dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9,295 Commits 3 Branches 0 Tags 75 MiB
27b2f65a1c
Commit Graph

856 Commits

Author SHA1 Message Date
Maxime Besson
e1f927a195 Check service= parameter on CAS logout (#1795) 
service= redirect URL is not checked when logging out from CAS, to avoid
insecure redirect attacks. The verification is only made if CAS access
control is enabled.

In order for this to work in common cases (applications redirects to an
unprotected page after logout), we add CAS App domains to the list of
globally trusted domains.

If your application wants to redirect to a third-party domain, it needs
to be added to LLNG's trustedDomains
 2019-06-27 12:40:40 +02:00
Maxime Besson
5f9c4c231d Add authenticated routes to 2FA for session upgrade (#1822) 2019-06-26 23:33:00 +02:00
Maxime Besson
98650cd9f0 Add unit test for #1821 2019-06-26 22:13:12 +02:00
Xavier Guimard
a42c5f9f71 Clean tests (#1819) 2019-06-26 13:17:26 +02:00
Xavier Guimard
e91f6df254 Fix test count (#1813) 2019-06-25 10:00:46 +02:00
Xavier Guimard
390ccb4f5b Fix Apache::Session::REST::get_key_from_all_sessions when using CODE (#1813) 2019-06-25 09:48:15 +02:00
Xavier Guimard
ddde26fa1c Add searchOn() in Apache::Session::REST (#1813) 2019-06-25 09:18:58 +02:00
Xavier
c5d6bc42b6 Add get_key_from_all_sessions in Apache::Session::REST (#1813) 2019-06-24 23:07:34 +02:00
Xavier
750eaafe65 Fix test rule to hide some warnings 2019-06-20 21:48:13 +02:00
Xavier
38bb0cedf6 Typo 2019-06-20 21:27:49 +02:00
Xavier
8bd2a6c244 Prove that sessionInfo() is launched by each UserDB in combination (#1809) 2019-06-20 21:17:29 +02:00
Xavier
2d5b38fb95 Fix LDAP schema path for Debian. This permits to enable LDAP tests during build 2019-06-19 09:22:44 +02:00
Xavier
05f2dc6993 Fix t/28-AuthChoice-and-password.t 2019-06-19 09:14:03 +02:00
Christophe Maudoux
9fa11709e6 Append options to use Notifications plugin & set notification reference (#1796) 2019-06-17 22:31:44 +02:00
Antoine ROSIER
dab5a9c3df Improve displaying checkuser template and rewrite tests #1806 2019-06-17 14:56:31 +02:00
Christophe Maudoux
862116245d Fix unit tests (#1796) 2019-06-16 23:01:13 +02:00
Christophe Maudoux
c3b3c281ad Hide _2fDevices with REST services 2019-06-16 20:33:34 +02:00
Christophe Maudoux
d6f3dd459a Display message (#1796) 2019-06-16 16:02:48 +02:00
Xavier
8cc2beb976 Fix #1799 test 2019-06-15 08:42:21 +02:00
Xavier
e30cf69053 Add #1799 test 2019-06-15 08:29:36 +02:00
Christophe Maudoux
5218944bf2 Improve unit tests (#1796) 2019-06-14 23:11:10 +02:00
Christophe Maudoux
fde6ff2cc8 WIP (#1796) 2019-06-14 23:09:32 +02:00
Xavier Guimard
65eaefa75f Tidy 2019-06-14 17:23:26 +02:00
Xavier
bb0784b843 Typo 2019-06-13 22:15:46 +02:00
Xavier
8d642da8cb Improve #1782 2019-06-13 22:10:30 +02:00
Xavier
c8696262ee Test that proves that Choice can be embedded in Combination (#1801) 
TODO: display fails
 2019-06-13 19:58:34 +02:00
Xavier Guimard
2a021e37ea Don't require getDisplayType in Choice (#1800) 2019-06-13 17:51:36 +02:00
Xavier Guimard
288fe5159c Merge remote-tracking branch 'maxbes/issue1764-langsession' into v2.0 2019-06-13 09:59:33 +02:00
Maxime Besson
0cd12999dd Make impersonation tests insensitive to ordering 2019-06-13 09:26:19 +02:00
Maxime Besson
1a66da30f9 Store portal language in _language user session key (#1764) 2019-06-13 09:26:19 +02:00
Christophe Maudoux
53daa6cee6 Improve unit tests (#1782) 2019-06-12 22:33:18 +02:00
Xavier
eef82808a2 Improve #1795 test 2019-06-11 21:49:27 +02:00
Xavier
a6aaf8a507 Add XSS test (#1795) 2019-06-11 21:30:15 +02:00
Maxime Besson
97d0bbf0aa Fix CASv2 logout (#1753) 2019-06-11 16:18:15 +02:00
Xavier Guimard
9e932b525c Merge branch 'issue1794-accentregister' into 'v2.0' 
Register: better handling of special chars (#1794)

