e5e4824920
*/saml: fully migrate to xmlsec, remove signxml dependency
2020-11-15 15:20:56 +01:00
9877ef99c4
*/saml: fix creation and validation of detached signatures
2020-11-12 11:59:07 +01:00
1edcda58ba
providers/saml: add verification_kp when verifying assertions against certificates without private key
2020-11-08 22:24:54 +01:00
a5420fe019
providers/saml: lowercase acs URLs before checking
...
closes #249
2020-10-01 10:04:20 +02:00
1a6dd00681
providers/saml: fix X509Data container linebreaks
2020-08-01 19:38:59 +02:00
330bd0932b
providers/saml: fix NotOnOrAfter using incorrect timestamp
2020-08-01 19:38:41 +02:00
37b2400cdb
lib: move SAML timestring utils into lib
2020-07-20 11:35:16 +02:00
f7b9de1261
*/saml: fix MetadataProcessor having generic namespace prefixes
2020-07-12 18:40:43 +02:00
464b558a02
*/saml: fix typo
2020-07-12 17:20:41 +02:00
d1151091cd
providers/saml: Generate NameID Value based on NameID Policy received
2020-07-12 17:06:35 +02:00
f8e5383ba2
providers/saml: parse NameID Policy from AuthnRequest
2020-07-12 17:05:48 +02:00
0ff4545bab
providers/saml: fix AuthnRequest Signature validation, add unittests
2020-07-12 16:17:53 +02:00
a393097504
*/saml: start implementing unittests, fix signing
2020-07-12 01:44:34 +02:00
2056b86ce7
providers/saml: rewrite SAML AuthNRequest Parser and Response Processor
2020-07-11 14:06:42 +02:00
3753275453
providers/saml: make metadata accessible without authentication
2020-06-20 21:51:52 +02:00
a0f05caf8e
providers/saml: move templates into correct folder
2020-06-20 21:49:16 +02:00
73116b9d1a
policies/expression: migrate to raw python instead of jinja2 ( #49 )
...
* policies/expression: migrate to raw python instead of jinja2
* lib/expression: create base evaluator, custom subclass for policies
* core: rewrite propertymappings to use python
* providers/saml: update to new PropertyMappings
* sources/ldap: update to new PropertyMappings
* docs: update docs for new propertymappings
* root: remove jinja2
* root: re-add jinja to lock file as its implicitly required
2020-06-05 12:00:27 +02:00
e2804b9755
root: fix linting errors
2020-05-27 11:26:48 +02:00
c903c81bd5
root: update pylint ignore list
2020-05-18 18:15:39 +02:00
fff05e35ac
providers/saml: optionally verify SAML Signature
2020-05-06 18:03:12 +02:00
a5bfef9b6b
providers/saml: fix leftover data in session, fix IdP initiated login
...
move can_handle calls to binding endpoints (/login/ and /login/initiate/), so that /login/authorize/ works either way, can clean up the session and audit
2020-02-24 17:34:52 +01:00
38a22ddf13
providers/saml: cleanup encoding
2020-02-20 21:33:10 +01:00
027a64fad2
providers/saml: change default NameID Format to emailAddress
2020-02-20 17:37:09 +01:00
8d875cb01d
providers/saml: fix /login/ pointing to wrong view
2020-02-20 16:13:55 +01:00
5b22f9b6c3
providers/saml: transition to dataclass from dict, cleanup unused templates, add missing autosubmit_form
2020-02-18 10:57:30 +01:00
813b2676de
providers/saml: better handle PropertyMapping evaluation errors
2020-02-18 10:12:42 +01:00
3aa2f1e892
*: propertymapping template -> expression
2020-02-17 20:38:14 +01:00
7268afaaf9
providers/saml: update to new PropertyMappings
2020-02-17 17:50:11 +01:00
447e81d0b8
providers/saml: handle uncompressed SAML AuthNRequest
2020-02-16 14:08:35 +01:00
e5b85e8e6a
providers/saml: move default saml properties to DB
2020-02-16 12:29:53 +01:00
571373866e
providers/saml: some more cleanup, fix get_time_string when called without argument
2020-02-14 15:34:24 +01:00
e36d7928e4
providers/saml: big cleanup, simplify base processor
...
add New fields for
- assertion_valid_not_before
- assertion_valid_not_on_or_after
- session_valid_not_on_or_after
allow flexible time durations for these fields
fall back to Provider's ACS if none is specified in AuthNRequest
2020-02-14 15:19:48 +01:00
3bd1eadd51
all: implement black as code formatter
2019-12-31 12:51:16 +01:00
f2acc154cd
*(minor): small refactor
2019-10-07 16:33:48 +02:00
Jens Langhammer
Jens L
Langhammer, Jens