dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9,701 Commits 3 Branches 0 Tags 75 MiB
0408ce80b8
Commit Graph

2406 Commits

Author SHA1 Message Date
Christophe Maudoux
9892173cc3 Tidy & update version (#1989) 2019-10-27 21:15:48 +01:00
Christophe Maudoux
73d83dd7f0 Append missing parameters & improve unit test (#1989) 2019-10-27 21:13:25 +01:00
Maxime Besson
ed3e274ab1 Fix force password reset in Combination (#1984) 2019-10-24 08:58:04 +02:00
Maxime Besson
4afecb4620 Remove IDP cookie (#1941) 2019-10-17 23:09:03 +02:00
Christophe Maudoux
3c2ecfd04a Tidy (#1956) 2019-10-13 22:47:57 +02:00
Christophe Maudoux
f188426f8b Fix custom function parameter (#1956) 2019-10-13 22:29:12 +02:00
Christophe Maudoux
0ca649f106 Use custom decrypt functions (#1956) 2019-10-13 15:08:32 +02:00
Maxime Besson
2b4defb2a9 Prevent portal from crashing when keepPdata=1 (#1893) 
Since the changes introduced to fix #1893, keepPdata is expected to
contain an array of values.

When migrating from previous LLNG versions, cookies may contain
keepPdata=1, which crashes the server because 1 isn't an arrayref

This change makes LLNG consider that keepPdata=1 is not a valid value,
and replaces it with an empty arrayref when starting the login or logout
flow.
 2019-10-09 17:35:48 +02:00
Maxime Besson
ff9bb46301 Make notification system take pdata url into account (#1893) 2019-10-08 22:40:10 +02:00
Maxime Besson
2bce713f65 Set issuer urldc in pdata (#1893) 2019-10-08 22:40:10 +02:00
Maxime Besson
3ee708d8ff Delay cookie restore after hooks (#1965) 2019-10-07 17:26:40 +02:00
Maxime Besson
474bb48aa1 Make Password::LDAP/AD check connection before use (#1909) 
Also remove a mostly redundant wrapper method in Auth::LDAP
 2019-10-01 19:17:31 +02:00
Maxime Besson
fa49e77495 Better logs in case of a LDAP error 2019-10-01 15:14:51 +02:00
Clément OUDOT
a239091553 Load String::Random (#1963) 2019-10-01 14:49:41 +02:00
Christophe Maudoux
138cfe6edb Append DecryptValue plugin (#1956) 2019-09-30 22:29:49 +02:00
Christophe Maudoux
a219a51e1c Revert "Make manifest" 
This reverts commit c00110ed01.
 2019-09-30 22:28:55 +02:00
Christophe Maudoux
35de9fd3e8 Re-order 2019-09-30 22:27:03 +02:00
Christophe Maudoux
c00110ed01 Make manifest 2019-09-30 22:26:55 +02:00
Christophe Maudoux
b3791cc65b Typo 2019-09-30 19:10:05 +02:00
Christophe Maudoux
b505d3a475 Typo 2019-09-30 19:10:05 +02:00
Maxime Besson
e9153957da IDP selection phrasing 2019-09-30 18:55:09 +02:00
Maxime Besson
e693e5e649 Fix IDP selection rules (#1961) 2019-09-30 18:54:02 +02:00
Xavier
461cd51e45 Try to fix #1785 without breaking pdata 2019-09-29 23:04:17 +02:00
Christophe Maudoux
6df7412bcf Fix log with Impersonation plugin (#1664) 2019-09-26 20:24:12 +02:00
Maxime Besson
5d5ac66a6e Add Date: field to emails (#1953) 
This adds a dependancy to Email::Date::Format, but it's already a
dependancy of Email::Sender::Simple (and probably more), so in practice
no new packages are going to be installed
 2019-09-26 12:32:58 +02:00
Christophe Maudoux
5d9fc02205 Typo & logger 2019-09-20 22:47:48 +02:00
Christophe Maudoux
c34c6e646e Append search parameters & improve unit test (#1938) 2019-09-19 22:51:10 +02:00
