dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
10,709 Commits 3 Branches 0 Tags 75 MiB
32d52b96d8
Commit Graph

2735 Commits

Author SHA1 Message Date
Christophe Maudoux
8b6ab584cf WIP: Update langs & append conf test (#2276) 2020-08-27 14:38:11 +02:00
Christophe Maudoux
4d52fedfe5 WIP - Incremental tempo 2020-08-25 22:58:47 +02:00
Maxime Besson
c5900ece14 Kerberos: fail with an explicit message on NTLM ticket (#2295) 2020-08-25 20:01:28 +02:00
Clément OUDOT
f158961fa6 Fix bad reference usage on hash 2020-08-25 00:27:06 +02:00
Christophe Maudoux
e84b29aca4 Display special chars password policy with expired password form (#2289) 2020-08-24 22:43:15 +02:00
Maxime Besson
a7b09f8dbb Auth::SAML: fix warning on empty session index (#2291) 2020-08-24 17:24:55 +02:00
Maxime Besson
5e78464d7f Resolve nameid session attribute from local macros (#2280) 2020-08-17 22:06:09 +02:00
Maxime Besson
9ac49b881a Lookup casAppMetaDataOptionsUserAttribute in per-app macros (#2280) 2020-08-17 22:06:09 +02:00
Maxime Besson
52c6edb453 Lookup oidcRPMetaDataOptionsUserIDAttr in per-RP macros (#2280) 2020-08-17 22:06:09 +02:00
Maxime Besson
4497f39efe Factor psession id calculation into Common 2020-08-17 18:43:29 +02:00
Maxime Besson
26cd1945fb Try to compute the correct value of SameSite by default (#2281) 2020-08-17 18:05:09 +02:00
Maxime Besson
7a02fdf8e5 rollback caa346d075 (#2179) 
No longer needed since #2261
 2020-08-12 09:49:14 +02:00
Maxime Besson
9d9e16e3f9 Remove setAuthSessionInfo from refresh process (#2261) 2020-08-12 09:49:14 +02:00
Christophe Maudoux
ca514f69e5 Fix version (#2274) 2020-08-11 22:43:32 +02:00
Christophe Maudoux
08ad68824e Fix 500 error (#2274) 2020-08-11 22:03:32 +02:00
Maxime Besson
b2a2575896 Fix incorrect SOAP content type in SAML issuer (#2263) 2020-08-10 15:06:00 +02:00
Maxime Besson
9aa3b9b03f Add correct secure flag to pdata cookie (#2272) 2020-08-10 12:10:33 +02:00
Maxime Besson
a96820d6f6 Set secure flag when removing cookie (#2272) 2020-08-10 12:10:33 +02:00
Christophe Maudoux
a1ebb0ee02 Fix ContextSwitching redirect & update unit tests (#2273) 2020-08-08 20:00:41 +02:00
dcoutadeur
0045daa592 fix increase log level for mail sending and password reset (#2265) 2020-07-28 15:04:55 +02:00
Clément OUDOT
d1418952eb Convert mutli-valued attributes into arrays for OIDC UserInfo (#2256) 2020-07-16 20:19:41 +02:00
Clément OUDOT
c5db3bc8bd Add country to address claim (#2257) 2020-07-16 19:58:53 +02:00
Baptiste Pecatte
5fbf7ae533 Remove useless variable 2020-07-05 13:11:28 +02:00
Baptiste Pecatte
2816bed66e Add host to logs for use with fail2ban 2020-07-05 13:11:28 +02:00
Maxime Besson
5df1850847 Add cache-control headers to sendJSONresponse (#2234) 2020-06-24 15:49:50 +02:00
Clément OUDOT
e544ee7778 Adapt user log in SAML issuer (#2244) 2020-06-18 18:40:13 +02:00
Clément OUDOT
5d5eda9799 Adapt user log in CAS issuer (#2244) 2020-06-18 18:39:53 +02:00
Clément OUDOT
0b3908e6dc Add user log in GET issuer (#2244) 2020-06-18 18:01:33 +02:00
Clément OUDOT
2da914cc90 Publish support for refresh_token grant_type (#2242) 2020-06-18 09:43:56 +02:00
