Import some 1.9.7 changes
This commit is contained in:
parent
83052b5231
commit
c14bd95d92
|
@ -7,14 +7,14 @@
|
|||
* Verify `useSafeJail=0`
|
||||
* Finish IssuerGet logout (-> info())
|
||||
* Import r5420 (ssl\_opts) to trunk
|
||||
* Verify DBI (UserUser)
|
||||
|
||||
* Don't display "login" when connected
|
||||
* Import fastcgi-server changes (nginxCustomHandlers)
|
||||
* Add test for #173
|
||||
* lwpSslOpt
|
||||
|
||||
# Password
|
||||
|
||||
* Enable it during auth
|
||||
|
||||
# Other
|
||||
|
||||
* Import fastcgi-server changes (nginxCustomHandlers)
|
||||
* Add test for #173
|
||||
|
|
|
@ -23,7 +23,7 @@ use constant HANDLERSECTION => "handler";
|
|||
use constant MANAGERSECTION => "manager";
|
||||
use constant SESSIONSEXPLORERSECTION => "sessionsExplorer";
|
||||
use constant APPLYSECTION => "apply";
|
||||
our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar)|(?:(?:d(?:emo|bi)|facebook|webID)ExportedVa|exported(?:Heade|Va))r|g(?:r(?:antSessionRule|oup)|lobalStorageOption|oogleExportedVar)|ca(?:s(?:StorageOption|Attribute)|ptchaStorageOption)|re(?:moteGlobalStorageOption|loadUrl)|notificationStorageOption|CASproxiedService|macro)s|o(?:idc(?:RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node)|S(?:erviceMetaDataAuthnContext|torageOptions))|penIdExportedVars)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|a(?:uthChoiceModules|pplicationList)|v(?:hostOptions|irtualHost))$/;
|
||||
our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wpSslOpt)|(?:(?:d(?:emo|bi)|facebook|webID)ExportedVa|exported(?:Heade|Va))r|g(?:r(?:antSessionRule|oup)|lobalStorageOption|oogleExportedVar)|ca(?:s(?:StorageOption|Attribute)|ptchaStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|re(?:moteGlobalStorageOption|loadUrl)|CAS_proxiedService|macro)s|o(?:idc(?:RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node)|S(?:erviceMetaDataAuthnContext|torageOptions))|penIdExportedVars)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|a(?:uthChoiceModules|pplicationList)|v(?:hostOptions|irtualHost))$/;
|
||||
|
||||
|
||||
our %EXPORT_TAGS = (
|
||||
|
|
|
@ -18,11 +18,6 @@ sub defaultValues {
|
|||
'authChoiceParam' => 'lmAuth',
|
||||
'authentication' => 'Demo',
|
||||
'browserIdAuthnLevel' => 1,
|
||||
'browserIdAutoLogin' => 0,
|
||||
'browserIdBackgroundColor' => '#000',
|
||||
'browserIdSiteName' => 'LemonLDAP::NG',
|
||||
'browserIdVerificationURL' =>
|
||||
'https://verifier.login.persona.org/verify',
|
||||
'captcha_login_enabled' => 0,
|
||||
'captcha_mail_enabled' => 0,
|
||||
'captcha_register_enabled' => 1,
|
||||
|
@ -31,9 +26,9 @@ sub defaultValues {
|
|||
'captchaStorageOptions' => {
|
||||
'Directory' => '/var/lib/lemonldap-ng/captcha/'
|
||||
},
|
||||
'CAS_authnLevel' => 1,
|
||||
'CAS_pgtFile' => '/tmp/pgt.txt',
|
||||
'casAccessControlPolicy' => 'none',
|
||||
'CASAuthnLevel' => 1,
|
||||
'CASpgtFile' => '/tmp/pgt.txt',
|
||||
'cda' => 0,
|
||||
'checkXSS' => 1,
|
||||
'confirmFormMethod' => 'post',
|
||||
|
|
|
@ -570,7 +570,7 @@ Example:
|
|||
'Unit' => '$ou',
|
||||
},
|
||||
www2.domain.com => {
|
||||
'Authorization' => '"Basic ".encode_base64($employeeNumber.":dummy")',
|
||||
'Authorization' => '"Basic ".encode_base64($employeeNumber.":dummy","")',
|
||||
'Remote-IP' => '$ip',
|
||||
},
|
||||
}
|
||||
|
|
|
@ -68,9 +68,7 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-
|
|||
'keyText' => {
|
||||
'keyTest' => qr/^[a-zA-Z0-9_]+$/,
|
||||
'msgFail' => '__badValue__',
|
||||
'test' => sub {
|
||||
1;
|
||||
}
|
||||
'test' => qr/^.*$/
|
||||
},
|
||||
'keyTextContainer' => {
|
||||
'keyMsgFail' => '__badKeyName__',
|
||||
|
@ -566,23 +564,19 @@ sub attributes {
|
|||
'type' => 'int'
|
||||
},
|
||||
'browserIdAutoLogin' => {
|
||||
'default' => 0,
|
||||
'type' => 'bool'
|
||||
'type' => 'bool'
|
||||
},
|
||||
'browserIdBackgroundColor' => {
|
||||
'default' => '#000',
|
||||
'type' => 'text'
|
||||
'type' => 'text'
|
||||
},
|
||||
'browserIdSiteLogo' => {
|
||||
'type' => 'text'
|
||||
},
|
||||
'browserIdSiteName' => {
|
||||
'default' => 'LemonLDAP::NG',
|
||||
'type' => 'text'
|
||||
'type' => 'text'
|
||||
},
|
||||
'browserIdVerificationURL' => {
|
||||
'default' => 'https://verifier.login.persona.org/verify',
|
||||
'type' => 'text'
|
||||
'type' => 'text'
|
||||
},
|
||||
'captcha_login_enabled' => {
|
||||
