Maxime Besson
ed0be42c93
Merge branch 'WIP-plugin-hooks-2359' into 'v2.0'
...
Plugin hook system to extend issuers (and maybe more)
See merge request lemonldap-ng/lemonldap-ng!166
2020-12-21 16:35:03 +01:00
Maxime Besson
e05a167937
Handle missing nameid ( #2420 )
2020-12-21 11:05:00 +01:00
Christophe Maudoux
a259566eb1
Excluding parameters ( #1976 )
2020-12-20 23:49:46 +01:00
Christophe Maudoux
86bbb70b89
Skip empty values ( #1976 )
2020-12-20 23:04:07 +01:00
Christophe Maudoux
4d04672c20
WIP: FindUser skeleton ( #1976 )
2020-12-20 22:54:35 +01:00
Christophe Maudoux
512045c528
Fix conf test ( #2243 )
2020-12-20 17:29:13 +01:00
Christophe Maudoux
7be0240389
Update default values & Tidy ( #2243 )
2020-12-16 22:58:01 +01:00
Christophe Maudoux
652d8ba9bc
Prevent authentication on backend if account is locked ( #2243 )
2020-12-16 22:49:41 +01:00
Christophe Maudoux
2dde8672d5
Fix unit tests warning ( #2406 )
2020-12-11 00:10:22 +01:00
Maxime Besson
442203685f
checkState: fix perl error when testing a user account ( #2413 )
2020-12-09 18:01:02 +01:00
Maxime Besson
8793a5b6a1
Fix storage of LDAP attributes with a value of 0 ( #2403 )
2020-12-07 17:49:21 +01:00
Maxime Besson
c6d20ca8b3
Fix init of ::Portal::Password::LDAP ( #2410 )
2020-12-07 16:59:48 +01:00
Maxime Besson
9ba6938e90
Show a friendlier error message when a module fails init ( #2410 )
2020-12-07 16:59:48 +01:00
Christophe Maudoux
c2266720f9
Unauthenticated logout request with route & improve unit test ( #2342 )
2020-12-06 11:21:11 +01:00
Christophe Maudoux
41889e5ee2
Append unit test ( #2342 )
2020-12-05 20:37:50 +01:00
Christophe Maudoux
b2306cc8ad
Unauthenticated logout ( #2342 )
2020-12-05 19:31:23 +01:00
Clément OUDOT
426555effe
Use a specific parameter for mail 2F session key ( #2406 )
2020-12-03 19:59:36 +01:00
Christophe Maudoux
421929d081
Hide valued headers only ( #2398 )
2020-12-01 20:49:42 +01:00
Clément OUDOT
8211850be7
Better userLogger messages for password change ( #2393 )
2020-11-29 18:02:13 +01:00
Christophe Maudoux
32d52b96d8
Append an option to obfuscate some headers value ( #2398 )
2020-11-27 23:09:18 +01:00
Maxime Besson
699679a8e0
Documentation for #2359
2020-11-27 14:00:58 +01:00
Maxime Besson
f49c1adf17
add oidcGenerateIDToken hook ( #2359 )
2020-11-27 14:00:58 +01:00
Maxime Besson
daef0cf776
add oidcGenerateUserInfoResponse hook ( #2359 )
2020-11-27 14:00:58 +01:00
Maxime Besson
faadb3f059
add oidcGotRequest hook ( #2359 )
2020-11-27 14:00:58 +01:00
Maxime Besson
c19be1d501
Tidy SAML issuer ( #2359 )
2020-11-27 14:00:58 +01:00
Maxime Besson
a706f8a470
add samlBuildLogoutResponse hook ( #2359 )
2020-11-27 14:00:58 +01:00
Maxime Besson
ddc43f7c9c
add samlGotLogoutRequest hook ( #2359 )
2020-11-27 14:00:58 +01:00
Maxime Besson
2dba11e6b3
Add samlBuildAuthnResponse hook ( #2359 )
2020-11-27 14:00:58 +01:00
Maxime Besson
de1d6e205b
Add samlGotAuthnRequest hook ( #2359 )
2020-11-27 14:00:58 +01:00
Maxime Besson
f0dbb28866
Add Hook system for plugins ( #2359 )
2020-11-27 14:00:58 +01:00
Christophe Maudoux
7a7751e569
Code refactoring & typos ( #2334 )
