globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity
1370 commits 5 branches 57 tags 18 MiB
Commit graph

440 commits

Author SHA1 Message Date
Éloi Rivard
1f1bb353e0 Dynamic form validation with htmx 2023-03-30 23:22:58 +02:00
Éloi Rivard
2fb0085d7b OIDC client form renaming 2023-03-30 00:40:25 +02:00
Éloi Rivard
78a129d494 Forms validate URIs 2023-03-29 21:33:47 +02:00
Éloi Rivard
b82852d788 Fixed the CI 2023-03-29 19:46:05 +02:00
Éloi Rivard
f97dc3b2c6 CSRF protection everywhere 2023-03-28 20:30:29 +02:00
Éloi Rivard
98df762666 Fixed user uid and email unicity at creation 2023-03-27 23:16:32 +02:00
Éloi Rivard
7e0e0d6068 Profile edition refactoring 2023-03-22 08:52:00 +01:00
Éloi Rivard
bacbb9a3bb Avoid to display flash messages twice when impersonating or sending a password initialization mail 2023-03-21 22:01:32 +01:00
Éloi Rivard
dd394391c8 Added last_modified and etag headers on the user photos 2023-03-18 01:29:04 +01:00
Éloi Rivard
61940844e6 Properly handle LDAP date timezones 2023-03-18 00:39:32 +01:00
Éloi Rivard
8e84b016da Organization field support 2023-03-17 17:36:23 +01:00
Éloi Rivard
24f0417460 Split the profile page in two 2023-03-16 18:45:35 +01:00
Éloi Rivard
0f93029d2a Split the consent page in two 2023-03-16 18:45:35 +01:00
Éloi Rivard
69c67345c2 Introduced a submenu 2023-03-16 18:45:34 +01:00
Éloi Rivard
5aad527454 Unit tests use WebTest .mustcontain method when possible 2023-03-16 16:25:14 +01:00
Éloi Rivard
94af1744ba pre-commit update 2023-03-14 12:08:37 +01:00
Éloi Rivard
6474d39fac Removes useless tests initializations 2023-03-12 20:18:49 +01:00
Éloi Rivard
fb1c6446fa Users can only search other users based on the fields they can read or write 2023-03-12 19:04:39 +01:00
Éloi Rivard
2c4c3fb37e Title edition support 2023-03-11 22:34:29 +01:00
Éloi Rivard
4170242073 Address edition support (but not in the OIDC claims yet) 2023-03-11 20:12:50 +01:00
Éloi Rivard
822988536d LDAPObject can have several objectClass 2023-03-11 19:46:12 +01:00
Éloi Rivard
048cbd2d59 Group test refactoring 2023-03-11 19:12:58 +01:00
Éloi Rivard
402e60325c departmentNumber edition support #129 2023-03-11 12:55:03 +01:00
Éloi Rivard
3406428f13 Renamed group attributes to match SCIM naming convention 2023-03-11 12:54:27 +01:00
Éloi Rivard
971cf317c9 Used 'id' instead of 'dn' 2023-03-10 18:14:15 +01:00
Éloi Rivard
e802e3d5e2 Consent cn alias 2023-03-10 00:38:16 +01:00
Éloi Rivard
3d37073f18 Fixed unit tests 2023-03-09 20:58:45 +01:00
Éloi Rivard
46a346a0d0 Table search implementation 2023-03-09 19:31:59 +01:00
Éloi Rivard
fbf449edd6 LDAPObject fuzzy search 2023-03-09 19:31:59 +01:00
Éloi Rivard
091270df53 LDAPObject pagination performance improvements 
Creates a LDAPObjectQuery class that is returned by LDAPObject.filter
This avoids to create objects for each ldap result, but only for the
asked slice. It also store the whole results length so `len` calls are
a bit faster.
