Compare commits
4 Commits
version/0.
...
version/0.
| Author | SHA1 | Date | |
|---|---|---|---|
| 74da3df7cd | |||
| a6e435bd70 | |||
| c313b496aa | |||
| a7eaa74191 |
@ -1,5 +1,5 @@
|
|||||||
[bumpversion]
|
[bumpversion]
|
||||||
current_version = 0.1.6-beta
|
current_version = 0.1.7-beta
|
||||||
tag = True
|
tag = True
|
||||||
commit = True
|
commit = True
|
||||||
parse = (?P<major>\d+)\.(?P<minor>\d+)\.(?P<patch>\d+)\-(?P<release>.*)
|
parse = (?P<major>\d+)\.(?P<minor>\d+)\.(?P<patch>\d+)\-(?P<release>.*)
|
||||||
|
|||||||
@ -53,7 +53,7 @@ package-docker:
|
|||||||
before_script:
|
before_script:
|
||||||
- echo "{\"auths\":{\"docker.$NEXUS_URL\":{\"auth\":\"$NEXUS_AUTH\"}}}" > /kaniko/.docker/config.json
|
- echo "{\"auths\":{\"docker.$NEXUS_URL\":{\"auth\":\"$NEXUS_AUTH\"}}}" > /kaniko/.docker/config.json
|
||||||
script:
|
script:
|
||||||
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination docker.pkg.beryju.org/passbook:latest --destination docker.pkg.beryju.org/passbook:0.1.6-beta
|
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination docker.pkg.beryju.org/passbook:latest --destination docker.pkg.beryju.org/passbook:0.1.7-beta
|
||||||
stage: build
|
stage: build
|
||||||
only:
|
only:
|
||||||
- tags
|
- tags
|
||||||
|
|||||||
20
debian/changelog
vendored
20
debian/changelog
vendored
@ -1,3 +1,23 @@
|
|||||||
|
passbook (0.1.6) stable; urgency=medium
|
||||||
|
|
||||||
|
* bump version: 0.1.3-beta -> 0.1.4-beta
|
||||||
|
* implicitly add kubernetes-healthcheck-host in helm configmap
|
||||||
|
* fix debian build (again)
|
||||||
|
* add PropertyMapping Model, add Subclass for SAML, test with AWS
|
||||||
|
* add custom DynamicArrayField to better handle arrays
|
||||||
|
* format data before inserting it
|
||||||
|
* bump version: 0.1.4-beta -> 0.1.5-beta
|
||||||
|
* fix static files missing for debian package
|
||||||
|
* fix password not getting set on user import
|
||||||
|
* remove audit's login attempt
|
||||||
|
* add passing property to PolicyEngine
|
||||||
|
* fix captcha factor not loading keys from Factor class
|
||||||
|
* bump version: 0.1.5-beta -> 0.1.6-beta
|
||||||
|
* fix MATCH_EXACT not working as intended
|
||||||
|
* Improve access control for saml
|
||||||
|
|
||||||
|
-- Jens Langhammer <jens.langhammer@beryju.org> Fri, 08 Mar 2019 20:37:05 +0000
|
||||||
|
|
||||||
passbook (0.1.4) stable; urgency=medium
|
passbook (0.1.4) stable; urgency=medium
|
||||||
|
|
||||||
* initial debian package release
|
* initial debian package release
|
||||||
|
|||||||
@ -1,6 +1,6 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
appVersion: "0.1.6-beta"
|
appVersion: "0.1.7-beta"
|
||||||
description: A Helm chart for passbook.
|
description: A Helm chart for passbook.