See merge request lemonldap-ng/lemonldap-ng!78
 2019-06-10 22:57:34 +02:00
Maxime Besson
f195db2a5a Register: better handling of special chars (#1794) 2019-06-10 22:45:15 +02:00
Christophe Maudoux
e638f5ff58 Improve & rename unit test (#1782) 2019-06-10 20:56:22 +02:00
Christophe Maudoux
0fd070cbad Append unit test (#1791) 2019-06-08 22:22:08 +02:00
Christophe Maudoux
e57de60ac2 Improve unit tests (#1791) 2019-06-08 22:09:32 +02:00
Christophe Maudoux
ee7af4aec0 Improve unit tests (#1782) 2019-06-07 19:51:51 +02:00
Xavier
f4bca7430a Add addAuthRouteWithRedirect() method to Try (#1787) 2019-06-06 22:59:02 +02:00
Christophe Maudoux
59637200fd Improve unit test (#1774) 2019-06-04 23:18:35 +02:00
Christophe Maudoux
2b21762a9a Update unit tests (#1774) 2019-06-04 18:18:53 +02:00
Christophe Maudoux
02b7126d16 Append unit test (#1780) 2019-06-02 22:40:19 +02:00
Christophe Maudoux
0546af93e0 Append diag msg 2019-06-02 22:38:34 +02:00
Christophe Maudoux
5ce1220d76 Rename test file 2019-06-02 22:37:54 +02:00
Christophe Maudoux
9123cb0c35 Append unit test (#1781) 2019-06-01 23:22:48 +02:00
Christophe Maudoux
58c1a58129 Append unit test - Captcha (#1769) 2019-06-01 20:54:39 +02:00
Christophe Maudoux
9dfb0cffa3 Typo 2019-06-01 20:53:34 +02:00
Christophe Maudoux
fca77bbc7a Append unit test (#1769) 2019-06-01 11:48:29 +02:00
Christophe Maudoux
dc4ca65d1b Typo 2019-06-01 11:48:07 +02:00
Christophe Maudoux
a584fd1251 Improve unit test (#1765) 2019-05-31 21:26:09 +02:00
Christophe Maudoux
beecf460f9 Improve unit tests 2019-05-31 17:50:59 +02:00
Christophe Maudoux
35f1677747 Append unit test and fix CORS headers (#1765) 2019-05-31 17:50:44 +02:00
Christophe Maudoux
666aeeebbc Improve unit test (#1774) 2019-05-31 00:06:26 +02:00
Christophe Maudoux
6b7748ca40 Improve unit test (#1774) 2019-05-30 23:59:47 +02:00
Christophe Maudoux
2be32cfb40 Improve & append unit test (#1774) 2019-05-30 12:29:51 +02:00
Christophe Maudoux
3e2a6aeb34 Append unit test (#1774) 2019-05-30 12:26:50 +02:00
Christophe Maudoux
8e19bc2279 Diag msg ;-) 2019-05-29 00:09:23 +02:00
Christophe Maudoux
a89f83294b Retrieve session from DB if exists & Improve unit test (#1774) 2019-05-28 23:55:54 +02:00
Xavier
e4174be166 Increase timeout (#1777) 2019-05-28 21:51:11 +02:00
Xavier
ead61416e0 Add test for #1777 2019-05-28 21:50:07 +02:00
Christophe Maudoux