2020-11-25 21:59:49 +01:00
Christophe Maudoux
b04bb6ab84
Test if Vhost is HTTP or HTTPS & improve unit test ( #2386 )
2020-11-25 19:09:33 +01:00
Christophe Maudoux
f963afd812
Logs more explicit ( #2334 )
2020-11-25 17:17:36 +01:00
Christophe Maudoux
0a4fabb4e4
Use strict & fix warnings
2020-11-21 19:24:04 +01:00
Christophe Maudoux
6060a54536
Use whatToTrace in log ( #2393 )
2020-11-19 21:51:58 +01:00
Christophe Maudoux
a19d229cd3
Use whatToTrace in log ( #2393 )
2020-11-19 21:28:52 +01:00
Christophe Maudoux
0294df1cc8
URI are case sensitive ( #2386 )
2020-11-17 22:03:55 +01:00
Christophe Maudoux
df99148b68
Fix wildcarded VHost & improve unit test ( #2386 )
2020-11-17 22:03:55 +01:00
Christophe Maudoux
dfc68f9f98
Use Mouse instead of Exporter
2020-11-16 21:54:54 +01:00
Maxime Besson
8f1b30b6d0
Return an error if http session could not be found ( #2382 )
2020-11-16 18:38:53 +01:00
Maxime Besson
0263865faa
Add CORS headers to error pages ( #2380 )
2020-11-12 14:34:16 +01:00
Christophe Maudoux
231ec50d63
Fix protocol in log
2020-11-10 10:47:14 +01:00
Christophe Maudoux
91907eba90
Improve & fix AD backend ( #2377 )
2020-11-09 17:50:15 +01:00
Christophe Maudoux
c742d8320e
Set user and oldpassword fields into reset password form & Improve unit tests ( #2377 )
2020-11-09 13:27:16 +01:00
Maxime Besson
fa2301ab0e
Force OIDC claim types according to config ( #2330 )
2020-11-06 19:00:52 +01:00
Xavier Guimard
893385d007
Replace application/javascript by application/json ( Fixes #2376 )
2020-11-06 17:58:41 +01:00
Clément OUDOT
fa0f043f18
Check internal refresh result ( #2375 )
2020-11-05 12:26:35 +01:00
Maxime Besson
d63a55d619
Check Kerberos domain against optional whitelist ( #2372 )
2020-11-05 10:38:47 +01:00
Clément OUDOT
18c1a753ad
Remove space from generated login in register process ( #2373 )
2020-11-04 21:10:09 +01:00
Christophe Maudoux
31ff8484bb
Tidy
2020-11-04 17:02:07 +01:00
Christophe Maudoux
20f5f467dd
Typos ( #2368 )
2020-11-04 16:12:04 +01:00
Christophe Maudoux
50f01e2cbe
Remove cookie & code refactoring ( #2368 )
2020-11-04 13:49:51 +01:00
Maxime Besson
1de41224f8
Avoid memory leaks in $req->steps ( #2369 )
2020-11-02 23:22:04 +01:00
Clément OUDOT
8c1f5c6d50
Launch adaptative authentication plugin just before storing session values ( #2336 )
2020-11-02 15:56:19 +01:00
Xavier Guimard
6990a4a0c0
Set "secure" to StayConnected cookie
2020-11-01 08:15:09 +01:00
Christophe Maudoux
0469d36aec
Update version & tidy ( #2366 )
2020-10-31 23:55:41 +01:00
Christophe Maudoux
d8114e0e16
Submit 2FA with StayConnected plugin ( #2366 )
2020-10-31 23:20:18 +01:00
Christophe Maudoux
7ac2a0da80
Allow to check last logins with stayConnected plugin & improve unit test ( #2365 )
2020-10-31 22:10:14 +01:00
Christophe Maudoux
b869b59da7
Avoid assignment ( #2360 )
2020-10-30 12:55:39 +01:00
Maxime Besson
367f1bc5ad
Add LDAP IO timeout ( #2267 )
2020-10-27 16:01:39 +01:00
Christophe Maudoux
e704fe24ea
Fix warning if no path given & code refactoring
2020-10-26 19:21:54 +01:00
Christophe Maudoux
90c8c2ba86
Improve messages ( #2332 )
