Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
16,147 Commits 1 Branch 0 Tags
8bd686d63cbd46775f35faddddcf0baaffcba310
Commit Graph

50 Commits

Author SHA1 Message Date
Calen Pennington
76055aa211 Add a manage.py command that understands the extra edX options 2013-07-24 09:04:12 -04:00
Jason Bau
e7bb85dee1 Merge pull request #259 from edx/features/jbau/stanford-shib 
Bugfix for stanford shib
 2013-07-12 10:19:58 -07:00
Diana Huang
f33bfd1c6c Address code review feedback 2013-06-28 15:03:44 -04:00
Diana Huang
c98651fadb Add in the ability to handle malformed return urls. 2013-06-27 18:02:23 -04:00
Diana Huang
c6fa4873b1 Handle issues decoding requests more gracefully 
Clean up some pep8/pylint violations as well
 2013-06-27 18:02:23 -04:00
Jason Bau
3e38327f7f External_auth.views.login_or_signup fix codepath that didn't set uname 
which caused UnboundLocalError.  Added tests for this case
 2013-06-24 17:55:33 -07:00
Ned Batchelder
e045860cb6 Pylint complains if you use string, even if you use it for what its still meant to be used for. 2013-06-21 16:35:47 -04:00
Jason Bau
aa4e27f775 Shib PR responses to @cpennington and @ormsbee comments 
* Changed unicode test cases to ascii encoding
* Removed 'stanford' hardcoding in TOS logic in lieu of
  'SHIB_DISABLE_TOS' MIT_FEATURES flag
* made 'external_auth' always an installed_app in lms
* log.exception changd to log.error where appropriate

But: did not change skipping tests to changing settings, for
reasons stated here:
https://github.com/edx/edx-platform/pull/67#issuecomment-19790330
 2013-06-20 18:12:20 -07:00
Jason Bau
084160c1c9 Finishing up tests/modifications per @ormsbee feedback 2013-06-19 00:48:18 -07:00
Jason Bau
ca649d3c33 Turn off Agreement to Terms of Service for Stanford shib 
As stipulated by Stanford's office of general counsel
 2013-06-19 00:48:18 -07:00
Jason Bau
a39a384ed2 Handle the case where an existing user has email returned by shib 
By linking the users
 2013-06-19 00:48:18 -07:00
Jason Bau
824fb9a311 The bulk of Shibboleth authentication for Stanford 
Highlights:
* The url '/shib-login/' interfaces with apache/mod_shib via
  request.META to handle shibboleth login and registrations
* Courses can designate 'enrollment_domains' to limit enrollment
  to users with a linked ExternalAuthMap verified by a particular
  identity provider
* Tests
* Logging

 Changes to be committed:

