Maxime Besson
|
7b0990addd
|
Remove totp options from code (#2541)
|
2021-06-15 14:54:32 +02:00 |
|
Maxime Besson
|
6f5cd3b645
|
Fix some undef warnings
|
2021-06-15 12:40:15 +02:00 |
|
Maxime Besson
|
75b81fcb5a
|
Fix NameID value when unspecified is requested by SP (#2518)
|
2021-06-15 11:27:37 +02:00 |
|
Maxime Besson
|
63cd5ffb40
|
Revert 652d8ba9bc
See #2482
|
2021-06-11 08:53:26 +02:00 |
|
Christophe Maudoux
|
86f46ebc5b
|
Fix some warnings (#2538)
|
2021-06-08 23:03:54 +02:00 |
|
Maxime Besson
|
87295178e0
|
optimize SingleSession to avoid unneeded session fetches (#2536)
|
2021-06-04 16:17:18 +02:00 |
|
Maxime Besson
|
b8e8bbcedd
|
Ignore unknown scopes (#2496)
|
2021-06-03 18:24:55 +02:00 |
|
Maxime Besson
|
55cdfefd7b
|
Workaround for #2472
|
2021-06-02 15:36:05 +02:00 |
|
Maxime Besson
|
fad337c58c
|
Add hooks on password change (#2510)
|
2021-06-02 11:07:28 +02:00 |
|
Maxime Besson
|
91cfba275a
|
Skip registration of SAML SP when config has errors (#2525)
|
2021-06-02 08:34:02 +02:00 |
|
Maxime Besson
|
71a8fc6d16
|
Skip registration of CAS App when config has errors (#2525)
|
2021-06-02 08:34:02 +02:00 |
|
Maxime Besson
|
e50db3f083
|
Skip registration of OIDC RP when config has errors (#2525)
|
2021-06-02 08:34:01 +02:00 |
|
Maxime Besson
|
cf3809a0de
|
Add CAS hooks (#2533)
|
2021-06-01 11:27:45 +02:00 |
|
Maxime Besson
|
e98aafd6f7
|
add oidcGenerateCode hook (#2532)
|
2021-05-31 11:16:28 +02:00 |
|
Maxime Besson
|
15298466ea
|
Fix JWT userinfo in Auth::OpenIDConnect (#2529)
|
2021-05-31 09:52:02 +02:00 |
|
Christophe Maudoux
|
cf55716825
|
Allow findUser with UpgradeSession (#1976)
|
2021-05-06 23:16:26 +02:00 |
|
Yadd
|
a24ed7bc41
|
Fix GrantSession rules sort
|
2021-05-04 15:50:38 +02:00 |
|
Christophe Maudoux
|
de3164fea7
|
Fix button top margin (#1976)
|
2021-05-01 22:35:56 +02:00 |
|
Christophe Maudoux
|
fc481d40d2
|
Rename param (#1976)
|
2021-04-30 22:36:31 +02:00 |
|
Maxime Besson
|
cd97d3b922
|
Refactor $req->{cspFormAction} (#2513)
|
2021-04-23 09:02:24 +02:00 |
|
Maxime Besson
|
a876d978af
|
Suggest improvement for next major version
|
2021-04-23 09:02:24 +02:00 |
|
Maxime Besson
|
913ebbd556
|
fix missing domain in child-src during SAML POST logout (#2513)
|
2021-04-23 09:02:24 +02:00 |
|
Maxime Besson
|
5ba0c11b58
|
Add helper to build CSP host list (#2513)
|
2021-04-23 09:02:24 +02:00 |
|
Christophe Maudoux
|
b54c95ccd2
|
Improve unit tests & Fix regex (#2509)
|
2021-04-21 22:14:47 +02:00 |
|
Maxime Besson
|
8695a633a7
|
Force type of JSON fields in token response (#2511)
|
2021-04-20 11:31:32 +02:00 |
|
Christophe Maudoux
|
21ced5dbad
|
Fix speChars test, typos & display (#2509)
|
