| Age | Commit message (Expand) | Author |
|---|
| 2023-07-06 | Provide the client_id as part of the post request. | Frederick Muriuki Muriithi |
| 2023-05-29 | Enable Administrator login on GN3...* gn3/auth/authentication/oauth2/views.py: Remove endpoint
* gn3/auth/authorisation/users/admin/__init__.py: New admin module
* gn3/auth/authorisation/users/admin/ui.py: New admin module
* gn3/auth/authorisation/users/admin/views.py: New admin module
* gn3/auth/views.py: Use new admin module
* gn3/errors.py: Fix linting errors
* gn3/templates/login.html: New html template
* main.py: Fix linting errors
| Frederick Muriuki Muriithi |
| 2023-05-27 | Document Use of OAuth2 Clients...* docs/authentication_and_authorisation/oauth2_clients.md: New documentation
* gn3/auth/authentication/oauth2/server.py: Raise appropriate error if no
client is found.
* gn3/auth/authentication/oauth2/views.py: Handle exception in the case where
a UI should be presented to the user, rather than presenting the raw JSON
response to the user.
* gn3/errors.py: Handle any authlib OAuth2Error at the application's top-level
* gn3/templates/oauth2/oauth2_error.html: Handle any authlib OAuth2Error at
the application's top-level
| Frederick Muriuki Muriithi |
| 2023-05-10 | auth: Only check deliverability of emails at registration....Check only that the email format is correct, but don't bother with the
deliverability check during authentication. The deliverability check is done
at registration.
| Frederick Muriuki Muriithi |
| 2023-05-09 | auth: Implement "Authorization Code Flow"...Implement the "Authorization Code Flow" for the authentication of users.
* gn3/auth/authentication/oauth2/grants/authorisation_code_grant.py: query and
save the authorisation code.
* gn3/auth/authentication/oauth2/models/authorization_code.py: Implement the
`AuthorisationCode` model
* gn3/auth/authentication/oauth2/models/oauth2client.py: Fix typo
* gn3/auth/authentication/oauth2/server.py: Register the
`AuthorisationCodeGrant` grant with the server.
* gn3/auth/authentication/oauth2/views.py: Implement `/authorise` endpoint
* gn3/templates/base.html: New HTML Templates of authorisation UI
* gn3/templates/common-macros.html: New HTML Templates of authorisation UI
* gn3/templates/oauth2/authorise-user.html: New HTML Templates of
authorisation UI
* main.py: Allow both "code" and "token" response types.
auth/implement-authorization-code-flow | Frederick Muriuki Muriithi |
| 2023-03-09 | auth: introspection: Protect introspection endpoint...The introspection endpoint could contain privileged information, thus requires
that the endpoint be protected. This commit ensures that a user has
authenticated to the system and that the client they are using be one of the
allowed clients.
| Frederick Muriuki Muriithi |
| 2023-02-02 | auth: Reorganise modules/packages for easier dev and maintenance...Split the views/routes into separate modules each dealing with a narrower
scope of the application to aid in maintenance, and help with making the
development easier.
| Frederick Muriuki Muriithi |
| 2023-01-04 | auth: Add `/register-user` endpoint...* gn3/app.py: register top-level error handlers. reorganise oauth2 blueprint.
* gn3/auth/__init__.py: reorganise oaut2 blueprint.
* gn3/auth/authentication/oauth2/views.py: reorganise oauth2 blueprint.
* gn3/auth/authorisation/exceptions.py -> gn3/auth/authorisation/errors.py
* gn3/auth/authorisation/groups.py: rename file/module
* gn3/auth/authorisation/resources.py: rename file/module
* gn3/auth/authorisation/views.py: Add `/register-user` endpoint
* gn3/auth/blueprint.py: reorganise oauth2 blueprint.
* gn3/errors.py: register top-level error handlers.
| Frederick Muriuki Muriithi |
| 2023-01-04 | auth: return group info as part of user details...* gn3/app.py: import blueprint from authorisation views inorder to get all
endpoints
* gn3/auth/authentication/oauth2/views.py: remove the `/user` endpoint
* gn3/auth/authorisation/views.py: add the `/user` endpoint and add the group
information to the user details.
| Frederick Muriuki Muriithi |
| 2023-01-03 | auth: Fetch all of a user's roles....* gn3/auth/authorisation/roles.py: Fetch roles from DB
* gn3/auth/authorisation/views.py: Provide API endpoint for user roles
* tests/unit/auth/test_roles.py: Tests to check fetching roles works correctly
Fix linting and typing issues in the following files:
* gn3/auth/authentication/oauth2/resource_server.py
* gn3/auth/authentication/oauth2/views.py
* tests/unit/auth/fixtures/oauth2_client_fixtures.py
| Frederick Muriuki Muriithi |
| 2022-12-28 | auth: Add resource server and /user endpoint...Add a resource server with the validator for the bearer token to protect the
resources endpoints.
Add a protected `/user` endpoint that returns the user details for valid
tokens.
* gn3/auth/authentication/oauth2/resource_server.py: new file
* gn3/auth/authentication/oauth2/views.py: add /user endpoint
| Frederick Muriuki Muriithi |
| 2022-12-22 | auth: implement OAuth2 flow....Add code to implement the OAuth2 flow.
* Add test fixtures for setting up users and OAuth2 clients
* Add tests for token generation with the "Password Grant" flow
* Fix some issues with test due to changes in the database connection's
row_factory
oauth2_auth_flow | Frederick Muriuki Muriithi |
