Infra
/
lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
3,843 Commits 4 Branches 45 Tags 7.5 MiB
Commit Graph

57 Commits

Author SHA1 Message Date
Jasmine Schladen 9a0f000259 Add Content-Type to all sample requests 2021-02-04 13:29:10 -08:00
sayali d9569a67ab User' object has no attribute 'name' 2021-02-03 12:31:15 -08:00
sayali 20792dfe3a Club role assignment logs 2021-01-28 15:58:12 -08:00
sayali ed57a5a45a Keep default role third-party (old code) 2021-01-28 13:43:25 -08:00
sayali fe2fc0eadd PR comments 2021-01-28 11:19:47 -08:00
sayali b9be18f281 Role and User update logs 2021-01-27 19:10:13 -08:00
David Stipp 5c2a2f8ff2 OAUTH2 fixes 
* Use OAUTH2 variable instead of PING while using OAUTH
* Some IDPs require a POST instead of a GET to user data
 2020-04-04 11:32:23 -04:00
Curtis Castrapel 68fd1556b2 Black lint all the things 2019-05-16 07:57:02 -07:00
Curtis 317c84800c
Merge branch 'master' into jwks_validation_error_control 2019-05-08 06:50:56 -07:00
Curtis Castrapel 0eacbd42d7 Converting userinfo authorization to a config var 2019-05-07 15:31:42 -07:00
Jose Plana 4e6e7edf27 Rename return variable for better readability 2019-05-07 22:53:01 +02:00
Hossein Shafagh b7ce9ab901
Merge branch 'master' into jwks_validation_error_control 2019-05-07 13:09:02 -07:00
Hossein Shafagh ff583981b1
Merge branch 'master' into aid_openid_roles_provider_integration 2019-05-07 09:06:02 -07:00
Hossein Shafagh e58ff476c9
Merge branch 'master' into jwks_validation_error_control 2019-05-07 09:05:41 -07:00
Jose Plana deed1b9685 Don't fail if googleGroups is not found in user profile 2019-05-06 12:30:25 +02:00
Jose Plana 6c99e76c9a Better error management in jwks token validation 2019-05-06 12:27:43 +02:00
Jose Plana 2063baefc9 Fixes userinfo using Bearer token 2019-05-06 12:23:24 +02:00
Curtis 1b77dfa47a
Revert "Precommit - Fix linty things" 2018-08-22 13:21:35 -07:00
Curtis Castrapel 3e9726d9db Precommit work 2018-08-22 10:38:09 -07:00
Marti Raudsepp 0398c6e723 Clean up module imports 
Example:
* import lemur.common.utils -> from lemur.common import utils
* import sqlalchemy.types as types -> from sqlalchemy import types
 2018-07-07 23:56:23 +03:00
Curtis Castrapel 544a02ca3f Addressing comments. Updating copyrights. Added function to determine authorative name server 2018-05-29 10:23:01 -07:00
Curtis Castrapel 844202f36b check if user active properly 2018-03-26 13:14:22 -07:00
iTitou 08f66df860 [fix] No internal server error when trying to Google Auth an unregistered user (#1109) 2018-03-21 08:14:54 -07:00
kevgliss eea413a90f
Modifying the way we report metrics. Relying on metric tags instead of the the metric name for additional dimensions. (#1036) 2018-01-02 15:26:31 -08:00
kevgliss 9a0ada75fa
Upgrading satellizer library. (#1031) 2018-01-02 09:12:06 -08:00
kevgliss 848ce8c978
Refactoring authentincation to support GET and POST requests. Closes #990. (#1030) 2018-01-01 19:11:29 -08:00
Eric 6edc5180c7 fix roles assigned in the ui for sso (#1017) 
This commit fixes the ability to assign roles to people in the ui
when the user is SSO. The idea is if a role is ever assigned via
SSO it becomes a "SSO Role" or a "Third Party" Role. by setting
third_party to true on the role object.

Once a role is marked as third party it can no longer be controlled
through the ui for SSO Users. (for ui users this poses no functional
change). It must be controlled via SSO.
 2017-12-11 13:51:45 -08:00
Johannes Langer 041f3a22fa Added ability to set custom roles for users logging in via oauth provider (#985) 2017-11-10 08:38:33 -08:00
Johannes Langer 9319dda0ec Added ability to ignore cert for oauth2 provider (#971) 
* Added ability to ignore cert for oauth2 provider

This is useful for development environments where the OAuth provider
doesn't have a valid cert!