Clément OUDOT
dc0a8f7848 Add some log when user is authorized to access to service (#1702) 2019-09-19 16:52:08 +02:00
Clément OUDOT
dd76c4f3db Improve log for CAS Issuer (#1702) 2019-09-19 16:18:51 +02:00
Clément OUDOT
e446e09a7f Improve log (#1702) 2019-09-19 16:07:10 +02:00
Christophe Maudoux
84778604fd Typo 2019-09-18 21:01:24 +02:00
Christophe Maudoux
2095fdf316 Improve log (#1702) 2019-09-18 19:59:35 +02:00
Christophe Maudoux
92c8e6791f Typo (#1702) 2019-09-18 19:49:22 +02:00
Clément OUDOT
5512d38f81 Improve log on 2F unregistration (#1702) 2019-09-18 18:09:18 +02:00
Clément OUDOT
ce6f6c3977 Get login to use it in password force change form (#1910) 2019-09-18 15:55:13 +02:00
Maxime Besson
98f55fd384 Translate the error code displayed in debug logs 2019-09-17 20:17:57 +02:00
Christophe Maudoux
146aca7c82 Remove trailing whitespaces 2019-09-16 20:30:35 +02:00
Christophe Maudoux
fcf05c5602 Avoid warning 2019-09-16 17:22:35 +02:00
Maxime Besson
c94e2534a9 Send CORS headers when doing JSON responses too (#1765) 2019-09-16 16:55:15 +02:00
Maxime Besson
e281ad7cc3 Add support for CORS preflight (#1765) 2019-09-16 16:55:15 +02:00
Christophe Maudoux
9c01c46fea Typo (#1932) 2019-09-14 23:37:50 +02:00
Christophe Maudoux
dd66f37739 Return httpSession id if exists (#1932) 2019-09-14 22:47:11 +02:00
Christophe Maudoux
5615d5b2a3 Append display Slave logo option (#1936) 2019-09-14 22:07:44 +02:00
Christophe Maudoux
ce4cdcee85 Don t display Slave module 2019-09-13 22:37:35 +02:00
Christophe Maudoux
9784e75ead Check Slave credential headers (#1935) 2019-09-13 22:21:09 +02:00
Clément OUDOT
5c7905e342 Improve regexp (#1891) 2019-09-13 15:35:05 +02:00
Clément OUDOT
36a1f07786 Remove cancel parameter in CAS service value (#1891) 2019-09-13 15:17:51 +02:00
Xavier
e50e7d09d1 Update version of (really) modified files 2019-09-12 21:56:49 +02:00
Clément OUDOT
70d2856d71 Option to display password generation box (#1928) 2019-09-12 18:26:56 +02:00
Clément OUDOT
c75a74da5a Display password form if password is refused (#1930) 2019-09-12 17:54:43 +02:00
Christophe Maudoux
4287c39f5b typo 2019-09-11 16:20:28 +02:00
Christophe Maudoux
bb0b5814f7 Fix empty groups (#1791) 2019-09-11 16:18:35 +02:00
Christophe Maudoux
c1af9e49f7 WIP - Append extractFormInfo step & AuthChoiceParam for AuthChoice (#1925) 2019-09-09 23:23:52 +02:00
Christophe Maudoux
132f42d44c Forbid browsers to store users password & Improve unit tests (#1913) 2019-09-08 19:28:28 +02:00
Maxime Besson
94877793d4 increase clock tolerance during rest secret check (#1923) 2019-09-06 17:45:51 +02:00
Maxime Besson
00e91f374b Add specific error code when missing a required SAML attr (#1919) 
The MISSINGREQATTR message is a good default value, but a site
administrator may decide to override it with a personnalized version
that only applies to issuer errors caused by an incomplete user profile
(for example, giving a pointer to the local user profile management
application)
 2019-09-06 11:04:39 +02:00
Clément OUDOT
e54355ff9f Use conf as HASH key (#1619) 2019-09-05 17:16:55 +02:00
Clément OUDOT
5b7bb4b9cd Check error message from ITDS (#1619) 2019-09-05 17:14:44 +02:00
