canaille-globuzma/doc/locales/doc.pot

# SOME DESCRIPTIVE TITLE.
# Copyright (C) 2024, Yaal Coop
# This file is distributed under the same license as the canaille package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: canaille 0.0.56\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-11-24 19:30+0100\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"

#: ../development/changelog.rst:2
#: a4a2dfb8e4e5452ab4daed1e720b892d
msgid "Release notes"
msgstr ""

#: ../development/changelog.rst:4
#: 2680cd8bd775485986feae54dd956765
msgid "All notable changes to this project will be documented in there."
msgstr ""

#: ../development/changelog.rst:6
#: d26164674afd493e973a9d131f8f1fe6
msgid "The format is based on `Keep a Changelog <https://keepachangelog.com/en/1.0.0/>`_, and this project adheres to `Semantic Versioning <https://semver.org/spec/v2.0.0.html>`_."
msgstr ""

#: ../../CHANGES.rst:2
#: f066845304ae44b1857a2cd827ef9300
msgid "[0.0.57] - Unreleased"
msgstr ""

#: ../../CHANGES.rst:5
#: ../../CHANGES.rst:20
#: ../../CHANGES.rst:48
#: ../../CHANGES.rst:67
#: ../../CHANGES.rst:74
#: ../../CHANGES.rst:93
#: ../../CHANGES.rst:153
#: ../../CHANGES.rst:179
#: ../../CHANGES.rst:194
#: ../../CHANGES.rst:243
#: ../../CHANGES.rst:269
#: ../../CHANGES.rst:288
#: ../../CHANGES.rst:296
#: ../../CHANGES.rst:305
#: ../../CHANGES.rst:331
#: ../../CHANGES.rst:366
#: ../../CHANGES.rst:392
#: ../../CHANGES.rst:441
#: ../../CHANGES.rst:469
#: ../../CHANGES.rst:499
#: ../../CHANGES.rst:555
#: ../../CHANGES.rst:588
#: ../../CHANGES.rst:609
#: ../../CHANGES.rst:619
#: ../../CHANGES.rst:642
#: ../../CHANGES.rst:709
#: ../../CHANGES.rst:747
#: ../../CHANGES.rst:764
#: ../../CHANGES.rst:800
#: 9d6b1d66801b4c86aaf7b10f3c3db5bd
#: 3a8e409ea3c244a1855b1eaaab55407f
#: b1ec6ff03fc047728f47c606ac3b87c4
#: 0d8c9a7edd7f4cb2b3b2f8603a23e7d2
#: f476bd23ca8f4082aabbc7a19e0ab5f5
#: a06ae36e63434330a392c13d929686b6
#: 423503b2e33642249fc402376a2ccd89
#: 4cf16188a39741f3ac13878f9137b838
#: 57956e4671b141e59c253878f7e9ef33
#: c794f22deae64148a3cf87c6b05cfa4c
#: 92d5a3a91c2947fa8909e2d29280dbc9
#: ad1c662936754226a068ba09452f7c32
#: 5e5cd1f910b84e299c4ac5eb6e6621f0
#: cdf61c11a5a14b0d9c50e5c467b3d805
#: 02f204bfc88f4496a90d4f128b0570f4
#: 4d23d71c0244482cb57268cfe9002f07
#: 3cf89e1abda746a586184d722354a91c
#: af4b809a9e3c4f859b5b0174e9d2bf06
#: 1def87fb8caa496f9a8d443b1aae0b77
#: eae1d84a65934160ac0d69ea6698e924
#: 75185cb8104345689c2d2ff50c8e5943
#: 935e6050d9304e5f987d0e9649097a11
#: 38d82d14804e41dd8a7b615068bf9b6a
#: d6ba084123a34a38870f7f510cb8849a
#: b71008aa5a7844dda0c4c5c1336bb7df
#: 26e7b8415d8246ccb23c1dd7542b4632
#: bdfbfc4c3f83401f8e8517f7ee77a5ac
#: 51652d52954342029cd22aea81458ac8
#: fe6b00ae7c424fcba8dbb64b2514e507
msgid "Added"
msgstr ""

#: ../../CHANGES.rst:6
#: d9938b7139144750874fa3d85f5c7747
msgid "Password compromission check :issue:`179`"
msgstr ""

#: ../../CHANGES.rst:7
#: 6d21d5e4ec3e41a99e090d3497434177
msgid ":attr:`~canaille.core.configuration.CoreSettings.ADMIN_EMAIL` and :attr:`~canaille.core.configuration.CoreSettings.ENABLE_PASSWORD_COMPROMISSION_CHECK` and :attr:`~canaille.core.configuration.CoreSettings.API_URL_HIBP` :issue:`179`"
msgstr ""

#: ../../CHANGES.rst:13
#: 11f4accaa28e4de99d3d07ad54523396
msgid "[0.0.56] - 2024-11-07"
msgstr ""

#: ../../CHANGES.rst:16
#: ../../CHANGES.rst:58
#: ../../CHANGES.rst:97
#: ../../CHANGES.rst:105
#: ../../CHANGES.rst:113
#: ../../CHANGES.rst:120
#: ../../CHANGES.rst:127
#: ../../CHANGES.rst:141
#: ../../CHANGES.rst:171
#: ../../CHANGES.rst:184
#: ../../CHANGES.rst:202
#: ../../CHANGES.rst:221
#: ../../CHANGES.rst:229
#: ../../CHANGES.rst:255
#: ../../CHANGES.rst:263
#: ../../CHANGES.rst:283
#: ../../CHANGES.rst:313
#: ../../CHANGES.rst:345
#: ../../CHANGES.rst:353
#: ../../CHANGES.rst:379
#: ../../CHANGES.rst:399
#: ../../CHANGES.rst:423
#: ../../CHANGES.rst:433
#: ../../CHANGES.rst:454
#: ../../CHANGES.rst:462
#: ../../CHANGES.rst:485
#: ../../CHANGES.rst:508
#: ../../CHANGES.rst:520
#: ../../CHANGES.rst:529
#: ../../CHANGES.rst:538
#: ../../CHANGES.rst:547
#: ../../CHANGES.rst:567
#: ../../CHANGES.rst:574
#: ../../CHANGES.rst:624
#: ../../CHANGES.rst:632
#: ../../CHANGES.rst:657
#: ../../CHANGES.rst:665
#: ../../CHANGES.rst:673
#: ../../CHANGES.rst:686
#: ../../CHANGES.rst:700
#: ../../CHANGES.rst:732
#: ../../CHANGES.rst:755
#: ../../CHANGES.rst:786
#: 083538a8ed2840dbb3516a58dc2c347b
#: 3ab3343de6294c0091f7df2fc7999d80
#: 3f2471bd41f7442398e2799d60d21fca
#: 911ab486a7dd4870bcd41bb19caaa5c8
#: f3802df89f474ad388bdbb916b8da760
#: 9d31525cd21245a09868967fc2d85c05
#: 4fb15f96e11b493bbf5e4a5f4a44272d
#: 7ddfacb797554ccc958dbecfe52aa4aa
#: 8b9b2d1b88f048a3b0598ea831d52b03
#: ae6d61b8c49242bdafe6c862c33071c7
#: c30992c2a9c34d53b384b937217afc8a
#: ef31dc8b2d4048379c4f3cf50a76fba0
#: cd421849f46e4d5b8e3f04f7cb11def1
#: 092b6f7685bd43ab873bc24d3eec4a1f
#: da457b3a224c4ab998c08856e4e7b2f5
#: 03c5fed9e80d4e608b3a41d8496b6bfd
#: b29aee5f9a284d57b909fac4338683d5
#: a4e37461b42849c4bb496b3f070aea47
#: aab3b9094d7f41b3bb7d4053b9865a41
#: 5669ff63ec7c4322ad62410daff2a395
#: b0356e505fc84fda98f25c7a1c364f09
#: 76e552b978ae4a9c852c337e557a8ad2
#: 457c0603be1643c182ce2c8b0facb172
#: f88bd537dbe34f6b9d01bdbb4a2cc35f
#: 8da837785d96481d85d8de265090882f
#: 3cd4c27c6a94429dac387628f5e43512
#: 0e286fb66b194ebb9332cc1e732908f7
#: 16d31564aa1949a188c07c9053474c64
#: 0c3210d182ec419fa7db36a7b133f44a
#: 38e1a98c3ed94d819c79a8681c6ba1e3
#: e3c3f354faa8417f9ee8b8fb12145445
#: b8408a5f30894e2eb4b578b4de02f8c8
#: b2d5b8093db24aa0bb7076c2154a7fcc
#: b603e9eeedd7446ca17fbdee25916a01
#: 87fb03fe98e541b59b85e871aa395b62
#: e8e07caf623249f0ad457066a6b6ac9c
#: 35f68b4a21654d448739181dff251c7b
#: ba56c7970b414412b74df73940099db0
#: cac6531c5f06439bba341e25d82e8cf5
#: 7bf7900788284e6cb63f8b08f67594f5
#: 278cb3ba28344709a1572934b6706967
#: 8ab9e7c8532447f0ae38a97ff9ce54c5
#: 07a4ac57f1584e908f780013fde449b4
msgid "Fixed"
msgstr ""

#: ../../CHANGES.rst:17
#: 268b58fddbda42eaa28da61d4e81779a
msgid "With LDAP backend, updating another user groups could result in a permission lost for the editor. :issue:`202`"
msgstr ""

#: ../../CHANGES.rst:21
#: 4066f7971e1440d0b9c31680d28b28c4
msgid ":attr:`~canaille.core.configuration.CoreSettings.MAX_PASSWORD_LENGHT` and :attr:`~canaille.core.configuration.CoreSettings.MIN_PASSWORD_LENGHT` configuration options :issue:`174`"
msgstr ""

#: ../../CHANGES.rst:23
#: 40380e5318f74f728cc8e72f69a70a1f
msgid "Password strength visual indicator. :issue:`174`"
msgstr ""

#: ../../CHANGES.rst:24
#: a870cc07f3354e50b35ef79992c03720
msgid "Security events logs. :issue:`177`"
msgstr ""

#: ../../CHANGES.rst:25
#: d8806d95a88d419796ac7a7d1d79dccd
msgid "Support for Python 3.13. :pr:`186`"
msgstr ""

#: ../../CHANGES.rst:28
#: ../../CHANGES.rst:41
#: ../../CHANGES.rst:53
#: ../../CHANGES.rst:78
#: ../../CHANGES.rst:86
#: ../../CHANGES.rst:134
#: ../../CHANGES.rst:160
#: ../../CHANGES.rst:212
#: ../../CHANGES.rst:249
#: ../../CHANGES.rst:318
#: ../../CHANGES.rst:336
#: ../../CHANGES.rst:374
#: ../../CHANGES.rst:413
#: ../../CHANGES.rst:448
#: ../../CHANGES.rst:491
#: ../../CHANGES.rst:595
#: ../../CHANGES.rst:649
#: ../../CHANGES.rst:681
#: ../../CHANGES.rst:695
#: c36f4ed488fa4b33a5c3192f5240ecc2
#: bd47b3679b1d4daa82e117c56086bc95
#: ecd8b7cb28cb46e49fbfb5c20c37e306
#: b5825b392e8f4629b9e10858a0842703
#: aa8e96957d624618a52868184a093c23
#: 2d12678eae22474e959e065f018208be
#: 5bbe5e33c0174fe59de1754b33fc2686
#: 18a63654d7a2483688b1a939d519d657
#: 5d053d3c01374374a1bde4afb239e3ad
#: aa9f660105cb4520bafdbf7a88de8fb7
#: afe56206107947918b5ba3dc28d1abce
#: 7f21262e001b48c8b6a442f4c7dce895
#: d5feca263714439fbb620f8de692f7ef
#: c0fbfcf990d74375be15e30bc9cf41e4
#: 62c59debd6a94913af110750e5810818
#: 3b96917ae5b04cf49811ef52492498db
#: dcef5e3846d042ddb9b7d66612fa69d8
#: e871bfb060634a45adb7da2650db705f
#: c62ac36cd2864df0aa5c865cb15862d6
msgid "Changed"
msgstr ""

#: ../../CHANGES.rst:29
#: ebd1b21973fb439fb24747be7cb7f6c5
msgid "Update to `HTMX` 2.0.3. :pr:`184`"
msgstr ""

#: ../../CHANGES.rst:30
#: 0c0dc9d216e54fc2a010dc34da666624
msgid "Migrate the Python project management tool from poetry to uv. :pr:`187`"
msgstr ""

#: ../../CHANGES.rst:31
#: 8b837bb77c0c4b829578de45a1308c62
msgid "The ``sql`` package extra is now split between ``sqlite``, ``postgresql`` and ``mysql``."
msgstr ""

#: ../../CHANGES.rst:34
#: ../../CHANGES.rst:384
#: ../../CHANGES.rst:792
#: efc8d1dc200c49bc9eba50de784d58d0
#: a4543f5cd24243e0a4aff935acb1abcb
#: 0965eb3a985e4a79a583219a93dfa103
msgid "Removed"
msgstr ""

#: ../../CHANGES.rst:35
#: ffcb2026c97345949b5c43f010333b95
msgid "End support for Python 3.9. :pr:`179`"
msgstr ""

#: ../../CHANGES.rst:38
#: 5ce135ec2bb344a7901b04b5e52ca250
msgid "[0.0.55] - 2024-08-30"
msgstr ""

#: ../../CHANGES.rst:42
#: 6080810493444192ade3ed6169fc5881
msgid "Use poetry-core build backend. :pr:`178`"
msgstr ""

#: ../../CHANGES.rst:45
#: 3cc78a6b367a48d09ea62e797bf78493
msgid "[0.0.54] - 2024-07-25"
msgstr ""

#: ../../CHANGES.rst:49
#: 2144793247d24f3da2682e15ebd214db
msgid "Group member removal can be achieved from the group edition page. :issue:`192`"
msgstr ""

#: ../../CHANGES.rst:50
#: 00fd9f0801354831b5faec4d31662d4d
msgid "Model management commands. :issue:`117` :issue:`54`"
msgstr ""

#: ../../CHANGES.rst:54
#: cc4b56ada329486bbdc9644dbbf72ce1
msgid "Model `identifier_attributes` are fixed."
msgstr ""

#: ../../CHANGES.rst:55
#: 5e0b8596aa4c40f19cc94aa3c77c23cd
msgid "Bump to `HTMX` 1.9.12. :pr:`172`"
msgstr ""

#: ../../CHANGES.rst:60
#: 9de6aa0cc2444a7a958b34ee5bf630be
msgid "Dark theme colors for better readability."
msgstr ""

#: ../../CHANGES.rst:61
#: 6bbdcb3894cf49e29e16f2f43307ecea
msgid "Crash for passwordless users at login when no SMTP server was configured."
msgstr ""

#: ../../CHANGES.rst:64
#: 7e5e6a702e7541e783935b562e84e050
msgid "[0.0.53] - 2024-04-22"
msgstr ""

#: ../../CHANGES.rst:68
#: 0db38f9b2a0d4586afbf7b9e7c757978
msgid "`env_prefix` :meth:`~canaille.create_app` variable can select the environment var prefix."
msgstr ""

#: ../../CHANGES.rst:71
#: fbbfe075ed204e04b0965346ce814b42
msgid "[0.0.52] - 2024-04-22"
msgstr ""

#: ../../CHANGES.rst:75
#: 2dd3c33d1329454ea693ca5197f29251
msgid "`env_file` create_app variable can customize/disable the .env file."
msgstr ""

#: ../../CHANGES.rst:79
#: 3adc8cdab5624d96bc70a43e910178e4
msgid "Locked users cannot be impersonated anymore."
msgstr ""

#: ../../CHANGES.rst:80
#: fd4d6120419f45e3be328f1cef2e7087
msgid "Minimum Python requirement is 3.9."
msgstr ""

#: ../../CHANGES.rst:83
#: c2753efe71b04e9f8cf34877b75aa820
msgid "[0.0.51] - 2024-04-09"
msgstr ""

#: ../../CHANGES.rst:87
#: 47ef072d3aab42f8a4ebb370d4bca2a2
msgid "Display the menu bar on error pages."
msgstr ""

#: ../../CHANGES.rst:90
#: fb5832707bfb4f168bd8768303bf534b
msgid "[0.0.50] - 2024-04-09"
msgstr ""

#: ../../CHANGES.rst:94
#: d9ee4b0c0ea14be3b9a51d469d354244
msgid "Sign in/out events are logged in. :issue:`177`"
msgstr ""

#: ../../CHANGES.rst:98
#: df803a22f2ca47a0b89528c45b47d6d2
msgid "`HTMX` and `JAVASCRIPT` configuration settings."
msgstr ""

#: ../../CHANGES.rst:99
#: a1f7bee54e4a4174afb83bca92c94e3c
msgid "Compatibility with old sessions IDs."
msgstr ""

#: ../../CHANGES.rst:102
#: ded54eb4249e4de1b10e4a8856fd65a1
msgid "[0.0.49] - 2024-04-08"
msgstr ""

#: ../../CHANGES.rst:106
#: 0ae76abed479480fb1eed5ee0f5c3f46
msgid "LDAP user group removal."
msgstr ""

#: ../../CHANGES.rst:107
#: 545fbaeac1744dee996f3bf0e71d7815
msgid "Display an error message when trying to remove the last user from a group."
msgstr ""

#: ../../CHANGES.rst:110
#: 74c98eeccd094bb898867aae458f2494
msgid "[0.0.48] - 2024-04-08"
msgstr ""

#: ../../CHANGES.rst:114
#: ffdc09e3502f470787c5119452b34b14
msgid "LDAP ``objectClass`` guessing exception."
msgstr ""

#: ../../CHANGES.rst:117
#: c96de36f23684cb7a999510a9bb86197
msgid "[0.0.47] - 2024-04-08"
msgstr ""

#: ../../CHANGES.rst:121
#: 857d17d42df04551a1f16c660ccc56c3
msgid "Lazy permission loading exception."
msgstr ""

#: ../../CHANGES.rst:124
#: 216348ff0a164090bbc518a44f29177d
msgid "[0.0.46] - 2024-04-08"
msgstr ""

#: ../../CHANGES.rst:128
#: db28664d313243b1b72ae7a9469e5971
msgid "Saving an object with the LDAP backend keeps the ``objectClass`` un-managed by Canaille. :pr:`171`"
msgstr ""

#: ../../CHANGES.rst:131
#: 3ffe73f05ba9463898428e1255a4daea
msgid "[0.0.45] - 2024-04-04"
msgstr ""

#: ../../CHANGES.rst:135
#: 4ca624982fc64b76a5cdac758e01acfc
msgid "Internal indexation mechanism of :class:`~canaille.backends.memory.model.MemoryModel`."
msgstr ""

#: ../../CHANGES.rst:138
#: cc37f3d3a3174a6aa659fbb4a11170d0
msgid "[0.0.44] - 2024-03-29"
msgstr ""

#: ../../CHANGES.rst:142
#: 47091bb2e58849baa65f34f17c53780a
msgid "Fix the default LDAP ``USER_FILTER`` value."
msgstr ""

#: ../../CHANGES.rst:143
#: d3a240a7d98a4f619022cb3c07bbf1d7
msgid "Fix the OIDC feature detection."
msgstr ""

#: ../../CHANGES.rst:146
#: 3d7bcf5b51cc40a0ba7908b841e08bfb
msgid "[0.0.43] - 2024-03-29"
msgstr ""

#: ../../CHANGES.rst:150
#: ../../CHANGES.rst:409
#: 31ac383e379a4c1ab2fd4a06796971ba
#: e46cc25f0a1f412e8ac68b0a5360f209
msgid "Configuration files must be updated."
msgstr ""

#: ../../CHANGES.rst:155
#: 5b71dcc40335436b9897df8ede9ca2ea
msgid "Add ``created`` and ``last_modified`` datetime for all models."
msgstr ""

#: ../../CHANGES.rst:156
#: 80a874123cdb451ba1e4b21b02d09669
msgid "Sitemap to the documentation. :pr:`169`"
msgstr ""

#: ../../CHANGES.rst:157
#: 177c3facfbf340bfa8aa18bfcd2f49e8
msgid "Configuration management with `pydantic-settings`. :issue:`138` :pr:`170`"
msgstr ""

#: ../../CHANGES.rst:162
#: 3eaece458c6748b1b9a7d8962c06051b
msgid "Use default Python logging configuration format. :issue:`188` :pr:`165`"
msgstr ""

#: ../../CHANGES.rst:163
#: ac06ec40edc3471c8d41ac7cc1aab095
msgid "Bump to `HTMX` 1.99.11. :pr:`166`"
msgstr ""

#: ../../CHANGES.rst:164
#: bafdbbe7d5a34bac950b698a5987ff25
msgid "Use the standard tomllib Python module instead of `toml` starting from Python 3.11. :pr:`167`"
msgstr ""

#: ../../CHANGES.rst:165
#: 1cb76bfeed454f3bbd3a1a97a3bfe8c8
msgid "Use shibuya as the documentation theme :pr:`168`"
msgstr ""

#: ../../CHANGES.rst:168
#: f3a89f8635784fc3857b079ee52cd271
msgid "[0.0.42] - 2023-12-29"
msgstr ""

#: ../../CHANGES.rst:173
#: ee0ca767efe54c30907866769c111e5c
msgid "Avoid to fail on imports if ``cryptography`` is missing."
msgstr ""

#: ../../CHANGES.rst:176
#: 5fcdf860dae9409f8e0713c402cd95e3
msgid "[0.0.41] - 2023-12-25"
msgstr ""

#: ../../CHANGES.rst:181
#: faba54b1d0e9469a9be4f1e40fdaba6b
msgid "OIDC support for the ``create`` value of the ``prompt`` parameter. :issue:`185` :pr:`164`"
msgstr ""

#: ../../CHANGES.rst:186
#: 63f680a45ce9492d99a1c120897a530c
msgid "Correctly set up :attr:`~canaille.oidc.basemodels.Client.audience` during OIDC dynamic registration."
msgstr ""

#: ../../CHANGES.rst:187
#: 88157773b5f24a50a9e79446ce7c9565
msgid "``post_logout_redirect_uris`` was ignored during OIDC dynamic registration."
msgstr ""

#: ../../CHANGES.rst:188
#: 70b110a67af0438cb7d1f7037f19bf8f
msgid "Group field error prevented the registration form validation."
msgstr ""

#: ../../CHANGES.rst:191
#: 11ced533597a4acca22289460559873e
msgid "[0.0.40] - 2023-12-22"
msgstr ""

#: ../../CHANGES.rst:196
#: e96bd6f889c349afa8e89b9cac332d8a
msgid "``THEME`` can be a relative path."
msgstr ""

#: ../../CHANGES.rst:199
#: d8e7ddb6c3524b1aa3748df7f94aec97
msgid "[0.0.39] - 2023-12-15"
msgstr ""

#: ../../CHANGES.rst:204
#: 7064099368e945eba6d139a20ede2f7e
msgid "Crash when no ACL were defined."
msgstr ""

#: ../../CHANGES.rst:205
#: ca76aca580354212b3a2b8b0b7578f20
msgid "OIDC Userinfo endpoint is also available in POST."
msgstr ""

#: ../../CHANGES.rst:206
#: 4436141fd931421ab2a35cb562fbc17a
msgid "Fix redirection after password reset. :issue:`159`"
msgstr ""

#: ../../CHANGES.rst:209
#: 03feda093b02411fb33277ebe5ff621f
msgid "[0.0.38] - 2023-12-15"
msgstr ""

#: ../../CHANGES.rst:214
#: 96ce9c1c71b541b2a6fb4ce8fa9d23fa
msgid "Convert all the `PNG` pictures in `Webp`. :pr:`162`"
msgstr ""

#: ../../CHANGES.rst:215
#: fb68107a9f5246bd9e6e1c3dd8c91575
msgid "Update to Flask 3. :issue:`161` :pr:`163`"
msgstr ""

#: ../../CHANGES.rst:218
#: c525871545ec4443bc7ad62cbed1daf0
msgid "[0.0.37] - 2023-12-01"
msgstr ""

#: ../../CHANGES.rst:223
#: 303630de3be94634a589ecaab9315afc
msgid "Handle 4xx and 5xx error codes with HTMX. :issue:`171` :pr:`161`"
msgstr ""

#: ../../CHANGES.rst:226
#: 01fb709c3b5f452abed29626cb1c6a80
msgid "[0.0.36] - 2023-12-01"
msgstr ""

#: ../../CHANGES.rst:231
#: 0a6f52bf380048bc930dce42522628e0
msgid "Avoid crashing when LDAP groups references unexisting users."
msgstr ""

#: ../../CHANGES.rst:232
#: ff7ffe9978284a239008db9593cb2397
msgid "Password reset and initialization mails were only sent to the preferred user email address."
msgstr ""

#: ../../CHANGES.rst:234
#: 1c99362fe8f5406981cc1e56559bd066
msgid "Password reset and initialization mails were not sent at all the user addresses if one email address could not be reached."
msgstr ""

#: ../../CHANGES.rst:236
#: 129cc8fe27594ea19ac0cfaf960f22ce
msgid "Password comparison was too permissive on login."
msgstr ""

#: ../../CHANGES.rst:237
#: 3c489650b2464fbc96cb8d39a45c3af8
msgid "Encrypt passwords in the SQL backend."
msgstr ""

#: ../../CHANGES.rst:240
#: 1db3ba9dda8046e69b567247eb827b42
msgid "[0.0.35] - 2023-11-25"
msgstr ""

#: ../../CHANGES.rst:245
#: 469f4bb7814244678b1995bfdb5b585f
msgid "Refresh token grant supports other client authentication methods. :pr:`157`"
msgstr ""

#: ../../CHANGES.rst:246
#: 3d0e54e0ee0d4d1693b5d233ea01d336
msgid "Implement a SQLAlchemy backend. :issue:`30` :pr:`158`"
msgstr ""

#: ../../CHANGES.rst:251
#: 1971940e1af44a4cadb829e0770f66d2
msgid "Model attributes cardinality is closer to SCIM model. :pr:`155`"
msgstr ""

#: ../../CHANGES.rst:252
#: e1cfbcea12d84b9baf7a8cbb07ad9451
msgid "Bump to `HTMX` 1.9.9. :pr:`159`"
msgstr ""

#: ../../CHANGES.rst:257
#: 5cd273f89ce34abb9e420c877e0fcf28
msgid "Disable `HTMX` boosting during the OIDC dance. :pr:`160`"
msgstr ""

#: ../../CHANGES.rst:260
#: 4d77bba4518d49bfbcaeec77fa7e72a0
msgid "[0.0.34] - 2023-10-02"
msgstr ""

#: ../../CHANGES.rst:265
#: 731fee04b0584e968a33416b0218d587
msgid "Canaille installations without account lockabilty could not delete users. :pr:`153`"
msgstr ""

#: ../../CHANGES.rst:271
#: b8920b43c229457c80b25806e3152125
msgid "If users register or authenticate during a OAuth Authorization phase, they get redirected back to that page afterwards. :issue:`168` :pr:`151`"
msgstr ""

#: ../../CHANGES.rst:274
#: ad3bb822a6724625a478e773d7fa3799
msgid "flask-babel and pytz are now part of the `front` packaging extras."
msgstr ""

#: ../../CHANGES.rst:275
#: 7425ad14807e470d86fec107964c3ef2
msgid "Bump to `fomantic-ui` 2.9.3. :pr:`152`"
msgstr ""

#: ../../CHANGES.rst:276
#: 00c66e3e107b434db9ab6e0e73c4b0a9
msgid "Bump to `HTMX` 1.9.6. :pr:`154`"
msgstr ""

#: ../../CHANGES.rst:277
#: 90245bd35e8d49e6aec374c1cfff8293
msgid "Support for Python 3.12. :pr:`155`"
msgstr ""

#: ../../CHANGES.rst:280
#: ea22f77409da4e76aaabaa465351ddea
msgid "[0.0.33] - 2023-08-26"
msgstr ""

#: ../../CHANGES.rst:285
#: 85c81d73507d49adbf7485bc981ca4f2
msgid "OIDC jwks endpoint do not return empty kid claim."
msgstr ""

