lp://staging/~deadlight/canonical-identity-provider/core-vanilla-templates
- Get this branch:
- bzr branch lp://staging/~deadlight/canonical-identity-provider/core-vanilla-templates
Branch merges
- Anthony Dillon (community): Approve
-
Diff: 396 lines (+298/-51)6 files modifiedsrc/identityprovider/static_src/scss/styles.scss (+8/-0)
src/webui/templates/static/ubuntuone-account.html (+33/-51)
src/webui/templates/vanilla/_footer.html (+28/-0)
src/webui/templates/vanilla/_header.html (+32/-0)
src/webui/templates/vanilla/base.html (+179/-0)
src/webui/templates/vanilla/widgets/header-me-menu.html (+18/-0)
Branch information
Recent revisions
- 1689. By Karl Williams
-
Remove old classes. Use vanilla notification patter for notifications and messages.
- 1683. By Karl Williams
-
Update gulpfile, add vanilla framework as a dependency and add some initial vanilla config and sass
- 1682. By Daniel Manrique
-
Add GDPR report admin action for accounts.
The intent is to have a read-only, copy-pasteable view for GDPR requests.
Currently the information to be reported is scattered between the Account
change form and the auth logs changelist. The Account form contains most of the
relevant data but since it's a form, it can't be cleanly copy-pasted.If more GDPR-relevant information is required, this view can easily be expanded
to present that as well.Merged from https:/
/code.launchpad .net/~roadmr/ canonical- identity- provider/ gdpr-report/ +merge/ 365134 - 1681. By Daniel Manrique
-
Do not store/use an OATH TOTP client's calculated "absolute drift".
Per LP bug #1817075, the "stored absolute drift" functionality of python-oath
is broken and allows a client to reuse a token that is just expired (due to
allowing relative drift of +/-30 seconds), and keep reusing it just past the
end of the previously-calculated absolute drift to keep it "alive"
indefinitely.A side-effect of this is that we will require OATH TOTP devices to have
*accurate* clocks, which is deemed acceptable since the vast majority of clients
are either phones or computers. "Accurate" is quite lenient though, because
a device can be +/- 45 seconds off and still generate valid codes.Merged from https:/
/code.launchpad .net/~roadmr/ canonical- identity- provider/ non-drifting- totp/+merge/ 363558 - 1680. By Daniel Manrique
-
Add two new substitutions to be used in SAML attribute values.
"displayname" is normally the users' Full Name in SSO.
"email" is the e-mail address.These enable reporting richer SAML attributes to SPs who can then create nicer-looking
local identities.Additionally, the existence of the e-mail attribute/
substitution might allow
for full compliance with the SAML 8.3 "persistent" policy, though this would
require additional implementation work.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://staging/canonical-identity-provider/release