Nick Schonning 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							c0b9664a31 
							
						 
					 
					
						
						
							
							Autofix Rubocop spacing in config ( #25022 )  
						
						
						
						
					 
					
						2023-05-22 13:17:56 +02:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							ae4f068a84 
							
						 
					 
					
						
						
							
							Fix CAS_DISPLAY_NAME, SAML_DISPLAY_NAME and OIDC_DISPLAY_NAME being ignored ( #18568 )  
						
						
						
						
					 
					
						2022-06-01 19:22:55 +02:00 
						 
				 
			
				
					
						
							
							
								chandrn7 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							a6ed6845c9 
							
						 
					 
					
						
						
							
							Allow login through OpenID Connect ( #16221 )  
						
						... 
						
						
						
						* added OpenID Connect as an SSO option
* minor fixes
* added comments, removed an option that shouldn't be set
* fixed Gemfile.lock
* added newline to end of Gemfile.lock
* removed tab from Gemfile.lock
* remove chomp
* codeclimate changes and small name change to make function's purpose clearer
* codeclimate fix
* added SSO buttons to /about page
* minor refactor
* minor style change
* removed spurious change
* removed unecessary conditional from ensure_valid_username and added support for auth.info.name in user_params_from_auth
* minor changes 
						
						
					 
					
						2022-03-09 12:07:35 +01:00 
						 
				 
			
				
					
						
							
							
								Josh Soref 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							b5329e0035 
							
						 
					 
					
						
						
							
							Spelling ( #17705 )  
						
						... 
						
						
						
						* spelling: account
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: affiliated
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: appearance
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: autosuggest
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: cacheable
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: component
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: conversations
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: domain.example
Clarify what's distinct and use RFC friendly domain space.
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: environment
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: exceeds
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: functional
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: inefficiency
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: not
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: notifications
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: occurring
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: position
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: progress
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: promotable
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: reblogging
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: repetitive
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: resolve
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: saturated
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: similar
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: strategies
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: success
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: targeting
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: thumbnails
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: unauthorized
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: unsensitizes
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: validations
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: various
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com> 
						
						
					 
					
						2022-03-06 22:51:40 +01:00 
						 
				 
			
				
					
						
							
							
								Claire 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							cfa583fa71 
							
						 
					 
					
						
						
							
							Remove support for OAUTH_REDIRECT_AT_SIGN_IN ( #17287 )  
						
						... 
						
						
						
						Fixes  #15959 
Introduced in #6540 , OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.
However, it did not prevent the log-in form on /about introduced by #10232  from
appearing, and completely broke with the introduction of #15228 .
As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being. 
					
						2022-01-23 15:50:41 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							2ed1c92c63 
							
						 
					 
					
						
						
							
							New env variable: CAS_SECURITY_ASSUME_EMAIL_IS_VERIFIED ( #16655 )  
						
						... 
						
						
						
						When using a CAS server, the users only have a temporary email
`change@me-foo-cas.com` which can't be changed but by an
administrator.
We need a new environment variable like for SAML to assume the email
from CAS is verified.
* config/initializers/omniauth.rb: define CAS option for assuming
  email are always verified.
* .env.nanobox: add new variable as an example. 
						
						
					 
					
						2021-08-25 18:41:24 +02:00 
						 
				 
			
				
					
						
							
							
								kaiyou 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							f47c177eb7 
							
						 
					 
					
						
						
							
							Support clock drift in Omniauth SAML provider ( #15511 )  
						
						... 
						
						
						
						The setting is not well documented by the provider, but allows for
clock skew between SP and IDP, see:
https://github.com/omniauth/omniauth-saml/blob/master/spec/omniauth/strategies/saml_spec.rb 
Co-authored-by: kaiyou <dev@kaiyou.fr> 
						
						
					 
					
						2021-01-08 07:07:08 +01:00 
						 
				 
			
				
					
						
							
							
								Eric 
							
						 
					 
					
						
						
						
						
							
						
						
							7169928f96 
							
						 
					 
					
						
						
							
							cas_options :validate_url should be :service_validate_url ( #10328 )  
						
						... 
						
						
						
						Otherwise, no matter what is given for CAS_VALIDATE_URL the default /serviceValidate path would be used. 
						
						
					 
					
						2019-03-21 04:06:41 +01:00 
						 
				 
			
				
					
						
							
							
								aus-social 
							
						 
					 
					
						
						
						
						
							
						
						
							0a4739c732 
							
						 
					 
					
						
						
							
							lint pass 2 ( #8878 )  
						
						... 
						
						
						
						* Code quality pass
* Typofix
* Update applications_controller_spec.rb
* Update applications_controller_spec.rb 
						
						
					 
					
						2018-10-04 17:38:04 +02:00 
						 
				 
			
				
					
						
							
							
								aus-social 
							
						 
					 
					
						
						
						
						
							
						
						
							1f98eae1cf 
							
						 
					 
					
						
						
							
							Lint pass ( #8876 )  
						
						
						
						
					 
					
						2018-10-04 12:36:53 +02:00 
						 
				 
			
				
					
						
							
							
								Effy Elden 
							
						 
					 
					
						
						
						
						
							
						
						
							dd9d00d293 
							
						 
					 
					
						
						
							
							Add additional first_name and last_name SAML attribute statement options, and modify Omniauthable concern to use full_name or first_name + last_name if not available ( #6669 )  
						
						
						
						
					 
					
						2018-03-07 06:19:10 +01:00 
						 
				 
			
				
					
						
							
							
								Ghislain Loaec 
							
						 
					 
					
						
						
						
						
							
						
						
							e668180044 
							
						 
					 
					
						
						
							
							New variable OAUTH_REDIRECT_AT_SIGN_IN + Ref  #6538  (not only SAML strategies) ( #6540 )  
						
						
						
						
					 
					
						2018-02-23 01:16:17 +01:00 
						 
				 
			
				
					
						
							
							
								Ghislain Loaec 
							
						 
					 
					
						
						
						
						
							
						
						
							3084fe4959 
							
						 
					 
					
						
						
							
							New env variable: SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED +  fixes   #6533  ( #6538 )  
						
						
						
						
					 
					
						2018-02-22 23:31:25 +01:00 
						 
				 
			
				
					
						
							
							
								Eugen Rochko 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							26f21fd5a0 
							
						 
					 
					
						
						
							
							CAS + SAML authentication feature ( #6425 )  
						
						... 
						
						
						
						* Cas authentication feature
* Config
* Remove class_eval + Omniauth initializer
* Codeclimate review
* Codeclimate review 2
* Codeclimate review 3
* Remove uid/email reconciliation
* SAML authentication
* Clean up code
* Improve login form
* Fix code style issues
* Add locales 
						
						
					 
					
						2018-02-04 05:42:13 +01:00