Typo
This commit is contained in:
parent
2095fdf316
commit
84778604fd
|
@ -1153,7 +1153,7 @@ lemonldap-ng (1.2.3) stable; urgency=low
|
||||||
urn:/Lemonldap::NG::Common::CGI::SOAPService
|
urn:/Lemonldap::NG::Common::CGI::SOAPService
|
||||||
* [LEMONLDAP-546] - Form replay: POST request is not sent
|
* [LEMONLDAP-546] - Form replay: POST request is not sent
|
||||||
* [LEMONLDAP-541] - Handler SOAP errors : setAttributes is not an
|
* [LEMONLDAP-541] - Handler SOAP errors : setAttributes is not an
|
||||||
authorizated function
|
authorized function
|
||||||
* [LEMONLDAP-547] - Update Browseable documentation in case of SAML in use
|
* [LEMONLDAP-547] - Update Browseable documentation in case of SAML in use
|
||||||
* [LEMONLDAP-565] - Update META.yml files
|
* [LEMONLDAP-565] - Update META.yml files
|
||||||
* [LEMONLDAP-581] - Clean Perl dependencies
|
* [LEMONLDAP-581] - Clean Perl dependencies
|
||||||
|
|
|
@ -98,7 +98,7 @@ Then, go in <code>OpenID parameters</code>:
|
||||||
</li>
|
</li>
|
||||||
<li class="level1"><div class="li"> <strong>Secret token</strong>: used to check integrity of OpenID response.</div>
|
<li class="level1"><div class="li"> <strong>Secret token</strong>: used to check integrity of OpenID response.</div>
|
||||||
</li>
|
</li>
|
||||||
<li class="level1"><div class="li"> <strong>Authorizated domain</strong>:</div>
|
<li class="level1"><div class="li"> <strong>Authorized domain</strong>:</div>
|
||||||
<ul>
|
<ul>
|
||||||
<li class="level2"><div class="li"> <strong>List type</strong>: choose white list to define allowed domains or black list to define forbidden domains</div>
|
<li class="level2"><div class="li"> <strong>List type</strong>: choose white list to define allowed domains or black list to define forbidden domains</div>
|
||||||
</li>
|
</li>
|
||||||
|
|
|
@ -97,7 +97,7 @@ Sessions for connected users <em>(used by <a href="authproxy.html" class="wikili
|
||||||
Authorizations for connected users (always enabled):
|
Authorizations for connected users (always enabled):
|
||||||
</p>
|
</p>
|
||||||
<ul>
|
<ul>
|
||||||
<li class="level1"><div class="li"> GET /mysession/?authorizationfor=<base64-encoded-url>: ask if url is authorizated</div>
|
<li class="level1"><div class="li"> GET /mysession/?authorizationfor=<base64-encoded-url>: ask if url is authorized</div>
|
||||||
</li>
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
|
|
||||||
|
|
|
@ -98,7 +98,7 @@ To configure sessions, go in Manager, <code>General Parameters</code> » <code>S
|
||||||
<h1 class="sectionedit2" id="command-line_tools">Command-line tools</h1>
|
<h1 class="sectionedit2" id="command-line_tools">Command-line tools</h1>
|
||||||
<div class="level1">
|
<div class="level1">
|
||||||
<ul>
|
<ul>
|
||||||
<li class="level1"><div class="li"> LLNG Portal provides a simple tool to delete a session: <code>llngDeleteSession</code>. To use it, simply give it the user identifier <em>(wildcard are authorizated)</em>:</div>
|
<li class="level1"><div class="li"> LLNG Portal provides a simple tool to delete a session: <code>llngDeleteSession</code>. To use it, simply give it the user identifier <em>(wildcard are authorized)</em>:</div>
|
||||||
</li>
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