b8d242464d Improve unit tests (#1775) 2019-05-27 22:42:02 +02:00
Christophe Maudoux
621603d312 Improve unit test (#1771) 2019-05-26 17:28:16 +02:00
Christophe Maudoux
0b9695e5b9 Rename unit tests (69 already used by FavApps plugin) 2019-05-26 12:57:39 +02:00
Christophe Maudoux
ab0bab22c6 Improve Impersonation unit tests 2019-05-26 12:56:33 +02:00
Maxime Besson
c65e22dcf8 Add missing Finnish flag 
And some unit tests to make all language have a matching flag icon
 2019-05-24 15:18:49 +02:00
Christophe Maudoux
1bcf4e09af Append double cookies and refresh request unit tests (#1747) 2019-05-20 23:05:47 +02:00
Christophe Maudoux
a03301fabd Tidy (#1749) 2019-05-20 23:03:10 +02:00
Christophe Maudoux
dbb2aa093e Append double cookies unit tests (#1749) 2019-05-19 21:52:46 +02:00
Christophe Maudoux
2b49ce5bd0 Append DoubleCookies unit test & Update manifest (#1749) 2019-05-19 14:06:43 +02:00
Xavier
b91d1d4b87 Tidy 2019-05-16 20:45:14 +02:00
Christophe Maudoux
c20c14ac95 Append unit test (#1755) 2019-05-15 23:50:28 +02:00
Christophe Maudoux
e46fac82b2 CheckUser with tokenGlobalStorage & Warn if SSO groups are merged 2019-05-15 23:45:06 +02:00
Clément OUDOT
05cd4d4a58 Fix update token with global storage (#1742) 2019-05-12 20:39:25 +02:00
Xavier
9a71709f44 Tidy 2019-05-11 23:03:48 +02:00
Christophe Maudoux
a93caace4b Improve unit test (#1746) 2019-05-11 23:01:52 +02:00
Christophe Maudoux
8737fc0808 Impersonation with doubleCookie & Append unit test (#1746) 2019-05-11 22:57:52 +02:00
Xavier
f3c4ea0afb Tydy 2019-05-11 20:18:43 +02:00
Xavier
fe4fe6a7d3 Add security test (#1742) 2019-05-11 15:56:17 +02:00
Xavier
6235b303b3 #1742 in progress... 2019-05-11 09:31:17 +02:00
Xavier
22acb06555 Test to prove that #1743 is fixed 2019-05-10 18:50:20 +02:00
Christophe Maudoux
c40857f747 Improve unit test (#1664) 2019-05-04 12:32:38 +02:00
Christophe Maudoux
99e80a1c4b Improve unit test (#1730) 2019-05-03 21:43:49 +02:00
Christophe Maudoux
789cbbb340 Fix unit test 2019-05-01 23:39:22 +02:00
Christophe Maudoux
409f845dd2 Improve unit test (#1664) 2019-04-30 14:57:45 +02:00
Christophe Maudoux
04aae64a9f Improve unit test 2019-04-29 22:33:11 +02:00
Christophe Maudoux
4f430ca4be Improve unit test 2019-04-29 22:33:11 +02:00
Clément OUDOT
8e6f678be7 Create a configuration option to allow a Relying Party to be a public client 
Allow unauthenticated requests on OAuth2 token endoint

