globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity
1832 commits 5 branches 57 tags 18 MiB
Commit graph

173 commits

Author SHA1 Message Date
Éloi Rivard
324b36c829
refactor: template overhaul 2023-08-14 15:28:20 +02:00
Éloi Rivard
d27aab8651
refactor: the core module has its own main blueprint 2023-08-14 13:52:24 +02:00
Éloi Rivard
4347fb572a
chore: rename HTMXForm to Form 2023-07-23 23:38:11 +02:00
Éloi Rivard
b4908d5e57
modals are HTML pages instead of JS elements 
This will help providing the very same user experience for users with
and without javascript. We will still be able to re-enable javascript
modals in the future, but this should be done from the ground up, HTML
first and javascript after.
 2023-07-18 18:34:10 +02:00
Éloi Rivard
4715f643e2 Add a OIDC.REQUIRE_NONCE option to improve compatibility with clients 2023-07-06 17:57:17 +02:00
Éloi Rivard
4f42798e39 Refactored keypair management 2023-07-01 19:06:26 +02:00
Éloi Rivard
fca92b7299 Correct plural labels for multiple fields 2023-06-30 17:39:35 +02:00
Éloi Rivard
13dc41f691 Removed unused code 2023-06-29 17:53:32 +02:00
Éloi Rivard
52482ca19c Implements flask OIDC converters 2023-06-29 15:55:39 +02:00
Éloi Rivard
f504bb3a66 Implements a flask User converter 2023-06-29 15:55:39 +02:00
Éloi Rivard
8617fc0f2b Implement multiple fields 2023-06-22 16:56:44 +02:00
Éloi Rivard
361fda0386 Renamed User.phone_number in User.phone_numbers 2023-06-22 15:33:03 +02:00
Éloi Rivard
b5bd497d0e Implemented User.preferred_email 2023-06-22 15:24:13 +02:00
Éloi Rivard
371f806695 Renamed User.email in User.emails 2023-06-22 15:15:46 +02:00
Éloi Rivard
ec02aa0ad9 Force OIDC Clients contact field to be a valid email. 2023-06-22 11:39:50 +02:00
Éloi Rivard
17c2f7a5cd Implemented LDAP ppolicy support. 2023-05-26 15:23:43 +02:00
Éloi Rivard
a92542cd81 Moved models specificities in the backend module 2023-05-20 21:24:14 +02:00
Éloi Rivard
033d436878 Moved LDAP schema installation in the ldap backend module 2023-05-20 20:04:23 +02:00
Éloi Rivard
c1d1706007 Moved every model import to canaille.models 2023-05-20 20:02:00 +02:00
Éloi Rivard
be78b50e97 Removed User.authenticate method 2023-05-17 12:48:14 +02:00
Éloi Rivard
2f924c4b7e Fixes calls to the Consent.oauthClient and Consent.oauthSubject attributes 2023-05-17 12:07:52 +02:00
Éloi Rivard
d66619a01c OIDC lifetimes are not casted to string anymore 2023-05-17 09:29:32 +02:00
Éloi Rivard
b4014cfd73 Use explicit attributes in Consent.get 2023-05-17 09:19:15 +02:00
Éloi Rivard
b346b0db8a Use generic Consent.consent_id instead of LDAP Consent.cn attribute 2023-05-17 08:54:13 +02:00
Éloi Rivard
a7013f2360 Explicited OIDC authorization admin variable 2023-05-16 22:28:34 +02:00
Éloi Rivard
8998fe9b62 Explicit arguments when using Model.get 2023-05-16 11:29:40 +02:00
Éloi Rivard
9480e43ad9 Removed LDAPObject __getitem__ and __setitem__ methods 2023-05-11 23:08:39 +02:00
Éloi Rivard
df60821e29 Rename LDAPObject.attribute_table to attributes 2023-05-11 16:55:33 +02:00
Éloi Rivard
9e6a1b85f1 Avoid setting 'None' in claims when they are empty 2023-05-05 13:28:02 +02:00
Éloi Rivard
fa62c16768 Moved canaille.ldap_backend to canaille.backends.ldap 2023-04-18 20:22:55 +02:00
Éloi Rivard
cc45ed4be9 OIDC.JWT.MAPPING configuration option is really optional 2023-04-10 20:09:47 +02:00
Éloi Rivard
7cd078bf81 Correctly read OIDC dynamic registration config entries 2023-04-10 19:28:26 +02:00