Clément OUDOT
17123d6196 Avoid plugin conflicts (#993) 2019-09-05 13:30:49 +02:00
Clément OUDOT
068ffbe604 Define portalDisplayPasswordPolicy parameter in Manager (#993) 2019-09-05 13:02:51 +02:00
Clément OUDOT
b44c13ba2f Display password policy in password change form (#993) 2019-09-05 12:46:32 +02:00
Clément OUDOT
2f2f62ae1c Check password quality in mail reset plugin (#993) 2019-09-05 12:02:51 +02:00
Clément OUDOT
3700a1b54c Fix logger in Kerberos Auth init 2019-09-04 15:42:33 +02:00
Christophe Maudoux
3e9a424090 Update version (#1916) 2019-09-03 22:57:51 +02:00
Christophe Maudoux
56ed8a5724 Append issuersTimeout option (#1916) 2019-09-03 22:52:07 +02:00
Clément OUDOT
a2d3ae1d03 Local password policy: minimal digits (#993) 2019-09-03 19:08:19 +02:00
Clément OUDOT
28309dca9b Merge branch 'v2.0' of gitlab.ow2.org:lemonldap-ng/lemonldap-ng into v2.0 2019-09-03 19:07:22 +02:00
Clément OUDOT
b52bbdb838 Local password policy: minimal upper characters (#993) 2019-09-03 18:45:35 +02:00
Maxime Besson
ff3d4e218c doc: suggest a better fix for #1864 
We can't do it yet because the issue isn't fixed in versions of Lasso
found in the wild. But someday it will be.
 2019-09-03 18:13:13 +02:00
Clément OUDOT
ef3d6a26c4 Local password policy: minimal lower characters (#993) 2019-09-03 16:10:04 +02:00
Clément OUDOT
8998eb183e Local password policy: minimal size (#993) 2019-09-03 14:30:22 +02:00
Clément OUDOT
82a06fce91 Pass skin parameter in 2F flows (#1915) 2019-09-03 11:56:48 +02:00
Clément OUDOT
fca831411b Fix call to logger in REST authentication backend 2019-08-30 09:46:25 +02:00
Clément OUDOT
177f446f25 Display main logo in redirect page (#1906) 2019-08-29 19:29:27 +02:00
Maxime Besson
d61935ab6e Implement introspection endpoint for access tokens (#1843) 2019-08-29 19:10:51 +02:00
Maxime Besson
fd7453b7a5 Refactor endpoint auth 2019-08-29 18:57:26 +02:00
Xavier Guimard
ae6e69667a Fix warning 2019-08-29 10:49:01 +02:00
Xavier Guimard
9379188000 Fix ^ (#1903) 2019-08-28 19:28:20 +02:00
Xavier Guimard
df4e7e7522 Generic fix for issues like #1903 2019-08-28 19:12:29 +02:00
Clément OUDOT
2145483be7 Pass extra args in Combination module (#1903) 2019-08-28 18:22:19 +02:00
Xavier Guimard
1660109e2f Security: use 3-form for open 2019-08-28 11:32:54 +02:00
Xavier
1f2f0240f0 Love Perl (#1863) 
TIMTOWTDI
 2019-08-28 00:36:18 +02:00
Maxime Besson
810d2c7f94 Disable template cache to avoid translation issues in mail (#1897) 2019-08-27 23:13:36 +02:00
Maxime Besson
a04a376777 Make regular template variables available in mails 
SKIN, PORTAL_URL, env_*, session_* are now available in email templates

Preliminary work for #1861
 2019-08-27 23:13:36 +02:00
Xavier Guimard
48883dbe4e More tests 2019-08-27 10:32:26 +02:00
Xavier Guimard
323d92fa1b Don't load Data::Dumper unless debug 2019-08-27 10:10:11 +02:00
Clément OUDOT
796d1b12e6 Add _session_kind to default exported attributes (#1896) 2019-08-26 17:38:08 +02:00
Christophe Maudoux
ec59cc164c Catch error earlier in process (#1867) 2019-08-24 23:26:42 +02:00
Xavier Guimard
0415370f2c More REST debug 2019-08-22 15:17:51 +02:00
Clément OUDOT
e42e71b5e3 Use LinkedIn v2 API (#1890) 2019-08-22 14:51:24 +02:00