 2023-03-09 19:31:59 +01:00
Éloi Rivard
e5d968d4f5 Every list of items is paginated server-side. 2023-03-09 19:31:59 +01:00
Éloi Rivard
36cc47e40d Moved jinja macros in their own directory 2023-03-09 18:10:28 +01:00
Éloi Rivard
681c311d05 Forgotten password test improvement 
Search for error messages in flashes instead of directly in the HTML.
 2023-03-09 18:10:28 +01:00
Éloi Rivard
990c624c32 Save one LDAP connection when calling save() 2023-03-09 13:00:17 +01:00
Éloi Rivard
d0f6c341f3 LDAPObject refactoring 2023-03-09 01:14:07 +01:00
Éloi Rivard
53581404ab LDAPObject dn attributes are automatically initialized 2023-03-08 23:53:53 +01:00
Éloi Rivard
d201d6f617 Lazy conversion of LDAP to python format for LDAPObject attributes 2023-03-08 18:54:27 +01:00
Éloi Rivard
7e42467bfc Renamed LDAPObject.rdn in LDAPObject.rdn_attribute 2023-03-08 18:50:33 +01:00
Éloi Rivard
5d9a41f18b Delayed LDAPObject may and must initialization 2023-03-08 00:53:27 +01:00
Éloi Rivard
c5b11d2fb3 Merge LDAPObject.all and LDAPObject.filter in LDAPObject.query 2023-03-07 17:58:27 +01:00
Éloi Rivard
cc65d78719 Renames LDAPObject.ldap in LDAPObject.ldap_connection 2023-03-07 17:55:32 +01:00
Éloi Rivard
a368b36d9c Better populate test cleaning 2023-03-07 17:27:31 +01:00
Éloi Rivard
d345218557 Updated to flask-babel 3 2023-03-01 15:32:40 +01:00
Éloi Rivard
a57c86cc2c SMTP SSL fixes 2023-02-28 10:07:08 +01:00
Éloi Rivard
9d3cd71164 Explicit form names in unit tests 2023-02-26 22:23:57 +01:00
Éloi Rivard
2c2797fbad A populate command can be used to fill the database with random users generated with faker. 2023-02-26 19:48:07 +01:00
Éloi Rivard
b850f51ef0 Tests ensures users created during the test are deleted in the end 2023-02-26 19:47:27 +01:00
Éloi Rivard
7458868f77 Pre-consented clients are displayed in the user consent list, and their consents can be revoked. 2023-02-14 21:56:47 +01:00
Éloi Rivard
d551b1ab35 Revoked consents can be restored 2023-02-14 19:05:43 +01:00
Éloi Rivard
ea9f6ebe00 Use full ldap 'givenName' instead of 'gn' 2023-02-04 22:23:58 +01:00
Éloi Rivard
3359b51d9b Implements admin token deletion 2023-02-04 18:41:49 +01:00
Éloi Rivard
b94c5b468c Reworked admin token page 2023-02-03 18:44:09 +01:00
Éloi Rivard
0cdbcbc2fa Removed debug prints 2023-01-30 20:01:22 +01:00
Éloi Rivard
b059e6e719 Client deletion also delete related objects 2023-01-30 19:58:25 +01:00
Éloi Rivard
c1b3a64757 Use pyquery in i18n tests 2023-01-29 23:06:12 +01:00
Éloi Rivard
08827d3714 Checks flask flashed messages with flask_webtest Response.flashes 2023-01-28 19:02:00 +01:00
Éloi Rivard
63f927830a Fixed dynamic client registration scope management 2023-01-28 14:04:04 +01:00
Éloi Rivard
7b684aed4a preferredLanguage is a single value 2023-01-24 18:15:26 +01:00
Éloi Rivard
c470e7f134 Explicitely set Consent cn 2023-01-23 18:55:27 +01:00
Éloi Rivard
acd54e4afb Dedicated connectivity test email 2023-01-22 12:49:15 +01:00
Éloi Rivard
ba83ab0a20 Merge branch 'html-locale' into 'main' 
Set the correct locale in the HTML main tag.

