globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity
1008 commits 5 branches 57 tags 18 MiB
Commit graph

322 commits

Author SHA1 Message Date
Éloi Rivard
5a959ef10e unit tests: improved authorization flow coverage 2022-12-11 13:16:24 +01:00
Éloi Rivard
449231abbe unit tests: improved token introspection coverage 2022-12-10 21:10:18 +01:00
Éloi Rivard
812d04a571 unit tests: improved token revokation coverage 2022-12-10 21:02:51 +01:00
Éloi Rivard
8932b390ba test consent removal with arleady revoked tokens 2022-12-10 11:24:53 +01:00
Éloi Rivard
18b05854f3 unit tests: improved authorization code flow coverage 2022-12-10 10:58:22 +01:00
Éloi Rivard
a3418de239 Implemented RFC7592 OAuth Client Registration Management 2022-12-10 00:22:25 +01:00
Éloi Rivard
b230e40e23 unit tests: improved token revokation coverage 2022-12-06 18:52:35 +01:00
Éloi Rivard
b34e862e4b unit tests: increased group coverage 2022-12-06 18:36:07 +01:00
Éloi Rivard
5b388400d1 unit tests: test schema installation with missing permissions 2022-12-06 18:18:27 +01:00
Éloi Rivard
c2e93b8773 unit tests: slapd initialization refactoring 2022-12-06 18:18:27 +01:00
Éloi Rivard
edbd98e9d2 unit tests: better admin mail debugger testing 
There was no test that covered the case where there is an issue when
sending the debug email.
 2022-12-04 17:15:54 +01:00
Éloi Rivard
a4afcc61dd unit tests: added consent deletion tests 2022-12-04 13:57:56 +01:00
Éloi Rivard
56fb83d44d unit tests: increased well-known coverage 2022-12-04 13:43:29 +01:00
Éloi Rivard
73d6e055d3 unit tests: removed useless try/except in oidc fixtures 2022-12-04 13:41:09 +01:00
Éloi Rivard
ab905d77e8 unit tests: removed useless ldap server schema initialization methods 2022-12-04 13:06:55 +01:00
Éloi Rivard
4052e0770d unit tests: removed useless cleaning 2022-12-04 13:04:09 +01:00
Éloi Rivard
ecc969e3d5 index page unit tests 2022-12-04 12:57:59 +01:00
Éloi Rivard
9bf9c43677 Demo displays user preferred locale 2022-12-04 11:53:37 +01:00
Éloi Rivard
9e75ef3478 Users can choose their favourite display name 2022-12-02 18:48:21 +01:00
Éloi Rivard
bb0daf34d7 LDAP 'preferredLanguage' attribute support 2022-11-20 22:52:47 +01:00
Éloi Rivard
77ae9df2a9 Issuer 'ISS' configuration option is not mandatory anymore 2022-11-17 18:10:40 +01:00
Éloi Rivard
154ec9fcd2 FROM_ADDR configuration option is not mandatory anymore 2022-11-16 19:26:33 +01:00
Éloi Rivard
c7df0cca32 profile edition: redirect after form submission to avoid double submissions 2022-11-16 18:19:24 +01:00
Éloi Rivard
32a626ee4b group admin: redirect after form submission to avoid double submissions 2022-11-16 17:55:24 +01:00
Éloi Rivard
be4a51d72a client admin: redirect after form submission to avoid double submissions 2022-11-16 17:50:38 +01:00
Éloi Rivard
62b62b684f Fixed client preconsent disabling 2022-11-16 17:36:16 +01:00
Éloi Rivard
e3028f375c Dynamically generate the server metadata. 
OAUTH2 and OIDC server metadata are now dynamically generated.
