Configurable AAI skip list
Make LOGIN_PATH be a full URL (not just a path under APP_INSTALL_URL)
Refs: #715
Add exclude for API calls in AAI middlware
Fixes 3 failed tests
Merge branch 'api-current' into helpdesk-gui
Conflicts: aai/shibboleth.py
Mostly cosmetic changes to the auth middlewares
Merge branch 'faidon/aai-fixups' into helpdesk-gui
Conflicts: aai/middleware.py
Fix logic errors on Shibboleth user registration
Fix register_shibboleth_user() to follow Shibboleth best practices andmap on federations other than GRNET. While we're at it, fix a couple ofPythonic bad practices and reorder the code a bit.
Restructure SynnefoAuthMiddleware
No functional changes (in theory :) but some changes on the control flowto remove some redundant cruft and make the code a bit more readable forthe uninitiated :)
Fix Vary header modification in the aai middleware
Currently the SynnefoAuthMiddleware is setting the Vary header toX-Auth-Token unconditionally. Unfortunately, this means that it willoverride other similar additions to the header by response methods or...
Fix syntax typos wrt "Shibboleth"
It's "Shibboleth", not "sibboleth" or variations of it :-)
Really process URL exclusions
Add helpdesk user group
Helpdesk users are registered statically using the HELPDESK user type.The middleware will only allow impersonation requests from helpdeskusers.
License headers for various files
refs #581
Style fixes
Bypass authentication using a settings param
Copy unmerged change from the invitations branch
Refs: #483
Add expires field for auth token
Accept invitation URLs and grant access to the user
Style and pylint suggested fixes
Make the aai middleware deliver a test authorisation cookie
To simplify development and testing the aai middleware was converted toreturn the test authorisation cookie. To retrieve it call
http://localhost:8000/?test
The cookie now protects the whole application
Move and fix test cases to the appropriate locations
Split aai middleware into two instances
One instance guards the API (and returns 401 if the user is unauthorized), one protects the other content and redirects to Sibboleth
Support for storing X-Auth-Tokens in cookies
fix ui authentication
send a fake auth_token on API requests
fix authentication
use hard-coded token.
Refs #425
Add support for users
Fixes #423
Fix tests, fix side auth cases
All tests now working
Various fixes to make AAI work for real
Refs: #345
Avoid redirect loops
Change shibboleth tokens to their real names
Use vkoukis's TEST variable instead of my custom TESTING
Shortcut in the aai module to make tests pass
Introduces a test-time runtime variable which allows REST-based (e.g.api) tests to pass through the authentication module
Rename auth to aai and put all aai related stuff in it
manage.py had trouble running tests from auth (confirmed with[verigak]), and is also a good idea to have all aai stuff inone reusable place ([vkoukis]'s idea)