#: ../../CHANGES.rst:290
#: ed321e2b53254626ba8d8668a93f9baa
msgid "Documentation details on the canaille models."
msgstr ""

#: ../../CHANGES.rst:293
#: 8a5d6d09659242d892802cbf67bcce67
msgid "[0.0.32] - 2023-08-17"
msgstr ""

#: ../../CHANGES.rst:298
#: 7ad97afd1b364b0594e127ffb741cb36
msgid "Additional inmemory backend. :issue:`30` :pr:`149`"
msgstr ""

#: ../../CHANGES.rst:299
#: e2fa73efe3434a9cb400b70173da2286
msgid "Installation extras. :issue:`167` :pr:`150`"
msgstr ""

#: ../../CHANGES.rst:302
#: 8f6a9539210f481cace05b5eaf4a4d12
msgid "[0.0.31] - 2023-08-15"
msgstr ""

#: ../../CHANGES.rst:307
#: 30769d5405a04b428bceb613e621380f
msgid "Configuration option to disable the forced usage of OIDC `nonce` parameter. :pr:`143`"
msgstr ""

#: ../../CHANGES.rst:308
#: 09aa5440214949ebb072cd0efa8072fc
msgid "Validate phone numbers with a regex. :pr:`146`"
msgstr ""

#: ../../CHANGES.rst:309
#: 68622c505d4c4146a0133579afe5b3f1
msgid "Email verification. :issue:`41` :pr:`147`"
msgstr ""

#: ../../CHANGES.rst:310
#: 6a1132321011438aa7c1fd9c08582483
msgid "Account registration. :issue:`55` :pr:`133` :pr:`148`"
msgstr ""

#: ../../CHANGES.rst:315
#: 8cbf0e1c697b4e14a34f160a081ddaae
msgid "The `check` command uses the default configuration values."
msgstr ""

#: ../../CHANGES.rst:320
#: 8a838d998ae74537ad6630ceb9e14925
msgid "Modals do not need use Javascript at the moment. :issue:`158` :pr:`144`"
msgstr ""

#: ../../CHANGES.rst:323
#: 164cf5d0d0c5476abcc5039615b297bf
msgid "[0.0.30] - 2023-07-06"
msgstr ""

#: ../../CHANGES.rst:327
#: 3d687757031e4b168032e13eda7fd3be
msgid "Configuration files must be updated. Check the new format with ``git diff 0.0.29 0.0.30 canaille/conf/config.sample.toml``"
msgstr ""

#: ../../CHANGES.rst:333
#: d9cab1dd0d9a44d2a770b2ddd54840b9
msgid "Configuration option to disable Javascript .:pr:`141`"
msgstr ""

#: ../../CHANGES.rst:338
#: dc8e9bb1507e44d2bda322a2f303ac66
msgid "Configuration ``USER_FILTER`` is parsed with Jinja."
msgstr ""

#: ../../CHANGES.rst:339
#: 725471b01dc74d0e885d8c9f3bf81efd
msgid "Configuration use ``PRIVATE_KEY_FILE`` instead of ``PRIVATE_KEY`` and ``PUBLIC_KEY_FILE`` instead of ``PUBLIC_KEY``."
msgstr ""

#: ../../CHANGES.rst:342
#: 7e334a0b38f84d749c12ad86df30f35b
msgid "[0.0.29] - 2023-06-30"
msgstr ""

#: ../../CHANGES.rst:347
#: 2fb9305432774f49afdfaa74b254addc
msgid "Disabled `HTMX` boosting on OIDC forms to avoid errors."
msgstr ""

#: ../../CHANGES.rst:350
#: baa11ffc559c47f881bcb8e99638bae0
msgid "[0.0.28] - 2023-06-30"
msgstr ""

#: ../../CHANGES.rst:355
#: c4dd2c17a50541bd8b054521ea774ab3
msgid "A template variable was misnamed."
msgstr ""

#: ../../CHANGES.rst:358
#: 19d161e912bf48babdc1cc3bdf6a9c56
msgid "[0.0.27] - 2023-06-29"
msgstr ""

#: ../../CHANGES.rst:362
#: 2e4d80d0086d4a24b58f4d1ab12f2440
msgid "Configuration files must be updated.🚨 Check the new format with ``git diff 0.0.26 0.0.27 canaille/conf/config.sample.toml``"
msgstr ""

#: ../../CHANGES.rst:368
#: d54bb485719c48768eaa90f5734005f7
msgid "Configuration entries can be loaded from files if the entry key has a *_FILE* suffix and the entry value is the path to the file. :issue:`134` :pr:`134`"
msgstr ""

#: ../../CHANGES.rst:370
#: 5b0b352136524ec8949f5c2a1aebf03d
msgid "Field list support. :issue:`115` :pr:`136`"
msgstr ""

#: ../../CHANGES.rst:371
#: 44b62551516a483ca676c04e99c519c4
msgid "Pages are boosted with `HTMX`. :issue:`144` :issue:`145` :pr:`137`"
msgstr ""

#: ../../CHANGES.rst:376
#: 3c4a9178029143ebb3dfa4383e5ae943
msgid "Bump to jquery 3.7.0. :pr:`138`"
msgstr ""

#: ../../CHANGES.rst:381
#: 18a84b017be84ae885899bd3f32cce87
msgid "Profile edition when the user RDN was not ``uid``. :issue:`148` :pr:`139`"
msgstr ""

#: ../../CHANGES.rst:386
#: 24c604bb636641dfa50fa88936073669
msgid "Stop support for Python 3.7. :pr:`131`"
msgstr ""

#: ../../CHANGES.rst:389
#: f0c5946fac2c4c9983cf82780f00fa1b
msgid "[0.0.26] - 2023-06-03"
msgstr ""

#: ../../CHANGES.rst:394
#: 2fcd8cd9f4bd4996a04d92ab5af1f370
msgid "Implemented account expiration based on OpenLDAP ppolicy overlay. Needs OpenLDAP 2.5+. :issue:`13` :pr:`118`"
msgstr ""

#: ../../CHANGES.rst:396
#: b25d961718f7491dbd0c566ccf4ad08c
msgid "Timezone configuration entry. :issue:`137` :pr:`130`"
msgstr ""

#: ../../CHANGES.rst:401
#: 77ca5569b6e2485dbdddc707ff5081ca
msgid "Avoid setting ``None`` in JWT claims when they have no value."
msgstr ""

#: ../../CHANGES.rst:402
#: 4f97ee654d694412826a3401993b3d5f
msgid "Display password recovery button on OIDC login page. :pr:`129`"
msgstr ""

#: ../../CHANGES.rst:405
#: 1a828d5de4954981999d3f923575bafc
msgid "[0.0.25] - 2023-05-05"
msgstr ""

#: ../../CHANGES.rst:410
#: 001ea27348244eadafce9bcebeddfab4
msgid "Check the new format with ``git diff 0.0.25 0.0.24 canaille/conf/config.sample.toml``"
msgstr ""

#: ../../CHANGES.rst:415
#: d19ad8316f714710a9ea18b4592e2ccc
msgid "Renamed user model attributes to match SCIM naming convention. :pr:`123`"
msgstr ""

#: ../../CHANGES.rst:416
#: 51f8287a6d494c2ab95d1d8b885cc5b1
msgid "Moved OIDC related configuration entries in ``OIDC``."
msgstr ""

#: ../../CHANGES.rst:417
#: 0ebac07cd74d40b7a5cd88da58b63dc9
msgid "Moved ``LDAP`` configuration entry to ``BACKENDS.LDAP``."
msgstr ""

#: ../../CHANGES.rst:418
#: 5d069c57b7744d2d812c809910b90904
msgid "Bumped to `HTMX` 1.9.0. :pr:`124`"
msgstr ""

#: ../../CHANGES.rst:419
#: 4d1819b22e7541d6901018c5902fb9b6
msgid "ACL filters are no more LDAP filters but user attribute mappings. :pr:`125`"
msgstr ""

#: ../../CHANGES.rst:420
#: 33a71c2ca29943108ad800e443c7b16a
msgid "Bumped to `HTMX` 1.9.2. :pr:`127`"
msgstr ""

#: ../../CHANGES.rst:425
#: dde2f7b37dc5431d854008b03f1c1b94
msgid "``OIDC.JWT.MAPPING`` configuration entry is really optional now."
msgstr ""

#: ../../CHANGES.rst:426
#: ad51cd8083a248829e839f76ef4cc01f
msgid "Fixed empty model attributes registration. :pr:`125`"
msgstr ""

#: ../../CHANGES.rst:427
#: a79703e349b64f40a3977e14feaa6b82
msgid "Password initialization mails were not correctly sent. :pr:`128`"
msgstr ""

#: ../../CHANGES.rst:430
#: 8914635900d34d33a1c6214b8bfd7255
msgid "[0.0.24] - 2023-04-07"
msgstr ""

#: ../../CHANGES.rst:435
#: 24214a81bc6442e68b28d5643521a919
msgid "Fixed avatar update. :pr:`122`"
msgstr ""

#: ../../CHANGES.rst:438
#: 779e343612ab41518582d26db59d1fa0
msgid "[0.0.23] - 2023-04-05"
msgstr ""

#: ../../CHANGES.rst:443
#: 30ebb2fb5a27422b9c6dadd7bce81461
msgid "Organization field. :pr:`116`"
msgstr ""

#: ../../CHANGES.rst:444
#: a108dcf95f674304a02b378f9cc5ae1b
msgid "ETag and Last-Modified headers on user photos. :pr:`116`"
msgstr ""

#: ../../CHANGES.rst:445
#: d36cc68bb93e4f67ba4c1573161e7937
msgid "Dynamic form validation. :pr:`120`"
msgstr ""

#: ../../CHANGES.rst:450
#: ba469523b7ed436fa02d57b5aa55e2f7
msgid "UX rework. Submenu addition. :pr:`114`"
msgstr ""

#: ../../CHANGES.rst:451
#: e9fe7228bf55451aacf348054443b316
msgid "Properly handle LDAP date timezones. :pr:`117`"
msgstr ""

#: ../../CHANGES.rst:456
#: 6735d02bce054e90839b0bc7f76a498e
msgid "CSRF protection on every forms. :pr:`119`"
msgstr ""

#: ../../CHANGES.rst:459
#: 7481454596c4441cafa36ac727e13ffc
msgid "[0.0.22] - 2023-03-13"
msgstr ""

#: ../../CHANGES.rst:463
#: 9c0310a5987e414db0dec066116ab3a9
msgid "The `Faker` library is not imported anymore when the `clean` command is called."
msgstr ""

#: ../../CHANGES.rst:466
#: b03f22899d2b4a58aeb49ad846e32633
msgid "[0.0.21] - 2023-03-12"
msgstr ""

#: ../../CHANGES.rst:471
#: 5a91e99066d44eeb91900743e25812c5
msgid "Display TOS and policy URI on the consent list page. :pr:`102`"
msgstr ""

#: ../../CHANGES.rst:472
#: 350924499017445c814e114d79c5ffe9
msgid "Admin token deletion. :pr:`100` :pr:`101`"
msgstr ""

#: ../../CHANGES.rst:473
#: d9fff953dfc647859bcf9ab0388fd494
msgid "Revoked consents can be restored. :pr:`103`"
msgstr ""

#: ../../CHANGES.rst:474
#: 788ea9fa55224ba3a4d524dfe95b77e2
msgid "Pre-consented clients are displayed in the user consent list, and their consents can be revoked. :issue:`69` :pr:`103`"
msgstr ""

#: ../../CHANGES.rst:476
#: 8874eeff2bbc4f6d92a1b67820dbe5f0
msgid "A ``populate`` command can be used to fill the database with random users generated with faker. :pr:`105`"
msgstr ""

#: ../../CHANGES.rst:478
#: 11864ccef53c40b68b2512f1a5fde2a0
msgid "SMTP SSL support. :pr:`108`"
msgstr ""

#: ../../CHANGES.rst:479
#: aa3d2de14af94312b97f625d0b86a20c
msgid "Server side pagination. :issue:`114` :pr:`111`"
msgstr ""

#: ../../CHANGES.rst:480
#: 0e635872e2514abc8e19f5a3a65678b1
msgid "Department number support. :issue:`129`"
msgstr ""

#: ../../CHANGES.rst:481
#: 0ff36acfaae644b99d8ff82b64883f7d
msgid "Address edition support (but not in the OIDC claims yet). :pr:`112`"
msgstr ""

#: ../../CHANGES.rst:482
#: 332f9b6f72854bf5abbf9ed6e8b10bdd
msgid "Title edition support. :pr:`113`"
msgstr ""

#: ../../CHANGES.rst:487
#: 6bfc1277e08e4eaebfb9b417494e2051
msgid "Client deletion also deletes related :class:`~canaille.oidc.basemodels.Consent`, :class:`~canaille.oidc.basemodels.Token` and :class:`~canaille.oidc.basemodels.AuthorizationCode` objects. :issue:`126` :pr:`98`"
msgstr ""

#: ../../CHANGES.rst:493
#: c9d6bb2f733346f7baca60d15791fb75
msgid "Removed the `DataTables` Javascript library."
msgstr ""

#: ../../CHANGES.rst:496
#: 59f2ab9df3874bd2854a10a57183bd4a
msgid "[0.0.20] - 2023-01-28"
msgstr ""

#: ../../CHANGES.rst:501
#: 2eb9d7164a084ebd99d8a02e22f7636b
msgid "Spanish translation. :pr:`85` :pr:`88`"
msgstr ""

#: ../../CHANGES.rst:502
#: 4890482a1e364ae9be2b019a40d65544
msgid "Dedicated connectivity test email. :pr:`89`"
msgstr ""

#: ../../CHANGES.rst:503
#: 9bc6feb5a2e344f2bdaa7967f038eece
msgid "Update to jquery 3.6.3. :pr:`90`"
msgstr ""

#: ../../CHANGES.rst:504
#: a57916a091eb49debaa1d92e8aa35a87
msgid "Update to fomantic-ui 2.9.1. :pr:`90`"
msgstr ""

#: ../../CHANGES.rst:505
#: 13414ec5f5fb4723bab8d160d7fae68d
msgid "Update to DataTables 1.13.1. :pr:`90`"
msgstr ""

#: ../../CHANGES.rst:510
#: c3e3d11e304642ca994ff358a4d97b73
msgid "Fix typos and grammar errors. :pr:`84`"
msgstr ""

#: ../../CHANGES.rst:511
#: 11f8022cc5e7452b9a7d14711909782a
msgid "Fix wording and punctuations. :pr:`86`"
msgstr ""

#: ../../CHANGES.rst:512
#: 0e9583ca27aa4384b3b7fe0505ae81e1
msgid "Fix HTML lang tag. :issue:`122` :pr:`87`"
msgstr ""

#: ../../CHANGES.rst:513
#: abfac415c14c47b9875fafd08633aafc
msgid "Automatically trims the HTML translated strings. :pr:`91`"
msgstr ""

#: ../../CHANGES.rst:514
#: 7c0f2873519c41beb85477b8a7781908
msgid "Fixed dynamic registration scope management. :issue:`123` :pr:`93`"
msgstr ""

#: ../../CHANGES.rst:517
#: 1e8a6134758e4fdfb6a069212c277c5d
msgid "[0.0.19] - 2023-01-14"
msgstr ""

#: ../../CHANGES.rst:522
#: f73400d40e3047788a6d29d197e4f3ae
msgid "Ensures the token `expires_in` claim and the `access_token` `exp` claim have the same value. :pr:`83`"
msgstr ""

#: ../../CHANGES.rst:526
#: 6d6fee7b06294fbb8abc1221fa3fbff4
msgid "[0.0.18] - 2022-12-28"
msgstr ""

#: ../../CHANGES.rst:531
#: 65e0cd31017848f5a61a1bccd7699b89
msgid "OIDC end_session was not returning the ``state`` parameter in the ``post_logout_redirect_uri``. :pr:`82`"
msgstr ""

#: ../../CHANGES.rst:535
#: b4eb86603adf4d298247038d5a9632f7
msgid "[0.0.17] - 2022-12-26"
msgstr ""

#: ../../CHANGES.rst:540
#: 26cdc21de4f447629c6e0a19bc8fae7b
msgid "Fixed group deletion button. :pr:`80`"
msgstr ""

#: ../../CHANGES.rst:541
#: 44ac9db9319241fa980bb713e6235401
msgid "Fixed post requests in oidc clients views. :pr:`81`"
msgstr ""

#: ../../CHANGES.rst:544
#: a3dc5fca72754391a0b873de4bac69e7
msgid "[0.0.16] - 2022-12-15"
msgstr ""

#: ../../CHANGES.rst:549
#: 2c47a306f19b46729713cccfa9081fb1
msgid "Fixed LDAP operational attributes handling."
msgstr ""

#: ../../CHANGES.rst:552
#: 9c93c12336c64a948ea327a148f09de2
msgid "[0.0.15] - 2022-12-15"
msgstr ""

#: ../../CHANGES.rst:557
#: c31ef436c78c4a459433fa11a3efe134
msgid "User can chose their favourite display name. :pr:`77`"
msgstr ""

#: ../../CHANGES.rst:558
#: 725604c975014d169c6f727fe12ebbdf
msgid "Bumped to authlib 1.2. :pr:`78`"
msgstr ""

#: ../../CHANGES.rst:559
#: 15c82310b4f5445faec5dd55b02e7bf0
msgid "Implemented RFC7592 OAuth 2.0 Dynamic Client Registration Management Protocol. :pr:`79`"
msgstr ""

#: ../../CHANGES.rst:561
#: 93737a1761d74e668ad390678c113f50
msgid "Added ``nonce`` to the ``claims_supported`` server metadata list."
msgstr ""

#: ../../CHANGES.rst:564
#: 2bd72548a10b46c387d03d74b8c2bd1e
msgid "[0.0.14] - 2022-11-29"
msgstr ""

#: ../../CHANGES.rst:568
#: fda06af4dce844ac960f9728b313aad4
msgid "Fixed translation mo files packaging."
msgstr ""

#: ../../CHANGES.rst:571
#: 9e80339640f44f6fb5bdfb5a46d69754
msgid "[0.0.13] - 2022-11-21"
msgstr ""

#: ../../CHANGES.rst:576
#: 352f3004143b43a6a142e7261356121a
msgid "Fixed a bug on the contacts field in the admin client form following the LDAP schema update of 0.0.12."
msgstr ""

#: ../../CHANGES.rst:578
#: d2e06f8fce05470d8ea0b6462e3a3d2e
msgid "Fixed a bug happening during RP initiated logout on clients without `post_logout_redirect_uri` defined."
msgstr ""

#: ../../CHANGES.rst:580
#: e25591bed70d47aabb4991c60385315d
msgid "Gitlab CI fix. :pr:`64`"
msgstr ""

#: ../../CHANGES.rst:581
#: 052c1abeb1504947ae7971fbb2acbfe2
msgid "Fixed `client_secret` display on the client administration page. :pr:`65`"
msgstr ""

#: ../../CHANGES.rst:582
#: c21ecafb7e464b83b7269378abd31da0
msgid "Fixed non-square logo CSS. :pr:`67`"
msgstr ""

#: ../../CHANGES.rst:583
#: e957d4ee9c214301b1d6edadda774383
msgid "Fixed schema path on installation. :pr:`68`"
msgstr ""

#: ../../CHANGES.rst:584
#: bb5cbe1bd58c4914b6fb31904dace27f
msgid "Fixed RFC7591 ``software_statement`` claim support. :pr:`70`"
msgstr ""

#: ../../CHANGES.rst:585
#: 317c8538754e47c8a4472c4058883657
msgid "Fixed client preconsent disabling. :pr:`72`"
msgstr ""

#: ../../CHANGES.rst:590
#: 60f7dfdea9e24c999cd5137253bd39aa
msgid "Python 3.11 support. :pr:`61`"
msgstr ""

#: ../../CHANGES.rst:591
#: 62cfaf21a7614780af218178e88594d6
msgid "``apparmor`` slapd configuration instructions in ``CONTRIBUTING.rst``. :pr:`66`"
msgstr ""

#: ../../CHANGES.rst:592
#: 77d3d24c77f44acf97c5f2ed32b82fe7
msgid "``preferredLanguage`` attribute support. :pr:`75`"
msgstr ""

#: ../../CHANGES.rst:597
#: 2f2d66baff1b4d76bdb51d9a68f03d33
msgid "Replaced the use of the deprecated `FLASK_ENV` environment variable by `FLASK_DEBUG`."
msgstr ""

#: ../../CHANGES.rst:599
#: 2047c70b1c68493cb2718ce9d79a5b77
msgid "Dynamically generate the server metadata. Users won't have to copy and manually edit ``oauth-authorizationserver.json`` and ``openid-configuration.json``. :pr:`71`"
msgstr ""

#: ../../CHANGES.rst:602
#: ed79e47e7ab44b29bc488d36a73dbdb1
msgid "The `FROM_ADDR` configuration option is not mandatory anymore. :pr:`73`"
msgstr ""

#: ../../CHANGES.rst:603
#: 2b688ab4dea14db08349bfefde1b2842
msgid "The `JWT.ISS` configuration option is not mandatory anymore. :pr:`74`"
msgstr ""

#: ../../CHANGES.rst:606
#: 9862c43797094fe3827450b46f79eec1
msgid "[0.0.12] - 2022-10-24"
msgstr ""

#: ../../CHANGES.rst:611
#: 3504717ce3f94e2e908533b1990246c4
msgid "Basic WebFinger endpoint. :pr:`59`"
msgstr ""

#: ../../CHANGES.rst:612
#: f6cd348864064d69a7fe38417d404373
msgid "Bumped to FomanticUI 2.9.0."
msgstr ""

#: ../../CHANGES.rst:613
#: 8c0468dcc1e14966b946d28c6e694cc6
msgid "Implemented Dynamic Client Registration. :pr:`60`"
msgstr ""

#: ../../CHANGES.rst:616
#: ee3c54d958894fcab256447034dedb31
msgid "[0.0.11] - 2022-08-11"
msgstr ""

#: ../../CHANGES.rst:621
#: e1079b5d9f334cccb7c852bc57c02c3f
msgid "Default theme has a dark variant. :pr:`57`"
msgstr ""

#: ../../CHANGES.rst:626
#: 21f56695871c4d20a21e3507de160053
msgid "Fixed missing ``canaille`` binary. :pr:`58`"
msgstr ""

#: ../../CHANGES.rst:629
#: 9e01ba83c8294ea3a6d12a8880c95916
msgid "[0.0.10] - 2022-07-07"
msgstr ""

#: ../../CHANGES.rst:634
#: d571bdbf194c4d9bbb517fdadbfd33f4
msgid "Online demo. :pr:`55`"
msgstr ""

#: ../../CHANGES.rst:635
#: fc947b81637642bebc49fe466493ca0f
msgid "The consent page was displaying scopes not supported by clients. :pr:`56`"
msgstr ""

#: ../../CHANGES.rst:636
#: 7a8d70c1057549b9b8e437514b3e40ee
msgid "Fixed end session when user are already disconnected."
msgstr ""

#: ../../CHANGES.rst:639
#: b7ca6476d9d541ac98ebc7506e049944
msgid "[0.0.9] - 2022-06-05"
msgstr ""

#: ../../CHANGES.rst:644
#: 2ebf622b308a4ac1b52ea2c98127a1f4
msgid "``DISABLE_PASSWORD_RESET`` configuration option to disable password recovery. :pr:`46`"
msgstr ""

#: ../../CHANGES.rst:645
#: 3cdb60dfd8694aabb9124b6a9c50ea60
msgid "``edit_self`` ACL permission to control user self edition. :pr:`47`"
msgstr ""

#: ../../CHANGES.rst:646
#: dea66187c0ec42ca99143c3ebceba08f
msgid "`RP-initiated logout` implementation. :pr:`54`"
msgstr ""

#: ../../CHANGES.rst:651
#: 1109c84e26e042e6ab329a61df8fb2d4
msgid "Bumped to Authlib 1. :pr:`48`"
msgstr ""

#: ../../CHANGES.rst:652
#: 2de5e86b875a408582df63fb1339c167
msgid "Various documentation improvements. :pr:`50`"
msgstr ""

#: ../../CHANGES.rst:653
#: 5d69ea9d1d444185bd3a485f5f994eda
msgid "Use poetry instead of setuptools as project management tool. :pr:`51`"
msgstr ""

#: ../../CHANGES.rst:654
#: eb4d4fbf9ee24727a127f4f195c5c2cd
msgid "Additional ``nonce`` tests. :pr:`52`"
msgstr ""

#: ../../CHANGES.rst:658
#: aeb713c93b2840e4ae61f5325381f5e9
msgid "``HIDE_INVALID_LOGIN`` behavior and default value."
msgstr ""

#: ../../CHANGES.rst:659
#: aeb2c34202754830bfe6b81d82536964
msgid "Compiled translation catalogs are not versioned anymore. :pr:`49` :pr:`53`"
msgstr ""

#: ../../CHANGES.rst:662
#: d254d4ef4ab7433585e2630559636dc5
msgid "[0.0.8] - 2022-03-15"
msgstr ""

#: ../../CHANGES.rst:667
#: 43a5e8482e91488d98f97bd42f2cad61
msgid "Fixed dependencies."
msgstr ""

#: ../../CHANGES.rst:670
#: 47239a7c179a45c49ac99bc7278bc493
msgid "[0.0.7] - 2022-03-15"
msgstr ""

#: ../../CHANGES.rst:675
#: 368eb0cc96874d2b9d8c9acd8f01625c
msgid "Fixed spaces and escaped special char in LDAP ``cn/dn`` attributes. :pr:`43`"
msgstr ""

#: ../../CHANGES.rst:678
#: 0314e0f515aa43d5a1c66e3c20782969
msgid "[0.0.6] - 2022-03-08"
msgstr ""

#: ../../CHANGES.rst:683
#: 93406334d3d241b1a8c63fa034590221
msgid "Access token are JWT. :pr:`38`"
msgstr ""

#: ../../CHANGES.rst:688
#: 6c4e207ab5df44618ff79bf7b5b78727
msgid "Default groups on invitations. :pr:`41`"
msgstr ""

#: ../../CHANGES.rst:689
#: e99ec6eb17e84e109b59f0d39c0ea201
msgid "LDAP schemas are shipped within the Canaille package. :pr:`42`"
msgstr ""

#: ../../CHANGES.rst:692
#: 14a826b0be01461c8193fa8a6eeb7fc1
msgid "[0.0.5] - 2022-02-17"
msgstr ""

#: ../../CHANGES.rst:697
#: caa374e93ba249cd8f9b027d02cafc63
msgid "LDAP model objects have new identifiers. :pr:`37`"
msgstr ""

#: ../../CHANGES.rst:702
#: 5cfa1b85f2c5410cbe9c8085cba049ae
msgid "Admin menu dropdown display. :pr:`39`"
msgstr ""

#: ../../CHANGES.rst:703
#: ec5b6a1c5cf64ba4aa9b6ef0a910baeb
msgid "``GROUP_ID_ATTRIBUTE`` configuration typo. :pr:`40`"
msgstr ""

#: ../../CHANGES.rst:706
#: b9f812d1076a478c80c623651267077d
msgid "[0.0.4] - 2022-02-16"
msgstr ""

#: ../../CHANGES.rst:711
#: 2f4061bfe71b42b29299eab3f497d251
msgid "Client pre-authorization. :pr:`11`"
msgstr ""

#: ../../CHANGES.rst:712
#: 87fe740219bd41c1b6b7c556cf2652ab
msgid "LDAP permissions check with the check command. :pr:`12`"
msgstr ""

#: ../../CHANGES.rst:713
#: ebdb9816f24d470ba9a7539303645a67
msgid "Update consents when a scope required is larger than the scope of an already given consent. :pr:`13`"
msgstr ""

#: ../../CHANGES.rst:715
#: 1e3191429a9143068e482b7e109449fe
msgid "Theme customization. :pr:`15`"
msgstr ""

