Merge branch 'v2.0'
This commit is contained in:
commit
c4ebfc3484
19
Makefile
19
Makefile
|
@ -60,6 +60,7 @@ PORTALTEMPLATESDIR=$(PORTALDIR)/templates
|
|||
|
||||
MANAGERDIR=$(DOCUMENTROOT)/manager
|
||||
MANAGERSITEDIR=$(MANAGERDIR)/htdocs
|
||||
MANAGERAPIDIR=$(MANAGERDIR)/api
|
||||
MANAGERSTATICDIR=$(MANAGERSITEDIR)/static
|
||||
MANAGERRELATIVESTATICDIR=/static
|
||||
MANAGERTEMPLATESDIR=$(MANAGERSITEDIR)/templates
|
||||
|
@ -156,6 +157,7 @@ RPORTALSTATICDIR=$(DESTDIR)/$(PORTALSTATICDIR)
|
|||
RPORTALTEMPLATESDIR=$(DESTDIR)/$(PORTALTEMPLATESDIR)
|
||||
RMANAGERDIR=$(DESTDIR)/$(MANAGERDIR)
|
||||
RMANAGERSITEDIR=$(DESTDIR)/$(MANAGERSITEDIR)
|
||||
RMANAGERAPIDIR=$(DESTDIR)/$(MANAGERAPIDIR)
|
||||
RMANAGERSTATICDIR=$(DESTDIR)/$(MANAGERSTATICDIR)
|
||||
RMANAGERTEMPLATESDIR=$(DESTDIR)/$(MANAGERTEMPLATESDIR)
|
||||
RDOCDIR=$(DESTDIR)/$(DOCDIR)
|
||||
|
@ -409,7 +411,7 @@ nox_e2e_test:
|
|||
|
||||
prepare_test_server:
|
||||
-@mkdir -p e2e-tests/conf/sessions/lock e2e-tests/conf/persistents/lock
|
||||
-@mkdir e2e-tests/conf/manager e2e-tests/conf/portal
|
||||
-@mkdir e2e-tests/conf/manager e2e-tests/conf/portal e2e-tests/conf/api
|
||||
$(MAKE) install_webserver_conf install_test_site install_fastcgi_server \
|
||||
CONFDIR=`pwd`/e2e-tests/conf \
|
||||
RCONFDIR=e2e-tests/conf \
|
||||
|
@ -428,7 +430,7 @@ prepare_test_server:
|
|||
ETCDEFAULTDIR=`pwd`/e2e-tests/conf/def
|
||||
#@cp -f e2e-tests/index.* e2e-tests/conf/
|
||||
@cp -f $(SRCMANAGERDIR)/site/htdocs/manager* e2e-tests/conf/manager
|
||||
@cp -f $(SRCMANAGERDIR)/site/htdocs/api* e2e-tests/conf/manager
|
||||
@cp -f $(SRCMANAGERDIR)/site/api/api* e2e-tests/conf/api
|
||||
@cp -f $(SRCPORTALDIR)/site/htdocs/index* e2e-tests/conf/portal
|
||||
@cp e2e-tests/persistent/5efe8af397fc3577e05b483aca964f1b e2e-tests/conf/persistents
|
||||
@cp e2e-tests/saml-sp.xml e2e-tests/conf/site/saml-sp.xml
|
||||
|
@ -690,7 +692,7 @@ install_site: install_manager_site install_portal_site install_handler_site inst
|
|||
fi
|
||||
@$(PERL) -i -pe 's/__DNSDOMAIN__/$(DNSDOMAIN)/g' $(RCONFDIR)/for_etc_hosts
|
||||
# Fix a lost of rights on the main directory
|
||||
@chmod 755 $(RBINDIR) $(RDOCUMENTROOT) $(REXAMPLESDIR) $(RHANDLERDIR) $(RPORTALSTATICDIR) $(RMANAGERSITEDIR) $(RTOOLSDIR) $(RCONFDIR) $(RDATADIR)
|
||||
@chmod 755 $(RBINDIR) $(RDOCUMENTROOT) $(REXAMPLESDIR) $(RHANDLERDIR) $(RPORTALSTATICDIR) $(RMANAGERSITEDIR) $(RMANAGERAPIDIR) $(RTOOLSDIR) $(RCONFDIR) $(RDATADIR)
|
||||
@echo
|
||||
@echo "LemonLDAP::NG v${VERSION} is installed with these parameters:"
|
||||
@echo " - System configuration: ${CONFDIR}"
|
||||
|
@ -702,6 +704,7 @@ install_site: install_manager_site install_portal_site install_handler_site inst
|
|||
@echo " include ${CONFDIR}/portal-apache$(APACHEVERSION).conf"
|
||||
@echo " include ${CONFDIR}/handler-apache$(APACHEVERSION).conf"
|
||||
@echo " include ${CONFDIR}/manager-apache$(APACHEVERSION).conf"
|
||||
@echo " include ${CONFDIR}/api-apache$(APACHEVERSION).conf"
|
||||
@echo " include ${CONFDIR}/test-apache$(APACHEVERSION).conf"
|
||||
@echo
|
||||
@echo "2 - Restart Apache:"
|
||||
|
@ -725,10 +728,7 @@ install_site: install_manager_site install_portal_site install_handler_site inst
|
|||
install_webserver_conf:
|
||||
@install -m 755 -v -d $(RCONFDIR)
|
||||
@if [ "$(ERASECONFIG)" -eq "1" ]; then \
|
||||
cp -f _example/etc/portal-apache$(APACHEVERSION).conf $(RCONFDIR); \
|
||||
cp -f _example/etc/handler-apache$(APACHEVERSION).conf $(RCONFDIR); \
|
||||
cp -f _example/etc/manager-apache$(APACHEVERSION).conf $(RCONFDIR); \
|
||||
cp -f _example/etc/test-apache$(APACHEVERSION).conf $(RCONFDIR); \
|
||||
cp -f _example/etc/*-apache$(APACHEVERSION).conf $(RCONFDIR); \
|
||||
cp -f _example/etc/*nginx*.conf $(RCONFDIR); \
|
||||
fi
|
||||
@$(PERL) -i -pe 's/__DNSDOMAIN__/$(DNSDOMAIN)/g; \
|
||||
|
@ -736,6 +736,7 @@ install_webserver_conf:
|
|||
s#__PORTALSITEDIR__#$(PORTALSITEDIR)/#g; \
|
||||
s#__PORTALSTATICDIR__#$(PORTALSTATICDIR)/#g; \
|
||||
s#__MANAGERDIR__#$(MANAGERDIR)/#g; \
|
||||
s#__MANAGERAPIDIR__#$(MANAGERAPIDIR)/#g; \
|
||||
s#__MANAGERSITEDIR__#$(MANAGERSITEDIR)/#g; \
|
||||
s#__MANAGERSTATICDIR__#$(MANAGERSTATICDIR)/#g; \
|
||||
s#__TESTDIR__#$(TESTDIR)/#g; \
|
||||
|
@ -749,7 +750,8 @@ install_webserver_conf:
|
|||
install_manager_site: install_conf_dir
|
||||
# Manager install
|
||||
@install -v -d $(RMANAGERDIR) $(RMANAGERSTATICDIR) \
|
||||
$(RMANAGERTEMPLATESDIR)
|
||||
$(RMANAGERTEMPLATESDIR) $(RMANAGERAPIDIR)
|
||||
@cp -pR -f $(SRCMANAGERDIR)/site/api/* $(RMANAGERAPIDIR)
|
||||
@cp -pR -f $(SRCMANAGERDIR)/site/htdocs/manager.* $(RMANAGERSITEDIR)
|
||||
@cp -pR $(SRCMANAGERDIR)/site/htdocs/static/* $(RMANAGERSTATICDIR)
|
||||
@for f in $(SRCMANAGERDIR)/site/templates/*.tpl; do \
|
||||
|
@ -1061,6 +1063,7 @@ debian-dist: clean
|
|||
@cp lemonldap-ng-$(VERSION)/_example/etc/handler-apache2.X.conf lemonldap-ng-$(VERSION)/_example/etc/handler-apache2.conf
|
||||
@cp lemonldap-ng-$(VERSION)/_example/etc/manager-apache2.X.conf lemonldap-ng-$(VERSION)/_example/etc/manager-apache2.conf
|
||||
@cp lemonldap-ng-$(VERSION)/_example/etc/portal-apache2.X.conf lemonldap-ng-$(VERSION)/_example/etc/portal-apache2.conf
|
||||
@cp lemonldap-ng-$(VERSION)/_example/etc/api-apache2.X.conf lemonldap-ng-$(VERSION)/_example/etc/api-apache2.conf
|
||||
@cp lemonldap-ng-$(VERSION)/_example/etc/test-apache2.X.conf lemonldap-ng-$(VERSION)/_example/etc/test-apache2.conf
|
||||
@rm -rf lemonldap-ng-$(VERSION)/lemonldap-ng-$(VERSION)
|
||||
@rm -rf lemonldap-ng-$(VERSION)/node_modules
|
||||
|
|
|
@ -96,9 +96,11 @@
|
|||
"domain" : "__DNSDOMAIN__",
|
||||
"exportedHeaders" : {
|
||||
"test1.__DNSDOMAIN__" : {
|
||||
"Auth-Groups" : "$groups",
|
||||
"Auth-User" : "$uid"
|
||||
},
|
||||
"test2.__DNSDOMAIN__" : {
|
||||
"Auth-Groups" : "$groups",
|
||||
"Auth-User" : "$uid"
|
||||
}
|
||||
},
|
||||
|
@ -120,15 +122,15 @@
|
|||
},
|
||||
"locationRules" : {
|
||||
"auth.__DNSDOMAIN__" : {
|
||||
"(?#checkUser)^/checkuser" : "$uid eq \"dwho\"",
|
||||
"(?#checkUser)^/checkuser" : "inGroup(\"timelords\")",
|
||||
"(?#errors)^/lmerror/" : "accept",
|
||||
"default" : "accept"
|
||||
},
|
||||
"manager.__DNSDOMAIN__" : {
|
||||
"(?#Configuration)^/(.*?\\.(fcgi|psgi)/)?(manager\\.html|confs/|$)" : "$uid eq \"dwho\"",
|
||||
"(?#Notifications)/(.*?\\.(fcgi|psgi)/)?notifications" : "$uid eq \"dwho\" or $uid eq \"rtyler\"",
|
||||
"(?#Sessions)/(.*?\\.(fcgi|psgi)/)?sessions" : "$uid eq \"dwho\" or $uid eq \"rtyler\"",
|
||||
"default" : "$uid eq \"dwho\" or $uid eq \"rtyler\""
|
||||
"(?#Configuration)^/(.*?\\.(fcgi|psgi)/)?(manager\\.html|confs/|$)" : "inGroup(\"timelords\")",
|
||||
"(?#Notifications)/(.*?\\.(fcgi|psgi)/)?notifications" : "inGroup(\"timelords\") or $uid eq \"rtyler\"",
|
||||
"(?#Sessions)/(.*?\\.(fcgi|psgi)/)?sessions" : "inGroup(\"timelords\") or $uid eq \"rtyler\"",
|
||||
"default" : "inGroup(\"timelords\") or $uid eq \"rtyler\""
|
||||
},
|
||||
"test1.__DNSDOMAIN__" : {
|
||||
"^/logout" : "logout_sso",
|
||||
|
|
|
@ -0,0 +1,82 @@
|
|||
#===========================================
|
||||
# Apache configuration for LemonLDAP::NG API
|
||||
#===========================================
|
||||
|
||||
# Uncomment this if no previous NameVirtualHost declaration
|
||||
#NameVirtualHost __VHOSTLISTEN__
|
||||
|
||||
# To insert LLNG user id in Apache logs, declare this format and use it in
|
||||
# CustomLog directive
|
||||
#LogFormat "%v:%p %h %l %{Lm-Remote-User}o %t \"%r\" %>s %O %{Lm-Remote-Custom}o" llng
|
||||
|
||||
# Manager virtual host (manager.__DNSDOMAIN__)
|
||||
<VirtualHost __VHOSTLISTEN__>
|
||||
ServerName manager-api.__DNSDOMAIN__
|
||||
LogLevel notice
|
||||
# See above to set LLNG user id in Apache logs
|
||||
#CustomLog __APACHELOGDIR__/manager-api.log llng
|
||||
#ErrorLog __APACHELOGDIR__/lm_err.log
|
||||
|
||||
# Uncomment this if you are running behind a reverse proxy and want
|
||||
# LemonLDAP::NG to see the real IP address of the end user
|
||||
# Adjust the settings to match the IP address of your reverse proxy
|
||||
# and the header containing the original IP address
|
||||
#
|
||||
#RemoteIPHeader X-Forwarded-For
|
||||
#RemoteIPInternalProxy 127.0.0.1
|
||||
|
||||
|
||||
# FASTCGI CONFIGURATION
|
||||
# ---------------------
|
||||
|
||||
# 1) URI management
|
||||
RewriteEngine on
|
||||
|
||||
# For performances, you can delete the previous RewriteRule line after
|
||||
# puttings html files: simply put the HTML results of differents modules
|
||||
# (configuration, sessions, notifications) as manager.html, sessions.html,
|
||||
# notifications.html and uncomment the 2 following lines:
|
||||
# DirectoryIndex manager.html
|
||||
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
|
||||
|
||||
# REST URLs
|
||||
RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]
|
||||
|
||||
# 2) FastCGI engine
|
||||
|
||||
# You can choose any FastCGI system. Here is an example using mod_fcgid
|
||||
# mod_fcgid configuration
|
||||
FcgidMaxRequestLen 2000000
|
||||
<Files *.fcgi>
|
||||
SetHandler fcgid-script
|
||||
Options +ExecCGI
|
||||
header unset Lm-Remote-User
|
||||
</Files>
|
||||
|
||||
# If you want to use mod_fastcgi, replace lines below by:
|
||||
#FastCgiServer __MANAGERAPIDIR__/api.fcgi
|
||||
|
||||
# GLOBAL CONFIGURATION
|
||||
# --------------------
|
||||
|
||||
DocumentRoot __MANAGERAPIDIR__
|
||||
|
||||
<Location />
|
||||
Require all denied
|
||||
|
||||
<IfModule mod_deflate.c>
|
||||
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
|
||||
SetOutputFilter DEFLATE
|
||||
BrowserMatch ^Mozilla/4 gzip-only-text/html
|
||||
BrowserMatch ^Mozilla/4\.0[678] no-gzip
|
||||
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
|
||||
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
|
||||
</IfModule>
|
||||
<IfModule mod_headers.c>
|
||||
Header append Vary User-Agent env=!dont-vary
|
||||
</IfModule>
|
||||
</Location>
|
||||
|
||||
# Uncomment this if site if you use SSL only
|
||||
#Header set Strict-Transport-Security "max-age=15768000"
|
||||
</VirtualHost>
|
|
@ -0,0 +1,89 @@
|
|||
#====================================================================
|
||||
# Apache configuration for LemonLDAP::NG Manager
|
||||
#====================================================================
|
||||
|
||||
# Uncomment this if no previous NameVirtualHost declaration
|
||||
#NameVirtualHost __VHOSTLISTEN__
|
||||
|
||||
# To insert LLNG user id in Apache logs, declare this format and use it in
|
||||
# CustomLog directive
|
||||
#LogFormat "%v:%p %h %l %{Lm-Remote-User}o %t \"%r\" %>s %O %{Lm-Remote-Custom}o" llng
|
||||
|
||||
# Manager virtual host (manager.__DNSDOMAIN__)
|
||||
<VirtualHost __VHOSTLISTEN__>
|
||||
ServerName manager-api.__DNSDOMAIN__
|
||||
LogLevel notice
|
||||
# See above to set LLNG user id in Apache logs
|
||||
#CustomLog __APACHELOGDIR__/manager-api.log llng
|
||||
#ErrorLog __APACHELOGDIR__/lm_err.log
|
||||
|
||||
# Uncomment this if you are running behind a reverse proxy and want
|
||||
# LemonLDAP::NG to see the real IP address of the end user
|
||||
# Adjust the settings to match the IP address of your reverse proxy
|
||||
# and the header containing the original IP address
|
||||
#
|
||||
#RemoteIPHeader X-Forwarded-For
|
||||
#RemoteIPInternalProxy 127.0.0.1
|
||||
|
||||
|
||||
# FASTCGI CONFIGURATION
|
||||
# ---------------------
|
||||
|
||||
# 1) URI management
|
||||
RewriteEngine on
|
||||
|
||||
# For performances, you can delete the previous RewriteRule line after
|
||||
# puttings html files: simply put the HTML results of differents modules
|
||||
# (configuration, sessions, notifications) as manager.html, sessions.html,
|
||||
# notifications.html and uncomment the 2 following lines:
|
||||
# DirectoryIndex manager.html
|
||||
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
|
||||
|
||||
# REST URLs
|
||||
RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]
|
||||
|
||||
# 2) FastCGI engine
|
||||
|
||||
# You can choose any FastCGI system. Here is an example using mod_fcgid
|
||||
# mod_fcgid configuration
|
||||
FcgidMaxRequestLen 2000000
|
||||
<Files *.fcgi>
|
||||
SetHandler fcgid-script
|
||||
Options +ExecCGI
|
||||
header unset Lm-Remote-User
