Commit graph

89 commits

Author SHA1 Message Date
Andy Clayton
36018d19ae support multiple response types per client
The Dynamic Client Registration spec specifies multiple response_types
and grant_types per client
(https://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata).
Since grant_types can be inferred from response_types we should be able
to support both without needing to store grant_types.

This also helps with oidc-client-js which expects a client that supports
both "id_token" and "id_token token".
2018-08-16 11:38:46 -05:00
Juan Ignacio Fiorentino
b5e055205c Bump version v0.6.2. 2018-08-03 11:50:56 -03:00
Andy Clayton
f1ed3328f8 Accept lowercase "bearer" in Authorization header
We ran into a client that blindly takes the value of token_type, which
is lowercase "bearer", and passes that back in the Authorization header.
In an earlier PR #99 there seemed to be some support for this change to
simply accept "bearer" in addition to "Bearer".
2018-08-02 13:42:21 -05:00
Juan Ignacio Fiorentino
d2695f76cf
Update changelog.rst 2018-07-31 14:08:08 -03:00
Juan Ignacio Fiorentino
9a081cb05a
Update changelog.rst 2018-07-19 11:23:19 -03:00
Juan Ignacio Fiorentino
59581f50d9
Merge pull request #256 from q3aiml/client-credentials-introspection
support introspection on client credentials tokens
2018-07-19 11:18:35 -03:00
Juan Ignacio Fiorentino
e7eaa52e50 Bump version v0.6.1. 2018-07-10 11:16:02 -03:00
Andy Clayton
9d5c2b39fa support introspection on client credentials tokens
The response can simply omit fields that require id_token as the only
required field is "active" according to RFC 7662. I think it would be
nice for introspection of client credentials tokens to be supported by
default without needing to override
OIDC_INTROSPECTION_VALIDATE_AUDIENCE_SCOPE, but this is a start.
2018-07-06 11:41:09 -05:00
Juan Ignacio Fiorentino
b087116818
Update changelog.rst 2018-07-05 18:39:43 -03:00
Juan Ignacio Fiorentino
6e442a5f35
Update changelog.rst 2018-07-04 16:27:57 -03:00
Juan Ignacio Fiorentino
50733f8135
Update changelog.rst 2018-07-04 11:38:30 -03:00
Juan Ignacio Fiorentino
72f123c0b5
Update changelog.rst 2018-07-02 14:23:05 -03:00
Tuomas Suutari
c95497dbd9 Remove scope param from OIDC_IDTOKEN_PROCESSING_HOOK
There is no need to pass in the scope parameter separately, since the
scope is available via the token parameter already.
2018-05-31 10:23:58 +03:00
Juan Ignacio Fiorentino
122b5c19fd
Update installation.rst 2018-05-28 12:50:03 -03:00
Juan Ignacio Fiorentino
acc3cf588b
Update settings.rst 2018-05-28 12:38:53 -03:00
Juan Ignacio Fiorentino
ac509f7a82
Update changelog.rst 2018-05-24 12:29:35 -03:00
Tuomas Suutari
7eb31574ee Document the new ID token processing hook parameters 2018-05-24 09:31:07 +03:00
Juan Ignacio Fiorentino
58bd8ec62c
Update changelog.rst 2018-05-15 10:45:05 -03:00
Juan Ignacio Fiorentino
948745d6ff
Update changelog.rst 2018-04-27 10:34:48 -03:00
Juan Ignacio Fiorentino
9a24257305
Update changelog.rst 2018-04-27 10:33:39 -03:00
Juan Ignacio Fiorentino
5a65ac17f9
Replace resource with client in docs. 2018-04-24 11:10:27 -03:00
Maxim Daniline
20a355d9f5 Update settings docs to add extra introspection setting 2018-04-24 10:09:49 +01:00
Maxim Daniline
180aad9a36 Add token introspection endpoint to satisfy https://tools.ietf.org/html/rfc7662 2018-04-23 10:47:01 +01:00
Juan Ignacio Fiorentino
78fbd53452 Drop support for Django 1.7. 2018-04-20 12:29:48 -03:00
Juan Ignacio Fiorentino
61d88014c9 Remove duplicate link in docs. 2018-04-20 11:19:59 -03:00
Juan Ignacio Fiorentino
c06bf43f22 Bump version v0.6.0. 2018-04-13 16:48:06 -03:00
Juan Ignacio Fiorentino
9534ff49bb Edit README and contribute doc. 2018-04-10 22:04:24 -03:00
Juan Ignacio Fiorentino
9b7be87dad Edit changelog. 2018-04-10 21:53:29 -03:00
Juan Ignacio Fiorentino
22e9ee8675
Update changelog.rst 2018-04-10 21:51:39 -03:00
Juan Ignacio Fiorentino
56ad376518 Merge branch 'feature/token_retun_claims' of https://github.com/dhrp/django-oidc-provider into dhrp-feature/token_retun_claims 2018-04-10 18:41:38 -03:00
Juan Ignacio Fiorentino
42df40c16d Fix docs. 2018-04-08 18:29:10 -03:00
Juan Ignacio Fiorentino
5dcb62d35c Improve docs. 2018-04-08 18:28:38 -03:00
Juan Ignacio Fiorentino
ff3d6ebe1a Move changelog into docs. 2018-04-05 17:27:01 -03:00
Juan Ignacio Fiorentino
2a34a93da7 Fix contribute docs. 2018-03-22 16:52:08 -03:00
Juan Ignacio Fiorentino
e66b374803 Merge branch 'v0.5.x' of https://github.com/juanifioren/django-oidc-provider into develop 2018-03-22 12:28:02 -03:00
Juan Ignacio Fiorentino
4f0afe27d3
Update installation.rst 2018-02-19 23:43:26 -03:00
Yannik Gartmann
baa53d0c88
Fixed wrong Object in Template
See >> https://github.com/juanifioren/django-oidc-provider/blob/v0.5.x/oidc_provider/views.py#L129
2018-02-19 16:31:30 +01:00
Reinout van Rees
bb218dbc56 Sphinx documentation fixes (#219)
* Small wording change + fix in example template code