Christophe Maudoux
894b8be541 By pass first access (#1867) 2019-08-21 23:40:23 +02:00
Maxime Besson
661a007b4a Check OIDC access token expiration (#1879) 2019-08-21 12:18:55 +02:00
Christophe Maudoux
b694b16a19 Avoid warning with Choice 2019-08-20 17:08:37 +02:00
Christophe Maudoux
8e9f4e513e Improve combination with FaceBook & LinkedIn 2019-08-17 17:27:14 +02:00
Christophe Maudoux
5985e6d258 Fix REST service (#1870) 2019-08-17 17:11:28 +02:00
Xavier
097183f2b3 Fix warning 2019-08-16 09:10:10 +02:00
Christophe Maudoux
78a82dbee9 Override OTT conf. for Upgrade tokens (#1884) 2019-08-15 22:01:44 +02:00
Maxime Besson
2e9f57ab6f Better default behavior for oidcServiceMetaDataIssuer (#1882) 2019-08-13 18:09:59 +02:00
Christophe Maudoux
7502e424e3 Revert "Concatenate pdata and lemon cookies in the same set-cookie header (#1863)" 
This reverts commit c3a01c042c
 2019-08-13 10:16:31 +02:00
Christophe Maudoux
c3a01c042c Concatenate pdata and lemon cookies in the same set-cookie header (#1863) 2019-08-12 23:52:33 +02:00
Christophe Maudoux
3891c9caec Fix log level & improve e2e ini file (#1878) 2019-08-12 22:20:22 +02:00
Christophe Maudoux
f8ef2797a8 Update manifest 2019-08-12 21:36:55 +02:00
Christophe Maudoux
d7cb8bf4b8 Force remove pdata cookie to avoid loop (#1878) 2019-08-12 21:29:08 +02:00
Christophe Maudoux
09158f0084 Return whatToTrace instead of uid & Fix + Append unit test (#1664) 2019-08-10 12:38:25 +02:00
Christophe Maudoux
52fa94bd55 Sort functions & append comments 2019-08-10 11:13:56 +02:00
Christophe Maudoux
bee0e675f3 Revert "Fix langs directory (#1870)" 
This reverts commit b453647b26.
 2019-08-09 22:46:43 +02:00
Christophe Maudoux
b453647b26 Fix langs directory (#1870) 2019-08-09 22:11:05 +02:00
Maxime Besson
daa03a9a9c OIDC: tie client_id to authorization code (#1881) 2019-08-09 13:54:53 +02:00
Christophe Maudoux
9dac92064c Better fix & update unit tests (#1861) 2019-08-07 22:29:12 +02:00
Maxime Besson
9b24fd02e5 Log more detailed information about Kerberos failures 2019-08-07 19:35:35 +02:00
Christophe Maudoux
ce05b44172 Remove useless constants (#1867) 2019-08-06 22:42:17 +02:00
Christophe Maudoux
7aad470586 Delete pdata cookie after XML notif validation & Improve unit test (#1861) 2019-08-06 22:29:48 +02:00
Christophe Maudoux
c630a90064 Delete pdata cookie after notif validation & Improve unit test (#1861) 2019-08-06 22:25:09 +02:00
Xavier
ea713a3169 Avoid conflict in $req->data between DBI and LDAP 
Closes: #1875
 2019-08-06 21:54:41 +02:00
Christophe Maudoux
742e7417d4 Better fix (#1867) 2019-08-06 21:04:52 +02:00
Maxime Besson
8de0a89029 Give more customization options for 2F prompt messages 
new translations labels for mail and rest, and we now pass the 2F prefix
to templates. It's not used in the default skin, but it should help in
cases where extra second factors are used to offer the user a more
helpful prompt message
 2019-08-05 20:08:28 +02:00
Christophe Maudoux
bf20db03b9 Improve unit test & fix (#1867) 2019-08-04 22:39:14 +02:00
Christophe Maudoux
c1736f7f82 Catch error if setSecurity is undefined (#1874) 2019-08-04 12:08:34 +02:00
Christophe Maudoux
