Christophe Maudoux
|
0181f9374f
|
Update doc & typos (#2591)
|
2021-10-30 10:56:04 +02:00 |
|
Christophe Maudoux
|
692b550e19
|
Append an option to disable fingerprint checking (#2591)
|
2021-10-30 00:21:48 +02:00 |
|
Christophe Maudoux
|
d54c897580
|
Syntax
|
2021-10-29 23:03:45 +02:00 |
|
Christophe Maudoux
|
c8464136d7
|
Syntax & tidy
|
2021-10-29 23:00:34 +02:00 |
|
Christophe Maudoux
|
773364d279
|
Remove useless init method (#2649)
|
2021-10-29 23:00:05 +02:00 |
|
Christophe Maudoux
|
01ef4c98d8
|
Merge branch 'v2.0' into CheckUser_history
|
2021-10-29 16:28:25 +02:00 |
|
Maxime Besson
|
beb2fa69df
|
Only run init method when it exists for portal plugins (#2649)
|
2021-10-28 17:09:25 +02:00 |
|
Maxime Besson
|
fe4172a50a
|
Change invalid_scope http code to 400 (#2622)
|
2021-10-27 00:17:28 +02:00 |
|
Christophe Maudoux
|
91854b09d4
|
Merge branch 'v2.0' into CheckUser_history
|
2021-10-26 23:48:35 +02:00 |
|
Christophe Maudoux
|
64e13cd532
|
Syntax
|
2021-10-26 23:47:49 +02:00 |
|
Maxime Besson
|
a0af787c97
|
Tidy Portal::Init
|
2021-10-26 23:17:27 +02:00 |
|
Maxime Besson
|
b21500122d
|
Fix #2622
|
2021-10-26 16:53:24 +02:00 |
|
Maxime Besson
|
8cfab558c7
|
Improve detection of SAML Artifact response type (#2648)
|
2021-10-26 11:44:26 +02:00 |
|
Christophe Maudoux
|
297b6fa5b7
|
Display logins history with CheckUser plugin
|
2021-10-24 23:13:24 +02:00 |
|
Christophe Maudoux
|
c14b5c6219
|
Append all BruteForce parameters into Manager (#2646)
|
2021-10-23 22:27:25 +02:00 |
|
Yadd
|
b5b8f3203c
|
Spelling errors reported by lintian
|
2021-10-09 09:13:35 +02:00 |
|
Christophe Maudoux
|
dea7b235b1
|
Tidy & update version
|
2021-10-07 22:38:23 +02:00 |
|
Maxime Besson
|
22a0f1c013
|
Initialize PATCH routes (#2626)
This prevents the following message from appearing when the portal fails
to initialize
Conflict detected between 2 extensions, aborting 1 route
|
2021-10-07 08:50:47 +02:00 |
|
Maxime Besson
|
806ef6c1ed
|
add warning when SAML user attribute was not found
|
2021-10-07 08:50:47 +02:00 |
|
Christophe Maudoux
|
64d55b6a93
|
Mark mandatory fields & Improve unit test (#1976)
|
2021-10-02 22:35:14 +02:00 |
|
Christophe Maudoux
|
2d0ec20c18
|
Append information in doc about afterData entry point (#2598)
|
2021-10-01 23:04:43 +02:00 |
|
Christophe Maudoux
|
ed56a171b9
|
Tidy (#2620)
|
2021-09-30 23:13:04 +02:00 |
|
Maxime Besson
|
24a989aa67
|
Remove unused method in Net::LDAP (#2620)
|
2021-09-29 11:43:19 +02:00 |
|
Maxime Besson
|
cc08c992c4
|
Merge branch '2620-ppolicy-binding-v2.0' into 'v2.0'
add more logs for ldap binding (ppolicy extended response code) + remove loadPP (#2620)
See merge request lemonldap-ng/lemonldap-ng!227
|
2021-09-29 09:36:58 +00:00 |
|
dcoutadeur dcoutadeur
|
ebb764a3c5
|
add more logs for ldap binding (ppolicy extended response code) + remove loadPP (#2620)
|
2021-09-29 09:36:58 +00:00 |
|
Alexandre KARIM
|
bcb3d9ad26
|
Fix sorting for Finduser plugin
|
