Commit graph

978 commits

Author SHA1 Message Date
35c5f1962a
Version bump 2022-11-27 16:44:38 +00:00
ad4dc369f1
URLs 2022-11-27 16:39:32 +00:00
99e25fd93c
Signals! 2022-11-27 16:37:17 +00:00
3fed609a8e
Fix ugettext import 2022-11-27 16:31:32 +00:00
e2eeae5cef
Fix ugettext import 2022-11-27 16:30:33 +00:00
Juan Ignacio Fiorentino
f0daed07b2 Merge branch 'develop' of https://github.com/juanifioren/django-oidc-provider 2018-10-17 19:21:43 -03:00
Juan Ignacio Fiorentino
20282904e2 Merge branch 'master' of https://github.com/juanifioren/django-oidc-provider 2018-10-17 19:13:44 -03:00
Juan Ignacio Fiorentino
4d0c12286a Bump version v0.7.0. 2018-10-17 19:09:56 -03:00
Juan Ignacio Fiorentino
b875ba5025
Update changelog.rst 2018-10-15 21:20:24 -03:00
Juan Ignacio Fiorentino
c096d34377
Merge pull request #295 from kitab15/version-available-in-code
Make version available in code (#282)
2018-10-15 18:11:46 -03:00
Juan Ignacio Fiorentino
0b2154390a
Merge pull request #294 from kitab15/docs-token-introspection
Token Introspection docs (#257)
2018-10-15 18:07:32 -03:00
Christian Bouvier
12402a268f Fixed title underline too short 2018-10-15 09:05:33 -03:00
Christian Bouvier
32302f066b Added newline at new file version.py 2018-10-15 08:44:40 -03:00
Christian Bouvier
d21d8c29b0 Make version available in code (#282)
It seems like there are multi ways to achieve that, all of them highliting
the importance of maintain a single source of truth for the version number.

More info: https://packaging.python.org/guides/single-sourcing-package-version/.

This PR includes one possible approach, open to discussion.
2018-10-14 15:02:58 -03:00
Christian Bouvier
f743e23cc4 Token Introspection docs (#257)
Added a new doc page related to Token Introspection Endpoint.
The documentation includes some introduction with links to the related RFCs and examples.
2018-10-14 14:24:48 -03:00
Juan Ignacio Fiorentino
02a17e10d5
Update changelog.rst 2018-10-05 12:50:10 -03:00
Juan Ignacio Fiorentino
cf0c57ceea
Update changelog.rst 2018-10-05 12:48:43 -03:00
Juan Ignacio Fiorentino
4c7bddfd02
Merge pull request #292 from octobot-dev/increment-rsa-key-length
Enhancement: Increment RSA key size to 2048.
2018-10-05 12:46:54 -03:00
Christian Bouvier
4c63cc67e0 Enhancement: Increment RSA key size to 2048.
It seems like many lead institutions related with security are
recommending a minimum key length of 112-bits since 2013.
In order to achieve that, a RSA key size of 2048 (or more) is required.
2018-10-05 11:55:35 -03:00
Juan Ignacio Fiorentino
a7bbce3db2
Merge pull request #290 from octobot-dev/move-strip-prompt-login-to-utils
Enhancement: AuthorizeView's static method strip-prompt-login moved
2018-10-04 12:50:44 -03:00
Christian Bouvier
eb2f272a0b Enhancement: AuthorizeView's static method strip-prompt-login was moved to a new file oidc_provider/lib/utils/authorize.py in order to be more consistent with the implementation of other Views 2018-10-04 10:40:23 -03:00
Juan Ignacio Fiorentino
035e7a3674
Update changelog.rst 2018-10-03 16:23:25 -03:00
Juan Ignacio Fiorentino
1a0f068f2e
Merge pull request #289 from octobot-dev/fix-strip-prompt-login
Fix #283: bug in strip_prompt_login
2018-10-03 16:19:54 -03:00
Christian Bouvier
37e6df8306 Fix #283: bug in strip_prompt_login
AuthorizeView's static method strip_prompt_login fails to remove prompt login when other prompt values appear in the request.
2018-10-03 14:51:51 -03:00
Juan Ignacio Fiorentino
658eb594e9
Update changelog.rst 2018-09-29 13:33:38 -03:00
Juan Ignacio Fiorentino
76f6348142
Merge pull request #288 from impak-finance/issue-285
Fixed #285 -- Ensured standard and custom claims can be used at the same time when using the OIDC_IDTOKEN_INCLUDE_CLAIMS setting
2018-09-29 13:32:11 -03:00
Juan Ignacio Fiorentino
22cda5068f
Merge pull request #287 from juanifioren/revert-286-issue-285
Revert "Fixed #285 -- Ensured standard and custom claims can be used at the same time when using the OIDC_IDTOKEN_INCLUDE_CLAIMS setting"
2018-09-29 13:28:10 -03:00
Juan Ignacio Fiorentino
64e395c5b6
Revert "Fixed #285 -- Ensured standard and custom claims can be used at the same time when using the OIDC_IDTOKEN_INCLUDE_CLAIMS setting" 2018-09-29 13:27:07 -03:00
Juan Ignacio Fiorentino
0577e50b6c
Merge pull request #286 from impak-finance/issue-285
Fixed #285 -- Ensured standard and custom claims can be used at the same time when using the OIDC_IDTOKEN_INCLUDE_CLAIMS setting
2018-09-29 13:24:21 -03:00
Morgan Aubert
88aa190763
Fixed #285 -- Ensured standard and custom claims can be used at the same time when using the OIDC_IDTOKEN_INCLUDE_CLAIMS setting 2018-09-28 19:36:21 -04:00
Juan Ignacio Fiorentino
6997e19687
Merge pull request #260 from dcollinsn/django-2.1
Django 2.1
2018-09-14 16:34:15 -03:00
Juan Ignacio Fiorentino
458eb2e3ea
Merge pull request #279 from ByteInternet/make_authorization_endpoint_and_client_more_easily_adjustable
Make it easier to change AuthorizeEndpoint and Client
2018-09-14 10:10:12 -03:00
Juan Ignacio Fiorentino
db0acf3107
Merge pull request #277 from isms/fix-typo
Add missing space
2018-09-14 10:06:41 -03:00
Bono de Visser
69b793a363 Make it easier to change AuthorizeEndpoint and Client
To make it easier to change the AuthorizeEndpoint and Client we set them as class variables. Then people inheriting from the view are able to easily change them. In my personal case this helps with skipping consent more explicitly as defined in issue https://github.com/juanifioren/django-oidc-provider/issues/278
2018-09-14 11:21:57 +02:00
Isaac Slavitt
e36a2c96f8 Add missing space 2018-09-13 15:58:42 -04:00
Juan Ignacio Fiorentino
0effc32be2
Merge pull request #272 from q3aiml/response-type-natural-key
add natural key support to ResponseType
2018-08-20 18:13:28 -03:00
Andy Clayton
4e7116ca9e add natural key support to ResponseType
Have the option to use the more readable response type value rather than
the ResponseType id integer in fixtures and dumpdata output.

