Xavier Guimard
44a6e25851
Improve cryptographic functions ( #1823 )
2019-06-28 10:30:37 +02:00
Xavier Guimard
264410409d
Move CAS service verification from main to Issuer::CAS ( #1795 )
2019-06-27 16:55:12 +02:00
Maxime Besson
e1f927a195
Check service= parameter on CAS logout ( #1795 )
...
service= redirect URL is not checked when logging out from CAS, to avoid
insecure redirect attacks. The verification is only made if CAS access
control is enabled.
In order for this to work in common cases (applications redirects to an
unprotected page after logout), we add CAS App domains to the list of
globally trusted domains.
If your application wants to redirect to a third-party domain, it needs
to be added to LLNG's trustedDomains
2019-06-27 12:40:40 +02:00
Maxime Besson
5f9c4c231d
Add authenticated routes to 2FA for session upgrade ( #1822 )
2019-06-26 23:33:00 +02:00
Maxime Besson
98650cd9f0
Add unit test for #1821
2019-06-26 22:13:12 +02:00
Xavier
3582cfb12b
Don't keep pdata on upgrade ( Fixes : #1821 )
2019-06-26 21:47:01 +02:00
Xavier Guimard
a42c5f9f71
Clean tests ( #1819 )
2019-06-26 13:17:26 +02:00
Xavier Guimard
e15a41bc66
Fix typo: s/templatesDir/templateDir/g ( #1819 )
2019-06-26 11:59:13 +02:00
Xavier Guimard
45a0b68c3b
Disable external entities in XML parsers ( Fixes : #1818 )
2019-06-26 11:32:10 +02:00
Christophe Maudoux
b9af5d1adc
Use Id
2019-06-25 19:30:06 +02:00
Christophe Maudoux
13ed1589e4
Update lang
2019-06-25 19:03:04 +02:00
Xavier Guimard
e91f6df254
Fix test count ( #1813 )
2019-06-25 10:00:46 +02:00
Xavier Guimard
390ccb4f5b
Fix Apache::Session::REST::get_key_from_all_sessions when using CODE ( #1813 )
2019-06-25 09:48:15 +02:00
Xavier Guimard
93ccb9fd76
Set Content-Length in Apache::Session::REST requests ( #1813 )
2019-06-25 09:37:37 +02:00
Xavier Guimard
ddde26fa1c
Add searchOn() in Apache::Session::REST ( #1813 )
2019-06-25 09:18:58 +02:00
Xavier
c5d6bc42b6
Add get_key_from_all_sessions in Apache::Session::REST ( #1813 )
2019-06-24 23:07:34 +02:00
Xavier
9df3d57bc9
In REST, PE_LOGOUT_OK must return 200
2019-06-24 23:06:15 +02:00
Xavier Guimard
1c17c6b077
Update portal JS
2019-06-24 11:38:00 +02:00
Xavier
750eaafe65
Fix test rule to hide some warnings
2019-06-20 21:48:13 +02:00
Xavier
38bb0cedf6
Typo
2019-06-20 21:27:49 +02:00
Xavier
8bd2a6c244
Prove that sessionInfo() is launched by each UserDB in combination ( #1809 )
2019-06-20 21:17:29 +02:00
Xavier
2d5b38fb95
Fix LDAP schema path for Debian. This permits to enable LDAP tests during build
2019-06-19 09:22:44 +02:00
Xavier
05f2dc6993
Fix t/28-AuthChoice-and-password.t
2019-06-19 09:14:03 +02:00
Christophe Maudoux
c4d4b482a5
Provide to plugins message display functions ( #1796 )
2019-06-18 22:00:03 +02:00
Christophe Maudoux
86b305d19b
Typo ( #1664 )
2019-06-18 21:57:40 +02:00
Christophe Maudoux
9fa11709e6
Append options to use Notifications plugin & set notification reference ( #1796 )
2019-06-17 22:31:44 +02:00
Xavier
8b488e4d51
Move LDAP::getUser() to Lib::LDAP ( Fixes : #1805 )
2019-06-17 21:15:38 +02:00
Christophe Maudoux
e0b593152f
Merge branch 'bootstrap' into 'v2.0'
...
Improve displaying checkuser template and rewrite tests #1806
See merge request lemonldap-ng/lemonldap-ng!79
2019-06-17 21:00:41 +02:00
Xavier
aff7527580
Fix bad call in LDAP ( #1805 )
2019-06-17 19:21:48 +02:00
Antoine ROSIER
dab5a9c3df
Improve displaying checkuser template and rewrite tests #1806
2019-06-17 14:56:31 +02:00
Christophe Maudoux
862116245d
Fix unit tests ( #1796 )
2019-06-16 23:01:13 +02:00
Christophe Maudoux
1b4d1b5bdf
Avoid notification reference to be truncated ( #1796 )
2019-06-16 20:57:53 +02:00
Christophe Maudoux
c3b3c281ad
Hide _2fDevices with REST services
2019-06-16 20:33:34 +02:00
Christophe Maudoux
d6f3dd459a
Display message ( #1796 )
2019-06-16 16:02:48 +02:00
Xavier
8cc2beb976
Fix #1799 test
2019-06-15 08:42:21 +02:00
Xavier
e30cf69053
Add #1799 test
2019-06-15 08:29:36 +02:00
Christophe Maudoux
5218944bf2
Improve unit tests ( #1796 )
2019-06-14 23:11:10 +02:00
Christophe Maudoux
ecf84e8a4d
WIP ( #1796 )
2019-06-14 23:09:32 +02:00
Christophe Maudoux
fde6ff2cc8
WIP ( #1796 )
2019-06-14 23:09:32 +02:00
Xavier Guimard
5fbff01b27
Update versions
2019-06-14 17:27:54 +02:00
Xavier Guimard
65eaefa75f
Tidy
2019-06-14 17:23:26 +02:00
Clément OUDOT
4e5c450b8b
Return error if no code provided on token endpoint ( #1802 )
2019-06-14 16:05:39 +02:00
Xavier Guimard
e7bc7b3f4e
Add restExportSecretKeys option ( #1799 )
2019-06-14 08:51:58 +02:00
Xavier
5dc5b88daa
Permit to show $_password in REST session server ( #1799 )
2019-06-14 07:09:55 +02:00
Xavier
4ad0da0315
Fix syntax error ( #1794 )
2019-06-14 06:33:27 +02:00
Christophe Maudoux
73f689eca4
Fix 2F types ( #1782 )
2019-06-13 23:28:57 +02:00
Christophe Maudoux
c8295b60b5
Fix 2F types ( #1782 )
2019-06-13 23:27:30 +02:00
Xavier
c7ef665bf9
Fix #1782
2019-06-13 22:23:20 +02:00
Xavier
bb0784b843
Typo
2019-06-13 22:15:46 +02:00
Xavier
8d642da8cb
Improve #1782
2019-06-13 22:10:30 +02:00