Commit Graph

474 Commits

Author SHA1 Message Date
Jens Langhammer 9b5b03647b move actual proxying logic to separate class 2019-04-13 16:05:11 +02:00
Jens Langhammer 940b3eb943 move logging to separate thread 2019-04-13 16:04:48 +02:00
Jens Langhammer 16eb629b71 only enable sentry when not DEBUG 2019-04-11 15:30:42 +02:00
Jens Langhammer 755045b226 try to fix app_gw being null 2019-04-11 15:30:07 +02:00
Jens Langhammer 61478db94e use global urllib Pools 2019-04-11 15:29:35 +02:00
Jens Langhammer f69f959bdb allow setting authentication_header to empty string (disabling the header) 2019-04-11 15:29:01 +02:00
Jens Langhammer 146edb45d4 bump version: 0.1.29-beta -> 0.1.30-beta 2019-04-11 14:22:34 +02:00
Jens Langhammer 045a802365 don't use context manager in web command 2019-04-11 14:22:32 +02:00
Jens Langhammer c90d8ddcff bump version: 0.1.28-beta -> 0.1.29-beta 2019-04-11 14:03:08 +02:00
Jens Langhammer a3ef26b7ad Run collectstatic before coverage, use autoreload on celery worker 2019-04-11 13:54:11 +02:00
Jens Langhammer 19cd1624c1 replace cherrypy with daphne 2019-04-11 13:43:49 +02:00
Jens Langhammer 366ef352c6 switch to whitenoise for static files 2019-04-11 13:43:08 +02:00
Jens Langhammer a1a5223b58 bump version: 0.1.27-beta -> 0.1.28-beta 2019-04-11 10:48:31 +02:00
Jens Langhammer b369eb28f1 set default log level to warn, fix clean_nonces not working 2019-04-11 10:43:13 +02:00
Jens Langhammer 9b8f390e31 Merge branch '38-websocket-proxying' into 'master'
Resolve "Websocket Proxying"