Clément OUDOT
7d327f0e2e Do not remove mail token before form has been submitted (#2239) 2020-06-17 16:29:31 +02:00
Christophe Maudoux
b86c3431c2 Append setSession info step (#2172) 2020-06-07 13:25:07 +02:00
Christophe Maudoux
b04b2076de Preserve real_hGroups (#2229) 2020-06-06 23:27:37 +02:00
Maxime Besson
568c28d707 Fix REST clock tolerance (#2225) 
plus a bit of refactoring
 2020-06-03 10:47:37 +02:00
Maxime Besson
33a5496e55 Fix regression in #2085 (#2224) 
Clearing all hidden form values was a mistake as it breaks SAML when the
redirection URL contains a query string. We should keep existing hidden
fields. In the context of OIDC request, we clear them before redirection
to avoid #2085
 2020-05-29 15:51:51 +02:00
Maxime Besson
e9c05a63b2 Yubikey: use userdb-provisionned session field (#2189) 2020-05-25 18:57:07 +02:00
Christophe Maudoux
bb9e03d1e5 Tidy 2020-05-24 00:04:33 +02:00
Christophe Maudoux
53e16eca8c Append unit tests (#2207) 2020-05-23 23:02:37 +02:00
Clément OUDOT
39d7344f75 Add userLogger message in Demo backend (#2216) 2020-05-22 14:52:58 +02:00
Clément OUDOT
4b5670a723 Fetch Public keys and GPG keys from GitHub (#2203) 2020-05-21 22:55:42 +02:00
Christophe Maudoux
1113fab014 Append ContextSwitching unrestrictedUsers rule (#2207) 2020-05-20 21:53:13 +02:00
Christophe Maudoux
312445d543 Append checkUser unrestrictedUsers rule & Fix idRule (#2207 & #2215) 2020-05-20 21:23:31 +02:00
Christophe Maudoux
eb65264d5d Append Impersonation unrestrictedUsers rule & Update langs (#2207) 2020-05-19 23:33:07 +02:00
Maxime Besson
9d7e5c61cc handle empty string value for yubikey parameters (#2211) 2020-05-18 12:34:34 +02:00
Christophe Maudoux
2ecd0b18a8 Skip bad GrantSession rules & Improve unit test (#2201) 2020-05-10 14:26:08 +02:00
Maxime Besson
db9e862843 Merge branch 'feature-userdb-password-restserver' into v2.0 2020-05-09 20:07:24 +02:00
Christophe Maudoux
9bf915b5dc Fix unit tests & Version 2020-05-08 23:03:16 +02:00
Clément OUDOT
7efaf9d5cd User not always known in try subroutine (#2165) 2020-05-04 22:20:17 +02:00
Clément OUDOT
0bf1bfb7dd Do not stop logout process on error in Combination (#2165) 2020-05-04 21:53:14 +02:00
Clément OUDOT
7ed251ce3f Better log messages (#2165) 2020-05-04 21:48:06 +02:00
Xavier Guimard
6caf88a174 Better warning fix 2020-05-04 16:42:41 +02:00
Xavier Guimard
5d10695a79 Fix warning 2020-05-04 16:40:57 +02:00
Xavier Guimard
0f4ed9ecbe Add a test in combination to catch error when combination rule is unstable (#2165) 2020-05-04 16:37:15 +02:00
Maxime Besson
9464bd2503 Merge branch 'fix-oidc-consent-2fa-2142' into 'v2.0' 
Fix #2142

See merge request lemonldap-ng/lemonldap-ng!135
 2020-05-04 16:00:35 +02:00
Xavier Guimard
317bfcd97d Clean all issuer when issuerTs expires (fixes: #2186) 2020-05-04 15:42:25 +02:00
Xavier Guimard
52938222a5 Fix combination logout if condition changed (Fixes: #2165) 2020-05-04 15:29:16 +02:00
Christophe Maudoux
46bb6fea4f Return PE_SESSIONEXPIRED instead of 400 bad request (#2184) 2020-05-01 19:52:32 +02:00
Maxime Besson
