Maxime Besson
277e0872fa
Fix missing session timeouts ( #2262 )
2020-09-09 12:04:17 +02:00
Maxime Besson
d598513504
Fix warning when resolving cas target authlevel ( #2309 )
2020-09-09 10:37:00 +02:00
Maxime Besson
f9c7d0bdf7
saml proxy logout: Delay info until we return from idp ( #2262 )
2020-09-08 17:25:11 +02:00
Maxime Besson
683b5a7861
Resume logout when returning from Auth::SAML IDP ( #2262 )
2020-09-08 15:47:58 +02:00
Maxime Besson
24297aa942
Redirect to external provider for logout ( #2262 )
2020-09-08 14:16:49 +02:00
Maxime Besson
8b5ddf6e43
Perform authLogout step during SAML SLO ( #2262 )
2020-09-08 14:16:49 +02:00
Maxime Besson
bd110e7de6
cas issuer: check auth level and reauth if insufficient ( #2124 )
2020-09-04 17:15:34 +02:00
Maxime Besson
ce5c19e3f4
saml issuer: check auth level and reauth if insufficient ( #2124 )
2020-09-04 17:15:34 +02:00
Maxime Besson
7a36489b73
oidc issuer: check auth level and reauth if insufficient ( #2124 )
2020-09-04 17:15:34 +02:00
Maxime Besson
8bfa5179cc
Issuers: Store required auth level in pdata ( #2124 )
2020-09-04 17:14:04 +02:00
Maxime Besson
5e78464d7f
Resolve nameid session attribute from local macros ( #2280 )
2020-08-17 22:06:09 +02:00
Maxime Besson
9ac49b881a
Lookup casAppMetaDataOptionsUserAttribute in per-app macros ( #2280 )
2020-08-17 22:06:09 +02:00
Maxime Besson
52c6edb453
Lookup oidcRPMetaDataOptionsUserIDAttr in per-RP macros ( #2280 )
2020-08-17 22:06:09 +02:00
Maxime Besson
b2a2575896
Fix incorrect SOAP content type in SAML issuer ( #2263 )
2020-08-10 15:06:00 +02:00
Clément OUDOT
e544ee7778
Adapt user log in SAML issuer ( #2244 )
2020-06-18 18:40:13 +02:00
Clément OUDOT
5d5eda9799
Adapt user log in CAS issuer ( #2244 )
2020-06-18 18:39:53 +02:00
Clément OUDOT
0b3908e6dc
Add user log in GET issuer ( #2244 )
2020-06-18 18:01:33 +02:00
Clément OUDOT
2da914cc90
Publish support for refresh_token grant_type ( #2242 )
2020-06-18 09:43:56 +02:00
Maxime Besson
33a5496e55
Fix regression in #2085 ( #2224 )
...
Clearing all hidden form values was a mistake as it breaks SAML when the
redirection URL contains a query string. We should keep existing hidden
fields. In the context of OIDC request, we clear them before redirection
to avoid #2085
2020-05-29 15:51:51 +02:00
Christophe Maudoux
bb9e03d1e5
Tidy
2020-05-24 00:04:33 +02:00
Christophe Maudoux
46bb6fea4f
Return PE_SESSIONEXPIRED instead of 400 bad request ( #2184 )
2020-05-01 19:52:32 +02:00
Maxime Besson
e607d8281f
OIDC: do not advertise missing functionality ( #1194 )
...
Back-Channel logout is not supported yet
2020-04-24 12:15:51 +02:00
Clément OUDOT
138ee4284f
Disable cache when registering a new OIDC client ( #2058 )
2020-04-24 11:52:04 +02:00
Maxime Besson
a3821fc560
Implement additional audiences in ID token ( #2177 )
2020-04-24 11:10:44 +02:00
Maxime Besson
6ccf078432
Implement Resource Owner Password Credentials grant ( #2155 )
2020-04-23 17:49:25 +02:00
Maxime Besson
ded6c74fe0
Allow special characters in scope names ( #2168 )
2020-04-23 14:50:53 +02:00
Maxime Besson
31f05b9e2d
Make Introspection endpoint look for offline sessions ( #2171 )
2020-04-23 10:29:08 +02:00
Maxime Besson
626715a580
Prevent duplicate consents in psession ( #2169 )
2020-04-22 21:26:38 +02:00
Maxime Besson
a217590869
Tidy OIDC
2020-04-22 21:25:56 +02:00
Christophe Maudoux
ea8b0bb024
Highlight error message ( #2126 & #1625 )
2020-03-28 18:12:34 +01:00
Christophe Maudoux
68e2e81898
Fix warning if error is undefined ( #2126 & #1625 )
2020-03-28 17:59:37 +01:00
Xavier Montagutelli
9c0e09f89d
Update OpenIDConnect.pm - Correct typo staticPrefi*x*
2020-03-26 16:48:31 +01:00
Maxime Besson
34928123f3
OIDC refactoring
...
split token method by response type
factor ID token generation between implicit and hybrid flows
still a lot to do!
2020-03-18 21:14:54 +01:00
Maxime Besson
4ae628bfcd
Avoid generatin a bogus ID token when generation fails ( #2105 )
2020-02-24 16:28:41 +01:00
Xavier Guimard
a76cba3856
Update versions
2020-02-20 23:37:01 +01:00
Maxime Besson
5758e371bf
Improve introspection endpoint ( #2096 )
2020-02-19 21:49:51 +01:00
Maxime Besson
68be974e51
Add option to compute userdb groups before macros ( #1877 )
2020-02-05 15:39:45 +01:00
Maxime Besson
3b48746948
SAML: Hide error in storeEnv ( #2084 )
2020-02-03 17:08:18 +01:00
Clément OUDOT
681452524d
Associate SAML access rule to SP conf key and not SP entityID ( #2074 )
2020-01-24 09:01:56 +01:00
Christophe Maudoux
1988983c90
Typo
2019-12-31 17:14:44 +01:00
Clément OUDOT
f5c2b81051
Possibility to add extra claims and extra vars in OIDC register ( #2003 )
2019-12-21 12:08:48 +01:00
Maxime Besson
f7f526b825
Fix #1882 in refresh token code
2019-12-17 10:59:45 +01:00
Maxime Besson
a410793122
CAS per-service macros portal code ( #2042 )
2019-12-16 17:26:35 +01:00
Maxime Besson
2a15bb0523
SAML per-service macros portal code ( #2042 )
2019-12-16 17:26:34 +01:00
Maxime Besson
32ecf37be4
OIDC per-service macros portal code ( #2042 )
2019-12-16 17:26:34 +01:00
Maxime Besson
75559bfb15
Fix TTL of offline session ( #813 )
2019-11-27 12:12:47 +01:00
Maxime Besson
2639c482b1
Fix cookie removal on SAML logout ( #2001 )
...
Since the fixes for #1863 , calling p->do consumes the response headers
set by any previous code. So we must only call do() in a return statement.
2019-11-06 18:44:10 +01:00
Maxime Besson
713737c11f
Add an option to return claims in ID token
2019-11-04 18:27:28 +01:00
Maxime Besson
68704955d2
Apply suggestion to lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm
2019-11-04 10:47:35 +01:00
Maxime Besson
a386a7502a
Allow refresh tokens to be emitted for regular sessions ( #813 )
2019-11-04 10:44:54 +01:00