Commits · 91ccfcb151836d8b94c52a1a63e91abefff2a559 · ai / sso

26 Sep, 2019 1 commit

Try to improve handling of missing session cookies in mod_sso · 91ccfcb1

ale authored Sep 26, 2019

Redirect the user to the (unauthenticated) destination, so that it
might try again the request. This introduces potential for a redirect
loop unfortunately, so let's see how well it works.

91ccfcb1

06 Sep, 2019 1 commit
- Add a custom mod_sso test · 2214522b
  ale authored Sep 06, 2019
```
Matches a specific production config that needed to be tested.
```
  2214522b
22 Jun, 2019 8 commits
- Add missing python-flask package to build-depends · f3d09f8c
  ale authored Jun 22, 2019
```
Again another package required for hermetic testing.
```
  f3d09f8c
- Add another missing build-depends · 3806fabd
  ale authored Jun 22, 2019
  
  3806fabd
- Switch CI to the standard pipeline · ad09525d
  ale authored Jun 22, 2019
  
  ad09525d
- Add more build-depends that are required for testing · b56f4cec
  ale authored Jun 22, 2019
  
  b56f4cec
- Update Debian packaging to use 'dh' · 67f5686b
  ale authored Jun 22, 2019
```
Will run tests in the package build phase.
```
  67f5686b
- Only link to libpam in the pam_sso module · 02d83bf6
  ale authored Jun 22, 2019
```
Prevents spurious dependencies in the other libraries.
```
  02d83bf6
- Update .gitignore · a81129d4
  ale authored Jun 22, 2019
  
  a81129d4
- Merge branch 'nonce' into 'master' · 97fc9e70
  ale authored Jun 22, 2019
```
Nonce

See merge request !3
```
  97fc9e70
20 Jun, 2019 1 commit
- Add a slash on the login redirect URL only when necessary · a65ad08e
  ale authored Jun 20, 2019
  
  a65ad08e
14 Jun, 2019 1 commit
- Add a 'quiet_fail' option to pam_sso to suppress auth failure logs · 210f1644
  ale authored Jun 14, 2019
```
Validation error details are also moved behind the 'debug' option,
in order to reduce noise.
```
  210f1644
17 Feb, 2019 1 commit
- Restore bits of py3compat.h lost to cut&paste · b9e86f98
  ale authored Feb 17, 2019
  
  b9e86f98
09 Feb, 2019 4 commits
- Switch from SWIG to a native Python module · 2945af40
  ale authored Feb 09, 2019
```
The native Python module implements a narrower interface and is much
simpler than the SWIG-wrapped version (the Python sso module API stays
the same).

The native Python module supports Python 3.
```
  2945af40
- Ignore test output files · cf9b7be3
  ale authored Feb 08, 2019
  
  cf9b7be3
- Fix a typo in docstrings · 860ae59a
  ale authored Feb 08, 2019
  
  860ae59a
- Update Python build · 2638d8ba
  ale authored Feb 08, 2019
```
First steps towards Python 3 compatibility.
```
  2638d8ba
16 Nov, 2018 3 commits
- Try to get CI to work with stretch · 602a0a64
  ale authored Sep 22, 2018
  
  602a0a64
- Use the event mpm module for 2.4 · 3a79d927
  ale authored Nov 16, 2018
  
  3a79d927
- Properly set the CORS origin · 69a97d06
  ale authored Nov 16, 2018
```
Handles the case where the SSOLoginServer URL has a path component.
```
  69a97d06
27 Sep, 2018 1 commit

Base64 decoder supports missing padding · 72888c4b

ale authored Sep 27, 2018

This makes the C implementation compatible with the Go one, which
generates unpadded base64-encoded tokens.

72888c4b

22 Sep, 2018 2 commits
- Try to get CI to work with stretch · 4afa78f7
  ale authored Sep 22, 2018
  
  4afa78f7
- Fix wrong assignment of --nonce · a1981a2f
  ale authored Sep 22, 2018
  
  a1981a2f
23 Jul, 2018 10 commits
- Build Python extension before the Python module · cac230c9
  ale authored Jul 23, 2018
```
Since swig generates a .py file, the build_ext step needs to run
before the build one.
```
  cac230c9
- Revert "Do not ignore sso_c.py anymore" · 0b0ad240
  ale authored Jul 23, 2018
```
This reverts commit 76caf208.
```
  0b0ad240
- Revert "Include swig-generated sso_c.py file" · e61c8445
  ale authored Jul 23, 2018
```
This reverts commit 01eb7558.
```
  e61c8445
- Do not ignore sso_c.py anymore · 76caf208
  ale authored Jul 23, 2018
  
  76caf208
- Add some verifier tests with nonces · a92b96ee
  ale authored Jul 23, 2018
  
  a92b96ee
- Include swig-generated sso_c.py file · 01eb7558
  ale authored Jul 23, 2018
```
This allows for the package to be properly installed by pip
(and a standalone python setup.py install), otherwise the distutils
build stage won't see the swig-generated file.

There are probably better solutions to this issue.
```
  01eb7558
- Fix top_srcdir variable name · 8b3e4f08
  ale authored Jul 23, 2018
  
  8b3e4f08
- Use None for "all groups" in SAML sso server · db7d4a85
  ale authored Jul 23, 2018
  
  db7d4a85
- Actually validate tickets in Python · 47bcad97
  ale authored Jul 23, 2018
  
  47bcad97
- Make the Python module pip-installable · 3dd9b40a
  ale authored Jul 23, 2018
  
  3dd9b40a
18 Feb, 2018 5 commits
- Fix login server origin, and prevent cookie duplication · 14478bf7
  ale authored Feb 18, 2018
  
  14478bf7
- Set CORS headers on /sso_logout · 4b7b71ae
  ale authored Feb 18, 2018
  
  4b7b71ae
- Use a common function to read fixed-size buffers from files · cd70b62f
  ale authored Feb 18, 2018
  
  cd70b62f
- Zero-terminate value returned by modsso_session_deserialize · 36650db9
  ale authored Feb 18, 2018
  
  36650db9
- Improve cookie handling code · 15e7349b
  ale authored Feb 18, 2018
```
Pull reference code out of apache's own util_cookies.c (which is
unfortunately not part of libapr so we can't link to it in our tests).

Also use libapr for url-escaping, getting rid of some ugly code.
```
  15e7349b
17 Feb, 2018 2 commits
- Debug nonces on /sso_login ticket auth failure · 5c84497a
  ale authored Feb 17, 2018
  
  5c84497a
- Run clang-format · 8f4c7d1e
  ale authored Feb 17, 2018
  
  8f4c7d1e