'default' => 0,
|
||||
|
@ -610,6 +604,34 @@ sub attributes {
|
|||
},
|
||||
'type' => 'keyTextContainer'
|
||||
},
|
||||
'CAS_authnLevel' => {
|
||||
'default' => 1,
|
||||
'type' => 'int'
|
||||
},
|
||||
'CAS_CAFile' => {
|
||||
'type' => 'text'
|
||||
},
|
||||
'CAS_gateway' => {
|
||||
'type' => 'bool'
|
||||
},
|
||||
'CAS_pgtFile' => {
|
||||
'default' => '/tmp/pgt.txt',
|
||||
'type' => 'text'
|
||||
},
|
||||
'CAS_proxiedServices' => {
|
||||
'keyMsgFail' => '__badCasProxyId__',
|
||||
'keyTest' => qr/^\w+$/,
|
||||
'type' => 'keyTextContainer'
|
||||
},
|
||||
'CAS_renew' => {
|
||||
'type' => 'bool'
|
||||
},
|
||||
'CAS_url' => {
|
||||
'msgFail' => '__badUrl__',
|
||||
'test' =>
|
||||
qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/,
|
||||
'type' => 'text'
|
||||
},
|
||||
'casAccessControlPolicy' => {
|
||||
'default' => 'none',
|
||||
'select' => [
|
||||
|
@ -634,40 +656,12 @@ sub attributes {
|
|||
'casAttributes' => {
|
||||
'type' => 'keyTextContainer'
|
||||
},
|
||||
'CASAuthnLevel' => {
|
||||
'default' => 1,
|
||||
'type' => 'int'
|
||||
},
|
||||
'CASCAFile' => {
|
||||
'type' => 'text'
|
||||
},
|
||||
'CASgateway' => {
|
||||
'type' => 'bool'
|
||||
},
|
||||
'CASpgtFile' => {
|
||||
'default' => '/tmp/pgt.txt',
|
||||
'type' => 'text'
|
||||
},
|
||||
'CASproxiedServices' => {
|
||||
'keyMsgFail' => '__badCasProxyId__',
|
||||
'keyTest' => qr/^\w+$/,
|
||||
'type' => 'keyTextContainer'
|
||||
},
|
||||
'CASrenew' => {
|
||||
'type' => 'bool'
|
||||
},
|
||||
'casStorage' => {
|
||||
'type' => 'PerlModule'
|
||||
},
|
||||
'casStorageOptions' => {
|
||||
'type' => 'keyTextContainer'
|
||||
},
|
||||
'CASurl' => {
|
||||
'msgFail' => '__badUrl__',
|
||||
'test' =>
|
||||
qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/,
|
||||
'type' => 'text'
|
||||
},
|
||||
'cda' => {
|
||||
'default' => 0,
|
||||
'type' => 'bool'
|
||||
|
@ -756,9 +750,18 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
|
|||
'dbiPasswordMailCol' => {
|
||||
'type' => 'text'
|
||||
},
|
||||
'dbiUserChain' => {
|
||||
'type' => 'text'
|
||||
},
|
||||
'dbiUserPassword' => {
|
||||
'type' => 'password'
|
||||
},
|
||||
'dbiUserTable' => {
|
||||
'type' => 'text'
|
||||
},
|
||||
'dbiUserUser' => {
|
||||
'type' => 'text'
|
||||
},
|
||||
'demoExportedVars' => {
|
||||
'default' => {
|
||||
'cn' => 'cn',
|
||||
|
@ -775,7 +778,7 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
|
|||
'default' => 'example.com',
|
||||
'msgFail' => '__badDomainName__',
|
||||
'test' =>
|
||||
qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?))?$/,
|
||||
qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?))?/,
|
||||
'type' => 'text'
|
||||
},
|
||||
'exportedAttr' => {
|
||||
|
@ -1255,6 +1258,9 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
|
|||
'default' => {},
|
||||
'type' => 'keyTextContainer'
|
||||
},
|
||||
'lwpSslOpts' => {
|
||||
'type' => 'keyTextContainer'
|
||||
},
|
||||
'macros' => {
|
||||
'default' => {},
|
||||
'keyMsgFail' => '__badMacroName__',
|
||||
|
@ -1354,6 +1360,12 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
|
|||
'default' => '; ',
|
||||
'type' => 'authParamsText'
|
||||
},
|
||||
'nginxCustomHandlers' => {
|
||||
'keyTest' => qr/^\w+$/,
|
||||
'msgFail' => '__badPerlPackageName__',
|
||||
'test' => qr/^[a-zA-Z][a-zA-Z0-9]*(?:::[a-zA-Z][a-zA-Z0-9]*)*$/,
|
||||
'type' => 'keyTextContainer'
|
||||
},
|
||||
'noAjaxHook' => {
|
||||
'default' => 0,
|
||||
'type' => 'bool'
|
||||
|
|
|
@ -169,7 +169,7 @@ sub types {
|
|||
},
|
||||
keyText => {
|
||||
keyTest => qr/^[a-zA-Z0-9_]+$/,
|
||||
test => sub { 1 },
|
||||
test => qr/^.*$/,
|
||||
msgFail => '__badValue__',
|
||||
},
|
||||
menuApp => {
|
||||
|
@ -287,6 +287,12 @@ sub attributes {
|
|||
type => 'bool',
|
||||
documentation => 'Maintenance mode for all virtual hosts',
|
||||
},
|
||||
nginxCustomHandlers => {
|
||||
type => 'keyTextContainer',
|
||||
keyTest => qr/^\w+$/,
|
||||
test => qr/^[a-zA-Z][a-zA-Z0-9]*(?:::[a-zA-Z][a-zA-Z0-9]*)*$/,
|
||||
msgFail => '__badPerlPackageName__',
|
||||
},
|
||||
noAjaxHook => {
|
||||
default => 0,
|
||||
type => 'bool',
|
||||
|
@ -516,6 +522,10 @@ sub attributes {
|
|||
default => 'uid',
|
||||
documentation => 'Session parameter used to fill REMOTE_USER',
|
||||
},
|
||||
lwpSslOpts => {
|
||||
type => 'keyTextContainer',
