1.9 --- - use MiddlewareMixin on middleware (#36509) - factorize compatibility layer (#36509) - jenkins: use ci@entrouvert.org for notifications - build: adapt merge-junit-results to latest pytest/3 element - tox: allow latest pytest - make DiscoveryResponse optional in metadata (#15260) 1.8 --- - misc: limit setup_requires to django 1.11, to still be ok with py2 1.7 --- - backends: accept being called with None as saml_attributes (#36330) 1.6 --- - misc: mark MELLON_GROUP_ATTRIBUTE as code block in README - misc: remove unmaintained "changes" section of README - misc: fix reStructuredText syntax of README 1.5 --- - misc: lower django version to 1.7 in setup.py, to build on jessie - misc: update authenticate() for compatibility from 1.8 to 2.2 (#36330) - tox: use newer django-webtest for newer django versions - tests: update for compatibility with django 2.2 (#36330) - misc: update setup.py with new django requirements 1.4 --- - tox: run tests against django 2.2 (#36330) - misc: add support for new django.urls module (#36330) - misc: add on_delete parameter to foreign keys (#36330) 1.3 --- - middleware: prevent passive authentication on ajax requests (#34781) 1.2.24 .. 1.2.46 ---------------- - use unicode_literals (#34008) - adapters: add missing argument to log (#34333) - misc: catch all unicode exceptions when checking next_url (#33083) - do not warn about stale cache if not cache timeout is defined (#34319) - update and cache metadata from URL and path (#10196) - code style (#10196) - really retrieve XML encoding (#10196) - adapters: abstract user queryset (#33739) - add user lookup by attributes (#33739) - adapters: factorize user linking (#33739) - simplify workflow in DefaultAdapter.lookup_user() (#33739) - add setting MELLON_SIGNATURE_METHOD (#32008) - debian: bump debhelper compatibility level (#32260) - tests: use RSA-SHA256 certificates (fixes #31963) - tests: test failed request path with artifact (#31690) - update sso_failure call to new method signature (#31690) - views: fix discovery URL building (#31581) - views: keep next URL on disco requests (fixes #31043) - views: add new setting LOGIN_HINTS (fixes #30966) - views: PEP8ness (#30966) - prevent redirection loop on artifact resolution errors (fixes #14810) - use Jenkinsfile (#14810) - debian: add python3-django-mellon; use pybuild (#30494) - backends: add request argument to authenticate (fixes #30541) - backends: PEP8ness, copyright (#30451) - tox: limit pytest version to a version compatible with pytest-cov - don't cache local metadata anymore (#13881) - don't use RelayState as continuation URL in case of errors (#25522) - skip test if number of concurrent connections above default pg limit (#25252) - tests: adapt to lasso PEM-formatting deprecation (#24531) - use good API from lasso to set Extensions node content (#23003) - use force_text for python2/3 compatibility (#24139) - pin django-webtest (#23603) - tox: let getlasso3 work with all python3 versions - tox: also run tests against python 3 - tests: adapt to python 3 - python3: get metadata from URL as a string - python3: use urlparse compatibility module in tests - python3: always use %s to get user representation in logs - python3: handle differences in lasso/py2/py3 encodings - python3: adjust unicode usage - python3: add detection of xml encoding - python3: don't use iteritems - python3: use open() to open files - tests: don't use a leading 0 in numbers - tests: prevent "Database is locked" error during concurrency test (fixes #19678) - set a default value for IDENTITY_PROVIDERS ((fixes #20221) - do not raise ImproperlyConfigured on acces to app_settings.IDENTITY_PROVIDERS (fixes #20221) - misc: disable AuthnRequest eo:next_url Extensions by default (fixes #20229) - move tag Extensions in metadata template (fixes #21923) - Revert "support federation file loading (#19396)" - support federation file loading (#19396) - tests: also run for django 1.11 (#19659) - tests: remove django < 1.8 leftovers (#19659) - tox.ini: remove pytest-catchlog merged in the core of pytest (fixes #21057) - limit to django 1.11 - misc: update exception handling for Python 3 (#20925) - misc: update missing-django message for Python 3 (#20925) - middleware: improve condition to automatically determine a common domain (fixes #15548) - tests: fix discovery service tests (#19018 #19016) - views: send entityID to discovery service (fixes #19016) - views: add nodisco=1 to discovery service return url (fixes #19018) - add a timeout to artifact resolve HTTP calls (fixes #18098) - misc: include target URL in AuthnRequest Extensions node (#18452) - misc: update setup.py to be compatible with python 3 (#17958) - use django facilities to get hostname from request (#16525) - misc: remove usage of urls.patterns for django 1.8 and later (#15959) - add a jenkins.sh - tests: replace unmaintained pytest-capturelog by its maintained fork pytest-catchlog - tox.ini: drop support for Django 1.7 - tests: adapt to changes in django-webtest - minor documentation update (#15443) - allow an adapter to adapt auth.login() (#14476) - misc: remove south migrations (#14064) - add logging of IdP SAML responses and looked up users (#14056) - translation update - allow views to refuse passive login (fixes #13627) - retry login when artifact resolution return an empty message (fixes #12795) - add note on MELLON_DEFAULT_ASSERTION_CONSUMER_BINDING - views: gracefully handle logout errors (fixes #11449) - utils: fix handling of multiple private keys (fixes #11475) - tests: use dummy metadata from lasso, starts tests of SSO/SLO (fixes #11476) - misc: force another auth.logout() after coming back from the IdP (#11394) - middleware: don't fail on unnamed URLs (#11319) - make login/logout URL names into settings (#10867) - release 1.2.26 - allow federating transient NameID using an attribute (fixes #10619) - README: rewrite section on tests to indicate the use of tox - README: add changes section - misc: allow unicode strings as authn classref (#10666) - debian: declare dependency on python-isodata - misc: handle