Commit graph

5 commits

Author SHA1 Message Date
Joseph Schorr
3813d0d23d Add tests for all notification event calls 2017-03-10 11:26:12 -05:00
Joseph Schorr
198bdf88bc Move OAuth login into its own endpoints module 2017-02-16 16:27:54 -05:00
Joseph Schorr
d47696b69c Add support for sub binding field 2017-02-16 16:27:53 -05:00
Joseph Schorr
7b386e9d63 Move endpoint test fixtures to a non-conftest file 2017-02-16 16:27:53 -05:00
Joseph Schorr
2c35383724 Allow OAuth and OIDC login engines to bind to fields in internal auth
This feature is subtle but very important: Currently, when a user logs in via an "external" auth system (such as Github), they are either logged into an existing bound account or a new account is created for them in the database. While this normally works jut fine, it hits a roadblock when the *internal* auth system configured is not the database, but instead something like LDAP. In that case, *most* Enterprise customers will prefer that logging in via external auth (like OIDC) will also *automatically* bind the newly created account to the backing *internal* auth account. For example, login via PingFederate OIDC (backed by LDAP) should also bind the new QE account to the associated LDAP account, via either username or email. This change allows for this binding field to be specified, and thereafter will perform the proper lookups and bindings.
2017-02-16 16:27:53 -05:00