Commit graph

58 commits

Author SHA1 Message Date
Jens Langhammer 59e8dca499 sources/ldap: divide connector into password, sync and auth, add unittests for password 2020-09-21 21:40:41 +02:00
Jens Langhammer 74251a8883 audit: update swagger for event 2020-09-21 13:41:53 +02:00
Jens Langhammer f99eaa85ac sources/ldap: implement LDAP password validation and syncing 2020-09-21 11:46:35 +02:00
Jens Langhammer a02fcb0a7a providers/oauth2: use # as separate for code#adfs, check if # exists in response_type and trim 2020-09-19 18:37:50 +02:00
Jens Langhammer 5689f25c39 providers/proxy: add option to skip authentication for paths matching regular expressions 2020-09-19 11:32:04 +02:00
Jens Langhammer a69c494feb stages/password: update swagger 2020-09-19 02:20:38 +02:00
Jens Langhammer fe4a0c3b44 core: add impersonation start/end to audit log
also add impersonated user as context to other logs
2020-09-18 23:39:37 +02:00
Jens Langhammer e0c104ee5c providers/oauth2: remove post_logout_redirect_uris 2020-09-18 23:37:40 +02:00
Jens Langhammer 4b39c71de0 providers/oauth2: accept token as post param 2020-09-16 23:38:55 +02:00
Jens Langhammer 0a5e14a352 core: make is_superuser a group property, remove from user 2020-09-15 23:10:31 +02:00
Jens Langhammer 5c622cd4d2 providers/oauth2: make sub configurable based on hash, username, email and upn 2020-09-15 20:54:42 +02:00
Jens Langhammer ca0ba85023 providers/saml: disallow idp-initiated SSO by default and validate Request ID 2020-09-12 00:53:44 +02:00
Jens Langhammer 430905295d root: automate system migrations, move docker to lifecycle folder 2020-09-10 00:18:39 +02:00
Jens Langhammer 9712be847c policies/api: fix target returning pbm_uuid instead of proper primary key of the object 2020-09-08 18:05:50 +02:00
Jens Langhammer 28893b9695 flows/transfer: fix missing unique fields for PolicyBinding 2020-09-07 11:26:37 +02:00
Jens L 268de20872
Proxy v2 (#189) 2020-09-03 00:04:12 +02:00
Jens Langhammer c39d136383 flows: add title field 2020-08-28 15:23:03 +02:00
Jens L 0e0898c3cf
Flow exporting/importing (#187)
* stages/*: Add SerializerModel as base model, implement serializer property

* flows: add initial flow exporter and importer

* policies/*: implement .serializer for all policies

* root: fix missing dacite requirement
2020-08-22 00:42:15 +02:00
Jens L c7a2410b1d
OAuth Provider Rewrite (#182) 2020-08-19 10:32:44 +02:00
Jens Langhammer 7334599efd *: update JSON fields to django 3.1 2020-08-15 21:04:22 +02:00
Jens Langhammer ffff69ada0 stages/consent: add unittests for new modes 2020-07-20 18:47:52 +02:00
Jens Langhammer 50612991fa stages/consent: start implementing user consent 2020-07-20 13:19:58 +02:00
Jens Langhammer 1b0c013d8e providers/saml: remove processor_path field 2020-07-11 13:28:10 +02:00
Jens Langhammer d74366f413 policies/hibp: update for flows, add unittests 2020-07-10 20:57:15 +02:00
Jens Langhammer 5bcf2aef8c policies/password: Add Password Policy tests, update password policy for flows 2020-07-10 20:53:08 +02:00
Jens Langhammer 0e3e73989d sources/saml: Add NameID Policy field, sent with AuthnRequest 2020-07-08 16:18:09 +02:00
Jens Langhammer d831599608 core: make autosubmit_form generic template 2020-07-08 14:27:58 +02:00
Jens Langhammer 2e2c9f5287 api: add token authentication 2020-07-05 23:37:58 +02:00
Jens Langhammer e5165abf04 stages/user_login: Allow changing of session duration 2020-07-04 15:20:45 +02:00
Jens Langhammer 16b966c16e policies: Show grouped Dropdown for Target 2020-07-04 00:16:16 +02:00
Jens Langhammer d3b0992456 flows: FlowStageBinding: rename .flow to .target to fix select_subclasses() 2020-07-04 00:14:21 +02:00
Jens Langhammer 6634cc2edf root: add group_membership policy 2020-07-01 21:18:05 +02:00
Jens Langhammer d2bf579ff6 stages/otp_static: start implementing static stage 2020-06-30 15:44:34 +02:00
Jens Langhammer 285a69d91f Merge branch 'master' into otp-rework 2020-06-30 11:23:09 +02:00
Jens Langhammer bf297b8593 admin: add info about latest version 2020-06-30 10:23:39 +02:00
Jens Langhammer 920858ff72 Merge branch 'master' into otp-rework
# Conflicts:
#	passbook/flows/models.py
#	passbook/stages/otp/models.py
#	swagger.yaml
2020-06-29 22:54:18 +02:00
Jens Langhammer b8654c06bf flows: remove generic "password change" designation and add setup_stage 2020-06-29 11:12:51 +02:00
Jens Langhammer 8c36ab89e8 stages/otp: start separation into 3 stages, otp_time, otp_static and otp_validate 2020-06-28 10:30:35 +02:00
Jens Langhammer 831e228f80 api: fix SAMLSource missing from API 2020-06-24 22:28:40 +02:00
Jens Langhammer 5e8a1e3c0d *: make email naming consistent 2020-06-18 19:35:59 +02:00
Jens Langhammer feba3e2430 stages/prompt: Add username type field
add autocomplete attributes for username and password
2020-06-15 19:05:18 +02:00
Jens Langhammer ee8313142f Merge branch 'docs-flows'
# Conflicts:
#	passbook/core/templates/partials/form_horizontal.html
2020-06-08 15:43:46 +02:00
Jens L 4915205678
WIP Use Flows for Sources and Providers (#32)
* core: start migrating to flows for authorisation