#1725
 2019-04-29 10:02:16 +02:00
Maxime Besson
2f9e6aa623 Allow override of username attribute for CAS apps 
Global CAS options allows the admistrator to set the session attribute
that gets exported to all CAS application as the main identifier
(cas:user)

This commit adds the ability to override this configuration for a
particular CAS application.

OIDC already allows this

Fixes #1713
 2019-04-28 21:06:34 +02:00
Maxime Besson
62f16721ff Send username when calling CAS1.0 validation 
Fixes #1724
 2019-04-28 19:29:54 +02:00
Christophe Maudoux
69444b701b Improve unit test (#1712) 2019-04-16 21:13:02 +02:00
Christophe Maudoux
d9af0529db Improve unit test (#1712) 2019-04-15 23:03:56 +02:00
maudoux
214dc44232 Improve unit test (#1704) 2019-04-13 21:02:47 +02:00
Xavier
bc6f321b60 Don't fail when DBI isn't available. Fixes: RT#129128 2019-04-11 22:29:34 +02:00
Clément OUDOT
c2a4454f93 Add possibility to manually skip GPG test 2019-04-11 12:43:58 +02:00
Clément OUDOT
4db9839850 Fix some warnings in tests 2019-04-11 11:58:21 +02:00
Clément OUDOT
6b2920522d Backport code to run test on CentOS 7 2019-04-11 11:18:22 +02:00
maudoux
41c40cec02 Improve unit test (#1704) 2019-04-10 23:03:17 +02:00
maudoux
74a3b4a242 Improve unit test (#1704) 2019-04-10 22:50:34 +02:00
Xavier
046585020f Allow hashes in Combination module overload (Closes: #1707) 2019-04-09 21:01:55 +02:00
Christophe Maudoux
f1cb8d236e Checkuser case unsensitive for URL only & Improve unit test (1667) 2019-04-09 16:56:00 +02:00
Xavier
0385422d69 Improve #1700 test 2019-04-09 07:16:05 +02:00
Xavier
577d4d0469 Improve #1700 test 2019-04-08 22:30:35 +02:00
Xavier
0ea69bb87d Improve #1700 test 2019-04-08 21:56:35 +02:00
Xavier
ce00317db8 Add AuthBasic test (#1700) 2019-04-08 21:52:59 +02:00
maudoux
046d740109 Fix regex unit tests (#1664) 2019-04-06 21:45:07 +02:00
maudoux
2fabde045b Fix RexExp in unit test (#1694) 2019-04-06 14:09:58 +02:00
Maxime Besson
666e59ad6e Fix #1698 by clearing saml request token on unauth issuer flow 
Add some unit tests to make sure relevant pdata is cleared after authentication
 2019-04-05 23:27:21 +02:00
Christophe Maudoux
64952d670e Improve unit test (#1664) 2019-04-05 20:02:24 +02:00
maudoux
72bee11c2a Improve unit test (#1694) 2019-04-03 23:27:45 +02:00
Xavier Guimard
ece9b21219 Remove trailing whitespaces 2019-04-03 14:15:16 +02:00
Maxime Besson
4b0994af35 Add unit test for #1668 with multiple SP 2019-04-03 11:20:24 +02:00
Maxime Besson
730da67c44 Add HTTP-Redirect unit test for #1671 2019-04-03 11:20:24 +02:00
maudoux
e4bc7c55d6 Improve unit test (#1664) 2019-04-02 22:08:15 +02:00
Clément OUDOT
a805a5a00b Manage SLO responses (#1671) 2019-04-02 17:27:47 +02:00
Clément OUDOT
502a32e257 Add unit test and fix code for ppolicy grace (#1691) 2019-04-01 09:58:56 +02:00
Maxime Besson
3575e0ef23 Clear url pdata on CDA redirection 
Fixes #1650
 2019-03-19 19:15:47 +01:00
Clément OUDOT
8a9a5b0b3a New method to override messages with JSON files (#1595) 2019-03-19 17:39:13 +01:00
Clément OUDOT
447c09c0a2 Remove old translation file (#1595) 2019-03-19 15:38:36 +01:00
Clément OUDOT
9798c78068 Remove userData if authentication fails (#1666) 2019-03-18 21:29:15 +01:00
Clément OUDOT
4366488fb6 Adapt GrantSession plugin to display authentication error on login form (#1666) 2019-03-18 11:53:30 +01:00
Clément OUDOT
d620ae2e8b Merge branch 'maxbes/lemonldap-ng-saml-issuer-entityid-override' into v2.0 2019-03-13 10:30:16 +01:00
Clément OUDOT
dee4818f0c Merge branch 'issue1543' into 'v2.0' 
Save Urldc when using SAML Discovery