2020-10-16 23:27:06 +02:00
Christophe Maudoux
da9dc04657
redirect user to 2fregisters after reAuthn process ( #2332 )
2020-10-14 22:02:57 +02:00
Christophe Maudoux
a86bf488c4
Test if a skip option is enabled ( #2352 )
2020-10-13 22:30:06 +02:00
Christophe Maudoux
929e00e91a
Display button only if upgradeSession plugin is enabled ( #2332 )
2020-10-12 22:32:05 +02:00
Christophe Maudoux
f6eb9e5c1a
Improve unit test ( #2332 )
2020-10-12 22:16:36 +02:00
Christophe Maudoux
605d724453
Improve GUI & unit tests ( #2332 )
2020-10-12 19:24:52 +02:00
Christophe Maudoux
d76438b1e8
Update langs & error code ( #2238 )
2020-10-12 15:16:55 +02:00
Christophe Maudoux
9245fc4ee1
Append unit test ( #2338 )
2020-10-12 14:55:46 +02:00
Christophe Maudoux
01031d8c4f
Code refactoring ( #2339 )
2020-10-10 19:47:55 +02:00
Maxime Besson
fcb8e6b3c5
Use keepalive for LDAP connections ( #2344 )
2020-10-09 12:22:28 +02:00
Maxime Besson
5606d0ed6f
Add support for SHA384 and SHA512 ( #2322 )
2020-10-07 15:31:57 +02:00
Maxime Besson
1234d5294f
Let users override default SAML signature method ( #2319 )
2020-10-07 15:31:27 +02:00
Christophe Maudoux
cd02b8023e
Fix warning ( #2332 )
2020-10-05 20:45:05 +02:00
Christophe Maudoux
352b97f681
Append option to modify 2FA during context switching ( #2338 )
2020-10-04 21:18:09 +02:00
Christophe Maudoux
da91097969
Improve fix ( #2332 )
2020-10-04 19:32:10 +02:00
Christophe Maudoux
a8343ac7be
Test authLevel before removing 2F device ( #2332 )
2020-10-04 19:29:31 +02:00
Clément OUDOT
16211e5573
Remove unused sort rule ( #2336 )
2020-10-04 17:05:16 +02:00
Clément OUDOT
2c9ef41c2c
Use whatToTrace ( #2336 )
2020-10-04 17:02:55 +02:00
Clément OUDOT
fd5170c945
Use buildRule ( #2336 )
2020-10-04 16:59:21 +02:00
Christophe Maudoux
b573dbb789
Better fix and improve unit test ( #2337 )
2020-10-04 11:35:26 +02:00
Christophe Maudoux
452594dbb5
Revert "Avoid to create persistentSession during switching process"
...
This reverts commit 5707f40c5a
.
2020-10-03 13:05:51 +02:00
Christophe Maudoux
cb0fed8e13
Prevent to update SFA if impersonation is in progress ( #2337 )
2020-10-03 11:58:49 +02:00
Christophe Maudoux
5707f40c5a
Avoid to create persistentSession during switching process
2020-10-02 21:41:07 +02:00
Christophe Maudoux
055ec69b92
Code cleaning & refactoring
2020-10-02 20:40:41 +02:00
Clément OUDOT
6cccea0e46
First version of adaptative authentication level plugin ( #2336 )
2020-10-02 15:05:15 +02:00
Christophe Maudoux
4ecce4726b
Remove corrupted sessions ( #2334 )
2020-09-30 21:39:09 +02:00
Maxime Besson
89ec2b09b1
Improve SMTP error reporting ( #2293 )
2020-09-16 17:29:49 +02:00
Maxime Besson
1db67d735a
Put mail transport code in Common so the manager can use it (#2293,#2304)
2020-09-16 17:27:00 +02:00
Christophe Maudoux
6d5ff2468b
Typo
2020-09-16 11:17:14 +02:00
Christophe Maudoux
d57c314abe
Code refactoring ( #2314 )
2020-09-15 22:24:21 +02:00
Christophe Maudoux
1a73f7ab7f
Append rule & fix userData ( #2314 & #2315 )
2020-09-15 14:13:34 +02:00
Xavier Guimard
5b22310eab
Log IP address in auth combination failures
...
