Clément Oudot
c6589a7f7b
Check display and prompt request parameters for unauthenticated user ( #184 )
2015-03-25 10:54:00 +00:00
Clément Oudot
c07f698bdb
Manage consent refuse and server_error errors ( #184 )
2015-03-25 09:11:46 +00:00
Clément Oudot
8e06ec1bd1
Get all OIDC parameters on authorization endpoint and check required ones ( #184 )
2015-03-24 17:01:15 +00:00
Clément Oudot
699303cf47
Use redirection for errors on authorization endpoint ( #184 )
2015-03-24 16:40:00 +00:00
Clément Oudot
45ed174666
Generate at_hash at token endpoint ( #184 )
2015-03-23 17:04:00 +00:00
Clément Oudot
2ff0b7277a
Add hybrid flow support ( #184 )
2015-03-23 11:54:22 +00:00
Clément Oudot
539f241725
Generate at_hash in ID Token for implicit flow ( #184 )
2015-03-19 17:04:13 +00:00
Clément Oudot
c3cb985323
Manage access token hash in RP ( #183 )
2015-03-19 15:28:58 +00:00
Clément Oudot
4e7f4eb85e
Use nonce in Authentication Code Flow ( #184 )
2015-03-17 12:56:11 +00:00
Clément Oudot
89e3678bdf
Manage OIDC Implicit Flow ( #184 )
2015-03-17 11:01:11 +00:00
Clément Oudot
33bc52b619
Skeleton to manage different OIDC response types ( #184 )
2015-03-16 17:00:56 +00:00
Clément Oudot
71bc645d51
Authentication Context in ID Token ( #184 )
2015-03-13 12:54:04 +00:00
Clément Oudot
23b2c6f996
Configure Access Token expiration ( #184 )
2015-03-13 11:09:39 +00:00
Clément Oudot
74958870bb
Auth time and expiration in ID Token ( #184 )
2015-03-13 10:54:36 +00:00
Clément Oudot
6d6d7e6424
Fix typo on Relying Party ( #184 )
2015-03-11 16:24:10 +00:00
Clément Oudot
167fdb66c4
Possibility to configure attribute used to fill OIDC User ID ( #184 )
2015-03-11 16:16:37 +00:00
Clément Oudot
55fe1a5ec8
Refactor code that build authz response ( #184 )
2015-03-11 15:47:24 +00:00
Clément Oudot
ca146c7525
Remove unused imports ( #184 )
2015-03-11 15:07:00 +00:00
Clément Oudot
f3dcec7ad7
Display user friendly messages for scope consent ( #184 )
2015-03-11 14:34:31 +00:00
Clément Oudot
495da0dde5
Check accepted scope in consent step ( #184 )
2015-03-11 13:53:58 +00:00
Clément Oudot
2d015ebdcd
Possibility to change backend for OIDC sessions ( #184 )
2015-03-11 11:39:20 +00:00
Clément Oudot
7a7bb1fbda
make tidy on all files
2015-03-10 15:07:33 +00:00
Clément Oudot
a31663cf38
Delete captcha session only when authentication process is finished ( #788 )
2015-03-09 16:44:19 +00:00
Xavier Guimard
53e41d145c
Auth modules must be set
2015-03-09 15:55:46 +00:00
Clément Oudot
ef4af6b3f2
ID Token signature configuration ( #184 )
2015-02-19 18:04:29 +00:00
Clément Oudot
d1d97d16c3
Set _utime in OIDC sessions ( #184 )
2015-02-19 15:17:49 +00:00
Clément Oudot
68607ca947
Implement UserInfo endpoint ( #184 )
2015-02-04 13:25:13 +00:00
Clément Oudot
968f0e065a
Check authentication on token endpoint ( #184 )
2015-02-02 09:44:33 +00:00
Clément Oudot
9f69f03b09
Store scope in access token session ( #184 )
2015-01-31 15:17:56 +00:00
Clément Oudot
31e0a1cfb5
Obtain user consent for OpenID Connect requested scope ( #184 )
2015-01-31 14:34:52 +00:00
Clément Oudot
3c3cc39d0c
Check sub of UserInfo JSON (references #183 )
2015-01-31 14:33:05 +00:00
Clément Oudot
e6ae3b9925
Restore hidden form values ( #184 )
2015-01-29 13:32:31 +00:00
Clément Oudot
0be124d3d7
Prevent reuse of authorization code ( #184 )
2015-01-28 16:53:06 +00:00
Clément Oudot
70281de82d
Add some debug logs ( #184 )
2015-01-28 13:41:10 +00:00
Clément Oudot
39b83ae46a
OpenIDConnect Service metadata parameters in Manager ( #184 )
2015-01-28 13:07:11 +00:00
Clément Oudot
2abb7fafde
Check that RP is registered ( #184 )
2015-01-23 13:06:54 +00:00
Clément Oudot
b82153ab17
Start implementation of OpenID Connect provider ( #184 )
2015-01-20 10:04:44 +00:00
David COUTADEUR
a82d36a794
Fix LEMONLDAP-784: https://jira.ow2.org/browse/LEMONLDAP-784
...