Prior to this change dumpdata represents response types like so:

    "response_types": [2]

And after this change when using `dumpdata --natural-foreign`:

    "response_types": [["code"]]
2018-08-20 10:49:00 -05:00
Juan Ignacio Fiorentino
436568a39b
Merge pull request #271 from q3aiml/client-multiple-response-types
support multiple response types per client
2018-08-17 14:34:33 -03:00
Andy Clayton
988b728fb2 update docs for multiple response types per client 2018-08-17 09:54:30 -05:00
Andy Clayton
64a8b935e6 document response_type_descriptions needs to be a list 2018-08-16 15:47:47 -05:00
Andy Clayton
036c4fc9b3 document non-obvious string check 2018-08-16 15:47:14 -05:00
Andy Clayton
36018d19ae support multiple response types per client
The Dynamic Client Registration spec specifies multiple response_types
and grant_types per client
(https://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata).
Since grant_types can be inferred from response_types we should be able
to support both without needing to store grant_types.

This also helps with oidc-client-js which expects a client that supports
both "id_token" and "id_token token".
2018-08-16 11:38:46 -05:00
Juan Ignacio Fiorentino
b5e055205c Bump version v0.6.2. 2018-08-03 11:50:56 -03:00
Juan Ignacio Fiorentino
bf8a7b6853
Merge pull request #266 from q3aiml/accept-lowercase-bearer
Accept lowercase "bearer" in Authorization header
2018-08-02 16:02:45 -03:00
Andy Clayton
f1ed3328f8 Accept lowercase "bearer" in Authorization header
We ran into a client that blindly takes the value of token_type, which
is lowercase "bearer", and passes that back in the Authorization header.
In an earlier PR #99 there seemed to be some support for this change to
simply accept "bearer" in addition to "Bearer".
2018-08-02 13:42:21 -05:00
Dan Collins
85ca083532 Remove Python 3.4, since it is intermittently failing in travis 2018-08-01 14:13:11 -04:00
Dan Collins
972071e370 Add support for Django 2.1, drop support for Django < 1.11
Django 1.11 deprecated the django.contrib.auth.views.logout
function-based view, which django-oidc-provider relied on. This
patchset instead subclasses the new LogoutView.

LogoutView was introduced in Django 1.11. logout() was deprecated in
1.11 and removed in 2.1. Accordingly, this patch adds Django 2.1 to
CI and removes 1.8, 1.9, and 1.10.

Resolves #258
2018-08-01 14:13:11 -04:00
Juan Ignacio Fiorentino
1c31acd525 Pin pytest version. 2018-07-31 14:56:41 -03:00
Juan Ignacio Fiorentino
d2695f76cf
Update changelog.rst 2018-07-31 14:08:08 -03:00
Juan Ignacio Fiorentino
88f91b9305
Merge pull request #265 from stdweird/no_zip_safe
setup.py: code is not zip_safe
2018-07-30 10:57:19 -03:00