* sources/oauth: start type-hinting

* core: create default user

* core: only show user delete button if an unenrollment flow exists

* flows: Correctly check initial policies on flow with context

* policies: add more verbosity to engine

* sources/oauth: migrate to flows

* sources/oauth: fix typing errors

* flows: add more tests

* sources/oauth: start implementing unittests

* sources/ldap: add option to disable user sync, move connection init to model

* sources/ldap: re-add default PropertyMappings

* providers/saml: re-add default PropertyMappings

* admin: fix missing stage count

* stages/identification: fix sources not being shown

* crypto: fix being unable to save with private key

* crypto: re-add default self-signed keypair

* policies: rewrite cache_key to prevent wrong cache

* sources/saml: migrate to flows for auth and enrollment

* stages/consent: add new stage

* admin: fix PropertyMapping widget not rendering properly

* core: provider.authorization_flow is mandatory

* flows: add support for "autosubmit" attribute on form

* flows: add InMemoryStage for dynamic stages

* flows: optionally allow empty flows from FlowPlanner

* providers/saml: update to authorization_flow

* sources/*: fix flow executor URL

* flows: fix pylint error

* flows: wrap responses in JSON object to easily handle redirects

* flow: dont cache plan's context

* providers/oauth: rewrite OAuth2 Provider to use flows

* providers/*: update docstrings of models

* core: fix forms not passing help_text through safe

* flows: fix HttpResponses not being converted to JSON

* providers/oidc: rewrite to use flows

* flows: fix linting
2020-06-07 16:35:08 +02:00
Jens Langhammer 0c5aff21bc stages/identification: minor UI fixes 2020-06-05 17:02:50 +02:00
Jens Langhammer ef913abc7a sources/ldap: add option to disable user sync, move connection init to model 2020-06-02 17:15:59 +02:00
Jens Langhammer 4d1658b35e stages/identification: explicitly define enrollment and recovery 2020-05-31 23:01:08 +02:00
Jens Langhammer 80a36a3441 stages/user_write: don't use create_user, create empty object and set attributes 2020-05-28 23:22:15 +02:00
Jens L df8995deed
policies/*: remove Policy.negate, order, timeout (#39)
policies: rewrite engine to use PolicyBinding for order/negate/timeout
policies: rewrite engine to use PolicyResult instead of tuple
2020-05-28 21:45:54 +02:00
Jens L beabba2890
flows: Load Stages without refreshing the whole page (#33)
* flows: initial implementation of FlowExecutorShell

* flows: load messages dynamically upon card refresh
2020-05-24 00:57:25 +02:00
Jens Langhammer cafe2f1e1f admin: fix linting 2020-05-20 13:59:56 +02:00