Closes #122

See merge request yaal/canaille!87
 2023-01-18 17:08:24 +00:00
Éloi Rivard
d7c84079e3 Set the correct locale in the HTML main tag. 2023-01-18 18:02:18 +01:00
Éloi Rivard
9d44967cad Wording and punctuation fixes 2023-01-15 09:31:44 +01:00
Éloi Rivard
d8bcb0bdf0 Ensures the token expires_in claim and the access_token exp claim have the same value. 2023-01-14 14:59:13 +01:00
Éloi Rivard
7cb2da3ca3 refactoring: start to split the canaille installation between submodules 2022-12-29 02:11:56 +01:00
Éloi Rivard
a66ac32689 refactoring: moved the authlib related test configuration in the oidc module 2022-12-29 02:06:54 +01:00
Éloi Rivard
adec1acbaa refactoring: removed useless imports 2022-12-29 01:53:08 +01:00
Éloi Rivard
cae49fcec9 avoid ldap related session variable names 2022-12-29 01:10:07 +01:00
Éloi Rivard
cd1d0a30d5 added 'autoflake' to the precommit tool list 2022-12-29 00:41:32 +01:00
Éloi Rivard
32f6595c02 objectClass is not mandatory for User and Group creation 2022-12-29 00:29:26 +01:00
Éloi Rivard
64ac2af981 Merge branch 'endsession-bugfix' into 'main' 
OIDC end_session was not returning the `state` parameter in the `post_logout_redirect_uri`

See merge request yaal/canaille!82
 2022-12-27 21:16:52 +00:00
Éloi Rivard
c1ae5e059c refactoring: edited mail error test to improve coverage 2022-12-27 22:09:53 +01:00
Éloi Rivard
5793a73801 OIDC end_session was not returning the state parameter in the post_logout_redirect_uri 2022-12-27 21:48:44 +01:00
Éloi Rivard
63bb459d16 unit tests: mails configuration without credentials 2022-12-27 21:37:58 +01:00
Éloi Rivard
630d602a7a groups minor refactoring 2022-12-27 21:32:21 +01:00
Éloi Rivard
69da0b83ce unit tests: SMTP connection with bad TLS configuration 2022-12-27 18:48:55 +01:00
Éloi Rivard
9c29abb269 unit tests: refresh token with invalid user 2022-12-27 18:32:53 +01:00
Éloi Rivard
a08e6c4acd unit tests: password flow with invalid credentials 2022-12-27 18:12:19 +01:00
Éloi Rivard
746c09a3bb unit tests: authorization code flow with invalid users and expired codes 2022-12-27 18:07:24 +01:00
Éloi Rivard
e9731e7e67 unit tests: end_session with invalid client ids 2022-12-26 22:03:43 +01:00
Éloi Rivard
1df1c89ea0 unit tests: user creation without password 2022-12-24 02:52:05 +01:00
Éloi Rivard
619c828780 unit tests: test logout when not logged in 2022-12-24 02:40:50 +01:00
Éloi Rivard
ca2d3de83b Moved the OIDC configuration in the oidc test subdir conftest.py 2022-12-24 02:06:28 +01:00
Éloi Rivard
19793fe8aa unit tests: userinfo 2022-12-24 01:44:16 +01:00
Éloi Rivard
fa503b37f9 unit tests: removed useless condition in slapd_connection fixture teardown 2022-12-22 17:17:18 +01:00
Éloi Rivard
f71c3ce2da unit tests: user photo access 2022-12-22 17:12:24 +01:00
Éloi Rivard
87d57ea9c1 unit tests: forgotten mail sending error 2022-12-22 17:02:07 +01:00
Éloi Rivard
3a596deb1f unit tests: impersonate an unexisting user 2022-12-22 16:56:10 +01:00
Éloi Rivard
5578de99a1 unit tests: delete an unexisting user 2022-12-22 16:52:05 +01:00
Éloi Rivard
afa9aa2fba unit tests: password reset mail error 2022-12-22 16:47:19 +01:00
Éloi Rivard
c2db4527ba unit tests: send a password reset mail to an unexisting user 2022-12-22 16:39:24 +01:00
Éloi Rivard
96ddc5ef4e unit tests: password initialization mail error 2022-12-22 16:38:20 +01:00
Éloi Rivard
892d12da8c unit tests: try to send a password initialization mail to an unexisting user 2022-12-22 16:30:26 +01:00