Éloi Rivard
61f5d25f2f Creates a OIDC configuration section for all the OIDC related entries 2023-04-10 16:24:43 +02:00
Éloi Rivard
65efece01e Renamed LDAPObject.initialize in LDAPObject.install 2023-04-09 23:17:24 +02:00
Éloi Rivard
83f67331d3 Split commands in their dedicated modules 2023-04-09 21:58:11 +02:00
Éloi Rivard
79f12b1d0a 'app' submodule 2023-04-09 15:52:55 +02:00
Éloi Rivard
08f8bfbfdb Moved user and group management in the core submodule 2023-04-09 13:34:38 +02:00
Éloi Rivard
e0256db017 Moved oidc blueprints in a dedicated file 2023-04-09 11:31:23 +02:00
Éloi Rivard
4c454f6de4 Removed unused imports 2023-04-09 02:13:34 +02:00
Éloi Rivard
52f7276527 Explicitly use User.formatted_name instead of User.name 2023-04-07 22:45:42 +02:00
Éloi Rivard
db3a4a74ff Renamed user attributes to match SCIM naming convention 2023-04-07 20:12:24 +02:00
Éloi Rivard
d53fdde986 Refactored utils 2023-04-02 00:32:27 +02:00
Éloi Rivard
1f1bb353e0 Dynamic form validation with htmx 2023-03-30 23:22:58 +02:00
Éloi Rivard
2fb0085d7b OIDC client form renaming 2023-03-30 00:40:25 +02:00
Éloi Rivard
78a129d494 Forms validate URIs 2023-03-29 21:33:47 +02:00
Éloi Rivard
40c36cdf64 Use the form_render macro when possible 2023-03-28 23:31:35 +02:00
Éloi Rivard
f97dc3b2c6 CSRF protection everywhere 2023-03-28 20:30:29 +02:00
Éloi Rivard
61940844e6 Properly handle LDAP date timezones 2023-03-18 00:39:32 +01:00
Éloi Rivard
0f93029d2a Split the consent page in two 2023-03-16 18:45:35 +01:00
Éloi Rivard
94af1744ba pre-commit update 2023-03-14 12:08:37 +01:00
Éloi Rivard
822988536d LDAPObject can have several objectClass 2023-03-11 19:46:12 +01:00
Éloi Rivard
3406428f13 Renamed group attributes to match SCIM naming convention 2023-03-11 12:54:27 +01:00
Éloi Rivard
971cf317c9 Used 'id' instead of 'dn' 2023-03-10 18:14:15 +01:00
Éloi Rivard
e802e3d5e2 Consent cn alias 2023-03-10 00:38:16 +01:00
Éloi Rivard
cf9b5c11a3 Dynamic tables with htmx 
- Search is triggered with user inputs
- Page changes are triggered with clicks
 2023-03-09 19:31:59 +01:00
Éloi Rivard
e5d968d4f5 Every list of items is paginated server-side. 2023-03-09 19:31:59 +01:00
Éloi Rivard
53581404ab LDAPObject dn attributes are automatically initialized 2023-03-08 23:53:53 +01:00
Éloi Rivard
7e42467bfc Renamed LDAPObject.rdn in LDAPObject.rdn_attribute 2023-03-08 18:50:33 +01:00
Éloi Rivard
c5b11d2fb3 Merge LDAPObject.all and LDAPObject.filter in LDAPObject.query 2023-03-07 17:58:27 +01:00
Éloi Rivard
8b4d5eb247 This is too soon for the walrus operator 2023-02-14 22:06:03 +01:00
Éloi Rivard
7458868f77 Pre-consented clients are displayed in the user consent list, and their consents can be revoked. 2023-02-14 21:56:47 +01:00
Éloi Rivard
d551b1ab35 Revoked consents can be restored 2023-02-14 19:05:43 +01:00
Éloi Rivard
3359b51d9b Implements admin token deletion 2023-02-04 18:41:49 +01:00
Éloi Rivard
3ac7a8013f Punctuation uniformization 2023-02-03 18:49:44 +01:00
Éloi Rivard
75bca52050 Merge branch 'kingu-main-patch-85823' into 'main' 
Shortened profile strings

See merge request yaal/canaille!99
 2023-01-31 08:25:23 +00:00
Allan Nordhøy
21d8c1b2bf Shortened profile strings 2023-01-31 01:06:06 +00:00
Éloi Rivard
b059e6e719 Client deletion also delete related objects 2023-01-30 19:58:25 +01:00
Éloi Rivard
3be937c286 Fix coverage 2023-01-28 18:35:39 +01:00
Éloi Rivard