1422c28c0b Improve fix & unit test (#1874) 2019-08-03 23:49:02 +02:00
Christophe Maudoux
6cf1c83151 Fix & Improve unit test (#1874) 2019-08-03 22:48:07 +02:00
Christophe Maudoux
058ef90662 Append dependency 2019-08-03 11:05:12 +02:00
Christophe Maudoux
6ad07f9c4d Fix debug log 2019-08-03 11:04:58 +02:00
Christophe Maudoux
dcd0c53fde Fix warning message 2019-08-02 22:58:36 +02:00
Christophe Maudoux
46208d74fe Improve unit test (#1870) 2019-08-02 21:58:08 +02:00
Maxime Besson
15c3b0bbf8 Add Radius second factor (#1847) 2019-08-02 18:03:10 +02:00
Maxime Besson
68c8be333a Fix translation override in mails 2019-08-02 17:45:03 +02:00
Maxime Besson
c1afdbefac Add labels and logos to all 2F providers (#1873) 2019-08-01 17:27:14 +02:00
Christophe Maudoux
216d683f22 Fix debug log (#1870) 2019-08-01 11:59:02 +02:00
Christophe Maudoux
188c7be337 perltidy 2019-07-31 23:38:48 +02:00
Christophe Maudoux
ee5a705d2f Append REST API to retrieve error message (#1870) 2019-07-31 23:09:38 +02:00
Clément OUDOT
4ee49de4c2 Adapt grant_types_supported attribute (#1846) 2019-07-25 19:06:53 +02:00
Maxime Besson
c9dba5212e HTML-decode entityID from metadata (#1864) 2019-07-25 18:29:46 +02:00
Christophe Maudoux
3d6a7bd843 Sort notifications: JSON format (#1862) 2019-07-25 12:42:58 +02:00
Christophe Maudoux
bf5fe2246d Send specified parameters (#1851) 2019-07-25 12:00:37 +02:00
Christophe Maudoux
3082168617 Append HTTP method options (#1851) 2019-07-25 10:49:49 +02:00
Christophe Maudoux
11f2d0f34a Improve notifications REST API & unit test (#1851) 2019-07-23 15:54:53 +02:00
Maxime Besson
d82f776df8 Allow multi instanciation of 2F modules (#1860) 
This commit adds a manager interface to declare multiple instances of a
single 2F module, in a manner similar to Combination.

An additional portal code reads the `sfExtra` variable to load the
declared modules.

An empty rules means the module will be always active.
 2019-07-22 19:30:37 +02:00
Christophe Maudoux
fb7a222c9d Append notifications REST API (#1851) 2019-07-22 15:39:59 +02:00
Christophe Maudoux
81aa2fb37b Improve test-lib & unit test (#1851) 2019-07-21 23:23:20 +02:00
Christophe Maudoux
3972861ba4 WIP - Improve unit test & need to fix list notifications feature!!! (#1851) 2019-07-21 22:47:48 +02:00
Clément OUDOT
f15e8bd108 Possibility to list notifications (#1851) 2019-07-21 20:47:16 +02:00
Christophe Maudoux
ca7ebe09f7 WIP - REST service to remove notification (#1851) 2019-07-20 22:25:03 +02:00
Christophe Maudoux
21c1d83df3 Typo 2019-07-20 13:28:48 +02:00
Christophe Maudoux
4eecd90230 Typo (#1857) 2019-07-17 12:20:30 +02:00
Christophe Maudoux
b99b76e2d6 Improve code (#1857) 2019-07-17 12:18:15 +02:00
Christophe Maudoux
d8b3eb2a34 Remove cipher cookie if notification refused (#1857) 2019-07-16 13:51:01 +02:00
Clément OUDOT
e12cb3a905 Fix loop on notifications (#1856) 2019-07-15 10:55:33 +02:00
Xavier
64c587417b Improvement 2019-07-12 19:09:55 +02:00
Clément OUDOT
c024ed0fe6 Improve logging when a notification is added by REST (#1853) 2019-07-12 18:34:55 +02:00
Xavier Guimard
3c6a301785 Keep original PATH_INFO during notification process (Fixes: #1852) 2019-07-12 10:33:36 +02:00