Closes #38

See merge request BeryJu.org/passbook!24
2019-04-10 20:42:24 +00:00
Jens Langhammer 11630c9a74 switch kubernetes deployment to daphne server 2019-04-10 22:38:25 +02:00
Jens Langhammer c9ac10f6f6 Implement websocket proxy 2019-04-10 19:03:42 +02:00
Jens Langhammer 04d613cb28 Move code from django-revproxy to app_gw to fix cookie bug 2019-04-10 19:03:22 +02:00
Jens Langhammer 40866f9ecd Choose upstream more cleverly 2019-04-10 18:49:33 +02:00
Jens Langhammer d8585eb872 trigger autoreload from config files 2019-04-10 18:48:55 +02:00
Jens Langhammer 15aaeda475 remove unused import 2019-04-10 18:47:21 +02:00
Jens Langhammer 8536ef9e23 Add guardian for Application permissions 2019-04-10 18:46:33 +02:00
Jens Langhammer 35b6bb6b3f fix failing CI 2019-04-09 17:26:53 +02:00
Jens Langhammer eaa573c715 fully remove raven and switch WSGI and logging to sentry_sdk 2019-04-05 16:11:53 +02:00
Jens Langhammer 660972e303 add ability to have non-expiring nonces, clean up expired nonces 2019-04-04 21:49:10 +02:00
Jens Langhammer a21012bf0c switch from raven to sentry_sdk 2019-04-04 21:48:50 +02:00
Jens Langhammer 80049413f0 bump version: 0.1.26-beta -> 0.1.27-beta 2019-03-22 14:51:13 +01:00
Jens Langhammer 2739442d4a prepare 0.1.27 2019-03-22 14:51:09 +01:00
Jens Langhammer c679f0a67c bump version: 0.1.25-beta -> 0.1.26-beta 2019-03-22 12:48:00 +01:00
Jens Langhammer 4d6bb60134 add custom template views 2019-03-22 12:16:30 +01:00
Jens Langhammer 81ac951872 validate upstream in form 2019-03-22 10:55:26 +01:00
Jens Langhammer f33e553cfd always parse url instead of once 2019-03-22 10:55:04 +01:00
Jens Langhammer 9b0240dc26 bump version: 0.1.24-beta -> 0.1.25-beta 2019-03-21 16:50:00 +01:00
Jens Langhammer c327310392 prepare 0.1.24-beta release 2019-03-21 16:49:57 +01:00
Jens Langhammer 7e87bfef5b validate server_name in form 2019-03-21 16:36:38 +01:00
Jens Langhammer a7af5268de Invalidate cache when ApplicationGateway instance is saved 2019-03-21 16:27:37 +01:00
Jens Langhammer 6d916029bb implement actual Rewriting logic 2019-03-21 16:22:07 +01:00
Jens Langhammer 81fdcbadad add compiled regex to RewriteRule 2019-03-21 16:21:51 +01:00
Jens Langhammer ec1e25fe71 cleanup property_mapping list 2019-03-21 16:21:11 +01:00
Jens Langhammer b5306e4a94 Redirect to login on reverse proxy 2019-03-21 15:15:01 +01:00
Jens Langhammer 801b8a1e59 prevent ZeroDivisionError 2019-03-21 15:05:04 +01:00
Jens Langhammer 3a52059793 cleanup post-migration mess 2019-03-21 15:02:33 +01:00
Jens Langhammer 10b7d99b37 Merge branch 'master' into 30-application-security-gateway
# Conflicts:
#	passbook/core/policies.py
#	passbook/core/settings.py
2019-03-21 14:58:10 +01:00
Jens Langhammer 6be8d0cbb2 Better handle policy timeouts 2019-03-21 14:53:57 +01:00
Jens Langhammer 5b8e3689ec Check for policies in app_gw 2019-03-21 14:53:47 +01:00
Jens Langhammer 25a5d8f5da Don't use LoginRequired for PermissionDenied View 2019-03-21 14:53:38 +01:00
Jens Langhammer 883d439544 add timeout field to policy to prevent stuck policies 2019-03-21 14:48:51 +01:00
Jens Langhammer 29913773a7 invalidate cache when policy is saved 2019-03-21 11:29:11 +01:00
Jens Langhammer 0bc6a4fed4 explicitly use redis db 2019-03-21 11:28:57 +01:00
Jens Langhammer 4645d8353f utilise cache in PolicyEngine 2019-03-21 11:08:32 +01:00
Jens Langhammer 260c5555fa add redis dependency back in for caching 2019-03-21 11:08:08 +01:00
Jens Langhammer 6f7b917c38 bump version: 0.1.23-beta -> 0.1.24-beta 2019-03-20 23:00:33 +01:00
Jens Langhammer ae3d3d0295 fix TypeError: can only concatenate list (not "str") to list 2019-03-20 22:50:09 +01:00
Jens Langhammer c23ceacd0b initial implementation of reverse proxy, using django-revproxy from within a middleware
add new config entry "primary_domain" which is used to set the cookie domain
2019-03-20 22:42:47 +01:00
Jens Langhammer 5155204283 Merge branch '32-automatically-set-owner-field-when-creating-oauth-provider' into 'master'
Resolve "Automatically set owner field when creating OAuth Provider"