|
||||
documentation => 'Options given to LWP::UserAgent',
|
||||
},
|
||||
|
||||
# History
|
||||
failedLoginNumber => {
|
||||
|
@ -1922,25 +1932,25 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
|
|||
SSLVar => { type => 'text', },
|
||||
|
||||
# CAS
|
||||
CASAuthnLevel => {
|
||||
CAS_authnLevel => {
|
||||
type => 'int',
|
||||
default => 1,
|
||||
documentation => 'CAS authentication level',
|
||||
},
|
||||
CASurl => {
|
||||
CAS_url => {
|
||||
type => 'text',
|
||||
test => $url,
|
||||
msgFail => '__badUrl__',
|
||||
},
|
||||
CASCAFile => { type => 'text', },
|
||||
CASrenew => { type => 'bool', },
|
||||
CASgateway => { type => 'bool', },
|
||||
CASpgtFile => {
|
||||
CAS_CAFile => { type => 'text', },
|
||||
CAS_renew => { type => 'bool', },
|
||||
CAS_gateway => { type => 'bool', },
|
||||
CAS_pgtFile => {
|
||||
type => 'text',
|
||||
default => '/tmp/pgt.txt',
|
||||
documentation => 'CAS PGT file',
|
||||
},
|
||||
CASproxiedServices => {
|
||||
CAS_proxiedServices => {
|
||||
type => 'keyTextContainer',
|
||||
keyTest => qr/^\w+$/,
|
||||
keyMsgFail => '__badCasProxyId__',
|
||||
|
@ -2065,11 +2075,14 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
|
|||
dbiAuthChain => { type => 'text', },
|
||||
dbiAuthUser => { type => 'text', },
|
||||
dbiAuthPassword => { type => 'password', },
|
||||
dbiUserChain => { type => 'text', },
|
||||
dbiUserUser => { type => 'text', },
|
||||
dbiUserPassword => { type => 'password', },
|
||||
dbiAuthTable => { type => 'text', },
|
||||
dbiUserTable => { type => 'text', },
|
||||
dbiAuthLoginCol => { type => 'text', },
|
||||
dbiAuthPasswordCol => { type => 'text', },
|
||||
dbiPasswordMailCol => { type => 'text', },
|
||||
dbiUserTable => { type => 'text', },
|
||||
userPivot => { type => 'text', },
|
||||
dbiAuthPasswordHash =>
|
||||
{ type => 'text', help => 'authdbi.html#password', },
|
||||
|
@ -2215,14 +2228,11 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
|
|||
default => 1,
|
||||
documentation => 'Browser ID authentication level',
|
||||
},
|
||||
browserIdAutoLogin => { type => 'bool', default => 0 },
|
||||
browserIdVerificationURL => {
|
||||
type => 'text',
|
||||
default => 'https://verifier.login.persona.org/verify',
|
||||
},
|
||||
browserIdSiteName => { type => 'text', default => 'LemonLDAP::NG', },
|
||||
browserIdSiteLogo => { type => 'text', },
|
||||
browserIdBackgroundColor => { type => 'text', default => '#000', },
|
||||
browserIdAutoLogin => { type => 'bool', },
|
||||
browserIdVerificationURL => { type => 'text', },
|
||||
browserIdSiteName => { type => 'text', },
|
||||
browserIdSiteLogo => { type => 'text', },
|
||||
browserIdBackgroundColor => { type => 'text', },
|
||||
|
||||
# OpenID Connect auth params
|
||||
oidcAuthnLevel => {
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
|
||||
package Lemonldap::NG::Manager::Build::Tree;
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '1.9.6';
|
||||
|
||||
# TODO: Missing:
|
||||
# * activeTimer
|
||||
|
@ -137,10 +137,10 @@ sub tree {
|
|||
title => 'casParams',
|
||||
help => 'authcas.html',
|
||||
nodes => [
|
||||
'CASAuthnLevel', 'CASurl',
|
||||
'CASCAFile', 'CASrenew',
|
||||
'CASgateway', 'CASpgtFile',
|
||||
'CASproxiedServices'
|
||||
'CAS_authnLevel', 'CAS_url',
|
||||
'CAS_CAFile', 'CAS_renew',
|
||||
'CAS_gateway', 'CAS_pgtFile',
|
||||
'CAS_proxiedServices'
|
||||
]
|
||||
},
|
||||
{
|
||||
|
@ -152,10 +152,25 @@ sub tree {
|
|||
{
|
||||
title => 'dbiConnection',
|
||||
help => 'authdbi.html#connection',
|
||||
form => 'simpleInputContainer',
|
||||
nodes => [
|
||||
'dbiAuthChain', 'dbiAuthUser',
|
||||
'dbiAuthPassword'
|
||||
{
|
||||
title => 'dbiConnectionAuth',
|
||||
form => 'simpleInputContainer',
|
||||
nodes => [
|
||||
'dbiAuthChain',
|
||||
'dbiAuthUser',
|
||||
'dbiAuthPassword'
|
||||
]
|
||||
},
|
||||
{
|
||||
title => 'dbiConnectionUser',
|
||||
form => 'simpleInputContainer',
|
||||
nodes => [
|
||||
'dbiUserChain',
|
||||
'dbiUserUser',
|
||||
'dbiUserPassword'
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
|
@ -590,7 +605,8 @@ sub tree {
|
|||
'key',
|
||||
'trustedDomains',
|
||||
'useSafeJail',
|
||||
'checkXSS'
|
||||
'checkXSS',
|
||||
'lwpSslOpts'
|
||||
]
|
||||
},
|
||||
{
|
||||
|
@ -647,6 +663,7 @@ sub tree {
|
|||
}
|
||||
]
|
||||
},
|
||||
