Commit graph

89 commits

Author SHA1 Message Date
Jens Langhammer 52f138d402 sources/saml: improve error handing of invalid signatures 2020-06-23 21:49:27 +02:00
Jens Langhammer 6f0e292c43 root: add lgtm 2020-06-15 11:56:20 +02:00
Jens Langhammer 26aa7e1fef sources/ldap: fix 'LDAPSource' object has no attribute '_connection' 2020-06-09 01:17:17 +02:00
Jens Langhammer ee8313142f Merge branch 'docs-flows'
# Conflicts:
#	passbook/core/templates/partials/form_horizontal.html
2020-06-08 15:43:46 +02:00
Jens L 4915205678
WIP Use Flows for Sources and Providers (#32)
* core: start migrating to flows for authorisation

* sources/oauth: start type-hinting

* core: create default user

* core: only show user delete button if an unenrollment flow exists

* flows: Correctly check initial policies on flow with context

* policies: add more verbosity to engine

* sources/oauth: migrate to flows

* sources/oauth: fix typing errors

* flows: add more tests

* sources/oauth: start implementing unittests

* sources/ldap: add option to disable user sync, move connection init to model

* sources/ldap: re-add default PropertyMappings

* providers/saml: re-add default PropertyMappings

* admin: fix missing stage count

* stages/identification: fix sources not being shown

* crypto: fix being unable to save with private key

* crypto: re-add default self-signed keypair

* policies: rewrite cache_key to prevent wrong cache

* sources/saml: migrate to flows for auth and enrollment

* stages/consent: add new stage

* admin: fix PropertyMapping widget not rendering properly

* core: provider.authorization_flow is mandatory

* flows: add support for "autosubmit" attribute on form

* flows: add InMemoryStage for dynamic stages

* flows: optionally allow empty flows from FlowPlanner

* providers/saml: update to authorization_flow

* sources/*: fix flow executor URL

* flows: fix pylint error

* flows: wrap responses in JSON object to easily handle redirects

* flow: dont cache plan's context

* providers/oauth: rewrite OAuth2 Provider to use flows

* providers/*: update docstrings of models

* core: fix forms not passing help_text through safe

* flows: fix HttpResponses not being converted to JSON

* providers/oidc: rewrite to use flows

* flows: fix linting
2020-06-07 16:35:08 +02:00
Jens Langhammer 7664b428e7 sources/ldap: fix expression field not being CodeMirror 2020-06-05 20:18:45 +02:00
Jens Langhammer 30ca926b38 docs: remove last occurrences to jinja2 2020-06-05 20:18:11 +02:00
Jens L 73116b9d1a
policies/expression: migrate to raw python instead of jinja2 (#49)
* policies/expression: migrate to raw python instead of jinja2

* lib/expression: create base evaluator, custom subclass for policies

* core: rewrite propertymappings to use python

* providers/saml: update to new PropertyMappings

* sources/ldap: update to new PropertyMappings

* docs: update docs for new propertymappings

* root: remove jinja2

* root: re-add jinja to lock file as its implicitly required
2020-06-05 12:00:27 +02:00
Jens Langhammer ef913abc7a sources/ldap: add option to disable user sync, move connection init to model 2020-06-02 17:15:59 +02:00
Jens Langhammer ddfa2abbaa sources/ldap: re-add default PropertyMappings 2020-06-02 17:00:03 +02:00
Jens Langhammer 5fc5e54f47 sources/oauth: fix typing errors
# Conflicts:
#	passbook/sources/oauth/clients.py
2020-06-02 16:57:38 +02:00
Jens Langhammer e2804b9755 root: fix linting errors 2020-05-27 11:26:48 +02:00
Jens L beabba2890
flows: Load Stages without refreshing the whole page (#33)
* flows: initial implementation of FlowExecutorShell

* flows: load messages dynamically upon card refresh
2020-05-24 00:57:25 +02:00
Jens Langhammer 0664f0b6b2 flows: add support for default_context, etc
default_context can be used to influence policies during the planning. This should be used when the Planner is called from other views to correctly preseed the plan.
This also checks if there is a PENDING_USER set, and uses that user for the cache key instead
2020-05-20 16:15:16 +02:00
Jens Langhammer cafe2f1e1f admin: fix linting 2020-05-20 13:59:56 +02:00
Jens Langhammer 969da05437 admin: show object's docstring on inheritance based lists 2020-05-20 13:47:58 +02:00
Jens L 24a3e787dd
migrate to per-model UUID Primary key, remove UUIDModel (#26)
* *: migrate to per-model UUID Primary key, remove UUIDModel