|
||||
</Files>
|
||||
|
||||
# If you want to use mod_fastcgi, replace lines below by:
|
||||
#FastCgiServer __MANAGERAPIDIR__/manager.fcgi
|
||||
|
||||
# GLOBAL CONFIGURATION
|
||||
# --------------------
|
||||
|
||||
DocumentRoot __MANAGERAPIDIR__
|
||||
|
||||
<Location />
|
||||
<IfVersion >= 2.3>
|
||||
Require all denied
|
||||
</IfVersion>
|
||||
<IfVersion < 2.3>
|
||||
Order Deny,Allow
|
||||
Deny from all
|
||||
</IfVersion>
|
||||
Options +FollowSymLinks
|
||||
|
||||
<IfModule mod_deflate.c>
|
||||
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
|
||||
SetOutputFilter DEFLATE
|
||||
BrowserMatch ^Mozilla/4 gzip-only-text/html
|
||||
BrowserMatch ^Mozilla/4\.0[678] no-gzip
|
||||
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
|
||||
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
|
||||
</IfModule>
|
||||
<IfModule mod_headers.c>
|
||||
Header append Vary User-Agent env=!dont-vary
|
||||
</IfModule>
|
||||
</Location>
|
||||
|
||||
# Uncomment this if site if you use SSL only
|
||||
#Header set Strict-Transport-Security "max-age=15768000"
|
||||
</VirtualHost>
|
|
@ -0,0 +1,83 @@
|
|||
#====================================================================
|
||||
# Apache configuration for LemonLDAP::NG Manager
|
||||
#====================================================================
|
||||
|
||||
# Uncomment this if no previous NameVirtualHost declaration
|
||||
#NameVirtualHost __VHOSTLISTEN__
|
||||
|
||||
# To insert LLNG user id in Apache logs, declare this format and use it in
|
||||
# CustomLog directive
|
||||
#LogFormat "%v:%p %h %l %{Lm-Remote-User}o %t \"%r\" %>s %O %{Lm-Remote-Custom}o" llng
|
||||
|
||||
# Manager virtual host (manager.__DNSDOMAIN__)
|
||||
<VirtualHost __VHOSTLISTEN__>
|
||||
ServerName manager-api.__DNSDOMAIN__
|
||||
LogLevel notice
|
||||
# See above to set LLNG user id in Apache logs
|
||||
#CustomLog __APACHELOGDIR__/manager-api.log llng
|
||||
#ErrorLog __APACHELOGDIR__/lm_err.log
|
||||
|
||||
# Uncomment this if you are running behind a reverse proxy and want
|
||||
# LemonLDAP::NG to see the real IP address of the end user
|
||||
# Adjust the settings to match the IP address of your reverse proxy
|
||||
# and the header containing the original IP address
|
||||
#
|
||||
#RemoteIPHeader X-Forwarded-For
|
||||
#RemoteIPInternalProxy 127.0.0.1
|
||||
|
||||
|
||||
# FASTCGI CONFIGURATION
|
||||
# ---------------------
|
||||
|
||||
# 1) URI management
|
||||
RewriteEngine on
|
||||
|
||||
# For performances, you can delete the previous RewriteRule line after
|
||||
# puttings html files: simply put the HTML results of differents modules
|
||||
# (configuration, sessions, notifications) as manager.html, sessions.html,
|
||||
# notifications.html and uncomment the 2 following lines:
|
||||
# DirectoryIndex manager.html
|
||||
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
|
||||
|
||||
# REST URLs
|
||||
RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]
|
||||
|
||||
# 2) FastCGI engine
|
||||
|
||||
# You can choose any FastCGI system. Here is an example using mod_fcgid
|
||||
# mod_fcgid configuration
|
||||
FcgidMaxRequestLen 2000000
|
||||
<Files *.fcgi>
|
||||
SetHandler fcgid-script
|
||||
Options +ExecCGI
|
||||
header unset Lm-Remote-User
|
||||
</Files>
|
||||
|
||||
# If you want to use mod_fastcgi, replace lines below by:
|
||||
#FastCgiServer __MANAGERAPIDIR__/manager.fcgi
|
||||
|
||||
# GLOBAL CONFIGURATION
|
||||
# --------------------
|
||||
|
||||
DocumentRoot __MANAGERAPIDIR__
|
||||
|
||||
<Location />
|
||||
Order Deny,Allow
|
||||
Deny from all
|
||||
|
||||
<IfModule mod_deflate.c>
|
||||
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
|
||||
SetOutputFilter DEFLATE
|
||||
BrowserMatch ^Mozilla/4 gzip-only-text/html
|
||||
BrowserMatch ^Mozilla/4\.0[678] no-gzip
|
||||
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
|
||||
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
|
||||
</IfModule>
|
||||
<IfModule mod_headers.c>
|
||||
Header append Vary User-Agent env=!dont-vary
|
||||
</IfModule>
|
||||
</Location>
|
||||
|
||||
# Uncomment this if site if you use SSL only
|
||||
#Header set Strict-Transport-Security "max-age=15768000"
|
||||
</VirtualHost>
|
|
@ -0,0 +1,50 @@
|
|||
server {
|
||||
listen __PORT__;
|
||||
server_name manager-api.__DNSDOMAIN__;
|
||||
root __MANAGERAPIDIR__;
|
||||
# Use "lm_app" format to get username in nginx.log (see nginx-lmlog.conf)
|
||||
#access_log /var/log/nginx/manager-api.log lm_app;
|
||||
|
||||
# Uncomment this if you are running behind a reverse proxy and want
|
||||
# LemonLDAP::NG to see the real IP address of the end user
|
||||
# Adjust the settings to match the IP address of your reverse proxy
|
||||
# and the header containing the original IP address
|
||||
# As an alternative, you can use the PROXY protocol
|
||||
#
|
||||
#set_real_ip_from 127.0.0.1;
|
||||
#real_ip_header X-Forwarded-For;
|
||||
|
||||
rewrite ^/(.*)$ /api.psgi/$1 break;
|
||||
|
||||
location ~ ^(?<sc>/.*\.psgi)(?:$|/) {
|
||||
|
||||
# FastCGI configuration
|
||||
include /etc/nginx/fastcgi_params;
|
||||
fastcgi_pass unix:__FASTCGISOCKDIR__/llng-fastcgi.sock;
|
||||
fastcgi_param LLTYPE psgi;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_split_path_info ^(.*\.psgi)(/.*)$;
|
||||
fastcgi_param PATH_INFO $fastcgi_path_info;
|
||||
|
||||
# OR TO USE uWSGI
|
||||
#include /etc/nginx/uwsgi_params;
|
||||
#uwsgi_pass 127.0.0.1:5000;
|
||||
#uwsgi_param LLTYPE psgi;
|
||||
#uwsgi_param SCRIPT_FILENAME $document_root$sc;
|
||||
#uwsgi_param SCRIPT_NAME $sc;
|
||||
|
||||
# Uncomment this if you use https only
|
||||
#add_header Strict-Transport-Security "max-age=15768000";
|
||||
|
||||
# Access control
|
||||
#allow 127.0.0.0/8;
|
||||
deny all;
|
||||
}
|
||||
|
||||
# DEBIAN
|
||||
# If install was made with USEDEBIANLIBS (official releases), uncomment this
|
||||
#location /javascript/ {
|
||||
# alias /usr/share/javascript/;
|
||||
#}
|
||||
|
||||
}
|
|
@ -99,76 +99,3 @@
|
|||
# Uncomment this if site if you use SSL only
|
||||
#Header set Strict-Transport-Security "max-age=15768000"
|
||||
</VirtualHost>
|
||||
|
||||
# API virtual host (manager.__DNSDOMAIN__)
|
||||
<VirtualHost __VHOSTLISTEN__>
|
||||
ServerName api.__DNSDOMAIN__
|
||||
LogLevel notice
|
||||
# See above to set LLNG user id in Apache logs
|
||||
#CustomLog __APACHELOGDIR__/manager.log llng
|
||||
#ErrorLog __APACHELOGDIR__/lm_err.log
|
||||
|
||||
# Uncomment this if you are running behind a reverse proxy and want
|
||||
# LemonLDAP::NG to see the real IP address of the end user
|
||||
# Adjust the settings to match the IP address of your reverse proxy
|
||||
# and the header containing the original IP address
|
||||
#
|
||||
#RemoteIPHeader X-Forwarded-For
|
||||
#RemoteIPInternalProxy 127.0.0.1
|
||||
|
||||
|
||||
# FASTCGI CONFIGURATION
|
||||
# ---------------------
|
||||
|
||||
# 1) URI management
|
||||
RewriteEngine on
|
||||
|
||||
# For performances, you can delete the previous RewriteRule line after
|
||||
# puttings html files: simply put the HTML results of differents modules
|
||||
# (configuration, sessions, notifications) as manager.html, sessions.html,
|
||||
# notifications.html and uncomment the 2 following lines:
|
||||
# DirectoryIndex manager.html
|
||||
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
|
||||
|
||||
# REST URLs
|
||||
RewriteCond "%{REQUEST_URI}" "!^/(?:static|doc|lib|javascript|favicon).*"
|
||||
RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]
|
||||
|
||||
# 2) FastCGI engine
|
||||
|
||||
# You can choose any FastCGI system. Here is an example using mod_fcgid
|
||||
# mod_fcgid configuration
|
||||
FcgidMaxRequestLen 2000000
|
||||
<Files *.fcgi>
|
||||
SetHandler fcgid-script
|
||||
Options +ExecCGI
|
||||
header unset Lm-Remote-User
|
||||
</Files>
|
||||
|
||||
# If you want to use mod_fastcgi, replace lines below by:
|
||||
#FastCgiServer __MANAGERSITEDIR__/manager.fcgi
|
||||
|
||||
# GLOBAL CONFIGURATION
|
||||
# --------------------
|
||||
|
||||
DocumentRoot __MANAGERSITEDIR__
|
||||
|
||||
<Location />
|
||||
Require all denied
|
||||
|
||||
<IfModule mod_deflate.c>
|
||||
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
|
||||
SetOutputFilter DEFLATE
|
||||
BrowserMatch ^Mozilla/4 gzip-only-text/html
|
||||
BrowserMatch ^Mozilla/4\.0[678] no-gzip
|
||||
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
|
||||
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
|
||||
</IfModule>
|
||||
<IfModule mod_headers.c>
|
||||
Header append Vary User-Agent env=!dont-vary
|
||||
</IfModule>
|
||||
</Location>
|
||||
|
||||
# Uncomment this if site if you use SSL only
|
||||
#Header set Strict-Transport-Security "max-age=15768000"
|
||||
</VirtualHost>
|
||||
|
|
|
@ -118,83 +118,3 @@
|
|||
# Uncomment this if site if you use SSL only
|
||||
#Header set Strict-Transport-Security "max-age=15768000"
|
||||
</VirtualHost>
|
||||
|
||||
# API virtual host (manager.__DNSDOMAIN__)
|
||||
<VirtualHost __VHOSTLISTEN__>
|
||||
ServerName api.__DNSDOMAIN__
|
||||
LogLevel notice
|
||||
# See above to set LLNG user id in Apache logs
|
||||
#CustomLog __APACHELOGDIR__/manager.log llng
|
||||
#ErrorLog __APACHELOGDIR__/lm_err.log
|
||||
|
||||
# Uncomment this if you are running behind a reverse proxy and want
|
||||
# LemonLDAP::NG to see the real IP address of the end user
|
||||
# Adjust the settings to match the IP address of your reverse proxy
|
||||
# and the header containing the original IP address
|
||||
#
|
||||
#RemoteIPHeader X-Forwarded-For
|
||||
#RemoteIPInternalProxy 127.0.0.1
|
||||
|
||||
|
||||
# FASTCGI CONFIGURATION
|
||||
# ---------------------
|
||||
|
||||
# 1) URI management
|
||||
RewriteEngine on
|
||||
|
||||
# For performances, you can delete the previous RewriteRule line after
|
||||
# puttings html files: simply put the HTML results of differents modules
|
||||
# (configuration, sessions, notifications) as manager.html, sessions.html,
|
||||
# notifications.html and uncomment the 2 following lines:
|
||||
# DirectoryIndex manager.html
|
||||
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
|
||||
|
||||
# REST URLs
|
||||
RewriteCond "%{REQUEST_URI}" "!^/(?:static|doc|lib|javascript|favicon).*"
|
||||
RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]
|
||||
|
||||
# 2) FastCGI engine
|
||||
|
||||
# You can choose any FastCGI system. Here is an example using mod_fcgid
|
||||
# mod_fcgid configuration
|
||||
FcgidMaxRequestLen 2000000
|
||||
<Files *.fcgi>
|
||||
SetHandler fcgid-script
|
||||
Options +ExecCGI
|
||||
header unset Lm-Remote-User
|
||||
</Files>
|
||||
|
||||
# If you want to use mod_fastcgi, replace lines below by:
|
||||
#FastCgiServer __MANAGERSITEDIR__/manager.fcgi
|
||||
|
||||
# GLOBAL CONFIGURATION
|
||||
# --------------------
|
||||
|
||||
DocumentRoot __MANAGERSITEDIR__
|
||||
|
||||
<Location />
|
||||
<IfVersion >= 2.3>
|
||||
Require all denied
|
||||
</IfVersion>
|
||||
<IfVersion < 2.3>
|
||||
Order Deny,Allow
|
||||
Deny from all
|
||||
</IfVersion>
|
||||
Options +FollowSymLinks
|
||||
|
||||
<IfModule mod_deflate.c>
|
||||
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
|
||||
SetOutputFilter DEFLATE
|
||||
BrowserMatch ^Mozilla/4 gzip-only-text/html
|
||||
BrowserMatch ^Mozilla/4\.0[678] no-gzip
|
||||
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
|
||||
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
|
||||
</IfModule>
|
||||
<IfModule mod_headers.c>
|
||||
Header append Vary User-Agent env=!dont-vary
|
||||
</IfModule>
|
||||
</Location>
|
||||
|
||||
# Uncomment this if site if you use SSL only
|
||||
#Header set Strict-Transport-Security "max-age=15768000"
|
||||
</VirtualHost>
|
||||
|
|
|
@ -102,77 +102,3 @@
|
|||
# Uncomment this if site if you use SSL only
|
||||
#Header set Strict-Transport-Security "max-age=15768000"
|
||||
</VirtualHost>
|
||||
|
||||
# API virtual host (api.__DNSDOMAIN__)
|
||||
<VirtualHost __VHOSTLISTEN__>
|
||||
ServerName api.__DNSDOMAIN__
|
||||
LogLevel notice
|
||||
# See above to set LLNG user id in Apache logs
|
||||
#CustomLog __APACHELOGDIR__/manager.log llng
|
||||
#ErrorLog __APACHELOGDIR__/lm_err.log
|
||||
|
||||
