dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
10,428 Commits 3 Branches 0 Tags 75 MiB
00da613dfc
Commit Graph

295 Commits

Author SHA1 Message Date
Maxime Besson
bd110e7de6 cas issuer: check auth level and reauth if insufficient (#2124) 2020-09-04 17:15:34 +02:00
Maxime Besson
ce5c19e3f4 saml issuer: check auth level and reauth if insufficient (#2124) 2020-09-04 17:15:34 +02:00
Maxime Besson
7a36489b73 oidc issuer: check auth level and reauth if insufficient (#2124) 2020-09-04 17:15:34 +02:00
Maxime Besson
8bfa5179cc Issuers: Store required auth level in pdata (#2124) 2020-09-04 17:14:04 +02:00
Maxime Besson
5e78464d7f Resolve nameid session attribute from local macros (#2280) 2020-08-17 22:06:09 +02:00
Maxime Besson
9ac49b881a Lookup casAppMetaDataOptionsUserAttribute in per-app macros (#2280) 2020-08-17 22:06:09 +02:00
Maxime Besson
52c6edb453 Lookup oidcRPMetaDataOptionsUserIDAttr in per-RP macros (#2280) 2020-08-17 22:06:09 +02:00
Maxime Besson
b2a2575896 Fix incorrect SOAP content type in SAML issuer (#2263) 2020-08-10 15:06:00 +02:00
Clément OUDOT
e544ee7778 Adapt user log in SAML issuer (#2244) 2020-06-18 18:40:13 +02:00
Clément OUDOT
5d5eda9799 Adapt user log in CAS issuer (#2244) 2020-06-18 18:39:53 +02:00
Clément OUDOT
0b3908e6dc Add user log in GET issuer (#2244) 2020-06-18 18:01:33 +02:00
Clément OUDOT
2da914cc90 Publish support for refresh_token grant_type (#2242) 2020-06-18 09:43:56 +02:00
Maxime Besson
33a5496e55 Fix regression in #2085 (#2224) 
Clearing all hidden form values was a mistake as it breaks SAML when the
redirection URL contains a query string. We should keep existing hidden
fields. In the context of OIDC request, we clear them before redirection
to avoid #2085
 2020-05-29 15:51:51 +02:00
Christophe Maudoux
bb9e03d1e5 Tidy 2020-05-24 00:04:33 +02:00
Christophe Maudoux
46bb6fea4f Return PE_SESSIONEXPIRED instead of 400 bad request (#2184) 2020-05-01 19:52:32 +02:00
Maxime Besson
e607d8281f OIDC: do not advertise missing functionality (#1194) 
Back-Channel logout is not supported yet
 2020-04-24 12:15:51 +02:00
Clément OUDOT
138ee4284f Disable cache when registering a new OIDC client (#2058) 2020-04-24 11:52:04 +02:00
Maxime Besson
a3821fc560 Implement additional audiences in ID token (#2177) 2020-04-24 11:10:44 +02:00
Maxime Besson
6ccf078432 Implement Resource Owner Password Credentials grant (#2155) 2020-04-23 17:49:25 +02:00
Maxime Besson
ded6c74fe0 Allow special characters in scope names (#2168) 2020-04-23 14:50:53 +02:00
Maxime Besson
31f05b9e2d Make Introspection endpoint look for offline sessions (#2171) 2020-04-23 10:29:08 +02:00
Maxime Besson
626715a580 Prevent duplicate consents in psession (#2169) 2020-04-22 21:26:38 +02:00
Maxime Besson
a217590869 Tidy OIDC 2020-04-22 21:25:56 +02:00
Christophe Maudoux
ea8b0bb024 Highlight error message (#2126 & #1625) 2020-03-28 18:12:34 +01:00
Christophe Maudoux
68e2e81898 Fix warning if error is undefined (#2126 & #1625) 2020-03-28 17:59:37 +01:00
Xavier Montagutelli
9c0e09f89d Update OpenIDConnect.pm - Correct typo staticPrefi*x* 2020-03-26 16:48:31 +01:00
Maxime Besson
34928123f3 OIDC refactoring 
split token method by response type
factor ID token generation between implicit and hybrid flows
still a lot to do!
 2020-03-18 21:14:54 +01:00
Maxime Besson
4ae628bfcd Avoid generatin a bogus ID token when generation fails (#2105) 2020-02-24 16:28:41 +01:00
Xavier Guimard
a76cba3856 Update versions 2020-02-20 23:37:01 +01:00
Maxime Besson
5758e371bf Improve introspection endpoint (#2096) 2020-02-19 21:49:51 +01:00
Maxime Besson
68be974e51 Add option to compute userdb groups before macros (#1877) 2020-02-05 15:39:45 +01:00
Maxime Besson
3b48746948 SAML: Hide error in storeEnv (#2084) 2020-02-03 17:08:18 +01:00
Clément OUDOT
681452524d Associate SAML access rule to SP conf key and not SP entityID (#2074) 2020-01-24 09:01:56 +01:00
Christophe Maudoux
1988983c90 Typo 2019-12-31 17:14:44 +01:00
Clément OUDOT
f5c2b81051 Possibility to add extra claims and extra vars in OIDC register (#2003) 2019-12-21 12:08:48 +01:00
Maxime Besson
f7f526b825 Fix #1882 in refresh token code 2019-12-17 10:59:45 +01:00
Maxime Besson
a410793122 CAS per-service macros portal code (#2042) 2019-12-16 17:26:35 +01:00
Maxime Besson
2a15bb0523 SAML per-service macros portal code (#2042) 2019-12-16 17:26:34 +01:00
Maxime Besson
32ecf37be4 OIDC per-service macros portal code (#2042) 2019-12-16 17:26:34 +01:00
Maxime Besson
75559bfb15 Fix TTL of offline session (#813) 2019-11-27 12:12:47 +01:00
Maxime Besson
2639c482b1 Fix cookie removal on SAML logout (#2001) 
Since the fixes for #1863, calling p->do consumes the response headers
set by any previous code. So we must only call do() in a return statement.
 2019-11-06 18:44:10 +01:00
Maxime Besson
713737c11f Add an option to return claims in ID token 2019-11-04 18:27:28 +01:00
Maxime Besson
68704955d2 Apply suggestion to lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm 2019-11-04 10:47:35 +01:00
Maxime Besson
a386a7502a Allow refresh tokens to be emitted for regular sessions (#813) 2019-11-04 10:44:54 +01:00
Maxime Besson
ea2365cc98 Implement OIDC Offline sessions through refresh tokens (#813) 2019-11-04 10:44:54 +01:00
Clément OUDOT
a239091553 Load String::Random (#1963) 2019-10-01 14:49:41 +02:00
Xavier
461cd51e45 Try to fix #1785 without breaking pdata 2019-09-29 23:04:17 +02:00
Christophe Maudoux
5d9fc02205 Typo & logger 2019-09-20 22:47:48 +02:00
Clément OUDOT
dc0a8f7848 Add some log when user is authorized to access to service (#1702) 2019-09-19 16:52:08 +02:00
Clément OUDOT
dd76c4f3db Improve log for CAS Issuer (#1702) 2019-09-19 16:18:51 +02:00