|
||||||
name: passbook
|
name: passbook
|
||||||
version: "0.1.6-beta"
|
version: "0.1.7-beta"
|
||||||
icon: https://passbook.beryju.org/images/logo.png
|
icon: https://passbook.beryju.org/images/logo.png
|
||||||
|
|||||||
@ -5,7 +5,7 @@
|
|||||||
replicaCount: 1
|
replicaCount: 1
|
||||||
|
|
||||||
image:
|
image:
|
||||||
tag: 0.1.6-beta
|
tag: 0.1.7-beta
|
||||||
|
|
||||||
nameOverride: ""
|
nameOverride: ""
|
||||||
|
|
||||||
|
|||||||
@ -1,2 +1,2 @@
|
|||||||
"""passbook"""
|
"""passbook"""
|
||||||
__version__ = '0.1.6-beta'
|
__version__ = '0.1.7-beta'
|
||||||
|
|||||||
@ -1,2 +1,2 @@
|
|||||||
"""passbook admin"""
|
"""passbook admin"""
|
||||||
__version__ = '0.1.6-beta'
|
__version__ = '0.1.7-beta'
|
||||||
|
|||||||
@ -1,2 +1,2 @@
|
|||||||
"""passbook api"""
|
"""passbook api"""
|
||||||
__version__ = '0.1.6-beta'
|
__version__ = '0.1.7-beta'
|
||||||
|
|||||||
@ -1,2 +1,2 @@
|
|||||||
"""passbook audit Header"""
|
"""passbook audit Header"""
|
||||||
__version__ = '0.1.6-beta'
|
__version__ = '0.1.7-beta'
|
||||||
|
|||||||
@ -1,2 +1,2 @@
|
|||||||
"""passbook captcha_factor Header"""
|
"""passbook captcha_factor Header"""
|
||||||
__version__ = '0.1.6-beta'
|
__version__ = '0.1.7-beta'
|
||||||
|
|||||||
@ -1,2 +1,2 @@
|
|||||||
"""passbook core"""
|
"""passbook core"""
|
||||||
__version__ = '0.1.6-beta'
|
__version__ = '0.1.7-beta'
|
||||||
|
|||||||
@ -288,6 +288,8 @@ class FieldMatcherPolicy(Policy):
|
|||||||
if self.match_action == FieldMatcherPolicy.MATCH_REGEXP:
|
if self.match_action == FieldMatcherPolicy.MATCH_REGEXP:
|
||||||
pattern = re.compile(self.value)
|
pattern = re.compile(self.value)
|
||||||
passes = bool(pattern.match(user_field_value))
|
passes = bool(pattern.match(user_field_value))
|
||||||
|
if self.match_action == FieldMatcherPolicy.MATCH_EXACT:
|
||||||
|
passes = user_field_value == self.value
|
||||||
|
|
||||||
LOGGER.debug("User got '%r'", passes)
|
LOGGER.debug("User got '%r'", passes)
|
||||||
return passes
|
return passes
|
||||||
|
|||||||
@ -1,2 +1,2 @@
|
|||||||
"""passbook hibp_policy"""
|
"""passbook hibp_policy"""
|
||||||
__version__ = '0.1.6-beta'
|
__version__ = '0.1.7-beta'
|
||||||
|
|||||||
@ -1,2 +1,2 @@
|
|||||||
"""Passbook ldap app Header"""
|
"""Passbook ldap app Header"""
|
||||||
__version__ = '0.1.6-beta'
|
__version__ = '0.1.7-beta'
|
||||||
|
|||||||
@ -1,2 +1,2 @@
|
|||||||
"""passbook lib"""
|
"""passbook lib"""
|
||||||
__version__ = '0.1.6-beta'
|
__version__ = '0.1.7-beta'
|
||||||
|
|||||||
@ -1,2 +1,2 @@
|
|||||||
"""passbook oauth_client Header"""
|
"""passbook oauth_client Header"""
|
||||||
__version__ = '0.1.6-beta'
|
__version__ = '0.1.7-beta'
|
||||||
|
|||||||
@ -1,2 +1,2 @@
|
|||||||
"""passbook oauth_provider Header"""
|
"""passbook oauth_provider Header"""
|
||||||
__version__ = '0.1.6-beta'
|
__version__ = '0.1.7-beta'
|
||||||
|
|||||||
@ -1,2 +1,2 @@
|
|||||||
"""passbook otp Header"""
|
"""passbook otp Header"""
|
||||||
__version__ = '0.1.6-beta'
|
__version__ = '0.1.7-beta'
|
||||||
|
|||||||
@ -1,2 +1,2 @@
|
|||||||
"""passbook password_expiry"""
|
"""passbook password_expiry"""
|
||||||
__version__ = '0.1.6-beta'
|
__version__ = '0.1.7-beta'
|
||||||
|
|||||||
@ -1,2 +1,2 @@
|
|||||||
"""passbook saml_idp Header"""