Éloi Rivard
e95bd6c79f unit tests: test photo on profile creation 2022-12-21 23:48:04 +01:00
Éloi Rivard
c03918e4f1 unit tests: user profile creation form error 2022-12-21 22:03:18 +01:00
Éloi Rivard
51ffff2958 unit tests: first login form error 2022-12-21 21:56:31 +01:00
Éloi Rivard
ae87a61f74 unit tests: first login mail success and error 2022-12-21 21:52:01 +01:00
Éloi Rivard
1764b5197c unit tests: first login page visited twice 2022-12-21 00:24:17 +01:00
Éloi Rivard
2f737ef9a7 unit tests: password resetted during login 2022-12-20 22:59:23 +01:00
Éloi Rivard
f18434011d unit tests: password page access without session 2022-12-20 22:50:02 +01:00
Éloi Rivard
20ffc0fb84 unit tests: sending mail with invalid recipients 2022-12-20 21:05:00 +01:00
Éloi Rivard
7fbe544b15 unit tests: check logo presence in mails 2022-12-20 19:45:04 +01:00
Éloi Rivard
8b066c7695 unit tests: test mails domain guessing from SERVER_NAME flask configuration 2022-12-17 00:38:05 +01:00
Éloi Rivard
e59ab27837 unit tests: app configuration paths 2022-12-16 22:33:09 +01:00
Éloi Rivard
6c41c2a196 unit tests: tested logging to a file 2022-12-16 22:14:46 +01:00
Éloi Rivard
482f949c09 Fixed LDAP operational attributes handling 2022-12-15 12:41:31 +01:00
Éloi Rivard
7c6fd25524 Add nonce to the claims_supported server metadata list 2022-12-15 11:59:00 +01:00
Éloi Rivard
2773f1c34c unit tests: ldap filter tests 2022-12-15 00:15:10 +01:00
Éloi Rivard
a621fc1163 unit tests: ldap utils 2022-12-15 00:03:01 +01:00
Éloi Rivard
f9df8300ce unit tests: ldap objects repr 2022-12-14 21:06:59 +01:00
Éloi Rivard
0e0b561868 unit tests: invalid client admin deletion 2022-12-14 21:03:35 +01:00
Éloi Rivard
db2127f9ef unit tests: client admin validation failures 2022-12-14 19:29:59 +01:00
Éloi Rivard
1dea7edba3 unit tests: client admin invalid request 2022-12-13 19:15:54 +01:00
Éloi Rivard
e478034b81 unit tests: client admin deletion 2022-12-13 19:14:25 +01:00
Éloi Rivard
9a3363a17f unit tests: improved flaskutils coverage 2022-12-11 22:49:32 +01:00
Éloi Rivard
118af82409 Fixes an authlib jwk warning 2022-12-11 22:27:54 +01:00
Éloi Rivard
13a6a984cb unit tests: improved jkws endpoint coverage 2022-12-11 14:57:26 +01:00
Éloi Rivard
12a93870fc unit tests: authorization denial 2022-12-11 14:43:21 +01:00
Éloi Rivard
5a959ef10e unit tests: improved authorization flow coverage 2022-12-11 13:16:24 +01:00
Éloi Rivard
449231abbe unit tests: improved token introspection coverage 2022-12-10 21:10:18 +01:00
Éloi Rivard
812d04a571 unit tests: improved token revokation coverage 2022-12-10 21:02:51 +01:00
Éloi Rivard
8932b390ba test consent removal with arleady revoked tokens 2022-12-10 11:24:53 +01:00
Éloi Rivard
18b05854f3 unit tests: improved authorization code flow coverage 2022-12-10 10:58:22 +01:00
Éloi Rivard
a3418de239 Implemented RFC7592 OAuth Client Registration Management 2022-12-10 00:22:25 +01:00
Éloi Rivard
b230e40e23 unit tests: improved token revokation coverage 2022-12-06 18:52:35 +01:00
Éloi Rivard
b34e862e4b unit tests: increased group coverage 2022-12-06 18:36:07 +01:00
Éloi Rivard
5b388400d1 unit tests: test schema installation with missing permissions 2022-12-06 18:18:27 +01:00
Éloi Rivard
c2e93b8773 unit tests: slapd initialization refactoring 2022-12-06 18:18:27 +01:00
Éloi Rivard
edbd98e9d2 unit tests: better admin mail debugger testing 
There was no test that covered the case where there is an issue when
sending the debug email.