#: ../../CHANGES.rst:716
#: db16038054444d98a84e33199eebd8d0
msgid "Logging configuration. :pr:`16`"
msgstr ""

#: ../../CHANGES.rst:717
#: 8e84eba2bea142389a85076ef2a3c122
msgid "Installation command. :pr:`17`"
msgstr ""

#: ../../CHANGES.rst:718
#: f21354392bb04d63bf00b74da0cc4696
msgid "Invitation links. :pr:`18`"
msgstr ""

#: ../../CHANGES.rst:719
#: 57cf07135c394896b7d4f43681125a69
msgid "Advanced permissions. :pr:`20`"
msgstr ""

#: ../../CHANGES.rst:720
#: e3adc66569a647c7998c584993b6ac04
msgid "An option to not use OIDC. :pr:`23`"
msgstr ""

#: ../../CHANGES.rst:721
#: b1b33424133e45008513e82d59703be7
msgid "Disable some features when no SMTP server is configured. :pr:`24`"
msgstr ""

#: ../../CHANGES.rst:722
#: c3be020b839746e0a89f12a9c2a02976
msgid "Login placeholder dynamically generated according to the configuration. :pr:`25`"
msgstr ""

#: ../../CHANGES.rst:723
#: f3cdbf5878964cb0990a1baa8de508cb
msgid "Added an option to tune object IDs. :pr:`26`"
msgstr ""

#: ../../CHANGES.rst:724
#: 96757cd949bb440cbd61cc3209050813
msgid "Avatar support. :pr:`27`"
msgstr ""

#: ../../CHANGES.rst:725
#: bbc5bd67fac2455387965076ec64066c
msgid "Dynamical and configurable JWT claims. :pr:`28`"
msgstr ""

#: ../../CHANGES.rst:726
#: 7938f2b7af79464b91e3a66076d8f1e5
msgid "UI improvements. :pr:`29`"
msgstr ""

#: ../../CHANGES.rst:727
#: 41575b2df8ab49fe9bc6a78b8479abec
msgid "Invitation links expiration. :pr:`30`"
msgstr ""

#: ../../CHANGES.rst:728
#: 6ae6f1ea416d484a8c83c240773bfca8
msgid "Invitees can choose their IDs. :pr:`31`"
msgstr ""

#: ../../CHANGES.rst:729
#: 350a96666a414da3b6c512e3409176e3
msgid "LDAP backend refactoring. :pr:`35`"
msgstr ""

#: ../../CHANGES.rst:734
#: 811a6a60877745879dd1e823e534ed8a
msgid "Fixed ghost members in a group. :pr:`14`"
msgstr ""

#: ../../CHANGES.rst:735
#: 06e00c0bf96a46049ca44d1d5d1b80cb
msgid "Fixed email sender names. :pr:`19`"
msgstr ""

#: ../../CHANGES.rst:736
#: f72c89b5d30a4ef6813f52eab34053ad
msgid "Fixed filter being not escaped. :pr:`21`"
msgstr ""

#: ../../CHANGES.rst:737
#: 0dee5db90eb1443cba885c0b9c0bb20f
msgid "Demo script good practices. :pr:`32`"
msgstr ""

#: ../../CHANGES.rst:738
#: 36e391925c6042de97932f8130ef9271
msgid "Binary path for Debian. :pr:`33`"
msgstr ""

#: ../../CHANGES.rst:739
#: 8e4ec0309c6e42309803f6e6cbb86cab
msgid "Last name was not mandatory in the forms while this was mandatory in the LDAP server. :pr:`34`"
msgstr ""

#: ../../CHANGES.rst:741
#: b8f47932fc784040aa76d1600bf0d3dc
msgid "Spelling typos. :pr:`36`"
msgstr ""

#: ../../CHANGES.rst:744
#: 3d20890d62ce46e0a106b32fa8a83b4a
msgid "[0.0.3] - 2021-10-13"
msgstr ""

#: ../../CHANGES.rst:749
#: 4693647807ac4e53b49a9e6222823845
msgid "Two-steps sign-in. :issue:`49`"
msgstr ""

#: ../../CHANGES.rst:750
#: 13d043d7e1e64371a589c7f09aa0727a
msgid "Tokens can have several audiences. :issue:`62` :pr:`9`"
msgstr ""

#: ../../CHANGES.rst:751
#: 8f194088db2f4e04a7cc3dc3aa5775aa
msgid "Configuration check command. :issue:`66` :pr:`8`"
msgstr ""

#: ../../CHANGES.rst:752
#: aa54a49eafde4bf88caaf0c093bc4f83
msgid "Groups management. :issue:`12` :pr:`6`"
msgstr ""

#: ../../CHANGES.rst:757
#: a097d11955bb4fe2b2ed0595c85a74b3
msgid "Introspection access bugfix. :issue:`63` :pr:`10`"
msgstr ""

#: ../../CHANGES.rst:758
#: 170c71370d054c52a3b4aa675210d792
msgid "Introspection sub claim. :issue:`64` :pr:`7`"
msgstr ""

#: ../../CHANGES.rst:761
#: 57556078aa6c4bba9f4e92d70abd8519
msgid "[0.0.2] - 2021-01-06"
msgstr ""

#: ../../CHANGES.rst:766
#: f44ee1cfafc6458188ba50981c7b700b
msgid "Login page is responsive. :issue:`1`"
msgstr ""

#: ../../CHANGES.rst:767
#: 85182a27da1a4f69a9738ec3907c1e9b
msgid "Adapt mobile keyboards to login page fields. :issue:`2`"
msgstr ""

#: ../../CHANGES.rst:768
#: 481d12a3db204c4eb483fc9595e4c594
msgid "Password recovery interface. :issue:`3`"
msgstr ""

#: ../../CHANGES.rst:769
#: 3e7233c0060e4b328cebf41de557bd26
msgid "User profile interface. :issue:`4`"
msgstr ""

#: ../../CHANGES.rst:770
#: 919baf6ee4ba4255a09584cd99218a86
msgid "Renamed the project *Canaille*. :issue:`5`"
msgstr ""

#: ../../CHANGES.rst:771
#: 3ea4f03800634244b2068eee15bdbfd6
msgid "Command to remove old tokens. :issue:`17`"
msgstr ""

#: ../../CHANGES.rst:772
#: 2f618a762cd84790a688923fa40c8f54
msgid "Improved password recovery email. :issue:`14` :issue:`26`"
msgstr ""

#: ../../CHANGES.rst:773
#: 3a7ad3d88a7e415a9583933390e94680
msgid "Use Flask `SERVER_NAME` configuration variable instead of `URL`. :issue:`24`"
msgstr ""

#: ../../CHANGES.rst:774
#: b84ffa9231a54e74819ae3f87f0ceafc
msgid "Improved consents page. :issue:`27`"
msgstr ""

#: ../../CHANGES.rst:775
#: a61176580dae4098a5935a0dcbf7adfd
msgid "Admin user page. :issue:`8`"
msgstr ""

#: ../../CHANGES.rst:776
#: 1a8c701432b24739b30631f046e942c1
msgid "Project logo. :pr:`29`"
msgstr ""

#: ../../CHANGES.rst:777
#: ae68e2faa8084d32a134b9ded19702ad
msgid "User account self-deletion can be enabled in the configuration with `SELF_DELETION`. :issue:`35`"
msgstr ""

#: ../../CHANGES.rst:778
#: b6b6e3f1fda84c28a7d482a128b4d882
msgid "Admins can impersonate users. :issue:`39`"
msgstr ""

#: ../../CHANGES.rst:779
#: 986bc433e7474cfbaa47139c6fe31628
msgid "Forgotten page UX improvement. :pr:`43`"
msgstr ""

#: ../../CHANGES.rst:780
#: 87a0fbd3a3c5473a99c02c4d7357612c
msgid "Admins can remove clients. :pr:`45`"
msgstr ""

#: ../../CHANGES.rst:781
#: 007e0c4574c545c480f70fe4c1f56410
msgid "Option `HIDE_INVALID_LOGIN` that can be unactivated to let the user know if the login he attempt to sign in with exists or not. :pr:`48`"
msgstr ""

#: ../../CHANGES.rst:783
#: d2c33dc4cb254216804f7db87af16a4e
msgid "Password initialization mail. :pr:`51`"
msgstr ""

#: ../../CHANGES.rst:788
#: 9d0d7d4330ab4210b7d100e511030307
msgid "Form translations. :issue:`19` :issue:`23`"
msgstr ""

#: ../../CHANGES.rst:789
#: 2406dcc819cf442e985803254a6dd5d4
msgid "Avoid to use Google Fonts. :issue:`21`"
msgstr ""

#: ../../CHANGES.rst:794
#: fb7ccab64424482fa7f35048b1f44152
msgid "'My tokens' page. :issue:`22`"
msgstr ""

#: ../../CHANGES.rst:797
#: 0f51cd40bd6346e6848c78bdd9dfa894
msgid "[0.0.1] - 2020-10-21"
msgstr ""

#: ../../CHANGES.rst:802
#: c3e13d0f14e34ba7a5c0c69ff58ede2e
msgid "Initial release."
msgstr ""

#: ../../CONTRIBUTING.rst:2
#: 546cb02623d64888a6313e11f19f6a47
msgid "Contributions"
msgstr ""

#: ../../CONTRIBUTING.rst:4
#: 132e6195fb654008ac95668006180895
msgid "Contributions are welcome!"
msgstr ""

#: ../../CONTRIBUTING.rst:6
#: c2c28ee9d2964b5cba887ab488d66103
msgid "The repository is hosted at `gitlab.com/yaal/canaille <https://gitlab.com/yaal/canaille>`_."
msgstr ""

#: ../../CONTRIBUTING.rst:9
#: c32119293b5543289dfbf8db582c9260
msgid "Discuss"
msgstr ""

#: ../../CONTRIBUTING.rst:11
#: 94fa43b091a942df8d2c0a4fe3622fcb
msgid "If you want to implement a feature or a bugfix, please start by discussing it with us on the `bugtracker <https://gitlab.com/yaal/canaille/-/issues>`_ or the `matrix room <https://matrix.to/#/#canaille-discuss:yaal.coop>`_."
msgstr ""

#: ../../CONTRIBUTING.rst:16
#: 4c89eb514db24698870e4151b4a57cd2
msgid "Development environment"
msgstr ""

#: ../../CONTRIBUTING.rst:18
#: 4f7766ef0f12426d9d15aa8e10f9b492
msgid "You can either run the demo locally or with Docker."
msgstr ""

#: ../../CONTRIBUTING.rst:20
#: c796d131784748a1aa40a7efc23669de
msgid "The only tool required for local development is `uv`. Make sure to have uv `installed on your computer <https://docs.astral.sh/uv/getting-started/installation/>`_ to be able to hack Canaille."
msgstr ""

#: ../../CONTRIBUTING.rst:24
#: fa9c7470cab646ce8d043c9455e7c804
msgid "Initialize your development environment with: - ``uv sync --extra front --extra oidc`` to have a minimal working development environment. This will allow you to run the tests with ``uv pytest --backend memory``. - ``uv sync --extra front --extra oidc --extra sqlite`` to have a minimal working development environment with SQLite backend support. This will allow you to run the tests with ``uv pytest --backend sql``. - ``uv sync --extra front --extra oidc --extra ldap`` to have a minimal working development environment with LDAP backend support. This will allow you to run the tests with ``uv pytest --backend ldap``. - ``uv sync --all-extras`` if you want to have everything at your fingertips. Note that it may compile some Python dependencies that would expect things to be installed on your system; Some dependencies of Canaille might need to be compiled, so you probably want to check that `GCC` and `cargo` are available on your computer."
msgstr ""

#: ../../CONTRIBUTING.rst:31
#: 0e2e0fd2ea684f87bca53fb025ec9731
msgid "After having launched the demo you have access to several services:"
msgstr ""

#: ../../CONTRIBUTING.rst:33
#: f2cfbfff4656499a81172e5712425f00
msgid "A canaille server at `localhost:5000 <http://localhost:5000>`_"
msgstr ""

#: ../../CONTRIBUTING.rst:34
#: 256f392d4a5f4558bc2a269139a95fde
msgid "A dummy client at `localhost:5001 <http://localhost:5001>`_"
msgstr ""

#: ../../CONTRIBUTING.rst:35
#: 951db649d1134e54aee096a53a578a2c
msgid "Another dummy client at `localhost:5002 <http://localhost:5002>`_"
msgstr ""

#: ../../CONTRIBUTING.rst:37
#: 55c2bfbf19df43f2ad2306e3aa4455a0
msgid "The canaille server has some default users:"
msgstr ""

#: ../../CONTRIBUTING.rst:39
#: 3fb1039e4c034f0a8530ada2bbf832a2
msgid "A regular user which login and password are **user**;"
msgstr ""

#: ../../CONTRIBUTING.rst:40
#: 64222e4195e44966ad1569bb6adaad79
msgid "A moderator user which login and password are **moderator**;"
msgstr ""

#: ../../CONTRIBUTING.rst:41
#: a33fe18382ad4cc6b5e06fd2d3de9908
msgid "An admin user which admin and password are **admin**;"
msgstr ""

#: ../../CONTRIBUTING.rst:42
#: 73926ca3e82e454594c9846587363353
msgid "A new user which login is **james**. This user has no password yet, and his first attempt to log-in would result in sending a password initialization email (if a smtp server is configured)."
msgstr ""

#: ../development/specifications.rst:62
#: ../features.rst:258
#: ../../CONTRIBUTING.rst:47
#: 79d65d5e4afe43efb2ef2a4a207d132e
#: 3db640a629884d22a4802c5fb7d36a49
#: 18201ecd1cdd4502998e32192c2ff9b3
msgid "Backends"
msgstr ""

#: ../../CONTRIBUTING.rst:49
#: 76d70493e26d4ffd9fab7bdcd08e41da
msgid "Canaille comes with several backends:"
msgstr ""

#: ../../CONTRIBUTING.rst:51
#: b88f421ab1f447d68441a900207978d2
msgid "a lightweight test purpose `memory` backend"
msgstr ""

#: ../../CONTRIBUTING.rst:52
#: b4c848eaaebc4d368e6d313b720d7285
msgid "a `sql` backend, based on sqlalchemy"
msgstr ""

#: ../../CONTRIBUTING.rst:53
#: d5961ac1ca314b5fae359a3704f6ae17
msgid "a production-ready `LDAP` backend"
msgstr ""

#: ../../CONTRIBUTING.rst:56
#: 22ebeaaea5f445359c4858adb3f2359e
msgid "Docker environment"
msgstr ""

#: ../../CONTRIBUTING.rst:58
#: 110672e7512a4d219fc78e2020b56b2c
msgid "If you want to develop with docker, your browser needs to be able to reach the `canaille` container. The docker-compose file exposes the right ports, but front requests are from outside the docker network: the `canaille` url that makes sense for docker, points nowhere from your browser. As exposed ports are on `localhost`, you need to tell your computer that `canaille` url means `localhost`."
msgstr ""

#: ../../CONTRIBUTING.rst:63
#: 1fbc7037693e4cc0a4b736c00d8953dc
msgid "To do that, you can add the following line to your `/etc/hosts`:"
msgstr ""

#: ../../CONTRIBUTING.rst:69
#: 708ce910986e42abb104bb8cad39c317
msgid "To launch containers, use:"
msgstr ""

#: ../../CONTRIBUTING.rst:84
#: 9ad12ac6ab9c4936a1b48f17f5d436f6
msgid "Local environment"
msgstr ""

#: ../../CONTRIBUTING.rst:98
#: 39c8085c02f64358ae6454b34c804bf1
msgid "If you want to run the demo locally with the LDAP backend, you need to have `OpenLDAP <https://www.openldap.org/>`_ installed on your system. It is generally shipped under the ``slapd`` or ``openldap`` package name."
msgstr ""

#: ../../CONTRIBUTING.rst:103
#: a5d0b2f8115a42c98496061fc3f304e9
msgid "On Debian or Ubuntu systems, the OpenLDAP `slapd` binary usage might be restricted by apparmor, and thus makes the tests and the demo fail. This can be mitigated by removing apparmor restrictions on `slapd`."
msgstr ""

#: ../../CONTRIBUTING.rst:113
#: 938084fa5d5b45fcb475bf29bf7413d3
msgid "Populate the database"
msgstr ""

#: ../../CONTRIBUTING.rst:115
#: 605498714a5c4c98b663ec98c3f99da9
msgid "The demo database comes populated with some random users and groups. If you need more, you can generate users and groups with the ``populate`` command:"
msgstr ""

#: ../../CONTRIBUTING.rst:126
#: f17ffc8a480e40d1ab56ed02d6a0c3f1
msgid "Adapt to use either the `ldap` or the `sql` configuration file. Note that this will not work with the memory backend."
msgstr ""

#: ../../CONTRIBUTING.rst:129
#: bccac8aac2ee46d3bf1a1f7357593e95
msgid "Unit tests"
msgstr ""

#: ../../CONTRIBUTING.rst:131
#: 292c189c9b8c4d388d06e694ae2ebf23
msgid "To run the tests, you just can run `uv run pytest` and/or `uv run tox` to test all the supported python environments. Everything must be green before patches get merged."
msgstr ""

#: ../../CONTRIBUTING.rst:134
#: fbb43db282bb49338e0e6b4e072dcadb
msgid "To test a specific backend you can pass ``--backend memory``, ``--backend sql`` or ``--backend ldap`` to pytest and tox."
msgstr ""

#: ../../CONTRIBUTING.rst:136
#: 4c8976efeaa94487a9b895bdaaf5f15a
msgid "The test coverage is 100%, patches won't be accepted if not entirely covered. You can check the test coverage with ``uv run pytest --cov --cov-report=html`` or ``uv run tox -e coverage -- --cov-report=html``. You can check the HTML coverage report in the newly created `htmlcov` directory."
msgstr ""

#: ../../CONTRIBUTING.rst:141
#: ff7e619b661c41ec9b625e1457ad4a99
msgid "Code style"
msgstr ""

#: ../../CONTRIBUTING.rst:143
#: a1000e9b40d84c09b9a49d20e181b9e8
msgid "We use `ruff <https://docs.astral.sh/ruff/>`_ along with other tools to format our code. Please run ``uv run tox -e style`` on your patches before submitting them. In order to perform a style check and correction at each commit you can use our `pre-commit <https://pre-commit.com/>`_ configuration with ``uv run pre-commit install``."
msgstr ""

#: ../../CONTRIBUTING.rst:149
#: f1f6b1f43d084d0281f7a452789d66d3
msgid "Front"
msgstr ""

#: ../../CONTRIBUTING.rst:151
#: c79f437efa2641b5bd2d94c2fc66ff91
msgid "The interface is built upon the `Fomantic UI <https://fomantic-ui.com/>`_ CSS framework. The dynamical parts of the interface use `htmx <https://htmx.org/>`_."
msgstr ""

#: ../../CONTRIBUTING.rst:154
#: ce5afb30269e439c838171f762c22418
msgid "Using Javascript in the interface is tolerated, but the whole website MUST be accessible for browsers without Javascript support, and without any feature loss."
msgstr ""

#: ../../CONTRIBUTING.rst:156
#: db27231d4d9140b685dc3d6d3eecb437
msgid "Because of Fomantic UI we have a dependency to jQuery, however new contributions should not depend on jQuery at all. See the `related issue <https://gitlab.com/yaal/canaille/-/issues/130>`_."
msgstr ""

#: ../index.rst:70
#: ../../CONTRIBUTING.rst:161
#: 8e6613c7b3d94538aee5ab1823dc10e2
#: 97f6f74099754fa7b8e607f889cd8499
msgid "Documentation"
msgstr ""

#: ../../CONTRIBUTING.rst:163
#: b66a0f9381d64372acdc6e59feec96e1
msgid "The documentation is generated when the tests run:"
msgstr ""

#: ../../CONTRIBUTING.rst:169
#: 06e5274ed5694ce1995b2ed1ba8785ab
msgid "You can also run sphinx by hand, that should be faster since it avoids the tox environment initialization:"
msgstr ""

#: ../../CONTRIBUTING.rst:175
#: 1dcfaf186f1a472997a3fe7ebf1c64d1
msgid "The generated documentation is located at ``build/sphinx/html/en``."
msgstr ""

#: ../../CONTRIBUTING.rst:178
#: 25257bc0bcc94355a0fa23b39c1af8e1
msgid "Code translation"
msgstr ""

#: ../../canaille/translations/README.rst:1
#: 8eefc4c607a6432f9d1bfb4a4a59a08c
msgid "Translations are done with `Weblate <https://hosted.weblate.org/projects/canaille/canaille>`_."
msgstr ""

#: ../../canaille/translations/README.rst:3
#: 6c5f80b320ff4dda8e1b0a7f08b1a14a
msgid "The following commands are there as documentation, only the message extraction is needed for contributors. All the other steps are automatically done with Weblate."
msgstr ""

#: readme.rst:7
#: ../../canaille/translations/README.rst:8
#: readme.rst:7
#: 5eb5beee026348d6bf777f405dad060c
#: c3e1b93668784114a8fc359b02b63284
#: 94e5690bd8a347a4adb5b76a05870224
msgid "Message extraction"
msgstr ""

#: readme.rst:9
#: ../../canaille/translations/README.rst:10
#: readme.rst:9
#: 6f6f8426d40d48f09f8e160ab2a3190a
#: 327b9e77b0b048d882be777223d3d51e
#: 47fea125031749b6a5784b697179f8c5
msgid "After you have edited translatable strings, you should extract the messages with:"
msgstr ""

#: readme.rst:16
#: ../../canaille/translations/README.rst:17
#: readme.rst:16
#: 409f151131d9490b9dd5af2d961daaeb
#: 939406415b344cc8b242ed413ff5496b
#: efb905c33b8f40af92985d0c69666a9f
msgid "Language addition"
msgstr ""

#: readme.rst:18
#: ../../canaille/translations/README.rst:19
#: readme.rst:18
#: 60c6b98c5ebc43a592c41670fd7215fd
#: 59ad6a5d63b64c4eb3611635d9f2c27d
#: b07d83c43ebd480ca47d04e1e4b5b27b
msgid "You can add a new language manually with the following command, however this should not be needed as Weblate takes car of this:"
msgstr ""

#: ../../canaille/translations/README.rst:26
#: cf8a7e7b36224a50b483afa495f4217e
msgid "Catalog update"
msgstr ""

#: ../../canaille/translations/README.rst:28
#: 6788bac231084e8f91508c1071ddbb99
msgid "You can update the catalogs with the following command, however this should not be needed as Weblate automatically update language catalogs when it detects new strings or when someone translate some existing strings. Weblate pushes happen every 24h."
msgstr ""

#: ../../canaille/translations/README.rst:36
#: 827be623961349f88ae09347760fec21
msgid "Catalog compilation"
msgstr ""

#: ../../canaille/translations/README.rst:38
#: 530a801cbacd41a4888e55b1bea431d4
msgid "You can compile the catalogs with the following command, however this should not be needed as catalogs are automatically compiled before running the unit tests, before launching the demo and before compiling the Canaille python package:"
msgstr ""

#: ../../CONTRIBUTING.rst:184
#: f75b695ccdb64e1a86651f91cb832753
msgid "Documentation translation"
msgstr ""

#: readme.rst:1
#: readme.rst:1
#: 8aa4c6dc835843758bd3b0db11d5bd16
#: ad7f36c18790415096b694f5056b10e9
msgid "Documentation translation Translations are done with `Weblate <https://hosted.weblate.org/projects/canaille/canaille>`_."
msgstr ""

#: readme.rst:4
#: readme.rst:4
#: ff165bebc5484cfe8bc202eb5b573632
#: 7bcbe0c9afbf404a9df96de2a4a8f144
msgid "The following commands are there as documentation, only the message extraction and the language addition is needed for contributors."
msgstr ""

#: readme.rst:25
#: readme.rst:25
#: dc2e53e97b8449edac37ad9e1346ef30
#: b0ed9d3cef0246cfa7e5a536d41ae38b
msgid "Build the documentation in another language"
msgstr ""

#: ../../CONTRIBUTING.rst:189
#: af37f0a00d174badbfd8f981d9d47e76
msgid "Publish a new release"
msgstr ""

#: ../../CONTRIBUTING.rst:191
#: 7f74569c93d045d58f83d99ea264ebc2
msgid "Check that dependencies are up to date with ``uv sync --all-extras --upgrade`` and update dependencies accordingly in separated commits;"
msgstr ""

#: ../../CONTRIBUTING.rst:192
#: 44c0e317b0b9478892031ee269efb086
msgid "Check that tests are still green for every supported python version, and that coverage is still at 100%, by running ``uv run tox``;"
msgstr ""

#: ../../CONTRIBUTING.rst:193
#: 2420b0b759dd434f84fabaaa3e1aed90
msgid "Check that the demo environments are still working, both the local and the Docker one;"
msgstr ""

#: ../../CONTRIBUTING.rst:194
#: ccf039350d4d4c7a90a79f7e2af349e0
msgid "Check that the :ref:`development/changelog:Release notes` section is correctly filled up;"
msgstr ""

#: ../../CONTRIBUTING.rst:195
#: a2b97e7103db4c5b9e28afc5c581ac3b
msgid "Increase the version number in ``pyproject.toml``;"
msgstr ""

#: ../../CONTRIBUTING.rst:196
#: 0111206c723f4fc88038b22acc63de07
msgid "Commit with ``git commit``;"
msgstr ""

#: ../../CONTRIBUTING.rst:197
#: 5f7dccf4644e49c587c681320f5cdac7
msgid "Build with ``uv build``;"
msgstr ""

#: ../../CONTRIBUTING.rst:198
#: b6b4a758cc4a4e428976d73e1d0204cc
msgid "Publish on test PyPI with ``uv publish --publish-url https://test.pypi.org/legacy/``;"
msgstr ""

#: ../../CONTRIBUTING.rst:199
#: 3975642bad774f579d3e22467d447c6d
msgid "Install the test package somewhere with ``pip install --extra-index-url https://test.pypi.org/simple --upgrade canaille``. Check that everything looks fine;"
msgstr ""

#: ../../CONTRIBUTING.rst:200
#: 7a7a7c09e02341369586f19fdafa002a
msgid "Publish on production PyPI ``uv publish``;"
msgstr ""

#: ../../CONTRIBUTING.rst:201
#: ae5efe3773964b27ae105e50ac18c55e
msgid "Tag the commit with ``git tag XX.YY.ZZ``;"
msgstr ""

#: ../../CONTRIBUTING.rst:202
#: 5361eb18e49c49f99e9faced12110d09
msgid "Push the release commit and the new tag on the repository with ``git push --tags``."
msgstr ""

#: ../development/index.rst:2
#: 1c006896969a4b01abb1e68cdcfd4dc6
msgid "Development"
msgstr ""

#: ../development/specifications.rst:2
#: 249e43302ee6425db3aeefcf4533fe56
msgid "Specifications"
msgstr ""

#: ../development/specifications.rst:4
#: 951575fa09794f709809621586397d95
msgid "This page details which specifications are implemented in Canaille, and compares Canaille with other well-known identity providers."
msgstr ""

#: ../development/specifications.rst:7
#: b6193c674c104724ae7ba4406aa89544
msgid "State of the specs in Canaille"
msgstr ""

#: ../development/specifications.rst:10
#: 36cb51dcf2bf4727b8635dd940fbe277
msgid "OAuth2"
msgstr ""

#: ../development/specifications.rst:12
#: de4f1bb8c2424ed9bdd5ced547e2adfa
msgid "✅ `RFC6749: OAuth 2.0 Framework <https://tools.ietf.org/html/rfc6749>`_"
msgstr ""

#: ../development/specifications.rst:13
#: dc9b59af8319438791c590683b48e2fe
msgid "✅ `RFC6750: OAuth 2.0 Bearer Tokens <https://tools.ietf.org/html/rfc6750>`_"
msgstr ""

#: ../development/specifications.rst:14
#: 21f92d27b5fc4b28a6a7fbacaba6befa
msgid "✅ `RFC7009: OAuth 2.0 Token Revocation <https://tools.ietf.org/html/rfc7009>`_"
msgstr ""

