globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity
1869 commits 5 branches 57 tags 18 MiB
Commit graph

168 commits

Author SHA1 Message Date
Éloi Rivard
44573713ed
refactor: move BackendModel.get to Backend.get 2024-05-03 21:54:03 +02:00
Éloi Rivard
8425b2a3b8
refactor: move BackendModel.query to Backend.query 2024-05-03 21:42:54 +02:00
Éloi Rivard
4ce9f77a14
tests: use time-travel instead of freezegun 2024-05-02 10:26:32 +02:00
Éloi Rivard
69617c1005
tests: use only use Model.identifier when this is pertinent 2024-04-17 15:50:39 +02:00
Éloi Rivard
acf8acf29f
fix: locked users cannot use OIDC authorization codes 2024-04-17 13:05:14 +02:00
Éloi Rivard
6180e5fce2
tests: rename tests in test_authorization_code_flow.py 2024-04-17 12:58:58 +02:00
Éloi Rivard
354a406966
tests: move token expiration tests in their own file 2024-04-17 12:56:35 +02:00
Éloi Rivard
b6659f47e7
tests: refactor test_refresh_token 2024-04-17 12:42:26 +02:00
Éloi Rivard
ba394af338
tests: refactor test_cannot_refresh_token_for_locked_users 2024-04-17 12:23:54 +02:00
Éloi Rivard
fc8c0da912
fix: locked users cannot use refresh tokens 2024-04-17 12:07:11 +02:00
Éloi Rivard
31423cde1a
refactor: split oidc.authorize endpoint in several smaller functions 2024-04-17 11:56:44 +02:00
Éloi Rivard
ec7a721336
refactor: ldap objects id attribute is based on entryUUID instead of dn 2024-04-05 15:35:49 +02:00
Éloi Rivard
7b054bb571
refactor: ldap backend use a server control to re-read objects after update 2024-04-05 14:34:48 +02:00
Éloi Rivard
8625318341
feat: use pydantic to validate the configuration 2024-03-28 17:44:26 +01:00
Éloi Rivard
dc81832159
feat: usedefault python logging configuration format 2024-03-15 20:12:07 +01:00
Éloi Rivard
4edffcaa9f
chore: use isort instead of reoder-python-imports 2024-03-15 19:58:37 +01:00
Éloi Rivard
395b6ab4f3
chore: add docformatter pre-commit 2023-12-28 18:31:57 +01:00
Éloi Rivard
a237fa0198
chore: pre-commit update 2023-12-26 01:13:11 +01:00
Éloi Rivard
a4a381d088
refactor: gather endpoints in a 'endpoints' directory 2023-12-26 00:30:19 +01:00
Éloi Rivard
06b60e1747
fix: post_logout_redirect_uris was ignored during OIDC dynamic registration 2023-12-23 21:32:31 +01:00
Éloi Rivard
c847ef9284
feat: OIDC prompt=create implementation 2023-12-23 19:37:48 +01:00
Éloi Rivard
577bca360e
tests: renamed other_client fixture in trusted_client 2023-12-23 19:37:27 +01:00
Éloi Rivard
521ed75f18
fix: correctly set up Client audience during OIDC dynamic registration 2023-12-23 19:37:14 +01:00
Éloi Rivard
0d4174de43
tests: fix OIDC well-known tests 2023-12-23 17:24:03 +01:00
Éloi Rivard
9ff0411e9e
tests: extracted the prompt tests in a dedicated file 2023-12-22 21:18:02 +01:00
Éloi Rivard
97394823bf
fix: return a 403 error when users are missing permissions for OIDC authentication 2023-12-22 16:39:20 +01:00
Éloi Rivard
a3908883e3
tests: use canaille.test domain instead of localhost 2023-12-14 20:07:49 +01:00
Éloi Rivard
066aed7735
feat: convert the png in webp 2023-12-01 22:09:54 +01:00
Éloi Rivard
e6cf6ad7bd
tests: backport tests from sqlachemy branch 2023-11-24 12:10:17 +01:00
Éloi Rivard
c19199b7a7
tests: use lists of strings for Token.scope and AuthorizationCode.scope 2023-11-23 22:07:42 +01:00
Éloi Rivard
7494800e57
fix: OIDC client 'client_secret_expires_at' claim must be 0, not None 2023-11-23 09:15:40 +01:00
Éloi Rivard
79e547fc10
refactor: OIDC token scopes are stored as lists 2023-11-22 16:36:42 +01:00
Éloi Rivard
fd77bd5637
refactor: OIDC authorization codes scopes are stored as lists 2023-11-22 16:30:38 +01:00
Éloi Rivard
1fd8af2cf4
refactor: models attributes cardinality is closer to SCIM models 2023-11-17 21:21:25 +01:00
Éloi Rivard
0569950c47
tests: fix end session error message test 2023-11-16 17:49:33 +01:00
Éloi Rivard
40b868cfee
tests: multiple emails and phone_numbers 2023-10-02 21:58:46 +02:00
Éloi Rivard
88dcf94750
Revert "tests: domain is localhost.local" 
This reverts commit 44aed27719.
 2023-10-01 15:42:16 +02:00
Éloi Rivard
44aed27719
tests: domain is localhost.local 2023-09-20 09:54:17 +02:00
Éloi Rivard
a2fb88fb05
tests: fix CI 2023-09-15 18:01:17 +02:00
Éloi Rivard
46c795b3b5
refactor: only load oidc module if OIDC is configured 2023-09-15 17:56:23 +02:00
Éloi Rivard
a7b3d4be88
feat: user login redirections 
if users login during the authorization phase, they
get redirected to the authorization page afterwards
 2023-09-01 09:12:40 +02:00
Éloi Rivard
8be771e41d
tests: fix CI 2023-08-31 22:44:06 +02:00
Éloi Rivard
21ea0238b5
OIDC jwks endpoint do not return empty kid claim 2023-08-26 19:59:44 +02:00
Éloi Rivard
c895366684
refactor: store user profile in g.user 2023-08-13 22:08:28 +02:00
Éloi Rivard
b4908d5e57
modals are HTML pages instead of JS elements 
This will help providing the very same user experience for users with
and without javascript. We will still be able to re-enable javascript
modals in the future, but this should be done from the ground up, HTML
first and javascript after.
 2023-07-18 18:34:10 +02:00
Éloi Rivard
4f42798e39 Refactored keypair management 2023-07-01 19:06:26 +02:00
Éloi Rivard
021c1b3d11 Pagination pluralization 2023-06-30 18:12:13 +02:00
Éloi Rivard
57af18d557 Use a unique identifier to indentify users in URLS 
Previously we used the uid since we supposed this value was always
valid, but some users user the mail attribute as the User RDN in their
OpenLDAP installation, and do not have a uuid.
 2023-06-29 15:55:39 +02:00
Éloi Rivard
8617fc0f2b Implement multiple fields 2023-06-22 16:56:44 +02:00
Éloi Rivard
371f806695 Renamed User.email in User.emails 2023-06-22 15:15:46 +02:00