# Uncomment this if you are running behind a reverse proxy and want
|
||||
# LemonLDAP::NG to see the real IP address of the end user
|
||||
# Adjust the settings to match the IP address of your reverse proxy
|
||||
# and the header containing the original IP address
|
||||
#
|
||||
#RemoteIPHeader X-Forwarded-For
|
||||
#RemoteIPInternalProxy 127.0.0.1
|
||||
|
||||
|
||||
# FASTCGI CONFIGURATION
|
||||
# ---------------------
|
||||
|
||||
# 1) URI management
|
||||
RewriteEngine on
|
||||
|
||||
# For performances, you can delete the previous RewriteRule line after
|
||||
# puttings html files: simply put the HTML results of differents modules
|
||||
# (configuration, sessions, notifications) as manager.html, sessions.html,
|
||||
# notifications.html and uncomment the 2 following lines:
|
||||
# DirectoryIndex manager.html
|
||||
# RewriteCond "%{REQUEST_URI}" "!\.html(?:/.*)?$"
|
||||
|
||||
# REST URLs
|
||||
RewriteCond "%{REQUEST_URI}" "!^/(?:static|doc|lib|javascript|favicon).*"
|
||||
RewriteRule "^/(.+)$" "/api.fcgi/$1" [PT]
|
||||
|
||||
# 2) FastCGI engine
|
||||
|
||||
# You can choose any FastCGI system. Here is an example using mod_fcgid
|
||||
# mod_fcgid configuration
|
||||
FcgidMaxRequestLen 2000000
|
||||
<Files *.fcgi>
|
||||
SetHandler fcgid-script
|
||||
Options +ExecCGI
|
||||
header unset Lm-Remote-User
|
||||
</Files>
|
||||
|
||||
# If you want to use mod_fastcgi, replace lines below by:
|
||||
#FastCgiServer __MANAGERSITEDIR__/manager.fcgi
|
||||
|
||||
# GLOBAL CONFIGURATION
|
||||
# --------------------
|
||||
|
||||
DocumentRoot __MANAGERSITEDIR__
|
||||
|
||||
<Location />
|
||||
Order Deny,Allow
|
||||
Deny from all
|
||||
|
||||
<IfModule mod_deflate.c>
|
||||
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
|
||||
SetOutputFilter DEFLATE
|
||||
BrowserMatch ^Mozilla/4 gzip-only-text/html
|
||||
BrowserMatch ^Mozilla/4\.0[678] no-gzip
|
||||
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
|
||||
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
|
||||
</IfModule>
|
||||
<IfModule mod_headers.c>
|
||||
Header append Vary User-Agent env=!dont-vary
|
||||
</IfModule>
|
||||
</Location>
|
||||
|
||||
# Uncomment this if site if you use SSL only
|
||||
#Header set Strict-Transport-Security "max-age=15768000"
|
||||
</VirtualHost>
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
/etc/lemonldap-ng/api-apache2.conf
|
||||
/etc/lemonldap-ng/api-nginx.conf
|
||||
/etc/lemonldap-ng/manager-apache2.conf
|
||||
/etc/lemonldap-ng/manager-nginx.conf
|
||||
/usr/share/man/man3/Lemonldap::NG::Manager*
|
||||
|
|
|
@ -1,2 +1,4 @@
|
|||
/etc/lemonldap-ng/api-apache2.conf /etc/apache2/sites-available/api-apache2.conf
|
||||
/etc/lemonldap-ng/api-nginx.conf /etc/nginx/sites-available/api-nginx.conf
|
||||
/etc/lemonldap-ng/manager-apache2.conf /etc/apache2/sites-available/manager-apache2.conf
|
||||
/etc/lemonldap-ng/manager-nginx.conf /etc/nginx/sites-available/manager-nginx.conf
|
||||
|
|
|
@ -49,7 +49,7 @@ override_dh_auto_install:
|
|||
DEFDOCDIR=/usr/share/doc/lemonldap-ng-doc \
|
||||
UWSGIYAMLDIR=/etc/uwsgi/apps-available \
|
||||
PROD=yes
|
||||
for i in handler portal manager test; do \
|
||||
for i in handler portal manager api test; do \
|
||||
mv $(TMP)/etc/lemonldap-ng/$$i-apache2.X.conf $(TMP)/etc/lemonldap-ng/$$i-apache2.conf; \
|
||||
done
|
||||
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
|
||||
logLevel = debug
|
||||
require = __pwd__/e2e-tests/custom.pm
|
||||
requireDontDie = 0
|
||||
|
||||
[configuration]
|
||||
|
||||
|
@ -46,6 +47,7 @@ viewerAllowBrowser = 1
|
|||
viewerAllowDiff = 1
|
||||
|
||||
staticPrefix = /static
|
||||
instanceName = Demo
|
||||
languages = fr, en, vi, ar, de, it, zh, tr
|
||||
templateDir = __pwd__/lemonldap-ng-manager/site/templates
|
||||
|
||||
|
|
|
@ -18,6 +18,9 @@
|
|||
|
||||
; CUSTOM FUNCTION
|
||||
; If you want to create customFunctions in rules, declare them here:
|
||||
;require = Package
|
||||
; Prevent Portal to crash if Perl module is not found
|
||||
;requireDontDie = 1
|
||||
;customFunctions = function1 function2
|
||||
;customFunctions = Package::func1 Package::func2
|
||||
|
||||
|
@ -368,6 +371,8 @@ protection = manager
|
|||
; staticPrefix: relative (or URL) location of static HTML components
|
||||
staticPrefix = __MANAGERSTATICDIR__
|
||||
;
|
||||
; instanceName: Display current LLNG instance into Manager
|
||||
;instanceName = Demo
|
||||
; location of HTML templates directory
|
||||
templateDir = __MANAGERTEMPLATESDIR__
|
||||
|
||||
|
|
|
@ -304,7 +304,7 @@ sub getLocalConf {
|
|||
$cfg = Config::IniFiles->new( -file => $file, -allowcontinue => 1 );
|
||||
|
||||
unless ( defined $cfg ) {
|
||||
$msg .= "Local config error: " . @Config::IniFiles::errors . "\n";
|
||||
$msg .= "Local config Error: " . @Config::IniFiles::errors . "\n";
|
||||
return $r;
|
||||
}
|
||||
|
||||
|
@ -334,7 +334,7 @@ sub getLocalConf {
|
|||
{
|
||||
eval "\$r->{$_} = $r->{$_}";
|
||||
if ($@) {
|
||||
$msg .= "Warning: error in file $file: $@.\n";
|
||||
$msg .= "Warn: error in file $file: $@.\n";
|
||||
return $r;
|
||||
}
|
||||
}
|
||||
|
@ -356,7 +356,7 @@ sub getLocalConf {
|
|||
if ( $r->{$_} =~ /^[{\[].*[}\]]$/ || $r->{$_} =~ /^sub\s*{.*}$/ ) {
|
||||
eval "\$r->{$_} = $r->{$_}";
|
||||
if ($@) {
|
||||
$msg .= "Warning: error in file $file: $@.\n";
|
||||
$msg .= "Warn: error in file $file: $@.\n";
|
||||
return $r;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -67,7 +67,7 @@ our $issuerParameters = {
|
|||
issuerDBSAML => [qw(issuerDBSAMLActivation issuerDBSAMLPath issuerDBSAMLRule)],
|
||||
issuerOptions => [qw(issuersTimeout)],
|
||||
};
|
||||
our $samlServiceParameters = [qw(samlEntityID samlServicePrivateKeySig samlServicePrivateKeySigPwd samlServicePublicKeySig samlServicePrivateKeyEnc samlServicePrivateKeyEncPwd samlServicePublicKeyEnc samlServiceUseCertificateInResponse samlServiceSignatureMethod samlNameIDFormatMapEmail samlNameIDFormatMapX509 samlNameIDFormatMapWindows samlNameIDFormatMapKerberos samlAuthnContextMapPassword samlAuthnContextMapPasswordProtectedTransport samlAuthnContextMapTLSClient samlAuthnContextMapKerberos samlOrganizationDisplayName samlOrganizationName samlOrganizationURL samlSPSSODescriptorAuthnRequestsSigned samlSPSSODescriptorWantAssertionsSigned samlSPSSODescriptorSingleLogoutServiceHTTPRedirect samlSPSSODescriptorSingleLogoutServiceHTTPPost samlSPSSODescriptorSingleLogoutServiceSOAP samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact samlSPSSODescriptorAssertionConsumerServiceHTTPPost samlSPSSODescriptorArtifactResolutionServiceArtifact samlIDPSSODescriptorWantAuthnRequestsSigned samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect samlIDPSSODescriptorSingleSignOnServiceHTTPPost samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect samlIDPSSODescriptorSingleLogoutServiceHTTPPost samlIDPSSODescriptorSingleLogoutServiceSOAP samlIDPSSODescriptorArtifactResolutionServiceArtifact samlAttributeAuthorityDescriptorAttributeServiceSOAP samlMetadataForceUTF8 samlStorage samlStorageOptions samlRelayStateTimeout samlUseQueryStringSpecific samlCommonDomainCookieActivation samlCommonDomainCookieDomain samlCommonDomainCookieReader samlCommonDomainCookieWriter samlDiscoveryProtocolActivation samlDiscoveryProtocolURL samlDiscoveryProtocolPolicy samlDiscoveryProtocolIsPassive samlOverrideIDPEntityID)];
|
||||
our $samlServiceParameters = [qw(samlEntityID samlServicePrivateKeySig samlServicePrivateKeySigPwd samlServicePublicKeySig samlServicePrivateKeyEnc samlServicePrivateKeyEncPwd samlServicePublicKeyEnc samlServiceUseCertificateInResponse samlServiceSignatureMethod samlNameIDFormatMapEmail samlNameIDFormatMapX509 samlNameIDFormatMapWindows samlNameIDFormatMapKerberos samlAuthnContextMapPassword samlAuthnContextMapPasswordProtectedTransport samlAuthnContextMapTLSClient samlAuthnContextMapKerberos samlOrganizationDisplayName samlOrganizationName samlOrganizationURL samlSPSSODescriptorAuthnRequestsSigned samlSPSSODescriptorWantAssertionsSigned samlSPSSODescriptorSingleLogoutServiceHTTPRedirect samlSPSSODescriptorSingleLogoutServiceHTTPPost samlSPSSODescriptorSingleLogoutServiceSOAP samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact samlSPSSODescriptorAssertionConsumerServiceHTTPPost samlSPSSODescriptorArtifactResolutionServiceArtifact samlIDPSSODescriptorWantAuthnRequestsSigned samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect samlIDPSSODescriptorSingleSignOnServiceHTTPPost samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect samlIDPSSODescriptorSingleLogoutServiceHTTPPost samlIDPSSODescriptorSingleLogoutServiceSOAP samlIDPSSODescriptorArtifactResolutionServiceArtifact samlAttributeAuthorityDescriptorAttributeServiceSOAP samlMetadataForceUTF8 samlRelayStateTimeout samlUseQueryStringSpecific samlOverrideIDPEntityID samlStorage samlStorageOptions samlCommonDomainCookieActivation samlCommonDomainCookieDomain samlCommonDomainCookieReader samlCommonDomainCookieWriter samlDiscoveryProtocolActivation samlDiscoveryProtocolURL samlDiscoveryProtocolPolicy samlDiscoveryProtocolIsPassive)];
|
||||
our $oidcServiceParameters = [qw(oidcServiceMetaDataAuthorizeURI oidcServiceMetaDataTokenURI oidcServiceMetaDataUserInfoURI oidcServiceMetaDataJWKSURI oidcServiceMetaDataRegistrationURI oidcServiceMetaDataIntrospectionURI oidcServiceMetaDataEndSessionURI oidcServiceMetaDataCheckSessionURI oidcServiceMetaDataFrontChannelURI oidcServiceMetaDataBackChannelURI oidcServiceMetaDataAuthnContext oidcServicePrivateKeySig oidcServicePublicKeySig oidcServiceKeyIdSig oidcServiceAllowDynamicRegistration oidcServiceAllowAuthorizationCodeFlow oidcServiceAllowImplicitFlow oidcServiceAllowHybridFlow oidcServiceAuthorizationCodeExpiration oidcServiceAccessTokenExpiration oidcServiceIDTokenExpiration oidcServiceOfflineSessionExpiration oidcStorage oidcStorageOptions oidcServiceDynamicRegistrationExportedVars oidcServiceDynamicRegistrationExtraClaims)];
|
||||
|
||||
1;
|
||||
|
|
|
@ -38,7 +38,7 @@ has notifField => (
|
|||
|
||||
sub BUILD {
|
||||
my $self = shift;
|
||||
$self->extension('xml') if $self->p->conf->{oldNotifFormat};
|
||||
$self->extension('xml') if $self->conf->{oldNotifFormat};
|
||||
$self->logger->debug( 'Use extension "'
|
||||
. $self->extension
|
||||
. '" to store notification files' );
|
||||
|
|
|
@ -18,6 +18,7 @@ has languages => ( is => 'rw', isa => 'Str', default => 'en' );
|
|||
has logLevel => ( is => 'rw', isa => 'Str', default => 'info' );
|
||||
has portal => ( is => 'rw', isa => 'Str' );
|
||||
has staticPrefix => ( is => 'rw', isa => 'Str' );
|
||||
has instanceName => ( is => 'rw', isa => 'Str', default => '' );
|
||||
has templateDir => ( is => 'rw', isa => 'Str|ArrayRef' );
|
||||
has links => ( is => 'rw', isa => 'ArrayRef' );
|
||||
has menuLinks => ( is => 'rw', isa => 'ArrayRef' );
|
||||
|
@ -281,6 +282,7 @@ sub sendHtml {
|
|||
# TODO: warn if STATICPREFIX does not end with '/'
|
||||
$htpl->param(
|
||||
STATIC_PREFIX => $sp,
|
||||
INSTANCE_NAME => $self->instanceName,
|
||||
SCRIPTNAME => $sc,
|
||||
( $self->can('tplParams') ? ( $self->tplParams($req) ) : () ),
|
||||
(
|
||||
|
|
|
@ -219,14 +219,16 @@ sub _session {
|
|||
my $apacheSession = $self->getApacheSession( $mod, $id )
|
||||
or return $self->sendError( $req, undef, 400 );
|
||||
|
||||
my %session = %{ $apacheSession->data };
|
||||
|
||||
my %session = %{ $apacheSession->data };
|
||||
unless ($raw) {
|
||||
my $separator = $self->separator();
|
||||
foreach my $k ( keys %session ) {
|
||||
$session{$k} = '**********'
|
||||
if ( $self->hAttr =~ /\b$k\b/ );
|
||||
$session{$k} = [ split /$self->separator/o, $session{$k} ]
|
||||
if ( $session{$k} =~ /$self->separator/o );
|
||||
if ( $session{$k} =~ /$separator/ ) {
|
||||
$self->logger->debug("Convert \"$k\" value to array");
|
||||
$session{$k} = [ split /$separator/, $session{$k} ];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -108,7 +108,7 @@ sub portalConsts {
|
|||
}
|
||||
|
||||
# EXPORTER PARAMETERS
|
||||
our @EXPORT_OK = ('portalConsts');
|
||||
our @EXPORT_OK = ('portalConsts');
|
||||
our %EXPORT_TAGS = ( 'all' => [ @EXPORT_OK, 'import' ], );
|
||||
|
||||
1;
|
||||
|
|
|
@ -34,8 +34,9 @@ our @builtCustomFunctions;