#: ../development/specifications.rst:15
#: a231fb579b0d46d79104e829c9ec8f44
msgid "❌ `RFC7523: JWT Profile for OAuth 2.0 Client Authentication and Authorization Grants <https://tools.ietf.org/html/rfc7523>`_"
msgstr ""

#: ../development/specifications.rst:16
#: 38bdc215f54d4fe0992cf981e3ec07f9
msgid "✅ `RFC7591: OAuth 2.0 Dynamic Client Registration Protocol <https://tools.ietf.org/html/rfc7591>`_"
msgstr ""

#: ../development/specifications.rst:17
#: 3e44ebe0f1c74fea8e4f184c0f8497b3
msgid "✅ `RFC7592: OAuth 2.0 Dynamic Client Registration Management Protocol <https://tools.ietf.org/html/rfc7592>`_"
msgstr ""

#: ../development/specifications.rst:18
#: 8dfca332812e443f9cde8e059b2cd136
msgid "✅ `RFC7636: Proof Key for Code Exchange by OAuth Public Clients <https://tools.ietf.org/html/rfc7636>`_"
msgstr ""

#: ../development/specifications.rst:19
#: 4505126f943c48779b5dd4913794108e
msgid "✅ `RFC7662: OAuth 2.0 Token Introspection <https://tools.ietf.org/html/rfc7662>`_"
msgstr ""

#: ../development/specifications.rst:20
#: f54b4b6c87c045e09d68a887f08c15d7
msgid "✅ `RFC8414: OAuth 2.0 Authorization Server Metadata <https://tools.ietf.org/html/rfc8414>`_"
msgstr ""

#: ../development/specifications.rst:21
#: fa1947f4336f4f648572826cb3cabcac
msgid "❌ `RFC8428: OAuth 2.0 Device Authorization Grant <https://tools.ietf.org/html/rfc8428>`_"
msgstr ""

#: ../development/specifications.rst:22
#: 67e013eb13cf4cb4b4b8e04ba434bd1b
msgid "❌ `RFC8693: OAuth 2.0 Token Exchange <https://tools.ietf.org/html/rfc8693>`_"
msgstr ""

#: ../development/specifications.rst:23
#: 4c06a297aff943dbac567bb1b263a923
msgid "❌ `RFC8705: OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens <https://tools.ietf.org/html/rfc8705>`_"
msgstr ""

#: ../development/specifications.rst:24
#: 2924864cafa9414ba6dc9af48a39a80d
msgid "❌ `RFC8707: Resource Indicators for OAuth 2.0 <https://tools.ietf.org/html/rfc8707>`_"
msgstr ""

#: ../development/specifications.rst:25
#: cb3dc2bf05c242c29151420dbc45a372
msgid "❌ `RFC9068: JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens <https://tools.ietf.org/html/rfc9068>`_"
msgstr ""

#: ../development/specifications.rst:26
#: 46ac1e7e2fd94415b3fe2cc447a53684
msgid "❌ `RFC9101: OAuth 2.0 JWT-Secured Authorization Request (JAR) <https://tools.ietf.org/html/rfc9101>`_"
msgstr ""

#: ../development/specifications.rst:27
#: 8dbc9b67d66a48d8bcb351782701f517
msgid "❌ `RFC9126: OAuth 2.0 Pushed Authorization Requests <https://tools.ietf.org/html/rfc9126>`_"
msgstr ""

#: ../development/specifications.rst:28
#: c82b748c28aa4b33998f7ff6110acf77
msgid "❌ `RFC9207: OAuth 2.0 Authorization Server Issuer Identification <https://tools.ietf.org/html/rfc9207>`_"
msgstr ""

#: ../development/specifications.rst:29
#: 1168644add784f5eb44cc259b7c3beed
msgid "❌ `RFC9394: OAuth 2.0 Rich Authorization Requests <https://www.rfc-editor.org/rfc/rfc9396.html>`_"
msgstr ""

#: ../development/specifications.rst:30
#: 33cf326498614375bfdd4f9426fbe72f
msgid "❌ `OAuth2 Multiple Response Types <https://openid.net/specs/oauth-v2-multiple-response-types-1_0.html>`_"
msgstr ""

#: ../development/specifications.rst:31
#: db0f4cde0fee4b84818231816c0bb832
msgid "❌ `OAuth2 Form Post Response Mode <https://openid.net/specs/oauth-v2-form-post-response-mode-1_0.html>`_"
msgstr ""

#: ../development/specifications.rst:34
#: ../features.rst:209
#: f0f781fe96e2462ea2bdc006f35f9a1f
#: b61c5665cacc4960b65e9519deb92e64
msgid "OpenID Connect"
msgstr ""

#: ../development/specifications.rst:36
#: de784ce1cb984690b948da6cda236855
msgid "✅ `OpenID Connect Core <https://openid.net/specs/openid-connect-core-1_0.html>`_"
msgstr ""

#: ../development/specifications.rst:37
#: 42bffbcfddd74b089a17f8086513e7e8
msgid "✅ `OpenID Connect Discovery <https://openid.net/specs/openid-connect-discovery-1_0.html>`_"
msgstr ""

#: ../development/specifications.rst:38
#: 1024dd09e852405ca9c5873ca7e5a2c2
msgid "✅ `OpenID Connect Dynamic Client Registration <https://openid.net/specs/openid-connect-registration-1_0.html>`_"
msgstr ""

#: ../development/specifications.rst:39
#: 8c53a18db078466d9bb9912948d5ef87
msgid "✅ `OpenID Connect RP Initiated Logout <https://openid.net/specs/openid-connect-rpinitiated-1_0.html>`_"
msgstr ""

#: ../development/specifications.rst:40
#: 8eb5e224e65d4c14bd95db0ed60011ad
msgid "❌ `OpenID Connect Session Management <https://openid.net/specs/openid-connect-session-1_0.html>`_"
msgstr ""

#: ../development/specifications.rst:41
#: e29e079e09a34708859fa53ce175d329
msgid "❌ `OpenID Connect Front Channel Logout <https://openid.net/specs/openid-connect-frontchannel-1_0.html>`_"
msgstr ""

#: ../development/specifications.rst:42
#: 7b678d44980c44b29c6c7390cb117840
msgid "❌ `OpenID Connect Back Channel Logout <https://openid.net/specs/openid-connect-backchannel-1_0.html>`_"
msgstr ""

#: ../development/specifications.rst:43
#: 40bc3a7e08e640b98a42d6259e8c8f3b
msgid "❌ `OpenID Connect Back Channel Authentication Flow <https://openid.net/specs/openid-client-initiated-backchannel-authentication-core-1_0.html>`_"
msgstr ""

#: ../development/specifications.rst:44
#: 05ab27a6d12c49e8a070b846503cc670
msgid "❌ `OpenID Connect Core Error Code unmet_authentication_requirements <https://openid.net/specs/openid-connect-unmet-authentication-requirements-1_0.html>`_"
msgstr ""

#: ../development/specifications.rst:45
#: 9f8f8adf713047438a261bb476c188cd
msgid "✅ `Initiating User Registration via OpenID Connect 1.0 <https://openid.net/specs/openid-connect-prompt-create-1_0.html>`_"
msgstr ""

#: ../development/specifications.rst:48
#: ../development/specifications.rst:64
#: 8f14519caffa43ef9a64602548f967d1
#: 04e0dcdb325a40a7a3cb29369b2ad283
msgid "SCIM"
msgstr ""

#: ../development/specifications.rst:50
#: 4a7098a7ea784d60b18d29fbc90c8ac4
msgid "❌ `RFC7642: System for Cross-domain Identity Management: Definitions, Overview, Concepts, and Requirements <https://www.rfc-editor.org/rfc/rfc7642>`_"
msgstr ""

#: ../development/specifications.rst:51
#: a875cf91e2a64cccafdd4b3501df99bc
msgid "❌ `RFC7643: System for Cross-domain Identity Management: Core Schema <https://www.rfc-editor.org/rfc/rfc7642>`_"
msgstr ""

#: ../development/specifications.rst:52
#: f64ea994e6754ecdb04387c5dca7c52e
msgid "❌ `RFC7644: System for Cross-domain Identity Management: Protocol <https://www.rfc-editor.org/rfc/rfc7642>`_"
msgstr ""

#: ../development/specifications.rst:55
#: b6fb09d321df4d53bee28871125886fc
msgid "Comparison with other providers"
msgstr ""

#: ../development/specifications.rst:57
#: 15f4a25f63404fa38db5e2da8b72b076
msgid "Here is a feature comparison with other OpenID Connect server software."
msgstr ""

#: ../development/specifications.rst:59
#: 9e21fbf177764f3abb421d7531971d17
msgid "Canaille voluntarily only implements the OpenID Connect protocol to keep its codebase simple."
msgstr ""

#: ../development/specifications.rst:62
#: b4c88707080c472f876ce8bca7c1f7c8
msgid "Software"
msgstr ""

#: ../development/specifications.rst:62
#: a853a42851fb4104870f50804a48d510
msgid "Project"
msgstr ""

#: ../development/specifications.rst:62
#: 0053db38018e4af88ac8b5c39ea1a38d
msgid "Protocols implementations"
msgstr ""

#: ../development/specifications.rst:64
#: 8f6b4af1e8e44a97a8e25aa4c744de7d
msgid "FLOSS"
msgstr ""

#: ../development/specifications.rst:64
#: d06e1b3b20ba49c3bb31cbec313df4dd
msgid "Language"
msgstr ""

#: ../development/specifications.rst:64
#: aa3da0e6f78e48a4bfab8622eb346544
msgid "LOC"
msgstr ""

#: ../development/specifications.rst:64
#: 0f5ab64b297347759d21cd3ad9835958
msgid "OIDC"
msgstr ""

#: ../development/specifications.rst:64
#: 6abc459cf079495ba198097ef0045254
msgid "SAML"
msgstr ""

#: ../development/specifications.rst:64
#: f15837ec1b3640f2aa170aa5da2d42be
msgid "CAS"
msgstr ""

#: ../development/specifications.rst:64
#: ../tutorial/databases.rst:32
#: 6dd6f1502ce24180a931d83e5f722c9e
#: 6727e76ca0a94672b31356e7000f36b0
msgid "LDAP"
msgstr ""

#: ../development/specifications.rst:64
#: ../tutorial/databases.rst:16
#: 3e46eb3531de497884083dfda20c8429
#: 90ae2983d8cc409f8095e9d40349d5f4
msgid "SQL"
msgstr ""

#: ../development/specifications.rst:66
#: a366a61c9c674a7283a341551b284cae
msgid "Canaille"
msgstr ""

#: ../development/specifications.rst:66
#: ../development/specifications.rst:68
#: ../development/specifications.rst:70
#: ../development/specifications.rst:72
#: ../development/specifications.rst:74
#: ../development/specifications.rst:76
#: ../development/specifications.rst:78
#: ../development/specifications.rst:80
#: ../development/specifications.rst:82
#: ../development/specifications.rst:84
#: ../development/specifications.rst:86
#: ../development/specifications.rst:88
#: 76f382b47422487fb7cbc53f4aff0c98
#: 4844a1c9e94148e7b704e34288523bb2
#: 12d05728bdfa47b5896614fada305c27
#: d5e228ec90aa44e292ba7fcec5647b9c
#: 4258f565460449c9b4fc3c6796d2c5b6
#: 911f044a18f6438586994333671fc378
#: 77bb210c94914a21b60856dacecf2ae5
#: 6fa7cee2f8364899b4edce41d54f4c88
#: 76e040268e8a4f32b4f8af2597bea392
#: 3e07bff5b4af452a8b3d773b5c37138f
#: da2926e6b2574207879b2c182a31ad44
#: a8a608ecbd464a13acdf7acf9c8155cd
#: 22a468176bcd467b8c62c509187c5703
#: 04d7f345ca9943339e8111bdd466dbe6
#: 60e8f33fa52947f787c375eb545e4464
#: 896e8046acfb494680c6585af3e9251a
#: ce0a59e71a864a60ae04e56e50e3b5b1
#: b49c3962115243dbad9781644d2f6c5f
#: ece841cc28504cebb8bf41d524f2f333
#: dc810fbb36b84115a8847ce6dfdf04d1
#: e08cb5571672459f9ada660121e80f0e
#: 94dea3173cff4e788ff16df4003e0a86
#: 38da64b2eabd424b8cef433b82412dfa
#: e2af63632b264cf688e714bf5e837dfe
#: c8edc4ae10074f05bd9527815efee614
#: 861d9b6ddb6a4e22bd294d6a80752101
#: 975b8dc314ed458eaf46bc2fefa85359
#: 0df8ee31ab9d45f0a04b1ab0bb5d1d27
#: d29e1a61c7bc4d3b9f9b216a219a7793
#: 58c235c90f5f484ba478ff16e956eb81
#: 6ccde9015dae404f966f80e1ed8a5439
#: f34897241f1d4f129621fced609aef99
#: ad025268df434316b41dd1a1db1bcd12
#: 906d01b07790460ea2ed4a8edf44718c
#: 39881f29192e436a8abb119b0578d654
#: 25b1f998547c4e009d3421081fb929a3
#: aa491ff6358245409702e7713ceaa44e
#: 6968bbaabde8426f8e8c6265acb8c576
#: d1a63d47d2814685a8b857a88527ad11
#: 3afb215d97174a4babc9fbe81d658f36
#: 68274779fa1140dc954eb4a5c8946d40
#: 96ee4b7d8316415c9b05467c48c5a66e
#: 733dd021e9414b05b69223e61f26118b
#: cc61c6806d4443a3910507c21d5c986c
#: c42ebd1f23d1434b81c989262d672d43
#: 55a98d6232ad412b8f377e4b7ed019fd
#: d5c8c3ed956b499596edf4e69416510b
#: 59b50a7a4aa3452ba1dac847a38fb899
#: 840a00754eca43ff9aeb83d1c7dbfd88
#: 1189f3450d1f452f8e42c9c9f81baa8c
#: 7026cb879fdc4677b444e70688096a06
#: 90459e3368bf4afe851dd81a0ba8041b
#: 6a7e9e44f49f424782a9a3f11d9f61ff
#: b54a53ed49644f2e86d6071df219fdb3
#: 65decb515e2a4bf691b4ab7b61062a68
#: 5474d16e85c14f3f85d14ecb88397a51
#: 19c3d50016db433fbbff6bff11d2a1ec
#: d63531cace6c43c3ba3e57bbfebb3b60
#: 929a5610abfa4a56960ab3ea02d27631
#: 73735902d7074299a619e9520bd7e122
#: e8ac2b67e3274fc1ace3b9a343abe0de
#: 9b645d0449684133acf9eaa70f4ebdc2
#: 424b13f7837e45d7ac5685be10c7ad75
msgid "✅"
msgstr ""

#: ../development/specifications.rst:66
#: ../development/specifications.rst:72
#: ../development/specifications.rst:74
#: 590b36e06934435c807f9ece1b63d752
#: bfd2eac1dccb4c09975f34cbd2b16e40
#: b0e4911efb3a4ab3a09fd0b55388f3d5
msgid "Python"
msgstr ""

#: ../development/specifications.rst:66
#: 77b88e900d78420fac3f2b456541b9ea
msgid "10k"
msgstr ""

#: ../development/specifications.rst:66
#: ../development/specifications.rst:68
#: ../development/specifications.rst:70
#: ../development/specifications.rst:72
#: ../development/specifications.rst:74
#: ../development/specifications.rst:76
#: ../development/specifications.rst:78
#: ../development/specifications.rst:82
#: ../development/specifications.rst:86
#: ../development/specifications.rst:88
#: 274c32037d2c4dad8c70aace8c178e46
#: a3562039d62e4124994a47a13511239b
#: d2514a09946d4e88a947d4f1e0f54cba
#: 4ccaf14ea2374ceb80c8847ed9177d7b
#: 8980126cca4a447581d99d48a5146bf0
#: 1f07295186ec40f18f630f66e7fdb3d5
#: 795cb7180a544650a7e1edb73d98085a
#: 5dbf8636bfff412f983e93a8c940b2a5
#: bf7facf3057643a880bb72c33c536ef9
#: a3a674d92ddc4e1ebdfb641b08dbd2cf
#: 415a9995c17847b480d1a17fedbd9384
#: f31719b6b04046dfbf2f0d575fa4075f
#: 7e6e1fb7971141a4bb4cb407fc30cce9
#: 51b5a1ad9c6a4e59bcb74d3147cc5435
#: 6e068c843a92461caa91fd918bf671dd
#: a17ab2c72ead40d4b91466051bcae054
#: 3d67546c3c0541709374cf05d4410d13
#: 9df466bfb9744d9da166de0ef460cb88
#: 0a54600cc531443bb14b211af59e6ce2
msgid "❌"
msgstr ""

#: ../development/specifications.rst:68
#: 67ae149c32c44465a8c35ff6970e223d
msgid "`Auth0`_"
msgstr ""

#: ../development/specifications.rst:68
#: ../development/specifications.rst:78
#: ../development/specifications.rst:80
#: ../development/specifications.rst:88
#: fe370ac9761b4c33813e2ab760b6c5b8
#: 7241ecee8699453cb3653ef9b5a7eec4
#: 4a03bf636eea4958b259f540baf94ed4
#: 3756a9567a2f43afa67315a502e73271
#: c90f938b47794267896debd72564f1f3
#: 200fbb703d374b83ad4937f7a12e71fc
#: b0680d7feef04d1889bc4332bd53ada2
#: 54fe7b55fd914778976b23b4a22ee67b
#: aab84064aba1435bb518bc2c89dc0b23
msgid "❔"
msgstr ""

#: ../development/specifications.rst:70
#: 1932aed33f0641b0918cdba0c182465f
msgid "`Authelia`_"
msgstr ""

#: ../development/specifications.rst:70
#: ../development/specifications.rst:82
#: a0bd43fc9ae243b6b0e816c45b2019ab
#: 39a9232125a04090ac39f3c791d9454a
msgid "Go"
msgstr ""

#: ../development/specifications.rst:70
#: ../development/specifications.rst:82
#: 9e4aa145d9bf485fb59fa62a453eb512
#: 80e382c657574a728a58742811e7545a
msgid "50k"
msgstr ""

#: ../development/specifications.rst:72
#: b12bc9f3f0ad45f7b8915b9e43c80ede
msgid "`Authentic2`_"
msgstr ""

#: ../development/specifications.rst:72
#: c152fc793e804a8ca40529003bbc316b
msgid "65k"
msgstr ""

#: ../development/specifications.rst:74
#: 6bc4add963f84366b5af45982445732d
msgid "`Authentik`_"
msgstr ""

#: ../development/specifications.rst:74
#: b43fa4a7f1e04088a3cc17cca482aa4c
msgid "55k"
msgstr ""

#: ../development/specifications.rst:76
#: ef33eba5e37c496fb06062c7eed81f32
msgid "`CAS`_"
msgstr ""

#: ../development/specifications.rst:76
#: ../development/specifications.rst:80
#: ../development/specifications.rst:84
#: 3dd6e662c6364da8be52a8f63db745b3
#: b7f1feeb04384ba7aebc2e44a9addd8a
#: b6b77696292048dda54b2366119b4fc5
msgid "Java"
msgstr ""

#: ../development/specifications.rst:76
#: 1d9c7f3f08ba42b888bba17a5ab758c1
msgid "360k"
msgstr ""

#: ../development/specifications.rst:78
#: 84b2c569682549a7bebba0e6731cf972
msgid "`Connect2id`_"
msgstr ""

#: ../development/specifications.rst:80
#: ac8bc932dabf49329bef397f11f352d5
msgid "`Gluu`_"
msgstr ""

#: ../development/specifications.rst:82
#: 540b95fcf809408e8e50876bfc61a3b0
msgid "`Hydra`_"
msgstr ""

#: ../development/specifications.rst:84
#: 36fa1793dc0b4b60a01a50011c44b9d8
msgid "`Keycloak`_"
msgstr ""

#: ../development/specifications.rst:84
#: 6c35a7162ac14857a1483ab0c7fd5fdb
msgid "600k"
msgstr ""

#: ../development/specifications.rst:86
#: 7a090209b0db481b8b1c009cb57259b5
msgid "`LemonLDAP`_"
msgstr ""

#: ../development/specifications.rst:86
#: cc99601f41a340899442bfd7a968dde8
msgid "Perl"
msgstr ""

#: ../development/specifications.rst:86
#: d1d793ed7830411a9bec415252108a17
msgid "130k"
msgstr ""

#: ../development/specifications.rst:88
#: 71e63c0c6c0c49bbb6a77e73f404a184
msgid "`Okta`_"
msgstr ""

#: ../features.rst:9
#: d3728080e2564c25bb4d8a3f93cf6b7c
msgid "Features"
msgstr ""

#: ../features.rst:11
#: ba9f2e2fdf154f5aa0c97c40c1edc453
msgid "Here are the different features that Canaille provides. You can enable any of those features with the :doc:`configuration <references/configuration>` to fit any :doc:`use cases <usecases>` you may meet. Check our  :ref:`roadmap <features:Roadmap>` to see what is coming next."
msgstr ""

#: ../features.rst:15
#: 916b14bf509240b791aebb5db4fa8dd7
msgid "Users can interact with Canaille through its :ref:`web interface <features:Web interface>` and administrators can also use its :ref:`command line interface <features:Command line interface>`. Canaille can handle data stored in different :ref:`database backends <features:Backends>`."
msgstr ""

#: ../features.rst:19
#: cb21d7243d414b5eb24dba79cbf67625
msgid "Web interface"
msgstr ""

#: ../features.rst:21
#: 50fb55f5502741f2a60c863056b1eadb
msgid "Canaille web interface can be used either in :doc:`production environments <tutorial/deployment>` or locally for development purposes."
msgstr ""

#: ../features.rst:26
#: ../index.rst:27
#: 99c0b681c4034067a65a4c516aa0c0f4
#: 900285c9ca974abd87723740190ea571
msgid "Profile management"
msgstr ""

#: ../features.rst:28
#: ../features.rst:217
#: f6720a97a4d54b118189f748efd2fe04
#: 2658799710a14b31955b3f2af174cf0e
msgid "Profile"
msgstr ""

#: ../features.rst:33
#: a25831d5bc2043a0bdcf85a36b756930
msgid "Canaille provides an interface to manage user profiles."
msgstr ""

#: ../features.rst:35
#: 6772c8e867cb4279bd3ac48ed541ad38
msgid "The exact list of displayed fields, and whether they are :attr:`writable <canaille.core.configuration.ACLSettings.WRITE>` or :attr:`read-only <canaille.core.configuration.ACLSettings.READ>` depends on the user :class:`Access Control List settings (ACL) <canaille.core.configuration.ACLSettings>`."
msgstr ""

#: ../features.rst:37
#: 82be57e28b204253948d93f2620def19
msgid "Depending on their ACL :class:`permissions <canaille.core.configuration.Permission>`, users can either be allowed to edit their own profile, edit any user profile, or do nothing at all."
msgstr ""

#: ../features.rst:42
#: 3f146a4167c2497f922be34cc3ecb40a
msgid "Email confirmation"
msgstr ""

#: ../features.rst:44
#: 822fb6a425dd4ec58da857cd101c8683
msgid "If the :attr:`email confirmation feature <canaille.core.configuration.CoreSettings.EMAIL_CONFIRMATION>` is enabled, any modification or addition of a profile email will send a confirmation mail to the new address. The mail will contain a link that users will need to click on to confirm their email address."
msgstr ""

#: ../features.rst:46
#: f362dd1333c14ee48f08d50249818c29
msgid "Users with :attr:`user management permission <canaille.core.configuration.Permission.MANAGE_USERS>` can set user emails without confirmation though."
msgstr ""

#: ../features.rst:51
#: 48f72e26f97749e8b3f22f7ed6b88a3a
msgid "Group management"
msgstr ""

#: ../features.rst:53
#: ../features.rst:140
#: 925474dc81c14e25981b027e4726ca34
#: 002b0a5c430c4a6e9050e7baedb539e0
msgid "Group edition"
msgstr ""

#: ../features.rst:58
#: a1d9120fd66c4b94a759a027f3ee84ed
msgid "In a similar fashion than :ref:`profile management <feature_profile_management>` Canaille provides an interface to manage user groups."
msgstr ""

#: ../features.rst:60
#: 6aec7c1e73254a65a7d92d8963545c9b
msgid "The group management is quite simple at the moment and consists in a group name and description, and the list of its members. Group membership can be use as :attr:`ACL Filter <canaille.core.configuration.ACLSettings.FILTER>` to define user permissions."
msgstr ""

#: ../features.rst:63
#: ../features.rst:83
#: ../features.rst:149
#: ../tutorial/deployment.rst:13
#: 78cfe6a7475340d9a8c6777d1bd99d86
#: a44faf52f7894021a9d1659958b7794c
#: 01869636eca54996a43440161b50a7bd
#: 736a08f5839544d497bc19f692d4a690
msgid "Todo"
msgstr ""

#: ../features.rst:64
#: c7f14813c9d04ab3aeb8846aa7623523
msgid "At the moment adding an user to a group can only be achieved by the user settings page, but we are :issue:`working to improve this <192>`."
msgstr ""

#: ../features.rst:66
#: 74438df8ebb24ad3a3dd5aad414990e2
msgid "Group management can be enable with a :attr:`dedicated user permission <canaille.core.configuration.Permission.MANAGE_GROUPS>`."
msgstr ""

#: ../features.rst:69
#: 8149ffcf24914a2b8e3b4d7eea6a9acc
msgid "Due to limitations in the :ref:`LDAP backend <tutorial/databases:LDAP>`, groups must have at least one member. Thus it is not possible to remove the last user of a group without removing the group."
msgstr ""

#: ../features.rst:75
#: ../index.rst:34
#: 80aeccc2892246548c7ed3321cc51687
#: cb1c7d1522104178b8f10e1e9d11c522
msgid "User authentication"
msgstr ""

#: ../features.rst:77
#: 0681cf5ef96f4cc097a895327ac2077b
msgid "Unless their account is :ref:`locked <feature_account_locking>`, users can authenticate with a login and a password."
msgstr ""

#: ../features.rst:81
#: 4360ad9df4404fea95550212059be35c
msgid "For security reasons, it won't be told to users if they try to sign in with an unexisting logging, unless explicitly :attr:`set in the configuration <canaille.core.configuration.CoreSettings.HIDE_INVALID_LOGINS>`."
msgstr ""

#: ../features.rst:83
#: c849a822890342228f7e5fe119cce1ee
msgid ":ref:`LDAP backend <tutorial/databases:LDAP>` users can define which :class:`user field <canaille.core.models.User>` should be used as the login (such as :attr:`~canaille.core.models.User.user_name` or :attr:`~canaille.core.models.User.emails`) using a :attr:`configuration parameter <canaille.backends.ldap.configuration.LDAPSettings.USER_FILTER>`, but other backends can only login using :attr:`~canaille.core.models.User.user_name`. We are :issue:`working to improve this <196>`."
msgstr ""

#: ../features.rst:88
#: 79a46a9faadf4748bb09a942bd59981f
msgid "User registration"
msgstr ""

#: ../features.rst:90
#: 220c4182e04e49c89f13bad01bd32e36
msgid "Users can create accounts on Canaille if the feature :attr:`registration feature <canaille.core.configuration.CoreSettings.ENABLE_REGISTRATION>` is enabled. They will be able to fill a registration form with the fields detailed in the default :class:`ACL settings <canaille.core.configuration.ACLSettings>`."
msgstr ""

#: ../features.rst:92
#: 16454e0b91824b8a8b3ed4967cca9a5c
msgid "If :attr:`email confirmation <canaille.core.configuration.CoreSettings.EMAIL_CONFIRMATION>` is also enabled, users will be sent a confirmation link to their email address, on which they will need to click in order to finalize their registration."
msgstr ""

#: ../features.rst:97
#: ../features.rst:99
#: 8f466d3f93c44596958c39a50d01c441
#: ad1ee2bf277f4919b66b63f31d9ffee8
msgid "User invitation"
msgstr ""