Fixes : #2317
2020-09-15 11:22:13 +02:00
Xavier Guimard
e110517942
Fix misspelled parameter in call to ldap->search() ( Fixes : #2310 )
2020-09-10 08:40:23 +02:00
Maxime Besson
d31a14c303
Avoid accidentally creating an empty session ( #2262 )
2020-09-09 12:05:09 +02:00
Maxime Besson
277e0872fa
Fix missing session timeouts ( #2262 )
2020-09-09 12:04:17 +02:00
Maxime Besson
d598513504
Fix warning when resolving cas target authlevel ( #2309 )
2020-09-09 10:37:00 +02:00
Maxime Besson
f9c7d0bdf7
saml proxy logout: Delay info until we return from idp ( #2262 )
2020-09-08 17:25:11 +02:00
Maxime Besson
683b5a7861
Resume logout when returning from Auth::SAML IDP ( #2262 )
2020-09-08 15:47:58 +02:00
Maxime Besson
24297aa942
Redirect to external provider for logout ( #2262 )
2020-09-08 14:16:49 +02:00
Maxime Besson
8b5ddf6e43
Perform authLogout step during SAML SLO ( #2262 )
2020-09-08 14:16:49 +02:00
Maxime Besson
3816fac9b6
Allow user to disable sig validation during SOAP SLO ( #2262 )
2020-09-08 14:16:27 +02:00
Christophe Maudoux
059b2b13f1
Merge branch 'v2.0' into 2266
2020-09-07 18:56:37 +02:00
Clément OUDOT
f835f3d36f
Update version in modules
2020-09-06 19:58:58 +02:00
Maxime Besson
3771ead3db
Make LDAP auth/userdb/pass modules use ldapVerify ( #2250 )
2020-09-05 12:21:37 +02:00
Xavier Guimard
c8df084247
Update versions
2020-09-04 17:59:00 +02:00
Maxime Besson
66c68f6056
Merge branch 'feature-delayed-2fa-2124' into 'v2.0'
...
Delay 2FA until required by an application
See merge request lemonldap-ng/lemonldap-ng!147
2020-09-04 17:40:46 +02:00
Maxime Besson
f9cdb5497a
Only clean _url part of pdata when redirecting to issuer (#1878,#2124)
2020-09-04 17:17:04 +02:00
Maxime Besson
b2bfa38d5a
Handle errors when no 2FA is available during upgrade ( #2124 )
2020-09-04 17:17:04 +02:00
Maxime Besson
eb191be72e
Add error message when no sf available during upgrade ( #2124 )
2020-09-04 17:17:02 +02:00
Maxime Besson
f69babadef
Differentiate renew and upgrade in Upgrade plugin ( #2124 )
2020-09-04 17:16:11 +02:00
Maxime Besson
1cf1990fe2
Add portal code for session upgrade
2020-09-04 17:15:34 +02:00
Maxime Besson
bd110e7de6
cas issuer: check auth level and reauth if insufficient ( #2124 )
2020-09-04 17:15:34 +02:00
Maxime Besson
ce5c19e3f4
saml issuer: check auth level and reauth if insufficient ( #2124 )
2020-09-04 17:15:34 +02:00
Maxime Besson
7a36489b73
oidc issuer: check auth level and reauth if insufficient ( #2124 )
2020-09-04 17:15:34 +02:00
Maxime Besson
e811ea3b2d
Skip 2FA if target level is enough ( #2124 )
2020-09-04 17:15:34 +02:00
Maxime Besson
ef6b8587ee
Remember target authlevel in handler ( #2124 )
2020-09-04 17:14:05 +02:00
Maxime Besson
8bfa5179cc
Issuers: Store required auth level in pdata ( #2124 )
2020-09-04 17:14:04 +02:00
Clément OUDOT
e86293e165
Merge branch 'v2.0' of gitlab.ow2.org:lemonldap-ng/lemonldap-ng into v2.0
2020-09-04 16:14:37 +02:00
Clément OUDOT
828ecd7bfb
Show password form with change password after reset ( #2307 )
2020-09-04 16:14:17 +02:00
Maxime Besson
ffb7c7430d
Fix encoding workaround in recursive group search ( #2306 )
2020-09-03 15:59:18 +02:00
Christophe Maudoux
05096327c0
Re-order menu & Update langs ( #2266 )
2020-08-29 22:50:29 +02:00
Christophe Maudoux
01beb5d48b
Allow all special chars ( #2266 )
2020-08-29 22:12:09 +02:00
Christophe Maudoux
7a9020ff25
Modify type ( #2266 )
2020-08-29 20:13:11 +02:00
Christophe Maudoux
0a4812203c
Allowed all special chars and rule to disable local password policy ( #2266 )
2020-08-29 19:08:47 +02:00
Christophe Maudoux
b4222b50f3
Tidy & Update doc
2020-08-28 23:50:57 +02:00
