-
-
Notifications
You must be signed in to change notification settings - Fork 2.1k
Commits on May 7, 2020
-
Implement OpenID Connect-based login
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 968791b - Browse repository at this point
Copy the full SHA 968791bView commit details -
OIDC login: allow specifying custom endpoints
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for ff202e5 - Browse repository at this point
Copy the full SHA ff202e5View commit details -
OIDC login: include redirect_uri in grant & authorization steps
This would break with some providers if multiple redirect uris were configured. Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 380260e - Browse repository at this point
Copy the full SHA 380260eView commit details -
OIDC login: make user properties configurable
the localpart and the display name are derived from claims returned by the provider using a user-configurable jinja template Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 582e19b - Browse repository at this point
Copy the full SHA 582e19bView commit details -
OIDC login: add changelog entry
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 7dccd63 - Browse repository at this point
Copy the full SHA 7dccd63View commit details -
OIDC login: disable by default
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for e8f893a - Browse repository at this point
Copy the full SHA e8f893aView commit details -
This adds tests for: - part of the config - well-known discovery - jwks fetching - redirect uri Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 82a8efb - Browse repository at this point
Copy the full SHA 82a8efbView commit details -
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for cc7250f - Browse repository at this point
Copy the full SHA cc7250fView commit details -
OIDC login: allow skipping verification
Also adds test to the provider metadata verification Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 359a55c - Browse repository at this point
Copy the full SHA 359a55cView commit details -
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 8a78906 - Browse repository at this point
Copy the full SHA 8a78906View commit details -
OIDC login: allow fetching userinfo
This allows to use generic OAuth2 providers like GitHub that are not OpenID Connect compliant. Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 0f3f3db - Browse repository at this point
Copy the full SHA 0f3f3dbView commit details -
OIDC login: re-generate sample config
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 42988e0 - Browse repository at this point
Copy the full SHA 42988e0View commit details -
Send
Accept: application/json
in SimpleHttpClient JSON methodsSigned-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for b0c0f52 - Browse repository at this point
Copy the full SHA b0c0f52View commit details -
OIDC login: support alternative client auth methods
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 61ba148 - Browse repository at this point
Copy the full SHA 61ba148View commit details -
OIDC login: reload jwks if jwt decoding fails
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for a0836db - Browse repository at this point
Copy the full SHA a0836dbView commit details -
OIDC login: fix test on python 3.5
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 7ff9a5d - Browse repository at this point
Copy the full SHA 7ff9a5dView commit details -
OIDC login: fix test on python 3.5 (attempt #2)
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 0809627 - Browse repository at this point
Copy the full SHA 0809627View commit details -
OIDC login: user-friendly errors
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for b9f18c1 - Browse repository at this point
Copy the full SHA b9f18c1View commit details -
OIDC login: add docs to test with some providers
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 3052ea8 - Browse repository at this point
Copy the full SHA 3052ea8View commit details -
OIDC login: fix auth method default config
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 5583c47 - Browse repository at this point
Copy the full SHA 5583c47View commit details -
OIDC login: regenerate sample config
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 2a5f66c - Browse repository at this point
Copy the full SHA 2a5f66cView commit details -
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 6d77dcb - Browse repository at this point
Copy the full SHA 6d77dcbView commit details -
OIDC login: test oauth2 callback
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for a77ab05 - Browse repository at this point
Copy the full SHA a77ab05View commit details -
OIDC login: fix test on python 3.5
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for d662043 - Browse repository at this point
Copy the full SHA d662043View commit details -
OIDC login: add a lot of docstrings
also fixes a few things discussed in the PR Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 5668fc5 - Browse repository at this point
Copy the full SHA 5668fc5View commit details -
OIDC login: custom modules for user mappings
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 4f8ffaa - Browse repository at this point
Copy the full SHA 4f8ffaaView commit details -
OIDC login: remove type hints from docstrings
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 782bf3a - Browse repository at this point
Copy the full SHA 782bf3aView commit details -
OIDC login: fix various things
- comment about the JWKS loading process - type hints - cookies with SameSite=Lax Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for e9b0138 - Browse repository at this point
Copy the full SHA e9b0138View commit details -
OIDC login: use the SSO template dir for OIDC
It also renames the config variable internally from sso_redirect_confirm_template_dir to sso_template_dir. Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 244e7c5 - Browse repository at this point
Copy the full SHA 244e7c5View commit details -
OIDC login: fix syntax on python 3.5
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 1ef3b20 - Browse repository at this point
Copy the full SHA 1ef3b20View commit details -
OIDC login: simplify the code exchange request
Also fixes the tests Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for c60fa61 - Browse repository at this point
Copy the full SHA c60fa61View commit details -
OIDC login: fix code exchange request on py3.5
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 6e2a0db - Browse repository at this point
Copy the full SHA 6e2a0dbView commit details -
OIDC login: fix sample config in docs
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for e76c50a - Browse repository at this point
Copy the full SHA e76c50aView commit details -
OIDC login: proper error handling in code exchange
This ensures the OP is behaving correctly and returns valid HTTP codes Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 543e046 - Browse repository at this point
Copy the full SHA 543e046View commit details -
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for ea5d71d - Browse repository at this point
Copy the full SHA ea5d71dView commit details -
Apply suggestions from code review
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 2181fac - Browse repository at this point
Copy the full SHA 2181facView commit details -
OIDC login: fix sample config templates
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 02f8dc0 - Browse repository at this point
Copy the full SHA 02f8dc0View commit details -
OIDC login: log throughout the process
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for a6b6bd9 - Browse repository at this point
Copy the full SHA a6b6bd9View commit details -
OIDC login: check the validity of the auth method
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for be7b732 - Browse repository at this point
Copy the full SHA be7b732View commit details -
OIDC login: fix dev docs & add Twitch example
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for c358f72 - Browse repository at this point
Copy the full SHA c358f72View commit details -
OIDC login: make the user attribute mapping async
Also passes the token as parameter of the mapping provider Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 9bd40d1 - Browse repository at this point
Copy the full SHA 9bd40d1View commit details -
OIDC login: check for None values in metadata
This allows to simplify the metadata edit code in tests and leverage unittest.mock.patch.dict Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for eace065 - Browse repository at this point
Copy the full SHA eace065View commit details -
OIDC login: refactor macaroon generation/verification
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for b3e7b6c - Browse repository at this point
Copy the full SHA b3e7b6cView commit details -
OIDC login: add docstrings to tests
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for cfa177c - Browse repository at this point
Copy the full SHA cfa177cView commit details -
OIDC login: various fixes from PR review
Signed-off-by: Quentin Gliech <quentin@connecteu.rs>
Configuration menu - View commit details
-
Copy full SHA for 0f5b4fd - Browse repository at this point
Copy the full SHA 0f5b4fdView commit details