#: ../features.rst:104
#: e3ddc44b9b0d42bdabb5744fbeca4658
msgid "If a :class:`mail server <canaille.core.configuration.SMTPSettings>` is configured, users with :attr:`user management permission <canaille.core.configuration.Permission.MANAGE_USERS>` can create an invitation link for one user."
msgstr ""

#: ../features.rst:106
#: 419b3c695f784fd99d0c9a691ed8b6f6
msgid "The link goes to a registration form, even if regular :ref:`user registration <feature_user_registration>` is disabled."
msgstr ""

#: ../features.rst:108
#: 07314a85717d4f1e957912d4f5ec89b2
msgid "It can be automatically sent by email to the new user."
msgstr ""

#: ../features.rst:113
#: 5614cd7aa52f423f90abe55bfb024115
msgid "Account locking"
msgstr ""

#: ../features.rst:115
#: 25d995330be84035b80439ae356ee084
msgid "If Canaille is plugged to a :ref:`backend <features:Backends>` that supports it, user accounts can be locked by users with :attr:`user management permission <canaille.core.configuration.Permission.MANAGE_USERS>`. The lock date can be set instantly or at a given date in the future."
msgstr ""

#: ../features.rst:118
#: 9dc244bf19c54bba886b026aa24748f6
msgid "At the moment a user account is locked:"
msgstr ""

#: ../features.rst:120
#: 08ce8bb5b7624788bb7adfd53374f1f3
msgid "their open sessions will be closed;"
msgstr ""

#: ../features.rst:121
#: 56d6a853df93429ca61e18fddd080315
msgid "they won't be able to sign in again;"
msgstr ""

#: ../features.rst:122
#: ec15817f7db74c6b9bfff7edeb894651
msgid "no new OIDC token will be issued;"
msgstr ""

#: ../features.rst:124
#: d4bb63a4baf34c018cc16652853c807b
msgid "User accounts must be manually unlocked by an administrator for the users to regain access to those actions."
msgstr ""

#: ../features.rst:129
#: cd3bf8afc300433c8c4fe0e2a377e596
msgid "Account deletion"
msgstr ""

#: ../features.rst:131
#: e42e818d2c514149b6fc23e1214bc64a
msgid "Users with the :attr:`account deletion permission <canaille.core.configuration.Permission.DELETE_ACCOUNT>` are allowed to delete their own account."
msgstr ""

#: ../features.rst:133
#: 78098750472442119531f450e49991f8
msgid "Users that also have the :attr:`user management permission <canaille.core.configuration.Permission.MANAGE_USERS>` are also allowed to delete other users accounts."
msgstr ""

#: ../features.rst:138
#: 56587947a7dd476f89a0fc35ff15d589
msgid "Password recovery"
msgstr ""

#: ../features.rst:145
#: 5be3a7388baf4084a1810a6057d893ca
msgid "If a :class:`mail server <canaille.core.configuration.SMTPSettings>` is configured and the :attr:`password recovery feature <canaille.core.configuration.CoreSettings.ENABLE_PASSWORD_RECOVERY>` is enabled, then users can ask for a password reset email if they cannot remember their password."
msgstr ""

#: ../features.rst:147
#: 54980b1c088849a4bee743c1aa6babef
msgid "The email will be sent to the email addresses filled in their profile, and will contain a link that will allow them to choose a new password. ."
msgstr ""

#: ../features.rst:151
#: bafa6752106243e287fe4df54428411c
msgid "Check that password recovery is disabled on locked accounts."
msgstr ""

#: ../features.rst:156
#: 034602cdcafc487ebdf479421168a22b
msgid "Password reset"
msgstr ""

#: ../features.rst:158
#: 6f4b1a52b47b42fc98f7aae62c0037cd
msgid "If a :class:`mail server <canaille.core.configuration.SMTPSettings>` is configured, :attr:`user management permission <canaille.core.configuration.Permission.MANAGE_USERS>` can send password reset mails to users. The mails contains a link that allow users to choose a new password without having to retrieve the old one."
msgstr ""

#: ../features.rst:164
#: 9abcaa54c7f8453db0d2414fa8150549
msgid "Password initialization"
msgstr ""

#: ../features.rst:166
#: 84569e018e0741f9bda5de0d3908adf0
msgid "User :attr:`passwords <canaille.core.models.User.password>` are optional. If a :class:`mail server <canaille.core.configuration.SMTPSettings>` is configured, when users with no password attempt to sign in, they are invited to click a button that will send them a password initialization mail. The mail contains a link that leads to a form that allows users to choose a password."
msgstr ""

#: ../features.rst:173
#: 740fd480fdad42c1bfe0dad03831b5ef
msgid "Password compromission check"
msgstr ""

#: ../features.rst:175
#: 107ba5716f3048f6abda84239d3bcd9b
msgid "If :attr:`password compromission check feature <canaille.core.configuration.CoreSettings.ENABLE_PASSWORD_COMPROMISSION_CHECK>` is enabled, Canaille will check for password compromise on HIBP (https://haveibeenpwned.com/) every time a new password is register. You will need to set an :attr:`admin email <canaille.core.configuration.CoreSettings.ADMIN_EMAIL>`."
msgstr ""

#: ../features.rst:180
#: 4a24666b8f694fbaaf66448ce7ca4582
msgid "Internationalization"
msgstr ""

#: ../features.rst:182
#: 9f7481ec42664690815ffae93b9870df
msgid "Translation state"
msgstr ""

#: ../features.rst:187
#: 5c9bed8ebf9a41d5ba8ede6b91685b5d
msgid "Canaile will display in your :attr:`preferred language <canaille.core.models.User.preferred_language>` if available, or your browser language if available (and if it is not you can :ref:`help us with the translation <development/contributing:Code translation>`). If you prefer, you can also :attr:`force a language <canaille.core.configuration.CoreSettings.FAVICON>` for every users."
msgstr ""

#: ../features.rst:193
#: 5fbce499448349e8b41c26077457acab
msgid "Lightweight"
msgstr ""

#: ../features.rst:195
#: 950949481c144a9dac06476aa610b100
msgid "The web interface is lightweight, so everything should load quickly. There is a few Javascript here and there to smooth the experience, but no Javascript at all is needed to use Canaille."
msgstr ""

#: ../features.rst:199
#: 1ad0e7ff86374be882ff45ecec2007cc
msgid "Customizable"
msgstr ""

#: ../features.rst:201
#: 704790185cc0491da1f935987b30e0d6
msgid "The default theme should be good enough for most usages. It has a dark theme, display well on mobile, and let you choose a :attr:`logo <canaille.core.configuration.CoreSettings.LOGO>` and a :attr:`favicon <canaille.core.configuration.CoreSettings.FAVICON>`."
msgstr ""

#: ../features.rst:204
#: 45c9d2f01a994e9bbe4bafd42396fcc3
msgid "If you need more you can also use a :attr:`custom theme <canaille.core.configuration.CoreSettings.THEME>`."
msgstr ""

#: ../features.rst:211
#: f4029da482b54a88b7fa5079b34aab7d
msgid "Canaille implements a :ref:`subset<development/specifications:State of the specs in Canaille>` of the OAuth2/OpenID Connect specifications . This allows to provide :abbr:`SSO (Single Sign-On)` and :abbr:`SLO (Single Log-On)` to applications plugged to Canaille."
msgstr ""

#: ../features.rst:215
#: 2d1299f11a9746678f43f253901ff136
msgid "Consent management"
msgstr ""

#: ../features.rst:223
#: de0506f292fa47cd8c781780cd28fefd
msgid "Users can give their consent to application requesting access to their personal information, and then revoke those consent at their will."
msgstr ""

#: ../features.rst:227
#: 7ecb3fad5e73490cb40d13e9fbbb1496
msgid "Application management"
msgstr ""

#: ../features.rst:229
#: 6c444151153d4866bcf062f0714af865
msgid "Users with the right :attr:`permission <canaille.core.configuration.Permission.MANAGE_OIDC>` can manager OIDC clients through the web interface."
msgstr ""

#: ../features.rst:231
#: 8f28092022844c1597436521771da2fa
msgid "In some cases, it might be useful to avoid the consent page for some trusted applications, so clients can be pre-consented."
msgstr ""

#: ../features.rst:234
#: 22f84eab0c684724a5268751370d1948
msgid "Discovery"
msgstr ""

#: ../features.rst:236
#: 326957127a4c42f1a543312b3def949e
msgid "Canaille implements the :doc:`Discovery specifications <development/specifications>` so most of the applications plugged to Canaille can auto-configure themselves."
msgstr ""

#: ../features.rst:239
#: 881e8483147049c093ed84e09861edf3
msgid "Dynamic Client Registration"
msgstr ""

#: ../features.rst:241
#: 1636c6004a0d4e47bfb58048cf1c4f47
msgid "Canaille implements the :doc:`Dynamic Client Registration specifications <development/specifications>`, so when the :attr:`feature is enabled <canaille.oidc.configuration.OIDCSettings.DYNAMIC_CLIENT_REGISTRATION_OPEN>`, clients can register themselves on Canaille without an administrator intervention."
msgstr ""

#: ../features.rst:246
#: ../references/commands.rst:2
#: 5c4eef6c51b7404bbf5821c0e290f09e
#: d7c8ce5ce720418baf7d3a8cf03fb200
msgid "Command Line Interface"
msgstr ""

#: ../features.rst:248
#: 7999641d72104faf99873e0e66157518
msgid "Canaille comes with a :abbr:`CLI (Command Line Interface)` to help administrators in hosting and management."
msgstr ""

#: ../features.rst:250
#: 34ca6c0b0a90450cabba78ef5cddbd7f
msgid "There are tools to :ref:`check your configuration <cli_check>` or to :ref:`install missing parts <cli_install>`. You can use the CLI to :ref:`create <cli_create>`, :ref:`read <cli_get>`, :ref:`update <cli_set>` and :ref:`delete <cli_delete>` models such as :class:`users <canaille.core.models.User>`, :class:`groups <canaille.core.models.Group>` or  :class:`OIDC clients <canaille.oidc.basemodels.Client>`."
msgstr ""

#: ../features.rst:253
#: 7cf15f82fa2b45ee91656ccce96482b7
msgid "There are also tools to :ref:`fill your database <cli_populate>` with random objects, for tests purpose for instance."
msgstr ""

#: ../features.rst:260
#: d4bbefd205cd41bdbf446f1e4beddd58
msgid "Canaille can handle data from the most :ref:`common SQL databases <tutorial/databases:SQL>` such as PostgreSQL, MariaDB or SQLite, as well as :ref:`OpenLDAP <tutorial/databases:LDAP>`. It also comes with a no-dependency :ref:`in-memory database <tutorial/databases:Memory>` that can be used in unit tests suites."
msgstr ""

#: ../features.rst:264
#: 99a6b339ea3e4d4d89693b5077da81b4
msgid "Miscellaneous"
msgstr ""

#: ../features.rst:269
#: c0a89f70f06e4cf8a45567ea7ad59083
msgid "Logging"
msgstr ""

#: ../features.rst:271
#: 1d62d92d0c584831bc3ebffe6362d968
msgid "Canaille writes :attr:`logs <canaille.core.configuration.CoreSettings.LOGGING>` for every important event happening, to help administrators understand what is going on and debug funky situations."
msgstr ""

#: ../features.rst:273
#: b73dadb152e743a298e3d7696d8917c8
msgid "The following security events are logged with the tag [SECURITY] for easy retrieval :"
msgstr ""

#: ../features.rst:275
#: 9f44a20eafb942d5aec769a302394cb8
msgid "Authentication attempt"
msgstr ""

#: ../features.rst:276
#: c40c4a447557481bb2787425049875a2
msgid "Password update"
msgstr ""

#: ../features.rst:277
#: 0c953f82824842deb60f898786a5996d
msgid "Email update"
msgstr ""

#: ../features.rst:278
#: 430ba4ac93fe4f84a2b03eed728990d9
msgid "Forgotten password mail sent to user"
msgstr ""

#: ../features.rst:279
#: e071c603320741a6844163eb851143af
msgid "Token emission"
msgstr ""

#: ../features.rst:280
#: 6a9bececc5d34250a0a3ef54c79256f6
msgid "Token refresh"
msgstr ""

#: ../features.rst:281
#: b83cf2d3b0de48efb3352ff39faf587b
msgid "Token revokation"
msgstr ""

#: ../features.rst:282
#: 5679400eeab743e887c45840461900ff
msgid "New consent given for client application"
msgstr ""

#: ../features.rst:283
#: ae032e3dbfa44e569eefa9880070f4e3
msgid "Consent revokation"
msgstr ""

#: ../features.rst:288
#: abbe3f0c29d846f7ae3605651449f229
msgid "A tool for your development and tests"
msgstr ""

#: ../features.rst:290
#: 75f56c18b93d4b6d8d309d4c0a2f5719
msgid "Thanks to its lightweight :ref:`in-memory database <tutorial/databases:Memory>` and its curated :ref:`dependency list <tutorial/install:Get the code>`, Canaille can be used in the unit test suite of your application, so you can check how it behaves against a real world OpenID Connect server. If you work with python you might want to check :doc:`pytest-iam:index`."
msgstr ""

#: ../features.rst:292
#: 5b6e352eea6d43ab935c9a7f9c2b3f40
msgid "It can also being launched in your development environment, if you find that launching a Keycloak in a Docker container is too heavy for your little web application."
msgstr ""

#: ../features.rst:294
#: e9be6125bb3f461b9f0dbf0eda4419c9
msgid "It also fits well in continuous integration scenarios. Thanks to its :ref:`CLI <feature_cli>`, you can prepare data in Canaille, let your application interact with it, and then check the side effects."
msgstr ""

#: ../features.rst:297
#: b0b8ba66d7f54017a0beda39b7cb8822
msgid "Roadmap"
msgstr ""

#: ../features.rst:300
#: 9931c30ac1e545f59398b131ed30108f
msgid "Bêta version"
msgstr ""

#: ../features.rst:302
#: c228bd0a329f427d86e683017e7661e7
msgid "To go out of the current Alpha version we want to achieve the following tasks:"
msgstr ""

#: ../features.rst:304
#: 98526c0e87094a39802455025c25f0b4
msgid ":issue:`Configuration validation using pydantic <138>`"
msgstr ""

#: ../features.rst:307
#: b7967bfe65e1409fa6fde16667f0c5e3
msgid "Stable version"
msgstr ""

#: ../features.rst:309
#: a45163cc9809462b8108fb844aacc4a0
msgid "Before we push Canaille in stable version we want to achieve the following tasks:"
msgstr ""

#: ../features.rst:312
#: 4b21ac630460405788b1942c7bd42002
msgid "Security"
msgstr ""

#: ../features.rst:314
#: be315230d7144b0f87850d2fa1857903
msgid ":issue:`Password hashing configuration <175>`"
msgstr ""

#: ../features.rst:315
#: 057a42138afc4bf09b672b124b2427c2
msgid ":issue:`Authentication logging policy <177>`"
msgstr ""

#: ../features.rst:316
#: 69727411ac534eb4a5d7c9878a3a9259
msgid ":issue:`Intruder lockout <173>`"
msgstr ""

#: ../features.rst:317
#: 3aaa926ecf3742fd9f958c6289c07e28
msgid ":issue:`Password expiry policy <176>`"
msgstr ""

#: ../features.rst:318
#: cbaccc55230e4715ae21da73acf1fda7
msgid ":issue:`Multi-factor authentication: Email <47>`"
msgstr ""

#: ../features.rst:319
#: 03b9b97e12804fb6a3f9bde3797f96de
msgid ":issue:`Multi-factor authentication: SMS <47>`"
msgstr ""

#: ../features.rst:320
#: d1585c695fb34b31a2f4155e25a0ce21
msgid ":issue:`Multi-factor authentication: OTP <47>`"
msgstr ""

#: ../features.rst:323
#: 98cac710360c483c817392bdee691e42
msgid "Packaging"
msgstr ""

#: ../features.rst:325
#: d4918418360847039125e403638b1770
msgid ":issue:`Nix package <190>`"
msgstr ""

#: ../features.rst:326
#: 069d4b7f7c9c455890ccf4a3178ae966
msgid ":issue:`Docker / OCI package <59>`"
msgstr ""

#: ../features.rst:329
#: 4806bad1903f46cf8cb62f032e60d325
msgid "And beyond"
msgstr ""

#: ../features.rst:331
#: c9daf05da01f49f39133e2ea581eb74a
msgid ":issue:`OpenID Connect certification <182>`"
msgstr ""

#: ../features.rst:332
#: 54a025190082451f8b269e466e4b45d5
msgid ":issue:`SCIM support <116>`"
msgstr ""

#: ../index.rst:15
#: 717a8f7e969a4b8b8adaea1ba8291c47
msgid "Lightweight Identity and Authorization Management"
msgstr ""

#: ../index.rst:19
#: 456fa1eddc78428da5560e87622dabf5
msgid "**Canaille** is a French word meaning *rascal*. It is roughly pronounced **Can I?**, as in *Can I access your data?* Canaille is a lightweight identity and authorization management software. It aims to be very light, simple to install and simple to maintain. Its main features are :"
msgstr ""

#: ../index.rst:31
#: 91e28418f0f241a99340fd5f989b4876
msgid "User profile and groups management, Basic permissions"
msgstr ""

#: ../index.rst:38
#: 2a106e9c196f406586793a2f5b7066fb
msgid "Authentication, registration, email confirmation, \"I forgot my password\" emails"
msgstr ""

#: ../index.rst:40
#: b25dbd93717d433288aba207dcab7afa
msgid "SSO"
msgstr ""

#: ../index.rst:44
#: f37a5384d747493e8ef2874dfb07ecb3
msgid "OpenID Connect identity provider"
msgstr ""

#: ../index.rst:46
#: 62957b4610794c3d8ee8468b997de1f5
msgid "Multi-database support"
msgstr ""

#: ../index.rst:50
#: 5932f3e36f0648e497da180913d3fa3c
msgid "PostgreSQL, Mariadb and OpenLDAP first-class citizenship"
msgstr ""

#: ../index.rst:52
#: 8eb44391147d4534b8fa543e3e91bbf7
msgid "Customization"
msgstr ""

#: ../index.rst:56
#: 3a4e05ddb2b44ea798b34cf1190c4127
msgid "Put Canaille at yours colors by choosing a logo or use a custom theme!"
msgstr ""

#: ../index.rst:58
#: 3e346f4e0c524e66800599dba3bad2c1
msgid "Developers friendliness"
msgstr ""

#: ../index.rst:62
#: 82d294ca62e94a3dbc7ccc59441f8cff
msgid "Canaille can easily fit in your unit tests suite or in your Continuous Integration."
msgstr ""

#: ../index.rst:66
#: ca203799d67d4ea19c7d002fab89e084
msgid ":doc:`Full feature list <features>`"
msgstr ""

#: ../references/commands.rst:4
#: 032d1aefa986496d81ea101048303dc4
msgid "Canaille provide several commands to help administrator manage their data."
msgstr ""

#: ../references/commands.rst:6
#: f8979d0a813840e29cfa5dcfbd832593
msgid "Generally, some configuration has to be loaded by `Canaille`. This can be achieved by :ref:`configuration loading method<references/configuration:Load the configuration>` available, but most of the time a ``CONFIG`` environment variable is used. For the sake of readability, it is omitted in the following examples."
msgstr ""

#: ../../canaille check:1
#: 9b933dce55534de696739a2ef2cb9ae3
msgid "Test the configuration file."
msgstr ""

#: ../../canaille check:1
#: 4547c0ffa69d4344926208619d65e64d
msgid "Attempt to reach the database and the SMTP server with the provided credentials."
msgstr ""

#: ../../canaille clean:1
#: c50d68d0a71f4c6596b63f1f815ef9f4
msgid "Remove expired tokens and authorization codes."
msgstr ""

#: ../../canaille install:1
#: 6aeaf218d1944468859685bc0ea662bd
msgid "Installs canaille elements from the configuration."
msgstr ""

#: ../../canaille install:1
#: ed70f160d30b47f29b255f23d7c011e7
msgid "For instance, depending on the configuration, this can generate OIDC keys or install LDAP schemas."
msgstr ""

#: ../../canaille populate:1
#: e86a8649cb9f46a4bb2bcdabf991cecb
msgid "Populate the database with generated random data."
msgstr ""

#: ../references/commands.rst:0
#: acd144db729c43a3a7591030819afd41
#: ae9b83a6622c4277a28e56c4cd83332e
#: 3cfed0a24144434dbd92de23dd88af56
#: 3412cc1be32349eab15cc5fc983380fc
#: ede5c1173e0d4fa29420d45adfdad474
#: 34e6794184c54fc38ce6b92e9d551c78
#: 8bc7199231044aebbcff30ea42e93242
#: d109c1da587f4c19ae5d5df580ac0ac4
#: c79a704151c74bad91ba9fcc346d35dc
#: 55fea7afaf9242749c17d23afa48f19d
#: 35fff0a31f6d49228a01a8e4267a8811
#: f22e9630fbcc450796c7bb811b346088
#: aa813697f3bd431ba876e424ba397b2a
#: fb1bb8dbaceb4922a86cef98bffe09f9
#: 0e4439ecf857495685d5583b2906c94f
#: c18d543dee1d4f45ae5932fa0159112f
#: c09831ca00254c0d9fd7619529bbae7c
#: 1808f87cce7a49acb105b705ff637768
#: 586cc8ae8aa144aeb8d7eab0aca4973f
#: 5c82873d77c4466399d294097fed0ec6
msgid "Options"
msgstr ""

#: ../../canaille populate:1
#: 201352b8571349268d85da53462bbfa0
msgid "Number of items to create"
msgstr ""

#: ../../canaille populate groups:1
#: cc9fa353c7d1475dae1ed2b0d07a184b
msgid "Populate the database with generated random groups."
msgstr ""

#: ../../canaille populate groups:1
#: e431c85e5f2e489d8443e2e1e5c9b858
msgid "The maximum number of users that will randomly be affected in the group"
msgstr ""

#: ../../canaille populate users:1
#: e6bbeeb3a73c4c61bfea3071803e79ad
msgid "Populate the database with generated random users."
msgstr ""

#: ../../canaille get:1
#: 152af63637314ddb9eb28a104d80e064
msgid "Read information about models."
msgstr ""

#: ../../canaille get:1
#: 73902fe602ea40e2b45df290fca7d732
msgid "Options can be used to filter models::"
msgstr ""

#: ../../canaille get:1
#: 6e858d49ff1c4f169788d7aceb3ee0e3
msgid "Displays the matching models in JSON format in the standard output."
msgstr ""

#: ../../canaille get authorizationcode:1
#: 9e22801a4c464324b5498517f90c45b5
msgid "Search for authorizationcodes and display the matching models as JSON."
msgstr ""

#: ../../canaille get client:1
#: 18bcdb81f8f14567872de45139fe7a56
msgid "Search for clients and display the matching models as JSON."
msgstr ""

#: ../../canaille get consent:1
#: d1f785fe0f9a452faa46eef1808fafbb
msgid "Search for consents and display the matching models as JSON."
msgstr ""

#: ../../canaille get group:1
#: 00e4e539740648fbb13ef18f8c310667
msgid "Search for groups and display the matching models as JSON."
msgstr ""

#: ../../canaille get token:1
#: 2a9ae0190aba4affac36e26e7d9f5b7a
msgid "Search for tokens and display the matching models as JSON."
msgstr ""

#: ../../canaille get user:1
#: 17bf9a05a5de48948651ddca0c00d057
msgid "Search for users and display the matching models as JSON."
msgstr ""

#: ../../canaille set:1
#: 88c96211ecd3408687a948cd33d03d83
msgid "Update models."
msgstr ""

#: ../../canaille set:1
#: ae77426832c54d489ab89965eb805521
msgid "The command takes an model ID and edit one or several attributes::"
msgstr ""

#: ../../canaille set:1
#: 656f905e750348c4ba974d754a8cb246
msgid "Displays the edited model in JSON format in the standard output."
msgstr ""

#: ../../canaille set authorizationcode:1
#: 09382705e3494158b5675a8d9d0551ec
msgid "Update a authorizationcode and display the edited model in JSON format in the standard output."
msgstr ""

#: ../../canaille delete authorizationcode:1
#: ../../canaille set authorizationcode:1
#: d593e56f0cc847cab30b8c3622bde2de
#: 39618e26522c4b7e98c08fd2c6c7b475
msgid "IDENTIFIER should be a authorizationcode id or authorization_code_id"
msgstr ""

#: ../references/commands.rst:0
#: 58f751256f424620ad6c3f4fb476bc5f
#: 9ac93753d9234b6e8a0b43811d176d9e
#: 205b006279194f6cbe9ff2cbe6ee99a0
#: 8261fcbce0624ef3a52f7e2a861b80a2
#: 3359278740854cd586c75b64002451c2
#: 4461874fff904c04bb0c887d1a7834ff
#: 8711f8fe555849cc819f64cbbc8abaaf
#: 08b98a1214824adb927256e3e528255a
#: 6779d2a75b3b41f4a0ce6fceb88801af
#: 192a1d8eba07461b94c318f395b47189
#: 1bf45945b06f418e9d27a2ac83f4ce7f
#: b7d629e83d8d4505b84e657c5b53c175
msgid "Arguments"
msgstr ""

#: ../../canaille delete authorizationcode:1
#: ../../canaille delete client:1
#: ../../canaille delete consent:1
#: ../../canaille delete group:1
#: ../../canaille delete token:1
#: ../../canaille delete user:1
#: ../../canaille set authorizationcode:1
#: ../../canaille set client:1
#: ../../canaille set consent:1
#: ../../canaille set group:1
#: ../../canaille set token:1
#: ../../canaille set user:1
#: a80f356ddf14415bace8626bfb2a62de
#: e675b33821ca4db7952990f7eb08b758
#: 2d7c24ea7eea4a79852eb8d45266038a
#: dac6a2ea4d4c4450aa1d6919816a143b
#: b072178ec9c34a15b0fb185957b462c6
#: 2ca34c88756e4080af0bc13ae437ad1e
#: 3bc2f37c1d4348a0aa1952d024a2e0a2
#: 1c54e84b2d9d42688830d196a86d76b4
#: de6e6302aae64fb7b41c6a5c2d604919
#: 0603a17b746e4bc9b55c8cd114d5b3a5
#: 5455ea6ec000492f8f21b113b1ca5fb6
#: 50028ab4e00d4c14a612c4dc43534209
msgid "Required argument"
msgstr ""

#: ../../canaille set client:1
#: f981a19bf47047a49b0f8df273e2a7b0
msgid "Update a client and display the edited model in JSON format in the standard output."
msgstr ""

#: ../../canaille delete client:1
#: ../../canaille set client:1
#: f5db61d118274aa8b7f87d97c437cf85
#: f57cbc50e6c14e2b8df13576a7c00f79
msgid "IDENTIFIER should be a client id or client_id"
msgstr ""

#: ../../canaille set consent:1
#: 56b8d768182c4e43a3f418c886996005
msgid "Update a consent and display the edited model in JSON format in the standard output."
msgstr ""

#: ../../canaille delete consent:1
#: ../../canaille set consent:1
#: 86b82556feec4c9db183e1645313ab63
#: 296b6bbc33534de48fc50c2c9f9c039a
msgid "IDENTIFIER should be a consent id or consent_id"
msgstr ""

#: ../../canaille set group:1
#: 852f7d1079a344358d797cce428bfb88
msgid "Update a group and display the edited model in JSON format in the standard output."
msgstr ""

#: ../../canaille delete group:1
#: ../../canaille set group:1
#: 7a8a9643dfe449baab51ebe894038147
#: 98b025d5c9c74c89b6938cf02b1b6e46
msgid "IDENTIFIER should be a group id or display_name"
msgstr ""

#: ../../canaille set token:1
#: e7b50c2ca60e41a39507b9faef3cea21
msgid "Update a token and display the edited model in JSON format in the standard output."
msgstr ""