Christophe Maudoux
779fd983e5
Typo ( #2302 )
2020-08-28 21:56:54 +02:00
Christophe Maudoux
317172c8ac
Fix unit tests ( #2276 )
2020-08-28 14:44:03 +02:00
Christophe Maudoux
525eab006d
Improve unit test ( #2276 )
2020-08-28 10:41:40 +02:00
Christophe Maudoux
8b6ab584cf
WIP: Update langs & append conf test ( #2276 )
2020-08-27 14:38:11 +02:00
Christophe Maudoux
4d52fedfe5
WIP - Incremental tempo
2020-08-25 22:58:47 +02:00
Maxime Besson
c5900ece14
Kerberos: fail with an explicit message on NTLM ticket ( #2295 )
2020-08-25 20:01:28 +02:00
Clément OUDOT
f158961fa6
Fix bad reference usage on hash
2020-08-25 00:27:06 +02:00
Christophe Maudoux
e84b29aca4
Display special chars password policy with expired password form ( #2289 )
2020-08-24 22:43:15 +02:00
Maxime Besson
a7b09f8dbb
Auth::SAML: fix warning on empty session index ( #2291 )
2020-08-24 17:24:55 +02:00
Maxime Besson
5e78464d7f
Resolve nameid session attribute from local macros ( #2280 )
2020-08-17 22:06:09 +02:00
Maxime Besson
9ac49b881a
Lookup casAppMetaDataOptionsUserAttribute in per-app macros ( #2280 )
2020-08-17 22:06:09 +02:00
Maxime Besson
52c6edb453
Lookup oidcRPMetaDataOptionsUserIDAttr in per-RP macros ( #2280 )
2020-08-17 22:06:09 +02:00
Maxime Besson
4497f39efe
Factor psession id calculation into Common
2020-08-17 18:43:29 +02:00
Maxime Besson
26cd1945fb
Try to compute the correct value of SameSite by default ( #2281 )
2020-08-17 18:05:09 +02:00
Maxime Besson
7a02fdf8e5
rollback caa346d075
( #2179 )
...
No longer needed since #2261
2020-08-12 09:49:14 +02:00
Maxime Besson
9d9e16e3f9
Remove setAuthSessionInfo from refresh process ( #2261 )
2020-08-12 09:49:14 +02:00
Christophe Maudoux
ca514f69e5
Fix version ( #2274 )
2020-08-11 22:43:32 +02:00
Christophe Maudoux
08ad68824e
Fix 500 error ( #2274 )
2020-08-11 22:03:32 +02:00
Maxime Besson
b2a2575896
Fix incorrect SOAP content type in SAML issuer ( #2263 )
2020-08-10 15:06:00 +02:00
Maxime Besson
9aa3b9b03f
Add correct secure flag to pdata cookie ( #2272 )
2020-08-10 12:10:33 +02:00
Maxime Besson
a96820d6f6
Set secure flag when removing cookie ( #2272 )
2020-08-10 12:10:33 +02:00
Christophe Maudoux
a1ebb0ee02
Fix ContextSwitching redirect & update unit tests ( #2273 )
2020-08-08 20:00:41 +02:00
dcoutadeur
0045daa592
fix increase log level for mail sending and password reset ( #2265 )
2020-07-28 15:04:55 +02:00
Clément OUDOT
d1418952eb
Convert mutli-valued attributes into arrays for OIDC UserInfo ( #2256 )
2020-07-16 20:19:41 +02:00
Clément OUDOT
c5db3bc8bd
Add country to address claim ( #2257 )
2020-07-16 19:58:53 +02:00
Baptiste Pecatte
5fbf7ae533
Remove useless variable
2020-07-05 13:11:28 +02:00
Baptiste Pecatte
2816bed66e
Add host to logs for use with fail2ban
2020-07-05 13:11:28 +02:00
Maxime Besson
5df1850847
Add cache-control headers to sendJSONresponse ( #2234 )
2020-06-24 15:49:50 +02:00
Clément OUDOT
e544ee7778
Adapt user log in SAML issuer ( #2244 )
2020-06-18 18:40:13 +02:00
Clément OUDOT
5d5eda9799
Adapt user log in CAS issuer ( #2244 )
2020-06-18 18:39:53 +02:00
Clément OUDOT
0b3908e6dc
Add user log in GET issuer ( #2244 )
2020-06-18 18:01:33 +02:00
Clément OUDOT
2da914cc90
Publish support for refresh_token grant_type ( #2242 )
2020-06-18 09:43:56 +02:00
Clément OUDOT
7d327f0e2e
Do not remove mail token before form has been submitted ( #2239 )
2020-06-17 16:29:31 +02:00
Christophe Maudoux
b86c3431c2
Append setSession info step ( #2172 )
2020-06-07 13:25:07 +02:00
Christophe Maudoux
b04b2076de
Preserve real_hGroups ( #2229 )
2020-06-06 23:27:37 +02:00
Maxime Besson
568c28d707
Fix REST clock tolerance ( #2225 )
...
