entrouvert
/
django-mellon
16
0
Fork 0
Code Issues Pull Requests Releases Activity
199 Commits 7 Branches 101 Tags 867 KiB
Commit Graph

148 Commits

Author SHA1 Message Date
Frédéric Péters 646132c661 misc: include target URL in AuthnRequest Extensions node (#18452) 2017-09-06 11:02:12 +02:00
Frédéric Péters 7767bc6740 use django facilities to get hostname from request (#16525) 
This is required as SERVER_NAME may not be used in some uwsgi
configuration, and HTTP_HOST should be used instead.

| Nginx maps the $server_name variable to the first server_name you define.
| In your case you have two solutions: read HTTP_HOST instead of SERVER_NAME
| in your app or set SERVER_NAME to $http_host in uwsgi_params
  -- http://lists.unbit.it/pipermail/uwsgi/2010-August/000571.html

The HttpRequest.get_host method handles those cases and more.
 2017-08-10 11:35:21 +02:00
Frédéric Péters 4201b41cdb misc: remove usage of urls.patterns for django 1.8 and later (#15959) 2017-04-23 21:08:15 +02:00
Frédéric Péters d89ecdfbce allow an adapter to adapt auth.login() (#14476) 2017-01-02 13:41:41 +01:00
Frédéric Péters a838336442 misc: remove south migrations (#14064) 2016-11-23 18:01:30 +01:00
Frédéric Péters dada4e8242 add logging of IdP SAML responses and looked up users (#14056) 2016-11-23 13:09:01 +01:00
Frédéric Péters db578bddcf translation update 2016-10-23 17:47:53 +02:00
Benjamin Dauvergne 4a52cfee3e allow views to refuse passive login (fixes #13627) 2016-10-18 10:03:41 +02:00
Benjamin Dauvergne 09ff054f57 retry login when artifact resolution return an empty message (fixes #12795) 
This commit also add a test of artifact login.
 2016-07-29 11:53:36 +02:00
Benjamin Dauvergne aaedfde786 views: gracefully handle logout errors (fixes #11449) 2016-06-22 11:06:46 +02:00
Benjamin Dauvergne 69a18d7272 utils: fix handling of multiple private keys (fixes #11475) 2016-06-22 11:06:33 +02:00
Frédéric Péters 80c748820a misc: force another auth.logout() after coming back from the IdP (#11394) 2016-06-16 16:13:04 +02:00
Frédéric Péters 33dded157a middleware: don't fail on unnamed URLs (#11319) 2016-06-13 13:43:06 +02:00
Frédéric Péters 0b141113d7 make login/logout URL names into settings (#10867) 2016-05-10 09:07:02 +02:00
Benjamin Dauvergne 49a5254363 allow federating transient NameID using an attribute (fixes #10619) 2016-04-27 09:22:05 +02:00
Frédéric Péters 6a6405d75f misc: allow unicode strings as authn classref (#10666) 2016-04-15 10:28:31 +02:00
Frédéric Péters 5eacaa2d22 misc: handle lasso.LoginStatusNotSuccessError (#10633) 2016-04-12 18:54:44 +02:00
Benjamin Dauvergne 74b61de641 replace dateutil by isodate (#10196) 
isodate has better support for the full ISO8601 specification.
 2016-04-11 19:14:07 +02:00
Benjamin Dauvergne d732f6ccb7 when status is not 200, report a fragment of the response (fixes #10270) 2016-04-11 17:07:38 +02:00
Benjamin Dauvergne 8a2558c2da views: wrap login view in non_atomic_requests to allow fine control of transactions' commit (fixes #10604) 2016-04-10 15:40:29 +02:00
Frédéric Péters ba6c092911 add support for artifact POST (#10596) 2016-04-08 15:10:31 +02:00
Benjamin Dauvergne 9c28f53c52 log partial logout error as a warning (fixes #10408) 2016-04-06 01:33:39 +02:00
Benjamin Dauvergne 7db1d7d7ed pep8ness 2016-04-06 01:33:39 +02:00
Benjamin Dauvergne 66d1811e2f refactor next_url and RelayState use (fixes #10372) 
The next_url parameter is  no more stored directly in the RelayState, as it
RelayState should only contain strings of no more thant 80 bytes, instead
generate an uuid as the relaystate and store the next_url value in session using
a key based on this uuid.

