Valentin Samir
a4d70d3046
Merge branch 'dev' into federate
2016-06-28 15:29:45 +02:00
Valentin Samir
16fb7b5021
Fix renew request from service
2016-06-28 15:24:50 +02:00
Valentin Samir
434dcf6e4e
Correct some codacy errors
2016-06-28 00:48:48 +02:00
Valentin Samir
32b5627c38
Merge branch 'dev' into federate
2016-06-28 00:34:31 +02:00
Valentin Samir
bab79c4de5
More unit tests (essentially for the login view) and some docstrings
2016-06-27 23:55:17 +02:00
Valentin Samir
164e2f5c28
style
2016-06-26 16:02:25 +02:00
Valentin Samir
ac5f359063
style
2016-06-26 11:26:19 +02:00
Valentin Samir
a0ab47a4ae
Allow pgtUrl to be localhost without https
2016-06-24 21:05:43 +02:00
Valentin Samir
6d7300fe43
Add SLO support from federated CAS
2016-06-23 17:18:53 +02:00
Valentin Samir
d1c5ff4019
Use session to transmist username/ticket from fedeare view to login view
...
Hence, these parameter are not recorder in the user history, and thus
the user username do not apear anymore in the history. This respect more the
user privacy.
2016-06-22 12:46:18 +02:00
Valentin Samir
3a71cc2cca
Add "remember my identity provider" expiry time in a setting parameter
2016-06-21 15:41:43 +02:00
Valentin Samir
63a041463d
No need for a different template for federated login
2016-06-20 13:38:50 +02:00
Valentin Samir
a209b06df0
Merge branch 'master' into federate
2016-06-20 13:36:30 +02:00
Valentin Samir
c7ac3bee7a
Add a h1 to default templates and a logo
2016-06-20 13:31:59 +02:00
Valentin Samir
e8a587f48a
Disable federated auth if CAS_FEDERATE is False
2016-06-19 13:00:28 +02:00
Valentin Samir
efdd97ec07
Test for CAS federation
2016-06-17 19:28:49 +02:00
Valentin Samir
3a57ad0835
style
2016-06-03 14:19:43 +02:00
Valentin Samir
20f11eca77
Use a POST for "warn me" and only generate the ticket after the "warn me" page
2016-06-03 14:11:07 +02:00
Valentin Samir
b0e8d0ee05
Return username in CAS1.0 on the second ligne
2016-04-29 19:57:12 +02:00
Valentin Samir
10c53a8096
On logout display the number of sessions we are logged out from (none, 1, more).
2015-12-26 15:37:46 +01:00
Valentin Samir
20aa4c0d74
Add logging capabilities
2015-12-13 13:57:35 +01:00
Valentin Samir
9dc18675f9
Possibility to logout from all of one user sessions
2015-12-12 12:02:26 +01:00
Valentin Samir
48d5273afb
fix infinite redirect then connected to admin panel
2015-12-11 13:29:04 +01:00
Valentin Samir
f0da070b30
pytthon3 typo
2015-11-20 19:22:04 +01:00
Valentin Samir
6bdff5ac86
Correct some tests
2015-11-20 17:38:03 +01:00
Valentin Samir
9df1cd2e31
Add javascript login function allow service A to log user to service B via javascript
...
CORS need to be correctly configured if not this can lead to security issues.
Please do not put Access-Control-Allow-Origin: "*".
You can use django-cors-headers to properly configure CORS
2015-11-17 14:50:16 +01:00
Valentin Samir
ee987f6d00
Remember up to 100 login ticket insted of 1
2015-11-14 01:05:53 +01:00
Valentin Samir
df9dd5364f
On logout first invalidate all PGTs
2015-11-14 00:21:20 +01:00
Valentin Samir
0012a8f65d
[logout] Clean sessions variables (actually logout) before sending SLO requests
...
Otherwise some backend may logout before we are actually logged out from the CAS
2015-11-13 23:47:06 +01:00
Valentin Samir
50781dba18
add some tests
2015-06-21 18:59:37 +02:00
Valentin Samir
c0d8550120
Add some tests using tox
2015-06-13 00:03:06 +02:00
Valentin Samir
39557d1942
PEP8
2015-06-12 18:12:35 +02:00
Valentin Samir
365cfd4279
oops
2015-06-11 23:40:28 +02:00
Valentin Samir
77fc5b5988
Compatibility with different session backend + admin layout
2015-06-11 23:04:26 +02:00
Valentin Samir
245086f6ef
By session logout
2015-06-09 22:04:41 +02:00
Valentin Samir
a4ff5c3d64
Extended validity for PGT
2015-06-08 02:51:22 +02:00
Valentin Samir
8fe1738183
noop
2015-06-07 23:50:25 +02:00
Valentin Samir
277788e593
Generate new LT only then the previous has been used
2015-06-07 23:46:32 +02:00
Valentin Samir
aa5bb7ef72
Use url parameter on logout
2015-06-07 16:53:27 +02:00
Valentin Samir
6185ec5216
Add Login Ticket to prevent login replay + by ticket len options
2015-06-05 15:44:17 +02:00
Valentin Samir
603b4a8063
Protect the auth view with a shared secret
2015-06-03 18:32:15 +02:00
Valentin Samir
cb84936b6c
an auth view to validate (username, password, service) by remote service
2015-06-03 18:15:37 +02:00
Valentin Samir
f73e55b5ce
Add a logout template and possibility to redirect to login on logout
2015-06-02 21:06:32 +02:00
Valentin Samir
b4a5961886
Using fresh user attributs on ticket creation + auth class as string in config
2015-05-30 19:45:59 +02:00
Valentin Samir
238d6da2a3
SamlValidation -> SamlValidate
2015-05-29 20:07:53 +02:00
Valentin Samir
5d1ce93e06
fix allow_proxy_ticket
2015-05-29 19:33:42 +02:00
Valentin Samir
ec85174fc4
forgotten self in super calls
2015-05-29 19:31:04 +02:00
Valentin Samir
ff74a07965
Use only classe view, put ticket prefix as config option
2015-05-29 19:27:54 +02:00
Valentin Samir
e1549dd6ff
use a LogoutMixin
2015-05-29 16:14:27 +02:00
Valentin Samir
a0b1a095e4
Login/Logout view are now class views
2015-05-29 16:11:10 +02:00