- Mar 19, 2024
-
-
- Dec 29, 2022
-
-
David Taylor authored
-
- Dec 14, 2022
-
-
Vinoth Kannan authored
And add a option to add multiple certificates in site setting with "|" separator.
-
Vinoth Kannan authored
This commit already added in a brach and deployed to a client before. https://github.com/discourse/discourse-saml/commit/ddeb2615529eb0f9cac9621e247feebf31e65fee
-
- Feb 08, 2022
-
-
Andrei Prigorshnev authored
-
- Jan 05, 2022
-
-
David Taylor authored
In production, the SAML omniauth strategy returns some very complex data structures in the `extra` data. These have circular references, and can cause a "stack level too deep" error when serializing to JSON. This commit simplifies thing so we only try to store the attributes hash.
-
David Taylor authored
All data will be automatically migrated from `oauth2_user_infos` to the `user_associated_accounts` table
-
- Jan 04, 2022
-
-
David Taylor authored
There is only one SAMLAuthenticator instance per-process. Storing user-specific state in it is risky (although, in our default unicorn-based config, is unlikely to cause issues because we only handle one concurrent request per process). This commit also updates our implementation to use the built-in `#single` and `#multi` methods provided by the SAML gem. This avoids the need for our custom `&.first`, `&.split` and `&.join` implementation.
-
- Dec 29, 2021
-
-
Andrei Prigorshnev authored
Starting from https://github.com/discourse/discourse/commit/c2022521906b3c44a8a21e8eb2527c8650e06a18 we can pass to `UsernameSuggester` an array of inputs parameters and it'll be skipping invalid items and trying next ones.
-
- Dec 23, 2021
-
-
David Taylor authored
-
- Dec 10, 2021
-
-
David Taylor authored
Some variable renames were missed, and some specs are no longer relevant
-
David Taylor authored
Core takes care of suggesting usernames during normal signup. Suggesting them here as well can cause unexpected issues (e.g. when staged users sign up). The SAML plugin currently has a bespoke `auto_create_account` implementation, which **does** need to do its own username suggestion. Therefore this commit moves all the suggestion logic into `auto_create_account`. An integration spec for staged-user signup is also introduced.
-
David Taylor authored
Regression introduced in e9f9150b
-
David Taylor authored
GlobalSettings configured via environment variables will continue to take precendence, so this change is backwards compatible. - `.presence` is added to string values, since 'unset' site settings are never `nil` - saml_force_domains is split on `|` and `,` because site settings expect a `|`, while the old global setting expected a `,` - Specs are migrated to use SiteSettings, because GlobalSettings do not override SiteSettings in test mode
-
- Dec 09, 2021
-
-
David Taylor authored
The prefix is added by the helper. Adding it here causes it to be prefixed twice.
-
David Taylor authored
This centralises our logic for accessing settings. This particular commit should be a no-op. I intend to followup with the new site setting definitions in a future commit.
-
- Dec 08, 2021
-
-
David Taylor authored
Putting this logic into the omniauth strategy is much cleaner because: - we no longer need a Rails controller and the associated `custom_url` parameter - we can re-use the `authn_request` instance which is automatically generated by the omniauth strategy, rather than re-implementing that logic - the behavior is decided at runtime, rather than during initialization. This makes it testable, and is another step on the way to making the plugin multisite-compatible This commit also introduces a spec for the feature.
-
David Taylor authored
This will allow much easier testing of the strategy, and is one more step towards making the SAML plugin multisite-compatible
-
- Dec 07, 2021
-
-
David Taylor authored
For `name`, the previous intention was to use the `fullName` attribute, and then fallback to "firstname lastname". However, a bug in the implementation meant that the `fullName` was skipped. This commit updates the logic to lean on omniauth-saml's attribute_statements for the fullName, firstName and lastName attributes, and also updates the priority logic so that fullName is indeed prioritized.
-
- Dec 06, 2021
-
-
David Taylor authored
-
David Taylor authored
-
- Oct 27, 2021
-
-
Bastien Le Querrec authored
Co-authored-by:
Bastien Le Querrec <blq@laquadrature.net>
-
- Oct 21, 2021
-
-
Andreas Teuber authored
If your IDP transmits `cn=groupname,cn=groups,dc=example,dc=com` you can set this to true to use only `groupname`. This is useful if you want to keep the standard group name length of Discourse (20 characters). Co-authored-by:
Andreas Teuber <andreas.teuber@passiv.de>
-
- Jul 27, 2021
-
-
Vinoth Kannan authored
-
- Jul 23, 2021
-
-
Vinoth Kannan authored
Now we can sync or create user fields based on the new `saml_user_field_statements` environment variable's mapping.
-
- Nov 12, 2020
-
-
Vinoth Kannan authored
-
- Jun 05, 2020
-
-
p-betula authored
-
- Apr 29, 2020
-
-
Bernhard Suttner authored
In case the user isn't assigned to any (non-automatic) group, the user wasn't added.
-
- Apr 23, 2020
-
-
Robin Ward authored
-
- Apr 17, 2020
-
-
discoursehosting authored
* Support for GlobalSetting.saml_base_url * Push file with class method... Co-authored-by:
Richard <richard@discoursehosting.com>
-
- Apr 07, 2020
-
-
Vinoth Kannan authored
-
- Jan 07, 2020
-
-
Vinoth Kannan authored
-
- Nov 27, 2019
-
-
Bernhard Suttner authored
-
- Nov 25, 2019
-
-
Bernhard Suttner authored
* RFC: groups full sync * Update lib/saml_authenticator.rb Co-Authored-By:
Robin Ward <robin.ward@gmail.com> * Update lib/saml_authenticator.rb Co-Authored-By:
Robin Ward <robin.ward@gmail.com> * Update README.md Co-Authored-By:
Robin Ward <robin.ward@gmail.com>
-
- Nov 18, 2019
-
-
Bernhard Suttner authored
-
- Nov 13, 2019
-
-
Bernhard Suttner authored
-
- Jun 26, 2019
-
-
Vinoth Kannan authored
-
Vinoth Kannan authored
-
- Mar 21, 2019
-
-
Vinoth Kannan authored
-