'nginxCustomHandlers',
|
||||
'logoutServices',
|
||||
'multiValuesSeparator',
|
||||
{
|
||||
|
|
|
@ -22,7 +22,7 @@ our $specialNodeHash = {
|
|||
our @sessionTypes = ( 'captcha', 'remoteGlobal', 'cas', 'global', 'localSession', 'persistent', 'saml', 'oidc' );
|
||||
|
||||
our $doubleHashKeys = 'issuerDBGetParameters';
|
||||
our $simpleHashKeys = '(?:(?:g(?:r(?:antSessionRule|oup)|lobalStorageOption|oogleExportedVar)|l(?:o(?:calSessionStorageOption|goutService)|dapExportedVar)|ca(?:s(?:StorageOption|Attribute)|ptchaStorageOption)|(?:(?:d(?:emo|bi)|facebook|webID)E|e)xportedVar|p(?:ersistentStorageOption|ortalSkinRule)|re(?:moteGlobalStorageOption|loadUrl)|notificationStorageOption|CASproxiedService|macro)s|o(?:idcS(?:erviceMetaDataAuthnContext|torageOptions)|penIdExportedVars)|s(?:(?:amlStorageOption|laveExportedVar)s|essionDataToRemember)|a(?:uthChoiceModules|pplicationList))';
|
||||
our $simpleHashKeys = '(?:(?:l(?:o(?:calSessionStorageOption|goutService)|dapExportedVar|wpSslOpt)|g(?:r(?:antSessionRule|oup)|lobalStorageOption|oogleExportedVar)|ca(?:s(?:StorageOption|Attribute)|ptchaStorageOption)|(?:(?:d(?:emo|bi)|facebook|webID)E|e)xportedVar|n(?:otificationStorageOption|ginxCustomHandler)|p(?:ersistentStorageOption|ortalSkinRule)|re(?:moteGlobalStorageOption|loadUrl)|CAS_proxiedService|macro)s|o(?:idcS(?:erviceMetaDataAuthnContext|torageOptions)|penIdExportedVars)|s(?:(?:amlStorageOption|laveExportedVar)s|essionDataToRemember)|a(?:uthChoiceModules|pplicationList))';
|
||||
our $specialNodeKeys = '(?:(?:saml(?:ID|S)|oidc[OR])PMetaDataNode|virtualHost)s';
|
||||
our $oidcOPMetaDataNodeKeys = 'oidcOPMetaData(?:Options(?:C(?:lient(?:Secret|ID)|heckJWTSignature|onfigurationURI)|TokenEndpointAuthMethod|(?:JWKSTimeou|Promp)t|I(?:DTokenMaxAge|con)|S(?:toreIDToken|cope)|U(?:iLocales|seNonce)|Display(?:Name)?|AcrValues|MaxAge)|ExportedVars|J(?:SON|WKS))';
|
||||
our $oidcRPMetaDataNodeKeys = 'oidcRPMetaData(?:Options(?:I(?:DToken(?:Expiration|SignAlg)|con)|(?:RedirectUri|ExtraClaim)s|AccessTokenExpiration|Client(?:Secret|ID)|BypassConsent|DisplayName|UserIDAttr)|ExportedVars)';
|
||||
|
@ -34,9 +34,9 @@ our $authParameters = {
|
|||
adParams => [qw(ADPwdMaxAge ADPwdExpireWarning)],
|
||||
apacheParams => [qw(apacheAuthnLevel)],
|
||||
browseridParams => [qw(browserIdAuthnLevel browserIdAutoLogin browserIdVerificationURL browserIdSiteName browserIdSiteLogo browserIdBackgroundColor)],
|
||||
casParams => [qw(CASAuthnLevel CASurl CASCAFile CASrenew CASgateway CASpgtFile CASproxiedServices)],
|
||||
casParams => [qw(CAS_authnLevel CAS_url CAS_CAFile CAS_renew CAS_gateway CAS_pgtFile CAS_proxiedServices)],
|
||||
choiceParams => [qw(authChoiceParam authChoiceModules)],
|
||||
dbiParams => [qw(dbiAuthnLevel dbiExportedVars dbiAuthChain dbiAuthUser dbiAuthPassword dbiAuthTable dbiUserTable dbiAuthLoginCol dbiAuthPasswordCol dbiPasswordMailCol userPivot dbiAuthPasswordHash)],
|
||||
dbiParams => [qw(dbiAuthnLevel dbiExportedVars dbiAuthChain dbiAuthUser dbiAuthPassword dbiUserChain dbiUserUser dbiUserPassword dbiAuthTable dbiUserTable dbiAuthLoginCol dbiAuthPasswordCol dbiPasswordMailCol userPivot dbiAuthPasswordHash)],
|
||||
demoParams => [qw(demoExportedVars)],
|
||||
facebookParams => [qw(facebookAuthnLevel facebookExportedVars facebookAppId facebookAppSecret)],
|
||||
googleParams => [qw(googleAuthnLevel googleExportedVars)],
|
||||
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -268,7 +268,7 @@ Example:
|
|||
'Unit' => '$ou',
|
||||
},
|
||||
www2.domain.com => {
|
||||
'Authorization' => '"Basic ".encode_base64($employeeNumber.":dummy")',
|
||||
'Authorization' => '"Basic ".encode_base64($employeeNumber.":dummy","")',
|
||||
},
|
||||
}
|
||||
|
||||
|
|
|
@ -21,8 +21,8 @@ has proxy => (
|
|||
is => 'rw',
|
||||
builder => sub {
|
||||
return
|
||||
ref( $_[0]->conf->{CASproxiedServices} ) eq 'HASH'
|
||||
? ( %{ $_[0]->conf->{CASproxiedServices} } ? 1 : 0 )
|
||||
ref( $_[0]->conf->{CAS_proxiedServices} ) eq 'HASH'
|
||||
? ( %{ $_[0]->conf->{CAS_proxiedServices} } ? 1 : 0 )
|
||||
: 0;
|
||||
}
|
||||
);
|
||||
|
@ -40,8 +40,8 @@ sub init {
|
|||
}
|
||||
$self->cas(
|
||||
AuthCAS->new(
|
||||
casUrl => $self->conf->{CASurl},
|
||||
CAFile => $self->conf->{CASCAFile},
|
||||
casUrl => $self->conf->{CAS_url},
|
||||
CAFile => $self->conf->{CAS_CAFile},
|
||||
)
|
||||
