From 85279f7dc9d66d0b41f2e7b6a3144e4c9a46d44cb80705362e7fdbf3d0852ad5 Mon Sep 17 00:00:00 2001 From: David Mulder Date: Thu, 22 Feb 2024 17:27:24 +0000 Subject: [PATCH] Accepting request 1149608 from home:dmulder:branches:network:idm - Update to version 0.2.0+git.4.904b915: * Update to latest msal * Version 0.2.0 * Himmelblau now authenticates only to configured domains * Remove reference to python-msal dep in README * Use the external MSAL crate for auth * Rename msal in prep for external msal crate * msal: Remove python msal bindings * msal: Rust msal * Point Cargo.toml to new project home * config: Write domain join to server specific config * idprovider: Invalidate cached user if PRT req fails * idprovider: Pass the keystore to the auth function * Update daemon from kanidm * test: Add a pause to ensure tasks daemon sees himmelblau * Update kanidm submodule * config: Include domain sections in configured domains * msal: Add acquire_token_by_refresh_token * enrollment: Authentication fixes * tests: Create the hsm-pin directory * idprovider: Add domain join debug * cargo: Use relative paths and remove most symlinks * idprovider: Allow group search when device is authenticated * msal: Move the application reqs from misc to msal::application * msal: Move user reqs from misc to msal::user * Remove duplicates from allow_groups during enrollment * Remove device enrollment from TODO * Implement Device enrollment * enrollment: Add the nonce service request * enrollment: Add enrollment service discovery * Implement ConfidentialClientApplication for enrollment * daemon: Fix inverted logic on cache dir check * nss: Use upstream nss package * idprovider: Provider auth needs to point to just the host * config: Consistently use the config file provided to the daemon * cargo: Use relative paths and remove most symlinks * clippy: Add kanidm's clippy config * config: Only check for tenant_id, authority, graph if necessary * Update README.md * Update version to 0.1.2 * config: Fix typos in the config file * Make most params to acquire_token_interactive optional * Config can take defaults * cli: Add missing cli opt file * cli: Improve aad-tool options and interface * Update README.md * tests: Fix tasks daemon name typo * Remove MFA from TODO OBS-URL: https://build.opensuse.org/request/show/1149608 OBS-URL: https://build.opensuse.org/package/show/network:idm/himmelblau?expand=0&rev=8 --- _service | 2 +- _servicedata | 2 +- himmelblau-0.1.1+git.10.4aa76b7.tar.bz2 | 3 -- himmelblau-0.2.0+git.4.904b915.tar.bz2 | 3 ++ himmelblau.changes | 52 +++++++++++++++++++++++++ himmelblau.spec | 8 ++-- vendor.tar.zst | 4 +- 7 files changed, 63 insertions(+), 11 deletions(-) delete mode 100644 himmelblau-0.1.1+git.10.4aa76b7.tar.bz2 create mode 100644 himmelblau-0.2.0+git.4.904b915.tar.bz2 diff --git a/_service b/_service index d30df0e..26afb8d 100644 --- a/_service +++ b/_service @@ -2,7 +2,7 @@ https://github.com/himmelblau-idm/himmelblau.git git - stable-0.1.x + stable-0.2.x @PARENT_TAG@+git.@TAG_OFFSET@.%h himmelblau-(.*) \1 diff --git a/_servicedata b/_servicedata index 72bc00e..f1619a5 100644 --- a/_servicedata +++ b/_servicedata @@ -3,4 +3,4 @@ https://github.com/openSUSE/himmelblau.git 6d2f6450ff3c0c945a884d4b35307e03a035a581 https://github.com/himmelblau-idm/himmelblau.git - 4aa76b722c6c09b78bd1c43f8704ee17fd64f5c6 \ No newline at end of file + 904b915dc91b7e291212ee3405d3a36256011f4a \ No newline at end of file diff --git a/himmelblau-0.1.1+git.10.4aa76b7.tar.bz2 b/himmelblau-0.1.1+git.10.4aa76b7.tar.bz2 deleted file mode 100644 index d39a596..0000000 --- a/himmelblau-0.1.1+git.10.4aa76b7.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:dd4d4ecbe681d284ceef79bc48bbb3b592d37a2711388db853ce4133e4aedca4 -size 8635054 diff --git a/himmelblau-0.2.0+git.4.904b915.tar.bz2 b/himmelblau-0.2.0+git.4.904b915.tar.bz2 new file mode 100644 index 0000000..1e79f3d --- /dev/null +++ b/himmelblau-0.2.0+git.4.904b915.