requires
2015-05-19 17:01:51 +02:00
Benjamin Dauvergne
a64d4e9da4
templates: make HTTP-Artifact the default binding for SSO
...
fixes #7625
2015-05-19 08:23:37 +02:00
Frédéric Péters
8dc0fd969a
add support for artifact GET protocol binding ( #7267 )
2015-05-18 18:09:15 +02:00
Benjamin Dauvergne
6b4cabdc27
adapters: fix DefaultAdapter.get_idp(), idp['ENTITY_ID'] is a string not a list
...
This method was incorrectly using the `in' operator instead of the == operator.
fixes #7270
2015-05-18 16:35:48 +02:00
Benjamin Dauvergne
59e93e270f
Revert "templates: make HTTP-Artifact the default binding for SSO"
...
This reverts commit 5e297925c6
.
2015-05-18 16:35:48 +02:00
Benjamin Dauvergne
4b71bbca3a
views: in sso_failure() the call to self.get_id() could never work, replace by utils.get_idp()
...
In SSO response treatment we do not know anymore the requested IdP from the query string
we must look in the LassoLogin object.
fixes #7271
2015-05-18 16:16:27 +02:00
Benjamin Dauvergne
12214b8cb5
utils: add a default return value to utils.get_idp()
...
refs #7271
2015-05-18 16:16:22 +02:00
Benjamin Dauvergne
5e297925c6
templates: make HTTP-Artifact the default binding for SSO
...
fixes #7625
2015-05-18 11:01:40 +02:00
Benjamin Dauvergne
6dab31ace8
views: fix setting of isPassive and forceAuthn ( fixes #7100 )
2015-05-18 11:01:40 +02:00
Frédéric Péters
8687da892c
debian: require python 2.7 (required by django 1.8)
2015-05-07 12:40:35 +02:00
Frédéric Péters
eac5d90da8
tests: adapt to usernames cut at 30 characters
2015-05-07 11:32:53 +02:00
Benjamin Dauvergne
1f56211c2f
Limit username to 30 characters for now ( #7085 )
2015-05-07 11:32:53 +02:00
Frédéric Péters
0315d395bf
tests: initial adapter tests
2015-05-07 11:32:53 +02:00
Frédéric Péters
e5c947a052
doc: fix title level for some configuration variables
2015-05-07 11:32:53 +02:00
Benjamin Dauvergne
86a1167b99
add a model to store user<->NameID mapping ( #7085 )
2015-05-07 11:32:52 +02:00
Benjamin Dauvergne
8eeb82c5c4
Prepare for adding tests
2015-04-29 18:33:27 +02:00
Benjamin Dauvergne
c2a2159311
Add .gitignore
2015-04-29 16:38:13 +02:00
Benjamin Dauvergne
639ba84f4e
Add 'debian/' from commit '4bd86775e1216577ee7cf5c756b30793773f6b51'
...
git-subtree-dir: debian
git-subtree-mainline: bb08da0f9e
git-subtree-split: 4bd86775e1
2015-04-02 19:27:45 +02:00
Benjamin Dauvergne
bb08da0f9e
Support encryption
2015-03-26 16:44:14 +01:00
Serghei Mihai
5dcde8614e
login view refactored ( #6801 )
...
Authentication logic split into another, overridable, method
2015-03-24 09:40:25 +01:00
Benjamin Dauvergne
c8cad9b814
Fix include of base.html in mellon/base.html
2015-03-18 10:43:36 +01:00
Benjamin Dauvergne
50c3d544d4
Add mellon/base.html
2015-03-18 10:34:50 +01:00
Frédéric Péters
40a31aba9e
save provisioned users ( #6667 )
2015-03-16 10:40:35 +01:00
Benjamin Dauvergne
9c83540415
Set version only from git tags
2015-03-09 13:01:43 +01:00
Frédéric Péters
adb72da954
set login.msgRelayState to the value from POST ( #6384 )
2015-03-09 12:59:01 +01:00
Benjamin Dauvergne
8f8f47b1a9
Allow getting metadata of IdP by doing an HTTP GET
2015-02-13 18:23:28 +01:00
Benjamin Dauvergne
9525e29b03
Always use adapters to get to IdP settings
2015-02-13 18:10:51 +01:00