);
|
||||
return 1;
|
||||
|
@ -91,7 +91,7 @@ sub extractFormInfo {
|
|||
$self->lmLog( "CAS Proxy URL: $proxy_url", 'debug' );
|
||||
|
||||
$self->cas->proxyMode(
|
||||
pgtFile => $self->{CASpgtFile},
|
||||
pgtFile => $self->conf->{CAS_pgtFile},
|
||||
pgtCallbackUrl => $proxy_url
|
||||
);
|
||||
}
|
||||
|
@ -122,8 +122,8 @@ sub extractFormInfo {
|
|||
|
||||
# Build login URL
|
||||
my $login_url = $self->cas->getServerLoginURL($local_url);
|
||||
$login_url .= '&renew=true' if $self->conf->{CASrenew};
|
||||
$login_url .= '&gateway=true' if $self->conf->{CASgateway};
|
||||
$login_url .= '&renew=true' if $self->conf->{CAS_renew};
|
||||
$login_url .= '&gateway=true' if $self->conf->{CAS_gateway};
|
||||
|
||||
# Check Service Ticket
|
||||
my $ticket = $req->param('ticket');
|
||||
|
@ -160,8 +160,8 @@ sub extractFormInfo {
|
|||
}
|
||||
|
||||
# Get a proxy ticket for each proxied service
|
||||
foreach ( keys %{ $self->conf->{CASproxiedServices} } ) {
|
||||
my $service = $self->conf->{CASproxiedServices}->{$_};
|
||||
foreach ( keys %{ $self->conf->{CAS_proxiedServices} } ) {
|
||||
my $service = $self->conf->{CAS_proxiedServices}->{$_};
|
||||
my $pt = $self->cas->retrievePT($service);
|
||||
|
||||
unless ($pt) {
|
||||
|
@ -190,7 +190,7 @@ sub authenticate {
|
|||
# Set authenticationLevel.
|
||||
sub setAuthSessionInfo {
|
||||
my ( $self, $req ) = @_;
|
||||
$req->{sessionInfo}->{authenticationLevel} = $self->conf->{CASAuthnLevel};
|
||||
$req->{sessionInfo}->{authenticationLevel} = $self->conf->{CAS_authnLevel};
|
||||
PE_OK;
|
||||
}
|
||||
|
||||
|
|
|
@ -9,7 +9,7 @@ use strict;
|
|||
use Lemonldap::NG::Portal::Simple;
|
||||
use URI::Escape;
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '1.9.1';
|
||||
our $initDone;
|
||||
|
||||
BEGIN {
|
||||
|
@ -45,8 +45,8 @@ sub extractFormInfo {
|
|||
my $self = shift;
|
||||
|
||||
my $cas = new AuthCAS(
|
||||
casUrl => $self->{CASurl},
|
||||
CAFile => $self->{CASCAFile},
|
||||
casUrl => $self->{CAS_url},
|
||||
CAFile => $self->{CAS_CAFile},
|
||||
);
|
||||
|
||||
# Local URL
|
||||
|
@ -79,8 +79,8 @@ sub extractFormInfo {
|
|||
|
||||
# Act as a proxy if proxied services configured
|
||||
my $proxy =
|
||||
ref( $self->{CASproxiedServices} ) eq 'HASH'
|
||||
? ( %{ $self->{CASproxiedServices} } ? 1 : 0 )
|
||||
ref( $self->{CAS_proxiedServices} ) eq 'HASH'
|
||||
? ( %{ $self->{CAS_proxiedServices} } ? 1 : 0 )
|
||||
: 0;
|
||||
|
||||
if ($proxy) {
|
||||
|
@ -96,7 +96,7 @@ sub extractFormInfo {
|
|||
$self->lmLog( "CAS Proxy URL: $proxy_url", 'debug' );
|
||||
|
||||
$cas->proxyMode(
|
||||
pgtFile => $self->{CASpgtFile},
|
||||
pgtFile => $self->{CAS_pgtFile},
|
||||
pgtCallbackUrl => $proxy_url
|
||||
);
|
||||
}
|
||||
|
@ -127,8 +127,8 @@ sub extractFormInfo {
|
|||
|
||||
# Build login URL
|
||||
my $login_url = $cas->getServerLoginURL($local_url);
|
||||
$login_url .= '&renew=true' if $self->{CASrenew};
|
||||
$login_url .= '&gateway=true' if $self->{CASgateway};
|
||||
$login_url .= '&renew=true' if $self->{CAS_renew};
|
||||
$login_url .= '&gateway=true' if $self->{CAS_gateway};
|
||||
|
||||
# Check Service Ticket
|
||||
my $ticket = $self->param('ticket');
|
||||
|
@ -164,8 +164,8 @@ sub extractFormInfo {
|
|||
}
|
||||
|
||||
# Get a proxy ticket for each proxied service
|
||||
foreach ( keys %{ $self->{CASproxiedServices} } ) {
|
||||
my $service = $self->{CASproxiedServices}->{$_};
|
||||
foreach ( keys %{ $self->{CAS_proxiedServices} } ) {
|
||||
my $service = $self->{CAS_proxiedServices}->{$_};
|
||||
my $pt = $cas->retrievePT($service);
|
||||
|
||||
unless ($pt) {
|
||||
|
@ -196,7 +196,7 @@ sub setAuthSessionInfo {
|
|||
# Store user submitted login for basic rules
|
||||
$self->{sessionInfo}->{'_user'} = $self->{'user'};
|
||||
|
||||
$self->{sessionInfo}->{authenticationLevel} = $self->{CASauthnLevel};
|
||||
$self->{sessionInfo}->{authenticationLevel} = $self->{CAS_authnLevel};
|
||||
|
||||
PE_OK;
|
||||
}
|
||||
|
@ -222,8 +222,8 @@ sub authLogout {
|
|||
my $self = shift;
|
||||
|
||||
my $cas = new AuthCAS(
|
||||
casUrl => $self->{CASurl},
|
||||
CAFile => $self->{CASCAFile},
|
||||
casUrl => $self->{CAS_url},
|
||||
CAFile => $self->{CAS_CAFile},
|
||||
);
|
||||
|
||||
# Build CAS logout URL
|
||||
|
@ -267,8 +267,8 @@ compatible portals with CAS authentication.