* Setting default for OAUTH2_VERIFY_CERT to true
 2017-10-20 16:36:14 -07:00
kevgliss e0d9443141 Ensuring existing users are also given the default role. (#960) 2017-10-05 16:47:52 -07:00
Marti Raudsepp 97d83890e0 Various minor cleanups and fixes (#938) 
* Documentation fixes

* Various docstring and help string fixes

* Minor code cleanups

* Removed redundant .gitignore entry, ignored package-lock.json.
* 'return' statement in certificates.service.render was redundant
* Split up too long line
* Non-matching tags in templates
 2017-09-25 15:33:42 -07:00
Ian Stahnke 79d12578c7 basic ldap support (#842) 2017-09-03 20:41:43 -07:00
Michael LoSapio 3141b47fba Catch OAuth providers that want the params sent as data (#800) 2017-05-25 10:21:29 -07:00
kevgliss 11bd42af82 Correct status code for basic-auth (#813) 
* ensuring those using basic auth recieve a correct status code when their password is incorrect

* Fixing oauth status codes
 2017-05-23 09:48:31 -07:00
kevgliss 307a73c752 Fixing some confusion between 401 vs 403 error code. 401 indicates that the user should attempt to authenticate again. Where as 403 indicates the user is authenticated but not allowed to complete an action. (#804) 
Closes #767
 2017-05-18 13:20:17 -07:00
Nevins 0326e1031f adding generic OAuth2 provider (#685) 
* adding support for Okta Oauth2

* renaming to OAuth2

* adding documentation of options

* fixing flake8 problems
 2017-02-03 10:36:49 -08:00
kevgliss 2f5f82d797 Ensures that in-active users are not allowed to login. (#618) 2016-12-19 22:58:57 -08:00
Marti Raudsepp 71ddbb409c Minor documentation fixes/tweaks (#597) 
Mostly typos, grammar errors and inconsistent indentation in code
examples.

Some errors detected using Topy (https://github.com/intgr/topy), all
changes verified by hand.
 2016-12-14 09:29:04 -08:00
kevgliss 8e5323e2d7 migrating flask imports (#525) 2016-11-22 21:11:20 -08:00
kevgliss dd6d332166 Removing python2 compatibility. (#518) 2016-11-21 14:03:04 -08:00
kevgliss a60e372c5a Ensuring that password hashes are compared correctly under python3 2016-09-07 13:25:51 -07:00
kevgliss 53d0636574 Python3 (#417) 
* Fixing tests.

* Fixing issue where decrypted credentials were not returning valid strings.

* Fixing issues with python3 authentication.
 2016-08-29 08:58:53 -07:00
kevgliss e34de921b6 Target Individuals for Certificates (#384) 
* Allowing individual users to be targeted for a role.

* Ensuring that even new users get a per user-role
 2016-07-01 09:04:39 -07:00
kevgliss daea8f6ae4 Bug fixes (#355) 
* we should not require password to update users

* Fixing an issue were roles would not be added.
 2016-06-13 17:22:45 -07:00
kevgliss 62d03b0d41 Closes #216 2016-04-01 16:54:33 -07:00
Mike Grima ba666ddbfa Removed deprecated auth api endpoint. 2016-02-16 15:04:53 -08:00
kevgliss 685e2c8b6d fixing typo 2016-01-05 09:40:53 -08:00
kevgliss a7decc1948 Fixing some issues with dynamically supporting multiple SSO providers 2015-12-27 17:54:11 -05:00
Robert Picard 60856cb7b9 Add an endpoint to return active authentication providers 
This endpoint can be used by Angular to figure out what authentication
options to display to the user. It returns a dictionary of configuration
details that the front-end needs for each provider.
 2015-12-22 18:03:56 -05:00
Robert Picard 350d013043 Add Google SSO 
This pull request adds Google SSO support. There are two main changes:

1. Add the Google auth view resource
2. Make passwords optional when creating a new user. This allows an admin
to create a user without a password so that they can only login via Google.
 2015-12-22 13:44:30 -05:00