plus a bit of refactoring
2020-06-03 10:47:37 +02:00
Maxime Besson
33a5496e55
Fix regression in #2085 ( #2224 )
...
Clearing all hidden form values was a mistake as it breaks SAML when the
redirection URL contains a query string. We should keep existing hidden
fields. In the context of OIDC request, we clear them before redirection
to avoid #2085
2020-05-29 15:51:51 +02:00
Maxime Besson
e9c05a63b2
Yubikey: use userdb-provisionned session field ( #2189 )
2020-05-25 18:57:07 +02:00
Christophe Maudoux
bb9e03d1e5
Tidy
2020-05-24 00:04:33 +02:00
Christophe Maudoux
53e16eca8c
Append unit tests ( #2207 )
2020-05-23 23:02:37 +02:00
Clément OUDOT
39d7344f75
Add userLogger message in Demo backend ( #2216 )
2020-05-22 14:52:58 +02:00
Clément OUDOT
4b5670a723
Fetch Public keys and GPG keys from GitHub ( #2203 )
2020-05-21 22:55:42 +02:00
Christophe Maudoux
1113fab014
Append ContextSwitching unrestrictedUsers rule ( #2207 )
2020-05-20 21:53:13 +02:00
Christophe Maudoux
312445d543
Append checkUser unrestrictedUsers rule & Fix idRule ( #2207 & #2215 )
2020-05-20 21:23:31 +02:00
Christophe Maudoux
eb65264d5d
Append Impersonation unrestrictedUsers rule & Update langs ( #2207 )
2020-05-19 23:33:07 +02:00
Maxime Besson
9d7e5c61cc
handle empty string value for yubikey parameters ( #2211 )
2020-05-18 12:34:34 +02:00
Christophe Maudoux
2ecd0b18a8
Skip bad GrantSession rules & Improve unit test ( #2201 )
2020-05-10 14:26:08 +02:00
Maxime Besson
db9e862843
Merge branch 'feature-userdb-password-restserver' into v2.0
2020-05-09 20:07:24 +02:00
Christophe Maudoux
9bf915b5dc
Fix unit tests & Version
2020-05-08 23:03:16 +02:00
Clément OUDOT
7efaf9d5cd
User not always known in try subroutine ( #2165 )
2020-05-04 22:20:17 +02:00
Clément OUDOT
0bf1bfb7dd
Do not stop logout process on error in Combination ( #2165 )
2020-05-04 21:53:14 +02:00
Clément OUDOT
7ed251ce3f
Better log messages ( #2165 )
2020-05-04 21:48:06 +02:00
Xavier Guimard
6caf88a174
Better warning fix
2020-05-04 16:42:41 +02:00
Xavier Guimard
5d10695a79
Fix warning
2020-05-04 16:40:57 +02:00
Xavier Guimard
0f4ed9ecbe
Add a test in combination to catch error when combination rule is unstable ( #2165 )
2020-05-04 16:37:15 +02:00
Maxime Besson
9464bd2503
Merge branch 'fix-oidc-consent-2fa-2142' into 'v2.0'
...