 2022-12-04 17:15:54 +01:00
Éloi Rivard
a4afcc61dd unit tests: added consent deletion tests 2022-12-04 13:57:56 +01:00
Éloi Rivard
56fb83d44d unit tests: increased well-known coverage 2022-12-04 13:43:29 +01:00
Éloi Rivard
73d6e055d3 unit tests: removed useless try/except in oidc fixtures 2022-12-04 13:41:09 +01:00
Éloi Rivard
ab905d77e8 unit tests: removed useless ldap server schema initialization methods 2022-12-04 13:06:55 +01:00
Éloi Rivard
4052e0770d unit tests: removed useless cleaning 2022-12-04 13:04:09 +01:00
Éloi Rivard
ecc969e3d5 index page unit tests 2022-12-04 12:57:59 +01:00
Éloi Rivard
9bf9c43677 Demo displays user preferred locale 2022-12-04 11:53:37 +01:00
Éloi Rivard
9e75ef3478 Users can choose their favourite display name 2022-12-02 18:48:21 +01:00
Éloi Rivard
bb0daf34d7 LDAP 'preferredLanguage' attribute support 2022-11-20 22:52:47 +01:00
Éloi Rivard
77ae9df2a9 Issuer 'ISS' configuration option is not mandatory anymore 2022-11-17 18:10:40 +01:00
Éloi Rivard
154ec9fcd2 FROM_ADDR configuration option is not mandatory anymore 2022-11-16 19:26:33 +01:00
Éloi Rivard
c7df0cca32 profile edition: redirect after form submission to avoid double submissions 2022-11-16 18:19:24 +01:00
Éloi Rivard
32a626ee4b group admin: redirect after form submission to avoid double submissions 2022-11-16 17:55:24 +01:00
Éloi Rivard
be4a51d72a client admin: redirect after form submission to avoid double submissions 2022-11-16 17:50:38 +01:00
Éloi Rivard
62b62b684f Fixed client preconsent disabling 2022-11-16 17:36:16 +01:00
Éloi Rivard
e3028f375c Dynamically generate the server metadata. 
OAUTH2 and OIDC server metadata are now dynamically generated.
 2022-11-16 10:20:32 +01:00
Éloi Rivard
ba88f8e44a rfc7591: fixed software statement support 2022-11-15 19:04:42 +01:00
Éloi Rivard
5fa9b6b89c added parameters to the OIDC dynamic registration test cases 2022-11-15 17:16:23 +01:00
Éloi Rivard
9deee91c02 Updated issuer test fixture 2022-11-15 16:00:29 +01:00
Éloi Rivard
d559d8774a Refactored demo instanciation 2022-11-15 12:47:44 +01:00
Éloi Rivard
1f3a29ddeb unit tests: ldap domain is dc=mydomain,dc=tld 2022-11-05 19:52:57 +01:00