|
"""passbook saml_idp Header"""
|
||||||
__version__ = '0.1.6-beta'
|
__version__ = '0.1.7-beta'
|
||||||
|
|||||||
@ -18,7 +18,7 @@
|
|||||||
<input type="hidden" name="SAMLResponse" value="{{ saml_response }}" />
|
<input type="hidden" name="SAMLResponse" value="{{ saml_response }}" />
|
||||||
<div class="login-group">
|
<div class="login-group">
|
||||||
<h3>
|
<h3>
|
||||||
{% blocktrans with remote=remote.name %}
|
{% blocktrans with remote=remote.application.name %}
|
||||||
You're about to sign into {{ remote }}
|
You're about to sign into {{ remote }}
|
||||||
{% endblocktrans %}
|
{% endblocktrans %}
|
||||||
</h3>
|
</h3>
|
||||||
|
|||||||
@ -12,6 +12,7 @@ from django.utils.decorators import method_decorator
|
|||||||
from django.views import View
|
from django.views import View
|
||||||
from django.views.decorators.csrf import csrf_exempt
|
from django.views.decorators.csrf import csrf_exempt
|
||||||
from signxml.util import strip_pem_header
|
from signxml.util import strip_pem_header
|
||||||
|
from django.utils.translation import gettext as _
|
||||||
|
|
||||||
from passbook.audit.models import AuditEntry
|
from passbook.audit.models import AuditEntry
|
||||||
from passbook.core.models import Application
|
from passbook.core.models import Application
|
||||||
@ -110,8 +111,12 @@ class LoginProcessView(ProviderMixin, LoginRequiredMixin, View):
|
|||||||
def get(self, request, application):
|
def get(self, request, application):
|
||||||
"""Handle get request, i.e. render form"""
|
"""Handle get request, i.e. render form"""
|
||||||
LOGGER.debug("Request: %s", request)
|
LOGGER.debug("Request: %s", request)
|
||||||
|
if not self._has_access():
|
||||||
|
return render(request, 'login/denied.html', {
|
||||||
|
'title': _("You don't have access to this application")
|
||||||
|
})
|
||||||
# Check if user has access
|
# Check if user has access
|
||||||
if self.provider.application.skip_authorization and self._has_access():
|
if self.provider.application.skip_authorization:
|
||||||
ctx = self.provider.processor.generate_response()
|
ctx = self.provider.processor.generate_response()
|
||||||
# Log Application Authorization
|
# Log Application Authorization
|
||||||
AuditEntry.create(
|
AuditEntry.create(
|
||||||
@ -133,8 +138,12 @@ class LoginProcessView(ProviderMixin, LoginRequiredMixin, View):
|
|||||||
def post(self, request, application):
|
def post(self, request, application):
|
||||||
"""Handle post request, return back to ACS"""
|
"""Handle post request, return back to ACS"""
|
||||||
LOGGER.debug("Request: %s", request)
|
LOGGER.debug("Request: %s", request)
|
||||||
|
if not self._has_access():
|
||||||
|
return render(request, 'login/denied.html', {
|
||||||
|
'title': _("You don't have access to this application")
|
||||||
|
})
|
||||||
# Check if user has access
|
# Check if user has access
|
||||||
if request.POST.get('ACSUrl', None) and self._has_access():
|
if request.POST.get('ACSUrl', None):
|
||||||
# User accepted request
|
# User accepted request
|
||||||
AuditEntry.create(
|
AuditEntry.create(
|
||||||
action=AuditEntry.ACTION_AUTHORIZE_APPLICATION,
|
action=AuditEntry.ACTION_AUTHORIZE_APPLICATION,
|
||||||
|
|||||||
Reference in New Issue
Block a user