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:034737ae6d89526608897906fbc113ca17f0323d526a038f1832ed14c3e84a54 +size 11149176 diff --git a/himmelblau.changes b/himmelblau.changes index c2e0e0e..68994d7 100644 --- a/himmelblau.changes +++ b/himmelblau.changes @@ -1,3 +1,55 @@ +------------------------------------------------------------------- +Tue Feb 20 21:07:56 UTC 2024 - dmulder@suse.com + +- Update to version 0.2.0+git.4.904b915: + * Update to latest msal + * Version 0.2.0 + * Himmelblau now authenticates only to configured domains + * Remove reference to python-msal dep in README + * Use the external MSAL crate for auth + * Rename msal in prep for external msal crate + * msal: Remove python msal bindings + * msal: Rust msal + * Point Cargo.toml to new project home + * config: Write domain join to server specific config + * idprovider: Invalidate cached user if PRT req fails + * idprovider: Pass the keystore to the auth function + * Update daemon from kanidm + * test: Add a pause to ensure tasks daemon sees himmelblau + * Update kanidm submodule + * config: Include domain sections in configured domains + * msal: Add acquire_token_by_refresh_token + * enrollment: Authentication fixes + * tests: Create the hsm-pin directory + * idprovider: Add domain join debug + * cargo: Use relative paths and remove most symlinks + * idprovider: Allow group search when device is authenticated + * msal: Move the application reqs from misc to msal::application + * msal: Move user reqs from misc to msal::user + * Remove duplicates from allow_groups during enrollment + * Remove device enrollment from TODO + * Implement Device enrollment + * enrollment: Add the nonce service request + * enrollment: Add enrollment service discovery + * Implement ConfidentialClientApplication for enrollment + * daemon: Fix inverted logic on cache dir check + * nss: Use upstream nss package + * idprovider: Provider auth needs to point to just the host + * config: Consistently use the config file provided to the daemon + * cargo: Use relative paths and remove most symlinks + * clippy: Add kanidm's clippy config + * config: Only check for tenant_id, authority, graph if necessary + * Update README.md + * Update version to 0.1.2 + * config: Fix typos in the config file + * Make most params to acquire_token_interactive optional + * Config can take defaults + * cli: Add missing cli opt file + * cli: Improve aad-tool options and interface + * Update README.md + * tests: Fix tasks daemon name typo + * Remove MFA from TODO + ------------------------------------------------------------------- Fri Dec 22 18:07:18 UTC 2023 - dmulder@suse.com diff --git a/himmelblau.spec b/himmelblau.spec index 3b8ca47..fbd9ee2 100644 --- a/himmelblau.spec +++ b/himmelblau.spec @@ -1,7 +1,7 @@ # # spec file for package himmelblau # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: himmelblau -Version: 0.1.1+git.10.4aa76b7 +Version: 0.2.0+git.4.904b915 Release: 0 Summary: Interoperability suite for Microsoft Azure AD and Intune License: MPL-2.0 @@ -26,12 +26,12 @@ Source: %{name}-%{version}.tar.bz2 Source1: vendor.tar.zst Source2: cargo_config BuildRequires: cargo-packaging +BuildRequires: clang-devel BuildRequires: libopenssl-devel BuildRequires: pam-devel -BuildRequires: python3-devel >= 3.7 BuildRequires: sqlite3-devel +BuildRequires: tpm2-0-tss-devel ExclusiveArch: %{rust_tier1_arches} -Requires: python3-msal Recommends: nss-himmelblau Recommends: pam-himmelblau diff --git a/vendor.tar.zst b/vendor.tar.zst index 8fcfa37..555a708 100644 --- a/vendor.tar.zst +++ b/vendor.tar.zst @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:a47d0ca1d16a20b34ee13b9ccc8cf1f138d45d0bb58fb4e073e3718c19636d90 -size 28889203 +oid sha256:01c7323df6ecda2406b7acad58d97635d7d7544ebb6022d1e21fd7705fdcff11 +size 34456567