lasso.LoginStatusNotSuccessError (#10633) - replace dateutil by isodate (#10196) - tox.ini: use workdir outside project dir - when status is not 200, report a fragment of the response (fixes #10270) - views: wrap login view in non_atomic_requests to allow fine control of transactions' commit (fixes #10604) - add support for artifact POST (#10596) - log partial logout error as a warning (fixes #10408) - pep8ness - setup.py: replace distutils sdist by setuptools version - refactor next_url and RelayState use (fixes #10372) - always consider relative URLs as being of the same origin (fixes #10371) - modify testsettings for Django 1.9 - views: handle ProfileInvalidMsgError when resolving an artifact (#10270) - views: handle ProfileInvalidArtifactError exception when resolving an artifact (#10270) - tests: move HTTMock templates to utils - tests: add base.html template - misc: fix passing of RequestedAuthnContext (#10243) - tests: fix test to comply with commit eb89a86ef - debian: add ${python:Depends} to control file - add DiscoveryResponse endpoint to metadata (fixes #10197) 1.2.24 ------ - fix bug in DefaultAdapter.provision_superuser when user has already is_superuser and is_staff set to True 1.2.23 ------ - silence Django 1.10 deprecration warnings - adapters: factorize user creation in lookup_user() (fixes #10164) - trivial: move utils import - django 1.9 adaptations - tests: add test on SP initiated login - views: change HTTP 400 message when no idp is found - trivial: move lasso import - tests: add tests on mellon.utils - views: do not traceback in get_idp() when no idp is declared - tests: remove unused variable - add discovery service support (fixes #10111) - move idp settings building in adapters - adapters: improve logging during provisionning - templates: fix default_assertion_consumer_binding check, use of = instead of == - app_settings: fix import of ImproperlyConfigured exception - add support for Organization and ContactPerson elements in metadata (fixes #6656) - templates: fix public key representation in metadata - tests: add helper to check XML documents - utils: fix iso8601_to_datetime, make_naive amd make_aware need a timezone parameter - utils: fix flatten_datetime, isoformat() already add a timezone if needed - store cached metadata in settings - do not pass strings contening null characters to Lasso, return 400 or ignore (fixes #8939) - add tox.ini to test on django 1.7, 1.8, 1.9 and with sqlite and pg - report lasso error at debug level - log errors when loading IdP metadata instead of throwing a traceback (fixes #9745) - fix concurrency error when creating new users (fixes #9965) 1.2.22 ------ - reset is_staff when superuser mapping fails (fixes #9736) - implement session_not_on_or_after using new session engines (fixes #9640) - use dateutil to parse datetime strings (#9640) - utils: return naive datetime if USE_TZ=False (fixes #9521) 1.2.21 ------ - setup.py: hide DJANGO_SETTINGS_MODULE value when calling compilemessages - do not flatten attributes inplace, and convert expiry to seconds (fixes #9359) - adapters: prevent collision in provision_groups() (fixes #9327) 1.2.20 ------ - middleware: handle process_view (#9131) 1.2.19 ------ - middleware: do not apply autologin to mellon views (fixes #9131) 1.2.18 ------ - middleware: disallow passive authentication when no IdP is found (fixes #8123) - Revert "views: add an iframe mode to the login view" - add PassiveAuthenticationMiddleware using a common domain cookie (fixes #8123) - views: add an iframe mode to the login view 1.2.17 ----- - truncate attribute when setting user fields - handle status is not success errors - use requests for HTTP retrieval of metadata - use lasso thin-sessions - add setting MELLON_VERIFY_SSL_CERTIFICATE - improve logs in SAML artifact error paths - improve logout logs - handle artifact response as a byte string - do not store a name_id_name_qualifier or name_id_sp_name_qualifier when they are absent 1.2.16 ------ - Add south migrations for pre Django 1.7 support 1.2.15 ------ - authentication_failed.html: show the StatusMessage to the user if there is one - add a Changelog - app_settings,views: make the default assertion consumer binding customizable (#7406) - setup.py,MANIFEST.in: include the VERSION file in distribution - setup.py: requests is an install_requires not a setup_requires - templates: make HTTP-Artifact the default binding for SSO - add support for artifact GET protocol binding (#7267) - adapters: fix DefaultAdapter.get_idp(), idp['ENTITY_ID'] is a string not a list - Revert "templates: make HTTP-Artifact the default binding for SSO" - views: in sso_failure() the call to self.get_id() could never work, replace by utils.get_idp() - utils: add a default return value to utils.get_idp() - templates: make HTTP-Artifact the default binding for SSO - views: fix setting of isPassive and forceAuthn (fixes #7100) - tests: adapt to usernames cut at 30 characters - Limit username to 30 characters for now (#7085) - tests: initial adapter tests - doc: fix title level for some configuration variables - add a model to store user<->NameID mapping (#7085) - Prepare for adding tests - Support encryption - login view refactored (#6801) 1.2.14 ------ - Fix include of base.html in mellon/base.html 1.2.13 ------ - Add missing mellon/base.html - save provisioned users (#6667) 1.2.12 ------ - Set version only from git tags - set login.msgRelayState to the value from POST (#6384) - Allow getting metadata of IdP by doing an HTTP GET - Always use adapters to get to IdP settings 1.2.11 ------ - mellon/views.py: store and load the liberty session dump for slo - adapters: force template string to be unicode as attributes are values - README: fix patterns when including urls - urls: fix error in pattern, includable patterns must not start with a 1.2.10 ------ - Add a mellon/base.html template to make an indirection between mellon templates and the project base.html template (#6301) 1.2.9 ----- - bug fixed on Lasso session data generation - AuthnRequest now contains the AllowCreate flag