 2022-11-16 10:20:32 +01:00
Éloi Rivard
ba88f8e44a rfc7591: fixed software statement support 2022-11-15 19:04:42 +01:00
Éloi Rivard
5fa9b6b89c added parameters to the OIDC dynamic registration test cases 2022-11-15 17:16:23 +01:00
Éloi Rivard
9deee91c02 Updated issuer test fixture 2022-11-15 16:00:29 +01:00
Éloi Rivard
d559d8774a Refactored demo instanciation 2022-11-15 12:47:44 +01:00
Éloi Rivard
1f3a29ddeb unit tests: ldap domain is dc=mydomain,dc=tld 2022-11-05 19:52:57 +01:00
Éloi Rivard
5d5b0a411c Removed an unused permission 2022-10-24 10:30:08 +02:00
Éloi Rivard
4f729caf2e Implemented dynamic client registration 2022-10-24 10:00:32 +02:00
Éloi Rivard
659efaf7ef Variable renaming 2022-10-21 17:03:38 +02:00
Éloi Rivard
da5f288e4f Use a different json metadata file for unit testing 2022-10-21 17:03:38 +02:00
Éloi Rivard
77aff593d4 Refactoring: file renaming 2022-10-06 13:32:41 +02:00
Éloi Rivard
e45ad6e21c Implemented a basic WebFinger endpoint. 2022-10-03 18:42:08 +02:00
Éloi Rivard
db0fd2d8ba Fixed end-session when user are already disconnected 2022-07-07 16:28:28 +02:00
Éloi Rivard
21a2c306ac Client only return the asked scopes 2022-07-07 16:11:25 +02:00
Éloi Rivard
c8281969d8 Added support for a postalAddress field 2022-07-07 14:46:02 +02:00
Éloi Rivard
95ec09fe54 Implemented RP-initiated logout 2022-06-02 17:56:10 +02:00
Éloi Rivard
1759c6cdf2 Get rid of autouse fixtures 2022-05-20 09:24:24 +02:00
Éloi Rivard
759c19d3a8 Avoid slapd_connection fixture in tests 2022-05-19 12:36:39 +02:00
Éloi Rivard
11a750d238 Refactored tests so ldap connection is not a mandatory argument anymore for most LDAPObject methods 2022-05-18 16:55:37 +02:00
Éloi Rivard
d976d47b1a Test refactoring 2022-05-18 11:31:26 +02:00
emillumine
083b101df2 add tests to clarify when nonce is required 2022-05-13 15:56:31 +02:00
Éloi Rivard
a1c4f7a278 Bumped to authlib 1 2022-04-10 17:04:38 +02:00
Éloi Rivard
8217d423ad Added an option to disable self edition 2022-04-06 17:54:39 +02:00
Éloi Rivard
f496617f81 Fixed documentation about HIDE_INVALID_LOGINS 2022-04-06 17:34:30 +02:00
Éloi Rivard
b7b6040a3e Added an option to disable password recovery 2022-04-05 09:56:38 +02:00
emillumine
f95bffadd6 remove 'available_groups' Group classmethod (replaced by already existing 'all' LDAPObject method) 2022-03-14 10:14:02 +01:00
emillumine
8d804616fd add a 'all' utility class method to LDAPObject to retrieve all class instances 2022-03-14 10:03:05 +01:00
emillumine
3c9f618564 fix automatic cleaning of consents in tests 2022-03-14 10:03:05 +01:00
emillumine
87d2fa8641 fix tests by automatically cleaning up users and groups in test teardown 2022-03-14 10:03:05 +01:00
emillumine
653e79d7a8 fix dn in case of leading space or special char in id attribute 
according to openldap doc, the default is to silently  eliminate  spaces  around  AVA  separators, RDN component separators and RDN separators
https://www.openldap.org/software/man.cgi?query=ldap_str2dn
 2022-03-14 10:03:05 +01:00
emillumine
cd1d106248 set cn without leading space when user is created without given name 2022-03-14 10:03:05 +01:00
Éloi Rivard
07d1826905 Fixed some packaging issues 2022-03-08 19:22:52 +01:00
Éloi Rivard
d15a8cdc74 Improved refresh token tests, again 2022-03-04 19:58:00 +01:00
Éloi Rivard
db2e11c16e Improved refresh token tests 2022-03-04 19:07:52 +01:00
Camille
0db07fa36f fix: groups are saved even when invited user does not have read permission on groups 2022-03-04 18:13:57 +01:00
Camille
a3c4db7a53 fix: handle token not found in token view 2022-03-03 10:05:14 +01:00
Éloi Rivard
a36dfb21fb Removed an useless test 2022-02-23 10:49:49 +01:00
Éloi Rivard
3411e27c85 Improved admin token list and code list templates 2022-02-19 17:53:05 +01:00
Éloi Rivard