reset password in AD not working
2015-01-08 17:05:40 +00:00
Clément Oudot
7e74e27a3b
Autoselect OP if only one is configured ( #183 )
2014-12-15 14:58:42 +00:00
Clément Oudot
922b92bbbe
Configuration of OpenID Connect auth module and OP in Manager ( #183 )
2014-12-15 13:55:23 +00:00
Clément Oudot
18072723de
Compatibility with AuthChoice ( #183 )
2014-12-11 17:05:33 +00:00
Clément Oudot
8b7ad81ff5
Add first OpenID Connect RP parameters in Manager ( #183 )
2014-12-11 16:54:27 +00:00
Clément Oudot
0014e2cdaf
Invalidate CAS Service Ticket when it is used ( #775 )
2014-12-05 09:21:07 +00:00
Clément Oudot
8b1ea19725
Possibility to define a background image for portal skin ( #770 )
2014-12-02 14:51:23 +00:00
Clément Oudot
eea1fedd3c
Better look of OpenID Provider list ( #183 )
2014-12-01 17:07:55 +00:00
Clément Oudot
44c64ea606
Manage refresh of JWKS data ( #183 )
2014-12-01 10:27:47 +00:00
Clément Oudot
c5ad64e694
Try to fix build #491 ( #183 )
2014-11-24 08:39:16 +00:00
Clément Oudot
c09d2c4e00
Check ID Token validity ( #183 )
2014-11-22 08:53:17 +00:00
Clément Oudot
ee43c5010f
Check token response validity (references #183 )
2014-11-22 08:46:41 +00:00
Clément Oudot
c0b7af29b8
Support client_secret_basic and client_secret_post for token endpoint authentication (references #183 )
2014-11-21 17:15:47 +00:00
Clément Oudot
bc6920dd03
Check error in authn response ( #183 )
2014-11-21 10:32:35 +00:00
Clément Oudot
6ba3d9e44e
Manage exported vars per OP ( #183 )
2014-11-20 15:53:26 +00:00
Clément Oudot
687f0ed094
Change configuration format to allow to define several OP ( #183 )
2014-11-20 14:03:32 +00:00
Clément Oudot
74a7770fa4
Use extractJWT method ( #183 )
2014-11-20 09:11:55 +00:00
Clément Oudot
53aab6d3c0
Verify JWT signature for RS256/RS384/RS512 alg ( #183 )
2014-11-19 14:17:39 +00:00
Clément Oudot
ab1e318149
Add support for HS368 and HS512 JWT signature alg ( #183 )
...
Get OpenID configuration data from configuration URI (#183 )
2014-11-19 11:09:37 +00:00
Clément Oudot
5a09c04445
Add some log to JWT signature verification ( #183 )
2014-11-18 14:32:15 +00:00
Clément Oudot
27225cfe86
Option to check JWT Signature ( #183 )
2014-11-18 14:24:03 +00:00
Clément Oudot
2a33f67155
Verify JWT signature for HS256 alg ( #183 )
2014-11-17 18:09:55 +00:00
Clément Oudot
3cde211810
Save/restore state in OpenID Connect RP ( #183 )
2014-11-17 13:55:26 +00:00
Clément Oudot
c64f69a852
Use eval to decode JSON content ( #183 )
2014-11-14 16:53:56 +00:00
Clément Oudot
914fe20eb5
Create OpenIDConnect library ( #183 )
2014-11-14 16:18:50 +00:00
Clément Oudot
2ff2d0e01a
First version of OpenIDConnect RP module ( #183 )
2014-11-14 14:29:55 +00:00
Clément Oudot
5bb0f01de4
Manage vhost aliases in portal menu ( #755 )
2014-11-03 17:07:47 +00:00
Clément Oudot
2af54acd97
Do not call data on undefined session object ( #762 )
2014-10-27 11:19:25 +00:00
Clément Oudot
2a343dff84
Fix TODO by using autoRedirect ( #753 )
2014-08-21 12:22:10 +00:00
Clément Oudot
7e517cbdd0
Do not hardcode OpenID server path ( #753 )
2014-08-21 12:19:12 +00:00
Clément Oudot
df926b3429
Fix OpenID Issuer with new Net::OpenID::Server version ( #753 )
2014-08-21 11:49:56 +00:00
Clément Oudot
3b947a0bb3
Add portal in trusted hosts ( #752 )
2014-08-19 10:05:15 +00:00
Clément Oudot
f97f5c72e0
make tidy
2014-07-24 15:48:32 +00:00
