lp://staging/~roadmr/canonical-identity-provider/dont-clobber-saml-attribute-email
- Get this branch:
- bzr branch lp://staging/~roadmr/canonical-identity-provider/dont-clobber-saml-attribute-email
Branch merges
- Jonathan Hartley (community): Approve
-
Diff: 81 lines (+31/-6)2 files modifiedsrc/ubuntu_sso_saml/processors.py (+11/-6)
src/ubuntu_sso_saml/tests/test_processors.py (+20/-0)
Branch information
Recent revisions
- 1732. By Daniel Manrique
-
ensure persistent id-honoring peers don't mess with {{email}} attrib substitution
- 1731. By Daniel Manrique
-
sha256 openid identifiers so we don't send them verbatim in the SAML assertion (the hash should be as unique and persistent as the identifier itself).
Merged from https:/
/code.launchpad .net/~roadmr/ canonical- identity- provider/ saml-hash- persistent- identifier/ +merge/ 381278 - 1730. By Daniel Manrique
-
Fix unclosed <a> tag that broke Verify email links
Merged from https:/
/code.launchpad .net/~roadmr/ canonical- identity- provider/ verify- yes/+merge/ 380850 - 1729. By Daniel Manrique
-
Send actual persistent identifier in SAML responses if requested by peer.
This modifies the behavior of the "honor persistent nameid request" flag to actually return a persistent identifier (the openid identifier), and moves the existing "honor persistent but fake it and send the email masquerading as a persistent id" to a new "send email as persistent identifier" flag.
The only peer using this functionality can then have both flags switched on, and new peers requiring an actual persistent identifier can have only the first flag switched on, moving the "quirky" behavior to the second flag.
Merged from https:/
/code.launchpad .net/~roadmr/ canonical- identity- provider/ saml-real- persistence/ +merge/ 380790 - 1728. By Karl Williams
-
Update the remaining templates to use Vanilla styling.
Most noticeably, the permissions page.
Merged from https:/
/code.launchpad .net/~deadlight /canonical- identity- provider/ update- templates/ +merge/ 380494 - 1727. By Daniel Manrique
-
Add "dont_override_
preferred" setting for SAMLConfigs. If unset, always send a long-form first.last.
canonical. com if the SP is
configured as "prefer Canonical email" and such an e-mail is present.If set, for SPs configured as "Prefer Canonical email", if the preferred
address is already @canonical.com or @ubuntu.com, do not override it and send
the preferred one as-is.SPs not configured as "prefer Canonical email" are unchanged.
https:/
/bugs.launchpad .net/canonical- identity- provider/ +bug/1865070 Merged from https:/
/code.launchpad .net/~roadmr/ canonical- identity- provider/ dont-override- preferred- email/+ merge/380056 - 1726. By Maximiliano Bertacchini
-
Drop unused terms views.
Merged from https:/
/code.launchpad .net/~maxiberta /canonical- identity- provider/ drop-unused- terms/+ merge/379472 - 1725. By Maximiliano Bertacchini
-
Left align recent login date.
Additionally, split column width at 75% / 25% so that dates are not too close to sites. Looks good in mobile, too.
Merged from https:/
/code.launchpad .net/~maxiberta /canonical- identity- provider/ recent- sites-left- align-date/ +merge/ 379485
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://staging/canonical-identity-provider/release