Fix #2142
See merge request lemonldap-ng/lemonldap-ng!135
2020-05-04 16:00:35 +02:00
Xavier Guimard
317bfcd97d
Clean all issuer when issuerTs expires ( fixes : #2186 )
2020-05-04 15:42:25 +02:00
Xavier Guimard
52938222a5
Fix combination logout if condition changed ( Fixes : #2165 )
2020-05-04 15:29:16 +02:00
Christophe Maudoux
46bb6fea4f
Return PE_SESSIONEXPIRED instead of 400 bad request ( #2184 )
2020-05-01 19:52:32 +02:00
Maxime Besson
dfc4411eae
Add UserDB methods to REST server ( #1659 )
2020-05-01 13:44:23 +02:00
Maxime Besson
b5d461da47
Add password methods to REST server ( #1598 )
2020-05-01 13:44:23 +02:00
Maxime Besson
6adb0e17b3
Use req->data instead of req->userData to retrieve LDAP dn ( #1598 )
2020-05-01 13:44:23 +02:00
Maxime Besson
0c77c0b46d
Add missing SetSecurity in UserDB::REST ( #1659 )
2020-05-01 13:43:12 +02:00
Maxime Besson
172993fcd6
Add useMail to UserDB::REST ( #1659 )
2020-05-01 13:43:12 +02:00
Maxime Besson
29d44121d7
Add useMail to Password::REST ( #1598 )
2020-05-01 13:43:12 +02:00
Christophe Maudoux
7014327232
Append an option to display sfManager link ( #2185 )
2020-04-30 20:50:10 +02:00
Clément OUDOT
ac9769ff69
Prepare release 2.0.8
2020-04-30 19:59:37 +02:00
Xavier Guimard
d801070a8f
Clean also pdata in Main::Issuer::_redirect() ("1939) and add @maxbes test
2020-04-30 12:56:28 +02:00
Christophe Maudoux
dc672c2d1f
Force FF to submit forms ( #2158 )
2020-04-30 12:43:06 +02:00
Christophe Maudoux
bd28760bd7
Change plugins loading order ( #2180 )
2020-04-29 19:36:18 +02:00
Maxime Besson
8eb9120af7
RESTServer: Clarify error message when time skew is too great
...
deab21e091
did only half the job
2020-04-29 18:41:11 +02:00
Christophe Maudoux
a7a0f25321
Update function signature and params list
2020-04-28 18:24:55 +02:00
Christophe Maudoux
591f953d5e
Merge branch 'v2.0' into 2178-new
2020-04-28 18:20:49 +02:00
Clément OUDOT
9cd079e8fe
Manage multi valued attributes in CAS authentication module ( #2118 )
2020-04-28 12:44:16 +02:00
Christophe Maudoux
a52c8f53b0
Use rule ( #2178 )
2020-04-27 22:12:12 +02:00
Christophe Maudoux
763eb04b4b
Update tree ( #2178 )
2020-04-27 20:39:02 +02:00
Christophe Maudoux
caa346d075
Restore previous authentication level ( #2179 )
2020-04-27 18:20:23 +02:00
Maxime Besson
c1fb1a1b66
Mitigate #1980 by displaying an error to the user
2020-04-27 17:40:34 +02:00
Maxime Besson
7e502af391
Add option to remove "Refresh my rights" from menu
2020-04-27 17:19:41 +02:00
Clément OUDOT
a97041f8cd
Fix test for Issuer timeout ( #1939 )
2020-04-27 14:40:45 +02:00
Xavier Guimard
dff45f5456
Fix tytpe ( #1939 )
2020-04-27 10:31:03 +02:00
Christophe Maudoux
ac06832c1e
Partial revert
2020-04-26 12:13:13 +02:00
Christophe Maudoux
81185fef82
Improve code
2020-04-26 11:25:12 +02:00
Xavier Guimard
c868cb431f
Add pdata timeout for issuers ( #1939 )
2020-04-26 09:31:38 +02:00
Christophe Maudoux
fd19547c1c
Tidy
2020-04-25 14:51:11 +02:00
Christophe Maudoux
a3c11a662a
Code refactoring ( #1664 )
2020-04-25 14:47:10 +02:00
Christophe Maudoux
5dffb9de78
Code refactoring ( #1999 )
2020-04-25 14:42:02 +02:00
Christophe Maudoux
23d721c7c5
Code refactoring ( #1956 )
2020-04-25 14:41:33 +02:00
Christophe Maudoux
522b2bd860
Code refactoring ( #1783 )
2020-04-25 14:41:23 +02:00
Christophe Maudoux
4fefa02028
Code refactoring ( #1658 )
2020-04-25 14:39:40 +02:00
Christophe Maudoux
9d6197232f
Improve code ( #2163 )
2020-04-25 11:44:27 +02:00
Christophe Maudoux
c61ae6be59
Tidy ( #2163 )
2020-04-25 01:02:25 +02:00
Christophe Maudoux
36fbc98bed
Fix error return ( #1999 )
2020-04-25 01:01:57 +02:00
Christophe Maudoux
d387c0f355
Display otherSessions & remove Link ( #2163 )
2020-04-25 00:43:56 +02:00
Maxime Besson
e607d8281f
OIDC: do not advertise missing functionality ( #1194 )
...
