Commit graph

65 commits

Author SHA1 Message Date
Éloi Rivard
acf8acf29f
fix: locked users cannot use OIDC authorization codes 2024-04-17 13:05:14 +02:00
Éloi Rivard
fc8c0da912
fix: locked users cannot use refresh tokens 2024-04-17 12:07:11 +02:00
Éloi Rivard
88832b5b3b
refactor: move User.check_password and User.set_password methods to Backend 2024-04-07 20:17:15 +02:00
Éloi Rivard
5a6ce24074
refactor: move User.get_from_login method to Backend 2024-04-07 20:17:15 +02:00
Éloi Rivard
ec7a721336
refactor: ldap objects id attribute is based on entryUUID instead of dn 2024-04-05 15:35:49 +02:00
Éloi Rivard
8625318341
feat: use pydantic to validate the configuration 2024-03-28 17:44:26 +01:00
Éloi Rivard
4edffcaa9f
chore: use isort instead of reoder-python-imports 2024-03-15 19:58:37 +01:00
Éloi Rivard
a237fa0198
chore: pre-commit update 2023-12-26 01:13:11 +01:00
Éloi Rivard
a4a381d088
refactor: gather endpoints in a 'endpoints' directory 2023-12-26 00:30:19 +01:00
Éloi Rivard
06b60e1747
fix: post_logout_redirect_uris was ignored during OIDC dynamic registration 2023-12-23 21:32:31 +01:00
Éloi Rivard
521ed75f18
fix: correctly set up Client audience during OIDC dynamic registration 2023-12-23 19:37:14 +01:00
Éloi Rivard
52fc93a481
refactor: avoid to directly use the 'configuration' fixture in tests 2023-12-19 18:28:04 +01:00
Éloi Rivard
8a5dd04c87
refactor: OIDC client management factorization, again 2023-11-24 09:30:52 +01:00
Éloi Rivard
a308a40b11
refactor: OIDC client management factorization 2023-11-24 09:26:15 +01:00
Éloi Rivard
79e547fc10
refactor: OIDC token scopes are stored as lists 2023-11-22 16:36:42 +01:00
Éloi Rivard
fd77bd5637
refactor: OIDC authorization codes scopes are stored as lists 2023-11-22 16:30:38 +01:00
Éloi Rivard
771d3952a3
feat: OIDC password grant supports other client authentication methods 2023-11-18 19:20:14 +01:00
Éloi Rivard
1fd8af2cf4
refactor: models attributes cardinality is closer to SCIM models 2023-11-17 21:21:25 +01:00
Éloi Rivard
d7c6896093
refactor: move get_jkws method in oauth.py 2023-09-18 23:02:48 +02:00
Éloi Rivard
d27aab8651
refactor: the core module has its own main blueprint 2023-08-14 13:52:24 +02:00
Éloi Rivard
4715f643e2 Add a OIDC.REQUIRE_NONCE option to improve compatibility with clients 2023-07-06 17:57:17 +02:00
Éloi Rivard
4f42798e39 Refactored keypair management 2023-07-01 19:06:26 +02:00
Éloi Rivard
f504bb3a66 Implements a flask User converter 2023-06-29 15:55:39 +02:00
Éloi Rivard
361fda0386 Renamed User.phone_number in User.phone_numbers 2023-06-22 15:33:03 +02:00
Éloi Rivard
b5bd497d0e Implemented User.preferred_email 2023-06-22 15:24:13 +02:00
Éloi Rivard
371f806695 Renamed User.email in User.emails 2023-06-22 15:15:46 +02:00
Éloi Rivard
17c2f7a5cd Implemented LDAP ppolicy support. 2023-05-26 15:23:43 +02:00
Éloi Rivard
c1d1706007 Moved every model import to canaille.models 2023-05-20 20:02:00 +02:00
Éloi Rivard
be78b50e97 Removed User.authenticate method 2023-05-17 12:48:14 +02:00
Éloi Rivard
d66619a01c OIDC lifetimes are not casted to string anymore 2023-05-17 09:29:32 +02:00
Éloi Rivard
8998fe9b62 Explicit arguments when using Model.get 2023-05-16 11:29:40 +02:00
Éloi Rivard
9e6a1b85f1 Avoid setting 'None' in claims when they are empty 2023-05-05 13:28:02 +02:00
Éloi Rivard
cc45ed4be9 OIDC.JWT.MAPPING configuration option is really optional 2023-04-10 20:09:47 +02:00
Éloi Rivard
7cd078bf81 Correctly read OIDC dynamic registration config entries 2023-04-10 19:28:26 +02:00
Éloi Rivard
61f5d25f2f Creates a OIDC configuration section for all the OIDC related entries 2023-04-10 16:24:43 +02:00
Éloi Rivard
08f8bfbfdb Moved user and group management in the core submodule 2023-04-09 13:34:38 +02:00
Éloi Rivard
4c454f6de4 Removed unused imports 2023-04-09 02:13:34 +02:00
Éloi Rivard
52f7276527 Explicitly use User.formatted_name instead of User.name 2023-04-07 22:45:42 +02:00
Éloi Rivard
db3a4a74ff Renamed user attributes to match SCIM naming convention 2023-04-07 20:12:24 +02:00
Éloi Rivard
61940844e6 Properly handle LDAP date timezones 2023-03-18 00:39:32 +01:00
Éloi Rivard
94af1744ba pre-commit update 2023-03-14 12:08:37 +01:00
Éloi Rivard
3406428f13 Renamed group attributes to match SCIM naming convention 2023-03-11 12:54:27 +01:00
Éloi Rivard
971cf317c9 Used 'id' instead of 'dn' 2023-03-10 18:14:15 +01:00
Éloi Rivard
53581404ab LDAPObject dn attributes are automatically initialized 2023-03-08 23:53:53 +01:00
Éloi Rivard
c5b11d2fb3 Merge LDAPObject.all and LDAPObject.filter in LDAPObject.query 2023-03-07 17:58:27 +01:00
Éloi Rivard
3be937c286 Fix coverage 2023-01-28 18:35:39 +01:00
Éloi Rivard
63f927830a Fixed dynamic client registration scope management 2023-01-28 14:04:04 +01:00
Éloi Rivard
d8bcb0bdf0 Ensures the token expires_in claim and the access_token exp claim have the same value. 2023-01-14 14:59:13 +01:00
Éloi Rivard
ab517f4fc0 refactoring: use Group.name when possible 2022-12-29 01:27:22 +01:00
Éloi Rivard
19793fe8aa unit tests: userinfo 2022-12-24 01:44:16 +01:00