Closes #32

See merge request BeryJu.org/passbook!16
2019-03-20 21:20:54 +00:00
Jens Langhammer d6f9b2e47d remove user field from form. Closes #32 2019-03-20 20:09:27 +01:00
Jens Langhammer 67aa4aef11 add modal for OAuth Providers showing the URLs 2019-03-20 20:03:28 +01:00
Jens Langhammer 9e46c8bfec bump version: 0.1.22-beta -> 0.1.23-beta 2019-03-18 20:54:31 +01:00
Jens Langhammer fccc8f4959 set issuer to root address instead of well-known path 2019-03-18 20:42:32 +01:00
Jens Langhammer c9f73d718e start implementing openid connect discovery 2019-03-18 20:35:11 +01:00
Jens Langhammer bfa58be721 bump version: 0.1.21-beta -> 0.1.22-beta 2019-03-14 21:22:15 +01:00
Jens Langhammer 81ab9092fc Fix OAuth Client's disconnect view having invalid URL names 2019-03-14 21:19:14 +01:00
Jens Langhammer 29d5962c4c add Azure AD Source 2019-03-14 21:18:55 +01:00
Jens Langhammer 5c75339946 point to correct icons 2019-03-14 21:18:13 +01:00
Jens Langhammer 4774d9a46c fix delete form not working 2019-03-14 21:17:41 +01:00
Jens Langhammer dbe16ba4fd fix layout when on mobile viewport and scrolling 2019-03-14 21:17:28 +01:00
Jens Langhammer 6972cf00a0 move icons to single folder, cleanup 2019-03-14 21:17:07 +01:00
Jens Langhammer 0445be9712 fix missing debug template 2019-03-14 21:16:27 +01:00
Jens Langhammer 89dbdd9585 bump version: 0.1.20-beta -> 0.1.21-beta 2019-03-14 18:08:02 +01:00
Jens Langhammer 5f50fcfcf5 detect HTTPS from reverse proxy 2019-03-14 18:01:41 +01:00
Jens Langhammer 96be087221 add request debug view 2019-03-14 18:01:27 +01:00
Jens Langhammer a53a269a8c bump version: 0.1.19-beta -> 0.1.20-beta 2019-03-13 16:51:43 +01:00
Jens Langhammer ae3c092238 add user settings for Sources 2019-03-13 16:49:30 +01:00
Jens Langhammer e98e5e4e3e fix GitHub Pretend again 2019-03-13 15:52:05 +01:00
Jens Langhammer d50c7ec8d4 bump version: 0.1.18-beta -> 0.1.19-beta 2019-03-13 15:16:48 +01:00
Jens Langhammer 70c11c8988 fix GitHub Pretend throwing a 500 error 2019-03-13 15:12:13 +01:00
Jens Langhammer ae64024ef4 bump version: 0.1.17-beta -> 0.1.18-beta 2019-03-13 11:31:05 +01:00
Jens Langhammer 01b0eb159a fix Server Error when downloading metadata 2019-03-12 17:08:53 +01:00
Jens Langhammer 63aa48d981 bump version: 0.1.16-beta -> 0.1.17-beta 2019-03-12 15:55:18 +01:00
Jens Langhammer b2ac57bb67 switch to vertical navigation 2019-03-12 13:35:09 +01:00
Jens Langhammer 4c22e5c2c8 don't use celery heartbeat, use TCP keepalive instead 2019-03-12 13:34:54 +01:00
Jens Langhammer 4a7b0ec8a9 remove Application.user_is_authorized 2019-03-12 10:56:01 +01:00
Jens Langhammer 330118249e bump version: 0.1.15-beta -> 0.1.16-beta 2019-03-11 21:35:11 +01:00
Jens Langhammer 8d4dabde02 finalize RabbitMQ replacement, update debian package, remove redis tgz 2019-03-11 21:35:06 +01:00
Jens Langhammer cf7323c41b bump version: 0.1.14-beta -> 0.1.15-beta 2019-03-11 21:01:18 +01:00
Jens Langhammer edd856df7d redis -> rabbitmq 2019-03-11 20:46:19 +01:00
Jens Langhammer 5e35859db6 bump version: 0.1.13-beta -> 0.1.14-beta 2019-03-11 11:44:34 +01:00
Jens Langhammer acabb2df54 fix unittests 2019-03-11 11:44:12 +01:00
Jens Langhammer e6376a05f7 bump version: 0.1.12-beta -> 0.1.13-beta 2019-03-11 11:31:12 +01:00
Jens Langhammer e1f1f617b6 fix UserChangePasswordView not requiring Login 2019-03-11 11:25:59 +01:00
Jens Langhammer 7529b51358 Fix DoesNotExist error when running PolicyEngine against None user 2019-03-11 10:52:50 +01:00
Jens Langhammer c394066d99 bump version: 0.1.11-beta -> 0.1.12-beta 2019-03-11 09:51:00 +01:00
Jens Langhammer d408031304 fix OAuth Authorization View not requiring authentication 2019-03-11 09:48:36 +01:00