dfc4411eae Add UserDB methods to REST server (#1659) 2020-05-01 13:44:23 +02:00
Maxime Besson
b5d461da47 Add password methods to REST server (#1598) 2020-05-01 13:44:23 +02:00
Maxime Besson
6adb0e17b3 Use req->data instead of req->userData to retrieve LDAP dn (#1598) 2020-05-01 13:44:23 +02:00
Maxime Besson
0c77c0b46d Add missing SetSecurity in UserDB::REST (#1659) 2020-05-01 13:43:12 +02:00
Maxime Besson
172993fcd6 Add useMail to UserDB::REST (#1659) 2020-05-01 13:43:12 +02:00
Maxime Besson
29d44121d7 Add useMail to Password::REST (#1598) 2020-05-01 13:43:12 +02:00
Christophe Maudoux
7014327232 Append an option to display sfManager link (#2185) 2020-04-30 20:50:10 +02:00
Clément OUDOT
ac9769ff69 Prepare release 2.0.8 2020-04-30 19:59:37 +02:00
Xavier Guimard
d801070a8f Clean also pdata in Main::Issuer::_redirect() ("1939) and add @maxbes test 2020-04-30 12:56:28 +02:00
Christophe Maudoux
dc672c2d1f Force FF to submit forms (#2158) 2020-04-30 12:43:06 +02:00
Christophe Maudoux
bd28760bd7 Change plugins loading order (#2180) 2020-04-29 19:36:18 +02:00
Maxime Besson
8eb9120af7 RESTServer: Clarify error message when time skew is too great 
deab21e091 did only half the job
 2020-04-29 18:41:11 +02:00
Christophe Maudoux
a7a0f25321 Update function signature and params list 2020-04-28 18:24:55 +02:00
Christophe Maudoux
591f953d5e Merge branch 'v2.0' into 2178-new 2020-04-28 18:20:49 +02:00
Clément OUDOT
9cd079e8fe Manage multi valued attributes in CAS authentication module (#2118) 2020-04-28 12:44:16 +02:00
Christophe Maudoux
a52c8f53b0 Use rule (#2178) 2020-04-27 22:12:12 +02:00
Christophe Maudoux
763eb04b4b Update tree (#2178) 2020-04-27 20:39:02 +02:00
Christophe Maudoux
caa346d075 Restore previous authentication level (#2179) 2020-04-27 18:20:23 +02:00
Maxime Besson
c1fb1a1b66 Mitigate #1980 by displaying an error to the user 2020-04-27 17:40:34 +02:00
Maxime Besson
7e502af391 Add option to remove "Refresh my rights" from menu 2020-04-27 17:19:41 +02:00
Clément OUDOT
a97041f8cd Fix test for Issuer timeout (#1939) 2020-04-27 14:40:45 +02:00
Xavier Guimard
dff45f5456 Fix tytpe (#1939) 2020-04-27 10:31:03 +02:00
Christophe Maudoux
ac06832c1e Partial revert 2020-04-26 12:13:13 +02:00
Christophe Maudoux
81185fef82 Improve code 2020-04-26 11:25:12 +02:00
Xavier Guimard
c868cb431f Add pdata timeout for issuers (#1939) 2020-04-26 09:31:38 +02:00
Christophe Maudoux
fd19547c1c Tidy 2020-04-25 14:51:11 +02:00
Christophe Maudoux
a3c11a662a Code refactoring (#1664) 2020-04-25 14:47:10 +02:00
Christophe Maudoux
5dffb9de78 Code refactoring (#1999) 2020-04-25 14:42:02 +02:00
Christophe Maudoux
23d721c7c5 Code refactoring (#1956) 2020-04-25 14:41:33 +02:00
Christophe Maudoux
522b2bd860 Code refactoring (#1783) 2020-04-25 14:41:23 +02:00
Christophe Maudoux
4fefa02028 Code refactoring (#1658) 2020-04-25 14:39:40 +02:00
Christophe Maudoux
9d6197232f Improve code (#2163) 2020-04-25 11:44:27 +02:00
Christophe Maudoux
c61ae6be59 Tidy (#2163) 2020-04-25 01:02:25 +02:00
Christophe Maudoux
36fbc98bed Fix error return (#1999) 2020-04-25 01:01:57 +02:00
Christophe Maudoux
