• last updated 31 mins ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Don't pollute the cache for other tests

Fixes acs-tcl.parameter__check_procs test when run after this one

Prefer the test authority: downstream local authorities may depend on other systems to perform additional checks, which may fail on a test user

In case the user used an external_registry for login, we have to allow the redirect to a complete url

External identity provider reform (part 2)

Use the external identity provider for refresh of logins. When a user

is logged in via an external identity provider, use the same identity

provider for a refresh when it expires. The expiration time is

controlled via the classical OpenACS parameters.

Note that in general, the same user might be authenticated via a

classical OpenACS authority (e.g. local authority) and/or via an

external one (e.g. Microsoft Identity Platform (Azure) or GitHub).

For single-sign-ons, when the token is still valid, the redirect to

the external identity provider does not mean necessarily that the use

is shown the external identity provider's login page.

  1. … 3 more files in changeset.
improve spelling

  1. … 2 more files in changeset.
Handle acs-mail-lite conf regarding the recipient in the test

Make sure test email is fine even when usernames are emails

Use lowercase letter to append to the fake username, so that if it should be an email, it will still be valid

Fix typo in test

Complete coverage for the ACS Service Contract 'auth_user_info'

Complete coverage of ACS Service Contract 'auth_sync_retrieve' implementations

Test IMS_Enterprise_v_1p1 implementation of the auth_sync_process Service Contract

Rework parameter check:

the way the if was construed would allow e.g.:

1. a value for EmailRegistrationConfirmationToUserP = 'nottrue' to pass the first if, but fail the second.

2. a value EmailRegistrationConfirmationToUserP = 'false' to be "true" in the first if, but not in the second

In fact, if EmailRegistrationConfirmationToUserP should be a boolean, there is no need to further check the other parameters and variables in the second if. This change is not 100% equivalent to the previous code, but makes it clear that EmailRegistrationConfirmationToUserP should be interpreted as a boolean and fixes these inconsistencies.

Make clear that parameters come from the same subsite

Test implementations of ACS Service Contract 'auth_registration'

This exposes a bug in auth::local::registration::Register where the acs-subsite parameter NotifyAdminOfNewRegistrationsP is fetched from the ad_conn package_id, rather than the subsite_id

Fix signature of service contract implementation, that is defined with 3 and not 4 arguments, complete coverage of the auth_password contract local implementation

Complete coverage of the auth_authentication contract 'local' implementation

file local-procs.tcl was initially added on branch oacs-5-10.

Deprecate template::util::is_true, implemented as a simple string command oneliner since 2015 and inline occurrences

  1. … 31 more files in changeset.
Specify the empty value correctly in the authentication form fields

fixes for Oracle 19c

  1. … 4 more files in changeset.
fix indentation

Remove backward compatibility check in busy code for versions before 5.1.3 (2004)

The checks for backwards compatibility have on busy sites the highest

hit rates of all entries in the util-memoize cache. Since we require the latest

OpenACS 5.9.* for upgrade to 5.10, this can be removed (17 years later).

https://openacs.org/bugtracker/openacs/bug?format=table&f%5fstate=8&bug%5fnumber=2200

Use the test machinery to simulate a cookie authentication

Inline sec_login_read_cookie, as it is a private api and would upset the bad calls test

Test auth::verify_account_status and complete coverage of acs-authentication

Test auth::update_local_account

Add auth::sync::job::get_authority_id to an existing test

Test auth::self_registration

Test auth::refresh_login