63f927830a Fixed dynamic client registration scope management 2023-01-28 14:04:04 +01:00
Éloi Rivard
e145a7acc8 Renamed LDAPObject 'id' attribute in 'rdn' 2023-01-24 18:32:44 +01:00
Éloi Rivard
c470e7f134 Explicitely set Consent cn 2023-01-23 18:55:27 +01:00
Éloi Rivard
d8bcb0bdf0 Ensures the token expires_in claim and the access_token exp claim have the same value. 2023-01-14 14:59:13 +01:00
Éloi Rivard
7cb2da3ca3 refactoring: start to split the canaille installation between submodules 2022-12-29 02:11:56 +01:00
Éloi Rivard
ab517f4fc0 refactoring: use Group.name when possible 2022-12-29 01:27:22 +01:00
Éloi Rivard
cae49fcec9 avoid ldap related session variable names 2022-12-29 01:10:07 +01:00
Éloi Rivard
cd1d0a30d5 added 'autoflake' to the precommit tool list 2022-12-29 00:41:32 +01:00
Éloi Rivard
7274f9cc02 fixed the consent list and authorization pages translations 2022-12-28 01:46:05 +01:00
Éloi Rivard
64ac2af981 Merge branch 'endsession-bugfix' into 'main' 
OIDC end_session was not returning the `state` parameter in the `post_logout_redirect_uri`

See merge request yaal/canaille!82
 2022-12-27 21:16:52 +00:00
Éloi Rivard
70f0941278 refactoring: removed a guard to increase coverage 2022-12-27 22:02:06 +01:00
Éloi Rivard
5793a73801 OIDC end_session was not returning the state parameter in the post_logout_redirect_uri 2022-12-27 21:48:44 +01:00
Éloi Rivard
6ec2f183fd removed unused import 2022-12-24 02:03:37 +01:00
Éloi Rivard
19793fe8aa unit tests: userinfo 2022-12-24 01:44:16 +01:00
Éloi Rivard
41642f68c6 prevent lazy_gettext execution in unwanted contexts 2022-12-16 19:28:13 +01:00
Camille Daniel
7e71789fad fix post requests in oidc clients views 
flash and lazygettext were causing an unexpected bug on post (not get) requests
 2022-12-16 19:15:50 +01:00
Éloi Rivard
f086bcd7da Stop caching server metadata 2022-12-15 23:00:58 +01:00
Éloi Rivard
7c6fd25524 Add nonce to the claims_supported server metadata list 2022-12-15 11:59:00 +01:00
Éloi Rivard
e478034b81 unit tests: client admin deletion 2022-12-13 19:14:25 +01:00
Éloi Rivard
9a3363a17f unit tests: improved flaskutils coverage 2022-12-11 22:49:32 +01:00
Éloi Rivard
118af82409 Fixes an authlib jwk warning 2022-12-11 22:27:54 +01:00
Éloi Rivard
c02ea791be removed unused method in the oauth authorization class 2022-12-10 21:18:17 +01:00
Éloi Rivard
449231abbe unit tests: improved token introspection coverage 2022-12-10 21:10:18 +01:00
Éloi Rivard
812d04a571 unit tests: improved token revokation coverage 2022-12-10 21:02:51 +01:00
Éloi Rivard
8932b390ba test consent removal with arleady revoked tokens 2022-12-10 11:24:53 +01:00
Éloi Rivard
fa3d51e32b removed unused method in the client model 2022-12-10 11:00:16 +01:00
Éloi Rivard
a3418de239 Implemented RFC7592 OAuth Client Registration Management 2022-12-10 00:22:25 +01:00
Éloi Rivard
bb0daf34d7 LDAP 'preferredLanguage' attribute support 2022-11-20 22:52:47 +01:00
Éloi Rivard
77ae9df2a9 Issuer 'ISS' configuration option is not mandatory anymore 2022-11-17 18:10:40 +01:00
Éloi Rivard
be4a51d72a client admin: redirect after form submission to avoid double submissions 2022-11-16 17:50:38 +01:00
Éloi Rivard
e3028f375c Dynamically generate the server metadata. 
OAUTH2 and OIDC server metadata are now dynamically generated.
 2022-11-16 10:20:32 +01:00
Éloi Rivard
ba88f8e44a rfc7591: fixed software statement support 2022-11-15 19:04:42 +01:00