Back-Channel logout is not supported yet
2020-04-24 12:15:51 +02:00
Clément OUDOT
138ee4284f
Disable cache when registering a new OIDC client ( #2058 )
2020-04-24 11:52:04 +02:00
Maxime Besson
a3821fc560
Implement additional audiences in ID token ( #2177 )
2020-04-24 11:10:44 +02:00
Christophe Maudoux
6018610196
Make checkUser option rules ( #2173 )
2020-04-24 00:25:10 +02:00
Maxime Besson
6ccf078432
Implement Resource Owner Password Credentials grant ( #2155 )
2020-04-23 17:49:25 +02:00
Maxime Besson
37f71a43b5
create helper function to display portal error code
2020-04-23 17:49:25 +02:00
Maxime Besson
ded6c74fe0
Allow special characters in scope names ( #2168 )
2020-04-23 14:50:53 +02:00
Christophe Maudoux
d11442ed26
Append setSessionInfo step ( #2172 )
2020-04-23 14:16:46 +02:00
Xavier Guimard
0baf014e6b
Revert "Fix part of circular links (related to #1990 )"
...
This reverts commit c9e7f3a1b0
.
2020-04-23 12:00:51 +02:00
Maxime Besson
31f05b9e2d
Make Introspection endpoint look for offline sessions ( #2171 )
2020-04-23 10:29:08 +02:00
Xavier Guimard
24c1a2e90a
Restore default route ( #1990 )
2020-04-22 22:09:15 +02:00
Xavier Guimard
d5da0362fd
Fix #1990
2020-04-22 21:46:59 +02:00
Maxime Besson
626715a580
Prevent duplicate consents in psession ( #2169 )
2020-04-22 21:26:38 +02:00
Maxime Besson
a217590869
Tidy OIDC
2020-04-22 21:25:56 +02:00
Christophe Maudoux
a74b5acafa
Merge branch 'fix-oidc-info-2085' into 'v2.0'
...
Fix OIDC info before redirect (#2085 )
See merge request lemonldap-ng/lemonldap-ng!134
2020-04-22 18:17:58 +02:00
Christophe Maudoux
df9beb25f2
Merge branch 'fix-2081' into 'v2.0'
...
Fix #2081 by detecting external URL
See merge request lemonldap-ng/lemonldap-ng!138
2020-04-22 17:58:26 +02:00
Xavier Guimard
1f80a0ab8c
Avoid little warning in test
2020-04-22 15:37:19 +02:00
Xavier Guimard
c9e7f3a1b0
Fix part of circular links (related to #1990 )
2020-04-22 14:13:14 +02:00
Maxime Besson
ecbcc0b6b6
Fix #2081 by detecting external URL
2020-04-22 11:25:06 +02:00
Maxime Besson
92af252ae9
Make SingleSession configurable by rule ( #2164 )
2020-04-22 11:02:59 +02:00
Maxime Besson
0983c66139
Portal: add helper method to build a rule from a string
2020-04-22 11:02:59 +02:00
Xavier Guimard
1a13e3d0dc
Really fix #2161
2020-04-21 22:09:40 +02:00
Maxime Besson
b8d72e21b4
fix display of deleted sessions ( #2159 )
2020-04-21 10:18:50 +02:00
Xavier Guimard
faadd4fc52
DBI: verify parameters during init ( Fixes : #2161 )
2020-04-21 07:55:07 +02:00
Christophe Maudoux
cd8f8bd847
Typo ( #2159 )
2020-04-21 00:03:45 +02:00
Maxime Besson
deab21e091
RESTServer: Clarify error message when time skew is too great
2020-04-20 17:14:32 +02:00
Christophe Maudoux
dcef93eea9
Update version ( #2154 )
2020-04-19 19:25:26 +02:00
Maxime Besson
55f3ca0e77
Improve error reporting for SAML replay protection
2020-04-18 19:54:02 +02:00
Christophe Maudoux
e00cb0ecf0
use localDate & Improve unit test ( #1999 )
2020-04-18 11:50:07 +02:00
Christophe Maudoux
612682fddb
Sort active sessions ( #1999 )
2020-04-18 00:32:21 +02:00