globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity
1630 commits 5 branches 57 tags 18 MiB
Commit graph

44 commits

Author SHA1 Message Date
Éloi Rivard
9ff0411e9e
tests: extracted the prompt tests in a dedicated file 2023-12-22 21:18:02 +01:00
Éloi Rivard
97394823bf
fix: return a 403 error when users are missing permissions for OIDC authentication 2023-12-22 16:39:20 +01:00
Éloi Rivard
67733699aa
fix: OIDC Userinfo endpoint is also available in POST 2023-12-15 12:03:21 +01:00
Éloi Rivard
79e547fc10
refactor: OIDC token scopes are stored as lists 2023-11-22 16:36:42 +01:00
Éloi Rivard
1fd8af2cf4
refactor: models attributes cardinality is closer to SCIM models 2023-11-17 21:21:25 +01:00
Éloi Rivard
134b4c5f50
fix: better logout error message 2023-11-13 18:40:01 +01:00
Éloi Rivard
d7c6896093
refactor: move get_jkws method in oauth.py 2023-09-18 23:02:48 +02:00
Éloi Rivard
a2e3fce204
feat: flask-babel and pytz are now part of the front extras 2023-09-01 10:46:56 +02:00
Éloi Rivard
a7b3d4be88
feat: user login redirections 
if users login during the authorization phase, they
get redirected to the authorization page afterwards
 2023-09-01 09:12:40 +02:00
Éloi Rivard
21ea0238b5
OIDC jwks endpoint do not return empty kid claim 2023-08-26 19:59:44 +02:00
Éloi Rivard
8b98726348
refactor: User.login and User.logout methods moved to app.flask module 2023-08-23 14:56:56 +02:00
Éloi Rivard
96ccf12ad9
feat: split installation in different extras packages 2023-08-17 14:34:30 +02:00
Éloi Rivard
324b36c829
refactor: template overhaul 2023-08-14 15:28:20 +02:00
Éloi Rivard
d27aab8651
refactor: the core module has its own main blueprint 2023-08-14 13:52:24 +02:00
Éloi Rivard
4f42798e39 Refactored keypair management 2023-07-01 19:06:26 +02:00
Éloi Rivard
17c2f7a5cd Implemented LDAP ppolicy support. 2023-05-26 15:23:43 +02:00
Éloi Rivard
c1d1706007 Moved every model import to canaille.models 2023-05-20 20:02:00 +02:00
Éloi Rivard
be78b50e97 Removed User.authenticate method 2023-05-17 12:48:14 +02:00
Éloi Rivard
b346b0db8a Use generic Consent.consent_id instead of LDAP Consent.cn attribute 2023-05-17 08:54:13 +02:00
Éloi Rivard
61f5d25f2f Creates a OIDC configuration section for all the OIDC related entries 2023-04-10 16:24:43 +02:00
Éloi Rivard
79f12b1d0a 'app' submodule 2023-04-09 15:52:55 +02:00
Éloi Rivard
08f8bfbfdb Moved user and group management in the core submodule 2023-04-09 13:34:38 +02:00
Éloi Rivard
db3a4a74ff Renamed user attributes to match SCIM naming convention 2023-04-07 20:12:24 +02:00
Éloi Rivard
d53fdde986 Refactored utils 2023-04-02 00:32:27 +02:00
Éloi Rivard
40c36cdf64 Use the form_render macro when possible 2023-03-28 23:31:35 +02:00
Éloi Rivard
f97dc3b2c6 CSRF protection everywhere 2023-03-28 20:30:29 +02:00
Éloi Rivard
61940844e6 Properly handle LDAP date timezones 2023-03-18 00:39:32 +01:00
Éloi Rivard
53581404ab LDAPObject dn attributes are automatically initialized 2023-03-08 23:53:53 +01:00
Éloi Rivard
c5b11d2fb3 Merge LDAPObject.all and LDAPObject.filter in LDAPObject.query 2023-03-07 17:58:27 +01:00
Éloi Rivard
d551b1ab35 Revoked consents can be restored 2023-02-14 19:05:43 +01:00
Éloi Rivard
c470e7f134 Explicitely set Consent cn 2023-01-23 18:55:27 +01:00
Éloi Rivard
cae49fcec9 avoid ldap related session variable names 2022-12-29 01:10:07 +01:00
Éloi Rivard
7274f9cc02 fixed the consent list and authorization pages translations 2022-12-28 01:46:05 +01:00
Éloi Rivard
64ac2af981 Merge branch 'endsession-bugfix' into 'main' 
OIDC end_session was not returning the `state` parameter in the `post_logout_redirect_uri`

See merge request yaal/canaille!82
 2022-12-27 21:16:52 +00:00
Éloi Rivard
70f0941278 refactoring: removed a guard to increase coverage 2022-12-27 22:02:06 +01:00
Éloi Rivard
5793a73801 OIDC end_session was not returning the state parameter in the post_logout_redirect_uri 2022-12-27 21:48:44 +01:00
Éloi Rivard
41642f68c6 prevent lazy_gettext execution in unwanted contexts 2022-12-16 19:28:13 +01:00
Éloi Rivard
9a3363a17f unit tests: improved flaskutils coverage 2022-12-11 22:49:32 +01:00
Éloi Rivard
118af82409 Fixes an authlib jwk warning 2022-12-11 22:27:54 +01:00
Éloi Rivard
a3418de239 Implemented RFC7592 OAuth Client Registration Management 2022-12-10 00:22:25 +01:00
Éloi Rivard
77ae9df2a9 Issuer 'ISS' configuration option is not mandatory anymore 2022-11-17 18:10:40 +01:00
Éloi Rivard
fdb8714094 Fixed a bug happening during RP initiated logout on clients without post_logout_redirect_uri defined 2022-10-26 18:09:02 +02:00
Éloi Rivard
4f729caf2e Implemented dynamic client registration 2022-10-24 10:00:32 +02:00
Éloi Rivard
77aff593d4 Refactoring: file renaming 2022-10-06 13:32:41 +02:00