|
|||
# Build and return the security jail used to compile rules and headers.
|
||||
# @return Safe object
|
||||
sub build_jail {
|
||||
my ( $self, $api, $require ) = @_;
|
||||
|
||||
my ( $self, $api, $require, $dontDie ) = @_;
|
||||
my $build = 1;
|
||||
|
||||
return $self->jail
|
||||
if ( $self->jail
|
||||
and $self->jail->useSafeJail
|
||||
|
@ -53,29 +54,34 @@ sub build_jail {
|
|||
eval { require $f; };
|
||||
}
|
||||
if ($@) {
|
||||
die "Unable to load '$f': $@";
|
||||
$dontDie
|
||||
? $api->logger->error($@)
|
||||
: die "Unable to load '$f': $@";
|
||||
undef $build;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@builtCustomFunctions =
|
||||
$self->customFunctions ? split( /\s+/, $self->customFunctions ) : ();
|
||||
foreach (@builtCustomFunctions) {
|
||||
no warnings 'redefine';
|
||||
$api->logger->debug("Custom function : $_");
|
||||
my $sub = $_;
|
||||
unless (/::/) {
|
||||
$sub = "$self\::$_";
|
||||
}
|
||||
else {
|
||||
s/^.*:://;
|
||||
}
|
||||
next if ( $self->can($_) );
|
||||
eval "sub $_ {
|
||||
if ($build) {
|
||||
@builtCustomFunctions =
|
||||
$self->customFunctions ? split( /\s+/, $self->customFunctions ) : ();
|
||||
foreach (@builtCustomFunctions) {
|
||||
no warnings 'redefine';
|
||||
$api->logger->debug("Custom function : $_");
|
||||
my $sub = $_;
|
||||
unless (/::/) {
|
||||
$sub = "$self\::$_";
|
||||
}
|
||||
else {
|
||||
s/^.*:://;
|
||||
}
|
||||
next if ( $self->can($_) );
|
||||
eval "sub $_ {
|
||||
return $sub(\@_)
|
||||
}";
|
||||
$api->logger->error($@) if ($@);
|
||||
$_ = "&$_";
|
||||
$api->logger->error($@) if ($@);
|
||||
$_ = "&$_";
|
||||
}
|
||||
}
|
||||
|
||||
if ( $self->useSafeJail ) {
|
||||
|
|
|
@ -185,7 +185,7 @@ sub jailInit {
|
|||
multiValuesSeparator => $conf->{multiValuesSeparator},
|
||||
}
|
||||
);
|
||||
$class->tsv->{jail}->build_jail( $class, $conf->{require} );
|
||||
$class->tsv->{jail}->build_jail( $class, $conf->{require}, $conf->{requireDontDie} );
|
||||
}
|
||||
|
||||
## @imethod protected void defaultValuesInit(hashRef args)
|
||||
|
@ -597,7 +597,7 @@ sub substitute {
|
|||
$expr =~ s/\bskip\b/q\{999_SKIP\}/g;
|
||||
|
||||
# handle inGroup
|
||||
$expr =~ s/\binGroup\(([^)]*)\)/listMatch(\$s->{'hGroups'},\1,1),/g;
|
||||
$expr =~ s/\binGroup\(([^)]*)\)/listMatch(\$s->{'hGroups'},$1,1),/g;
|
||||
|
||||
return $expr;
|
||||
}
|
||||
|
|
|
@ -46,7 +46,8 @@ site/coffee/notifications.coffee
|
|||
site/coffee/sessions.coffee
|
||||
site/coffee/viewDiff.coffee
|
||||
site/coffee/viewer.coffee
|
||||
site/htdocs/api.fcgi
|
||||
site/api/api.fcgi
|
||||
site/api/api.psgi
|
||||
site/htdocs/manager.fcgi
|
||||
site/htdocs/manager.psgi
|
||||
site/htdocs/static/bwr/angular-animate/angular-animate.js
|
||||
|
|
|
@ -148,8 +148,7 @@ sub _get2F {
|
|||
'_session_uid', $uid );
|
||||
|
||||
foreach ( keys %$psessions ) {
|
||||
my $devices =
|
||||
from_json( $psessions->{$_}->{_2fDevices}, { allow_nonref => 1 } );
|
||||
my $devices = $self->_getDevicesFromSessionData( $psessions->{$_} );
|
||||
foreach my $device ( @{$devices} ) {
|
||||
$self->logger->debug(
|
||||
"Check device [epoch=$device->{epoch}, type=$device->{type}, name=$device->{name}]"
|
||||
|
@ -234,9 +233,8 @@ sub _delete2FFromSessions {
|
|||
"Looking for 2F Device(s) attached to sessionId $_");
|
||||
|
||||
if ( $session->data->{_2fDevices} ) {
|
||||
$devices =
|
||||
from_json( $session->data->{_2fDevices}, { allow_nonref => 1 } );
|
||||
$total = scalar @$devices;
|
||||
$devices = $self->_getDevicesFromSessionData( $session->data );
|
||||
$total = scalar @$devices;
|
||||
|
||||
$self->logger->debug(
|
||||
"Found $total 2F devices attached to sessionId $_");
|
||||
|
@ -329,6 +327,27 @@ sub _delete2F {
|
|||
};
|
||||
}
|
||||
|
||||
sub _getDevicesFromSessionData {
|
||||
my ( $self, $sessiondata ) = @_;
|
||||
if ( $sessiondata->{_2fDevices} ) {
|
||||
my $devices;
|
||||
eval { $devices = from_json( $sessiondata->{_2fDevices} ); };
|
||||
if ($@) {
|
||||
$self->logger->warn("Error deserializing _2fDevices: $@");
|
||||
}
|
||||
else {
|
||||
if ( ref($devices) eq "ARRAY" ) {
|
||||
return $devices;
|
||||
}
|
||||
else {
|
||||
$self->logger->warn(
|
||||
"Error deserializing _2fDevices: not a JSON Array");
|
||||
}
|
||||
}
|
||||
}
|
||||
return [];
|
||||
}
|
||||
|
||||
sub _checkType {
|
||||
my ( $self, $type ) = @_;
|
||||
|
||||
|
|
|
@ -142,7 +142,7 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-
|
|||
eval {
|
||||
do {
|
||||
qr/$_[0]/;
|
||||
}
|
||||
}
|
||||
};
|
||||
return $@ ? ( 0, "__badRegexp__: $@" ) : 1;
|
||||
}
|
||||
|
@ -150,7 +150,7 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-
|
|||
'PerlModule' => {
|
||||
'form' => 'text',
|
||||
'msgFail' => '__badPerlPackageName__',
|
||||
'test' => qr/^[a-zA-Z][a-zA-Z0-9]*(?:::[a-zA-Z][a-zA-Z0-9]*)*$/
|
||||
'test' => qr/^(?:[a-zA-Z][a-zA-Z0-9]*)*(?:::[a-zA-Z][a-zA-Z0-9]*)*$/
|
||||
},
|
||||
'portalskin' => {
|
||||
'test' => sub {
|
||||
|
@ -223,8 +223,7 @@ m[^(?:(?:\-+\s*BEGIN\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\
|
|||
},
|
||||
'select' => {
|
||||
'test' => sub {
|
||||
my $test =
|
||||
grep( { $_ eq $_[0]; }
|
||||
my $test = grep( { $_ eq $_[0]; }
|
||||
map( { $_->{'k'}; } @{ $_[2]{'select'}; } ) );
|
||||
return $test
|
||||
? 1
|
||||
|
@ -1714,7 +1713,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
|
|||
eval {
|
||||
do {
|
||||
qr/$_[0]/;
|
||||
}
|
||||
}
|
||||
};
|
||||
return $@ ? 0 : 1;
|
||||
},
|
||||
|
|
|
@ -55,7 +55,7 @@ sub types {
|
|||
},
|
||||
PerlModule => {
|
||||
form => 'text',
|
||||
test => qr/^[a-zA-Z][a-zA-Z0-9]*(?:::[a-zA-Z][a-zA-Z0-9]*)*$/,
|
||||
test => qr/^(?:[a-zA-Z][a-zA-Z0-9]*)*(?:::[a-zA-Z][a-zA-Z0-9]*)*$/,
|
||||
msgFail => '__badPerlPackageName__',
|
||||
},
|
||||
hostname => {
|
||||
|
|
|
@ -1163,10 +1163,11 @@ sub tree {
|
|||
help => 'samlservice.html#advanced',
|
||||
nodes => [
|
||||
'samlMetadataForceUTF8',
|
||||
'samlStorage',
|
||||
'samlStorageOptions',
|
||||
'samlRelayStateTimeout',
|
||||
'samlUseQueryStringSpecific',
|
||||
'samlOverrideIDPEntityID',
|
||||
'samlStorage',
|
||||
'samlStorageOptions',
|
||||
{
|
||||
title => 'samlCommonDomainCookie',
|
||||
form => 'simpleInputContainer',
|
||||
|
@ -1187,7 +1188,6 @@ sub tree {
|
|||
'samlDiscoveryProtocolIsPassive'
|
||||
]
|
||||
},
|
||||
'samlOverrideIDPEntityID',
|
||||
]
|
||||
}
|
||||
]
|
||||
|
|
|
@ -136,10 +136,12 @@ sub zeroConf {
|
|||
'groups' => {},
|
||||
'exportedHeaders' => {
|
||||
"test1.$domain" => {
|
||||
'Auth-User' => '$uid'
|
||||
'Auth-User' => '$uid',
|
||||
'Auth-Groups' => '$groups'
|
||||
},
|
||||
"test2.$domain" => {
|
||||
'Auth-User' => '$uid'
|
||||
'Auth-User' => '$uid',
|
||||
'Auth-Groups' => '$groups'
|
||||
}
|
||||
},
|
||||
'registerDB' => 'Demo',
|
||||
|
@ -148,7 +150,7 @@ sub zeroConf {
|
|||
'notificationStorage' => 'File',
|
||||
'locationRules' => {
|
||||
"auth.$domain" => {
|
||||
'(?#checkUser)^/checkuser' => '$uid eq "dwho"',
|
||||
'(?#checkUser)^/checkuser' => 'inGroup("timelords")',
|
||||
'(?#errors)^/lmerror/' => 'accept',
|
||||
'default' => 'accept'
|
||||
},
|
||||
|
@ -161,13 +163,13 @@ sub zeroConf {
|
|||
'^/logout' => 'logout_sso'
|
||||
},
|
||||
"manager.$domain" => {
|
||||
'default' => '$uid eq "dwho" or $uid eq "rtyler"',
|
||||
'default' => 'inGroup("timelords") or $uid eq "rtyler"',
|
||||
'(?#Configuration)^/(.*?\.(fcgi|psgi)/)?(manager\.html|confs/|$)'
|
||||
=> '$uid eq "dwho"',
|
||||
=> 'inGroup("timelords")',
|
||||
'(?#Sessions)/(.*?\.(fcgi|psgi)/)?sessions' =>
|
||||
'$uid eq "dwho" or $uid eq "rtyler"',
|
||||
'inGroup("timelords") or $uid eq "rtyler"',
|
||||
'(?#Notifications)/(.*?\.(fcgi|psgi)/)?notifications' =>
|
||||
'$uid eq "dwho" or $uid eq "rtyler"',
|
||||
'inGroup("timelords") or $uid eq "rtyler"',
|
||||
}
|
||||
},
|
||||
'whatToTrace' => '_whatToTrace',
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
#!/usr/bin/perl
|
||||
|
||||
use Lemonldap::NG::Manager;
|
||||
|
||||
Lemonldap::NG::Manager->run(
|
||||
{ enabledModules => "api", protection => "none" } );
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -449,6 +449,7 @@
|
|||
"logParams":"سجلات",
|
||||
"lwpOpts":"خيارات لطلبات الخادم",
|
||||
"lwpSslOpts":"خيارات سسل لطلبات الخادم",
|
||||
"instance":"Instance",
|
||||
"macros":"ماكرو",
|
||||
"mail2f":"Mail second factor",
|
||||
"mail2fActivation":"تفعيل",
|
||||
|
|
|
@ -449,6 +449,7 @@
|
|||
"logParams":"Logs",
|
||||
"lwpOpts":"Options for server requests",
|
||||
"lwpSslOpts":"SSL options for server requests",
|
||||
"instance":"Instance",
|
||||
"macros":"Macros",
|
||||
"mail2f":"Mail second factor",
|
||||
"mail2fActivation":"Activation",
|
||||
|
|
|
@ -449,6 +449,7 @@
|
|||
"logParams":"Logs",
|
||||
"lwpOpts":"Options for server requests",
|
||||
"lwpSslOpts":"SSL options for server requests",
|
||||
"instance":"Instance",
|
||||
"macros":"Macros",
|
||||
"mail2f":"Mail second factor",
|
||||
"mail2fActivation":"Activation",
|
||||
|
|
|
@ -449,6 +449,7 @@
|
|||
"logParams":"Journalisation",
|
||||
"lwpOpts":"Options pour les requêtes serveur",
|
||||
"lwpSslOpts":"Options SSL pour les requêtes serveur",
|
||||
"instance":"Instance",
|
||||
"macros":"Macros",
|
||||
"mail2f":"Second facteur par mail",
|
||||
"mail2fActivation":"Activation",
|
||||
|
|
|
@ -449,6 +449,7 @@
|
|||
"logParams":"Logs",
|
||||
"lwpOpts":"Opzioni per le richieste del server",
|
||||
"lwpSslOpts":"Opzioni SSL per le richieste del server",
|
||||
"instance":"Instance",
|
||||
"macros":"Macro",
|
||||
"mail2f":"Mail secondo fattore",
|
||||
"mail2fActivation":"Attivazione",
|
||||
|
|
|
@ -144,13 +144,13 @@
|
|||
"casStorageOptions":"CAS oturumları modül seçenekleri",
|
||||
"categoryName":"Kategori ismi",
|
||||
"cda":"Çoklu alan adları",
|
||||
"certificateMailContent":"Mail content",
|
||||
"certificateMailContent":"Mail içeriği",
|
||||
"certificateResetByMailManagement":"Certificate management",
|
||||
"certificateResetByMailURL":"Sayfa URL'sini sıfırla",
|
||||
"certificateResetByMailCeaAttribute":"Certificate CEA attibute",
|
||||
"certificateResetByMailCertificateAttribute":"Certificate attribute name",
|
||||
"certificateResetByMailStep1Subject":"Reset mail subject",
|
||||
"certificateResetByMailStep1Body":"Reset mail content",
|
||||
"certificateResetByMailStep1Subject":"Mail başlığını sıfırla",
|
||||
"certificateResetByMailStep1Body":"Mail içeriğini sıfırla",
|
||||
"certificateResetByMailStep2Subject":"Doğrulama e-postası konusu",
|
||||
"certificateResetByMailStep2Body":"Doğrulama e-postası içeriği",
|
||||
"certificateResetByMailValidityDelay":"Minimum duration before expiration",
|
||||
|
@ -177,7 +177,7 @@
|
|||
"corsAllow_Origin":"Access-Control-Allow-Origin",
|
||||
"corsExpose_Headers":"Access-Control-Expose-Headers",
|
||||
"corsMax_Age":"Access-Control-Max-Age",
|
||||
"cfgLog":"Summary",
|
||||
"cfgLog":"Özet",
|
||||
"cfgVersion":"Yapılandırma sürümü",
|
||||
"checkXSS":"XSS saldırılarını kontrol et",
|
||||
"clickHereToForce":"Zorlamak için buraya tıklayın",
|
||||
|
@ -449,6 +449,7 @@
|
|||
"logParams":"Günlükler",
|
||||
"lwpOpts":"Sunucu istekleri için seçenekler",
|
||||
"lwpSslOpts":"Sunucu istekleri için SSL seçenekleri",
|
||||
"instance":"Instance",
|
||||
"macros":"Makrolar",
|
||||
"mail2f":"E-posta ile ikinci faktör",
|
||||
"mail2fActivation":"Aktivasyon",
|
||||
|
@ -868,18 +869,18 @@
|
|||
"stayConnected":"Kalıcı bağlantılar",
|
||||
"successfullySaved":"Başarıyla kaydedildi",
|
||||
"storePassword":"Kullanıcı parolasını oturumda sakla",
|
||||
"subtitle":"Subtitle",
|
||||
"subtitle":"Altyazı",
|
||||
"successLoginNumber":"Kayıtlı girişlerin sayısı",
|
||||
"sympaHandler":"Sympa",
|
||||
"sympaMailKey":"E-posta oturum anahtarı",
|
||||
"sympaSecret":"Paylaşılan sır",
|
||||
"syntaxError":"Söz Dizimi Hatası",
|
||||
"syslog":"Sistem günlüğü imkanı",
|
||||
"text":"Text",
|
||||
"text":"Metin",
|
||||
"timeout":"Oturum zaman aşımı",
|
||||
"timeoutActivity":"Oturum aktivitesi zaman aşımı",
|
||||
"timeoutActivityInterval":"Oturum güncellenme sıklığı",
|
||||
"title":"Title",
|
||||
"title":"Başlık",
|
||||
"tokenUseGlobalStorage":"Global depolamayı kullan",
|
||||
"totp2f":"TOTP",
|
||||
"totp2fActivation":"Aktivasyon",
|
||||
|
|
|
@ -449,6 +449,7 @@
|
|||
"logParams":"Nhật ký",
|
||||
"lwpOpts":"Tùy chọn cho yêu cầu máy chủ",
|
||||
"lwpSslOpts":"Tùy chọn SSL cho yêu cầu máy chủ",
|
||||
"instance":"Instance",
|
||||
"macros":"Macros",
