Commit graph

104 commits

Author SHA1 Message Date
Éloi Rivard
e145a7acc8 Renamed LDAPObject 'id' attribute in 'rdn' 2023-01-24 18:32:44 +01:00
Éloi Rivard
c470e7f134 Explicitely set Consent cn 2023-01-23 18:55:27 +01:00
Éloi Rivard
d8bcb0bdf0 Ensures the token expires_in claim and the access_token exp claim have the same value. 2023-01-14 14:59:13 +01:00
Éloi Rivard
7cb2da3ca3 refactoring: start to split the canaille installation between submodules 2022-12-29 02:11:56 +01:00
Éloi Rivard
ab517f4fc0 refactoring: use Group.name when possible 2022-12-29 01:27:22 +01:00
Éloi Rivard
cae49fcec9 avoid ldap related session variable names 2022-12-29 01:10:07 +01:00
Éloi Rivard
cd1d0a30d5 added 'autoflake' to the precommit tool list 2022-12-29 00:41:32 +01:00
Éloi Rivard
7274f9cc02 fixed the consent list and authorization pages translations 2022-12-28 01:46:05 +01:00
Éloi Rivard
64ac2af981 Merge branch 'endsession-bugfix' into 'main'
OIDC end_session was not returning the `state` parameter in the `post_logout_redirect_uri`

See merge request yaal/canaille!82
2022-12-27 21:16:52 +00:00
Éloi Rivard
70f0941278 refactoring: removed a guard to increase coverage 2022-12-27 22:02:06 +01:00
Éloi Rivard
5793a73801 OIDC end_session was not returning the state parameter in the post_logout_redirect_uri 2022-12-27 21:48:44 +01:00
Éloi Rivard
6ec2f183fd removed unused import 2022-12-24 02:03:37 +01:00
Éloi Rivard
19793fe8aa unit tests: userinfo 2022-12-24 01:44:16 +01:00
Éloi Rivard
41642f68c6 prevent lazy_gettext execution in unwanted contexts 2022-12-16 19:28:13 +01:00
Camille Daniel
7e71789fad fix post requests in oidc clients views
flash and lazygettext were causing an unexpected bug on post (not get) requests
2022-12-16 19:15:50 +01:00
Éloi Rivard
f086bcd7da Stop caching server metadata 2022-12-15 23:00:58 +01:00
Éloi Rivard
7c6fd25524 Add nonce to the claims_supported server metadata list 2022-12-15 11:59:00 +01:00
Éloi Rivard
e478034b81 unit tests: client admin deletion 2022-12-13 19:14:25 +01:00
Éloi Rivard
9a3363a17f unit tests: improved flaskutils coverage 2022-12-11 22:49:32 +01:00
Éloi Rivard
118af82409 Fixes an authlib jwk warning 2022-12-11 22:27:54 +01:00
Éloi Rivard
c02ea791be removed unused method in the oauth authorization class 2022-12-10 21:18:17 +01:00
Éloi Rivard
449231abbe unit tests: improved token introspection coverage 2022-12-10 21:10:18 +01:00
Éloi Rivard
812d04a571 unit tests: improved token revokation coverage 2022-12-10 21:02:51 +01:00
Éloi Rivard
8932b390ba test consent removal with arleady revoked tokens 2022-12-10 11:24:53 +01:00
Éloi Rivard
fa3d51e32b removed unused method in the client model 2022-12-10 11:00:16 +01:00
Éloi Rivard
a3418de239 Implemented RFC7592 OAuth Client Registration Management 2022-12-10 00:22:25 +01:00
Éloi Rivard
bb0daf34d7 LDAP 'preferredLanguage' attribute support 2022-11-20 22:52:47 +01:00
Éloi Rivard
77ae9df2a9 Issuer 'ISS' configuration option is not mandatory anymore 2022-11-17 18:10:40 +01:00
Éloi Rivard
be4a51d72a client admin: redirect after form submission to avoid double submissions 2022-11-16 17:50:38 +01:00
Éloi Rivard
e3028f375c Dynamically generate the server metadata.
OAUTH2 and OIDC server metadata are now dynamically generated.
2022-11-16 10:20:32 +01:00
Éloi Rivard
ba88f8e44a rfc7591: fixed software statement support 2022-11-15 19:04:42 +01:00
Éloi Rivard
fdb8714094 Fixed a bug happening during RP initiated logout on clients without post_logout_redirect_uri defined 2022-10-26 18:09:02 +02:00
Éloi Rivard
6facd248a9 Fixed a bug on the contacts field in the admin client form following the LDAP schema update of 0.0.12 2022-10-26 17:44:50 +02:00
Éloi Rivard
4f729caf2e Implemented dynamic client registration 2022-10-24 10:00:32 +02:00
Éloi Rivard
659efaf7ef Variable renaming 2022-10-21 17:03:38 +02:00
Éloi Rivard
77aff593d4 Refactoring: file renaming 2022-10-06 13:32:41 +02:00
Éloi Rivard
0584cad0f5 Fixed well_known URLs 2022-10-03 19:32:39 +02:00
Éloi Rivard
e45ad6e21c Implemented a basic WebFinger endpoint. 2022-10-03 18:42:08 +02:00
Éloi Rivard
d0962a9a8d Removed a debug print 2022-07-27 17:56:16 +02:00
Éloi Rivard
db0fd2d8ba Fixed end-session when user are already disconnected 2022-07-07 16:28:28 +02:00
Éloi Rivard
21a2c306ac Client only return the asked scopes 2022-07-07 16:11:25 +02:00
Éloi Rivard
95ec09fe54 Implemented RP-initiated logout 2022-06-02 17:56:10 +02:00
Éloi Rivard
a1c4f7a278 Bumped to authlib 1 2022-04-10 17:04:38 +02:00
Éloi Rivard
d597baa415 for better readability, set the flask aborts in their own conditionnal block 2022-04-04 17:52:05 +02:00
emillumine
8d804616fd add a 'all' utility class method to LDAPObject to retrieve all class instances 2022-03-14 10:03:05 +01:00
Éloi Rivard
dc835cc149 access token is a jwt 2022-03-04 19:58:10 +01:00
Camille
a3c4db7a53 fix: handle token not found in token view 2022-03-03 10:05:14 +01:00
Stéphane Blondon
803fadd0e9 fix: better consistency of admin dropdown menu
The dropdown was not always displayed due to lack of 'menuitem' parameter on some calls.
The 'active' and 'dropdown' classes from fomanticUI clash so the dropdown is not displayed when both are added to the `div` tag. As workaround, 'active' class is replaced by a custom 'dropdown-active' class.
2022-02-25 13:58:35 +01:00
Éloi Rivard
a74d68aee1 AuthorizationCode and Token have a new id parameter 2022-02-16 18:00:30 +01:00
Éloi Rivard
88c9547cc4 Use a custom method to generate access tokens 2022-02-13 18:18:25 +01:00
Éloi Rivard
6e01baf3b0 improved token admin page template, again 2022-02-03 10:04:14 +01:00
Éloi Rivard
7851e8e31f improved token admin page template 2022-02-03 09:51:04 +01:00
Éloi Rivard
1d0f1e2f24 LdapObject an have attribute name different than the schema 2022-01-18 18:04:25 +01:00
Éloi Rivard
52e802b34f split oidc code from the rest 2022-01-11 20:31:55 +01:00