#: ../../canaille delete token:1
#: ../../canaille set token:1
#: b5270ecfea7b4470919d6ac9832f9576
#: 8b4bd0b39d844867b3a0df6ad1308ed2
msgid "IDENTIFIER should be a token id or token_id"
msgstr ""

#: ../../canaille set user:1
#: 6bfe44a2c6fe4e98840ff0601db39629
msgid "Update a user and display the edited model in JSON format in the standard output."
msgstr ""

#: ../../canaille delete user:1
#: ../../canaille set user:1
#: e4f656a2a31740af9208ebb1a8bce7f8
#: af18bec2ab42413aa716c951b729fcea
msgid "IDENTIFIER should be a user id or user_name"
msgstr ""

#: ../../canaille create:1
#: 603d9c1c52214b3a9f34fcfc2ed86090
msgid "Create models."
msgstr ""

#: ../../canaille create:1
#: 654ba9aa3366413f988edd5b56595d7f
msgid "The model attributes can be passed as command options::"
msgstr ""

#: ../../canaille create:1
#: b5f5bfdeb31b4d00905b26e5fff361d4
msgid "Displays the created model in JSON format in the standard output."
msgstr ""

#: ../../canaille create authorizationcode:1
#: 77e0b4c3d56a4f1089af790d0bc3a836
msgid "Create a new authorizationcode and display the created model in JSON format in the standard output."
msgstr ""

#: ../../canaille create client:1
#: 069c5841a98b40999dc8c978e119bf49
msgid "Create a new client and display the created model in JSON format in the standard output."
msgstr ""

#: ../../canaille create consent:1
#: 2c06ff74c2ba479ba7784ae51b89355d
msgid "Create a new consent and display the created model in JSON format in the standard output."
msgstr ""

#: ../../canaille create group:1
#: 18731192efb440d0b09f72c8da19cbc7
msgid "Create a new group and display the created model in JSON format in the standard output."
msgstr ""

#: ../../canaille create token:1
#: 51cc94a5f7cc4a21957966b725d6fc50
msgid "Create a new token and display the created model in JSON format in the standard output."
msgstr ""

#: ../../canaille create user:1
#: b2f92c6088be42869ef951f1e7a23035
msgid "Create a new user and display the created model in JSON format in the standard output."
msgstr ""

#: ../../canaille delete:1
#: 93ad9c8815e04056a279299ff8abd8ce
msgid "Delete models."
msgstr ""

#: ../../canaille delete:1
#: d69d5bccdee34e4195fb12a3e2556e39
msgid "The command takes a model ID and deletes it::"
msgstr ""

#: ../../canaille delete authorizationcode:1
#: 578c13a863f644738f4868047de07671
msgid "Delete a authorizationcode."
msgstr ""

#: ../../canaille delete client:1
#: 8611ba2a271c47bbb67515206c8c5b73
msgid "Delete a client."
msgstr ""

#: ../../canaille delete consent:1
#: 8bbb316ebef443f7adb1407a5b485082
msgid "Delete a consent."
msgstr ""

#: ../../canaille delete group:1
#: 3c29a028f47c49baabaf516c5ac756e3
msgid "Delete a group."
msgstr ""

#: ../../canaille delete token:1
#: 5b9984cd458b4ddd9fe04bb6aa2eef82
msgid "Delete a token."
msgstr ""

#: ../../canaille delete user:1
#: 6f3a08712d8e4dfc8635ba36e1477426
msgid "Delete a user."
msgstr ""

#: ../references/configuration.rst:2
#: 7962a131e6da45279f29dfb18ae67030
msgid "Configuration"
msgstr ""

#: ../references/configuration.rst:5
#: 817e87142b644cb7be4a2a2aba700e79
msgid "Load the configuration"
msgstr ""

#: ../references/configuration.rst:7
#: ba05107c6442491ca26a5c436f84fb2c
msgid "Canaille can be configured either by a environment variables, environment file, or by a configuration file."
msgstr ""

#: ../references/configuration.rst:10
#: 2380d91c2cea4548b0f6db4bb24c8dd7
msgid "Configuration file"
msgstr ""

#: ../references/configuration.rst:12
#: 7958844435a94381903e1de569a86a57
msgid "The configuration can be written in `toml` configuration file which path is passed in the :envvar:`CONFIG` environment variable."
msgstr ""

#: ../../canaille/app/configuration.py:docstring of canaille.app.configuration.RootSettings:11
#: ../references/configuration.rst:14
#: ../references/configuration.rst:85
#: ../tutorial/databases.rst:23
#: ../tutorial/databases.rst:37
#: a7a34cdb91804bed93b42facb5f09993
#: 3af7b0ad54ce4e1d8b443253251b14f8
#: e3a55c79e7c842c9be0fc76855368436
#: e973e3e3f96a4f4d8cb6b4f65c5612f7
#: 76bc6d41e3ae43ada2460c4cdfb49de8
msgid "config.toml"
msgstr ""

#: ../references/configuration.rst:26
#: 644142ab9cb74899a62be86e3bba749b
msgid "You can have a look at the :ref:`example file <references/configuration:Example file>` for inspiration."
msgstr ""

#: ../references/configuration.rst:29
#: 1c69be57aca540c98e722ff2276703b8
msgid "Environment variables"
msgstr ""

#: ../references/configuration.rst:31
#: da85dc6fd02a45a789748f0ec17b4e89
msgid "In addition, parameters that have not been set in the configuration file can be read from environment variables. The way environment variables are parsed can be read from the `pydantic-settings documentation <https://docs.pydantic.dev/latest/concepts/pydantic_settings/#parsing-environment-variable-values>`_."
msgstr ""

#: ../references/configuration.rst:36
#: 69417ab884ee42e6808dd9eab2beddce
msgid "For environment vars, the separator between sections and variables is a double underscore: ``__``. For instance, the ``NAME`` var in the ``CANAILLE`` section shown above is ``CANAILLE__NAME``."
msgstr ""

#: ../references/configuration.rst:40
#: b69e4d6753b841ad82bbe9ea7c33c0e4
msgid "Environment file"
msgstr ""

#: ../references/configuration.rst:42
#: 20d741584a984ca39a3ecb59e76950d4
msgid "Any environment variable can also be written in a ``.env``, and will be read if present."
msgstr ""

#: ../references/configuration.rst:44
#: 18ca9f3c5dcd4c36aec0ff6e5727d5e0
msgid ".env"
msgstr ""

#: ../references/configuration.rst:62
#: 0e5b619b08e7414d8e529d9297fb1e7d
msgid "Parameters"
msgstr ""

#: ../../canaille/app/configuration.py:docstring of canaille.app.configuration.RootSettings:1
#: 791c639fd1d348e792cb990516fbb286
msgid "The top-level namespace contains holds the configuration settings unrelated to Canaille."
msgstr ""

#: ../../canaille/app/configuration.py:docstring of canaille.app.configuration.RootSettings:4
#: 861395c17af04cb591af5e96664eea5e
msgid "The configuration paramateres from the following libraries can be used:"
msgstr ""

#: ../../canaille/app/configuration.py:docstring of canaille.app.configuration.RootSettings:6
#: 128815abe24d4aa195be945ebd1eefec
msgid ":doc:`Flask <flask:config>`"
msgstr ""

#: ../../canaille/app/configuration.py:docstring of canaille.app.configuration.RootSettings:7
#: b85b953781044907978edbd58f9b0e7c
msgid ":doc:`Flask-WTF <flask-wtf:config>`"
msgstr ""

#: ../../canaille/app/configuration.py:docstring of canaille.app.configuration.RootSettings:8
#: bf2f0c41b19d4c6d818e3271f7d7090a
msgid ":doc:`Flask-Babel <flask-babel:index>`"
msgstr ""

#: ../../canaille/app/configuration.py:docstring of canaille.app.configuration.RootSettings:9
#: 2e442fc811184ebaad6ed93cbbf85667
msgid ":doc:`Authlib <authlib:flask/2/authorization-server>`"
msgstr ""

#: ../../docstring of canaille.app.configuration.RootSettings.DEBUG:1
#: 44d7f5737e1f4f05bf9585e90b30acc8
msgid "The Flask :external:py:data:`DEBUG` configuration setting."
msgstr ""

#: ../../docstring of canaille.app.configuration.RootSettings.DEBUG:3
#: 7f957842ebd2454496fca244ea6133a0
msgid "This enables debug options."
msgstr ""

#: ../../docstring of canaille.app.configuration.RootSettings.DEBUG:7
#: f44bd4fd33dd41b8ad8bdb1c0f293304
msgid "This is useful for development but should be absolutely avoided in production environments."
msgstr ""

#: ../../docstring of canaille.app.configuration.RootSettings.PREFERRED_URL_SCHEME:1
#: 71ef18f3c1e24c64955eb3709c5f60d8
msgid "The Flask :external:py:data:`PREFERRED_URL_SCHEME` configuration setting."
msgstr ""

#: ../../docstring of canaille.app.configuration.RootSettings.PREFERRED_URL_SCHEME:4
#: a8c0d607af3f4abd85f4fc235509869d
msgid "This sets the url scheme by which canaille will be served."
msgstr ""

#: ../../docstring of canaille.app.configuration.RootSettings.SECRET_KEY:1
#: 62203acb719b4e6d96cc025d58484a1e
msgid "The Flask :external:py:data:`SECRET_KEY` configuration setting."
msgstr ""

#: ../../docstring of canaille.app.configuration.RootSettings.SECRET_KEY:3
#: 0ed3cfbee7894619ad4bbd0501873853
msgid "You MUST change this."
msgstr ""

#: ../../docstring of canaille.app.configuration.RootSettings.SERVER_NAME:1
#: af766648cf9842159f4f7d294f7eb981
msgid "The Flask :external:py:data:`SERVER_NAME` configuration setting."
msgstr ""

#: ../../docstring of canaille.app.configuration.RootSettings.SERVER_NAME:3
#: e1605dcf629741598750b9f540926025
msgid "This sets domain name on which canaille will be served."
msgstr ""

#: ../../canaille/core/configuration.py:docstring of canaille.core.configuration.CoreSettings:1
#: 9a54f6ca9e944a58a14619128ce4281f
msgid "The settings from the ``CANAILLE`` namespace."
msgstr ""

#: ../../canaille/core/configuration.py:docstring of canaille.core.configuration.CoreSettings:3
#: cb35701f7ccd4bf086c43557b821a4f9
msgid "Those are all the configuration parameters that controls the behavior of Canaille."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.ACL:1
#: a3bff7c066b44abba1acdbcfefc0a280
msgid "Mapping of permission groups. See :class:`ACLSettings` for more details."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.ACL:3
#: 3939b33e562846619b2d47e433bbeb8c
msgid "The ACL name can be freely chosen. For example::"
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.ADMIN_EMAIL:1
#: 46f7381cb12740678e448512de20c117
msgid "Administration email contact."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.ADMIN_EMAIL:3
#: a1ae2edd27e64053ba5d01f253e32f47
msgid "In certain special cases (example : questioning about password corruption), it is necessary to provide an administration contact email."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.EMAIL_CONFIRMATION:1
#: 8d2f34d5861642d6915ac0b42a30dbde
msgid "If :py:data:`True`, users will need to click on a confirmation link sent by email when they want to add a new email."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.EMAIL_CONFIRMATION:4
#: 9f70fe2b56db4c1c81bec250f483d68f
msgid "By default, this is true if ``SMTP`` is configured, else this is false. If explicitly set to true and ``SMTP`` is disabled, the email field will be read-only."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.ENABLE_PASSWORD_COMPROMISSION_CHECK:1
#: 8a65cf51a52449129bcb0746bcffa046
msgid "If :py:data:`True`, Canaille will check if passwords appears in compromission databases such as `HIBP <https://haveibeenpwned.com>`_ when users choose a new one."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.ENABLE_PASSWORD_RECOVERY:1
#: 776ad474178b4e959ad82fc032219c8e
msgid "If :py:data:`False`, then users cannot ask for a password recovery link by email."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.ENABLE_REGISTRATION:1
#: 12acca4e0f094e20bb5a270c8d97d99a
msgid "If :py:data:`True`, then users can freely create an account at this instance."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.ENABLE_REGISTRATION:4
#: 840e49d2e9264d68b5d1cbd9b143ceb7
msgid "If email verification is available, users must confirm their email before the account is created."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.FAVICON:1
#: 0d50af61aaba444b9e103ff521254ca0
msgid "You favicon."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.FAVICON:3
#: 59e60f97c84240169af8df01bbace81d
msgid "If unset and :attr:`LOGO` is set, then the logo will be used."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.HIDE_INVALID_LOGINS:1
#: b3571ea7fa4b4df8a0ee8eb34b404c7a
msgid "If :py:data:`True`, when users try to sign in with an invalid login, a message is shown indicating that the password is wrong, but does not give a clue whether the login exists or not."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.HIDE_INVALID_LOGINS:5
#: 41f2e49e5856444fa23ac6d5fbaf358a
msgid "If :py:data:`False`, when a user tries to sign in with an invalid login, a message is shown indicating that the login does not exist."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.HTMX:1
#: 454a4dc93f8145b39d2f0849e79254eb
msgid "Accelerates webpages loading with asynchronous requests."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.INVITATION_EXPIRATION:1
#: a533c6a616404640af514d077f3349cc
msgid "The validity duration of registration invitations, in seconds."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.INVITATION_EXPIRATION:3
#: 4426e58deafa457db438250ea2123074
msgid "Defaults to 2 days."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.JAVASCRIPT:1
#: 17488de94ce44513b653f1862c7e10d4
msgid "Enables Javascript to smooth the user experience."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.LANGUAGE:1
#: 267b78dfc63140b1a9c72dfc30bb9b2d
msgid "If a language code is set, it will be used for every user."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.LANGUAGE:3
#: 22134d36163549ceaffd20331efe914f
msgid "If unset, the language is guessed according to the users browser."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.LOGGING:1
#: 1a9c6c0024604e9686555ac6e59704bc
msgid "Configures the logging output using the python logging configuration format:"
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.LOGGING:3
#: 95c8e536640848c0b8b98e3d656caa74
msgid "if :py:data:`None`, everything is logged in the standard error output the log level is :py:data:`~logging.DEBUG` if the :attr:`~canaille.app.configuration.RootSettings.DEBUG` setting is :py:data:`True`, else this is :py:data:`~logging.INFO`"
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.LOGGING:6
#: c594e259fd604e4c90e1b6065dc163e2
msgid "if this is a :class:`dict`, it is passed to :func:`logging.config.dictConfig`:"
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.LOGGING:7
#: 011a9cbe80824880a48ed94ad95dfdf1
msgid "if this is a :class:`str`, it is expected to be a file path that will be passed to :func:`logging.config.fileConfig`"
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.LOGGING:10
#: 57acbce67efa44b28945add32352fbdf
msgid "For example::"
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.LOGO:1
#: d0674fcab90a46c28d56a6f365f0188f
msgid "The logo of your organization, this is useful to make your organization recognizable on login screens."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.MAX_PASSWORD_LENGTH:1
#: 58464e3876b545c1a32c812ebfa29005
msgid "Maximum length for user password."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.MAX_PASSWORD_LENGTH:3
#: 6861aa0b2a304a42bd0238b7f2ef485d
msgid "There is a technical limit with passlib used by sql database of 4096 characters. If the value entered is 0 or None, or greater than 4096, then 4096 will be retained."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.MIN_PASSWORD_LENGTH:1
#: 82a4eb15b3e842929bf67fa5d0ca11cd
msgid "Minimum length for user password."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.MIN_PASSWORD_LENGTH:3
#: 063f88a1b31b4a01b88d78fa9b6d3f39
msgid "It is possible not to set a minimum, by entering None or 0."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.NAME:1
#: e92611023732499cbaea77efd690057a
msgid "Your organization name."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.NAME:3
#: 1441cf7bd4ae459299474ece36c4cc74
msgid "Used for display purpose."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.PASSWORD_COMPROMISSION_CHECK_API_URL:1
#: 36e2b75dbf244ffdbd20617f4b335420
msgid "Have i been pwned api url for compromission checks."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.SENTRY_DSN:1
#: 6f23592b1cb74c1a9892c485b59659c8
msgid "A `Sentry <https://sentry.io>`_ DSN to collect the exceptions."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.SENTRY_DSN:3
#: f211dffdef8546eea858b1b9d597b894
msgid "This is useful for tracking errors in test and production environments."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.SMTP:1
#: de63624fd2da4c54bf615f3efcf95d0e
msgid "The settings related to SMTP and mail configuration."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.SMTP:3
#: 4a8b43ab10da4417be79e7131dfa060f
msgid "If unset, mail-related features like password recovery won't be enabled."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.THEME:1
#: b8ac34a988bb4014ad7ae747247a72c4
msgid "The name of a theme in the 'theme' directory, or a path to a theme."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.THEME:3
#: 2e2df83a5f83492faf2d4341f5f3b7b6
msgid "Defaults to ``default``. Theming is done with `flask-themer <https://github.com/tktech/flask-themer>`_."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.TIMEZONE:1
#: 97d945e9085943b2aca290115c964809
msgid "The timezone in which datetimes will be displayed to the users (e.g. ``CEST``)."
msgstr ""

#: ../../docstring of canaille.core.configuration.CoreSettings.TIMEZONE:4
#: fed392b95f8543d79691a1b1714f5977
msgid "If unset, the server timezone will be used."
msgstr ""

#: ../../canaille/core/configuration.py:docstring of canaille.core.configuration.SMTPSettings:1
#: c950729a93064d8ea627986f85fb6d0f
msgid "The SMTP configuration. Belong in the ``CANAILLE.SMTP`` namespace. If unset, mail related features will be disabled, such as mail verification or password recovery emails."
msgstr ""

#: ../../canaille/core/configuration.py:docstring of canaille.core.configuration.SMTPSettings:5
#: ae1ea1e7c73c420f816084394306ba47
msgid "By default, Canaille will try to send mails from localhost without authentication."
msgstr ""

#: ../../docstring of canaille.core.configuration.SMTPSettings.FROM_ADDR:1
#: f785744b560c40f1b2800d7ca351ea04
msgid "The sender for Canaille mails."
msgstr ""

#: ../../docstring of canaille.core.configuration.SMTPSettings.FROM_ADDR:3
#: febe818e7af94f76b1a3dd09c37156f3
msgid "Some mail provider might require a valid sender address."
msgstr ""

#: ../../docstring of canaille.core.configuration.SMTPSettings.HOST:1
#: a69855a6e70b4d919aea5fecdcf44595
msgid "The SMTP host."
msgstr ""

#: ../../docstring of canaille.core.configuration.SMTPSettings.LOGIN:1
#: 3d4f216488a544569ba4a106c0bfc1cf
msgid "The SMTP login."
msgstr ""

#: ../../docstring of canaille.core.configuration.SMTPSettings.PASSWORD:1
#: 1064eb67ae0743fb9972e096ea00fd7e
msgid "The SMTP password."
msgstr ""

#: ../../docstring of canaille.core.configuration.SMTPSettings.PORT:1
#: 63ad2686b92a42b6bdba3ac753370d0f
msgid "The SMTP port."
msgstr ""

#: ../../docstring of canaille.core.configuration.SMTPSettings.SSL:1
#: a5b9bc6cc58946b291f72ba43c77c837
msgid "Whether to use SSL to connect to the SMTP server."
msgstr ""

#: ../../docstring of canaille.core.configuration.SMTPSettings.TLS:1
#: bb2ffd5117a74ed0b828c7e9b643ff6c
msgid "Whether to use TLS to connect to the SMTP server."
msgstr ""

#: ../../canaille/core/configuration.py:docstring of canaille.core.configuration.ACLSettings:1
#: 789f36d197fb453c91eb6f8e05fc4f25
msgid "Access Control List settings. Belong in the ``CANAILLE.ACL`` namespace."
msgstr ""

#: ../../canaille/core/configuration.py:docstring of canaille.core.configuration.ACLSettings:3
#: 4bd657174e0143af9b9fbc0519d501e9
msgid "You can define access controls that define what users can do on canaille An access control consists in a :attr:`FILTER` to match users, a list of :attr:`PERMISSIONS` matched users will be able to perform, and fields users will be able to :attr:`READ` and :attr:`WRITE`. Users matching several filters will cumulate permissions."
msgstr ""

#: ../../docstring of canaille.core.configuration.ACLSettings.FILTER:1
#: 134302ab158549ad975879115d2c8eb9
msgid ":attr:`FILTER` can be:"
msgstr ""

#: ../../docstring of canaille.core.configuration.ACLSettings.FILTER:3
#: 7f0555044d4a4b58b776eeb9ec14b5cd
msgid ":py:data:`None`, in which case all the users will match this access control"
msgstr ""

#: ../../docstring of canaille.core.configuration.ACLSettings.FILTER:4
#: e300b60dedae45238ea7f4acb02a87ee
msgid "a mapping where keys are user attributes name and the values those user attribute values. All the values must be matched for the user to be part of the access control."
msgstr ""

#: ../../docstring of canaille.core.configuration.ACLSettings.FILTER:7
#: 755ee008fcce43ce8b906501c7247606
msgid "a list of those mappings. If a user values match at least one mapping, then the user will be part of the access control"
msgstr ""

#: ../../docstring of canaille.core.configuration.ACLSettings.FILTER:10
#: 3de2e561b83646f1b7ec6801b2910f38
msgid "Here are some examples::"
msgstr ""

#: ../../docstring of canaille.core.configuration.ACLSettings.PERMISSIONS:1
#: fe04ea512568461d9448d71f1c999092
msgid "A list of :class:`Permission` users in the access control will be able to manage. For example::"
msgstr ""

#: ../../docstring of canaille.core.configuration.ACLSettings.READ:1
#: 4b229af962554aa99e9e93b39fe05f9f
msgid "A list of :class:`~canaille.core.models.User` attributes that users in the ACL will be able to read."
msgstr ""

#: ../../docstring of canaille.core.configuration.ACLSettings.WRITE:1
#: b656265b8f9546659c5820e26fd1ce1c
msgid "A list of :class:`~canaille.core.models.User` attributes that users in the ACL will be able to edit."
msgstr ""

#: ../../canaille/core/configuration.py:docstring of canaille.core.configuration.Permission:1
#: 8ebfe0c9ad84417aa3bc92770d91af2f
msgid "The permissions that can be assigned to users."
msgstr ""

#: ../../canaille/core/configuration.py:docstring of canaille.core.configuration.Permission:3
#: ef21883d2b12429d91d8dad8d382fdb2
msgid "The permissions are intended to be used in :attr:`ACLSettings <canaille.core.configuration.ACLSettings.PERMISSIONS>`."
msgstr ""

#: ../../docstring of canaille.core.configuration.Permission.DELETE_ACCOUNT:1
#: e8f13fbf1ad24471b165a07059590a31
msgid "Allows users to delete their account."
msgstr ""

#: ../../docstring of canaille.core.configuration.Permission.DELETE_ACCOUNT:3
#: 52717ea4c45a42b2b5a071c9393522cd
msgid "If used with :attr:`~canaille.core.configuration.Permission.MANAGE_USERS`, users can delete any account."
msgstr ""

#: ../../docstring of canaille.core.configuration.Permission.EDIT_SELF:1
#: 35547166ff4d489d9a3d4098bbff74ce
msgid "Allows users to edit their own profile."
msgstr ""

#: ../../docstring of canaille.core.configuration.Permission.IMPERSONATE_USERS:1
#: 310e4a17fd9242d6904054b4c883a577
msgid "Allows users to take the identity of another user."
msgstr ""

#: ../../docstring of canaille.core.configuration.Permission.MANAGE_GROUPS:1
#: ac1abae2d8f74772b348cbd59bd9e8e5
msgid "Allows group edition and creation."
msgstr ""

#: ../../docstring of canaille.core.configuration.Permission.MANAGE_OIDC:1
#: 1490858a79d448788927c70f271e61b1
msgid "Allows OpenID Connect client managements."
msgstr ""

#: ../../docstring of canaille.core.configuration.Permission.MANAGE_USERS:1
#: b92df6b742994a71a4bac9c7c8f4b54a
msgid "Allows other users management."
msgstr ""

#: ../../docstring of canaille.core.configuration.Permission.USE_OIDC:1
#: c675f1a7593b447e89aefd4f1cdb2cd2
msgid "Allows OpenID Connect authentication."
msgstr ""

#: ../../canaille/oidc/configuration.py:docstring of canaille.oidc.configuration.OIDCSettings:1
#: 9b14baa774f44089a7f5e32ba777d0d2
msgid "OpenID Connect settings."
msgstr ""

#: ../../canaille/oidc/configuration.py:docstring of canaille.oidc.configuration.OIDCSettings:3
#: 706575830d584262963070e217b28773
msgid "Belong in the ``CANAILLE_OIDC`` namespace."
msgstr ""

#: ../../docstring of canaille.oidc.configuration.OIDCSettings.DYNAMIC_CLIENT_REGISTRATION_OPEN:1
#: 05ce4abf1291468fad96409fcfdb326b
msgid "Whether a token is needed for the RFC7591 dynamical client registration."
msgstr ""

#: ../../docstring of canaille.oidc.configuration.OIDCSettings.DYNAMIC_CLIENT_REGISTRATION_OPEN:3
#: 72532597a48e43bba0a220c4cc85d3f8
msgid "If :py:data:`True`, no token is needed to register a client. If :py:data:`False`, dynamical client registration needs a token defined in :attr:`DYNAMIC_CLIENT_REGISTRATION_TOKENS`."
msgstr ""

#: ../../docstring of canaille.oidc.configuration.OIDCSettings.DYNAMIC_CLIENT_REGISTRATION_TOKENS:1
#: f09695298396457d9ac80871f6a3f414
msgid "A list of tokens that can be used for dynamic client registration."
msgstr ""

#: ../../docstring of canaille.oidc.configuration.OIDCSettings.JWT:1
#: 60041fd5cd7943cc8c9ccd3c5399ebcd
msgid "JSON Web Token settings."
msgstr ""

#: ../../docstring of canaille.oidc.configuration.OIDCSettings.REQUIRE_NONCE:1
#: d72133a06e7b4fd5b768e50d5607eebe
msgid "Force the nonce exchange during the authentication flows."
msgstr ""

#: ../../docstring of canaille.oidc.configuration.OIDCSettings.REQUIRE_NONCE:3
#: 7fa93fd611ca48028ba3c6a64ccb1c7e
msgid "This adds security but may not be supported by all clients."
msgstr ""

#: ../../canaille/oidc/configuration.py:docstring of canaille.oidc.configuration.JWTSettings:1
#: 539d3c96a9084289852a953a6d7b17df
msgid "JSON Web Token settings. Belong in the ``CANAILLE_OIDC.JWT`` namespace."
msgstr ""

#: ../../canaille/oidc/configuration.py:docstring of canaille.oidc.configuration.JWTSettings:3
#: 5e71253140a245129cf77c28005b19f1
msgid "You can generate a RSA keypair with::"
msgstr ""

#: ../../docstring of canaille.oidc.configuration.JWTSettings.ALG:1
#: 988bee422e4b4fec87dc632e93a50c46
msgid "The key algorithm."
msgstr ""

#: ../../docstring of canaille.oidc.configuration.JWTSettings.EXP:1
#: 1c0f3c2d601c428884a0e461ec2068b3
msgid "The time the JWT will be valid, in seconds."
msgstr ""

#: ../../docstring of canaille.oidc.configuration.JWTSettings.ISS:1
#: 3c267a9fb78146278930375f669d84fd
msgid "The URI of the identity provider."
msgstr ""

#: ../../docstring of canaille.oidc.configuration.JWTSettings.KTY:1
#: eac75734be944cbaa98dbf3c58543182
msgid "The key type."
msgstr ""

#: ../../docstring of canaille.oidc.configuration.JWTSettings.PRIVATE_KEY:1
#: 5b8d5a20394a42aaa95e8b6272422676
msgid "The private key."
msgstr ""