|
||||
"mail2f":"Mail second factor",
|
||||
"mail2fActivation":"Kích hoạt",
|
||||
|
|
|
@ -449,6 +449,7 @@
|
|||
"logParams":"日志",
|
||||
"lwpOpts":"Options for server requests",
|
||||
"lwpSslOpts":"SSL options for server requests",
|
||||
"instance":"Instance",
|
||||
"macros":"Macros",
|
||||
"mail2f":"Mail second factor",
|
||||
"mail2fActivation":"激活",
|
||||
|
|
File diff suppressed because one or more lines are too long
|
@ -58,6 +58,25 @@
|
|||
|
||||
<!-- Right(main) div -->
|
||||
<div id="right" class="col-lg-8 col-md-8 col-sm-7 col-xs-12 scrollable" ng-class="{'hidden-xs':showT&&!showM}">
|
||||
<span class="visible-xs">
|
||||
<div ng-if="currentSession" class="lmmenu navbar navbar-default" ng-class="{'hidden-xs':!showM}">
|
||||
<div class="navbar-collapse" ng-class="{'collapse':!showM}" id="formmenu">
|
||||
<ul class="nav navbar-nav">
|
||||
<li uib-dropdown class="visible-xs">
|
||||
<a id="langmenu" name="menu" uib-dropdown-toggle data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Menu <span class="caret"></span></a>
|
||||
<ul uib-dropdown-menu aria-labelled-by="langmenu" role="grid">
|
||||
<li ng-repeat="link in links"><a href="{{link.target}}" role="row"><i ng-if="link.icon" class="glyphicon glyphicon-{{link.icon}}"></i> {{translate(link.title)}}</a></li>
|
||||
<li ng-repeat="menulink in menulinks"><a href="{{menulink.target}}" role="row"><i ng-if="menulink.icon" class="glyphicon glyphicon-{{menulink.icon}}"></i> {{translate(menulink.title)}}</a></li>
|
||||
<li ng-include="'languages.html'"></li>
|
||||
<TMPL_IF NAME="INSTANCE_NAME">
|
||||
<li><a href="https://lemonldap-ng.org"><TMPL_VAR NAME="INSTANCE_NAME"></a></li>
|
||||
</TMPL_IF>
|
||||
</ul>
|
||||
</li>
|
||||
</ul>
|
||||
</div>
|
||||
</div>
|
||||
</span>
|
||||
<div class="panel panel-default" ng-hide="currentSession===null">
|
||||
<div class="panel-heading">
|
||||
<h1 class="panel-title text-center">{{translate("sessionTitle")}} {{currentSession.id}}</h1>
|
||||
|
|
|
@ -63,6 +63,25 @@
|
|||
|
||||
<!-- Right div -->
|
||||
<div id="right" class="col-lg-8 col-md-8 col-sm-7 col-xs-12 scrollable" ng-class="{'hidden-xs':showT&&!showM}">
|
||||
<span class="visible-xs">
|
||||
<div ng-if="currentNode" class="lmmenu navbar navbar-default" ng-class="{'hidden-xs':!showM}">
|
||||
<div class="navbar-collapse" ng-class="{'collapse':!showM}" id="formmenu">
|
||||
<ul class="nav navbar-nav">
|
||||
<li uib-dropdown class="visible-xs">
|
||||
<a id="langmenu" name="menu" uib-dropdown-toggle data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Menu <span class="caret"></span></a>
|
||||
<ul uib-dropdown-menu aria-labelled-by="langmenu" role="grid">
|
||||
<li ng-repeat="link in links"><a href="{{link.target}}" role="row"><i ng-if="link.icon" class="glyphicon glyphicon-{{link.icon}}"></i> {{translate(link.title)}}</a></li>
|
||||
<li ng-repeat="menulink in menulinks"><a href="{{menulink.target}}" role="row"><i ng-if="menulink.icon" class="glyphicon glyphicon-{{menulink.icon}}"></i> {{translate(menulink.title)}}</a></li>
|
||||
<li ng-include="'languages.html'"></li>
|
||||
<TMPL_IF NAME="INSTANCE_NAME">
|
||||
<li><a href="https://lemonldap-ng.org"><TMPL_VAR NAME="INSTANCE_NAME"></a></li>
|
||||
</TMPL_IF>
|
||||
</ul>
|
||||
</li>
|
||||
</ul>
|
||||
</div>
|
||||
</div>
|
||||
</span>
|
||||
<h2 ng-if="message">{{message}}</h2>
|
||||
<div class="panel panel-default" ng-if="currentNode">
|
||||
<div class="panel-heading">
|
||||
|
|
|
@ -47,6 +47,9 @@
|
|||
<li ng-repeat="link in links"><a href="{{link.target}}" role="row"><i ng-if="link.icon" class="glyphicon glyphicon-{{link.icon}}"></i> {{translate(link.title)}}</a></li>
|
||||
<li ng-repeat="menulink in menulinks"><a href="{{menulink.target}}" role="row"><i ng-if="menulink.icon" class="glyphicon glyphicon-{{menulink.icon}}"></i> {{translate(menulink.title)}}</a></li>
|
||||
<li ng-include="'languages.html'"></li>
|
||||
<TMPL_IF NAME="INSTANCE_NAME">
|
||||
<li><a href="https://lemonldap-ng.org"><TMPL_VAR NAME="INSTANCE_NAME"></a></li>
|
||||
</TMPL_IF>
|
||||
</ul>
|
||||
</li>
|
||||
</ul>
|
||||
|
|
|
@ -5,8 +5,8 @@
|
|||
<!-- XS buttons -->
|
||||
<div class="navbar-header">
|
||||
<span class="navbar-brand">
|
||||
<img ng-click="home()" class="link hidden-xs" width="88px" height="32px" src="<TMPL_VAR NAME="STATIC_PREFIX">logos/llng-logo-32.png"/>
|
||||
<img ng-click="home()" class="link visible-xs" width="32px" height="32px" src="<TMPL_VAR NAME="STATIC_PREFIX">logos/llng-icon-32.png"/>
|
||||
<img ng-click="home()" class="link hidden-xs" width="88px" height="32px" title="<TMPL_VAR NAME="INSTANCE_NAME">" src="<TMPL_VAR NAME="STATIC_PREFIX">logos/llng-logo-32.png"/>
|
||||
<img ng-click="home()" class="link visible-xs" width="32px" height="32px" title="<TMPL_VAR NAME="INSTANCE_NAME">" src="<TMPL_VAR NAME="STATIC_PREFIX">logos/llng-icon-32.png"/>
|
||||
</span>
|
||||
<button type="button" class="navbar-toggle" ng-click="showM=!showM">
|
||||
<span class="sr-only">Toggle navigation</span>
|
||||
|
@ -22,6 +22,7 @@
|
|||
</div>
|
||||
<ul class="hidden-xs nav navbar-nav" role="grid">
|
||||
<li ng-repeat="l in links" id="l in links"><a href="{{l.target}}" role="row"><strong><i ng-if="activeModule == l.title" ng-style="myStyle" class="glyphicon glyphicon-{{l.icon}}"></i><i ng-if="activeModule != l.title" class="glyphicon glyphicon-{{l.icon}}" ng-style="clickStyle"></i> <span ng-if="activeModule == l.title" ng-style="myStyle" ng-bind="translate(l.title)"></span><span ng-if="activeModule != l.title" ng-bind="translate(l.title)" ng-style="clickStyle"></span></strong></a></li>
|
||||
|
||||
</ul>
|
||||
<ul class="hidden-xs nav navbar-nav navbar-right">
|
||||
<li uib-dropdown>
|
||||
|
@ -34,6 +35,11 @@
|
|||
<li role="separator" class="divider"></li>
|
||||
<li class="dropdown-header"><span ng-bind="translate('version')"></span></li>
|
||||
<li><a href="https://lemonldap-ng.org/team" name="version"><TMPL_VAR NAME="VERSION"></a></li>
|
||||
<TMPL_IF NAME="INSTANCE_NAME">
|
||||
<li role="separator" class="divider"></li>
|
||||
<li class="dropdown-header"><span ng-bind="translate('instance')"></span></li>
|
||||
<li><a href="https://lemonldap-ng.org"><TMPL_VAR NAME="INSTANCE_NAME"></a></li>
|
||||
</TMPL_IF>
|
||||
</ul>
|
||||
</li>
|
||||
</ul>
|
||||
|
|
|
@ -50,6 +50,9 @@
|
|||
<li ng-repeat="link in links"><a href="{{link.target}}" role="row"><i ng-if="link.icon" class="glyphicon glyphicon-{{link.icon}}"></i> {{translate(link.title)}}</a></li>
|
||||
<li ng-repeat="menulink in menulinks"><a href="{{menulink.target}}" role="row"><i ng-if="menulink.icon" class="glyphicon glyphicon-{{menulink.icon}}"></i> {{translate(menulink.title)}}</a></li>
|
||||
<li ng-include="'languages.html'"></li>
|
||||
<TMPL_IF NAME="INSTANCE_NAME">
|
||||
<li><a href="https://lemonldap-ng.org"><TMPL_VAR NAME="INSTANCE_NAME"></a></li>
|
||||
</TMPL_IF>
|
||||
</ul>
|
||||
</li>
|
||||
</ul>
|
||||
|
|
|
@ -60,6 +60,9 @@
|
|||
<li ng-repeat="link in links"><a href="{{link.target}}" role="row"><i ng-if="link.icon" class="glyphicon glyphicon-{{link.icon}}"></i> {{translate(link.title)}}</a></li>
|
||||
<li ng-repeat="menulink in menulinks"><a href="{{menulink.target}}" role="row"><i ng-if="menulink.icon" class="glyphicon glyphicon-{{menulink.icon}}"></i> {{translate(menulink.title)}}</a></li>
|
||||
<li ng-include="'languages.html'"></li>
|
||||
<TMPL_IF NAME="INSTANCE_NAME">
|
||||
<li><a href="https://lemonldap-ng.org"><TMPL_VAR NAME="INSTANCE_NAME"></a></li>
|
||||
</TMPL_IF>
|
||||
</ul>
|
||||
</li>
|
||||
</ul>
|
||||
|
|
|
@ -41,6 +41,9 @@
|
|||
<li ng-repeat="link in links"><a href="{{link.target}}" role="row"><i ng-if="link.icon" class="glyphicon glyphicon-{{link.icon}}"></i> {{translate(link.title)}}</a></li>
|
||||
<li ng-repeat="menulink in menulinks"><a href="{{menulink.target}}" role="row"><i ng-if="menulink.icon" class="glyphicon glyphicon-{{menulink.icon}}"></i> {{translate(menulink.title)}}</a></li>
|
||||
<li ng-include="'languages.html'"></li>
|
||||
<TMPL_IF NAME="INSTANCE_NAME">
|
||||
<li><a href="https://lemonldap-ng.org"><TMPL_VAR NAME="INSTANCE_NAME"></a></li>
|
||||
</TMPL_IF>
|
||||
</ul>
|
||||
</li>
|
||||
<li>
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -215,6 +215,9 @@ sub userBind {
|
|||
|
||||
# Get expiration warning and graces
|
||||
if ( $resp->grace_authentications_remaining ) {
|
||||
$self->{portal}->logger->debug(
|
||||
"LDAP password policy - grace authentications remaining: "
|
||||
. $resp->grace_authentications_remaining );
|
||||
$req->info(
|
||||
$self->{portal}->loadTemplate(
|
||||
$req,
|
||||
|
@ -227,14 +230,20 @@ sub userBind {
|
|||
}
|
||||
|
||||
if ( $resp->time_before_expiration ) {
|
||||
$self->{portal}->logger->debug(
|
||||
"LDAP password policy - time before expiration: "
|
||||
. $resp->time_before_expiration );
|
||||
$req->info(
|
||||
$self->{portal}->loadTemplate(
|
||||
$req,
|
||||
'simpleInfo',
|
||||
params => {
|
||||
trspan => 'authRemaining,'
|
||||
. $self->convertSec(
|
||||
$resp->time_before_expiration
|
||||
trspan => 'pwdWillExpire,'
|
||||
. join(
|
||||
',',
|
||||
$self->convertSec(
|
||||
$resp->time_before_expiration
|
||||
)
|
||||
)
|
||||
}
|
||||
)
|
||||
|
|
|
@ -32,7 +32,10 @@ sub checkForNotifications {
|
|||
my $uid = $req->sessionInfo->{ $self->notifObject->notifField };
|
||||
my ( $notifs, $forUser ) = $self->notifObject->getNotifications($uid);
|
||||
my $form;
|
||||
return 0 unless ($notifs);
|
||||
unless ($notifs) {
|
||||
$self->logger->info("No notification found");
|
||||
return 0;
|
||||
};
|
||||
|
||||
# Transform notifications
|
||||
my $i = 0; # Files count
|
||||
|
@ -119,7 +122,10 @@ sub viewNotification {
|
|||
my ( $notifs, $forUser ) =
|
||||
$self->notifObject->getAcceptedNotifs( $uid, $ref );
|
||||
my $form;
|
||||
return 0 unless ($notifs);
|
||||
unless ($notifs) {
|
||||
$self->logger->info("No accepted notification found");
|
||||
return 0;
|
||||
};
|
||||
|
||||
# Transform notifications
|
||||
my $i = 0; # Files count
|
||||
|
|
|
@ -63,7 +63,10 @@ sub checkForNotifications {
|
|||
my $uid = $req->sessionInfo->{ $self->notifObject->notifField };
|
||||
my ( $notifs, $forUser ) = $self->notifObject->getNotifications($uid);
|
||||
my $form;
|
||||
return 0 unless ($notifs);
|
||||
unless ($notifs) {
|
||||
$self->logger->info("No notification found");
|
||||
return 0;
|
||||
};
|
||||
|
||||
# Transform notifications
|
||||
my $i = 0; # Files count
|
||||
|
@ -167,7 +170,10 @@ sub viewNotification {
|
|||
my ( $notifs, $forUser ) =
|
||||
$self->notifObject->getAcceptedNotifs( $uid, $ref );
|
||||
my $form;
|
||||
return 0 unless ($notifs);
|
||||
unless ($notifs) {
|
||||
$self->logger->info("No accepted notification found");
|
||||
return 0;
|
||||
};
|
||||
|
||||
# Transform notifications
|
||||
my $i = 0; # Files count
|
||||
|
|
|
@ -383,6 +383,11 @@ sub buildHybridAuthnResponse {
|
|||
? ( token_type => 'bearer', access_token => $access_token )
|
||||
: ()
|
||||
),
|
||||
(
|
||||
$id_token
|
||||
? ( id_token => $id_token )
|
||||
: ()
|
||||
),
|
||||
( $expires_in ? ( expires_in => $expires_in ) : () ),
|
||||
( $state ? ( state => $state ) : () ),
|
||||
( $session_state ? ( session_state => $session_state ) : () )
|
||||
|
|
|
@ -284,7 +284,7 @@ sub loadIDPs {
|
|||
|
||||
# Set encryption mode
|
||||
my $encryption_mode = $self->conf->{samlIDPMetaDataOptions}->{$_}
|
||||
->{samlIDPMetaDataOptionsEncryptionMode};
|
||||
->{samlIDPMetaDataOptionsEncryptionMode} || "none";
|
||||
my $lasso_encryption_mode = $self->getEncryptionMode($encryption_mode);
|
||||
|
||||
unless (
|
||||
|
@ -390,7 +390,7 @@ sub loadSPs {
|
|||
|
||||
# Set encryption mode
|
||||
my $encryption_mode = $self->conf->{samlSPMetaDataOptions}->{$_}
|
||||
->{samlSPMetaDataOptionsEncryptionMode};
|
||||
->{samlSPMetaDataOptionsEncryptionMode} || "none";
|
||||
my $lasso_encryption_mode = $self->getEncryptionMode($encryption_mode);
|
||||
|
||||
unless (
|
||||
|
|
|
@ -123,7 +123,13 @@ sub init {
|
|||
Lemonldap::NG::Handler::Main->onReload( $self, 'reloadConf' );
|
||||
|
||||
# Handler::PSGI::Try initialization
|
||||
return 0 unless ( $self->SUPER::init( $self->localConfig ) );
|
||||
unless ( $self->SUPER::init( $self->localConfig ) ) {
|
||||
$self->logger->error( 'Initialization failed: ' . $self->error );
|
||||
$self->error(
|
||||
"Initialization failed! Enable debug logs, reload your web server and catch main error..."