	new file:   common/djangoapps/external_auth/migrations/0001_initial.py
	new file:   common/djangoapps/external_auth/migrations/__init__.py
	new file:   common/djangoapps/external_auth/tests/test_shib.py
	modified:   common/djangoapps/external_auth/views.py
	modified:   common/djangoapps/student/views.py
	modified:   common/lib/xmodule/xmodule/course_module.py
	modified:   lms/djangoapps/courseware/access.py
	modified:   lms/djangoapps/courseware/tests/test_access.py
	modified:   lms/envs/common.py
	modified:   lms/envs/dev.py
	modified:   lms/envs/test.py
	modified:   lms/templates/courseware/course_about.html
	modified:   lms/templates/dashboard.html
	modified:   lms/templates/extauth_failure.html
	modified:   lms/templates/navigation.html
	modified:   lms/templates/register.html
	modified:   lms/templates/signup_modal.html
	modified:   lms/urls.py
	renamed:    lms/wsgi_apache.py -> lms/wsgi_apache_lms.py
 2013-06-19 00:48:18 -07:00
Diana Huang
886e74342d Move the testcenter login to external_auth 
* hide the login behind a setting that is turned off by default
* clean out some of the outdated settings and hardcoded test strings
 2013-04-25 11:12:19 -04:00
Calen Pennington
cfae1cdf62 Pep8 autofixes 2013-02-06 11:13:50 -05:00
Brian Wilson
9d28c37724 add more test coverage for openid provider. 2013-01-23 04:23:30 -05:00
Brian Wilson
ba62a657bf Merge remote-tracking branch 'origin/master' into bugfix/brian/openid_provider_post 2013-01-22 23:50:38 -05:00
Brian Wilson
9653631e9a Add initial openid_provider tests (covers xrds and authentication requests) 2013-01-22 11:15:30 -05:00
Brian Wilson
6da9c7bd9a get (openId) provider_login to work with POST requests 2013-01-18 18:37:24 -05:00
Calen Pennington
b52ed48221 Merge remote-tracking branch 'origin/master' into feature/cale/cms-master 
Conflicts:
	common/lib/capa/capa/responsetypes.py
	common/lib/xmodule/xmodule/js/src/html/display.coffee
	lms/envs/common.py
 2012-10-23 13:38:11 -04:00
Carlos Andrés Rocha
f495f219cf Update common/djangoapps/external_auth/views.py 
Corrected comments on OpenID temporal fix
 2012-10-15 13:28:54 -03:00
John Hess
a88a857723 Adjusted to return email address 
Per update from CS50 team, their client will break if not given addresses.
 2012-10-15 12:55:39 -03:00
Carlos Andrés Rocha
0f16e8a358 Return only username on OpenID provider requests. 
Temporarily return username also as the email and fullname fields of
the response using OpenID's simple registration extension.
 2012-10-14 19:45:22 -04:00
ichuang
09d7d6d688 add AUTH_USE_MIT_CERTIFICATES feature flag to CMS, and @ssl_login_shortcut 2012-10-14 16:40:04 -04:00
Carlos Andrés Rocha
193ca7b34b Fix error when creating empty associations 
Also renamed some variables to make them more distinguishable
 2012-10-05 13:46:49 -04:00
Carlos Andrés Rocha
e62968d5e1 Get OpenID XRDS url host from request 
Replaced the previous method of getting it from HTTP_POST to use
django's mechanism, which may or may not use HTTP_HOST. However if an
attacker changes the request header, there is not much he can do since
he cannot recreate the association nonce.
 2012-10-03 17:16:22 -04:00
Carlos Andrés Rocha
4840de8c88 Create Django cache backed OpenID provider store 2012-10-03 16:54:07 -04:00
ichuang
2045500c6e make external_auth table searchable in django admin; fix 
missed instance of login link which should have been behind DISABLE_LOGIN_BUTTON
 2012-09-08 23:21:34 -04:00
Carlos Andrés Rocha
327b3a4648 [34078525] Log openid root_trust validation failures as errors 2012-08-31 06:43:28 -04:00
Carlos Andrés Rocha
0a81684ac3 [34078525] Fix error saving open_id request in session 2012-08-31 06:43:08 -04:00
Carlos Andrés Rocha
d702082daa [34078525] Add test settings for openid 2012-08-31 06:31:18 -04:00
Carlos Andrés Rocha
27fe80d57c [34078525] Use system random to generate passwords 2012-08-31 06:29:07 -04:00
Carlos Andrés Rocha
902a887e79 [34078525] pep8 renaming of some extern_auth functions 2012-08-29 18:46:35 -04:00
Carlos Andrés Rocha
cd4aab13fb [34078525] Added OPENID_PROVIDER_TRUSTED_ROOTS django setting 
Added OPENID_PROVIDER_TRUSTED_ROOTS django setting. It should be a
list of glob matching patterns: ['*.cs50.net', '*.other.net']

Also did some minor refactoring and cleanup.
 2012-08-29 18:40:12 -04:00
Nate Hardison
c97db851fb Getting rid of unneeded variables 2012-08-29 15:28:44 -04:00
Carlos Andrés Rocha
cb67af5959 [34078525] OpenID provider cleanup and minor fixes 2012-08-29 12:43:08 -04:00
Nate Hardison
4126f3a29a Validating OpenID request trust roots to only come from *.cs50.net 2012-08-29 11:57:41 -04:00
Tommy MacWilliam
6de28fc592 feature flag, consumer displayed, logging 
- provider placed behind separate feature flag
- domain of openid consumer displayed in login page
- added logging for successful login, changed log messages to include
  "OpenID"
 2012-08-29 10:37:02 -04:00
Tommy MacWilliam
4b6694a4ce OpenID provider implementation 
- endpoint supports both SReg and AX
- identity taken from edX username
- sreg fullname and ax http://axschema.org/namePerson taken from edX
  name
- sreg email and ax http://axschema.org/contact/email taken from edX
  email
 2012-08-29 10:29:42 -04:00
Calen Pennington
5ca636e606 Use the university profile page for courses and index if we are in a branded subdomain. N.B. THIS DOESN'T WORK WITH MIT_SSL_AUTH 2012-08-22 14:43:49 -04:00
David Ormsbee
346d5b91a1 implement subdomain-based course displays 2012-08-15 11:53:20 -04:00
ichuang
553f7046b4 suggested username for ssl auth is conjoined name with no spaces 2012-08-05 21:12:56 -04:00
ichuang
3eff9ffecd match external_domain as well when retrieving ExternalAuthMap objects 2012-08-02 13:28:52 -04:00
ichuang
613c53a710 slight cleanup, no need to import all of django_openid_auth 2012-08-02 10:05:26 -04:00
ichuang
f2a9110bda change model to have external_id and external_domain be unique_together 2012-08-02 09:56:33 -04:00
ichuang
b2e9d980ff don't overwrite oid_backend 2012-08-02 09:42:26 -04:00
ichuang
23c3c5a652 print -> log.debug, rename function from camel case 2012-08-02 09:37:24 -04:00
ichuang
727e51411f small change so that ssl authenticated user can logout to see main screen 2012-08-02 08:59:02 -04:00
ichuang
4a0d0a08db minor change so that SSL code doesn't interfere with non-nginx instances 2012-08-01 23:37:35 -04:00
ichuang
a759850e3e add SSL / MIT certificates auth; clean up external_auth.views 2012-08-01 22:42:06 -04:00
ichuang
7b725a075c external_auth djangoapps files 2012-08-01 17:57:21 -04:00