1.2.24 ------ - fix bug in DefaultAdapter.provision_superuser when user has already is_superuser and is_staff set to True 1.2.23 ------ - silence Django 1.10 deprecration warnings - adapters: factorize user creation in lookup_user() (fixes #10164) - trivial: move utils import - django 1.9 adaptations - tests: add test on SP initiated login - views: change HTTP 400 message when no idp is found - trivial: move lasso import - tests: add tests on mellon.utils - views: do not traceback in get_idp() when no idp is declared - tests: remove unused variable - add discovery service support (fixes #10111) - move idp settings building in adapters - adapters: improve logging during provisionning - templates: fix default_assertion_consumer_binding check, use of = instead of == - app_settings: fix import of ImproperlyConfigured exception - add support for Organization and ContactPerson elements in metadata (fixes #6656) - templates: fix public key representation in metadata - tests: add helper to check XML documents - utils: fix iso8601_to_datetime, make_naive amd make_aware need a timezone parameter - utils: fix flatten_datetime, isoformat() already add a timezone if needed - store cached metadata in settings - do not pass strings contening null characters to Lasso, return 400 or ignore (fixes #8939) - add tox.ini to test on django 1.7, 1.8, 1.9 and with sqlite and pg - report lasso error at debug level - log errors when loading IdP metadata instead of throwing a traceback (fixes #9745) - fix concurrency error when creating new users (fixes #9965) 1.2.22 ------ - reset is_staff when superuser mapping fails (fixes #9736) - implement session_not_on_or_after using new session engines (fixes #9640) - use dateutil to parse datetime strings (#9640) - utils: return naive datetime if USE_TZ=False (fixes #9521) 1.2.21 ------ - setup.py: hide DJANGO_SETTINGS_MODULE value when calling compilemessages - do not flatten attributes inplace, and convert expiry to seconds (fixes #9359) - adapters: prevent collision in provision_groups() (fixes #9327) 1.2.20 ------ - middleware: handle process_view (#9131) 1.2.19 ------ - middleware: do not apply autologin to mellon views (fixes #9131) 1.2.18 ------ - middleware: disallow passive authentication when no IdP is found (fixes #8123) - Revert "views: add an iframe mode to the login view" - add PassiveAuthenticationMiddleware using a common domain cookie (fixes #8123) - views: add an iframe mode to the login view 1.2.17 ----- - truncate attribute when setting user fields - handle status is not success errors - use requests for HTTP retrieval of metadata - use lasso thin-sessions - add setting MELLON_VERIFY_SSL_CERTIFICATE - improve logs in SAML artifact error paths - improve logout logs - handle artifact response as a byte string - do not store a name_id_name_qualifier or name_id_sp_name_qualifier when they are absent 1.2.16 ------ - Add south migrations for pre Django 1.7 support 1.2.15 ------ - authentication_failed.html: show the StatusMessage to the user if there is one - add a Changelog - app_settings,views: make the default assertion consumer binding customizable (#7406) - setup.py,MANIFEST.in: include the VERSION file in distribution - setup.py: requests is an install_requires not a setup_requires - templates: make HTTP-Artifact the default binding for SSO - add support for artifact GET protocol binding (#7267) - adapters: fix DefaultAdapter.get_idp(), idp['ENTITY_ID'] is a string not a list - Revert "templates: make HTTP-Artifact the default binding for SSO" - views: in sso_failure() the call to self.get_id() could never work, replace by utils.get_idp() - utils: add a default return value to utils.get_idp() - templates: make HTTP-Artifact the default binding for SSO - views: fix setting of isPassive and forceAuthn (fixes #7100) - tests: adapt to usernames cut at 30 characters - Limit username to 30 characters for now (#7085) - tests: initial adapter tests - doc: fix title level for some configuration variables - add a model to store user<->NameID mapping (#7085) - Prepare for adding tests - Support encryption - login view refactored (#6801) 1.2.14 ------ - Fix include of base.html in mellon/base.html 1.2.13 ------ - Add missing mellon/base.html - save provisioned users (#6667) 1.2.12 ------ - Set version only from git tags - set login.msgRelayState to the value from POST (#6384) - Allow getting metadata of IdP by doing an HTTP GET - Always use adapters to get to IdP settings 1.2.11 ------ - mellon/views.py: store and load the liberty session dump for slo - adapters: force template string to be unicode as attributes are values - README: fix patterns when including urls - urls: fix error in pattern, includable patterns must not start with a 1.2.10 ------ - Add a mellon/base.html template to make an indirection between mellon templates and the project base.html template (#6301) 1.2.9 ----- - bug fixed on Lasso session data generation - AuthnRequest now contains the AllowCreate flag