| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
|
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
|
|
|
|
| |
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
|
|
|
|
| |
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
|
|
|
|
| |
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
|
|
|
|
|
|
|
| |
This makes sure we have loaded the configuration
before using it
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
|
|
|
|
|
|
| |
This way if CSS/Code changes we have just one place to fix.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move most plugin enablement and initialization code in plugin.py to
reduce code duplication and simplify and unifify plugin enablement
for all base plugin types (login, info, providers).
This patch breaks backwards compatibility as it changes how the list
of enabled plugins is stored in the database tables.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fork a PluginConfig class out of PluginObject, the base object now supports
a simple dictionary config, while using PluginConfig provide access to
structured util.config based configuration.
Change UI code that deal with plugins configuration to properly use the new
structured config objects in order to represent data in appropriate format
based on the data type.
Use the new util.config objects to represent plugins configuration.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
|
|
|
|
|
|
|
|
| |
All we care about in configure is to store the config in the db,
so skip setting the config explicitly in the plugin object and go
straight to the database.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
|
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
|
|
|
|
| |
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement:
Simple Registration
Attribute Exchange
(Fedora) Teams
CLAs
Signed-off-by: Simo Sorce <simo@redhat.com>
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
When user information is retrieved we map any wellknown data to a
standardized set of names.
A ne InfoMapping class takes cares of helping the info modules to
map the data they retrieve so that providers can find it in wellknown
attribute names for further use.
Mapping of attribute names for diplay purposes is also provided.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
This commit implements all the core functionality needed to expose
an OpenID Identity Provider including a framework to dynamycally add
extensions.
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
|
|
|
|
|
|
|
| |
These are generically useful and can be rused as they are by other
providers.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
This is to allow different default headers between Admin pages and
other pages.
In particular we set no-caching headers to all admin pages to force
browsers to refresh as often as possible.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Page util is supposed to intercept and enable exposed pages on
its own so that additional functions can be run in the generic __call__
Fix the code to check for the function argument correctly and use a
different argument than the standard cherrypy one for admin pages so
that we do actually land in the Page.__call__ all the time for those
pages.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
|
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
|
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
|
|
|
|
|
|
| |
This fixes enabling a provider after the sever is started.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
|
|
|
|
|
|
| |
Makes lint happier
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
|
|
|
|
|
|
| |
Avoid crashing if a provider does not have an admin interface
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
|
|
|
|
|
|
| |
also adds quickrun.py script to make it easy.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Replace copies of _debug function sprinkled all over the code
with a single implementation
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
- Removed replace of self._debug to self.debug
|
|
|
|
|
|
|
|
| |
Always deny access to the IDP if not using SSL by default.
Always turn on secure/httponly cookies by default.
Add a switch to disable all security options for testing.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
|
|
| |
This should be used only for testing purposes
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
|
|
|
| |
This way a user can avoid copying the metadata file arund but paste
the content straight from a terminal window.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
|
|
| |
Properly replace page self.url
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
|
|
|
| |
At some point a '/' got lost, causing the generation of wrong endpoints.
Clients would then be redirected to an unexisting path and get a 404.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
|
|
| |
This way all forms will get Referer checking automaticaly
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
|
|
|
| |
Report what invalid name was used and fix exception on raising the exception on
line 129
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
|
|
|
| |
Use helper functions to make the code more readbale and exceptions to reduce
error hndling duplication.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
|
|
| |
We use the name to construct the admin page path, avoid odd characters
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
|
|
| |
Add a map that takes care of the lower level lasso-related details
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
|
|
|
| |
This will allow to easly share the module with install tools, without the
need to install server side modules in clients
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
If debug is enabled make lasso spit debug messages to stderr too, to aid
admins in resolving issues related to saml2 issues, like finding out why
a metadata file may be rejected.
This is very simple for now, a future enhancement may involve piping the
logs into a calss so they can be spat out as feedback to users.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When plugins are not enabled at startup the admin page is not available
as it is created only on enablement.
Split enablement and registration, so plugins can be registered even
when actually disabled.
Also rework the way enablement is tracked and make sure enablement status
is saved back to the database when it changes so it is kept on restarts.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
|
|
| |
This way the user will get a slightly more meaningful error message.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|