|
||||
);
|
||||
return 0;
|
||||
}
|
||||
if ( $self->error ) {
|
||||
$self->logger->error( $self->error );
|
||||
return 0;
|
||||
|
@ -140,24 +146,24 @@ sub init {
|
|||
|
||||
# psgi.js
|
||||
->addUnauthRoute( 'psgi.js' => 'sendJs', ['GET'] )
|
||||
->addAuthRoute( 'psgi.js' => 'sendJs', ['GET'] )
|
||||
->addAuthRoute( 'psgi.js' => 'sendJs', ['GET'] )
|
||||
|
||||
# portal.css
|
||||
->addUnauthRoute( 'portal.css' => 'sendCss', ['GET'] )
|
||||
->addAuthRoute( 'portal.css' => 'sendCss', ['GET'] )
|
||||
->addAuthRoute( 'portal.css' => 'sendCss', ['GET'] )
|
||||
|
||||
# lmerror
|
||||
->addUnauthRoute( lmerror => { ':code' => 'lmError' }, ['GET'] )
|
||||
->addAuthRoute( lmerror => { ':code' => 'lmError' }, ['GET'] )
|
||||
->addAuthRoute( lmerror => { ':code' => 'lmError' }, ['GET'] )
|
||||
|
||||
# Core REST API
|
||||
->addUnauthRoute( ping => 'pleaseAuth', ['GET'] )
|
||||
->addUnauthRoute( ping => 'pleaseAuth', ['GET'] )
|
||||
->addAuthRoute( ping => 'authenticated', ['GET'] )
|
||||
|
||||
# Refresh session
|
||||
->addAuthRoute( refresh => 'refresh', ['GET'] )
|
||||
|
||||
->addAuthRoute( '*' => 'corsPreflight', ['OPTIONS'] )
|
||||
->addAuthRoute( '*' => 'corsPreflight', ['OPTIONS'] )
|
||||
->addUnauthRoute( '*' => 'corsPreflight', ['OPTIONS'] )
|
||||
|
||||
# Logout
|
||||
|
|
|
@ -206,17 +206,20 @@ sub retrieveNotifs {
|
|||
my ( $self, $req ) = @_;
|
||||
|
||||
# Retrieve user's accepted notifications
|
||||
$self->logger->debug( 'Searching for "'
|
||||
. $req->userData->{ $self->conf->{whatToTrace} }
|
||||
. '" accepted notification(s)' );
|
||||
my @_notifications = sort {
|
||||
$b->{epoch} <=> $a->{epoch}
|
||||
or $a->{reference} cmp $b->{reference}
|
||||
} (
|
||||
} (
|
||||
map {
|
||||
/^notification_(.+)$/
|
||||
? { reference => $1, epoch => $req->{userData}->{$_} }
|
||||
: ()
|
||||
}
|
||||
keys %{ $req->{userData} }
|
||||
);
|
||||
);
|
||||
splice @_notifications, $self->conf->{notificationsMaxRetrieve};
|
||||
|
||||
return \@_notifications;
|
||||
|
@ -224,8 +227,11 @@ sub retrieveNotifs {
|
|||
|
||||
sub _viewNotif {
|
||||
my ( $self, $req, $ref, $epoch ) = @_;
|
||||
|
||||
$self->logger->debug( "Retrieve notification with reference: \"$ref\" and epoch: \"$epoch\"" );
|
||||
my $notif = eval { $self->module->viewNotification( $req, $ref, $epoch ); };
|
||||
if ($@) {
|
||||
$self->logger->debug( "Notification not found" );
|
||||
$self->logger->error($@);
|
||||
return '';
|
||||
}
|
||||
|
|
|
@ -12,7 +12,8 @@ setMsg = (msg, level) ->
|
|||
$('#color').addClass "alert-#{level}"
|
||||
|
||||
displayError = (j, status, err) ->
|
||||
setMsg 'notificationRetreiveFailed', 'warning'
|
||||
setMsg 'notificationRetrieveFailed', 'warning'
|
||||
console.log 'Error:', err, 'Status:', status
|
||||
|
||||
toggle_eye = (slash) ->
|
||||
if slash
|
||||
|
@ -78,7 +79,7 @@ viewNotif = (notif, epoch, button) ->
|
|||
$('#notifEpoch').text(myDate.toLocaleString())
|
||||
$("#explorer-button").removeAttr('hidden')
|
||||
else setMsg 'notificationNotFound', 'warning'
|
||||
else setMsg 'notificationRetreiveFailed', 'warning'
|
||||
else setMsg 'notificationRetrieveFailed', 'warning'
|
||||
|
||||
# Register "click" events
|
||||
$(document).ready ->
|
||||
|
|
|
@ -256,6 +256,9 @@ $(window).on 'load', () ->
|
|||
# Authentication choice tabs
|
||||
authMenuTabs = $("#authMenu").tabs
|
||||
active: 0
|
||||
authMenuIndex = $('#authMenu a[href="#' + datas['displaytab'] + '"]').parent().index()
|
||||
authMenuIndex = 0 if authMenuIndex < 0
|
||||
authMenuTabs.tabs "option", "active", authMenuIndex
|
||||
|
||||
# TODO: cookie
|
||||
# $("#authMenu").tabs
|
||||
|
|
|
@ -20,7 +20,8 @@ LemonLDAP::NG Notifications script
|
|||
};
|
||||
|
||||
displayError = function(j, status, err) {
|
||||
return setMsg('notificationRetreiveFailed', 'warning');
|
||||
setMsg('notificationRetrieveFailed', 'warning');
|
||||
return console.log('Error:', err, 'Status:', status);
|
||||
};
|
||||
|
||||
toggle_eye = function(slash) {
|
||||
|
@ -102,7 +103,7 @@ LemonLDAP::NG Notifications script
|
|||
}
|
||||
});
|
||||
} else {
|
||||
return setMsg('notificationRetreiveFailed', 'warning');
|
||||
return setMsg('notificationRetrieveFailed', 'warning');
|
||||
}
|
||||
};
|
||||
|
||||
|
|
|
@ -1,2 +1 @@
|
|||
(function(){var t,e,n,o,r,a,i;e=$("#msg").attr("trspan"),n=function(t,e){return $("#msg").html(window.translate(t)),$("#color").removeClass("message-positive message-warning alert-success alert-warning"),$("#color").addClass("message-"+e),"positive"===e&&(e="success"),$("#color").addClass("alert-"+e)},t=function(t,e,o){return n("notificationRetreiveFailed","warning")},a=function(t){return t?($("#icon-explorer-button").removeClass("fa-eye"),$("#icon-explorer-button").addClass("fa-eye-slash")):($("#icon-explorer-button").removeClass("fa-eye-slash"),$("#icon-explorer-button").addClass("fa-eye"))},r=function(t){return t?($("#explorer").hide(),$("#color").hide(),a(0)):($("#explorer").show(),$("#color").show(),a(1))},o=function(t,o,r){return n(e,"positive"),$(".btn-danger").each(function(){return $(this).removeClass("btn-danger"),$(this).addClass("btn-success")}),$(".fa-eye-slash").each(function(){return $(this).removeClass("fa-eye-slash"),$(this).addClass("fa-eye")}),$(".verify").each(function(){return $(this).text(window.translate("verify")),$(this).attr("trspan","verify")}),o&&r?(t.removeClass("btn-success"),t.addClass("btn-danger"),$("#icon-"+o+"-"+r).removeClass("fa-eye"),$("#icon-"+o+"-"+r).addClass("fa-eye-slash"),$("#text-"+o+"-"+r).text(window.translate("hide")),$("#text-"+o+"-"+r).attr("trspan","hide"),$("#myNotification").removeAttr("hidden"),a(1)):($("#myNotification").attr("hidden","true"),$("#explorer-button").attr("hidden","true"))},i=function(e,r,a){return console.log("Ref:",e,"epoch:",r),e&&r?(console.log("Send AJAX request"),$.ajax({type:"GET",url:portal+"mynotifications/"+e,data:{epoch:r},dataType:"json",error:t,success:function(t){var i;return t.result?(console.log("Notification:",t.notification),o(a,e,r),$("#displayNotif").html(t.notification),$("#notifRef").text(e),i=new Date(1e3*r),$("#notifEpoch").text(i.toLocaleString()),$("#explorer-button").removeAttr("hidden")):n("notificationNotFound","warning")}})):n("notificationRetreiveFailed","warning")},$(document).ready(function(){return $(".data-epoch").each(function(){var t;return t=new Date(1e3*$(this).text()),$(this).text(t.toLocaleString())}),$("#goback").attr("href",portal),$("body").on("click",".btn-success",function(){return i($(this).attr("notif"),$(this).attr("epoch"),$(this))}),$("body").on("click",".btn-danger",function(){return o($(this))}),$("body").on("click",".btn-info",function(){return r($("#explorer").is(":visible"))})})}).call(this);
|
||||
//# sourceMappingURL=lemonldap-ng-portal/site/htdocs/static/common/js/notifications.min.js.map
|
||||
(function(){var t,o,a,i,e,r,n;o=$("#msg").attr("trspan"),a=function(t,e){return $("#msg").html(window.translate(t)),$("#color").removeClass("message-positive message-warning alert-success alert-warning"),$("#color").addClass("message-"+e),"positive"===e&&(e="success"),$("#color").addClass("alert-"+e)},t=function(t,e,n){return a("notificationRetrieveFailed","warning"),console.log("Error:",n,"Status:",e)},r=function(t){return t?($("#icon-explorer-button").removeClass("fa-eye"),$("#icon-explorer-button").addClass("fa-eye-slash")):($("#icon-explorer-button").removeClass("fa-eye-slash"),$("#icon-explorer-button").addClass("fa-eye"))},e=function(t){return t?($("#explorer").hide(),$("#color").hide(),r(0)):($("#explorer").show(),$("#color").show(),r(1))},i=function(t,e,n){return a(o,"positive"),$(".btn-danger").each(function(){return $(this).removeClass("btn-danger"),$(this).addClass("btn-success")}),$(".fa-eye-slash").each(function(){return $(this).removeClass("fa-eye-slash"),$(this).addClass("fa-eye")}),$(".verify").each(function(){return $(this).text(window.translate("verify")),$(this).attr("trspan","verify")}),e&&n?(t.removeClass("btn-success"),t.addClass("btn-danger"),$("#icon-"+e+"-"+n).removeClass("fa-eye"),$("#icon-"+e+"-"+n).addClass("fa-eye-slash"),$("#text-"+e+"-"+n).text(window.translate("hide")),$("#text-"+e+"-"+n).attr("trspan","hide"),$("#myNotification").removeAttr("hidden"),r(1)):($("#myNotification").attr("hidden","true"),$("#explorer-button").attr("hidden","true"))},n=function(n,o,r){return console.log("Ref:",n,"epoch:",o),n&&o?(console.log("Send AJAX request"),$.ajax({type:"GET",url:portal+"mynotifications/"+n,data:{epoch:o},dataType:"json",error:t,success:function(t){var e;return t.result?(console.log("Notification:",t.notification),i(r,n,o),$("#displayNotif").html(t.notification),$("#notifRef").text(n),e=new Date(1e3*o),$("#notifEpoch").text(e.toLocaleString()),$("#explorer-button").removeAttr("hidden")):a("notificationNotFound","warning")}})):a("notificationRetrieveFailed","warning")},$(document).ready(function(){return $(".data-epoch").each(function(){var t;return t=new Date(1e3*$(this).text()),$(this).text(t.toLocaleString())}),$("#goback").attr("href",portal),$("body").on("click",".btn-success",function(){return n($(this).attr("notif"),$(this).attr("epoch"),$(this))}),$("body").on("click",".btn-danger",function(){return i($(this))}),$("body").on("click",".btn-info",function(){return e($("#explorer").is(":visible"))})})}).call(this);
|
|
@ -1 +1 @@
|
|||
{"version":3,"sources":["lemonldap-ng-portal/site/htdocs/static/common/js/notifications.js"],"names":["displayError","msg","setMsg","toggle","toggle_explorer","toggle_eye","viewNotif","$","attr","level","html","window","translate","removeClass","addClass","j","status","err","slash","visible","hide","show","button","notif","epoch","each","this","text","removeAttr","console","log","ajax","type","url","portal","data","dataType","error","success","resp","myDate","result","notification","Date","toLocaleString","document","ready","on","is","call"],"mappings":"CAMA,WACE,GAAIA,GAAcC,EAAKC,EAAQC,EAAQC,EAAiBC,EAAYC,CAEpEL,GAAMM,EAAE,QAAQC,KAAK,UAErBN,EAAS,SAASD,EAAKQ,GAOrB,MANAF,GAAE,QAAQG,KAAKC,OAAOC,UAAUX,IAChCM,EAAE,UAAUM,YAAY,gEACxBN,EAAE,UAAUO,SAAS,WAAaL,GACpB,aAAVA,IACFA,EAAQ,WAEHF,EAAE,UAAUO,SAAS,SAAWL,IAGzCT,EAAe,SAASe,EAAGC,EAAQC,GACjC,MAAOf,GAAO,6BAA8B,YAG9CG,EAAa,SAASa,GACpB,MAAIA,IACFX,EAAE,yBAAyBM,YAAY,UAChCN,EAAE,yBAAyBO,SAAS,kBAE3CP,EAAE,yBAAyBM,YAAY,gBAChCN,EAAE,yBAAyBO,SAAS,YAI/CV,EAAkB,SAASe,GACzB,MAAIA,IACFZ,EAAE,aAAaa,OACfb,EAAE,UAAUa,OACLf,EAAW,KAElBE,EAAE,aAAac,OACfd,EAAE,UAAUc,OACLhB,EAAW,KAItBF,EAAS,SAASmB,EAAQC,EAAOC,GAc/B,MAbAtB,GAAOD,EAAK,YACZM,EAAE,eAAekB,KAAK,WAEpB,MADAlB,GAAEmB,MAAMb,YAAY,cACbN,EAAEmB,MAAMZ,SAAS,iBAE1BP,EAAE,iBAAiBkB,KAAK,WAEtB,MADAlB,GAAEmB,MAAMb,YAAY,gBACbN,EAAEmB,MAAMZ,SAAS,YAE1BP,EAAE,WAAWkB,KAAK,WAEhB,MADAlB,GAAEmB,MAAMC,KAAKhB,OAAOC,UAAU,WACvBL,EAAEmB,MAAMlB,KAAK,SAAU,YAE5Be,GAASC,GACXF,EAAOT,YAAY,eACnBS,EAAOR,SAAS,cAChBP,EAAE,SAAWgB,EAAQ,IAAMC,GAAOX,YAAY,UAC9CN,EAAE,SAAWgB,EAAQ,IAAMC,GAAOV,SAAS,gBAC3CP,EAAE,SAAWgB,EAAQ,IAAMC,GAAOG,KAAKhB,OAAOC,UAAU,SACxDL,EAAE,SAAWgB,EAAQ,IAAMC,GAAOhB,KAAK,SAAU,QACjDD,EAAE,mBAAmBqB,WAAW,UACzBvB,EAAW,KAElBE,EAAE,mBAAmBC,KAAK,SAAU,QAC7BD,EAAE,oBAAoBC,KAAK,SAAU,UAIhDF,EAAY,SAASiB,EAAOC,EAAOF,GAEjC,MADAO,SAAQC,IAAI,OAAQP,EAAO,SAAUC,GACjCD,GAASC,GACXK,QAAQC,IAAI,qBACLvB,EAAEwB,MACPC,KAAM,MACNC,IAAKC,OAAS,mBAAqBX,EACnCY,MACEX,MAAOA,GAETY,SAAU,OACVC,MAAOrC,EACPsC,QAAS,SAASC,GAChB,GAAIC,EACJ,OAAID,GAAKE,QACPZ,QAAQC,IAAI,gBAAiBS,EAAKG,cAClCvC,EAAOmB,EAAQC,EAAOC,GACtBjB,EAAE,iBAAiBG,KAAK6B,EAAKG,cAC7BnC,EAAE,aAAaoB,KAAKJ,GACpBiB,EAAS,GAAIG,MAAa,IAARnB,GAClBjB,EAAE,eAAeoB,KAAKa,EAAOI,kBACtBrC,EAAE,oBAAoBqB,WAAW,WAEjC1B,EAAO,uBAAwB,eAKrCA,EAAO,6BAA8B,YAIhDK,EAAEsC,UAAUC,MAAM,WAahB,MAZAvC,GAAE,eAAekB,KAAK,WACpB,GAAIe,EAEJ,OADAA,GAAS,GAAIG,MAAsB,IAAjBpC,EAAEmB,MAAMC,QACnBpB,EAAEmB,MAAMC,KAAKa,EAAOI,oBAE7BrC,EAAE,WAAWC,KAAK,OAAQ0B,QAC1B3B,EAAE,QAAQwC,GAAG,QAAS,eAAgB,WACpC,MAAOzC,GAAUC,EAAEmB,MAAMlB,KAAK,SAAUD,EAAEmB,MAAMlB,KAAK,SAAUD,EAAEmB,SAEnEnB,EAAE,QAAQwC,GAAG,QAAS,cAAe,WACnC,MAAO5C,GAAOI,EAAEmB,SAEXnB,EAAE,QAAQwC,GAAG,QAAS,YAAa,WACxC,MAAO3C,GAAgBG,EAAE,aAAayC,GAAG,mBAI5CC,KAAKvB","file":"lemonldap-ng-portal/site/htdocs/static/common/js/notifications.min.js"}