<pre class="code shell"># Delete all sessions opened by user "dwho"
|
<pre class="code shell"># Delete all sessions opened by user "dwho"
|
||||||
|
|
|
@ -68,7 +68,7 @@ SOAP functions are not accessible by network by default. SOAP functions are prot
|
||||||
</li>
|
</li>
|
||||||
<li class="level2"><div class="li"> <strong>isAuthorizedURI(cookieValue,url)</strong>: check if user is granted to access to the function</div>
|
<li class="level2"><div class="li"> <strong>isAuthorizedURI(cookieValue,url)</strong>: check if user is granted to access to the function</div>
|
||||||
</li>
|
</li>
|
||||||
<li class="level2"><div class="li"> <strong>getMenuApplications(cookieValue)</strong>: return a list of authorizated applications (based on menu calculation)</div>
|
<li class="level2"><div class="li"> <strong>getMenuApplications(cookieValue)</strong>: return a list of authorized applications (based on menu calculation)</div>
|
||||||
</li>
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
</li>
|
</li>
|
||||||
|
|
|
@ -11,8 +11,8 @@ our $VERSION = '2.0.6';
|
||||||
|
|
||||||
## @cmethod Lemonldap::NG::Common::PSGI::SOAPService new(object obj,string @func)
|
## @cmethod Lemonldap::NG::Common::PSGI::SOAPService new(object obj,string @func)
|
||||||
# Constructor
|
# Constructor
|
||||||
# @param $obj object which will be called for SOAP authorizated methods
|
# @param $obj object which will be called for SOAP authorized methods
|
||||||
# @param @func authorizated methods
|
# @param @func authorized methods
|
||||||
# @return Lemonldap::NG::Common::PSGI::SOAPService object
|
# @return Lemonldap::NG::Common::PSGI::SOAPService object
|
||||||
sub new {
|
sub new {
|
||||||
my ( $class, $obj, $req, @func ) = @_;
|
my ( $class, $obj, $req, @func ) = @_;
|
||||||
|
@ -24,7 +24,7 @@ sub new {
|
||||||
# Call the wanted function with the object given to the constructor.
|
# Call the wanted function with the object given to the constructor.
|
||||||
# AUTOLOAD() is a magic method called by Perl interpreter fon non existent
|
# AUTOLOAD() is a magic method called by Perl interpreter fon non existent
|
||||||
# functions. Here, we use it to call the wanted function (given by $AUTOLOAD)
|
# functions. Here, we use it to call the wanted function (given by $AUTOLOAD)
|
||||||
# if it is authorizated
|
# if it is authorized
|
||||||
# @return data provided by the exported function
|
# @return data provided by the exported function
|
||||||
sub AUTOLOAD {
|
sub AUTOLOAD {
|
||||||
my $self = shift;
|
my $self = shift;
|
||||||
|
|
|
@ -29,7 +29,7 @@ count(4);
|
||||||
# Authentified queries
|
# Authentified queries
|
||||||
# --------------------
|
# --------------------
|
||||||
|
|
||||||
# Authorizated query
|
# Authorized query
|
||||||
ok( $res = $client->_get( '/', undef, undef, "lemonldap=$sessionId" ),
|
ok( $res = $client->_get( '/', undef, undef, "lemonldap=$sessionId" ),
|
||||||
'Authentified query' );
|
'Authentified query' );
|
||||||
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res->[0], 200 );
|
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res->[0], 200 );
|
||||||
|
|
|
@ -19,7 +19,7 @@ ok(
|
||||||
'test3.example.com', "lemonldap=$sessionId",