|
|||
my $portal = new Lemonldap::NG::Portal::Simple(
|
||||
configStorage => {...}, # See Lemonldap::NG::Portal
|
||||
authentication => 'CAS',
|
||||
CASurl => 'https://cas.myserver',
|
||||
CASCAFile => '/etc/httpd/conf/ssl.crt/ca-bundle.crt',
|
||||
CAS_url => 'https://cas.myserver',
|
||||
CAS_CAFile => '/etc/httpd/conf/ssl.crt/ca-bundle.crt',
|
||||
);
|
||||
|
||||
if($portal->process()) {
|
||||
|
|
|
@ -11,7 +11,7 @@ use String::Random qw(random_string);
|
|||
use HTML::Template;
|
||||
use base qw(Lemonldap::NG::Portal::_OpenIDConnect);
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '1.9.6';
|
||||
|
||||
## @method void issuerDBInit()
|
||||
# Get configuration data
|
||||
|
@ -561,14 +561,15 @@ sub issuerForUnAuthUser {
|
|||
);
|
||||
|
||||
my $checksession_tpl =
|
||||
$self->getApacheHtdocsPath
|
||||
. "/site/templates/common/oidc_checksession.tpl";
|
||||
$self->getApacheHtdocsPath . "/skins/common/oidc_checksession.tpl";
|
||||
|
||||
my $static_prefix = ""; #TODO
|
||||
my $portalPath = $self->{portal};
|
||||
$portalPath =~ s#^https?://[^/]+/?#/#;
|
||||
$portalPath =~ s#[^/]+\.pl$##;
|
||||
|
||||
my $template = HTML::Template->new( filename => $checksession_tpl );
|
||||
$template->param( "JS_CODE" => $self->getSessionManagementOPIFrameJS );
|
||||
$template->param( "STATIC_PREFIX" => $static_prefix );
|
||||
$template->param( "SKIN_PATH" => $portalPath . "skins" );
|
||||
print $template->output;
|
||||
$self->quit();
|
||||
}
|
||||
|
@ -1406,14 +1407,15 @@ sub issuerForAuthUser {
|
|||
);
|
||||
|
||||
my $checksession_tpl =
|
||||
$self->getApacheHtdocsPath
|
||||
. "/site/templates/common/oidc_checksession.tpl";
|
||||
$self->getApacheHtdocsPath . "/skins/common/oidc_checksession.tpl";
|
||||
|
||||
my $static_prefix = ""; #TODO
|
||||
my $portalPath = $self->{portal};
|
||||
$portalPath =~ s#^https?://[^/]+/?#/#;
|
||||
$portalPath =~ s#[^/]+\.pl$##;
|
||||
|
||||
my $template = HTML::Template->new( filename => $checksession_tpl );
|
||||
$template->param( "JS_CODE" => $self->getSessionManagementOPIFrameJS );
|
||||
$template->param( "STATIC_PREFIX" => $static_prefix );
|
||||
$template->param( "SKIN_PATH" => $portalPath . "skins" );
|
||||
print $template->output;
|
||||
$self->quit();
|
||||
}
|
||||
|
|
|
@ -10,6 +10,8 @@ use warnings;
|
|||
|
||||
use Exporter 'import';
|
||||
|
||||
our $VERSION = '1.9.7';
|
||||
|
||||
use warnings;
|
||||
use MIME::Base64;
|
||||
use Lemonldap::NG::Common::CGI;
|
||||
|
@ -71,8 +73,6 @@ use Digest::MD5;
|
|||
#inherits Apache::Session
|
||||
#link Lemonldap::NG::Common::Apache::Session::SOAP protected globalStorage
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
|
||||
use base qw(Lemonldap::NG::Common::CGI Exporter);
|
||||
our @ISA;
|
||||
|
||||
|
@ -556,7 +556,7 @@ sub setHiddenFormValue {
|
|||
# Store value
|
||||
if ($val) {
|
||||
$key = $prefix . $key;
|
||||
$val = encode_base64($val) if $base64;
|
||||
$val = encode_base64( $val, '' ) if $base64;
|
||||
$self->{portalHiddenFormValues}->{$key} = $val;
|
||||
$self->lmLog( "Store $val in hidden key $key", 'debug' );
|
||||
}
|
||||
|
@ -741,7 +741,8 @@ sub checkXSSAttack {
|
|||
return 0 unless $value;
|
||||
|
||||
# Test value
|
||||
if ( $value =~ m/(?:\0|<|'|"|`|\%(?:00|25|3C|22|27|2C))/ ) {
|
||||
$value =~ s/\%25/\%/g;
|
||||
if ( $value =~ m/(?:\0|<|'|"|`|\%(?:00|3C|22|27|2C))/ ) {
|
||||
$self->lmLog( "XSS attack detected (param: $name | value: $value)",
|
||||
"warn" );
|
||||
return $self->{checkXSS};
