globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity
2146 commits 5 branches 57 tags 18 MiB
Commit graph

64 commits

Author SHA1 Message Date
Éloi Rivard
77667c6f52
refactor: all domains used in the unit test suite are now .test 
this ensures they will never be valid, and will never generate real
world requests
 2024-11-20 23:30:48 +01:00
Félix Rohrlich
603eab0b3c refactor : added proper security logging level and refactored change email logging 2024-10-21 11:17:55 +02:00
Félix Rohrlich
038e6c094e feat: Added security logs for email update, forgotten password mail, token emission/refresh/revokation, new consent, consent revokation #177 2024-10-14 14:04:39 +02:00
Éloi Rivard
001d635295
tests: missing client_id on OIDC authorization page 2024-09-13 15:08:23 +02:00
Éloi Rivard
473a262ea2
refactor: move BackendModel.reload to Backend.reload 2024-05-03 22:25:20 +02:00
Éloi Rivard
2ccdaeadf6
refactor: move BackendModel.delete to Backend.delete 2024-05-03 22:22:08 +02:00
Éloi Rivard
09588e0f48
refactor: move BackendModel.save to Backend.save 2024-05-03 22:22:06 +02:00
Éloi Rivard
44573713ed
refactor: move BackendModel.get to Backend.get 2024-05-03 21:54:03 +02:00
Éloi Rivard
8425b2a3b8
refactor: move BackendModel.query to Backend.query 2024-05-03 21:42:54 +02:00
Éloi Rivard
4ce9f77a14
tests: use time-travel instead of freezegun 2024-05-02 10:26:32 +02:00
Éloi Rivard
acf8acf29f
fix: locked users cannot use OIDC authorization codes 2024-04-17 13:05:14 +02:00
Éloi Rivard
6180e5fce2
tests: rename tests in test_authorization_code_flow.py 2024-04-17 12:58:58 +02:00
Éloi Rivard
354a406966
tests: move token expiration tests in their own file 2024-04-17 12:56:35 +02:00
Éloi Rivard
31423cde1a
refactor: split oidc.authorize endpoint in several smaller functions 2024-04-17 11:56:44 +02:00
Éloi Rivard
8625318341
feat: use pydantic to validate the configuration 2024-03-28 17:44:26 +01:00
Éloi Rivard
4edffcaa9f
chore: use isort instead of reoder-python-imports 2024-03-15 19:58:37 +01:00
Éloi Rivard
577bca360e
tests: renamed other_client fixture in trusted_client 2023-12-23 19:37:27 +01:00
Éloi Rivard
9ff0411e9e
tests: extracted the prompt tests in a dedicated file 2023-12-22 21:18:02 +01:00
Éloi Rivard
97394823bf
fix: return a 403 error when users are missing permissions for OIDC authentication 2023-12-22 16:39:20 +01:00
Éloi Rivard
e6cf6ad7bd
tests: backport tests from sqlachemy branch 2023-11-24 12:10:17 +01:00
Éloi Rivard
79e547fc10
refactor: OIDC token scopes are stored as lists 2023-11-22 16:36:42 +01:00
Éloi Rivard
fd77bd5637
refactor: OIDC authorization codes scopes are stored as lists 2023-11-22 16:30:38 +01:00
Éloi Rivard
1fd8af2cf4
refactor: models attributes cardinality is closer to SCIM models 2023-11-17 21:21:25 +01:00
Éloi Rivard
40b868cfee
tests: multiple emails and phone_numbers 2023-10-02 21:58:46 +02:00
Éloi Rivard
a7b3d4be88
feat: user login redirections 
if users login during the authorization phase, they
get redirected to the authorization page afterwards
 2023-09-01 09:12:40 +02:00
Éloi Rivard
c895366684
refactor: store user profile in g.user 2023-08-13 22:08:28 +02:00
Éloi Rivard
371f806695 Renamed User.email in User.emails 2023-06-22 15:15:46 +02:00
Éloi Rivard
d8158d6a72 Use ruff linter 2023-05-25 13:37:58 +02:00
Éloi Rivard
c1d1706007 Moved every model import to canaille.models 2023-05-20 20:02:00 +02:00
Éloi Rivard
b346b0db8a Use generic Consent.consent_id instead of LDAP Consent.cn attribute 2023-05-17 08:54:13 +02:00
Éloi Rivard
abf9a23ac8 unit tests: only use user_name to authenticate users 2023-05-11 15:33:34 +02:00
Éloi Rivard
0376a3bab8 Cleartext password in unit tests 2023-04-10 21:42:14 +02:00
Éloi Rivard
61f5d25f2f Creates a OIDC configuration section for all the OIDC related entries 2023-04-10 16:24:43 +02:00
Éloi Rivard
08f8bfbfdb Moved user and group management in the core submodule 2023-04-09 13:34:38 +02:00
Éloi Rivard
52f7276527 Explicitly use User.formatted_name instead of User.name 2023-04-07 22:45:42 +02:00
Éloi Rivard
db3a4a74ff Renamed user attributes to match SCIM naming convention 2023-04-07 20:12:24 +02:00
Éloi Rivard
53581404ab LDAPObject dn attributes are automatically initialized 2023-03-08 23:53:53 +01:00
Éloi Rivard
c5b11d2fb3 Merge LDAPObject.all and LDAPObject.filter in LDAPObject.query 2023-03-07 17:58:27 +01:00
Éloi Rivard
08827d3714 Checks flask flashed messages with flask_webtest Response.flashes 2023-01-28 19:02:00 +01:00
Éloi Rivard
c470e7f134 Explicitely set Consent cn 2023-01-23 18:55:27 +01:00
Éloi Rivard
d8bcb0bdf0 Ensures the token expires_in claim and the access_token exp claim have the same value. 2023-01-14 14:59:13 +01:00
Éloi Rivard
32f6595c02 objectClass is not mandatory for User and Group creation 2022-12-29 00:29:26 +01:00
Éloi Rivard
9c29abb269 unit tests: refresh token with invalid user 2022-12-27 18:32:53 +01:00
Éloi Rivard
746c09a3bb unit tests: authorization code flow with invalid users and expired codes 2022-12-27 18:07:24 +01:00
Éloi Rivard
19793fe8aa unit tests: userinfo 2022-12-24 01:44:16 +01:00
Éloi Rivard
12a93870fc unit tests: authorization denial 2022-12-11 14:43:21 +01:00
Éloi Rivard
5a959ef10e unit tests: improved authorization flow coverage 2022-12-11 13:16:24 +01:00
Éloi Rivard
18b05854f3 unit tests: improved authorization code flow coverage 2022-12-10 10:58:22 +01:00
Éloi Rivard
4052e0770d unit tests: removed useless cleaning 2022-12-04 13:04:09 +01:00
Éloi Rivard
9bf9c43677 Demo displays user preferred locale 2022-12-04 11:53:37 +01:00