Jens Langhammer 501fed1922 rewrite PasswordFactor to use backends setting instead of trying all backends 2019-03-10 21:47:08 +01:00
Jens Langhammer ad8125ac1c bump version: 0.1.10-beta -> 0.1.11-beta 2019-03-10 19:56:30 +01:00
Jens Langhammer f7c0c0146a add LDAP Group Membership Policy 2019-03-10 19:45:16 +01:00
Jens Langhammer e4baf8c21e Add Group Member policy 2019-03-10 19:32:18 +01:00
Jens Langhammer 364f040b36 always use FilteredSelectMultiple for many-to-many fields 2019-03-10 18:34:09 +01:00
Jens Langhammer 2b8c2b2346 use Django's Admin FilteredSelectMultiple for Group Membership 2019-03-10 18:06:06 +01:00
Jens Langhammer 5f861189e4 Merge branch 'master' into 23-groups
# Conflicts:
#	passbook/admin/templates/administration/base.html
2019-03-10 17:13:29 +01:00
Jens Langhammer eebbae0677 bump version: 0.1.9-beta -> 0.1.10-beta 2019-03-10 15:54:50 +01:00
Jens Langhammer 0e425418df better show loading state when testing a policy 2019-03-10 15:46:49 +01:00
Jens Langhammer 7fe0300b86 Fix button on policy test page 2019-03-10 15:36:49 +01:00
Jens Langhammer a5dc193cfd bump version: 0.1.8-beta -> 0.1.9-beta 2019-03-10 12:17:48 +01:00
Jens Langhammer f1291fec8d add impersonation middleware, add to templates 2019-03-10 02:41:31 +01:00
Jens Langhammer 37aeeea239 slightly refactor Factor View, add more unittests 2019-03-10 02:08:09 +01:00
Jens Langhammer 0fa1fc86da add more Verbosity to PolicyEngine, rewrite SAML Authorisation check 2019-03-10 02:07:48 +01:00
Jens Langhammer c3034ab9ac consistently using PolicyEngine 2019-03-10 02:07:18 +01:00
Jens Langhammer 76694e037a bump version: 0.1.7-beta -> 0.1.8-beta 2019-03-08 21:43:35 +01:00
Jens Langhammer 787db41cc3 prepare for 0.1.7 2019-03-08 21:43:33 +01:00
Jens Langhammer 74da3df7cd bump version: 0.1.6-beta -> 0.1.7-beta 2019-03-08 21:37:59 +01:00
Jens Langhammer c313b496aa Improve access control for saml 2019-03-08 21:30:16 +01:00
Jens Langhammer a7eaa74191 fix MATCH_EXACT not working as intended 2019-03-08 21:20:38 +01:00
Jens Langhammer 11ecdc4fcf bump version: 0.1.5-beta -> 0.1.6-beta 2019-03-08 20:39:27 +01:00
Jens Langhammer 2f7781b67a fix captcha factor not loading keys from Factor class 2019-03-08 20:08:28 +01:00
Jens Langhammer 296d4f691a add passing property to PolicyEngine 2019-03-08 19:49:53 +01:00
Jens Langhammer 64033031b1 remove audit's login attempt 2019-03-08 19:45:50 +01:00
Jens Langhammer 9daff7608d fix password not getting set on user import 2019-03-08 19:45:41 +01:00
Jens Langhammer a54adb05c4 bump version: 0.1.4-beta -> 0.1.5-beta 2019-03-08 16:03:52 +01:00
Jens Langhammer 2d7e8f1b50 add group administration 2019-03-08 15:49:45 +01:00
Jens Langhammer cf11f6b121 format data before inserting it 2019-03-08 15:16:25 +01:00
Jens Langhammer 6dcdf7bcce add custom DynamicArrayField to better handle arrays 2019-03-08 15:11:01 +01:00
Jens Langhammer 56d872af15 add PropertyMapping Model, add Subclass for SAML, test with AWS 2019-03-08 12:47:50 +01:00
Jens Langhammer a7b86e46bc bump version: 0.1.3-beta -> 0.1.4-beta 2019-03-07 16:24:09 +01:00
Jens Langhammer 1232c487e9 bump version: 0.1.2-beta -> 0.1.3-beta 2019-03-07 16:13:05 +01:00
Jens Langhammer d7fd5a7fa6 Fix redis dependency being too old 2019-03-07 14:39:00 +01:00
Jens Langhammer 4439378fd4 bump version: 0.1.1-beta -> 0.1.2-beta 2019-03-07 14:14:51 +01:00
Jens Langhammer acf65eafdd make naming of Providers more consistent 2019-03-07 14:14:49 +01:00
Jens Langhammer c2ebff55ef fix IDP-initiated login not working 2019-03-07 14:10:06 +01:00
Jens Langhammer 99c82676b6 Add some more failsafe for administration 2019-03-07 14:09:52 +01:00
Jens Langhammer 4991e9b825 Merge branch '1-suspicious-request' into 'master'
fix broken E-Mail templatetag