See merge request lemonldap-ng/lemonldap-ng!62
 2019-03-13 10:19:14 +01:00
Maxime Besson
8f5fbb077e When logout-initiating SP has no known SLO endpoint, fallback to portal 
In some federations, SLO endpoints are not published, yet SP are still
able to initiate logouts.

This used to cause an error on the portal, this commit changes the error
into a warning in logs. The user remains on the portal and sees a normal
logout message.
 2019-03-12 17:58:41 +01:00
Christophe Maudoux
83603ebee9 Typo 2019-03-12 16:29:38 +01:00
Christophe Maudoux
27d3d165ec Improve unit test (#1658) 2019-03-12 10:24:31 +01:00
Christophe Maudoux
772b82cd94 Improve unit test (#1664) 2019-03-11 22:53:58 +01:00
Maxime Besson
257d329151 Fix display of ok/nok image during multi-sp saml logout 2019-03-11 18:13:06 +01:00
Christophe Maudoux
58ec712481 Fix debug mode (#1658) 2019-03-10 22:58:23 +01:00
Christophe Maudoux
4ae85e2c97 Tidy 2019-03-10 22:55:21 +01:00
Christophe Maudoux
bb79385a84 Improve unit test (#1664) 2019-03-10 22:53:41 +01:00
Christophe Maudoux
19c26e2cd0 Improve unit test (#1658) 2019-03-10 22:53:26 +01:00
Christophe Maudoux
c48fbf8beb Improve unit tests (#1669) 2019-03-10 22:23:12 +01:00
Christophe Maudoux
6dd9105d0a Improve unit tests (#1658) 2019-03-10 22:02:19 +01:00
Christophe Maudoux
30081e9971 Fix unit test (#1658) 2019-03-09 23:52:25 +01:00
Xavier Guimard
bc2bef4ff4 Please use our .perltidyrc 2019-03-07 18:22:58 +01:00
Christophe Maudoux
09996f9894 Improve unit test (#1667) 2019-03-07 15:23:57 +01:00
Christophe Maudoux
6e50f41687 Fix session update (#1664) 2019-03-06 21:29:03 +01:00
Christophe Maudoux
e32e5adf59 Append unit test (#1664) 2019-03-06 21:28:45 +01:00
Christophe Maudoux
e506c5cc58 Using current session if exists (#1664) 2019-03-06 19:26:32 +01:00
Christophe Maudoux
13fdc5eda8 Append unit test (#1664) 2019-03-06 17:58:09 +01:00
Xavier Guimard
26b80873be Modify Try.pm to handle authorizations (#1658) 2019-03-05 21:11:07 +01:00
Christophe Maudoux
6ba5c4b530 Update unit test (#1658) 2019-03-05 19:42:29 +01:00
Christophe Maudoux
556cfcf355 Fix unit test (#1664) 2019-03-04 22:00:07 +01:00
Christophe Maudoux
419489fa08 Improve unit test (#1664) 2019-03-04 21:28:21 +01:00
Maxime Besson
58a823c222 Add unit tests for metadata generation 2019-03-04 09:33:12 +01:00
Christophe Maudoux
f8160f2130 Append unit test (#1658) 2019-03-02 13:11:56 +01:00
Christophe Maudoux
f3617ef947 Append unit test (#1658) 2019-03-01 21:46:35 +01:00
Maxime Besson
756cf38159 Add unit tests 2019-03-01 10:18:57 +01:00