|
||||
{"version":3,"sources":["lemonldap-ng-portal/site/htdocs/static/common/js/notifications.js"],"names":["displayError","msg","setMsg","toggle","toggle_explorer","toggle_eye","viewNotif","$","attr","level","html","window","translate","removeClass","addClass","j","status","err","console","log","slash","visible","hide","show","button","notif","epoch","each","this","text","removeAttr","ajax","type","url","portal","data","dataType","error","success","resp","myDate","result","notification","Date","toLocaleString","document","ready","on","is","call"],"mappings":"CAMA,WACE,IAAIA,EAAcC,EAAKC,EAAQC,EAAQC,EAAiBC,EAAYC,EAEpEL,EAAMM,EAAE,QAAQC,KAAK,UAErBN,EAAS,SAASD,EAAKQ,GAOrB,OANAF,EAAE,QAAQG,KAAKC,OAAOC,UAAUX,IAChCM,EAAE,UAAUM,YAAY,gEACxBN,EAAE,UAAUO,SAAS,WAAaL,GACpB,aAAVA,IACFA,EAAQ,WAEHF,EAAE,UAAUO,SAAS,SAAWL,IAGzCT,EAAe,SAASe,EAAGC,EAAQC,GAEjC,OADAf,EAAO,6BAA8B,WAC9BgB,QAAQC,IAAI,SAAUF,EAAK,UAAWD,IAG/CX,EAAa,SAASe,GACpB,OAAIA,GACFb,EAAE,yBAAyBM,YAAY,UAChCN,EAAE,yBAAyBO,SAAS,kBAE3CP,EAAE,yBAAyBM,YAAY,gBAChCN,EAAE,yBAAyBO,SAAS,YAI/CV,EAAkB,SAASiB,GACzB,OAAIA,GACFd,EAAE,aAAae,OACff,EAAE,UAAUe,OACLjB,EAAW,KAElBE,EAAE,aAAagB,OACfhB,EAAE,UAAUgB,OACLlB,EAAW,KAItBF,EAAS,SAASqB,EAAQC,EAAOC,GAc/B,OAbAxB,EAAOD,EAAK,YACZM,EAAE,eAAeoB,KAAK,WAEpB,OADApB,EAAEqB,MAAMf,YAAY,cACbN,EAAEqB,MAAMd,SAAS,iBAE1BP,EAAE,iBAAiBoB,KAAK,WAEtB,OADApB,EAAEqB,MAAMf,YAAY,gBACbN,EAAEqB,MAAMd,SAAS,YAE1BP,EAAE,WAAWoB,KAAK,WAEhB,OADApB,EAAEqB,MAAMC,KAAKlB,OAAOC,UAAU,WACvBL,EAAEqB,MAAMpB,KAAK,SAAU,YAE5BiB,GAASC,GACXF,EAAOX,YAAY,eACnBW,EAAOV,SAAS,cAChBP,EAAE,SAAWkB,EAAQ,IAAMC,GAAOb,YAAY,UAC9CN,EAAE,SAAWkB,EAAQ,IAAMC,GAAOZ,SAAS,gBAC3CP,EAAE,SAAWkB,EAAQ,IAAMC,GAAOG,KAAKlB,OAAOC,UAAU,SACxDL,EAAE,SAAWkB,EAAQ,IAAMC,GAAOlB,KAAK,SAAU,QACjDD,EAAE,mBAAmBuB,WAAW,UACzBzB,EAAW,KAElBE,EAAE,mBAAmBC,KAAK,SAAU,QAC7BD,EAAE,oBAAoBC,KAAK,SAAU,UAIhDF,EAAY,SAASmB,EAAOC,EAAOF,GAEjC,OADAN,QAAQC,IAAI,OAAQM,EAAO,SAAUC,GACjCD,GAASC,GACXR,QAAQC,IAAI,qBACLZ,EAAEwB,KAAK,CACZC,KAAM,MACNC,IAAKC,OAAS,mBAAqBT,EACnCU,KAAM,CACJT,MAAOA,GAETU,SAAU,OACVC,MAAOrC,EACPsC,QAAS,SAASC,GAChB,IAAIC,EACJ,OAAID,EAAKE,QACPvB,QAAQC,IAAI,gBAAiBoB,EAAKG,cAClCvC,EAAOqB,EAAQC,EAAOC,GACtBnB,EAAE,iBAAiBG,KAAK6B,EAAKG,cAC7BnC,EAAE,aAAasB,KAAKJ,GACpBe,EAAS,IAAIG,KAAa,IAARjB,GAClBnB,EAAE,eAAesB,KAAKW,EAAOI,kBACtBrC,EAAE,oBAAoBuB,WAAW,WAEjC5B,EAAO,uBAAwB,eAKrCA,EAAO,6BAA8B,YAIhDK,EAAEsC,UAAUC,MAAM,WAahB,OAZAvC,EAAE,eAAeoB,KAAK,WACpB,IAAIa,EAEJ,OADAA,EAAS,IAAIG,KAAsB,IAAjBpC,EAAEqB,MAAMC,QACnBtB,EAAEqB,MAAMC,KAAKW,EAAOI,oBAE7BrC,EAAE,WAAWC,KAAK,OAAQ0B,QAC1B3B,EAAE,QAAQwC,GAAG,QAAS,eAAgB,WACpC,OAAOzC,EAAUC,EAAEqB,MAAMpB,KAAK,SAAUD,EAAEqB,MAAMpB,KAAK,SAAUD,EAAEqB,SAEnErB,EAAE,QAAQwC,GAAG,QAAS,cAAe,WACnC,OAAO5C,EAAOI,EAAEqB,SAEXrB,EAAE,QAAQwC,GAAG,QAAS,YAAa,WACxC,OAAO3C,EAAgBG,EAAE,aAAayC,GAAG,mBAI5CC,KAAKrB"}
|
|
@ -223,7 +223,7 @@ LemonLDAP::NG Portal jQuery scripts
|
|||
datas = {};
|
||||
|
||||
$(window).on('load', function() {
|
||||
var action, al, authMenuTabs, back_url, i, l, lang, langdiv, langs, langs2, len, len1, len2, len3, link, m, menuIndex, menuTabs, method, n, nl, nlangs, re, ref, ref1, ref2;
|
||||
var action, al, authMenuIndex, authMenuTabs, back_url, i, l, lang, langdiv, langs, langs2, len, len1, len2, len3, link, m, menuIndex, menuTabs, method, n, nl, nlangs, re, ref, ref1, ref2;
|
||||
datas = getValues();
|
||||
window.datas = datas;
|
||||
$("#appslist").sortable({
|
||||
|
@ -250,6 +250,11 @@ LemonLDAP::NG Portal jQuery scripts
|
|||
authMenuTabs = $("#authMenu").tabs({
|
||||
active: 0
|
||||
});
|
||||
authMenuIndex = $('#authMenu a[href="#' + datas['displaytab'] + '"]').parent().index();
|
||||
if (authMenuIndex < 0) {
|
||||
authMenuIndex = 0;
|
||||
}
|
||||
authMenuTabs.tabs("option", "active", authMenuIndex);
|
||||
if (datas['choicetab']) {
|
||||
authMenuTabs.tabs("option", "active", $('#authMenu a[href="#' + datas['choicetab'] + '"]').parent().index());
|
||||
}
|
||||
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -206,7 +206,7 @@
|
|||
"noTOTPFound":"No TOTP found",
|
||||
"noU2FKeyFound":"No U2F key found",
|
||||
"notificationNotFound":"Notification not found in DataBase",
|
||||
"notificationRetreiveFailed":"Unable to retreive notification",
|
||||
"notificationRetrieveFailed":"Unable to retrieve notification",
|
||||
"notificationsExplorer":"Notifications explorer",
|
||||
"oidcConsent":"التطبيق ٪s هل ترغب في معرفة:",
|
||||
"oidcConsents":"OIDC consents",
|
||||
|
|
|
@ -205,7 +205,7 @@
|
|||
"noTOTPFound":"Kein TOTP gefunden",
|
||||
"noU2FKeyFound":"Kein U2F Schlüssel gefunden",
|
||||
"notificationNotFound":"Notification not found in DataBase",
|
||||
"notificationRetreiveFailed":"Unable to retreive notification",
|
||||
"notificationRetrieveFailed":"Unable to retrieve notification",
|
||||
"notificationsExplorer":"Notifications explorer",
|
||||
"oidcConsent":"The application %s would like to:",
|
||||
"oidcConsents":"OIDC consents",
|
||||
|
|
|
@ -206,7 +206,7 @@
|
|||
"noTOTPFound":"No TOTP found",
|
||||
"noU2FKeyFound":"No U2F key found",
|
||||
"notificationNotFound":"Notification not found in DataBase",
|
||||
"notificationRetreiveFailed":"Unable to retreive notification",
|
||||
"notificationRetrieveFailed":"Unable to retrieve notification",
|
||||
"notificationsExplorer":"Notifications explorer",
|
||||
"oidcConsent":"The application %s would like to:",
|
||||
"oidcConsents":"OIDC consents",
|
||||
|
|
|
@ -205,7 +205,7 @@
|
|||
"noTOTPFound":"TOTP no encontrado",
|
||||
"noU2FKeyFound":"Llave U2F no encontrada",
|
||||
"notificationNotFound":"Notification not found in DataBase",
|
||||
"notificationRetreiveFailed":"Unable to retreive notification",
|
||||
"notificationRetrieveFailed":"Unable to retrieve notification",
|
||||
"notificationsExplorer":"Notifications explorer",
|
||||
"oidcConsent":"La aplicación %s quisiera:",
|
||||
"oidcConsents":"Permisos OIDC",
|
||||
|
|
|
@ -205,7 +205,7 @@
|
|||
"noTOTPFound":"No TOTP found",
|
||||
"noU2FKeyFound":"No U2F key found",
|
||||
"notificationNotFound":"Notification not found in DataBase",
|
||||
"notificationRetreiveFailed":"Unable to retreive notification",
|
||||
"notificationRetrieveFailed":"Unable to retrieve notification",
|
||||
"notificationsExplorer":"Notifications explorer",
|
||||
"oidcConsent":"The application %s would like to:",
|
||||
"oidcConsents":"OIDC consents",
|
||||
|
|
|
@ -205,7 +205,7 @@
|
|||
"noTOTPFound":"Aucun secret TOTP trouvé",
|
||||
"noU2FKeyFound": "Aucune clef U2F trouvée",
|
||||
"notificationNotFound":"Notification non trouvée en base",
|
||||
"notificationRetreiveFailed":"Impossible de récupérer la notification",
|
||||
"notificationRetrieveFailed":"Impossible de récupérer la notification",
|
||||
"notificationsExplorer":"Eplorateur de notifications",
|
||||
"oidcConsent":"L'application %s voudrait :",
|
||||
"oidcConsents": "Accords OIDC",
|
||||
|
|
|
@ -205,7 +205,7 @@
|
|||
"noTOTPFound":"Nessun TOTP trovato",
|
||||
"noU2FKeyFound":"Nessuna chiave U2F trovata",
|
||||
"notificationNotFound":"La notifica non é stata trovata",
|
||||
"notificationRetreiveFailed":"Unable to retreive notification",
|
||||
"notificationRetrieveFailed":"Unable to retrieve notification",
|
||||
"notificationsExplorer":"Notifications explorer",
|
||||
"oidcConsent":"L'applicazione %s vorrebbe sapere:",
|
||||
"oidcConsents":"Consensi OIDC",
|
||||
|
|
|
@ -205,7 +205,7 @@
|
|||
"noTOTPFound":"No TOTP found",
|
||||
"noU2FKeyFound":"No U2F key found",
|
||||
"notificationNotFound":"Notification not found in DataBase",
|
||||
"notificationRetreiveFailed":"Unable to retreive notification",
|
||||
"notificationRetrieveFailed":"Unable to retrieve notification",
|
||||
"notificationsExplorer":"Notifications explorer",
|
||||
"oidcConsent":"The application %s would like to:",
|
||||
"oidcConsents":"OIDC consents",
|
||||
|
|
|
@ -205,7 +205,7 @@
|
|||
"noTOTPFound":"No TOTP found",
|
||||
"noU2FKeyFound":"No U2F key found",
|
||||
"notificationNotFound":"Notification not found in DataBase",
|
||||
"notificationRetreiveFailed":"Unable to retreive notification",
|
||||
"notificationRetrieveFailed":"Unable to retrieve notification",
|
||||
"notificationsExplorer":"Notifications explorer",
|
||||
"oidcConsent":"The application %s would like to:",
|
||||
"oidcConsents":"OIDC consents",
|
||||
|
|
|
@ -205,7 +205,7 @@
|
|||
"noTOTPFound":"No TOTP found",
|
||||
"noU2FKeyFound":"No U2F key found",
|
||||
"notificationNotFound":"Notification not found in DataBase",
|
||||
"notificationRetreiveFailed":"Unable to retreive notification",
|
||||
"notificationRetrieveFailed":"Unable to retrieve notification",
|
||||
"notificationsExplorer":"Notifications explorer",
|
||||
"oidcConsent":"The application %s would like to:",
|
||||
"oidcConsents":"OIDC consents",
|
||||
|
|
|
@ -206,7 +206,7 @@
|
|||
"noTOTPFound":"TOTP bulunamadi",
|
||||
"noU2FKeyFound":"U2F anahtarı bulunamadı",
|
||||
"notificationNotFound":"Bildirim bulunamadı",
|
||||
"notificationRetreiveFailed":"Unable to retreive notification",
|
||||
"notificationRetrieveFailed":"Unable to retrieve notification",
|
||||
"notificationsExplorer":"Notifications explorer",
|
||||
"oidcConsent":"%s uygulaması şunları yapmak istiyor:",
|
||||
"oidcConsents":"OIDC izinleri",
|
||||
|
|
|
@ -205,7 +205,7 @@
|
|||
"noTOTPFound":"Đăng xuất khỏi các ứng dụng khác",
|
||||
"noU2FKeyFound":"No U2F key found",
|
||||
"notificationNotFound":"Không tìm thấy thông báo",
|
||||
"notificationRetreiveFailed":"Unable to retreive notification",
|
||||
"notificationRetrieveFailed":"Unable to retrieve notification",
|
||||
"notificationsExplorer":"Notifications explorer",
|
||||
"oidcConsent":"Ứng dụng %s muốn biết:",
|
||||
"oidcConsents":"OIDC consents",
|
||||
|
|
|
@ -205,7 +205,7 @@
|
|||
"noTOTPFound":"No TOTP found",
|
||||
"noU2FKeyFound":"No U2F key found",
|
||||
"notificationNotFound":"Notification not found in DataBase",
|
||||
"notificationRetreiveFailed":"Unable to retreive notification",
|
||||
"notificationRetrieveFailed":"Unable to retrieve notification",
|
||||
"notificationsExplorer":"Notifications explorer",
|
||||
"oidcConsent":"The application %s would like to:",
|
||||
"oidcConsents":"OIDC consents",
|
||||
|
|
|
@ -1 +1 @@
|
|||
<h3><TMPL_VAR NAME="number"> <span trmsg="ppGrace">authentications remaining, change your password!</span></h3>
|
||||
<h3><TMPL_VAR NAME="number"> <span trspan="ppGrace">authentications remaining, change your password!</span></h3>
|
||||
|
|
|
@ -61,9 +61,9 @@
|
|||
|
||||
|
||||
<!-- //if:jsminified
|
||||
<script type="text/javascript" src="<TMPL_VAR NAME="STATIC_PREFIX">/common/js/notifications.min.js"></script>
|
||||
<script type="text/javascript" src="<TMPL_VAR NAME="STATIC_PREFIX">common/js/notifications.min.js"></script>
|
||||
//else -->
|
||||
<script type="text/javascript" src="<TMPL_VAR NAME="STATIC_PREFIX">/common/js/notifications.js"></script>
|
||||
<script type="text/javascript" src="<TMPL_VAR NAME="STATIC_PREFIX">common/js/notifications.js"></script>
|
||||
<!-- //endif -->
|
||||
|
||||
<TMPL_INCLUDE NAME="footer.tpl">
|
||||
|
|
|
@ -4,6 +4,7 @@
|
|||
"autoMail":"تم إرسال هذا البريد تلقائيا ",
|
||||
"click2Register":"انقر هنا لتأكيد تسجيل حسابك",
|
||||
"click2Reset":"انقر هنا لإعادة تعيين كلمة المرور",
|
||||
"goToPortal":"انتقل إلى البوابة",
|
||||
"hello":"مرحبا ",
|
||||
"mail2fSubject":"[LemonLDAP::NG] تسجيل الدخول الخاص بك هو ",
|
||||
"mailConfirmSubject":"تأكيد إعادة تعيين كلمة المرور[LemonLDAP::NG]",
|
||||
|
|
|
@ -4,6 +4,7 @@
|
|||
"autoMail":"This mail was sent automatically",
|
||||
"click2Register":"Click here to confirm your account registration",
|
||||
"click2Reset":"Click here to reset your password",
|
||||
"goToPortal":"Go to portal",
|
||||
"hello":"Hello",
|
||||
"mail2fSubject":"[LemonLDAP::NG] Your login code",
|
||||
"mailConfirmSubject": "[LemonLDAP::NG] Password reset confirmation",
|
||||
|
|
|
@ -4,6 +4,7 @@
|
|||
"autoMail":"Tämä sähköpostiviesti lähetetään automaattisesti",
|
||||