* Added note about UserConsent not being in the admin

* Mostly spelling corrections and phrasing changes

* Moved template context explation from the settings to the templates page

* Changed wording

* Changed wording
2017-12-14 18:30:46 +01:00
Wojciech Bartosiak
8149f1f9ab Merge pull request #203 from psavoie/develop
Add pep8 compliance and checker
2017-08-23 15:29:49 +02:00
Philippe Savoie
5dcd6a10b0 Add pep8 compliance and checker 2017-08-22 11:53:52 -07:00
Wojciech Bartosiak
7407e2c5b0 Bump version 2017-07-11 07:35:52 +02:00
Wojciech Bartosiak
eed581399e Fixes #192 2017-07-07 17:47:11 +02:00
Wojciech Bartosiak
a829726be8 Merge develop to v0.5.x (#179)
* Log create_uri_response exceptions to logger.exception

* Support grant type password - basics

* Add tests for Resource Owner Password Credentials Flow

* Password Grant -Response according to specification

* Better tests for errors, disable grant type password by default

* Add documentation for grant type password

* User authentication failure to return 403

* Add id_token to response

* skipping consent only works for confidential clients

* fix URI fragment

example not working URL `http://localhost:8100/#/auth/callback/`

* OIDC_POST_END_SESSION_HOOK + tests

* Explicit function naming

* Remove print statements

* No need for semicolons, this is Python

* Update CHANGELOG.md

* fixed logger message

* Improved `exp` value calculation

* rename OIDC_POST_END_SESSION_HOOK to OIDC_AFTER_END_SESSION_HOOK

* added docs for OIDC_AFTER_END_SESSION_HOOK

*  Replaces `LOGIN_URL` with `OIDC_LOGIN_URL`
so users can use a different login path for their oidc requests.

* Adds a setting variable for custom template paths

* Updates documentation

* Fixed bad try/except/finally block

* Adds test for OIDC_TEMPLATES settings

* Determine value for op_browser_state from session_key or default

* Do not use cookie for browser_state. It may not yet be there

* Add docs on new setting

OIDC_UNAUTHENTICATED_SESSION_MANAGEMENT_KEY

* Fix compatibility for older versions of Django

* solved merging typo for missing @property
2017-05-05 05:19:57 +02:00
kaveh
b164388e15 Adds per-client consent customization 2017-04-11 13:16:06 -07:00
Nagaraj
8f1fc41cb2 Update accesstokens.rst
Refresh token requires client secret as well.
2017-03-07 22:55:51 +05:30
Ignacio Fiorentino
a6fc1a717e Update authorize template in docs. 2016-12-02 12:03:59 -03:00
Ignacio Fiorentino
db68977eb2 Provide doc for signals. 2016-12-01 16:20:53 -03:00
Ignacio Fiorentino
2ec9cbe334 Fix wrong link in docs. 2016-11-02 12:35:22 -03:00
Ignacio Fiorentino
7576448414 Add more doc for session management. 2016-11-02 11:43:39 -03:00
Ignacio Fiorentino
d9149b162d Add initial doc for session management. 2016-10-28 16:56:06 -03:00