Merge branch 'master' into outpost-ldap
This commit is contained in:
commit
d84d7c26ca
|
@ -116,18 +116,18 @@
|
|||
},
|
||||
"boto3": {
|
||||
"hashes": [
|
||||
"sha256:ac10d832ad716281da6ca77cea824d723af479f8611087dee4b0489c48c32fd9",
|
||||
"sha256:e2ef25afc36a301199bfbd662aef46dd11ed0db9baf96fce111db4043928065b"
|
||||
"sha256:3a763ccf872e21e99c2ee0dd9e03f8377dbd1408ac20467a2a967ac0a0344ee9",
|
||||
"sha256:e27c005fdbc0871275d6a223d6797d819d7116c8c64f07ae51ea78cc10b08c19"
|
||||
],
|
||||
"index": "pypi",
|
||||
"version": "==1.17.64"
|
||||
"version": "==1.17.65"
|
||||
},
|
||||
"botocore": {
|
||||
"hashes": [
|
||||
"sha256:42dde7c699b3710e5c3a944cd8ce8b7a80b9f610d8857a0ad36bdc9743cc3375",
|
||||
"sha256:ec418c273c37efd33d39bb4559f7df09de46df1f87fdbb064d8ebb281849a625"
|
||||
"sha256:bf5ebe11a737fa29b530ba0b8d787e112b4637e28b8fd516e8718c917ed76c14",
|
||||
"sha256:e31c3bc0e917ee8733055f3732b8cef9c5d4512f1e2e6c3bcc78a464c56aab49"
|
||||
],
|
||||
"version": "==1.20.64"
|
||||
"version": "==1.20.65"
|
||||
},
|
||||
"cachetools": {
|
||||
"hashes": [
|
||||
|
@ -312,11 +312,11 @@
|
|||
},
|
||||
"django": {
|
||||
"hashes": [
|
||||
"sha256:0604e84c4fb698a5e53e5857b5aea945b2f19a18f25f10b8748dbdf935788927",
|
||||
"sha256:21f0f9643722675976004eb683c55d33c05486f94506672df3d6a141546f389d"
|
||||
"sha256:95c13c750f1f214abadec92b82c2768a5e795e6c2ebd0b4126f895ce9efffcdd",
|
||||
"sha256:e2f73790c60188d3f94f08f644de249d956b3789161e7604509d128a13fb2fcc"
|
||||
],
|
||||
"index": "pypi",
|
||||
"version": "==3.2"
|
||||
"version": "==3.2.1"
|
||||
},
|
||||
"django-dbbackup": {
|
||||
"hashes": [
|
||||
|
@ -1683,11 +1683,11 @@
|
|||
},
|
||||
"pytest": {
|
||||
"hashes": [
|
||||
"sha256:671238a46e4df0f3498d1c3270e5deb9b32d25134c99b7d75370a68cfbe9b634",
|
||||
"sha256:6ad9c7bdf517a808242b998ac20063c41532a570d088d77eec1ee12b0b5574bc"
|
||||
"sha256:50bcad0a0b9c5a72c8e4e7c9855a3ad496ca6a881a3641b4260605450772c54b",
|
||||
"sha256:91ef2131a9bd6be8f76f1f08eac5c5317221d6ad1e143ae03894b862e8976890"
|
||||
],
|
||||
"index": "pypi",
|
||||
"version": "==6.2.3"
|
||||
"version": "==6.2.4"
|
||||
},
|
||||
"pytest-django": {
|
||||
"hashes": [
|
||||
|
|
|
@ -148,22 +148,24 @@ class SourceFlowManager:
|
|||
def get_flow(self, **kwargs) -> HttpResponse:
|
||||
"""Get the flow response based on user_matching_mode"""
|
||||
action, connection = self.get_action()
|
||||
if not connection:
|
||||
return redirect("/")
|
||||
if action == Action.LINK:
|
||||
self._logger.debug("Linking existing user")
|
||||
return self.handle_existing_user_link(connection)
|
||||
if action == Action.AUTH:
|
||||
self._logger.debug("Handling auth user")
|
||||
return self.handle_auth_user(connection)
|
||||
if action == Action.ENROLL:
|
||||
self._logger.debug("Handling enrollment of new user")
|
||||
return self.handle_enroll(connection)
|
||||
if connection:
|
||||
if action == Action.LINK:
|
||||
self._logger.debug("Linking existing user")
|
||||
return self.handle_existing_user_link(connection)
|
||||
if action == Action.AUTH:
|
||||
self._logger.debug("Handling auth user")
|
||||
return self.handle_auth_user(connection)
|
||||
if action == Action.ENROLL:
|
||||
self._logger.debug("Handling enrollment of new user")
|
||||
return self.handle_enroll(connection)
|
||||
# Default case, assume deny
|
||||
messages.error(
|
||||
self.request,
|
||||
_(
|
||||
"Request to authenticate with %(source)s has been denied!"
|
||||
(
|
||||
"Request to authenticate with %(source)s has been denied. Please authenticate "
|
||||
"with the source you've previously signed up with."
|
||||
)
|
||||
% {"source": self.source.name}
|
||||
),
|
||||
)
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -29,11 +29,11 @@ title: Next
|
|||
|
||||
Now you can configure how the matching should be done:
|
||||
|
||||
- Identifier: Keeps the old behaviour, can lead to duplicate user accounts
|
||||
- Email (link): If a user with the same Email address exists, they are linked. Can have security implications when a source doesn't validate email addresses.
|
||||
- Email (deny): Deny the flow if the Email address is already used.
|
||||
- Username (link): If a user with the same username address exists, they are linked. Can have security implications when a username is used with another source.
|
||||
- Username (deny): Deny the flow if the username address is already used.
|
||||
- Identifier: Keeps the old behaviour, can lead to duplicate user accounts
|
||||
- Email (link): If a user with the same Email address exists, they are linked. Can have security implications when a source doesn't validate email addresses.
|
||||
- Email (deny): Deny the flow if the Email address is already used.
|
||||
- Username (link): If a user with the same username address exists, they are linked. Can have security implications when a username is used with another source.
|
||||
- Username (deny): Deny the flow if the username address is already used.
|
||||
|
||||
## Minor changes
|
||||
|
||||
|
|
File diff suppressed because it is too large
Load Diff
Reference in New Issue