2021-09-24 16:27:19 +02:00 |
|
Christophe Maudoux
|
a7467b1d15
|
Fix version (#2605)
|
2021-09-23 21:27:05 +02:00 |
|
Maxime Besson
|
6302c957cc
|
Add SAMESITE template param (#2605)
|
2021-09-23 17:44:52 +02:00 |
|
Christophe Maudoux
|
a4e15ad9a9
|
Set sameSite value for llnglanguage cookie (#2605)
|
2021-09-23 17:38:44 +02:00 |
|
Christophe Maudoux
|
9b50811f5e
|
Test if Safe jail is enabled (#2617)
|
2021-09-19 23:24:36 +02:00 |
|
Maxime Besson
|
35b3cb8c28
|
Use distinct error codes in Auth::OIDC (#2558)
|
2021-09-15 19:21:47 +02:00 |
|
Maxime Besson
|
d8eb44a5ab
|
Add portal status codes for Auth::OIDC errors (#2558)
|
2021-09-15 19:21:47 +02:00 |
|
Maxime Besson
|
8aa3e65137
|
Remember login across authentication attempts (#2616)
|
2021-09-15 14:00:31 +02:00 |
|
David Coutadeur
|
2c62720c43
|
display precise error while sending direct SOAP SAML message (#2614)
|
2021-09-13 10:32:07 +02:00 |
|
Christophe Maudoux
|
d51877a40d
|
Code refactoring
|
2021-09-10 22:40:33 +02:00 |
|
Christophe Maudoux
|
1901ef8232
|
Spit Remote and Proxy Auth cookie name parameter (#2613)
|
2021-09-10 22:40:11 +02:00 |
|
Maxime Besson
|
66946e8f75
|
Fix auth process in password-testing plugins (#2611)
|
2021-09-10 17:12:13 +02:00 |
|
Maxime Besson
|
83e95cd053
|
Update unit tests (#2611)
|
2021-09-10 17:12:13 +02:00 |
|
Christophe Maudoux
|
7d40d917af
|
Improve logout message (#2600)
|
2021-09-09 14:54:40 +02:00 |
|
Christophe Maudoux
|
b66798d159
|
Test cookieName & Improve code + unit test (#2600)
|
2021-09-09 14:28:06 +02:00 |
|
Christophe Maudoux
|
258e4fe731
|
Test URIs (#2600)
|
2021-09-08 22:10:45 +02:00 |
|
Alexandre KARIM
|
aa0db663c6
|
Merge branch 'v2.0' into 2600
|
2021-09-08 17:26:09 +02:00 |
|
Alexandre KARIM
|
0c33da8cdc
|
Lang, Doc, Sort Tree & Tests(#2600 #2601)
|
2021-09-08 16:41:53 +02:00 |
|
Maxime Besson
|
6806864872
|
Expose risk level to other plugins (#2593)
|
2021-09-06 17:50:10 +02:00 |
|
Maxime Besson
|
f297492703
|
Make new location plugin more generic (#2325)
|
2021-09-06 17:40:04 +02:00 |
|
Alexandre KARIM
|
d8c512547a
|
Test & code refactoring(#2601)
|
2021-09-06 17:10:55 +02:00 |
|
Alexandre KARIM
|
ad1244f272
|
Append spoofId parameter (#2601)
|
2021-09-06 14:18:10 +02:00 |
|
Alexandre KARIM
|
6b85a85026
|
Append ChoiceParam & ChoiceValue (#2600)
|
2021-09-06 10:47:06 +02:00 |
|
Alexandre KARIM
|
977a185fcc
|
Merge branch 'v2.0' into 2325
|
2021-09-02 12:05:19 +02:00 |
|
Christophe Maudoux
|
eab4d4a31e
|
Append an option to normalize headers & Improve unit tests + doc (#2604)
|
2021-09-01 21:48:10 +02:00 |
|
Maxime Besson
|
5ea7a0916d
|
Add _oidc_grant_type variable (#2602)
|
2021-09-01 17:32:15 +02:00 |
|
Alexandre KARIM
|
9bcdf37384
|
Merge branch 'v2.0' into 2325
|
2021-08-31 09:50:49 +02:00 |
|
Yadd
|
3ed77a01c2
|
Add buildurl method (#2594)
|
2021-08-27 14:35:07 +02:00 |
|
Maxime Besson
|
a489e4a76b
|
Fix open redirection issue in CAS (#2596)
|
2021-08-26 18:03:35 +02:00 |