d387c0f355 Display otherSessions & remove Link (#2163) 2020-04-25 00:43:56 +02:00
Maxime Besson
e607d8281f OIDC: do not advertise missing functionality (#1194) 
Back-Channel logout is not supported yet
 2020-04-24 12:15:51 +02:00
Clément OUDOT
138ee4284f Disable cache when registering a new OIDC client (#2058) 2020-04-24 11:52:04 +02:00
Maxime Besson
a3821fc560 Implement additional audiences in ID token (#2177) 2020-04-24 11:10:44 +02:00
Christophe Maudoux
6018610196 Make checkUser option rules (#2173) 2020-04-24 00:25:10 +02:00
Maxime Besson
6ccf078432 Implement Resource Owner Password Credentials grant (#2155) 2020-04-23 17:49:25 +02:00
Maxime Besson
37f71a43b5 create helper function to display portal error code 2020-04-23 17:49:25 +02:00
Maxime Besson
ded6c74fe0 Allow special characters in scope names (#2168) 2020-04-23 14:50:53 +02:00
Christophe Maudoux
d11442ed26 Append setSessionInfo step (#2172) 2020-04-23 14:16:46 +02:00
Xavier Guimard
0baf014e6b Revert "Fix part of circular links (related to #1990)" 
This reverts commit c9e7f3a1b0.
 2020-04-23 12:00:51 +02:00
Maxime Besson
31f05b9e2d Make Introspection endpoint look for offline sessions (#2171) 2020-04-23 10:29:08 +02:00
Xavier Guimard
24c1a2e90a Restore default route (#1990) 2020-04-22 22:09:15 +02:00
Xavier Guimard
d5da0362fd Fix #1990 2020-04-22 21:46:59 +02:00
Maxime Besson
626715a580 Prevent duplicate consents in psession (#2169) 2020-04-22 21:26:38 +02:00
Maxime Besson
a217590869 Tidy OIDC 2020-04-22 21:25:56 +02:00
Christophe Maudoux
a74b5acafa Merge branch 'fix-oidc-info-2085' into 'v2.0' 
Fix OIDC info before redirect (#2085)

See merge request lemonldap-ng/lemonldap-ng!134
 2020-04-22 18:17:58 +02:00
Christophe Maudoux
df9beb25f2 Merge branch 'fix-2081' into 'v2.0' 
Fix #2081 by detecting external URL

See merge request lemonldap-ng/lemonldap-ng!138
 2020-04-22 17:58:26 +02:00
Xavier Guimard
1f80a0ab8c Avoid little warning in test 2020-04-22 15:37:19 +02:00
Xavier Guimard
c9e7f3a1b0 Fix part of circular links (related to #1990) 2020-04-22 14:13:14 +02:00
Maxime Besson
ecbcc0b6b6 Fix #2081 by detecting external URL 2020-04-22 11:25:06 +02:00
Maxime Besson
92af252ae9 Make SingleSession configurable by rule (#2164) 2020-04-22 11:02:59 +02:00
Maxime Besson
0983c66139 Portal: add helper method to build a rule from a string 2020-04-22 11:02:59 +02:00
Xavier Guimard
1a13e3d0dc Really fix #2161 2020-04-21 22:09:40 +02:00
Maxime Besson
b8d72e21b4 fix display of deleted sessions (#2159) 2020-04-21 10:18:50 +02:00
Xavier Guimard
faadd4fc52 DBI: verify parameters during init (Fixes: #2161) 2020-04-21 07:55:07 +02:00
Christophe Maudoux
cd8f8bd847 Typo (#2159) 2020-04-21 00:03:45 +02:00
Maxime Besson
deab21e091 RESTServer: Clarify error message when time skew is too great 2020-04-20 17:14:32 +02:00
Christophe Maudoux
dcef93eea9 Update version (#2154) 2020-04-19 19:25:26 +02:00
Maxime Besson
55f3ca0e77 Improve error reporting for SAML replay protection 2020-04-18 19:54:02 +02:00
Christophe Maudoux
e00cb0ecf0 use localDate & Improve unit test (#1999) 2020-04-18 11:50:07 +02:00
Christophe Maudoux