a74d68aee1 AuthorizationCode and Token have a new id parameter 2022-02-16 18:00:30 +01:00
Éloi Rivard
7851e8e31f improved token admin page template 2022-02-03 09:51:04 +01:00
Éloi Rivard
1d0f1e2f24 LdapObject an have attribute name different than the schema 2022-01-18 18:04:25 +01:00
Éloi Rivard
52e802b34f split oidc code from the rest 2022-01-11 20:31:55 +01:00
Éloi Rivard
16d2d71194 split oidc tests from the rest 2022-01-11 19:42:26 +01:00
Éloi Rivard
3d69e5cdb4 restore data after unit tests 2022-01-11 19:32:55 +01:00
Éloi Rivard
aef552e9aa removed an avoidable clean fixture 2022-01-11 18:32:53 +01:00
Stéphane Blondon
4d24962544 surname is required when the user is created or updated 2022-01-07 15:19:05 +01:00
Éloi Rivard
5a99a48831 Invited users can choose their uid 2022-01-01 18:41:04 +01:00
Camille
db1d011a3b invitations expire after 48h 2022-01-01 10:56:48 +00:00
Éloi Rivard
39e1725438 Fixed fixtures 2021-12-31 17:41:05 +01:00
Éloi Rivard
d839dd763d admin: email debugging form 2021-12-23 19:21:29 +01:00
emillumine
05d4800f94 fix bug: groups were not saved on user creation 2021-12-22 16:09:03 +01:00
Éloi Rivard
50af2e3e72 pre-commit tox test 2021-12-20 23:57:27 +01:00
Éloi Rivard
f4c04d9666 Default configuration and test client use user avatars 2021-12-13 22:50:53 +01:00
Éloi Rivard
951fce2725 JWT mapping use jinja 2021-12-12 16:17:13 +01:00
Éloi Rivard
18e4b0c42c Documentation improvements 2021-12-12 15:38:32 +01:00
Éloi Rivard
14480020cb Group description 2021-12-10 17:16:33 +01:00
Camille
cefeac4e5b customize jwt claims with format string in config file 2021-12-10 14:56:43 +00:00
Éloi Rivard
0053369604 jpegPhoto profile form 2021-12-09 18:26:11 +01:00
Éloi Rivard
65dd61c524 python to ldap two-ways serialization 2021-12-08 15:53:20 +01:00
Éloi Rivard
015d410fb6 ldaputils variable renaming 2021-12-08 15:06:57 +01:00
Éloi Rivard
adda4832f0 Login placeholder depends on the USER_FILTER configuration attribute 2021-12-07 20:16:46 +01:00
Éloi Rivard
788fa4cf7c invitation: users can just generate a link without sending a mail 2021-12-07 18:50:53 +01:00
Éloi Rivard
720459d162 Disabled invitation and password reset when no smtp server has been configured 2021-12-07 17:12:46 +01:00
Éloi Rivard
d789a9b71c Groups can be read-only instead of disabled 2021-12-07 15:09:55 +01:00
Éloi Rivard
3645171dd8 Option to not use OIDC 2021-12-07 00:16:42 +01:00
Éloi Rivard
65f4af31d5 Redirecting login page to profile page when user is already connected 2021-12-06 23:17:08 +01:00
Éloi Rivard
6d0ca15521 Better error messages when LDAP server is unreachable, or authentication has failed 2021-12-06 21:49:38 +01:00
Éloi Rivard
cad1b6c274 Escape filters 2021-12-06 15:48:30 +01:00
Éloi Rivard
57e4830c82 lazy group loading 2021-12-06 14:52:10 +01:00
Éloi Rivard
02c626129d Fixed unit tests 2021-12-06 14:24:47 +01:00
Éloi Rivard
d2611abadb Permissions overhaul 2021-12-03 14:37:24 +01:00
Éloi Rivard
d8a3696b41 fixed user password on account creation 2021-12-01 13:22:21 +01:00
Éloi Rivard
3ac4ddb490 invitation links 2021-12-01 12:19:28 +01:00
Éloi Rivard
4f82b9eca4 profile hashes take the user email in account 2021-11-30 14:56:39 +01:00
Éloi Rivard
ee72f03786 Installation command 2021-11-24 14:14:04 +01:00
Éloi Rivard
1586bb5a55 install command creates jwt keypair 2021-11-24 13:15:35 +01:00
Éloi Rivard
f10bc616f8 install command tests 2021-11-24 13:15:35 +01:00
Éloi Rivard
12bc13afd3 Moved command tests 2021-11-24 13:15:35 +01:00
Éloi Rivard
daa82bcff5 basic installation command 2021-11-24 13:15:35 +01:00
Éloi Rivard
8bffd645d1 password flow: allow other token endpoint authentication methods 2021-11-21 13:23:08 +01:00
Éloi Rivard
033639a955 Logging is configurable 2021-10-31 14:40:12 +01:00
Éloi Rivard
7e5dccd7eb Merge branch 'issue-50-theming' into 'master' 