* *: fix import order, fix unittests
2020-05-20 09:17:06 +02:00
Jens Langhammer 13a20478fd sources/oauth: add OIDC client 2020-05-19 21:53:46 +02:00
Jens Langhammer f58ee7fb52 sources/oauth: fix handling of sources with spaces in their name 2020-05-19 21:53:36 +02:00
Jens Langhammer a5319fc2fe *: rename templatetags to clearly identify 2020-05-15 10:54:31 +02:00
Jens Langhammer 212e966dd4 factors: -> stage 2020-05-08 20:59:51 +02:00
Jens Langhammer 2a85e5ae87 flows: complete migration to FlowExecutorView, fully use context 2020-05-08 16:10:27 +02:00
Jens Langhammer 114bb1b0bd flows: implement planner, start new executor 2020-05-08 14:33:14 +02:00
Jens Langhammer 5400882d78 flows/: more migration progress, consolidate views 2020-05-07 21:30:52 +02:00
Jens Langhammer 80d90b91e8 core: add general admin.py loader, remove individual files 2020-05-07 00:05:10 +02:00
Jens Langhammer dc8b89a6b9 sources/saml: switch to new crypto 2020-03-03 23:35:38 +01:00
Jens Langhammer 81b66ecdcd core: remove some more dead code, add more help texts for factors 2020-02-27 16:39:30 +01:00
Jens Langhammer f8599438df ui: fix lists not being rendered correctly 2020-02-24 13:13:42 +01:00
Jens Langhammer 64d7b009ab sources/oauth: fix invalid headers, fix invalid function signature 2020-02-23 19:42:57 +01:00
Jens Langhammer fa2870afe0 sources: remove policies as they are not used currently 2020-02-23 14:40:06 +01:00
Jens Langhammer f4a676e2fb sources/oauth: slugify provider type instead of just lowercase 2020-02-23 13:53:16 +01:00
Jens Langhammer 88c1ad4c1c providers/saml: fix 500 when SAML Provider not assigned to application 2020-02-21 20:54:00 +01:00
Jens Langhammer 1285ba6fbb ui: include font-awesome 2020-02-21 18:00:09 +01:00
Jens Langhammer a09a1793ec ui: update templates for jinja2-related fields 2020-02-21 15:36:37 +01:00
Jens Langhammer 8fd86a28ff ui: fixup minor issues, add static app 2020-02-21 11:20:55 +01:00
Jens Langhammer 32a15f84c0 root: run bandit as part of pre-commit 2020-02-21 09:03:59 +01:00
Jens Langhammer d988f37afc lib: add SentryIgnoredException, to easily ignore exceptions from sentry 2020-02-20 21:38:53 +01:00
Jens Langhammer 295c0bae3f sources/saml: validate SAMLResponse signature 2020-02-20 21:34:25 +01:00
Jens Langhammer 84fc54ddaa sources/saml: entity_id -> issuer 2020-02-20 17:23:27 +01:00
Jens Langhammer 0b5caa85f5 all: sort imports and cleanup 2020-02-20 17:23:05 +01:00
Jens Langhammer 14e0a17dbc ui: don't remove dashes when auto generating slug 2020-02-20 17:13:50 +01:00
Jens Langhammer 40a2a26904 sources/saml: fix Metadata cert including PEM header 2020-02-20 17:05:11 +01:00
Jens Langhammer c8b3c6e51a sources/saml: fix build_full_url using incorrect URL parameter 2020-02-20 17:04:54 +01:00
Jens Langhammer 6c889eff27 core: fix application icons not loading, fix with_sources being broken 2020-02-20 14:30:06 +01:00
Jens Langhammer 3c2b8e5ee1 all: prefix all UI related methods with ui_, switch to property and return dataclass 2020-02-20 13:51:41 +01:00
Jens Langhammer 07b7951390 sources/ldap: handle user_sync errors better, show warning when user exists already 2020-02-19 16:20:33 +01:00
Jens Langhammer 9267d0c1dd all: general maintenance, prepare for pyright 2020-02-18 22:12:51 +01:00
Jens Langhammer 865abc005a sources/oauth: remove leading spaces in default URLs 2020-02-18 21:49:53 +01:00
Jens Langhammer a2725d5b82 sources/oauth: remove redundant OAuth2Clients 2020-02-18 21:49:40 +01:00
Jens Langhammer 4a05bc6e02 sources/oauth: improve default OAuth2 Client, send access_token as Bearer Authz 2020-02-18 21:49:23 +01:00