Add specific error code when missing a required SAML attr (#1919)

The MISSINGREQATTR message is a good default value, but a site
administrator may decide to override it with a personnalized version
that only applies to issuer errors caused by an incomplete user profile
(for example, giving a pointer to the local user profile management
application)

lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/SAML.pm

@@ -11,6 +11,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
   PE_SAML_SIGNATURE_ERROR
   PE_SAML_SLO_ERROR
   PE_SAML_SSO_ERROR
+  PE_ISSUERMISSINGREQATTR
   PE_SAML_UNKNOWN_ENTITY
   PE_SAML_SERVICE_NOT_ALLOWED
   PE_UNAUTHORIZEDPARTNER
@@ -612,7 +613,7 @@ sub run {
                         $self->logger->error(
 "Session key $_ is required to set SAML $name attribute"
                         );
-                        return PE_SAML_SSO_ERROR;
+                        return PE_ISSUERMISSINGREQATTR;
                     }
                     else {
                         $self->logger->debug(

lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Constants.pm

@@ -99,6 +99,7 @@ use constant {
     PE_OID_SERVICE_NOT_ALLOWED           => 91,
     PE_GET_SERVICE_NOT_ALLOWED           => 92,
     PE_IMPERSONATION_SERVICE_NOT_ALLOWED => 93,
+    PE_ISSUERMISSINGREQATTR              => 94,
 };
 
 # EXPORTER PARAMETERS
@@ -127,6 +128,7 @@ our @EXPORT_OK = qw( PE_SENDRESPONSE PE_INFO PE_REDIRECT PE_DONE PE_OK
   PE_UNAUTHORIZEDPARTNER PE_RENEWSESSION PE_IDPCHOICE PE_WAIT PE_MUSTAUTHN
   PE_MUSTHAVEMAIL PE_SAML_SERVICE_NOT_ALLOWED PE_OIDC_SERVICE_NOT_ALLOWED
   PE_OID_SERVICE_NOT_ALLOWED PE_GET_SERVICE_NOT_ALLOWED PE_IMPERSONATION_SERVICE_NOT_ALLOWED
+  PE_ISSUERMISSINGREQATTR
 );
 our %EXPORT_TAGS = ( 'all' => [ @EXPORT_OK, 'import' ], );
 

lemonldap-ng-portal/site/htdocs/static/languages/ar.json

@@ -83,6 +83,7 @@
 "PE91":"Access not granted on OID service",
 "PE92":"Access not granted on GET service",
 "PE93":"Access not granted on IMPERSONATION service",
+"PE94":"السمة المطلوبة غير متوفرة",
 "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.",
 "accept":"قبول",
 "accessDenied":"ليس لديك إذن بالدخول لهذا التطبيق",

lemonldap-ng-portal/site/htdocs/static/languages/de.json

@@ -83,6 +83,7 @@
 "PE91":"Zugang zum OID-Service nicht genehmigt",
 "PE92":"Zugang zum GET-Service nicht genehmigt",
 "PE93":"Access not granted on IMPERSONATION service",
+"PE94":"Ein gefordertes Attribut ist nicht verfügbar",
 "2fRegRequired":"Dieser Dienst benötigt Zwei-Faktor-Authentifizierung. Bitte legen Sie ein Gerät an und gehen dann zum Portal zurück.",
 "accept":"Akzeptieren",
 "accessDenied":"Sie haben keine Zugriffsberechtigung für diese Anwendung",

lemonldap-ng-portal/site/htdocs/static/languages/en.json

@@ -83,6 +83,7 @@
 "PE91":"Access not granted on OID service",
 "PE92":"Access not granted on GET service",
 "PE93":"Access not granted on IMPERSONATION service",
+"PE94":"A required attribute is not available",
 "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.",
 "accept":"Accept",
 "accessDenied":"You have no access authorization for this application",

lemonldap-ng-portal/site/htdocs/static/languages/es.json

@@ -83,6 +83,7 @@
 "PE91":"Acceso no autorizado al servicio OID",
 "PE92":"Acceso no autorizado al servicio GET",
 "PE93":"Access not granted on IMPERSONATION service",
+"PE94":"Un atributo exigido no está disponible",
 "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.",
 "accept":"Accept",
 "accessDenied":"You have no access authorization for this application",