use flask-themer to allow theme customization

Closes #50

See merge request yaal/canaille!15
 2021-10-29 15:11:14 +00:00
Camille
4e816180f4 Merge branch 'issue-72-group-bug' into 'master' 
Fix bug on groups with non-existent members

Closes #72

See merge request yaal/canaille!14
 2021-10-29 15:07:16 +00:00
Eloi Rivard
c0f53c8e6e use flask-themer to allow theme customization 2021-10-29 17:05:32 +02:00
Éloi Rivard
7b7edc81cb black 2021-10-29 14:20:06 +02:00
Camille
402a16f9f3 Fix bug on groups with non-existent members 2021-10-29 14:19:46 +02:00
Eloi Rivard
c9df8fb5b3 Updated consents when a larger scope is required 2021-10-27 09:31:24 +02:00
Éloi Rivard
334aec35d9 'check' command check ldap permissions 2021-10-26 22:49:36 +02:00
Éloi Rivard
0e6dd4f7ed Implemented client pre-authorization 2021-10-20 12:15:55 +02:00
Éloi Rivard
582ac90dab tokens can have multiple audiences 2021-10-13 11:52:02 +02:00
Éloi Rivard
d95bde7b22 check command 2021-10-13 10:17:13 +02:00
Éloi Rivard
68c091da62 'canaille' command 2021-10-13 09:50:09 +02:00
Éloi Rivard
d0b4121945 implemented a function that checks some parts of the configuration 2021-10-12 21:21:16 +02:00
Éloi Rivard
2b307e275a Fixed introspection sub claim. Fix #64 2021-10-03 20:26:47 +02:00
Eloi Rivard
0b7def73a3 black 2021-09-28 09:30:41 +02:00
Camille Daniel
08879a059d Valid group name at creation and redirect to newly created group if valid 2021-07-29 16:00:21 +02:00
Camille Daniel
9780fc9eed Enable group deletion 2021-07-29 11:37:02 +02:00
Camille Daniel
aed6b18aa8 Show groups and enable group creation 2021-07-01 18:21:20 +02:00
Camille Daniel
5c62987c27 Merge master 2021-06-04 12:22:57 +02:00
Camille Daniel
f1ac9e140a Add groups claim and scope 2021-06-03 17:24:36 +02:00
Camille
54ff7050f3 Issue 12 groups 2021-06-03 13:00:11 +00:00
Camille Daniel
294b86a698 Only moderators and admin can edit user groups 2021-06-03 14:47:19 +02:00
Camille Daniel
b6ef56ad20 Improve things 2021-06-03 12:28:45 +02:00
Camille Daniel
f05e8094cb Set user groups 2021-06-03 12:00:04 +02:00
Camille Daniel
e07eb0eb50 Save user groups (WIP) 2021-06-03 09:11:38 +02:00
Camille Daniel
95329b3969 WIP 2021-06-03 09:11:38 +02:00
Camille Daniel
8d7bb821e7 Groups field options are available groups 2021-06-03 09:11:38 +02:00
Camille Daniel
75df94216a Add groups field on user profile (WIP) 2021-06-03 09:11:38 +02:00
Éloi Rivard
22b702c065 Fixed flask 2 compatibility 2021-05-24 17:43:15 +02:00
Camille Daniel
5ae459f6e1 Test depends on slapd 2021-05-06 17:25:42 +02:00
Éloi Rivard
8279631070 Moved the 'clean' command in a subdirectory 2021-04-04 18:30:39 +02:00
Éloi Rivard
b9376512cd wip 2021-02-01 11:07:57 +01:00
Éloi Rivard
cf8c015019 Two-steps signin. Fixes #49 2021-01-23 22:30:43 +01:00
Éloi Rivard
d5c8806949 Password reset button. Fixes #53 2021-01-22 18:26:53 +01:00
Éloi Rivard
929eedc6f0 Password initialization mail button. Fixes #51 2021-01-06 17:19:44 +01:00
Éloi Rivard
cbe06cc128 Users can delete their own accounts. #35 2021-01-01 16:42:13 +01:00
Éloi Rivard
8d9a11a2e4 UI improvement on forgotten password page. Fixes #43 2021-01-01 15:30:26 +01:00
Éloi Rivard
58158b902d Refactored tests 2021-01-01 15:20:26 +01:00
Éloi Rivard
c01b587759 Customizable error message for invalid login in forgotten login page. #48 2021-01-01 13:55:20 +01:00
Éloi Rivard
9cf81b6be6 Customizable error message for invalid login. Fixes #48 2020-12-31 19:55:30 +01:00
Éloi Rivard
d2aab4d118 jpegPhoto may be better than photo 2020-12-31 18:11:23 +01:00
Éloi Rivard
ce6c9febd1 Admins can impersonate users. Fixes #39 2020-12-11 12:04:32 +01:00
Éloi Rivard
c63d53f0ed Profile editable fields are configurable 2020-11-26 15:29:14 +01:00
Éloi Rivard
ac0d6db214 Fixed a bug happening when a user is deleted during his session 2020-11-25 17:41:03 +01:00