|
||||
|
@ -897,15 +898,25 @@ sub redirect {
|
|||
}
|
||||
}
|
||||
|
||||
## @method protected hashref getApacheSession(string id, boolean noInfo, boolean $force)
|
||||
## @method protected hashref getApacheSession(string id, boolean noInfo, boolean $force, string $kind)
|
||||
# Try to recover the session corresponding to id and return session datas.
|
||||
# If $id is set to undef or if $force is true, return a new session.
|
||||
# @param id session reference
|
||||
# @param noInfo do not set Apache REMOTE_USER
|
||||
# @param force Force session creation if it does not exist
|
||||
# @param kind Session kind
|
||||
# return Lemonldap::NG::Common::Session object
|
||||
sub getApacheSession {
|
||||
my ( $self, $id, $noInfo, $force ) = @_;
|
||||
my ( $self, $id, $noInfo, $force, $kind ) = @_;
|
||||
|
||||
$kind ||= "SSO";
|
||||
|
||||
if ($id) {
|
||||
$self->lmLog( "Try to get $kind session $id", 'debug' );
|
||||
}
|
||||
else {
|
||||
$self->lmLog( "Try to get a new $kind session", 'debug' );
|
||||
}
|
||||
|
||||
my $apacheSession = Lemonldap::NG::Common::Session->new(
|
||||
{
|
||||
|
@ -915,17 +926,34 @@ sub getApacheSession {
|
|||
cacheModuleOptions => $self->{localSessionStorageOptions},
|
||||
id => $id,
|
||||
force => $force,
|
||||
kind => "SSO",
|
||||
kind => $kind,
|
||||
}
|
||||
);
|
||||
|
||||
if ( $apacheSession->error ) {
|
||||
$self->lmLog( $apacheSession->error, 'debug' );
|
||||
$self->lmLog( $apacheSession->error, 'error' );
|
||||
return;
|
||||
}
|
||||
|
||||
if ( $id and !$force and !$apacheSession->data ) {
|
||||
$self->lmLog( "Session $id not found", 'debug' );
|
||||
$self->lmLog( "Session $kind $id not found", 'debug' );
|
||||
return;
|
||||
}
|
||||
|
||||
my $now = time;
|
||||
if (
|
||||
$id
|
||||
and defined $apacheSession->data->{_utime}
|
||||
and (
|
||||
$now - $apacheSession->data->{_utime} > $self->{timeout}
|
||||
or ( $self->{timeoutActivity}
|
||||
and $apacheSession->data->{_lastSeen}
|
||||
and $now - $apacheSession->data->{_lastSeen} >
|
||||
$self->{timeoutActivity} )
|
||||
)
|
||||
)
|
||||
{
|
||||
$self->lmLog( "Session $kind $id expired", 'debug' );
|
||||
return;
|
||||
}
|
||||
|
||||
|
@ -934,6 +962,9 @@ sub getApacheSession {
|
|||
if ($id);
|
||||
$self->{id} = $apacheSession->id;
|
||||
}
|
||||
|
||||
$self->lmLog( "Return $kind session " . $apacheSession->id, 'debug' );
|
||||
|
||||
return $apacheSession;
|
||||
}
|
||||
|
||||
|
@ -1142,8 +1173,7 @@ sub _subProcess {
|
|||
# status module with the result (portal error).
|
||||
sub updateStatus {
|
||||
my $self = shift;
|
||||
my $p = $Lemonldap::NG::Handler::Main::SharedVariables::_tshv->{tsv}
|
||||
->{statusPipe};
|
||||
my $p = $Lemonldap::NG::Handler::Main::tsv->{statusPipe};
|
||||
print $p ( $self->{user} ? $self->{user} : $self->ipAddr )
|
||||
. " => $ENV{SERVER_NAME}$ENV{SCRIPT_NAME} "
|
||||
. $self->{error} . "\n"
|
||||
|
@ -1300,7 +1330,9 @@ sub _deleteSession {
|
|||
if ( $self->{securedCookie} >= 2 ) {
|
||||
|
||||
# Try to find a linked http session (securedCookie == 2)
|
||||
if ( my $id2 = $session->data->{_httpSession} ) {
|
||||
if ( $self->{securedCookie} == 2
|
||||
and my $id2 = $session->data->{_httpSession} )
|
||||
{
|
||||
if ( my $session2 = $self->getApacheSession( $id2, 1 ) ) {
|
||||
$session2->remove;
|
||||
if ( $session2->error ) {
|
||||
|
@ -1498,6 +1530,7 @@ sub getSkin {
|
|||
# - setAuthSessionInfo
|
||||
# - authenticate
|
||||
# - authFinish
|
||||
# - authPostStore
|
||||
# - userDB module:
|
||||
# - userDBInit
|
||||
# - getUser
|
||||
|
@ -1524,8 +1557,8 @@ sub process {
|
|||
modifyPassword setSessionInfo setMacros setGroups
|
||||
setPersistentSessionInfo setLocalGroups sendPasswordMail
|
||||
authenticate authFinish userDBFinish passwordDBFinish
|
||||
grantSession removeOther store buildCookie checkNotification
|
||||
issuerForAuthUser autoRedirect)
|
||||
grantSession removeOther store authPostStore buildCookie
|
||||
checkNotification issuerForAuthUser autoRedirect)
|