2021-04-14 13:28:12 +02:00 |
|
Maxime Besson
|
a94fb616bd
|
Allow admin to disallow host-based match (#2506)
|
2021-04-09 17:51:54 +02:00 |
|
Maxime Besson
|
c1e059eeb3
|
Use authChoiceAuthBasic to select Choice (#2502)
|
2021-04-07 16:40:32 +02:00 |
|
Christophe Maudoux
|
64dffcf4d0
|
Send only technical and exported attributes (#2503)
|
2021-04-03 16:46:43 +02:00 |
|
Christophe Maudoux
|
9f77e89f96
|
Send exported attributes with REST session server & typos (#2503)
|
2021-04-02 23:57:30 +02:00 |
|
Christophe Maudoux
|
4751427105
|
Fix error level & Improve doc (#1976)
|
2021-04-01 23:31:48 +02:00 |
|
Christophe Maudoux
|
c0db322ef0
|
Perl critic
|
2021-04-01 23:07:58 +02:00 |
|
Christophe Maudoux
|
bcfb075f63
|
Be more consistent with REST params & Update doc (#1976)
|
2021-04-01 22:48:08 +02:00 |
|
Christophe Maudoux
|
654184dd66
|
Fix bad request (#2501)
|
2021-04-01 14:49:44 +02:00 |
|
Maxime Besson
|
297dc830af
|
Update mail templates to no longer use string substitution (#2495)
|
2021-03-31 14:27:23 +02:00 |
|
Maxime Besson
|
d696853556
|
Factor MAIN_LOGO variable in loadMailTemplate (#2495)
|
2021-03-31 14:27:23 +02:00 |
|
Christophe Maudoux
|
89111859a0
|
Typos (#1976)
|
2021-03-30 23:54:06 +02:00 |
|
Maxime Besson
|
20e1f9ded0
|
Hash JWT to catch tampering (#2419)
This mechanism's only purpose is to make the introsection endpoint fail
to verify the token when the JWT itself has been tampered with.
|
2021-03-30 16:32:14 +02:00 |
|
Maxime Besson
|
2c8cbbefe6
|
"xxx is allowed to update 2FA" should be a debug message
|
2021-03-30 16:32:14 +02:00 |
|
Clément OUDOT
|
55ab4b5a5f
|
Fix CAS log message on service ticket validation error (#2494)
|
2021-03-25 16:33:48 +01:00 |
|
Maxime Besson
|
02b680df30
|
fix #2489
|
2021-03-19 16:45:37 +01:00 |
|
Maxime Besson
|
96a667cf2e
|
clarify REST log messages
|
2021-03-17 14:24:47 +01:00 |
|
Maxime Besson
|
ca6c98c26c
|
Allow selection of saml ACS during idp initiated (#2488)
|
2021-03-17 14:24:47 +01:00 |
|
Maxime Besson
|
c0f8e8f46b
|
Skip serializing psgi streams when saving request
It can interfere with unit tests in some cases, like #2000
|
2021-03-15 21:18:08 +01:00 |
|
Maxime Besson
|
44abc1e889
|
Add hook for client credentials (#2484)
|
2021-03-10 15:47:19 +01:00 |
|
Maxime Besson
|
0f626ad94c
|
Add expiration time to Client Credential sessions (#2481)
|
2021-03-03 15:43:18 +01:00 |
|
Maxime Besson
|
a70051e3fe
|
Remove deprecated base64url implementation
All our target distros now have base64url in Mime::Base64
|
2021-03-03 11:03:19 +01:00 |
|
Maxime Besson
|
bb95e681e6
|
Tidy
|
2021-03-03 11:03:19 +01:00 |
|
Maxime Besson
|
e10d1e291c
|
Return granted scopes if different from requested scopes (#2424)