|
'test3.example.com', "lemonldap=$sessionId",
|
||||||
VHOSTTYPE => 'DevOps'
|
VHOSTTYPE => 'DevOps'
|
||||||
),
|
),
|
||||||
'Authorizated query'
|
'Authorized query'
|
||||||
);
|
);
|
||||||
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res->[0], 200 );
|
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res->[0], 200 );
|
||||||
count(2);
|
count(2);
|
||||||
|
@ -30,7 +30,7 @@ ok(
|
||||||
'test3.example.com', "lemonldap=$sessionId",
|
'test3.example.com', "lemonldap=$sessionId",
|
||||||
VHOSTTYPE => 'DevOps'
|
VHOSTTYPE => 'DevOps'
|
||||||
),
|
),
|
||||||
'Authorizated query'
|
'Authorized query'
|
||||||
);
|
);
|
||||||
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res->[0], 200 );
|
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res->[0], 200 );
|
||||||
count(2);
|
count(2);
|
||||||
|
|
|
@ -32,7 +32,7 @@ count(4);
|
||||||
# Authentified queries
|
# Authentified queries
|
||||||
# --------------------
|
# --------------------
|
||||||
|
|
||||||
# Authorizated query
|
# Authorized query
|
||||||
ok(
|
ok(
|
||||||
$res =
|
$res =
|
||||||
$client->_get( '/', undef, 'test.example.org', "lemonldap=$sessionId" ),
|
$client->_get( '/', undef, 'test.example.org', "lemonldap=$sessionId" ),
|
||||||
|
|
|
@ -36,7 +36,7 @@
|
||||||
# - Authorizations for connected users (always):
|
# - Authorizations for connected users (always):
|
||||||
# * GET /mysession/?whoami : get "my" uid
|
# * GET /mysession/?whoami : get "my" uid
|
||||||
# * GET /mysession/?authorizationfor=<base64-encoded-url>: ask if url is
|
# * GET /mysession/?authorizationfor=<base64-encoded-url>: ask if url is
|
||||||
# authorizated
|
# authorized
|
||||||
# * PUT /mysession/<type> : update some
|
# * PUT /mysession/<type> : update some
|
||||||
# persistent data
|
# persistent data
|
||||||
# (restricted)
|
# (restricted)
|
||||||
|
|
|
@ -117,7 +117,7 @@ m#iframe src="http://auth.idp.com(/saml/relaySingleLogoutPOST)\?(relay=.*?)"#s,
|
||||||
ok(
|
ok(
|
||||||
getHeader( $res, 'Content-Security-Policy' ) =~
|
getHeader( $res, 'Content-Security-Policy' ) =~
|
||||||
/child-src auth.idp.com/,
|
/child-src auth.idp.com/,
|
||||||
' Frame is authorizated'
|
' Frame is authorized'
|
||||||
)
|
)
|
||||||
or explain( $res->[1],
|
or explain( $res->[1],
|
||||||
'Content-Security-Policy => ...child-src auth.idp.com' );
|
'Content-Security-Policy => ...child-src auth.idp.com' );
|
||||||
|
@ -132,7 +132,7 @@ m#iframe src="http://auth.idp.com(/saml/relaySingleLogoutPOST)\?(relay=.*?)"#s,
|
||||||
'Get iframe'
|
'Get iframe'
|
||||||
);
|
);
|
||||||
ok( getHeader( $res, 'Content-Security-Policy' ) !~ /frame-ancestors/,
|
ok( getHeader( $res, 'Content-Security-Policy' ) !~ /frame-ancestors/,
|
||||||
' Framing authorizated' )
|
' Framing authorized' )
|
||||||
or explain( $res->[1], 'No frame-ancestors' );
|
or explain( $res->[1], 'No frame-ancestors' );
|
||||||
( $host, $url, $query ) =
|
( $host, $url, $query ) =
|
||||||
expectAutoPost( $res, 'auth.sp.com', '/saml/proxySingleLogout',
|
expectAutoPost( $res, 'auth.sp.com', '/saml/proxySingleLogout',
|
||||||
|
|
|
@ -126,7 +126,7 @@ m#iframe src="http://auth.sp.com(/saml/proxySingleLogout)\?(SAMLRequest=.*?)"#,
|
||||||
my $query = $2;