The implementation is generic enough to accomodate storing any other kind of
data during an SSO or SLO workflow.
 2016-03-22 15:20:29 +01:00
Benjamin Dauvergne bfa84bb6ba always consider relative URLs as being of the same origin (fixes #10371) 2016-03-22 15:13:48 +01:00
Benjamin Dauvergne 2aec7a3294 views: handle ProfileInvalidMsgError when resolving an artifact (#10270) 2016-03-11 17:10:52 +01:00
Benjamin Dauvergne dba3f32c3a views: handle ProfileInvalidArtifactError exception when resolving an artifact (#10270) 2016-03-11 17:10:52 +01:00
Frédéric Péters a3bc087890 misc: fix passing of RequestedAuthnContext (#10243) 2016-03-09 09:14:38 +01:00
Benjamin Dauvergne eb89a86ef3 add DiscoveryResponse endpoint to metadata (fixes #10197) 2016-03-04 11:05:01 +01:00
Benjamin Dauvergne 6aa9170982 Fix removal of admin right when users have admin attributes but is already admin (fixes #10195) 2016-03-04 10:07:54 +01:00
Benjamin Dauvergne 3f0f0be180 silence Django 1.10 deprecration warnings 2016-03-02 18:14:46 +01:00
Benjamin Dauvergne ec27553789 adapters: factorize user creation in lookup_user() (fixes #10164) 
User creation can have peculiarities.
 2016-03-02 17:39:15 +01:00
Benjamin Dauvergne fe53dab9ca trivial: move utils import 2016-02-26 21:36:08 +01:00
Benjamin Dauvergne 3d91d40cb2 django 1.9 adaptations 
- django.utils.same_origin was removed
- HttpRequest.REQUEST was removed
- settings.USE_TZ is True by default
- get_default_timezone() is now wrapped by an lrucache(), when modifying
  settings.TIME_ZONE we must also clear the cache.
 2016-02-26 21:35:21 +01:00
Benjamin Dauvergne 40cc598904 views: change HTTP 400 message when no idp is found 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne c1d2fb1a32 trivial: move lasso import 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 6af1ebfc55 views: do not traceback in get_idp() when no idp is declared 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne bb9451e6ba add discovery service support (fixes #10111) 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 8961a743f5 move idp settings building in adapters 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 9fe8aaf0be adapters: improve logging during provisionning 
- user creation is logged
- attributes are only changed if different from the provisionning value,
  and changes are logged.
 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne cf63b7e0ce templates: fix default_assertion_consumer_binding check, use of = instead of == 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 66922a5f29 app_settings: fix import of ImproperlyConfigured exception 
As sys.modules is modified, global imports do not work.
 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 33d305f7a7 add support for Organization and ContactPerson elements in metadata (fixes #6656) 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne aa95501d8b templates: fix public key representation in metadata 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 26ffe9af97 utils: fix iso8601_to_datetime, make_naive amd make_aware need a timezone parameter 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 4320f4fa78 utils: fix flatten_datetime, isoformat() already add a timezone if needed 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 75382c9ab1 pep8ness 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne bd216c7ab7 store cached metadata in settings 2016-02-26 18:09:27 +01:00
Benjamin Dauvergne 4f77ee0e24 do not pass strings contening null characters to Lasso, return 400 or ignore (fixes #8939) 2016-02-26 18:09:17 +01:00
Benjamin Dauvergne 3ca64e7eaf report lasso error at debug level 2016-02-12 19:44:24 +01:00