||||
);
|
||||
$self->updateStatus;
|
||||
if ( !$self->{noAjaxHook}
|
||||
|
@ -1941,7 +1974,7 @@ sub existingSession {
|
|||
qw(issuerDBInit authInit issuerForUnAuthUser extractFormInfo
|
||||
userDBInit getUser setAuthSessionInfo setSessionInfo
|
||||
setMacros setGroups setPersistentSessionInfo
|
||||
setLocalGroups authenticate authFinish userDBFinish store)
|
||||
setLocalGroups authenticate authFinish userDBFinish store authPostStore)
|
||||
);
|
||||
return $self->{error} || PE_DONE;
|
||||
}
|
||||
|
@ -2504,6 +2537,24 @@ sub authFinish {
|
|||
return $self->{error};
|
||||
}
|
||||
|
||||
## @apmethod int authPostStore
|
||||
# Call authPostStore method from authentication module
|
||||
# @return Lemonldap::NG::Portal constant
|
||||
sub authPostStore {
|
||||
my $self = shift;
|
||||
|
||||
eval { $self->{error} = $self->SUPER::authPostStore; };
|
||||
if ($@) {
|
||||
$self->lmLog(
|
||||
"Optional authPostStore method not defined in current authentication module: $@",
|
||||
'debug'
|
||||
);
|
||||
return PE_OK;
|
||||
}
|
||||
|
||||
return $self->{error};
|
||||
}
|
||||
|
||||
## @apmethod int userDBFinish
|
||||
# Call userDBFinish method from userDB module
|
||||
# @return Lemonldap::NG::Portal constant
|
||||
|
@ -2677,13 +2728,36 @@ sub autoRedirect {
|
|||
{
|
||||
my $ssl = $self->{urldc} =~ /^https/;
|
||||
$self->lmLog( 'CDA request', 'debug' );
|
||||
$self->{urldc} .= ( $self->{urldc} =~ /\?/ ? '&' : '?' )
|
||||
. (
|
||||
( $self->{securedCookie} < 2 or $ssl )
|
||||
? $self->{cookieName} . "=" . $self->{id}
|
||||
: $self->{cookieName} . "http="
|
||||
. $self->{sessionInfo}->{_httpSession}
|
||||
);
|
||||
|
||||
# Create CDA session
|
||||
if ( my $cdaSession =
|
||||
$self->getApacheSession( undef, 1, undef, "CDA" ) )
|
||||
{
|
||||
my $cdaInfos = { '_utime' => time };
|
||||
if ( $self->{securedCookie} < 2 or $ssl ) {
|
||||
$cdaInfos->{cookie_value} = $self->{id};
|
||||
$cdaInfos->{cookie_name} = $self->{cookieName};
|
||||
}
|
||||
else {
|
||||
$cdaInfos->{cookie_value} =
|
||||
$self->{sessionInfo}->{_httpSession};
|
||||
$cdaInfos->{cookie_name} = $self->{cookieName} . "http";
|
||||
}
|
||||
|
||||
$self->updateSession( $cdaInfos, $cdaSession->id );
|
||||
|
||||
$self->{urldc} .=
|
||||
( $self->{urldc} =~ /\?/ ? '&' : '?' )
|
||||
. $self->{cookieName} . "cda="
|
||||
. $cdaSession->id;
|
||||
|
||||
$self->lmLog( "CDA redirection to " . $self->{urldc}, 'debug' );
|
||||
|
||||
}
|
||||
else {
|
||||
$self->lmLog( "Unable to create CDA session", 'error' );
|
||||
return PE_APACHESESSIONERROR;
|
||||
}
|
||||
}
|
||||
|
||||
$self->updateStatus;
|
||||
|
@ -2761,7 +2835,7 @@ sub getCustomTemplateParameters {
|
|||
$self->lmLog( "Set custom template parameter $tplParam with $tplValue",
|
||||
'debug' );
|
||||
|
||||
$customTplParams->{$tplParam} = $self->safe->reval($tplValue);
|
||||
$customTplParams->{$tplParam} = $tplValue;
|
||||
}
|
||||
|
||||
return $customTplParams;
|
||||
|
|
|
@ -427,7 +427,7 @@ sub getAuthorizationCodeAccessToken {
|
|||
$response = $self->ua->post(
|
||||
$access_token_uri, \%form,
|
||||
"Authorization" => "Basic "
|
||||
. encode_base64("$client_id:$client_secret"),
|
||||
. encode_base64( "$client_id:$client_secret", '' ),
|
||||
"Content-Type" => 'application/x-www-form-urlencoded',
|
||||
);
|
||||
}
|
||||
|
|
|
@ -52,7 +52,7 @@ sub send_mail {
|
|||
if $self->{mailReplyTo};
|
||||
|
||||
# Encode the subject
|
||||
$subject = encode_base64($subject);
|
||||
$subject = encode_base64( $subject, '' );
|
||||
$subject =~ s/\s//g;
|
||||
$subject = "=?$charset?B?" . $subject . "?=";
|
||||
|
||||
|
|
|
@ -192,8 +192,8 @@ sub sp {
|
|||
authentication => 'CAS',
|
||||
userDB => 'Null',
|
||||
issuerDBCASActivation => 0,
|
||||
CASurl => 'http://auth.idp.com/cas',
|
||||
CASCAFile => 't/caFile.pem',
|
||||
CAS_url => 'http://auth.idp.com/cas',
|
||||
CAS_CAFile => 't/caFile.pem',
|
||||
multiValuesSeparator => ';',
|
||||
},
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user