~deadlight/canonical-identity-provider/merge-1-static : changes

~deadlight/canonical-identity-provider/merge-1-static » Changes from revision 1704

From Revision 1704 to 1685

Rev	Summary	Authors	Date
1704	Reformat menu_item.py to pass linting Reformat menu_item.py to pass linting	Karl Williams	4 years ago
1703	Correct copyright messages Correct copyright messages	Karl Williams	4 years ago
1702	Add Vanilla templating. Add compiled Vanilla css. Convert st... Add Vanilla templating. Add compiled Vanilla css. Convert static templates to Vanilla template	Karl Williams	4 years ago
1701	Read-only mode 2FA: allow TOTP devices only, disable sync. Read-only mode 2FA: allow TOTP devices only, disable sync. Merged from https://code.launchpad.net/~maxiberta/canonical-identity-provider/2fa-readonly/+merge/374530	Maximiliano Bertacch...	4 years ago
1700	Added libsass as a dependency and Vanilla Framework as an NP... Added libsass as a dependency and Vanilla Framework as an NPM dependency. Added a python script to generate css from the scss. Merged from https://code.launchpad.net/~deadlight/canonical-identity-provider/sass-tooling/+merge/374527	Karl Williams	4 years ago
1699	Readonly cleanup: drop API for remote management of readonly... Readonly cleanup: drop API for remote management of readonly flag (now handled via juju); simplify the 'readonly' management command. Merged from https://code.launchpad.net/~maxiberta/canonical-identity-provider/readonly-improvements/+merge/374313	Maximiliano Bertacch...	4 years ago
1698	Improve password placeholder and validation message to inclu... Improve password placeholder and validation message to include the requirement of ascii encoding. Merged from https://code.launchpad.net/~maxiberta/canonical-identity-provider/improve-password-validation-ascii/+merge/374104	Maximiliano Bertacch...	4 years ago
1697	Limit the number of OpenID tokens stored in user session. Limit the number of OpenID tokens stored in user session. Merged from https://code.launchpad.net/~maxiberta/canonical-identity-provider/openid-session-limit/+merge/373232	Maximiliano Bertacch...	4 years ago
1696	Make the project compatible with git. Make the project compatible with git. With these changes the project should be hostable in a git repo and work as intended. - Add placeholder files so git doesn't eat empty directories - Tweak .bzrignore so it can be symlinked to .gitignore, and add symlink - Tweak Makefile so it works with either git or bzr Makefile modifications are mainly to determine revno/commit id for the build label, write versioninfo.py based on that information, and add po files, depending on which VCS is in use. Merged from https://code.launchpad.net/~roadmr/canonical-identity-provider/git-compatibility/+merge/372075	Daniel Manrique	4 years ago
1695	Add run-ssl makefile target and README instructions Add run-ssl makefile target and README instructions Merged from https://code.launchpad.net/~roadmr/canonical-identity-provider/ssl-utilities/+merge/372079	Daniel Manrique	4 years ago
1694	Exclude the delete account view from honeypot checks. Exclude the delete account view from honeypot checks. Merged from https://code.launchpad.net/~maxiberta/canonical-identity-provider/drop_honeypot_from_delete_account/+merge/369777	Maximiliano Bertacch...	4 years ago
1693	Updated invalid username error message in account registrati... Updated invalid username error message in account registration/edit form. Merged from https://code.launchpad.net/~matiasb/canonical-identity-provider/updated-username-error-msg/+merge/369005	Matias Bordese	4 years ago
1692	Allow generation of gdpr report from the email changelist. Allow generation of gdpr report from the email changelist. Previously, this was only doable from the account changelist, but the main search criteria for gdpr requests is email address; so it's cumbersome to first search for an email address, grab e.g. the openid to do a search in the account changelist, and then build the gdpr report there. The tests try not to duplicate things that are already tested in the account gdpr report tests. Merged from https://code.launchpad.net/~roadmr/canonical-identity-provider/gdpr-report-from-email/+merge/368565	Daniel Manrique	4 years ago
1691	update bson 0.3.4 update bson 0.3.4 Merged from https://code.launchpad.net/~verterok/canonical-identity-provider/update-bson-0.3.4/+merge/367924	Guillermo Gonzalez	4 years ago
1690	make it work in xenial make it work in xenial Merged from https://code.launchpad.net/~verterok/canonical-identity-provider/xenial-port/+merge/366731	Guillermo Gonzalez	4 years ago
1689	Show friendly help if we can't find the openid session token... Show friendly help if we can't find the openid session token from a validation link The most common reason for that is initiating a login on a third-party site, creating the account in sso as part of the flow, then clicking on the activation link on another device or browser. SO instead of sending people to a terse 404 page which causes them to fume and come file bugs which end up as dupes of https://pad.lv/1693375, the new (still a 404-code) page explains what to do and provides a link where they can validate their e-mail address out of the third-party login flow (which is the workaround we recommend anyway, after painful back and forth checking the format of the link they clicked on and referring to the cited bug) Merged from https://code.launchpad.net/~roadmr/canonical-identity-provider/better-evil-token-instructions/+merge/367285	Daniel Manrique	4 years ago
1688	Consolidating username validation with LP. Consolidating username validation with LP. Merged from https://code.launchpad.net/~cprov/canonical-identity-provider/username-validation-ng/+merge/367193	Celso Providelo	4 years ago
1687	Enable the zh-tw language support for Ubuntu One web UI. Enable the zh-tw language support for Ubuntu One web UI. Merged from https://code.launchpad.net/~cypressyew/canonical-identity-provider/canonical-identity-provider/+merge/366307	Po-Hsu Lin	4 years ago
1686	New privileged API for checking username availability. New privileged API for checking username availability. Merged from https://code.launchpad.net/~cprov/canonical-identity-provider/usernames-api/+merge/365688	Celso Providelo	5 years ago
1685	SAML: Ensure all dicts used to build assertions contain only... SAML: Ensure all dicts used to build assertions contain only utf-8-encoded data. The SAML library we use assumes use only of ascii inputs and parameters and Python 2 str <-> unicode implicit conversion intricacies. Some of those assumptions are broken by SSO's use of the library and particularly the CanonicalProcessor, which gets a lot of those assertion parameters and attributes from the database; SP config parameters, custom attributes come from Django ORM and are thus unicode, and since the SAML library doesn't do explicit unicode data encoding, it barfs when implicit conversions for unicode data that contains non-ascii characters are attempted, particularly when using the python string.Template classes and base64-encoding the final assertion;these behave predictably badly when given a str template and fed unicode substitution values. Since the output is expected to be utf8-encoded XML, this MP just ensures all the pieces used by the library to assemble, sign and encode the assertion are sent as utf8-encoded strs rather than unicodes. This problem was only exposed when we added a new "full name" substitution for SAML attributes: up until now, by some fluke, all the date we fed to the SAML library was ascii-only and so even when we were sending mixed strs and unicodes back and forth, implicit conversion of unicode to str worked fine and the problem went undetected. However, fullnames, unlike URLs and other identifiers, usernames and OpenIDs, understandably can contain non-ascii characters. Merged from https://code.launchpad.net/~roadmr/canonical-identity-provider/saml-unicode/+merge/365615	Daniel Manrique	5 years ago

Older »