globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity
1647 commits 5 branches 57 tags 18 MiB
Commit graph

150 commits

Author SHA1 Message Date
Éloi Rivard
a4a381d088
refactor: gather endpoints in a 'endpoints' directory 2023-12-26 00:30:19 +01:00
Éloi Rivard
06b60e1747
fix: post_logout_redirect_uris was ignored during OIDC dynamic registration 2023-12-23 21:32:31 +01:00
Éloi Rivard
c847ef9284
feat: OIDC prompt=create implementation 2023-12-23 19:37:48 +01:00
Éloi Rivard
577bca360e
tests: renamed other_client fixture in trusted_client 2023-12-23 19:37:27 +01:00
Éloi Rivard
521ed75f18
fix: correctly set up Client audience during OIDC dynamic registration 2023-12-23 19:37:14 +01:00
Éloi Rivard
0d4174de43
tests: fix OIDC well-known tests 2023-12-23 17:24:03 +01:00
Éloi Rivard
9ff0411e9e
tests: extracted the prompt tests in a dedicated file 2023-12-22 21:18:02 +01:00
Éloi Rivard
97394823bf
fix: return a 403 error when users are missing permissions for OIDC authentication 2023-12-22 16:39:20 +01:00
Éloi Rivard
a3908883e3
tests: use canaille.test domain instead of localhost 2023-12-14 20:07:49 +01:00
Éloi Rivard
066aed7735
feat: convert the png in webp 2023-12-01 22:09:54 +01:00
Éloi Rivard
e6cf6ad7bd
tests: backport tests from sqlachemy branch 2023-11-24 12:10:17 +01:00
Éloi Rivard
c19199b7a7
tests: use lists of strings for Token.scope and AuthorizationCode.scope 2023-11-23 22:07:42 +01:00
Éloi Rivard
7494800e57
fix: OIDC client 'client_secret_expires_at' claim must be 0, not None 2023-11-23 09:15:40 +01:00
Éloi Rivard
79e547fc10
refactor: OIDC token scopes are stored as lists 2023-11-22 16:36:42 +01:00
Éloi Rivard
fd77bd5637
refactor: OIDC authorization codes scopes are stored as lists 2023-11-22 16:30:38 +01:00
Éloi Rivard
1fd8af2cf4
refactor: models attributes cardinality is closer to SCIM models 2023-11-17 21:21:25 +01:00
Éloi Rivard
0569950c47
tests: fix end session error message test 2023-11-16 17:49:33 +01:00
Éloi Rivard
40b868cfee
tests: multiple emails and phone_numbers 2023-10-02 21:58:46 +02:00
Éloi Rivard
88dcf94750
Revert "tests: domain is localhost.local" 
This reverts commit 44aed27719.
 2023-10-01 15:42:16 +02:00
Éloi Rivard
44aed27719
tests: domain is localhost.local 2023-09-20 09:54:17 +02:00
Éloi Rivard
a2fb88fb05
tests: fix CI 2023-09-15 18:01:17 +02:00
Éloi Rivard
46c795b3b5
refactor: only load oidc module if OIDC is configured 2023-09-15 17:56:23 +02:00
Éloi Rivard
a7b3d4be88
feat: user login redirections 
if users login during the authorization phase, they
get redirected to the authorization page afterwards
 2023-09-01 09:12:40 +02:00
Éloi Rivard
8be771e41d
tests: fix CI 2023-08-31 22:44:06 +02:00
Éloi Rivard
21ea0238b5
OIDC jwks endpoint do not return empty kid claim 2023-08-26 19:59:44 +02:00
Éloi Rivard
c895366684
refactor: store user profile in g.user 2023-08-13 22:08:28 +02:00
Éloi Rivard
b4908d5e57
modals are HTML pages instead of JS elements 
This will help providing the very same user experience for users with
and without javascript. We will still be able to re-enable javascript
modals in the future, but this should be done from the ground up, HTML
first and javascript after.
 2023-07-18 18:34:10 +02:00
Éloi Rivard
4f42798e39 Refactored keypair management 2023-07-01 19:06:26 +02:00
Éloi Rivard
021c1b3d11 Pagination pluralization 2023-06-30 18:12:13 +02:00
Éloi Rivard
57af18d557 Use a unique identifier to indentify users in URLS 
Previously we used the uid since we supposed this value was always
valid, but some users user the mail attribute as the User RDN in their
OpenLDAP installation, and do not have a uuid.
 2023-06-29 15:55:39 +02:00
Éloi Rivard
8617fc0f2b Implement multiple fields 2023-06-22 16:56:44 +02:00
Éloi Rivard
371f806695 Renamed User.email in User.emails 2023-06-22 15:15:46 +02:00
Éloi Rivard
8061042e46 client admin test refactoring 2023-06-20 09:32:43 +02:00
Éloi Rivard
14ccb69762 backend fixture is parametrizable 2023-06-03 23:39:38 +02:00
Éloi Rivard
17c2f7a5cd Implemented LDAP ppolicy support. 2023-05-26 15:23:43 +02:00
Éloi Rivard
d8158d6a72 Use ruff linter 2023-05-25 13:37:58 +02:00
Éloi Rivard
033d436878 Moved LDAP schema installation in the ldap backend module 2023-05-20 20:04:23 +02:00
Éloi Rivard
c1d1706007 Moved every model import to canaille.models 2023-05-20 20:02:00 +02:00
Éloi Rivard
6f637b8129 Refactored the unit test backend fixtures 2023-05-20 17:17:46 +02:00
Éloi Rivard
d66619a01c OIDC lifetimes are not casted to string anymore 2023-05-17 09:29:32 +02:00
Éloi Rivard
b346b0db8a Use generic Consent.consent_id instead of LDAP Consent.cn attribute 2023-05-17 08:54:13 +02:00
Éloi Rivard
00b5997a61 Avoid calls to LDAPUser.may and LDAPUser.must 2023-05-16 22:18:38 +02:00
Éloi Rivard
8998fe9b62 Explicit arguments when using Model.get 2023-05-16 11:29:40 +02:00
Éloi Rivard
88179b23b8 fix non-generic model attribute calls 2023-05-11 16:02:32 +02:00
Éloi Rivard
abf9a23ac8 unit tests: only use user_name to authenticate users 2023-05-11 15:33:34 +02:00
Éloi Rivard
fa62c16768 Moved canaille.ldap_backend to canaille.backends.ldap 2023-04-18 20:22:55 +02:00
Éloi Rivard
0376a3bab8 Cleartext password in unit tests 2023-04-10 21:42:14 +02:00
Éloi Rivard
e2b96af1ee Moved LDAP configuration entry to BACKENDS.LDAP 2023-04-10 20:31:54 +02:00
Éloi Rivard
cc45ed4be9 OIDC.JWT.MAPPING configuration option is really optional 2023-04-10 20:09:47 +02:00
Éloi Rivard
7cd078bf81 Correctly read OIDC dynamic registration config entries 2023-04-10 19:28:26 +02:00