Commit graph

26 commits

Author SHA1 Message Date
Dillon Dixon
04c03787af Fix Django 2.0 deprecation warnings (#185)
* explicit default foreign key delete operations

* first iteration of Django 2.0 deprecation fixes
2017-08-10 11:38:50 +02:00
Jan Brauer
1215c27d7e Redirect URIs must match exactly. (#191)
* Test redirect_uri construction

This was a test marked as TODO.

* Remove duplicate test

* Add tests to exactly match redirect URIs

* Redirect URIs must match exactly.

To quote from the specification at
http://openid.net/specs/openid-connect-core-1_0.html#AuthRequest:

Redirection URI to which the response will be sent. This URI MUST
exactly match one of the Redirection URI values for the Client
pre-registered at the OpenID Provider, with the matching performed as
described in Section 6.2.1 of [RFC3986] (Simple String Comparison).
2017-07-07 09:07:21 +02:00
Wojciech Bartosiak
a829726be8 Merge develop to v0.5.x (#179)
* Log create_uri_response exceptions to logger.exception

* Support grant type password - basics

* Add tests for Resource Owner Password Credentials Flow

* Password Grant -Response according to specification

* Better tests for errors, disable grant type password by default

* Add documentation for grant type password

* User authentication failure to return 403

* Add id_token to response

* skipping consent only works for confidential clients

* fix URI fragment

example not working URL `http://localhost:8100/#/auth/callback/`

* OIDC_POST_END_SESSION_HOOK + tests

* Explicit function naming

* Remove print statements

* No need for semicolons, this is Python

* Update CHANGELOG.md

* fixed logger message

* Improved `exp` value calculation

* rename OIDC_POST_END_SESSION_HOOK to OIDC_AFTER_END_SESSION_HOOK

* added docs for OIDC_AFTER_END_SESSION_HOOK

*  Replaces `LOGIN_URL` with `OIDC_LOGIN_URL`
so users can use a different login path for their oidc requests.

* Adds a setting variable for custom template paths

* Updates documentation

* Fixed bad try/except/finally block

* Adds test for OIDC_TEMPLATES settings

* Determine value for op_browser_state from session_key or default

* Do not use cookie for browser_state. It may not yet be there

* Add docs on new setting

OIDC_UNAUTHENTICATED_SESSION_MANAGEMENT_KEY

* Fix compatibility for older versions of Django

* solved merging typo for missing @property
2017-05-05 05:19:57 +02:00
Tuomas Suutari
5e3876f0c6 Revert "Fix timestamps computing in tokens"
This reverts commit 975eb0163f.
2016-12-07 14:22:20 +02:00
Brice Gelineau
975eb0163f Fix timestamps computing in tokens
The timestamp of timezone-aware datetimes was offset by the value of their timezone.
2016-11-30 15:23:11 +01:00
Ignacio Fiorentino
e458542be2 Fix urls and names. 2016-11-01 12:15:48 -03:00
Ignacio Fiorentino
2cedde5e3f Remove spaces. 2016-10-11 13:18:06 -03:00
Wojciech Bartosiak
59312bf811 redirect URI clean up moved to utils module 2016-10-04 19:32:54 +02:00
yasserisa
1c3bd7579b FIX id_token, field iss set to type str 2016-09-21 10:20:03 -03:00
Ignacio Fiorentino
dc9ec1863e Change setting OIDC_USERINFO. 2016-07-07 12:50:27 -03:00
Si Feng
be5656bcf4 Make SITE_URL optional. 2016-05-25 14:58:58 -07:00
Ignacio
a4d5f89536 Merge branch 'v0.2.x' of https://github.com/juanifioren/django-oidc-provider into v0.3.x
Conflicts:
	oidc_provider/lib/utils/common.py
	oidc_provider/lib/utils/token.py
2016-02-25 10:10:07 -03:00
Ilya
49e19e7493 ID_TOKEN_PROCESSING_HOOK gets user argument 2016-02-25 09:46:10 +00:00
Wojciech Bartosiak
eb7686abba added 'user' into default_idtoken_processing_hook 2016-02-17 22:23:10 +00:00
juanifioren
782befd6ec Rename setting. 2016-02-12 14:51:43 -03:00
Wojciech Bartosiak
7a357001b6 Added OIDC_ID_TOKEN_PROCESSING_HOOK functionality 2016-02-12 16:02:35 +00:00
juanifioren
998ea5fcd1 Implementation of RSA Keys using Models. Also providing DOC. 2016-01-25 17:52:24 -03:00
juanifioren
73ece1bf64 Make OIDC_AFTER_USERLOGIN_HOOK to be lazy imported by string. 2016-01-19 17:37:32 -03:00
Pablo SEMINARIO
9204c478ed Fix #72 get_issuer() returns a wrong value 2016-01-16 11:35:26 +01:00
juanifioren
ccd9836edb Make OIDC_IDTOKEN_SUB_GENERATOR to be lazy imported by the location of the function. 2016-01-12 15:17:22 -03:00
juanifioren
8b0d869f7b Replace django redirect with custom HttpResponse object. 2015-11-12 17:12:18 -03:00
juanifioren
5020ccde80 Add custom user info model feature. 2015-08-11 15:58:52 -03:00
juanifioren
1736d7b7ae Add IOError custom message when rsa key file is missing. 2015-07-14 15:01:01 -03:00
juanifioren
fa7d64c04b Add OIDC_RSA_KEY_FOLDER to settings. 2015-07-14 13:01:29 -03:00
juanifioren
f7e8fa460c Create get_rsa_key function to obtain the key from filesystem. 2015-07-13 17:36:15 -03:00
juanifioren
3ad316cdca Add Provider Configuration Information endpoint. 2015-03-04 16:24:41 -03:00