Merge branch 'v2.0'

2021-03-25 15:07:41 +01:00 · 2021-03-25 15:07:41 +01:00 · 965f9360c4
parent 2947a828de 13e7804ea6
commit 965f9360c4
5 changed files with 48 additions and 1 deletions
--- a/doc/sources/admin/applications.rst
+++ b/doc/sources/admin/applications.rst
@ -24,6 +24,7 @@ Applications
   applications/grr
   applications/guacamole
   applications/humhub
+   applications/iparapheur
   applications/jitsimeet
   applications/liferay
   applications/limesurvey
@ -100,6 +101,7 @@ Application                                                       Configuration
 .. image:: applications/grr_logo.png                              :doc:`GRR<applications/grr>`                         ✔
 .. image:: applications/guacamole.png                             :doc:`Apache Guacamole<applications/guacamole>`      ✔                             ✔        ✔
 .. image:: applications/humhub_logo.png                           :doc:`HumHub<applications/humhub>`                                                          ✔
+.. image:: applications/iparapheur_logo.png                       :doc:`i-Parapheur<applications/iparapheur>`          ✔
 .. image:: applications/logo-jitsimeet.png                        :doc:`Jitsi Meet<applications/jitsimeet>`            ✔
 .. image:: applications/liferay_logo.png                          :doc:`Liferay<applications/liferay>`                 ✔
 .. image:: applications/limesurvey_logo.png                       :doc:`LimeSurvey<applications/limesurvey>`           ✔
--- a/doc/sources/admin/applications/.tomcat.rst
+++ b/doc/sources/admin/applications/.tomcat.rst
--- a/doc/sources/admin/applications/iparapheur.rst
+++ b/doc/sources/admin/applications/iparapheur.rst
@ -0,0 +1,45 @@
+i-Parapheur
+===========
+
+|image0|
+
+Presentation
+------------
+
+`i-Parapheur <https://www.libriciel.fr/i-parapheur/>`__ is a web application
+allowing digital signature on documents. It was built around Alfresco.
+
+It can use external authentication based on HTTP header.
+
+Configuration
+-------------
+
+On i-Parapheur
+~~~~~~~~~~~~~~
+
+Edit ``/opt/iParapheur/tomcat/shared/classes/alfresco-global.properties`` and add:
+
+.. code-block:: ini
+
+   parapheur.auth.external.header.authorize=true
+
+Edit ``/opt/iParapheur/tomcat/shared/classes/iparapheur-global.properties`` and add:
+
+.. code-block:: ini
+
+   parapheur.auth.external.header.name=Auth-User
+   parapheur.auth.external.header.regexp=.*
+
+On LemonLDAP::NG
+~~~~~~~~~~~~~~~~
+
+Go to the Manager and :doc:`create a new virtual host<../configvhost>` for iParapheur.
+
+Just configure the :ref:`access rules<rules>`.
+
+Create the ``Auth-User`` :ref:`header<headers>` to send the user login to iParapheur.
+
+
+.. |image0| image:: /applications/iparapheur_logo.png
+   :class: align-center
+
--- a/doc/sources/admin/applications/iparapheur_logo.png
+++ b/doc/sources/admin/applications/iparapheur_logo.png
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm
@ -1141,7 +1141,7 @@ sub _handleClientCredentialsGrant {
 sub _handlePasswordGrant {
    my ( $self, $req, $rp ) = @_;
    my $client_id = $self->oidcRPList->{$rp}->{oidcRPMetaDataOptionsClientID};
-    my $req_scope = $req->param('scope') || 'openid';
+    my $req_scope = $req->param('scope') || '';
    my $username  = $req->param('username');
    my $password  = $req->param('password');