|
my $query = $2;
|
||||||
ok(
|
ok(
|
||||||
getHeader( $res, 'Content-Security-Policy' ) =~ /child-src auth.sp.com/,
|
getHeader( $res, 'Content-Security-Policy' ) =~ /child-src auth.sp.com/,
|
||||||
'Frame is authorizated'
|
'Frame is authorized'
|
||||||
)
|
)
|
||||||
or explain( $res->[1],
|
or explain( $res->[1],
|
||||||
'Content-Security-Policy => ...child-src auth.idp.com' );
|
'Content-Security-Policy => ...child-src auth.idp.com' );
|
||||||
|
|
|
@ -209,7 +209,7 @@ count(1);
|
||||||
my $url = $1;
|
my $url = $1;
|
||||||
$query = $2;
|
$query = $2;
|
||||||
ok( getHeader( $res, 'Content-Security-Policy' ) =~ /child-src auth.idp.com/,
|
ok( getHeader( $res, 'Content-Security-Policy' ) =~ /child-src auth.idp.com/,
|
||||||
'Frame is authorizated' )
|
'Frame is authorized' )
|
||||||
or
|
or
|
||||||
explain( $res->[1], 'Content-Security-Policy => ...child-src auth.idp.com' );
|
explain( $res->[1], 'Content-Security-Policy => ...child-src auth.idp.com' );
|
||||||
count(1);
|
count(1);
|
||||||
|
|
|
@ -209,7 +209,7 @@ count(1);
|
||||||
my $url = $1;
|
my $url = $1;
|
||||||
$query = $2;
|
$query = $2;
|
||||||
ok( getHeader( $res, 'Content-Security-Policy' ) =~ /child-src auth.idp.com/,
|
ok( getHeader( $res, 'Content-Security-Policy' ) =~ /child-src auth.idp.com/,
|
||||||
'Frame is authorizated' )
|
'Frame is authorized' )
|
||||||
or
|
or
|
||||||
explain( $res->[1], 'Content-Security-Policy => ...child-src auth.idp.com' );
|
explain( $res->[1], 'Content-Security-Policy => ...child-src auth.idp.com' );
|
||||||
count(1);
|
count(1);
|
||||||
|
|
|
@ -177,7 +177,7 @@ count(1);
|
||||||
my $url = $1;
|
my $url = $1;
|
||||||
$query = $2;
|
$query = $2;
|
||||||
ok( getHeader( $res, 'Content-Security-Policy' ) =~ /child-src auth.idp.com/,
|
ok( getHeader( $res, 'Content-Security-Policy' ) =~ /child-src auth.idp.com/,
|
||||||
'Frame is authorizated' )
|
'Frame is authorized' )
|
||||||
or
|
or
|
||||||
explain( $res->[1], 'Content-Security-Policy => ...child-src auth.idp.com' );
|
explain( $res->[1], 'Content-Security-Policy => ...child-src auth.idp.com' );
|
||||||
count(1);
|
count(1);
|
||||||
|
|
|
@ -169,7 +169,7 @@ count(1);
|
||||||
my $url = $1;
|
my $url = $1;
|
||||||
$query = $2;
|
$query = $2;
|
||||||
ok( getHeader( $res, 'Content-Security-Policy' ) =~ /child-src auth.idp.com/,
|
ok( getHeader( $res, 'Content-Security-Policy' ) =~ /child-src auth.idp.com/,
|
||||||
'Frame is authorizated' )
|
'Frame is authorized' )
|
||||||
or
|
or
|
||||||
explain( $res->[1], 'Content-Security-Policy => ...child-src auth.idp.com' );
|
explain( $res->[1], 'Content-Security-Policy => ...child-src auth.idp.com' );
|
||||||
count(1);
|
count(1);
|
||||||
|
|
|
@ -262,7 +262,7 @@ SKIP: {
|
||||||
ok(
|
ok(
|
||||||
getHeader( $res, 'Content-Security-Policy' ) =~
|
getHeader( $res, 'Content-Security-Policy' ) =~
|
||||||
/child-src auth.idp.com/,
|
/child-src auth.idp.com/,
|
||||||
'Frame is authorizated'
|
'Frame is authorized'
|
||||||
)
|
)
|
||||||
or explain( $res->[1],
|
or explain( $res->[1],
|
||||||
'Content-Security-Policy => ...child-src auth.idp.com' );
|
'Content-Security-Policy => ...child-src auth.idp.com' );
|
||||||
|
|
Loading…
Reference in New Issue