Maxime Besson
0d513ce5b7
Fix CORS on userinfo error response ( #2567 )
2021-07-26 15:44:20 +02:00
Maxime Besson
2816586afe
Fix regression from 3732cdcc
( #2477 )
2021-07-09 11:49:29 +02:00
Christophe Maudoux
1d2db0594f
Tidy
2021-07-04 22:13:32 +02:00
Christophe Maudoux
466b6a3241
Avoid to store passwords ( #2557 )
2021-07-04 22:07:21 +02:00
Yadd
4a61606ee8
typo
2021-06-29 16:55:29 +02:00
Yadd
b0e7ba5d8a
Fix URIRE
2021-06-29 16:50:39 +02:00
Yadd
83b45db614
Fix versions
2021-06-28 15:36:29 +02:00
Yadd
3b8222ae8a
Fix trusted domains regex ( #2535 )
2021-06-25 08:59:52 +02:00
Maxime Besson
15054b9038
Extra precaution for #2539
2021-06-25 07:54:03 +02:00
Maxime Besson
cf70ebe293
Stop triggering XSS protection on escaped commas
...
Commas are safe in HTML and JS, so there is no risk of XSS
2021-06-24 20:16:20 +02:00
Maxime Besson
4a2a786598
Fix CDA wildcard regexp ( #2534 )
2021-06-24 19:02:17 +02:00
Maxime Besson
dbd65d1b2b
Handle wildcards in CDA check ( #2534 )
2021-06-24 16:59:20 +02:00
Yadd
3732cdcc19
Better URL parsing ( #2477 )
2021-06-24 14:33:27 +02:00
Clément OUDOT
bdeb1e70d9
Allow to display password value in login form ( #2454 )
2021-06-16 20:50:11 +02:00
Maxime Besson
63cd5ffb40
Revert 652d8ba9bc
...
See #2482
2021-06-11 08:53:26 +02:00
Christophe Maudoux
de3164fea7
Fix button top margin ( #1976 )
2021-05-01 22:35:56 +02:00
Christophe Maudoux
fc481d40d2
Rename param ( #1976 )
2021-04-30 22:36:31 +02:00
Maxime Besson
cd97d3b922
Refactor $req->{cspFormAction} ( #2513 )
2021-04-23 09:02:24 +02:00
Maxime Besson
a876d978af
Suggest improvement for next major version
2021-04-23 09:02:24 +02:00
Maxime Besson
913ebbd556
fix missing domain in child-src during SAML POST logout ( #2513 )
2021-04-23 09:02:24 +02:00
Maxime Besson
5ba0c11b58
Add helper to build CSP host list ( #2513 )
2021-04-23 09:02:24 +02:00
Christophe Maudoux
21ced5dbad
Fix speChars test, typos & display ( #2509 )
2021-04-14 13:28:12 +02:00
Maxime Besson
2c8cbbefe6
"xxx is allowed to update 2FA" should be a debug message
2021-03-30 16:32:14 +02:00
Maxime Besson
c0f8e8f46b
Skip serializing psgi streams when saving request
...
It can interfere with unit tests in some cases, like #2000
2021-03-15 21:18:08 +01:00
Yadd
3883c5abff
Fix vhost regexp ( #2477 )
2021-03-02 07:57:21 +01:00
Xavier Guimard
b5c0ca94c4
CrowdSec plugin ( #2451 )
2021-02-19 07:40:36 +01:00
Christophe Maudoux
5f7981e256
Improve error message & unit test ( #2458 )
2021-02-16 22:04:38 +01:00
Christophe Maudoux
1757cf5337
Merge branch 'CheckDevOps-plugin' into 'v2.0'
...
