Age | Commit message (Collapse) | Author | |
---|---|---|---|
2024-08-28 | Update UI: Use resource roles rather than obsolete group roles | Frederick Muriuki Muriithi | |
In a fix to fix a privilege-escalation bug, the `…/group/roles` endpoint was entirely removed and replaced with the less error-prone `…/resource/…/roles` endpoint. This commit updates the code to use the new endpoint's data as appropriate. We also fix typos in some url_for routing arguments. | |||
2024-08-28 | Fix displayed error message | Frederick Muriuki Muriithi | |
2024-08-28 | Remove the "Roles" page. | Frederick Muriuki Muriithi | |
2024-08-28 | Deactivate the "create_role" function | Frederick Muriuki Muriithi | |
The `create_role` function could lead to privilege escalation. This commit deactivates it completely to prevent the chance of that happening. | |||
2024-08-28 | Bug: Add missing data to search query. | Frederick Muriuki Muriithi | |
2024-08-28 | Build search URI endpoint on server rather than on JS | Frederick Muriuki Muriithi | |
To help with maintenance, build the search URI on the server rather than in the javascript. | |||
2024-08-28 | Build phenotype results template URI on backend | Frederick Muriuki Muriithi | |
Build the template URI on the backend to remove the need to remember to update the javascript if the URI changes in the future. | |||
2024-08-28 | Provide client data used for user verification. | Frederick Muriuki Muriithi | |
2024-08-28 | Ensure endpoint returns a response. | Frederick Muriuki Muriithi | |
2024-08-28 | Bug: Compute numeric timestamp for the claims. | Frederick Muriuki Muriithi | |
2024-05-14 | Use correct URL when redirecting user after a new registration. | Munyoki Kilyungi | |
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com> | |||
2024-05-14 | Consistently use the same OAuthSession client | Frederick Muriuki Muriithi | |
2024-05-14 | Enable client to automatically request a refresh token. | Frederick Muriuki Muriithi | |
2024-05-14 | Redirect to index rather than no-longer supported login | Frederick Muriuki Muriithi | |
Redirect to index of the site rather that the no-longer supported "Password Grant"-using login page. Disable the login route entirely. | |||
2024-04-30 | Revert "Create constructors for encoding and decoding a token." | Munyoki Kilyungi | |
This reverts commit e7a3bf22da1b63a01343f2cd30cd13c234fe508c. | |||
2024-04-30 | Make returning an json object from oauth2_get optional. | Munyoki Kilyungi | |
* gn2/wqflask/oauth2/client.py (oauth2_get): Add a jsonify_p key word that defaults to False. Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com> | |||
2024-04-30 | Create constructors for encoding and decoding a token. | Munyoki Kilyungi | |
* gn2/tests/unit/wqflask/oauth2/(__init__.py, test_tokens.py): Test cases for jwt token creation. * gn2/wqflask/oauth2/tokens.py (JWTToken): New module for creating jwt tokens. Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com> | |||
2024-04-24 | Bug: use dict object on Response object. | Frederick Muriuki Muriithi | |
2024-04-24 | Fetch message for authlib errors. | Frederick Muriuki Muriithi | |
2024-04-24 | Send assertion as a string, not bytes. | Frederick Muriuki Muriithi | |
2024-04-24 | DEBUG: log out request details | Frederick Muriuki Muriithi | |
There is a failure on CI/CD that is not obvious - the logs should help with debugging the issue. | |||
2024-04-23 | Separate the auth server's public key from app's private key | Frederick Muriuki Muriithi | |
* Use the app's private key to sign the initial assertions used for retrieving an authorisation token from the auth server. * Use auth server's public key to validate the authorisation tokens got from the auth server. | |||
2024-04-23 | Generate assertions to be used to get the token from the auth server | Frederick Muriuki Muriithi | |
2024-04-23 | Use the JWT Bearer grant type | Frederick Muriuki Muriithi | |
2024-03-26 | Use correct variable name. | Munyoki Kilyungi | |
* gn2/wqflask/oauth2/client.py (no_token_post): "uri" does not exist. Replace it with "uri_path." Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com> | |||
2024-03-26 | Delete unused variable. | Munyoki Kilyungi | |
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com> | |||
2024-03-26 | Implement "require_oauth2_edit_resource_access" decorator. | Munyoki Kilyungi | |
* gn2/wqflask/oauth2/checks.py (require_oauth2): New function. Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com> | |||
2024-03-26 | Import user_logged_in from the clients module. | Munyoki Kilyungi | |
Importing "user_logged_in" in the checks module just to export adds a layer of indirection and makes the code hard to read. Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com> | |||
2024-03-26 | Delete repetitive statement in "render_ui". | Munyoki Kilyungi | |
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com> | |||
2024-03-26 | Remove unused imports. | Munyoki Kilyungi | |
Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com> | |||
2024-03-26 | Delete "raise_unimplemented". | Munyoki Kilyungi | |
* gn2/wqflask/oauth2/groups.py: Remove unused "raise_unimplemented" import. * gn2/wqflask/oauth2/request_utils.py (raise_unimplemented): Delete function. Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com> | |||
2024-03-07 | fix bugs. | Frederick Muriuki Muriithi | |
2024-03-06 | Use AUTH_SERVER_URL setting from flask.current_app not gn2.utility.tools | Frederick Muriuki Muriithi | |
2024-03-06 | Bug: Break circular import | Frederick Muriuki Muriithi | |
2024-03-05 | Fix missed bug: Don't use `gn2.utility.tools` for configs. | Frederick Muriuki Muriithi | |
2024-03-05 | configs: Fetch configs from app not `gn2.utility.tools` | Frederick Muriuki Muriithi | |
Fetch configurations from the application, rather than from the `gn2.utility.tools` module that does not get the updated values from the secrets file. | |||
2024-01-30 | Error reporting: Pass external error forward to GN2's error handling | Frederick Muriuki Muriithi | |
2024-01-30 | Create framework for error handling and handle connection errors | Frederick Muriuki Muriithi | |
2023-12-29 | Namespace all modules under gn2. | Arun Isaac | |
We move all modules under a gn2 directory. This is important for "correct" packaging and deployment as a Guix service. |