"click2Register":"Klikkaa tästä vahvistaaksesi käyttäjätunnuksesi rekisteröinnin",
|
||||
"click2Reset":"Klikkaa tästä nollataksesi salasanasi",
|
||||
"goToPortal":"Siirry portaaliin",
|
||||
"hello":"Hei",
|
||||
"mail2fSubject":"[LemonLDAP::NG] Your login code",
|
||||
"mailConfirmSubject":"[LemonLDAP::NG] Salasanan nollauksen vahvistus",
|
||||
|
|
|
@ -4,6 +4,7 @@
|
|||
"autoMail":"Ceci est un message automatique",
|
||||
"click2Register":"Cliquez ici pour confirmer l'enregistrement de votre compte",
|
||||
"click2Reset":"Cliquez ici pour réinitialiser votre mot de passe",
|
||||
"goToPortal":"Aller au portail",
|
||||
"hello":"Bonjour",
|
||||
"mail2fSubject":"[LemonLDAP::NG] Votre code de connexion",
|
||||
"mailConfirmSubject": "[LemonLDAP::NG] Confirmation de réinitialisation de mot de passe",
|
||||
|
|
|
@ -4,6 +4,7 @@
|
|||
"autoMail":"Questa mail é stata inviata automaticamente",
|
||||
"click2Register":"Clicca qui per confermare la registrazione del tuo account",
|
||||
"click2Reset":"Clicca qui per reimpostare la password",
|
||||
"goToPortal":"Vai al portale",
|
||||
"hello":"Salve",
|
||||
"mail2fSubject":"[LemonLDAP :: NG] Il tuo codice di accesso",
|
||||
"mailConfirmSubject":"Conferma reimpostazione password [LemonLDAP::NG] ",
|
||||
|
|
|
@ -4,6 +4,7 @@
|
|||
"autoMail":"Emel ini telah dihantar secara automatik",
|
||||
"click2Register":"Klik di sini untuk mengesahkan akaun anda",
|
||||
"click2Reset":"Kilik disini untuk menetapkan semula kata laluan anda",
|
||||
"goToPortal":"Go to portal",
|
||||
"hello":"Hello",
|
||||
"mail2fSubject":"[LemonLDAP::NG] Kod login anda",
|
||||
"mailConfirmSubject":"[LemonLDAP::NG] Pengesahan penetapan semula kata laluan",
|
||||
|
|
|
@ -1,9 +1,10 @@
|
|||
{
|
||||
"resetCertificat":"Your certificate was reset",
|
||||
"resetCertificat":"Sertifikanız sıfırlandı",
|
||||
"accountCreated":"Hesabınız oluşturuldu, geçici parolanız e-posta adresinize gönderildi.",
|
||||
"autoMail":"Bu e-posta otomatik olarak gönderilmiştir",
|
||||
"click2Register":"Hesap açma işleminizi onaylamak için buraya tıklayın",
|
||||
"click2Reset":"Parolanızı sıfırlamak için buraya tıklayın",
|
||||
"goToPortal":"Portala git",
|
||||
"hello":"Merhaba",
|
||||
"mail2fSubject":"[LemonLDAP::NG] Giriş kodunuz",
|
||||
"mailConfirmSubject":"[LemonLDAP::NG] Parola sıfırlama onayı",
|
||||
|
|
|
@ -4,6 +4,7 @@
|
|||
"autoMail":"Thư này đã được gửi tự động",
|
||||
"click2Register":"Nhấn ở đây để xác nhận việc đăng ký tài khoản của bạn",
|
||||
"click2Reset":"Nhấn ở đây để thiết lập lại mật khẩu của bạn",
|
||||
"goToPortal":"Đi tới cổng thông tin",
|
||||
"hello":"Xin chào",
|
||||
"mail2fSubject":"[LemonLDAP::NG] Your login code",
|
||||
"mailConfirmSubject":"[LemonLDAP::NG] Xác nhận thiết lập lại mật khẩu",
|
||||
|
|
|
@ -4,6 +4,7 @@
|
|||
"autoMail":"此邮件是自动发送的",
|
||||
"click2Register":"请点击此处已确认您的账户注册",
|
||||
"click2Reset":"请点击此处充值您的密码",
|
||||
"goToPortal":"回到首页",
|
||||
"hello":"您好",
|
||||
"mail2fSubject":"[LemonLDAP::NG] Your login code",
|
||||
"mailConfirmSubject":"[LemonLDAP::NG] 密码重置确认",
|
||||
|
|
|
@ -109,7 +109,7 @@ SKIP: {
|
|||
),
|
||||
'Auth query'
|
||||
);
|
||||
$match = 'trmsg="' . $code . '"';
|
||||
$match = 'trspan="' . $code . '"';
|
||||
ok( $res->[2]->[0] =~ /$match/, 'Grace remaining' );
|
||||
|
||||
# 3 - TEST PE_PP_ACCOUNT_LOCKED
|
||||
|
|
|
@ -193,9 +193,16 @@ my %prms = map { split /=/, $_ } split /&/, $query;
|
|||
ok( $prms{token_type}, ' token_type found' );
|
||||
ok( $prms{session_state}, ' session_state found' );
|
||||
ok( $prms{access_token}, ' access_token found' );
|
||||
ok( $prms{id_token}, ' id_token found' );
|
||||
ok( $prms{state}, ' state found' );
|
||||
ok( $prms{session_state}, ' session_state found' );
|
||||
count(5);
|
||||
count(6);
|
||||
|
||||
my $id_token_payload = id_token_payload($prms{id_token});
|
||||
ok( $id_token_payload->{c_hash}, "ID token contains c_hash");
|
||||
ok( $id_token_payload->{at_hash}, "ID token contains at_hash");
|
||||
is( $id_token_payload->{nonce}, "qwerty", "ID token contains nonce");
|
||||
count(3);
|
||||
|
||||
my $at;
|
||||
ok( $at = $rp->p->_userDB->getUserInfo( 'op', $prms{access_token} ),
|
||||
|
|
|
@ -144,9 +144,7 @@ ok( $prms{state}, ' state found' );
|
|||
count(5);
|
||||
|
||||
# Check attributes in ID Token
|
||||
my ( $id_token_header, $id_token_payload, $id_token_signature ) =
|
||||
split( /\./, $prms{id_token} );
|
||||
my $id_token_decoded = decode_json( decode_base64url($id_token_payload) );
|
||||
my $id_token_decoded = id_token_payload($prms{id_token});
|
||||
ok( $id_token_decoded->{sub} eq "dwho", 'Check sub value' );
|
||||
ok( $id_token_decoded->{name} eq "Doctor Who", 'Check name value' );
|
||||
count(2);
|
||||
|
|
|
@ -143,10 +143,12 @@ ok( $prms{access_token}, ' access_token found' );
|
|||
ok( $prms{state}, ' state found' );
|
||||
count(5);
|
||||
|
||||
my $id_token_payload = id_token_payload($prms{id_token});
|
||||
is ($id_token_payload->{acr}, "customacr-1", "Check ACR value");
|
||||
count(1);
|
||||
|
||||
# Check attributes in ID Token
|
||||
my ( $id_token_header, $id_token_payload, $id_token_signature ) =
|
||||
split( /\./, $prms{id_token} );
|
||||
my $id_token_decoded = decode_json( decode_base64url($id_token_payload) );
|
||||
my $id_token_decoded = id_token_payload($prms{id_token});
|
||||
ok( $id_token_decoded->{sub} eq "dwho", 'Check sub value' );
|
||||
ok( !$id_token_decoded->{name}, 'Claim name must not be in ID token' );
|
||||
count(2);
|
||||
|
@ -247,7 +249,7 @@ sub op {
|
|||
oidcOPMetaDataJWKS => {},
|
||||
oidcServiceMetaDataAuthnContext => {
|
||||
'loa-4' => 4,
|
||||
'loa-1' => 1,
|
||||
'customacr-1' => 1,
|
||||
'loa-5' => 5,
|
||||
'loa-2' => 2,
|
||||
'loa-3' => 3
|
||||
|
|
|
@ -116,8 +116,7 @@ ok( $refresh_token, "Got refresh token" );
|
|||
ok( $id_token, "Got ID token" );
|
||||
count(3);
|
||||
|
||||
my $id_token_payload =
|
||||
JSON::from_json( decode_base64( [ split /\./, $id_token ]->[1] ) );
|
||||
my $id_token_payload = id_token_payload($id_token);
|
||||
is( $id_token_payload->{name}, 'Frédéric Accents',
|
||||
'Found claim in ID token' );
|
||||
count(1);
|
||||
|
@ -168,8 +167,7 @@ ok( $id_token, "Got refreshed ID token" );
|
|||
ok( !defined $refresh_token2, "Refresh token not present" );
|
||||
count(3);
|
||||
|
||||
$id_token_payload =
|
||||
JSON::from_json( decode_base64( [ split /\./, $id_token ]->[1] ) );
|
||||
$id_token_payload = id_token_payload($id_token);
|
||||
is( $id_token_payload->{name}, 'Frédéric Accents',
|
||||
'Found claim in ID token' );
|
||||
count(1);
|
||||
|
@ -224,8 +222,7 @@ ok( $id_token, "Got refreshed ID token" );
|
|||
ok( !defined $refresh_token2, "Refresh token not present" );
|
||||
count(3);
|
||||
|
||||
$id_token_payload =
|
||||
JSON::from_json( decode_base64( [ split /\./, $id_token ]->[1] ) );
|
||||
$id_token_payload = id_token_payload($id_token);
|
||||
is( $id_token_payload->{name}, 'Frédéric Accents',
|
||||
'Found claim in ID token' );
|
||||
count(1);
|
||||
|
|
|
@ -116,8 +116,7 @@ ok( $access_token, "Got access token" );
|
|||
ok( $refresh_token, "Got refresh token" );
|
||||
ok( $id_token, "Got ID token" );
|
||||
|
||||
my $id_token_payload =
|
||||
JSON::from_json( decode_base64( [ split /\./, $id_token ]->[1] ) );
|
||||
my $id_token_payload = id_token_payload($id_token);
|
||||
is( $id_token_payload->{name}, 'Frédéric Accents',
|
||||
'Found claim in ID token' );
|
||||
|
||||
|
@ -177,8 +176,7 @@ ok( $access_token, "Got refreshed Access token" );
|
|||
ok( $id_token, "Got refreshed ID token" );
|
||||
ok( !defined $json->{refresh_token}, "Refresh token not present" );
|
||||
|
||||
$id_token_payload =
|
||||
JSON::from_json( decode_base64( [ split /\./, $id_token ]->[1] ) );
|
||||
$id_token_payload = id_token_payload($id_token);
|
||||
is( $id_token_payload->{name}, 'Frédéric Accents',
|
||||
'Found claim in ID token' );
|
||||
|
||||
|
|
|
@ -101,7 +101,9 @@ ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' )
|
|||
or print STDERR $@;
|
||||
ok( $res->{_session_id} eq $spId, ' Good ID' )
|
||||
or explain( $res, "_session_id => $spId" );
|
||||
count(3);
|
||||
ok( ref $res->{array} eq 'ARRAY', ' Array ref found' )
|
||||
or explain( $res, "array => Ref" );
|
||||
count(4);
|
||||
|
||||
# Session key
|
||||
ok( $res = $issuer->_get("/sessions/global/$spId/[_session_id,uid,cn]"),
|
||||
|
|
|
@ -311,6 +311,36 @@ count(2);
|
|||
expectAuthenticatedAs( $res, 'rtyler' );
|
||||
$client->logout($id);
|
||||
|
||||
## Try to authenticate => notification prompted
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/',
|
||||
IO::String->new('user=msmith&password=msmith'),
|
||||
length => 27,
|
||||
accept => 'text/html',
|
||||
),
|
||||
'Auth query'
|
||||
);
|
||||
ok( $res->[2]->[0] =~ m%trspan="gotNewMessages">%,
|
||||
'You have some new messages' )
|
||||
or explain( $res->[2]->[0], 'trspan="gotNewMessages"' );
|
||||
count(2);
|
||||
|
||||
## Try to authenticate => TOTP prompted
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/',
|
||||
IO::String->new('user=dwho&password=dwho'),
|
||||
length => 23,
|
||||
accept => 'text/html',
|
||||
),
|
||||
'Auth query'
|
||||
);
|
||||
ok( $res->[2]->[0] =~ m%<span trspan="enterTotpCode">%,
|
||||
'TOTP code required' )
|
||||
or explain( $res->[2]->[0], 'trspan="enterTotpCode"' );
|
||||
count(2);
|
||||
|
||||
clean_sessions();
|
||||
|
||||
done_testing( count() );
|
||||
|
|
|
@ -106,7 +106,8 @@
|
|||
}
|
||||
},
|
||||
"macros": {
|
||||
"_whatToTrace": "$_auth eq 'SAML' ? \"$_user\\@$_idpConfKey\" : \"$_user\""
|
||||
"_whatToTrace": "$_auth eq 'SAML' ? \"$_user\\@$_idpConfKey\" : \"$_user\"",
|
||||
"array": "$uid eq 'french' ? 'doctor; who' : ''"
|
||||
},
|
||||
"notifications": 0,
|
||||
"passwordDB": "Null",
|
||||
|
|
|
@ -40,4 +40,8 @@ GQIDAQAB
|
|||
-----END PUBLIC KEY-----";
|
||||
}
|
||||
|
||||
sub id_token_payload {
|
||||
my $token = shift;
|
||||
JSON::from_json( decode_base64( [ split /\./, $token ]->[1] ) );
|
||||
}
|
||||
1;
|
||||
|
|
|
@ -448,7 +448,7 @@ chmod 775 %{buildroot}%{lm_sbindir}/llng-fastcgi-server
|
|||
# Install httpd conf files
|
||||
# We use "z-lemonldap-ng-*" so that httpd read the files after "perl.conf"
|
||||
mkdir -p %{buildroot}%{apache_confdir}
|
||||
for i in handler manager portal test; do {
|
||||
for i in handler manager portal api test; do {
|
||||
mv %{buildroot}%{lm_confdir}/$i-apache%{apache_version}.conf \
|
||||
%{buildroot}%{apache_confdir}/z-lemonldap-ng-$i.conf
|
||||
}; done
|
||||
|
@ -471,6 +471,9 @@ sed -i 's:/etc/lemonldap-ng/nginx-lua-headers.conf:/etc/nginx/nginx-lua-headers.
|
|||
mv %{buildroot}%{lm_confdir}/for_etc_hosts .
|
||||
|
||||
# Fix shebang and perms
|
||||
sed -i -e 's,#!/usr/bin/env plackup,#!/usr/bin/plackup,' \
|
||||
%{buildroot}/usr/share/lemonldap-ng/manager/api/api.psgi
|
||||
chmod 755 %{buildroot}/usr/share/lemonldap-ng/manager/api/api.psgi
|
||||
sed -i -e 's,#!/usr/bin/env plackup,#!/usr/bin/plackup,' \
|
||||
%{buildroot}/usr/share/lemonldap-ng/manager/htdocs/manager.psgi
|
||||
chmod 755 %{buildroot}/usr/share/lemonldap-ng/manager/htdocs/manager.psgi
|
||||
|
@ -544,6 +547,7 @@ fi
|
|||
%config(noreplace) %attr(-,root,%{lm_apachegroup}) %{lm_storagefile}
|
||||
%config(noreplace) %{apache_confdir}/z-lemonldap-ng-handler.conf
|
||||
%config(noreplace) %{apache_confdir}/z-lemonldap-ng-manager.conf
|
||||
%config(noreplace) %{apache_confdir}/z-lemonldap-ng-api.conf
|
||||
%config(noreplace) %{apache_confdir}/z-lemonldap-ng-portal.conf
|
||||
%{_mandir}/man1/convertConfig*
|
||||
%{_mandir}/man1/convertSessions*
|
||||
|
@ -618,6 +622,7 @@ fi
|
|||
%config(noreplace) %{_sysconfdir}/nginx/nginx-lmlog.conf
|
||||
%config(noreplace) %{_sysconfdir}/nginx/nginx-lua-headers.conf
|
||||
%config(noreplace) %{_sysconfdir}/nginx/conf.d/portal-nginx.conf
|
||||
%config(noreplace) %{_sysconfdir}/nginx/conf.d/api-nginx.conf
|
||||
%config(noreplace) %{_sysconfdir}/nginx/conf.d/test-nginx.conf
|
||||
|
||||
%files -n perl-Lemonldap-NG-Common
|
||||
|
|
Loading…
Reference in New Issue