#: ../../docstring of canaille.oidc.configuration.JWTSettings.PRIVATE_KEY:3
#: ../../docstring of canaille.oidc.configuration.JWTSettings.PUBLIC_KEY:3
#: f8f4cfc9a6944cf886747112edc27e05
#: 27b7a5db2a7349fd8c8fcd0da52099a4
msgid "If :py:data:`None` and debug mode is enabled, then an in-memory key will be used."
msgstr ""

#: ../../docstring of canaille.oidc.configuration.JWTSettings.PUBLIC_KEY:1
#: e35dd157c6e646deb620fc05fb2c6ea9
msgid "The public key."
msgstr ""

#: ../../canaille/oidc/configuration.py:docstring of canaille.oidc.configuration.JWTMappingSettings:1
#: 780c4d38785741f285ccf535519eeaa3
msgid "Mapping between the user model and the JWT fields."
msgstr ""

#: ../../canaille/oidc/configuration.py:docstring of canaille.oidc.configuration.JWTMappingSettings:3
#: f3a874b7d74b4a88b42d454b2610523f
msgid "Fields are evaluated with jinja. A ``user`` var is available."
msgstr ""

#: ../../canaille/backends/sql/configuration.py:docstring of canaille.backends.sql.configuration.SQLSettings:1
#: 165856c16d0a43d4ab40ae18c4c6a121
msgid "Settings related to the SQL backend."
msgstr ""

#: ../../canaille/backends/sql/configuration.py:docstring of canaille.backends.sql.configuration.SQLSettings:3
#: 63bb2fe9e32a4335a4703a4858e04bdd
msgid "Belong in the ``CANAILLE_SQL`` namespace."
msgstr ""

#: ../../docstring of canaille.backends.sql.configuration.SQLSettings.DATABASE_URI:1
#: 0d50d676505145cba84b5bdbff702f47
msgid "The SQL server URI. For example::"
msgstr ""

#: ../../canaille/backends/ldap/configuration.py:docstring of canaille.backends.ldap.configuration.LDAPSettings:1
#: 63835d8e27dd4f49adc55bc2485065f8
msgid "Settings related to the LDAP backend."
msgstr ""

#: ../../canaille/backends/ldap/configuration.py:docstring of canaille.backends.ldap.configuration.LDAPSettings:3
#: fd3ab17575104482a7f2c37cc19043af
msgid "Belong in the ``CANAILLE_LDAP`` namespace."
msgstr ""

#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.BIND_DN:1
#: 550e9bdf6e9247f09403e4b4ff8be94c
msgid "The LDAP bind DN."
msgstr ""

#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.BIND_PW:1
#: bc1424fa78f1493fa69ef725de487809
msgid "The LDAP bind password."
msgstr ""

#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.GROUP_BASE:1
#: 8282e536034347a3b09afa4b4bdcedc8
msgid "The LDAP node under which groups will be looked for and saved."
msgstr ""

#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.GROUP_BASE:3
#: 9f912f59001e49c5b67f6e451514aa6a
msgid "For instance `\"ou=groups,dc=mydomain,dc=tld\"`."
msgstr ""

#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.GROUP_CLASS:1
#: e614760d80cd4a91a211ae8d84548bea
msgid "The object class to use for creating new groups."
msgstr ""

#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.GROUP_NAME_ATTRIBUTE:1
#: 0338cd65d7fa41c985a7f6afe5d2d4b3
msgid "The attribute to use to identify a group."
msgstr ""

#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.GROUP_RDN:1
#: 9c776217f019430990f05cb397592cc3
msgid "The attribute to identify an object in the Group DN."
msgstr ""

#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.ROOT_DN:1
#: bb137dbdd9ba4b32a9ff399535965ec5
msgid "The LDAP root DN."
msgstr ""

#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.TIMEOUT:1
#: 4819f0cceda947f789405fc0a2851540
msgid "The LDAP connection timeout."
msgstr ""

#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.URI:1
#: e10eb86592e54e458fa14aed17aff1f3
msgid "The LDAP server URI."
msgstr ""

#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.USER_BASE:1
#: f26b0015244b4ebf88f2a01ecccf6146
msgid "The LDAP node under which users will be looked for and saved."
msgstr ""

#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.USER_BASE:3
#: cfec4d845a124961b3e2a7d48af1b5f7
msgid "For instance `ou=users,dc=mydomain,dc=tld`."
msgstr ""

#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.USER_CLASS:1
#: 884ecb78852c4fb886fffcbf653909f1
msgid "The object class to use for creating new users."
msgstr ""

#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.USER_FILTER:1
#: 35708f1aa4a343179372567b9711de54
msgid "Filter to match users on sign in."
msgstr ""

#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.USER_FILTER:3
#: 282ea97660b54ea0b86d9aec0a26a7fb
msgid "For instance ``(|(uid={{ login }})(mail={{ login }}))``. Jinja syntax is supported and a ``login`` variable is available, containing the value passed in the login field."
msgstr ""

#: ../../docstring of canaille.backends.ldap.configuration.LDAPSettings.USER_RDN:1
#: e064a83dfa6c492fb83985762141f127
msgid "The attribute to identify an object in the User DN."
msgstr ""

#: ../references/configuration.rst:81
#: 8666192035fa47e2b43c95af3e2e9ff5
msgid "Example file"
msgstr ""

#: ../references/configuration.rst:83
#: ae6fe4f0abc64b988760f7d54220a253
msgid "Here is a configuration file example:"
msgstr ""

#: ../references/index.rst:2
#: 206288fd44084b00a6a7cebc4ec444af
msgid "References"
msgstr ""

#: ../references/models.rst:2
#: e33e5271c036428493f7675bc9f5cb03
msgid "Data models"
msgstr ""

#: ../references/models.rst:4
#: 857e3dd1bcf846a3b6bdd4a2d9610330
msgid "This reference details the data models used by Canaille. This is mostly useful for developers."
msgstr ""

#: ../../canaille/backends/models.py:docstring of canaille.backends.models.BackendModel:1
#: ../../canaille/backends/models.py:docstring of canaille.backends.models.Model:1
#: c7abd830186c4a0e8811584d8500f6ca
#: b41326706bd14c358bf495e522b4dd3c
msgid "Bases: :py:class:`object`"
msgstr ""

#: ../../canaille/backends/models.py:docstring of canaille.backends.models.BackendModel:1
#: 1132269715584e11b7e0537cc804941e
msgid "The backend model abstract class."
msgstr ""

#: ../../canaille/backends/models.py:docstring of canaille.backends.models.BackendModel:3
#: 4ec1903388f54d95b4ad8204170fbaf3
msgid "It details all the methods and attributes that are expected to be implemented for every model and for every backend."
msgstr ""

#: ../../canaille/backends/models.py:docstring of canaille.backends.models.Model:1
#: fa90c720f73b4e81afd4f090b7a504a8
msgid "The model abstract class."
msgstr ""

#: ../../canaille/backends/models.py:docstring of canaille.backends.models.Model:3
#: d0e3aaa6602f46619cef932ff017b2e3
msgid "It details all the common attributes shared by every models."
msgstr ""

#: ../../docstring of canaille.backends.models.Model.created:1
#: 8a033e0fc1384d81b8e14eb9fabf5b04
msgid "The :class:`~datetime.datetime` that the resource was added to the service provider."
msgstr ""

#: ../../docstring of canaille.backends.models.Model.id:1
#: 8da69774f6ef4e11be081b9464934f55
msgid "A unique identifier for a SCIM resource as defined by the service provider. Id will be :py:data:`None` until the :meth:`~canaille.backends.models.BackendModel.save` method is called."
msgstr ""

#: ../../docstring of canaille.backends.models.Model.id:5
#: 57bc2383f9fd4488bfb43683117e9dce
msgid "Each representation of the resource MUST include a non-empty \"id\" value.  This identifier MUST be unique across the SCIM service provider's entire set of resources.  It MUST be a stable, non- reassignable identifier that does not change when the same resource is returned in subsequent requests.  The value of the \"id\" attribute is always issued by the service provider and MUST NOT be specified by the client.  The string \"bulkId\" is a reserved keyword and MUST NOT be used within any unique identifier value.  The attribute characteristics are \"caseExact\" as \"true\", a mutability of \"readOnly\", and a \"returned\" characteristic of \"always\".  See Section 9 for additional considerations regarding privacy."
msgstr ""

#: ../../canaille/backends/models.py:docstring of canaille.backends.models.Model.identifier:1
#: 99835090b4f04bcaae8e4ca7a7f1c661
msgid "Returns a unique value that will be used to identify the model instance."
msgstr ""

#: ../../canaille/backends/models.py:docstring of canaille.backends.models.Model.identifier:4
#: b73d248fbdae4e2aa9d85081a7cbcb47
msgid "This value will be used in URLs in canaille, so it should be unique and short."
msgstr ""

#: ../../docstring of canaille.backends.models.Model.last_modified:1
#: 7c7bf6ecc0be4ffc8ee3deeaea8b30fd
msgid "The most recent :class:`~datetime.datetime` that the details of this resource were updated at the service provider."
msgstr ""

#: ../../docstring of canaille.backends.models.Model.last_modified:4
#: 3e9df2c4756c4d3e8c0bc9f3dd02b81e
msgid "If this resource has never been modified since its initial creation, the value MUST be the same as the value of :attr:`~canaille.backends.models.Model.created`."
msgstr ""

#: ../../canaille/core/models.py:docstring of canaille.core.models.Group:1
#: ../../canaille/core/models.py:docstring of canaille.core.models.User:1
#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.AuthorizationCode:1
#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.Client:1
#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.Consent:1
#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.Token:1
#: 76e8d7eab59c4068a81892edeb1e0959
#: 8ad591f5e7814bda8f75427e15ea3b94
#: 5d552eb21a0b4bdbba717f23d9d07355
#: de6ff91c8955442a8900ea3b083de26a
#: 9dbde2f4403945e6a6a6407395f13c7d
#: 146d1fa072e444d9bde901a403f23bc0
msgid "Bases: :py:class:`~canaille.backends.models.Model`"
msgstr ""

#: ../../canaille/core/models.py:docstring of canaille.core.models.Group:1
#: a1df08de19964375abcca8512ca17705
msgid "User model, based on the `SCIM Group schema <https://datatracker.ietf.org/doc/html/rfc7643#section-4.2>`_."
msgstr ""

#: ../../docstring of canaille.core.models.Group.display_name:1
#: 2bf3aa99c4a84f6095ba98e7f92e321d
msgid "A human-readable name for the Group."
msgstr ""

#: ../../docstring of canaille.core.models.Group.display_name:3
#: ../../docstring of canaille.oidc.basemodels.Client.client_id:1
#: 5c1fa86c00e84e3f95d2d051acd63464
#: 58e401ecc8384467bb179ce57016d2f1
msgid "REQUIRED."
msgstr ""

#: ../../docstring of canaille.core.models.Group.members:1
#: d04e1dbd8f4946f3bfabb88ddd25791f
msgid "A list of members of the Group."
msgstr ""

#: ../../docstring of canaille.core.models.Group.members:3
#: d84485ef948747a398d2c755da44a71a
msgid "While values MAY be added or removed, sub-attributes of members are \"immutable\".  The \"value\" sub-attribute contains the value of an \"id\" attribute of a SCIM resource, and the \"$ref\" sub-attribute must be the URI of a SCIM resource such as a \"User\", or a \"Group\".  The intention of the \"Group\" type is to allow the service provider to support nested groups.  Service providers MAY require clients to provide a non-empty value by setting the \"required\" attribute characteristic of a sub-attribute of the \"members\" attribute in the \"Group\" resource schema."
msgstr ""

#: ../../canaille/core/models.py:docstring of canaille.core.models.User:1
#: 81f4664ae5714523a2ed092cc80537e9
msgid "User model, based on the `SCIM User schema <https://datatracker.ietf.org/doc/html/rfc7643#section-4.1>`_, `Entreprise User Schema Extension <https://datatracker.ietf.org/doc/html/rfc7643#section-4.3>`_ and `SCIM Password Management Extension <https://datatracker.ietf.org/doc/html/draft-hunt-scim-password-mgmt-00.html>`_ draft. Attribute description is based on SCIM and put there for information purpose. The description may not fit the current implementation in Canaille."
msgstr ""

#: ../../canaille/core/models.py:docstring of canaille.core.models.User.can:1
#: 3ea159ffecca495dbc0f362dc8666655
msgid "Whether or not the user has the :class:`~canaille.core.configuration.Permission` according to the :class:`configuration <canaille.core.configuration.ACLSettings>`."
msgstr ""

#: ../../docstring of canaille.core.models.User.department:1
#: 269749aef2ad4b6da03008f08a546c10
msgid "Identifies the name of a department."
msgstr ""

#: ../../docstring of canaille.core.models.User.display_name:1
#: 460de2c7c1b84b989d2cd0826d56d5c4
msgid "The name of the user, suitable for display to end-users."
msgstr ""

#: ../../docstring of canaille.core.models.User.display_name:3
#: 2aea5ca2a486412caf8e73b0cc9323cf
msgid "Each user returned MAY include a non-empty displayName value.  The name SHOULD be the full name of the User being described, if known (e.g., \"Babs Jensen\" or \"Ms. Barbara J Jensen, III\") but MAY be a username or handle, if that is all that is available (e.g., \"bjensen\").  The value provided SHOULD be the primary textual label by which this User is normally displayed by the service provider when presenting it to end-users."
msgstr ""

#: ../../docstring of canaille.core.models.User.emails:1
#: 4100ad81ec2f46ceb27f39a4646ec5fe
msgid "Email addresses for the User."
msgstr ""

#: ../../docstring of canaille.core.models.User.emails:3
#: 3581156179f7474e86bd2962b612dc79
msgid "The value SHOULD be specified according to [RFC5321].  Service providers SHOULD canonicalize the value according to [RFC5321], e.g., \"bjensen@example.com\" instead of \"bjensen@EXAMPLE.COM\".  The \"display\" sub-attribute MAY be used to return the canonicalized representation of the email value. The \"type\" sub-attribute is used to provide a classification meaningful to the (human) user.  The user interface should encourage the use of basic values of \"work\", \"home\", and \"other\" and MAY allow additional type values to be used at the discretion of SCIM clients."
msgstr ""

#: ../../docstring of canaille.core.models.User.employee_number:1
#: 770f3e0e77544d23aea120407da9f9e4
msgid "A string identifier, typically numeric or alphanumeric, assigned to a person, typically based on order of hire or association with an organization."
msgstr ""

#: ../../docstring of canaille.core.models.User.family_name:1
#: 953ddd02130b44fc982ce215e06b7bc9
msgid "The family name of the User, or last name in most Western languages (e.g., \"Jensen\" given the full name \"Ms. Barbara Jane Jensen, III\")."
msgstr ""

#: ../../docstring of canaille.core.models.User.formatted_address:1
#: b68a3666ecdc4e1ca00e98b30e0e8aa6
msgid "The full mailing address, formatted for display or use with a mailing label."
msgstr ""

#: ../../docstring of canaille.core.models.User.formatted_address:4
#: 784b31f788f74aeab53f0fd82a534281
msgid "This attribute MAY contain newlines."
msgstr ""

#: ../../docstring of canaille.core.models.User.formatted_name:1
#: a0bf6074e4e44f769b5c4c1ff602622c
msgid "The full name, including all middle names, titles, and suffixes as appropriate, formatted for display (e.g., \"Ms. Barbara Jane Jensen, III\")."
msgstr ""

#: ../../docstring of canaille.core.models.User.given_name:1
#: d900832631354c84a97836c4cc205197
msgid "The given name of the User, or first name in most Western languages (e.g., \"Barbara\" given the full name \"Ms. Barbara Jane Jensen, III\")."
msgstr ""

#: ../../docstring of canaille.core.models.User.groups:1
#: 719f2fba346c4d14855eed459c76520b
msgid "A list of groups to which the user belongs, either through direct membership, through nested groups, or dynamically calculated."
msgstr ""

#: ../../docstring of canaille.core.models.User.groups:4
#: 7870d61391cb47f286f071af63fb6fcc
msgid "The values are meant to enable expression of common group-based or role-based access control models, although no explicit authorization model is defined.  It is intended that the semantics of group membership and any behavior or authorization granted as a result of membership are defined by the service provider.  The canonical types \"direct\" and \"indirect\" are defined to describe how the group membership was derived.  Direct group membership indicates that the user is directly associated with the group and SHOULD indicate that clients may modify membership through the \"Group\" resource. Indirect membership indicates that user membership is transitive or dynamic and implies that clients cannot modify indirect group membership through the \"Group\" resource but MAY modify direct group membership through the \"Group\" resource, which may influence indirect memberships.  If the SCIM service provider exposes a \"Group\" resource, the \"value\" sub-attribute MUST be the \"id\", and the \"$ref\" sub-attribute must be the URI of the corresponding \"Group\" resources to which the user belongs.  Since this attribute has a mutability of \"readOnly\", group membership changes MUST be applied via the \"Group\" Resource (Section 4.2).  This attribute has a mutability of \"readOnly\"."
msgstr ""

#: ../../canaille/core/models.py:docstring of canaille.core.models.User.has_password:1
#: 265a1da56cbe4973948483be02dcf50f
msgid "Check whether a password has been set for the user."
msgstr ""

#: ../../docstring of canaille.core.models.User.locality:1
#: f1cbb16b7a394f02994bda6d74e1f101
msgid "The city or locality component."
msgstr ""

#: ../../docstring of canaille.core.models.User.lock_date:1
#: ecf22d4c050d4293812e5d28c2c64276
msgid "A DateTime indicating when the resource was locked."
msgstr ""

#: ../../canaille/core/models.py:docstring of canaille.core.models.User.locked:1
#: fdcf060455954b44a87b0258b51f4162
msgid "Whether the user account has been locked or has expired."
msgstr ""

#: ../../docstring of canaille.core.models.User.organization:1
#: 1b373f75318841369565923a5eebee3f
msgid "Identifies the name of an organization."
msgstr ""

#: ../../docstring of canaille.core.models.User.password:1
#: c2eb5a01455c4a72bb717196a3cd4b1e
msgid "This attribute is intended to be used as a means to set, replace, or compare (i.e., filter for equality) a password.  The cleartext value or the hashed value of a password SHALL NOT be returnable by a service provider.  If a service provider holds the value locally, the value SHOULD be hashed.  When a password is set or changed by the client, the cleartext password SHOULD be processed by the service provider as follows:"
msgstr ""

#: ../../docstring of canaille.core.models.User.password:9
#: 39dbcb52281342cf95d9e278cf0e86f7
msgid "Prepare the cleartext value for international language comparison.  See Section 7.8 of [RFC7644]."
msgstr ""

#: ../../docstring of canaille.core.models.User.password:12
#: 81367c249cf746dc8cedb2bc50a0a8d8
msgid "Validate the value against server password policy.  Note: The definition and enforcement of password policy are beyond the scope of this document."
msgstr ""

#: ../../docstring of canaille.core.models.User.password:16
#: a30f12b98afd4aaf9134f9c7dbfb904e
msgid "Ensure that the value is encrypted (e.g., hashed).  See Section 9.2 for acceptable hashing and encryption handling when storing or persisting for provisioning workflow reasons."
msgstr ""

#: ../../docstring of canaille.core.models.User.password:20
#: ffb95993e6b44e4d9cbef27be1ea50ed
msgid "A service provider that immediately passes the cleartext value on to another system or programming interface MUST pass the value directly over a secured connection (e.g., Transport Layer Security (TLS)).  If the value needs to be temporarily persisted for a period of time (e.g., because of a workflow) before provisioning, then the value MUST be protected by some method, such as encryption."
msgstr ""

#: ../../docstring of canaille.core.models.User.password:28
#: dd443338215345569246eb53d0be4f51
msgid "Testing for an equality match MAY be supported if there is an existing stored hashed value.  When testing for equality, the service provider:"
msgstr ""

#: ../../docstring of canaille.core.models.User.password:32
#: e0ce41319f354a78b08a10e5b1e1f241
msgid "Prepares the filter value for international language comparison.  See Section 7.8 of [RFC7644]."
msgstr ""

#: ../../docstring of canaille.core.models.User.password:35
#: a9b91c509151450a8fbaeca536e5a065
msgid "Generates the salted hash of the filter value and tests for a match with the locally held value."
msgstr ""

#: ../../docstring of canaille.core.models.User.password:38
#: e59b5a9cabc94edc960040634bb9b40b
msgid "The mutability of the password attribute is \"writeOnly\", indicating that the value MUST NOT be returned by a service provider in any form (the attribute characteristic \"returned\" is \"never\")."
msgstr ""

#: ../../docstring of canaille.core.models.User.phone_numbers:1
#: 0200fa95c2d34209b86d34af15ca3efa
msgid "Phone numbers for the user."
msgstr ""

#: ../../docstring of canaille.core.models.User.phone_numbers:3
#: 7df002440c4a49f5a60b6ee23427a41c
msgid "The value SHOULD be specified according to the format defined in [RFC3966], e.g., 'tel:+1-201-555-0123'.  Service providers SHOULD canonicalize the value according to [RFC3966] format, when appropriate.  The \"display\" sub-attribute MAY be used to return the canonicalized representation of the phone number value.  The sub- attribute \"type\" often has typical values of \"work\", \"home\", \"mobile\", \"fax\", \"pager\", and \"other\" and MAY allow more types to be defined by the SCIM clients."
msgstr ""

#: ../../docstring of canaille.core.models.User.photo:1
#: 7fedacfa76754438abc4f15739f65b43
msgid "A URI that is a uniform resource locator (as defined in Section 1.1.3 of [RFC3986]) that points to a resource location representing the user's image."
msgstr ""

#: ../../docstring of canaille.core.models.User.photo:5
#: 81803c80faf3423f8e485a2ecce11385
msgid "The resource MUST be a file (e.g., a GIF, JPEG, or PNG image file) rather than a web page containing an image.  Service providers MAY return the same image in different sizes, although it is recognized that no standard for describing images of various sizes currently exists.  Note that this attribute SHOULD NOT be used to send down arbitrary photos taken by this user; instead, profile photos of the user that are suitable for display when describing the user should be sent. Instead of the standard canonical values for type, this attribute defines the following canonical values to represent popular photo sizes: \"photo\" and \"thumbnail\"."
msgstr ""

#: ../../docstring of canaille.core.models.User.postal_code:1
#: f8f58ae726cf4a28ab6a41f914c622c6
msgid "The zip code or postal code component."
msgstr ""

#: ../../docstring of canaille.core.models.User.preferred_language:1
#: 1a2fcd82b2464b8cbcd9c019ab2eb84c
msgid "Indicates the user's preferred written or spoken languages and is generally used for selecting a localized user interface."
msgstr ""

#: ../../docstring of canaille.core.models.User.preferred_language:4
#: ac4003c176d8405ba68f669e5cac74bb
msgid "The value indicates the set of natural languages that are preferred. The format of the value is the same as the HTTP Accept-Language header field (not including \"Accept-Language:\") and is specified in Section 5.3.5 of [RFC7231].  The intent of this value is to enable cloud applications to perform matching of language tags [RFC4647] to the user's language preferences, regardless of what may be indicated by a user agent (which might be shared), or in an interaction that does not involve a user (such as in a delegated OAuth 2.0 [RFC6749] style interaction) where normal HTTP Accept-Language header negotiation cannot take place."
msgstr ""

#: ../../docstring of canaille.core.models.User.profile_url:1
#: acbb9e832d0a46139c07d7973e9bba21
msgid "A URI that is a uniform resource locator (as defined in Section 1.1.3 of [RFC3986]) and that points to a location representing the user's online profile (e.g., a web page)."
msgstr ""

#: ../../docstring of canaille.core.models.User.profile_url:5
#: 14d239bcb11b485080e8f58e6497953d
msgid "URIs are canonicalized per Section 6.2 of [RFC3986]."
msgstr ""

#: ../../canaille/core/models.py:docstring of canaille.core.models.User.readable_fields:1
#: e13036989cee4c8a9b01a9e928f80be3
msgid "The fields the user can read according to the :class:`configuration <canaille.core.configuration.ACLSettings>` configuration."
msgstr ""

#: ../../canaille/core/models.py:docstring of canaille.core.models.User.readable_fields:4
#: 7afdae6265ca450ca7b90737893fb816
msgid "This does not include the :attr:`writable <canaille.core.models.User.writable_fields>` fields."
msgstr ""

#: ../../docstring of canaille.core.models.User.region:1
#: e396209a890449d0a517ba2e362d806f
msgid "The state or region component."
msgstr ""

#: ../../docstring of canaille.core.models.User.street:1
#: 19108e451a7c434ba4246251f0a2646b
msgid "The full street address component, which may include house number, street name, P.O."
msgstr ""

#: ../../docstring of canaille.core.models.User.street:4
#: eaa0d95c9221440b93e046dc85be8618
msgid "box, and multi-line extended street address information.  This attribute MAY contain newlines."
msgstr ""

#: ../../docstring of canaille.core.models.User.title:1
#: cd41539c41c34a0c9457d0ba3256a967
msgid "The user's title, such as \"Vice President\"."
msgstr ""

#: ../../docstring of canaille.core.models.User.user_name:1
#: 24e291232c474e6590826cd8c03cbc1c
msgid "A service provider's unique identifier for the user, typically used by the user to directly authenticate to the service provider."
msgstr ""

#: ../../docstring of canaille.core.models.User.user_name:4
#: 9c35779d8e274c518400a690b9064ab2
msgid "Often displayed to the user as their unique identifier within the system (as opposed to \"id\" or \"externalId\", which are generally opaque and not user-friendly identifiers).  Each User MUST include a non-empty userName value.  This identifier MUST be unique across the service provider's entire set of Users.  This attribute is REQUIRED and is case insensitive."
msgstr ""

#: ../../canaille/core/models.py:docstring of canaille.core.models.User.writable_fields:1
#: 83205b3ffcaf4c7b8ff106f9a56ad5ed
msgid "The fields the user can write according to the :class:`configuration <canaille.core.configuration.ACLSettings>`."
msgstr ""

#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.AuthorizationCode:1
#: 882af7335c4448c1acd9b8bfa27cd3f1
msgid "OpenID Connect temporary authorization code definition."
msgstr ""

