summaryrefslogtreecommitdiffstats
path: root/templates
Commit message (Collapse)AuthorAgeFilesLines
* Add support for Persona Identity ProviderPatrick Uiterwijk2014-11-143-0/+92
| | | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* Add visual cues to configuration panelsSimo Sorce2014-11-122-46/+49
| | | | | | | | | | | Make it easier to recognize which plugins are enabled and which are disabled. Also make it easier to recognize when a plugin has just changed state, by flashing its row (help also realize it may have moved up/down) Based on concept work by Petr Vobornik Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Refactor plugin configurationSimo Sorce2014-11-123-14/+55
| | | | | | | | | | | | | | | Fork a PluginConfig class out of PluginObject, the base object now supports a simple dictionary config, while using PluginConfig provide access to structured util.config based configuration. Change UI code that deal with plugins configuration to properly use the new structured config objects in order to represent data in appropriate format based on the data type. Use the new util.config objects to represent plugins configuration. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add simple SqlSession implementationSimo Sorce2014-11-121-2/+2
| | | | | | | | This allows us to store session data in the DB. This way session data can be shared by multiple servers behind a balancer. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add test to check a real database (pgsql) worksSimo Sorce2014-11-121-3/+3
| | | | | | | | | | | | | | Change config template to e able to set up ipsilon with an extrenal database. For the easy install the database server must have 3 datbases configured, and named exactly: admincondif, userprefs, transactions If different names are required manual instalation will be necessary. Database URLs (including credentials) can be set using the new option named --database-url Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add SVG Image to the Home administration pageSimo Sorce2014-10-272-0/+903
| | | | | | | | | This SVG image contain HREF links that are template in jinja to link images/text i the SVG to the menu pages. Clicking on elements of the SVG thus redirects to the relevant menu item. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Update style of plugins config page tooSimo Sorce2014-10-271-11/+29
| | | | | | | | Also fix a bug that would cause the config page to show no fields when saving. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Reuse the AdminPlugins class for the providers tooSimo Sorce2014-10-271-12/+62
| | | | | | | This way we can remove even more duplicated code... \o/ Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Improve UI for enabling/disabling plugins configSimo Sorce2014-10-275-112/+108
| | | | | | | Use the same templates for both info and login plugins Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Return to provider if user cancels loginSimo Sorce2014-10-241-1/+5
| | | | | | | | When the cancel button is hit return to the provider and eventually to the original application via return urls. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Make the template directory configurablePatrick Uiterwijk2014-10-241-0/+1
| | | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* Show login target on the login screenPatrick Uiterwijk2014-10-241-0/+6
| | | | | Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* Drop custom FAS templateSimo Sorce2014-10-241-44/+0
| | | | | | | | The form and fas template are identical so just drop the fas.html template and use the default. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add attribute mapping for user informationSimo Sorce2014-10-241-3/+1
| | | | | | | | | | | | When user information is retrieved we map any wellknown data to a standardized set of names. A ne InfoMapping class takes cares of helping the info modules to map the data they retrieve so that providers can find it in wellknown attribute names for further use. Mapping of attribute names for diplay purposes is also provided. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add OpenIDP ProviderPatrick Uiterwijk2014-10-244-0/+77
| | | | | | | | | | This commit implements all the core functionality needed to expose an OpenID Identity Provider including a framework to dynamycally add extensions. Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com> Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Handle lists type options in plugins configurationSimo Sorce2014-10-241-1/+6
| | | | | | | | Autodetect and convert config values based on the options definition. If the option is marked as list split a string on setting the configuration or join the list into a string before saving it to the database. Signed-off-by: Simo Sorce <simo@redhat.com>
* Do not overwrite default plugin optionsSimo Sorce2014-10-241-2/+2
| | | | | | | | | Change the admin plugin to not overwrite the plugin default options, and only use the sanctioned pluginObject interfaces to read/write config values. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add pretty handler for 404Simo Sorce2014-10-071-0/+13
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add transactions db default pathsSimo Sorce2014-10-061-0/+1
| | | | | | | Fixes installation and quickrun Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Use transactions throughout the codeSimo Sorce2014-09-242-0/+2
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add Info providers Admin pagesSimo Sorce2014-09-243-1/+57
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Allow plugins to determine config options orderSimo Sorce2014-09-241-1/+1
| | | | | | | | Ordering may also be partial, for any option not specified they will be appended in lexycographic order. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Use an instance specific session id cookie nameSimo Sorce2014-09-241-0/+1
| | | | | | | Avoids issues if multiple instances are used on the same server Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Confine session to the instanceSimo Sorce2014-09-241-0/+1
