lp://staging/canonical-identity-provider/release

Branch merges

Propose for merging

5 branches proposed for merging into this one.

No branches dependent on this one.

Related source package recipes

3 recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

1734. By Daniel Manrique on 2020-04-14

Tweaks to list of printable codes for more clarity.

   * Instructions on using them in order and crossing them out once consumed.
   * Show actual codes in a table format with an ordering indicator
   * Fix printable layout with smaller font and padding so it all fits in one sheet and doesn't truncate.

Merged from https://code.launchpad.net/~roadmr/canonical-identity-provider/2fa-use-backup-codes-in-sequence/+merge/382088

1733. By Daniel Manrique on 2020-04-10

Explain the implications of deleting the SSO account with regards to the username.

Merged from https://code.launchpad.net/~roadmr/canonical-identity-provider/launchpad-username-warning/+merge/375921

1732. By Daniel Manrique on 2020-04-08

ensure persistent id-honoring SAML peers don't mess with {{email}} attrib substitution

Merged from https://code.launchpad.net/~roadmr/canonical-identity-provider/dont-clobber-saml-attribute-email/+merge/381788

1731. By Daniel Manrique on 2020-03-27

sha256 openid identifiers so we don't send them verbatim in the SAML assertion (the hash should be as unique and persistent as the identifier itself).

Merged from https://code.launchpad.net/~roadmr/canonical-identity-provider/saml-hash-persistent-identifier/+merge/381278

1730. By Daniel Manrique on 2020-03-18

Fix unclosed <a> tag that broke Verify email links

Merged from https://code.launchpad.net/~roadmr/canonical-identity-provider/verify-yes/+merge/380850

1729. By Daniel Manrique on 2020-03-18

Send actual persistent identifier in SAML responses if requested by peer.

This modifies the behavior of the "honor persistent nameid request" flag to actually return a persistent identifier (the openid identifier), and moves the existing "honor persistent but fake it and send the email masquerading as a persistent id" to a new "send email as persistent identifier" flag.

The only peer using this functionality can then have both flags switched on, and new peers requiring an actual persistent identifier can have only the first flag switched on, moving the "quirky" behavior to the second flag.

Merged from https://code.launchpad.net/~roadmr/canonical-identity-provider/saml-real-persistence/+merge/380790

1728. By Karl Williams on 2020-03-12

Update the remaining templates to use Vanilla styling.

Most noticeably, the permissions page.

Merged from https://code.launchpad.net/~deadlight/canonical-identity-provider/update-templates/+merge/380494

1727. By Daniel Manrique on 2020-03-03

Add "dont_override_preferred" setting for SAMLConfigs.

If unset, always send a long-form first.last.canonical.com if the SP is
configured as "prefer Canonical email" and such an e-mail is present.

If set, for SPs configured as "Prefer Canonical email", if the preferred
address is already @canonical.com or @ubuntu.com, do not override it and send
the preferred one as-is.

SPs not configured as "prefer Canonical email" are unchanged.

https://bugs.launchpad.net/canonical-identity-provider/+bug/1865070

Merged from https://code.launchpad.net/~roadmr/canonical-identity-provider/dont-override-preferred-email/+merge/380056

1726. By Maximiliano Bertacchini on 2020-03-03

Drop unused terms views.

Merged from https://code.launchpad.net/~maxiberta/canonical-identity-provider/drop-unused-terms/+merge/379472

1725. By Maximiliano Bertacchini on 2020-02-19

Left align recent login date.

Additionally, split column width at 75% / 25% so that dates are not too close to sites. Looks good in mobile, too.

Merged from https://code.launchpad.net/~maxiberta/canonical-identity-provider/recent-sites-left-align-date/+merge/379485