lemonldap-ng-portal/site/htdocs/static/languages/fi.json

@@ -83,6 +83,7 @@
 "PE91":"Access not granted on OID service",
 "PE92":"Access not granted on GET service",
 "PE93":"Access not granted on IMPERSONATION service",
+"PE94":"A required attribute is not available",
 "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.",
 "accept":"Hyväksy",
 "accessDenied":"Sinulla ei ole käyttöoikeutta tähän sovellukseen",

lemonldap-ng-portal/site/htdocs/static/languages/fr.json

@@ -83,6 +83,7 @@
 "PE91":"Accès non autorisé au service OID",
 "PE92":"Accès non autorisé au service GET",
 "PE93":"Accès non autorisé au service d'Usurpation d'Identité",
+"PE94":"Un attribut exigé n'est pas disponible",
 "2fRegRequired":"Ce service requiert une authentification à deux facteurs. Enregistrez un équipement ici et retournez au portail.",
 "accept":"Accepter",
 "accessDenied":"Vous n'avez pas les droits d'accès à cette application",

lemonldap-ng-portal/site/htdocs/static/languages/it.json

@@ -83,6 +83,7 @@
 "PE91":"Accesso non concesso sul servizio OID",
 "PE92":"Accesso non concesso sul servizio GET",
 "PE93":"Accesso non concesso sul servizio IMPERSONATION",
+"PE94":"Attributo richiesto non disponibile",
 "2fRegRequired":"Questo servizio richiede un'autenticazione a doppio fattore. Registrare un dispositivo ora, quindi tornare al portale.",
 "accept":"Accetta",
 "accessDenied":"Non hai un'autorizzazione di accesso per questa applicazione",

lemonldap-ng-portal/site/htdocs/static/languages/nl.json

@@ -83,6 +83,7 @@
 "PE91":"Onbevoegde toegang tot de OID-service",
 "PE92":"Onbevoegde toegang tot de GET-service",
 "PE93":"Access not granted on IMPERSONATION service",
+"PE94":"Een vereist attribuut is niet beschikbaar",
 "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.",
 "accept":"Accept",
 "accessDenied":"You have no access authorization for this application",

lemonldap-ng-portal/site/htdocs/static/languages/pt.json

@@ -83,6 +83,7 @@
 "PE91":"Acesso não autorizado ao serviço OID",
 "PE92":"Acesso não autorizado ao serviço GET",
 "PE93":"Access not granted on IMPERSONATION service",
+"PE94":"Um atributo exigido não está disponível",
 "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.",
 "accept":"Accept",
 "accessDenied":"You have no access authorization for this application",

lemonldap-ng-portal/site/htdocs/static/languages/ro.json

@@ -83,6 +83,7 @@
 "PE91":"Access not granted on OID service",
 "PE92":"Access not granted on GET service",
 "PE93":"Access not granted on IMPERSONATION service",
+"PE94":"Un atribut solicitate nu sunt disponibile",
 "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.",
 "accept":"Accept",
 "accessDenied":"You have no access authorization for this application",

lemonldap-ng-portal/site/htdocs/static/languages/vi.json

@@ -83,6 +83,7 @@
 "PE91":"Truy cập không được cấp trên dịch vụ OID",
 "PE92":"Truy cập không được cấp trên dịch vụ GET",
 "PE93":"Access not granted on IMPERSONATION service",
+"PE94":"Một thuộc tính bắt buộc không có sẵn",
 "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.",
 "accept":"Chấp nhận",
 "accessDenied":"Bạn không có quyền truy cập vào ứng dụng này",

lemonldap-ng-portal/site/htdocs/static/languages/zh.json

@@ -83,6 +83,7 @@
 "PE91":"Access not granted on OID service",
 "PE92":"Access not granted on GET service",
 "PE93":"Access not granted on IMPERSONATION service",
+"PE94":"所需 attribute 不可用",
 "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.",
 "accept":"Accept 方法",
 "accessDenied":"您无权访问此应用",