| | | | | | | Set session path so that the session is sent only for the specific instance Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Rename form login pageSimo Sorce2014-09-241-0/+0
| | | | | Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Add FAS login pluginSimo Sorce2014-08-271-0/+43
| | | | | | | | | | This plugin simply take a Fedora username and password and authenticates the user against the FAS Server. FAS returned data is saved as userdata in the 'fas' attribute. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Rework remote_login and remove protect decoratorSimo Sorce2014-08-271-1/+0
| | | | | | | | | | | | The protect decorator was not really being used for anything, remove it. Change the way UserSession's remote_login() works. If called now it either sets a REMOTE_USER (if found) or nukes the current user data in the session. This means this function can be safely called only in a login plugin now. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Strenghten default Security options in IDPSimo Sorce2014-06-172-0/+3
| | | | | | | | Always deny access to the IDP if not using SSL by default. Always turn on secure/httponly cookies by default. Add a switch to disable all security options for testing. Signed-off-by: Simo Sorce <simo@redhat.com>
* Add server install option to turn on debuggingSimo Sorce2014-06-061-2/+2
| | | | | | | Use this in the testsuite so we can get meaningful output in the logs when something fails. Signed-off-by: Simo Sorce <simo@redhat.com>
* Add basic testing infrastructureSimo Sorce2014-06-041-0/+1
| | | | | | | | | | | | | | make test will now run some sanity tests to make sure basic installation procedures work in a sinthetic test environment. Adds: - custom httpd setup for tests - use profiles to driver ipsilon servers and clients installation - starts multiple httpd servers This way we can test interaction between IDP and SP servers Signed-off-by: Simo Sorce <simo@redhat.com>
* Additional parametrization of template filesSimo Sorce2014-06-042-6/+6
| | | | | | To allow for testing in a custom rootdir, and with a custom user. Signed-off-by: Simo Sorce <simo@redhat.com>
* Allow turning off security at install timeSimo Sorce2014-06-041-1/+1
| | | | | | This should be used only for testing purposes Signed-off-by: Simo Sorce <simo@redhat.com>
* Add optional field to allow pasting the metadataSimo Sorce2014-06-041-2/+16
| | | | | | | This way a user can avoid copying the metadata file arund but paste the content straight from a terminal window. Signed-off-by: Simo Sorce <simo@redhat.com>
* Add tooltips to SAML formsSimo Sorce2014-05-293-6/+16
| | | | | | This should make clearer what is expected in each field. Signed-off-by: Simo Sorce <simo@redhat.com>
* Show the Save button only if it usefulSimo Sorce2014-05-291-4/+6
| | | | | | | If the user cannot perform any action there is no reason to show the save button. Signed-off-by: Simo Sorce <simo@redhat.com>
* Fix location nameSimo Sorce2014-05-291-1/+1
| | | | | | Must be the same name wher ethe instance is mounted! Signed-off-by: Simo Sorce <simo@redhat.com>
* Fix handling of SP renamesSimo Sorce2014-05-201-0/+9
| | | | | | Properly replace page self.url Signed-off-by: Simo Sorce <simo@redhat.com>
* WSGI settings incorrectly makes instance globalNathan Kinder2014-05-101-1/+4
| | | | | | | | | | | | | | | The WSGIProcessGroup directive should only apply to the /idp URI. Without wrapping this directive in the Location element, multiple Ipsilon instances or an Ipsilon instance installed on a FreeIPA server will conflict and encounter problems running in the same httpd process. All wsgi processes will end up redirected to the last process grup defined in the configuration in this case and all other instances of wsgi applications will be unreachable. Resolves: https://fedorahosted.org/ipsilon/ticket/1 Signed-off-by: Nathan Kinder <nkinder@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* Make it easy to install mutiple server instancesSimo Sorce2014-04-212-8/+8
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Revert incorrect change to template fileSimo Sorce2014-04-181-4/+4
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Add missing install fileSimo Sorce2014-04-181-0/+14
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Add basic installation script with saml supportSimo Sorce2014-04-111-0/+28
| | | | | | | | | Generates (self signed) certificates and a metdata.xml file. Optionally configures an Apache Httpd server. If the admin does not configure a specific application at install time a default landing page is made available to be able to test that the SP configuration works. Uninstall removes all certificates and metadata file and is irreversible.
* Change provider plugins registration and enablementSimo Sorce2014-04-111-1/+1
| | | | | | | | | | | | | When plugins are not enabled at startup the admin page is not available as it is created only on enablement. Split enablement and registration, so plugins can be registered even when actually disabled. Also rework the way enablement is tracked and make sure enablement status is saved back to the database when it changes so it is kept on restarts. Signed-off-by: Simo Sorce <simo@redhat.com>
* Admin functions to delete Service ProvidersSimo Sorce2014-04-041-0/+2
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Admin functions to add new Service ProvidersSimo Sorce2014-04-042-0/+33
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Admin classes to change SP propertiesSimo Sorce2014-04-042-15/+69
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Saml2 initial admin pageSimo Sorce2014-03-281-0/+23
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Add generic support for IdP plugin admin pagesSimo Sorce2014-03-281-0/+3
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Basic Identity providers plugin configurationSimo Sorce2014-03-281-0/+20
| | | | Signed-off-by: Simo Sorce <simo@redhat.com>
* Refactor login plugin enablement codeSimo Sorce2014-03-281-2/+7
| | | | | | | This allows us to finally implement the plugin enable/disable configuration buttons and enable/disable plugins on the fly. Signed-off-by: Simo Sorce <simo@redhat.com>
generated by cgit (git 2.34.1) at 2024-05-01 07:49:09 +0000