Clément Oudot
e011600113
Show error from Common::Session module in logs ( #741 )
2014-07-24 15:37:12 +00:00
Clément Oudot
ee1918fe21
Keep default value in condition if no notOnOrAfter timeout configured ( #737 )
2014-07-21 10:48:36 +00:00
Clément Oudot
15835e1e02
Possibility to configure conditions notOnOrAfter ( #737 )
2014-07-21 10:46:01 +00:00
Clément Oudot
b4bda626de
Possibility to configure subjectConfirmation notOnOrAfter ( #737 )
2014-07-21 10:42:16 +00:00
Clément Oudot
757ac6f15d
Possibility to configure sessionNotOnOrAfter ( #737 )
2014-07-21 09:44:28 +00:00
Clément Oudot
9bc097dd21
Compatibility of SSL modules with SOAP getCookies ( #719 )
2014-07-15 13:41:27 +00:00
Clément Oudot
93cc4a9f70
Rebind as manager after password change in order to read groups ( #725 )
2014-07-09 13:56:58 +00:00
Clément Oudot
f21184a59c
Call authInit in MailReset to get the authentication choice ( #664 )
2014-06-25 12:58:15 +00:00
Clément Oudot
b72d79a30b
Better connection management ( #663 , #LEMONLDAP-664):
...
- Create userDBFinish, passwordDBFinish and registerDBFinish methods
- Call finish methods for each backend in process
- Call LDAP unbind only when necessary
- Unbind if error in RegisterDBLDAP
2014-06-25 11:53:09 +00:00
François-Xavier Deltombe
70ec1d03cb
Refactor LL::NG::Handler::Specific::AuthBasic ( #630 )
2014-06-25 10:01:17 +00:00
Clément Oudot
941c27631c
Disconnect from LDAP when error occurs, and enable cache management even with Multi backend ( #664 )
2014-06-23 12:45:27 +00:00
Clément Oudot
1b6655a431
Delete captcha session when check is done, and add captcha backend in purgeCentralCache script ( #703 )
2014-06-11 10:22:34 +00:00
Clément Oudot
473cd6c9dc
Use a session backend to manage captcha ( #703 )
2014-06-10 16:21:33 +00:00
Clément Oudot
dbfbde2e9f
make tidy
2014-06-08 10:04:50 +00:00
Clément Oudot
50b80020da
Port memory leak fix to 1.4 branch ( #708 )
2014-06-06 10:04:14 +00:00
Clément Oudot
d61cd6a6de
Make Register work with AuthChoice ( #26 )
2014-06-06 09:54:48 +00:00
Xavier Guimard
c96e281fee
Avoid potential circular references
2014-06-05 18:05:55 +00:00
Clément Oudot
f6cad5438c
Test if password was auto generated before displaying it in the mail ( #675 )
2014-06-03 08:13:24 +00:00
Clément Oudot
066f52caba
Fix use of ipAddr in Register ( #26 )
2014-06-02 13:56:20 +00:00
Clément Oudot
ba9fa72c1e
AD register module ( #26 )
2014-06-02 10:24:05 +00:00
Clément Oudot
9629d3a500
Fix login generation ( #26 )
2014-06-02 10:12:05 +00:00
Clément Oudot
a5b7cd030c
Register mail in LDAP ( #26 )
2014-06-02 10:08:32 +00:00
Clément Oudot
2e9033d28b
Add a button on login page to register page ( #26 )
2014-05-30 12:21:53 +00:00
Clément Oudot
524fab0b3a
RegisterDB LDAP is complete ( #26 )
2014-05-29 08:12:33 +00:00
Clément Oudot
9b10d96341
Fix unit tests after introducing RegisterDB ( #26 )
2014-05-29 07:38:50 +00:00
Clément Oudot
81dbe943c3
Introduce RegisterDB modules ( #26 )
2014-05-28 16:23:23 +00:00
Clément Oudot
2fe20b1248
Isolate register info in ->{registerInfo} ( #26 )
2014-05-28 15:41:32 +00:00
Clément Oudot
be04271809
Work on Register feature ( #26 )
2014-05-27 16:31:43 +00:00
Clément Oudot
66c93ec387
Manage already existing accounts in Register ( #26 )
2014-05-27 13:42:00 +00:00
Clément Oudot
57182767f4
Some error codes for Register ( #26 )
2014-05-26 16:25:33 +00:00