#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.Client:1
#: ebfd2dba785f4acf839c79f93a313fb9
msgid "OpenID Connect client definition, based on the `OAuth 2.0 Dynamic Client Registration protocols <https://datatracker.ietf.org/doc/html/rfc7591.html>`_ and the `OpenID Connect RP-Initiated Logout <https://openid.net/specs/openid-connect-rpinitiated-1_0.html>`_ specifications."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.client_id:3
#: 00cb301b3e9241a68731ab1906a60256
msgid "OAuth 2.0 client identifier string.  It SHOULD NOT be currently valid for any other registered client, though an authorization server MAY issue the same client identifier to multiple instances of a registered client at its discretion."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.client_id_issued_at:1
#: ../../docstring of canaille.oidc.basemodels.Client.client_secret:1
#: ../../docstring of canaille.oidc.basemodels.Client.post_logout_redirect_uris:1
#: 1bb915dc99bf44c2a670954ae463f3ea
#: 37d4d00966d14f638b369bbf8d189a04
#: 86db5090d5b74f14ba76ebe1fcd2abe2
msgid "OPTIONAL."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.client_id_issued_at:3
#: 538cbc1b5c7544d9941f68d09c0ad1fb
msgid "Time at which the client identifier was issued.  The time is represented as the number of seconds from 1970-01-01T00:00:00Z as measured in UTC until the date/time of issuance."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.client_name:1
#: 953642673a994c19bb00aa6e89619ba8
msgid "Human-readable string name of the client to be presented to the end-user during authorization."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.client_name:4
#: 53863371a4294ef08127e4078a8e8fb9
msgid "If omitted, the authorization server MAY display the raw \"client_id\" value to the end-user instead.  It is RECOMMENDED that clients always send this field. The value of this field MAY be internationalized, as described in Section 2.2."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.client_secret:3
#: 1a6118092c3c4a8d9d093e0519705c9b
msgid "OAuth 2.0 client secret string.  If issued, this MUST be unique for each \"client_id\" and SHOULD be unique for multiple instances of a client using the same \"client_id\".  This value is used by confidential clients to authenticate to the token endpoint, as described in OAuth 2.0 [RFC6749], Section 2.3.1."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.client_secret_expires_at:1
#: 29d25a51d1c8411ba1ff8da6f7a2f93a
msgid "REQUIRED if \"client_secret\" is issued."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.client_secret_expires_at:3
#: 6f8a40a8a47f4994a7b01d0818220880
msgid "Time at which the client secret will expire or 0 if it will not expire.  The time is represented as the number of seconds from 1970-01-01T00:00:00Z as measured in UTC until the date/time of expiration."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.client_uri:1
#: 360afa7e61fd413b8ab29e65ac11111c
msgid "URL string of a web page providing information about the client."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.client_uri:3
#: 31b2611ae44b441e856cc0b817970542
msgid "If present, the server SHOULD display this URL to the end-user in a clickable fashion.  It is RECOMMENDED that clients always send this field.  The value of this field MUST point to a valid web page.  The value of this field MAY be internationalized, as described in Section 2.2."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.contacts:1
#: 80a4719fcc354c4395ea54fa667e4371
msgid "Array of strings representing ways to contact people responsible for this client, typically email addresses."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.contacts:4
#: 34b6f914183f4c3c91ac695dbd14a8af
msgid "The authorization server MAY make these contact addresses available to end-users for support requests for the client.  See Section 6 for information on Privacy Considerations."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:1
#: 62ce0c027c67481190838cb9ac545793
msgid "Array of OAuth 2.0 grant type strings that the client can use at the token endpoint.  These grant types are defined as follows:"
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:4
#: bfdd30aa3d26422d934073ff87a0549e
msgid "\"authorization_code\": The authorization code grant type defined in OAuth 2.0, Section 4.1."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:7
#: cebe226763c04dbdab620d52f88dc835
msgid "\"implicit\": The implicit grant type defined in OAuth 2.0, Section 4.2."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:10
#: 66aa4d06d5db43eca0e0d054cd4965df
msgid "\"password\": The resource owner password credentials grant type defined in OAuth 2.0, Section 4.3."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:13
#: 8a0ca533341f471792556475588cc952
msgid "\"client_credentials\": The client credentials grant type defined in OAuth 2.0, Section 4.4."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:16
#: 13d0dac3c8cf400187f9f516b6995715
msgid "\"refresh_token\": The refresh token grant type defined in OAuth 2.0, Section 6."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:19
#: d15b24ff203642c2b5fddb9995f95127
msgid "\"urn:ietf:params:oauth:grant-type:jwt-bearer\": The JWT Bearer Token Grant Type defined in OAuth JWT Bearer Token Profiles [RFC7523]."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:23
#: 25ca628a88174236888c22b7b4d39a2b
msgid "\"urn:ietf:params:oauth:grant-type:saml2-bearer\": The SAML 2.0 Bearer Assertion Grant defined in OAuth SAML 2 Bearer Token Profiles [RFC7522]."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:27
#: 41aa2a724906457b81dad4a9ecf8de30
msgid "If the token endpoint is used in the grant type, the value of this parameter MUST be the same as the value of the \"grant_type\" parameter passed to the token endpoint defined in the grant type definition.  Authorization servers MAY allow for other values as defined in the grant type extension process described in OAuth 2.0, Section 4.5.  If omitted, the default behavior is that the client will use only the \"authorization_code\" Grant Type."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.jwk:1
#: 77ac12ce23924303a3060f5f33e8cef5
msgid "Client's JSON Web Key Set [RFC7517] document value, which contains the client's public keys."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.jwk:4
#: f2fd7c3c9e9c47d2b482ca05ac33ccb7
msgid "The value of this field MUST be a JSON object containing a valid JWK Set.  These keys can be used by higher-level protocols that use signing or encryption.  This parameter is intended to be used by clients that cannot use the \"jwks_uri\" parameter, such as native clients that cannot host public URLs.  The \"jwks_uri\" and \"jwks\" parameters MUST NOT both be present in the same request or response."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.jwks_uri:1
#: 89b1deaeae5345598a34fc06345226c7
msgid "URL string referencing the client's JSON Web Key (JWK) Set [RFC7517] document, which contains the client's public keys."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.jwks_uri:4
#: 966a1eaa83fe462fbcaf38294b250c97
msgid "The value of this field MUST point to a valid JWK Set document. These keys can be used by higher-level protocols that use signing or encryption.  For instance, these keys might be used by some applications for validating signed requests made to the token endpoint when using JWTs for client authentication [RFC7523].  Use of this parameter is preferred over the \"jwks\" parameter, as it allows for easier key rotation.  The \"jwks_uri\" and \"jwks\" parameters MUST NOT both be present in the same request or response."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.logo_uri:1
#: e4265e51c6934715853889c40b22585c
msgid "URL string that references a logo for the client."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.logo_uri:3
#: 89a285306a1f47ff84c1f77380ec16d6
msgid "If present, the server SHOULD display this image to the end-user during approval. The value of this field MUST point to a valid image file.  The value of this field MAY be internationalized, as described in Section 2.2."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.policy_uri:1
#: 50006ad8f1624681abfb06106d774066
msgid "URL string that points to a human-readable privacy policy document that describes how the deployment organization collects, uses, retains, and discloses personal data."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.policy_uri:5
#: ../../docstring of canaille.oidc.basemodels.Client.tos_uri:5
#: 209467811a8f4f2dab03f0bd07afe95d
#: e907e63922714586af44e1a41502aa9a
msgid "The authorization server SHOULD display this URL to the end-user if it is provided.  The value of this field MUST point to a valid web page.  The value of this field MAY be internationalized, as described in Section 2.2."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.post_logout_redirect_uris:3
#: 8d73d1826538401da3b98ece4e12636c
msgid "Array of URLs supplied by the RP to which it MAY request that the End-User's User Agent be redirected using the post_logout_redirect_uri parameter after a logout has been performed. These URLs SHOULD use the https scheme and MAY contain port, path, and query parameter components; however, they MAY use the http scheme, provided that the Client Type is confidential, as defined in Section 2.1 of OAuth 2.0 [RFC6749], and provided the OP allows the use of http RP URIs."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.redirect_uris:1
#: bdea042dd235414796a2017a3d6a1bb7
msgid "Array of redirection URI strings for use in redirect-based flows such as the authorization code and implicit flows."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.redirect_uris:4
#: f51f4efa9c1241cfa17db60e7822637d
msgid "As required by Section 2 of OAuth 2.0 [RFC6749], clients using flows with redirection MUST register their redirection URI values. Authorization servers that support dynamic registration for redirect-based flows MUST implement support for this metadata value."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.response_types:1
#: 13b375d2cb7a4732a859d5bec8d7f40e
msgid "Array of the OAuth 2.0 response type strings that the client can use at the authorization endpoint.  These response types are defined as follows:"
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.response_types:5
#: 380d5e947a46443ca1d647398169ac0c
msgid "\"code\": The authorization code response type defined in OAuth 2.0, Section 4.1."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.response_types:8
#: 77233972d51e48ef94b8bf6283b66636
msgid "\"token\": The implicit response type defined in OAuth 2.0, Section 4.2."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.response_types:11
#: 851d82d852e64806a5dec8d61763fcba
msgid "If the authorization endpoint is used by the grant type, the value of this parameter MUST be the same as the value of the \"response_type\" parameter passed to the authorization endpoint defined in the grant type definition.  Authorization servers MAY allow for other values as defined in the grant type extension process is described in OAuth 2.0, Section 4.5.  If omitted, the default is that the client will use only the \"code\" response type."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.scope:1
#: 558edf4990f64954aac64445b227cc0a
msgid "String containing a space-separated list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) that the client can use when requesting access tokens."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.scope:5
#: 023c41f02ca44ccb81b0bd7d72be4b9d
msgid "The semantics of values in this list are service specific.  If omitted, an authorization server MAY register a client with a default set of scopes."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.software_id:1
#: 88da6bac3600449eb5f8edf87fefd1ff
msgid "A unique identifier string (e.g., a Universally Unique Identifier (UUID)) assigned by the client developer or software publisher used by registration endpoints to identify the client software to be dynamically registered."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.software_id:6
#: 1f74da2865c645b4857d70c787f0830c
msgid "Unlike \"client_id\", which is issued by the authorization server and SHOULD vary between instances, the \"software_id\" SHOULD remain the same for all instances of the client software.  The \"software_id\" SHOULD remain the same across multiple updates or versions of the same piece of software.  The value of this field is not intended to be human readable and is usually opaque to the client and authorization server."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.software_version:1
#: 5dcdc53461b14becb58d5d398d5483a0
msgid "A version identifier string for the client software identified by \"software_id\"."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.software_version:4
#: 4b35c20253ee4f87a2d15acd96c6b920
msgid "The value of the \"software_version\" SHOULD change on any update to the client software identified by the same \"software_id\".  The value of this field is intended to be compared using string equality matching and no other comparison semantics are defined by this specification.  The value of this field is outside the scope of this specification, but it is not intended to be human readable and is usually opaque to the client and authorization server.  The definition of what constitutes an update to client software that would trigger a change to this value is specific to the software itself and is outside the scope of this specification."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.token_endpoint_auth_method:1
#: 5ed599acac374aed9bf8674585ef4efe
msgid "String indicator of the requested authentication method for the token endpoint.  Values defined by this specification are:"
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.token_endpoint_auth_method:4
#: 1e8a03b523424927bcb77c482b7370b4
msgid "\"none\": The client is a public client as defined in OAuth 2.0, Section 2.1, and does not have a client secret."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.token_endpoint_auth_method:7
#: 212bf121589d414cb82b72574a2e9437
msgid "\"client_secret_post\": The client uses the HTTP POST parameters as defined in OAuth 2.0, Section 2.3.1."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.token_endpoint_auth_method:10
#: 3ee65174953549319f4309307a219ba5
msgid "\"client_secret_basic\": The client uses HTTP Basic as defined in OAuth 2.0, Section 2.3.1."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.token_endpoint_auth_method:13
#: fcbdd57b507c42e9889e03e614ae1cc5
msgid "Additional values can be defined via the IANA \"OAuth Token Endpoint Authentication Methods\" registry established in Section 4.2.  Absolute URIs can also be used as values for this parameter without being registered.  If unspecified or omitted, the default is \"client_secret_basic\", denoting the HTTP Basic authentication scheme as specified in Section 2.3.1 of OAuth 2.0."
msgstr ""

#: ../../docstring of canaille.oidc.basemodels.Client.tos_uri:1
#: d13dcc1edb5d4125a2db770d40851709
msgid "URL string that points to a human-readable terms of service document for the client that describes a contractual relationship between the end-user and the client that the end-user accepts when authorizing the client."
msgstr ""

#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.Consent:1
#: 171dbe35cecf4a4681d3bdc08b946a5b
msgid "Long-term user consent to an application."
msgstr ""

#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.Token:1
#: 057b4d804a0b4371993b5a4a272131f7
msgid "OpenID Connect token definition."
msgstr ""

#: ../tutorial/databases.rst:2
#: 3b6a8653205d4680bd92418cadade137
msgid "Databases"
msgstr ""

#: ../tutorial/databases.rst:4
#: d3083a38148b4642baa60c476e59d538
msgid "Canaille can read and save data in different databases. This page presents the different database backends and their specificities:"
msgstr ""

#: ../tutorial/databases.rst:8
#: b6a1cc4c03fd4cb18ff2e34350ef525a
msgid "Memory"
msgstr ""

#: ../tutorial/databases.rst:10
#: 6490d74eabc048a0a3598052bbb3bec9
msgid "Canaille comes with a lightweight inmemory backend by default. It is used when no other backend has been configured."
msgstr ""

#: ../tutorial/databases.rst:13
#: ad7b7d8224514567a6ef8a11197562aa
msgid "This backend is only for test purpose and should not be used in production environments."
msgstr ""

#: ../tutorial/databases.rst:18
#: 390252730815440aae5afc2d5037fae9
msgid "Canaille can use any database supported by `SQLAlchemy <https://www.sqlalchemy.org/>`_, such as sqlite, postgresql or mariadb."
msgstr ""

#: ../tutorial/databases.rst:21
#: 4fd8e23cddf04dbc89c7b1a9573e87fd
msgid "It is used when the ``CANAILLE_SQL`` configuration parameter is defined. For instance:"
msgstr ""

#: ../tutorial/databases.rst:29
#: 69b24a49338a4470a07e4a9c9d7282c6
msgid "You can find more details on the SQL configuration in the :class:`dedicated section <canaille.backends.sql.configuration.SQLSettings>`."
msgstr ""

#: ../tutorial/databases.rst:34
#: 8dd1e7f7944d4cc9bc0d59f0b484a375
msgid "Canaille can use OpenLDAP as its main database. It is used when the ``CANAILLE_LDAP`` configuration parameter is defined. For instance:"
msgstr ""

#: ../tutorial/databases.rst:52
#: 9f342913152145969f54c9c7a730591a
msgid "You can find more details on the LDAP configuration in the :class:`dedicated section <canaille.backends.ldap.configuration.LDAPSettings>`."
msgstr ""

#: ../tutorial/databases.rst:55
#: 1d9844441ee94cfc8c1cd33634c8a260
msgid "Currently, only the ``inetOrgPerson`` and ``groupOfNames`` schemas have been tested. If you want to use different schemas or LDAP servers, adaptations may be needed. Patches are welcome."
msgstr ""

#: ../tutorial/databases.rst:60
#: cbd9e8dd2d3d488fa9ff6a89fad68473
msgid "OpenLDAP overlays integration"
msgstr ""

#: ../tutorial/databases.rst:62
#: 1128cf3f9348468d9c0525d62f369610
msgid "Canaille can integrate with several OpenLDAP overlays:"
msgstr ""

#: ../tutorial/databases.rst:65
#: dc2b38641a624e6ca15e768af895e165
msgid "memberof / refint"
msgstr ""

#: ../tutorial/databases.rst:67
#: 29fde43c21534568827bb5d4af8bba87
msgid "`memberof <https://www.openldap.org/doc/admin26/overlays.html#Reverse%20Group%20Membership%20Maintenance>`_ and `refint <https://www.openldap.org/doc/admin26/overlays.html#Referential%20Integrity>`_ overlays are needed for the Canaille group membership to work correctly."
msgstr ""

#: ../tutorial/databases.rst:71
#: ../tutorial/databases.rst:94
#: 285e41cab69a40fb962252f8283aa875
#: 525d97d0ec3f446c9b21b0faf4d41344
msgid "Here is a configuration example compatible with canaille:"
msgstr ""

#: ../tutorial/databases.rst:73
#: ef8136c639724a8592d807796984f410
msgid "memberof-config.ldif"
msgstr ""

#: ../tutorial/databases.rst:77
#: a8197973912d477b93fdbbf085c22112
msgid "refint-config.ldif"
msgstr ""

#: ../tutorial/databases.rst:81
#: ../tutorial/databases.rst:104
#: 2b22a77279794980a79b47fc72083b4d
#: 78ba242925214e1c8bfca22bf28009c0
msgid "You can adapt and load those configuration files with:"
msgstr ""

#: ../tutorial/databases.rst:90
#: ee5e16d33689495b8a13fb1bb8fba4d7
msgid "ppolicy"
msgstr ""

#: ../tutorial/databases.rst:92
#: ec12abb67a2540bdab6d384a6a89ed22
msgid "If the `ppolicy <https://www.ietf.org/archive/id/draft-behera-ldap-password-policy-11.html>`_ overlay is configured and the ``pwdEndTime`` attribute is available (since OpenLDAP 2.6), then account locking support will be enabled in canaille. To allow users to manage account expiration, they need to have a *write* permission on the :attr:`~canaille.core.models.User.lock_date` attribute."
msgstr ""

#: ../tutorial/databases.rst:96
#: 6d40734bf5e6400a96db52699ee59da7
msgid "ppolicy-config.ldif"
msgstr ""

#: ../tutorial/databases.rst:100
#: cd2095f5b8434e5392dec2416b0cff16
msgid "ppolicy.ldif"
msgstr ""

#: ../tutorial/deployment.rst:2
#: 2987956a5e424d44a6ae813c10befc49
msgid "Deployment"
msgstr ""

#: ../tutorial/deployment.rst:5
#: 0172517f10df47bb882e9b5e98aaaed8
msgid "Application service"
msgstr ""

#: ../tutorial/deployment.rst:7
#: 31fc23f3ae8c4edbb06fc3716dcdbd0c
msgid "After having finished Canaille installation you have to run it in a WSGI application server. Here are some WSGI server configuration examples you can pick. Do not forget to update the paths."
msgstr ""

#: ../tutorial/deployment.rst:11
#: 2e279860c34e426ab02a89e8d3cbdc86
msgid "gunicorn"
msgstr ""

#: ../tutorial/deployment.rst:15
#: a0bd0b5693f142a998c82f8eaded413c
msgid "Write a gunicorn configuration sample file."
msgstr ""

#: ../tutorial/deployment.rst:18
#: 8c89f19656444f3da0de58c09f55806e
msgid "uwsgi"
msgstr ""

#: ../tutorial/deployment.rst:42
#: abd150cbb61f4869b76221fe90ef2fc4
msgid "Webserver"
msgstr ""

#: ../tutorial/deployment.rst:44
#: 4311527b4499488ab597ba5f76ed5c89
msgid "Now you have to plug your WSGI application server to your webserver so it is accessible on the internet. Here are some webserver configuration examples you can pick:"
msgstr ""

#: ../tutorial/deployment.rst:48
#: 6c6552189add4988bd8a8a903e17d7ab
msgid "Nginx"
msgstr ""

#: ../tutorial/deployment.rst:114
#: 1d487ea77b1e4d6f8077c47588875cc9
msgid "Apache"
msgstr ""

#: ../tutorial/deployment.rst:153
#: d2ab58ef5d8d4399b5cbebefda64ef02
msgid "Recurrent jobs"
msgstr ""

#: ../tutorial/deployment.rst:155
#: 009ab798ea3e421fa375c06afd947850
msgid "You might want to clean up your database to avoid it growing too much. You can regularly delete expired tokens and authorization codes with:"
msgstr ""

#: ../tutorial/deployment.rst:164
#: 02b4dac1342e4553ac855db4d8ccaf93
msgid "Webfinger"
msgstr ""

#: ../tutorial/deployment.rst:166
#: 2251eedb9886498abccdf399a4eee6e0
msgid "You may want to configure a `WebFinger`_ endpoint on your main website to allow the automatic discovery of your Canaille installation based on the account name of one of your users. For instance, suppose your domain is ``mydomain.example`` and your Canaille domain is ``auth.mydomain.example`` and there is a user ``john.doe``. A third-party application could require to authenticate the user and ask them for a user account. The user would give their account ``john.doe@mydomain.example``, then the application would perform a WebFinger request at ``https://mydomain.example/.well-known/webfinger`` and the response would contain the address of the authentication server ``https://auth.mydomain.example``. With this information the third party application can redirect the user to the Canaille authentication page."
msgstr ""

#: ../tutorial/deployment.rst:168
#: 17dba1b42650416f8512f5e577920647
msgid "The difficulty here is that the WebFinger endpoint must be hosted at the top-level domain (i.e. ``mydomain.example``) while the authentication server might be hosted on a sublevel (i.e. ``auth.mydomain.example``). Canaille provides a WebFinger endpoint, but if it is not hosted at the top-level domain, a web redirection is required on the ``/.well-known/webfinger`` path."
msgstr ""

#: ../tutorial/deployment.rst:170
#: 8d303134c6994ed18bfc306fdf588b10
msgid "Here are configuration examples for Nginx or Apache:"
msgstr ""

#: ../tutorial/deployment.rst:172
#: cc1a265bbebb42769bc863376dd1a2b9
msgid "Nginx webfinger configuration for a top level domain"
msgstr ""

#: ../tutorial/deployment.rst:181
#: e88ce02e0f4044efb9b6ffdf1eab7bc6
msgid "Apache webfinger configuration for a top level domain"
msgstr ""

#: ../tutorial/deployment.rst:191
#: 505fdef5b6614e2ab6d99e974ce5ba3a
msgid "Create the first user"
msgstr ""

#: ../tutorial/deployment.rst:193
#: d42846ede3db41a38a191b2c978d48d8
msgid "Once canaille is installed, soon enough you will need to add users. To create your first user you can use the :ref:`canaille create <cli_create>` CLI."
msgstr ""

#: ../tutorial/index.rst:2
#: 37c7604de530426ead3d7e42b055df3e
msgid "Tutorial"
msgstr ""

#: ../tutorial/install.rst:2
#: 0549427dff71470884ef181434db0d1b
msgid "Installation"
msgstr ""

#: ../tutorial/install.rst:6
#: 1a994e51ef1c4148b28123cc3f6e1b13
msgid "Canaille is under heavy development and may not fit a production environment yet."
msgstr ""

#: ../tutorial/install.rst:8
#: 30d4d9aa4ddc43ab887a4549faba18e1
msgid "The installation of canaille consist in several steps, some of which you can do manually or with command line tool:"
msgstr ""

#: ../tutorial/install.rst:11
#: 3067c5da88ca45d1b80c0c90dfba3c10
msgid "Get the code"
msgstr ""

#: ../tutorial/install.rst:13
#: 78bd3c946d664be7a0b8532f055b83df
msgid "As the moment there is no distribution package for canaille. However, it can be installed with the ``pip`` package manager. Let us choose a place for the canaille environment, like ``/opt/canaille/env``."
msgstr ""

#: ../tutorial/install.rst:24
#: e0e971d372ef471b912c4f65a3f60a29
msgid "Extras"
msgstr ""

#: ../tutorial/install.rst:26
#: 48d64e466a2e4ce485339fdd0991775f
msgid "Canaille provides different package options:"
msgstr ""

#: ../tutorial/install.rst:28
#: 66fc7bc361974faa8f057f71ca939a5a
msgid "`front` provides all the things needed to produce the user interface;"
msgstr ""

#: ../tutorial/install.rst:29
#: 60be8fdc29a343dbab05dcf20f3e137c
msgid "`oidc` provides the dependencies to perform OAuth2/OIDC authentication;"
msgstr ""

#: ../tutorial/install.rst:30
#: 23b2e09f1f334af2b53c3490a53f5f93
msgid "`ldap` provides the dependencies to enable the LDAP backend;"
msgstr ""

#: ../tutorial/install.rst:31
#: cc7eb845e1744d85b54eeaef7dec2aa3
msgid "`sqlite` provides the dependencies to enable the SQLite backend;"
msgstr ""

#: ../tutorial/install.rst:32
#: 572c6784c71940958514342a0f8252b1
msgid "`postgresql` provides the dependencies to enable the PostgreSQL backend;"
msgstr ""

#: ../tutorial/install.rst:33
#: a3dee22ba7d745869fb5bf592878e824
msgid "`mysql` provides the dependencies to enable the MySQL backend;"
msgstr ""

#: ../tutorial/install.rst:34
#: 15edacfc74d84243b67efe13d71c5576
msgid "`sentry` provides sentry integration to watch Canaille exceptions;"
msgstr ""

#: ../tutorial/install.rst:35
#: 1573b386520446c695f433d3f1eec54b
msgid "`all` provides all the extras above."
msgstr ""

#: ../tutorial/install.rst:37
#: d1c85c9b764144eaae14b92a13bd70bf
msgid "They can be installed with:"
msgstr ""

#: ../tutorial/install.rst:44
#: 52137f0d57ff48018bfa33a1bf431ed7
msgid "Configure"
msgstr ""

#: ../tutorial/install.rst:46
#: 13d0fcf7c2504a2d8f91afd6ee79d064
msgid "Choose a path where to store your configuration file. You can pass any configuration path with the ``CONFIG`` environment variable."
msgstr ""

#: ../tutorial/install.rst:54
#: 36e1d4e2a408494b9360f5cccffab226
msgid "You should then edit your configuration file to adapt the values to your needs. Look at the configuration details in the :doc:`configuration <../references/configuration>` page."
msgstr ""

#: ../tutorial/install.rst:57
#: 9223c2cfca1e4199904c5f130879f5ef
msgid "Install"
msgstr ""

#: ../tutorial/install.rst:59
#: b0f16393e86e44a6954914faa9b5c313
msgid "The :ref:`install command <cli_install>` will apply most of the things needed to get Canaille working. Depending on the configured :doc:`database <databases>` it will create the SQL tables, or install the LDAP schemas for instance."
msgstr ""

#: ../tutorial/install.rst:68
#: 407c4b61f9944dfdb8c4118fb5ae634b
msgid "Check"
msgstr ""

#: ../tutorial/install.rst:70
#: e366811097054aeba527918ea72ad41d
msgid "After a manual installation, you can check your configuration file using the :ref:`check command <cli_install>`:"
msgstr ""

#: ../tutorial/troubleshooting.rst:2
#: c67091cccdb74591b0d9bb3e2e5654ee
msgid "Troubleshooting"
msgstr ""

#: ../tutorial/troubleshooting.rst:5
#: 160982b27426443da4d347a5c01189f2
msgid "The web interface throws useless error messages"
msgstr ""

#: ../tutorial/troubleshooting.rst:7
#: fa2c6dd5c7a540e8a1f9e7b9a03a4b88
msgid "Unless the current user has admin :class:`permissions <canaille.core.configuration.Permission>`, or the installation is in :attr:`~canaille.app.configuration.RootSettings.DEBUG` mode, error messages won't be too technical. For instance, you can see *The request you made is invalid*. To enable detailed error messages, you can **temporarily** enable the :attr:`~canaille.app.configuration.RootSettings.DEBUG` configuration parameter."
msgstr ""

#: ../tutorial/troubleshooting.rst:12
#: a8cc0624994447649fd16c773e5b8fed
msgid "How to manually install LDAP schemas?"
msgstr ""

#: ../tutorial/troubleshooting.rst:16
#: 67a2fe8af3684655a1202d968a16eb17
msgid "Schema installation can be automatically done using the :ref:`install command <cli_install>`."
msgstr ""

#: ../tutorial/troubleshooting.rst:18
#: 15f1f834fc9940958da02dc71b19eda0
msgid "As of OpenLDAP 2.4, two configuration methods are available:"
msgstr ""

#: ../tutorial/troubleshooting.rst:20
#: a60e06420f994c55bc323633dada48ae
msgid "The `deprecated <https://www.openldap.org/doc/admin26/slapdconf2.html>`_ one, based on a configuration file (generally ``/etc/ldap/slapd.conf``);"
msgstr ""

#: ../tutorial/troubleshooting.rst:21
#: fe71eea005cb44018102ab5eeb3604f0
msgid "The new one, based on a configuration directory (generally ``/etc/ldap/slapd.d``)."
msgstr ""

#: ../tutorial/troubleshooting.rst:23
#: dd416d958ccb4f6f995bf22091e3d5e8
msgid "Depending on the configuration method you use with your OpenLDAP installation, you need to chose how to add the canaille schemas:"
msgstr ""

#: ../tutorial/troubleshooting.rst:26
#: 36ac5e6d38e843d2b4085f8346214702
msgid "Old fashion: Copy the schemas in your filesystem"
msgstr ""

#: ../tutorial/troubleshooting.rst:35
#: ac128289f3cf42be97783b483d550026
msgid "New fashion: Use slapadd to add the schemas"
msgstr ""

#: ../tutorial/troubleshooting.rst:37
#: d84126970f494fbf86e2fb08fabe238e
msgid "Be careful to stop your ldap server before running ``slapadd``"
msgstr ""

#: ../tutorial/troubleshooting.rst:46
#: 264d7e80a4144fff934f7227030429d5
msgid "How to manually generate the OIDC keypair?"
msgstr ""

#: ../tutorial/troubleshooting.rst:50
#: 036b230876c44286868cd317e4b629a2
msgid "The keypair generation can be automatically done using the :ref:`install command <cli_install>`."
msgstr ""

#: ../tutorial/troubleshooting.rst:52
#: 43f5dcdf2c6c4210a3f3524074f1b09f
msgid "Canaille needs a key pair to sign OIDC tokens. You can customize those commands, as long as they match the ``JWT`` section of your configuration file."
msgstr ""