Check DevOps file plugin (#2458 )
See merge request lemonldap-ng/lemonldap-ng!178
2021-02-16 18:46:19 +00:00
Christophe Maudoux
1f66e03969
Append an option to download rules.json file from remote server ( #2458 )
2021-02-16 12:15:18 +01:00
Maxime Besson
31d0f26174
Clear hook list on configuration reload ( #2463 )
2021-02-15 15:13:53 +01:00
Christophe Maudoux
6e1efc8bb5
WIP: CheckDevOps plugin skeleton ( #2458 )
2021-02-12 18:11:37 +01:00
Maxime Besson
4408852d33
tidy
2021-02-12 18:10:53 +01:00
Maxime Besson
424cf91e88
Fix error message on missing template dir ( #2460 )
2021-02-12 18:10:53 +01:00
Christophe Maudoux
4515768513
Display explicit error message ( #2329 )
2021-02-10 22:27:12 +01:00
Christophe Maudoux
55071d5210
Keep old behavior if no JS ( #1976 )
2021-02-05 18:05:59 +01:00
Maxime Besson
090fad7475
Add warning when hook stack encounters error
2021-02-01 18:15:55 +01:00
Christophe Maudoux
ea80b4df0e
Use Ajax request ( #1976 )
2021-01-30 23:22:03 +01:00
Maxime Besson
84684b3b5b
Avoid loading plugins when their config is an empty hash ( #2448 )
2021-01-28 11:42:36 +01:00
Xavier Guimard
39518079d5
Clean "afterSub" and "aroundSub" during reload ( #2448 )
2021-01-27 17:30:54 +01:00
Xavier Guimard
4455f13976
Clean "afterSub" and "aroundSub" during init ( #2448 )
2021-01-27 15:28:34 +01:00
Christophe Maudoux
377fe4796c
Update version ( #1976 )
2021-01-23 23:11:57 +01:00
Christophe Maudoux
7c3955b2aa
Allow input type select with FindUser ( #1976 )
2021-01-23 23:00:23 +01:00
Christophe Maudoux
e4444c907f
Append CheckUser normalized headers option & Improve unit test ( #2436 )
2021-01-08 18:38:05 +01:00
Christophe Maudoux
c0f71ee0f1
Fix FindUSer with Choice ( #1976 )
2020-12-27 13:29:10 +01:00
Christophe Maudoux
406fdbc54b
Append unit test if Impersonation is missing ( #1976 )
2020-12-26 15:27:25 +01:00
Christophe Maudoux
f956810e48
Redirect to Portal ( #1976 )
2020-12-23 22:47:08 +01:00
Christophe Maudoux
bfcdd370df
Merge branch 'v2.0' into findUser
2020-12-21 21:11:55 +01:00
Maxime Besson
ed0be42c93
Merge branch 'WIP-plugin-hooks-2359' into 'v2.0'
...
Plugin hook system to extend issuers (and maybe more)
See merge request lemonldap-ng/lemonldap-ng!166
2020-12-21 16:35:03 +01:00
Christophe Maudoux
4d04672c20
WIP: FindUser skeleton ( #1976 )
2020-12-20 22:54:35 +01:00
Christophe Maudoux
652d8ba9bc
Prevent authentication on backend if account is locked ( #2243 )
2020-12-16 22:49:41 +01:00
Maxime Besson
9ba6938e90
Show a friendlier error message when a module fails init ( #2410 )
2020-12-07 16:59:48 +01:00
Christophe Maudoux
c2266720f9
Unauthenticated logout request with route & improve unit test ( #2342 )
2020-12-06 11:21:11 +01:00
Christophe Maudoux
41889e5ee2
Append unit test ( #2342 )
2020-12-05 20:37:50 +01:00
Christophe Maudoux
b2306cc8ad
Unauthenticated logout ( #2342 )
2020-12-05 19:31:23 +01:00
Maxime Besson
699679a8e0
Documentation for #2359
2020-11-27 14:00:58 +01:00
Maxime Besson
f0dbb28866
Add Hook system for plugins ( #2359 )
2020-11-27 14:00:58 +01:00
Christophe Maudoux
0a4fabb4e4
Use strict & fix warnings
2020-11-21 19:24:04 +01:00
Maxime Besson
0263865faa
Add CORS headers to error pages ( #2380 )
2020-11-12 14:34:16 +01:00
Christophe Maudoux
231ec50d63
Fix protocol in log
2020-11-10 10:47:14 +01:00
Christophe Maudoux
c742d8320e
Set user and oldpassword fields into reset password form & Improve unit tests ( #2377 )
2020-11-09 13:27:16 +01:00
Xavier Guimard
893385d007
Replace application/javascript by application/json ( Fixes #2376 )
2020-11-06 17:58:41 +01:00
Maxime Besson
1de41224f8
Avoid memory leaks in $req->steps ( #2369 )
2020-11-02 23:22:04 +01:00
Christophe Maudoux
7ac2a0da80
Allow to check last logins with stayConnected plugin & improve unit test ( #2365 )
2020-10-31 22:10:14 +01:00
Christophe Maudoux
b869b59da7
Avoid assignment ( #2360 )
2020-10-30 12:55:39 +01:00
Christophe Maudoux
90c8c2ba86
Improve messages ( #2332 )
2020-10-16 23:27:06 +02:00
Christophe Maudoux
cd02b8023e
Fix warning ( #2332 )
2020-10-05 20:45:05 +02:00
Christophe Maudoux
352b97f681
Append option to modify 2FA during context switching ( #2338 )
2020-10-04 21:18:09 +02:00
Christophe Maudoux
da91097969
Improve fix ( #2332 )
2020-10-04 19:32:10 +02:00
Christophe Maudoux
a8343ac7be
Test authLevel before removing 2F device ( #2332 )
2020-10-04 19:29:31 +02:00
Christophe Maudoux
b573dbb789
Better fix and improve unit test ( #2337 )
2020-10-04 11:35:26 +02:00
Christophe Maudoux
cb0fed8e13
Prevent to update SFA if impersonation is in progress ( #2337 )
2020-10-03 11:58:49 +02:00
Clément OUDOT
6cccea0e46
First version of adaptative authentication level plugin ( #2336 )
2020-10-02 15:05:15 +02:00
Maxime Besson
f9c7d0bdf7
saml proxy logout: Delay info until we return from idp ( #2262 )
2020-09-08 17:25:11 +02:00
Christophe Maudoux
059b2b13f1
Merge branch 'v2.0' into 2266
2020-09-07 18:56:37 +02:00
Xavier Guimard
c8df084247
Update versions
2020-09-04 17:59:00 +02:00
Maxime Besson
66c68f6056
Merge branch 'feature-delayed-2fa-2124' into 'v2.0'
...