Closes #1

See merge request BeryJu.org/passbook!5
2019-03-03 20:18:23 +00:00
Jens Langhammer 612f95c3ba fix broken E-Mail templatetag 2019-03-03 21:05:17 +01:00
Jens Langhammer cd91d5ca15 Merge branch '1-suspicious-request' into 'master'
Resolve "Suspicious request detector (many invalid logins from one IP, many attempts on one username, etc)"

Closes #1

See merge request BeryJu.org/passbook!3
2019-03-03 20:04:56 +00:00
Jens Langhammer c1640b9411 fix prospector/isort errors 2019-03-03 20:54:23 +01:00
Jens Langhammer a4842c1f95 add sentry configuration 2019-03-03 20:48:31 +01:00
Jens Langhammer a4707ddc54 fix failing unittests 2019-03-03 20:34:00 +01:00
Jens Langhammer fb82d56307 create suspicious request detector and policy, add request to policy engine 2019-03-03 20:26:25 +01:00
Jens Langhammer 1a1005f80d remove audit's LoginAttempt 2019-03-03 20:13:54 +01:00
Jens Langhammer e86cae6cac Merge branch '18-password-expiry' into 'master'
Resolve "Password Expiry"

Closes #18

See merge request BeryJu.org/passbook!2
2019-03-03 16:53:31 +00:00
Jens Langhammer 0b282f45e0 fix pylint messages 2019-03-03 17:45:20 +01:00
Jens Langhammer 791e88ffc1 Fix negate on FieldMatcherPolicy 2019-03-03 17:21:58 +01:00
Jens Langhammer 7bd3c4bccf Better handle Policy.action and Policy.negate 2019-03-03 17:12:53 +01:00
Jens Langhammer 722e2e4050 Show warning when un-attached policies exist 2019-03-03 17:12:35 +01:00
Jens Langhammer c7fc444c95 add password policy 2019-03-03 17:12:05 +01:00
Jens Langhammer 20ad062814 Log SAML Authorization actions 2019-03-03 00:34:34 +01:00
Jens Langhammer fcb5d36e07 cleanup SAML urls 2019-03-03 00:07:40 +01:00
Jens Langhammer 9b131b619f Show warning message when no Factor exists 2019-03-02 23:54:40 +01:00
Jens Langhammer 54427f7c68 use HTML5 autocomplete values to better handle password managers 2019-03-02 23:19:58 +01:00
Jens Langhammer 35eef9c28d improve worker warning 2019-03-02 22:41:25 +01:00
Jens Langhammer e88a82553d use separate Form for Admin user editing (allow is_staff and is_active) 2019-03-02 22:41:14 +01:00