globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity
2385 commits 5 branches 57 tags 18 MiB
Commit graph

184 commits

Author SHA1 Message Date
Éloi Rivard
b7bb14cfe7
feat: JSON HTTP errors on the OAuth endpoints 2024-12-22 11:50:37 +01:00
Félix Rohrlich
4a69a6fa7a fix: Fixed intruder lockout test sometimes failing with LDAP 2024-12-19 15:53:31 +01:00
Éloi Rivard
fe8929d992
refactor: move templates in a common directory 
without this, theming was broken because it needs one single directory
for templates.
 2024-12-19 00:17:03 +01:00
Félix Rohrlich
80ef1741a7 feat : Added intruder lockout login delay 2024-12-10 14:23:11 +01:00
Éloi Rivard
bbacb1703c
tests: attempt to fix the token creation audience assertion 2024-12-10 08:12:13 +01:00
Éloi Rivard
bab6fc6504
feat: button to create a new client token 2024-12-06 20:21:14 +01:00
Éloi Rivard
5bc438d21d
feat: implement OIDC client_credentials flow 2024-12-06 15:09:25 +01:00
Éloi Rivard
77667c6f52
refactor: all domains used in the unit test suite are now .test 
this ensures they will never be valid, and will never generate real
world requests
 2024-11-20 23:30:48 +01:00
sebastien
ff871f1340 updates tests with compromised password check with api HIBP 2024-11-05 15:44:25 +01:00
Félix Rohrlich
603eab0b3c refactor : added proper security logging level and refactored change email logging 2024-10-21 11:17:55 +02:00
Félix Rohrlich
038e6c094e feat: Added security logs for email update, forgotten password mail, token emission/refresh/revokation, new consent, consent revokation #177 2024-10-14 14:04:39 +02:00
Éloi Rivard
001d635295
tests: missing client_id on OIDC authorization page 2024-09-13 15:08:23 +02:00
Éloi Rivard
cfabcc485c
chore: automitaclly fix typos 2024-09-11 09:33:42 +02:00
Éloi Rivard
473a262ea2
refactor: move BackendModel.reload to Backend.reload 2024-05-03 22:25:20 +02:00
Éloi Rivard
2ccdaeadf6
refactor: move BackendModel.delete to Backend.delete 2024-05-03 22:22:08 +02:00
Éloi Rivard
09588e0f48
refactor: move BackendModel.save to Backend.save 2024-05-03 22:22:06 +02:00
Éloi Rivard
44573713ed
refactor: move BackendModel.get to Backend.get 2024-05-03 21:54:03 +02:00
Éloi Rivard
8425b2a3b8
refactor: move BackendModel.query to Backend.query 2024-05-03 21:42:54 +02:00
Éloi Rivard
4ce9f77a14
tests: use time-travel instead of freezegun 2024-05-02 10:26:32 +02:00
Éloi Rivard
69617c1005
tests: use only use Model.identifier when this is pertinent 2024-04-17 15:50:39 +02:00
Éloi Rivard
acf8acf29f
fix: locked users cannot use OIDC authorization codes 2024-04-17 13:05:14 +02:00
Éloi Rivard
6180e5fce2
tests: rename tests in test_authorization_code_flow.py 2024-04-17 12:58:58 +02:00
Éloi Rivard
354a406966
tests: move token expiration tests in their own file 2024-04-17 12:56:35 +02:00
Éloi Rivard
b6659f47e7
tests: refactor test_refresh_token 2024-04-17 12:42:26 +02:00
Éloi Rivard
ba394af338
tests: refactor test_cannot_refresh_token_for_locked_users 2024-04-17 12:23:54 +02:00
Éloi Rivard
fc8c0da912
fix: locked users cannot use refresh tokens 2024-04-17 12:07:11 +02:00
Éloi Rivard
31423cde1a
refactor: split oidc.authorize endpoint in several smaller functions 2024-04-17 11:56:44 +02:00
Éloi Rivard
ec7a721336
refactor: ldap objects id attribute is based on entryUUID instead of dn 2024-04-05 15:35:49 +02:00
Éloi Rivard
7b054bb571
refactor: ldap backend use a server control to re-read objects after update 2024-04-05 14:34:48 +02:00
Éloi Rivard
8625318341
feat: use pydantic to validate the configuration 2024-03-28 17:44:26 +01:00
Éloi Rivard
dc81832159
feat: usedefault python logging configuration format 2024-03-15 20:12:07 +01:00
Éloi Rivard
4edffcaa9f
chore: use isort instead of reoder-python-imports 2024-03-15 19:58:37 +01:00
Éloi Rivard
395b6ab4f3
chore: add docformatter pre-commit 2023-12-28 18:31:57 +01:00
Éloi Rivard
a237fa0198
chore: pre-commit update 2023-12-26 01:13:11 +01:00
Éloi Rivard
a4a381d088
refactor: gather endpoints in a 'endpoints' directory 2023-12-26 00:30:19 +01:00
Éloi Rivard
06b60e1747
fix: post_logout_redirect_uris was ignored during OIDC dynamic registration 2023-12-23 21:32:31 +01:00
Éloi Rivard
c847ef9284
feat: OIDC prompt=create implementation 2023-12-23 19:37:48 +01:00
Éloi Rivard
577bca360e
tests: renamed other_client fixture in trusted_client 2023-12-23 19:37:27 +01:00
Éloi Rivard
521ed75f18
fix: correctly set up Client audience during OIDC dynamic registration 2023-12-23 19:37:14 +01:00
Éloi Rivard
0d4174de43
tests: fix OIDC well-known tests 2023-12-23 17:24:03 +01:00
Éloi Rivard
9ff0411e9e
tests: extracted the prompt tests in a dedicated file 2023-12-22 21:18:02 +01:00
Éloi Rivard
97394823bf
fix: return a 403 error when users are missing permissions for OIDC authentication 2023-12-22 16:39:20 +01:00
Éloi Rivard
a3908883e3
tests: use canaille.test domain instead of localhost 2023-12-14 20:07:49 +01:00
Éloi Rivard
066aed7735
feat: convert the png in webp 2023-12-01 22:09:54 +01:00
Éloi Rivard
e6cf6ad7bd
tests: backport tests from sqlachemy branch 2023-11-24 12:10:17 +01:00
Éloi Rivard
c19199b7a7
tests: use lists of strings for Token.scope and AuthorizationCode.scope 2023-11-23 22:07:42 +01:00
Éloi Rivard
7494800e57
fix: OIDC client 'client_secret_expires_at' claim must be 0, not None 2023-11-23 09:15:40 +01:00
Éloi Rivard
79e547fc10
refactor: OIDC token scopes are stored as lists 2023-11-22 16:36:42 +01:00
Éloi Rivard
fd77bd5637
refactor: OIDC authorization codes scopes are stored as lists 2023-11-22 16:30:38 +01:00
Éloi Rivard
1fd8af2cf4
refactor: models attributes cardinality is closer to SCIM models 2023-11-17 21:21:25 +01:00