612682fddb Sort active sessions (#1999) 2020-04-18 00:32:21 +02:00
Clément OUDOT
fb29673fdf GitHub authentication module (#2154) 2020-04-17 23:34:45 +02:00
Christophe Maudoux
478d205f07 Code refactoring & Tidy (#2138) 2020-04-17 20:00:36 +02:00
dcoutadeur dcoutadeur
2c6df4dfc0 Merge branch 'logoutforward' into 'v2.0' 
fix #2138 logout forward doesn't work anymore

See merge request lemonldap-ng/lemonldap-ng!136
 2020-04-17 17:56:48 +02:00
dcoutadeur
c984bb8b4a fix CAS logoutServices (see #2138 logout forward doesn't work anymore) 2020-04-17 17:36:43 +02:00
dcoutadeur
641c523b62 revert c1b61f535 fix CAS logoutServices 2020-04-17 17:14:16 +02:00
dcoutadeur
c1b61f535a fix CAS logoutServices (see #2138 logout forward doesn't work anymore) 2020-04-17 16:56:35 +02:00
dcoutadeur
17e56da82b cleaner solution for #2138 logout forward doesn't work anymore 2020-04-17 16:26:40 +02:00
Christophe Maudoux
c3f7755055 Merge branch 'v2.0' into fix-ssl-error-reporting-2110 2020-04-16 23:05:09 +02:00
Christophe Maudoux
b82bdd9e6f Tidy 2020-04-16 22:46:11 +02:00
Christophe Maudoux
4521705013 Avoid to create an empty SSO session (#1783) 2020-04-16 22:42:40 +02:00
dcoutadeur
cd15ac7a67 fix #2138 logout forward doesn't work anymore 2020-04-16 17:27:14 +02:00
Maxime Besson
7cc02dc179 Add auth routes for 2f choice screen (#2151) 2020-04-16 14:26:33 +02:00
Maxime Besson
6447396888 Improve SSL error reporting (#2110) 2020-04-15 18:43:27 +02:00
Maxime Besson
8c94bf0f13 Allow portal JSON responses to include a rendered HTML error block (#2110) 2020-04-15 18:42:31 +02:00
Maxime Besson
e1767abfda CORS: special handling for AJAX SSL (#2110) 2020-04-15 18:42:31 +02:00
Maxime Besson
2440fc7866 use sendJSONresponse instead of handcrafting portal response 2020-04-15 18:42:31 +02:00
Maxime Besson
4bcb391121 Add an easy way to set level of additional second factors (#2149) 2020-04-15 17:20:27 +02:00
Maxime Besson
755a5c3a6b post confirm to issuer url after restoring (#2142) 2020-04-14 21:46:30 +02:00
Maxime Besson
b512cc700c Replace hidden form values on info when urldc has a QS (#2085) 2020-04-14 18:48:35 +02:00
Christophe Maudoux
6d146f9c4b Verify that $field is defined with AuthSSL (#2141) 2020-04-11 22:54:55 +02:00
Christophe Maudoux
082d12ca5f Append customParam to globalLogout plugin (#2145) 2020-04-11 22:34:29 +02:00
Christophe Maudoux
3a4ab3bbec setSecurity if an error occurs with AuthChoice (#2144) 2020-04-11 18:55:44 +02:00
Christophe Maudoux
13bb55a818 Append an option to define apps tooltip & Improve unit test (#2140) 2020-04-08 22:40:28 +02:00
Christophe Maudoux
202a500c3e Tidy 2020-04-07 11:47:32 +02:00
Christophe Maudoux
0fb0bd1d07 Code refactoring (#2129) 2020-04-07 11:39:32 +02:00
Christophe Maudoux
d56a76584a Retrieve 'allusers' notifications (#2071) 2020-04-06 23:55:04 +02:00
Christophe Maudoux
9e84447d2d Fix update session (#2129) 2020-04-06 23:28:01 +02:00
Christophe Maudoux
e68d5ed2c8 Revert "Fix update session (#2129)" 
This reverts commit 1c65c72a62.
 2020-04-06 19:35:29 +02:00
Christophe Maudoux
1c65c72a62 Fix update session (#2129) 2020-04-06 19:24:50 +02:00