|
2021-03-03 11:03:19 +01:00 |
|
Maxime Besson
|
6b9670c29d
|
Use computed scopes to fill claims in ID token (#2424)
|
2021-03-03 11:03:19 +01:00 |
|
Maxime Besson
|
534745e5a2
|
Use computer scopes in Implicit/Hybrid responses (#2424)
|
2021-03-03 11:03:18 +01:00 |
|
Yadd
|
3883c5abff
|
Fix vhost regexp (#2477)
|
2021-03-02 07:57:21 +01:00 |
|
Maxime Besson
|
4841c7755e
|
Fix OAuth2 error code when supplying invalid code
|
2021-02-24 17:48:12 +01:00 |
|
Maxime Besson
|
5a8c20584b
|
Fix OIDC message when calling technical endpoints with cookies (#2475)
|
2021-02-24 17:48:12 +01:00 |
|
Maxime Besson
|
2d7f9e34a6
|
OIDC: Return error if multiple client auth used (#2474)
|
2021-02-24 17:48:12 +01:00 |
|
Christophe Maudoux
|
ff36b81e73
|
Append accessor to avoid modify conf (#2451)
|
2021-02-19 07:44:00 +01:00 |
|
Xavier Guimard
|
b5c0ca94c4
|
CrowdSec plugin (#2451)
|
2021-02-19 07:40:36 +01:00 |
|
Christophe Maudoux
|
057cfb29e8
|
Improve code (#2458)
|
2021-02-18 23:35:25 +01:00 |
|
Maxime Besson
|
cceb6f767e
|
Use a dedicated function for OIDC error reporting (#2465)
|
2021-02-18 22:06:39 +01:00 |
|
Christophe Maudoux
|
5f7981e256
|
Improve error message & unit test (#2458)
|
2021-02-16 22:04:38 +01:00 |
|
Christophe Maudoux
|
1757cf5337
|
Merge branch 'CheckDevOps-plugin' into 'v2.0'
Check DevOps file plugin (#2458)
See merge request lemonldap-ng/lemonldap-ng!178
|
2021-02-16 18:46:19 +00:00 |
|
Christophe Maudoux
|
4583108068
|
Append download unit test (#2458)
|
2021-02-16 14:21:10 +01:00 |
|
Christophe Maudoux
|
1f66e03969
|
Append an option to download rules.json file from remote server (#2458)
|
2021-02-16 12:15:18 +01:00 |
|
Maxime Besson
|
31d0f26174
|
Clear hook list on configuration reload (#2463)
|
2021-02-15 15:13:53 +01:00 |
|
Christophe Maudoux
|
e477a1cef8
|
Append unit test & Doc (#2458)
|
2021-02-15 11:40:46 +01:00 |
|
Christophe Maudoux
|
110974cce4
|
Display rules (#2458)
|
2021-02-12 22:39:34 +01:00 |
|
Christophe Maudoux
|
60cbb6d5f2
|
Improve code (#2458)
|
2021-02-12 19:31:11 +01:00 |
|
Christophe Maudoux
|
3bee740125
|
display headers (#2458)
|
2021-02-12 19:25:55 +01:00 |
|
Christophe Maudoux
|
6e1efc8bb5
|
WIP: CheckDevOps plugin skeleton (#2458)
|
2021-02-12 18:11:37 +01:00 |
|
Maxime Besson
|
4408852d33
|
tidy
|
2021-02-12 18:10:53 +01:00 |
|
Maxime Besson
|
424cf91e88
|
Fix error message on missing template dir (#2460)
|
2021-02-12 18:10:53 +01:00 |
|
Christophe Maudoux
|
4515768513
|
Display explicit error message (#2329)
|
2021-02-10 22:27:12 +01:00 |
|
Christophe Maudoux
|
3e02682635
|
Update version
|
2021-02-09 23:06:36 +01:00 |
|
Maxime Besson
|
7db988b5a1
|