Delay 2FA until required by an application
See merge request lemonldap-ng/lemonldap-ng!147
2020-09-04 17:40:46 +02:00
Maxime Besson
f9cdb5497a
Only clean _url part of pdata when redirecting to issuer (#1878,#2124)
2020-09-04 17:17:04 +02:00
Maxime Besson
eb191be72e
Add error message when no sf available during upgrade ( #2124 )
2020-09-04 17:17:02 +02:00
Maxime Besson
f69babadef
Differentiate renew and upgrade in Upgrade plugin ( #2124 )
2020-09-04 17:16:11 +02:00
Maxime Besson
1cf1990fe2
Add portal code for session upgrade
2020-09-04 17:15:34 +02:00
Maxime Besson
ef6b8587ee
Remember target authlevel in handler ( #2124 )
2020-09-04 17:14:05 +02:00
Clément OUDOT
828ecd7bfb
Show password form with change password after reset ( #2307 )
2020-09-04 16:14:17 +02:00
Christophe Maudoux
01beb5d48b
Allow all special chars ( #2266 )
2020-08-29 22:12:09 +02:00
Christophe Maudoux
e84b29aca4
Display special chars password policy with expired password form ( #2289 )
2020-08-24 22:43:15 +02:00
Maxime Besson
4497f39efe
Factor psession id calculation into Common
2020-08-17 18:43:29 +02:00
Maxime Besson
26cd1945fb
Try to compute the correct value of SameSite by default ( #2281 )
2020-08-17 18:05:09 +02:00
Maxime Besson
7a02fdf8e5
rollback caa346d075
( #2179 )
...
No longer needed since #2261
2020-08-12 09:49:14 +02:00
Maxime Besson
9d9e16e3f9
Remove setAuthSessionInfo from refresh process ( #2261 )
2020-08-12 09:49:14 +02:00
Maxime Besson
9aa3b9b03f
Add correct secure flag to pdata cookie ( #2272 )
2020-08-10 12:10:33 +02:00
Maxime Besson
a96820d6f6
Set secure flag when removing cookie ( #2272 )
2020-08-10 12:10:33 +02:00
Maxime Besson
5df1850847
Add cache-control headers to sendJSONresponse ( #2234 )
2020-06-24 15:49:50 +02:00
Maxime Besson
33a5496e55
Fix regression in #2085 ( #2224 )
...
Clearing all hidden form values was a mistake as it breaks SAML when the
redirection URL contains a query string. We should keep existing hidden
fields. In the context of OIDC request, we clear them before redirection
to avoid #2085
2020-05-29 15:51:51 +02:00
Christophe Maudoux
bb9e03d1e5
Tidy
2020-05-24 00:04:33 +02:00
Christophe Maudoux
9bf915b5dc
Fix unit tests & Version
2020-05-08 23:03:16 +02:00
Xavier Guimard
6caf88a174
Better warning fix
2020-05-04 16:42:41 +02:00
Xavier Guimard
5d10695a79
Fix warning
2020-05-04 16:40:57 +02:00
Maxime Besson
9464bd2503
Merge branch 'fix-oidc-consent-2fa-2142' into 'v2.0'
...
Fix #2142
See merge request lemonldap-ng/lemonldap-ng!135
2020-05-04 16:00:35 +02:00
Xavier Guimard
317bfcd97d
Clean all issuer when issuerTs expires ( fixes : #2186 )
2020-05-04 15:42:25 +02:00
Christophe Maudoux
7014327232
Append an option to display sfManager link ( #2185 )
2020-04-30 20:50:10 +02:00
Xavier Guimard
d801070a8f
Clean also pdata in Main::Issuer::_redirect() ("1939) and add @maxbes test
2020-04-30 12:56:28 +02:00