Improve some SAML error messages (#2349)
|
2021-02-08 11:50:24 +01:00 |
|
Christophe Maudoux
|
55071d5210
|
Keep old behavior if no JS (#1976)
|
2021-02-05 18:05:59 +01:00 |
|
Maxime Besson
|
a1ed57c035
|
Add typ header to access token jwt (#2419)
|
2021-02-03 09:43:35 +01:00 |
|
Christophe Maudoux
|
635e75c1b6
|
Perl critic
|
2021-02-01 22:30:37 +01:00 |
|
Maxime Besson
|
1cd7dd3d2c
|
Add hook for access token JWT payload (#2419)
|
2021-02-01 18:20:32 +01:00 |
|
Maxime Besson
|
d86e8ce0df
|
Refactor: remove extractJWT
|
2021-02-01 18:20:32 +01:00 |
|
Maxime Besson
|
cb04670003
|
Refactor checksignature
|
2021-02-01 18:20:32 +01:00 |
|
Maxime Besson
|
09dda56cb8
|
Refactor: rename method in issuer
|
2021-02-01 18:20:32 +01:00 |
|
Maxime Besson
|
d63017cffc
|
Refactor: use new functions in Auth
|
2021-02-01 18:20:32 +01:00 |
|
Maxime Besson
|
cd3c2678db
|
Refactor: rename variable
|
2021-02-01 18:20:32 +01:00 |
|
Maxime Besson
|
435ba82144
|
Refactor: rename and move getJWTJSONData
|
2021-02-01 18:20:32 +01:00 |
|
Maxime Besson
|
6aef1a6317
|
Refactor: getUserInfo now returns a hash
|
2021-02-01 18:20:32 +01:00 |
|
Maxime Besson
|
f3c97c22dc
|
Refactor access token id lookup into Common::JWT
|
2021-02-01 18:20:32 +01:00 |
|
Maxime Besson
|
aa877cf0a3
|
Let newAccessToken emit JWT (#2419)
|
2021-02-01 18:15:55 +01:00 |
|
Maxime Besson
|
dc0bacd6f0
|
Accept Access Tokens in JWT format (#2419)
|
2021-02-01 18:15:55 +01:00 |
|
Maxime Besson
|
acaaf1c749
|
Refactor buildUserInfo (#2419)
|
2021-02-01 18:15:55 +01:00 |
|
Maxime Besson
|
dbddddfba1
|
Refactor newAccessToken (#2419)
|
2021-02-01 18:15:55 +01:00 |
|
Maxime Besson
|
5303b4fc3e
|
Fix error format when sending an expired refresh token
|
2021-02-01 18:15:55 +01:00 |
|
Maxime Besson
|
090fad7475
|
Add warning when hook stack encounters error
|
2021-02-01 18:15:55 +01:00 |
|
Maxime Besson
|
4c1f49a90f
|
Use dynamic scope in issuer (#2424)
|
2021-02-01 16:25:35 +01:00 |
|
Maxime Besson
|
5562d8b1dd
|
Add a function to resolve allowed scopes from rules (#2424)
|
2021-02-01 16:25:35 +01:00 |
|
Maxime Besson
|
c30b452aa3
|
Load dynamic scopes from config (#2424)
|
2021-02-01 16:25:35 +01:00 |
|
Christophe Maudoux
|
8017725caa
|
Code refactoring
|
2021-01-31 00:07:34 +01:00 |
|
Christophe Maudoux
|
ea80b4df0e
|
Use Ajax request (#1976)
|
2021-01-30 23:22:03 +01:00 |
|
Clément OUDOT
|
d4ae146fd6
|
Update version in main modules
|
2021-01-30 18:32:52 +01:00 |
|
Christophe Maudoux
|
01721d5793
|
Append warning in log & code refactoring ("1976)
|
2021-01-30 18:22:13 +01:00 |
|
Maxime Besson
|
c844cc25b0
|
Fix SAML logout propagation with Redirect binding (#2449)
|
2021-01-29 09:45:50 +01:00 |
|