|
Maxime Besson
|
cf3d884a77
|
Inform templates when mail/register URLs are external (#2597)
|
2021-08-26 17:50:37 +02:00 |
|
Alexandre KARIM
|
52ed859c4e
|
Update version #2325
|
2021-08-25 14:37:23 +02:00 |
|
Alexandre KARIM
|
cd72d00ef8
|
Subject & deduplicate history IP #2325
|
2021-08-25 14:28:15 +02:00 |
|
Alexandre KARIM
|
f9c20e6072
|
Merge branch 'v2.0' into 2325
|
2021-08-23 16:13:50 +02:00 |
|
Maxime Besson
|
f0a5b75402
|
Handle Conf not loading during portal init (#2592)
|
2021-08-22 11:35:31 +02:00 |
|
Christophe Maudoux
|
017408d005
|
Merge branch 'v2.0' into 2589
|
2021-08-20 20:06:22 +02:00 |
|
Clément OUDOT
|
14848f9bf1
|
Set modules version to 2.0.13
|
2021-08-20 18:30:13 +02:00 |
|
Alexandre KARIM
|
ffa804f6a3
|
Append unit test (#2325)
|
2021-08-19 10:55:17 +02:00 |
|
Alexandre KARIM
|
fa363b0bb1
|
Append unit test (#2325)
|
2021-08-19 10:55:17 +02:00 |
|
Alexandre KARIM
|
3ae759edd4
|
Date + tidy + langs (#2325)
|
2021-08-19 10:55:17 +02:00 |
|
Alexandre KARIM
|
13a7a81173
|
Mail template (#2325)
|
2021-08-19 10:55:17 +02:00 |
|
Alexandre KARIM
|
d0c6f7eec6
|
NewLocationWarning plugin skeleton (#2325)
|
2021-08-19 10:55:17 +02:00 |
|
Christophe Maudoux
|
df8fc578b4
|
Merge branch 'v2.0' into 2589
|
2021-08-12 23:47:10 +02:00 |
|
Christophe Maudoux
|
37363971f3
|
Merge branch 'v2.0' into 2564
|
2021-08-12 23:46:55 +02:00 |
|
Christophe Maudoux
|
c61ac6353f
|
Typos
|
2021-08-12 22:57:59 +02:00 |
|
Christophe Maudoux
|
4b592e1f48
|
Fix regex (#2589)
|
2021-08-12 22:57:59 +02:00 |
|
Maxime Besson
|
2fac0d9f47
|
Update LLNG download URL
|
2021-08-12 17:02:50 +02:00 |
|
Christophe Maudoux
|
084b9b26f1
|
Merge branch 'v2.0' into 2564
|
2021-08-02 10:10:25 +02:00 |
|
Christophe Maudoux
|
4d2dfe4abc
|
Fix warnings
|
2021-07-28 12:10:55 +02:00 |
|
Christophe Maudoux
|
21ba445141
|
Fix unit test (#2564) & some warnings
|
2021-07-28 10:38:45 +02:00 |
|
Christophe Maudoux
|
fbcaacbdf1
|
Langs (#2564)
|
2021-07-27 21:47:48 +02:00 |
|
Christophe Maudoux
|
13a62b4dde
|
Append unit test (#2564)
|
2021-07-27 20:12:35 +02:00 |
|
Christophe Maudoux
|
e3674d7d1a
|
Typos
|
2021-07-27 10:40:28 +02:00 |
|
Christophe Maudoux
|
984df5c0c8
|
Allow to configure mail body for account registration
|
2021-07-26 23:06:47 +02:00 |
|
Christophe Maudoux
|
a6ecbf1ec8
|
Fix version & comment
|
2021-07-26 22:55:27 +02:00 |
|
Maxime Besson
|
0d513ce5b7
|
Fix CORS on userinfo error response (#2567)
|
2021-07-26 15:44:20 +02:00 |
|
Clément OUDOT
|
a7809f10fe
|
Update version in main modules
|
2021-07-22 17:53:50 +02:00 |
|
Clément OUDOT
|
6a6a41b007
|
Use regexp to replace values in email only for text body (#2495)
|
2021-07-18 17:20:39 +02:00 |
|
Maxime Besson
|
2816586afe
|
Fix regression from 3732cdcc (#2477)
|
2021-07-09 11:49:29 +02:00 |
|
Christophe Maudoux
|
1d2db0594f
|
Tidy
|
2021-07-04 22:13:32 +02:00 |
|
Christophe Maudoux
|
466b6a3241
|
Avoid to store passwords (#2557)
|
2021-07-04 22:07:21 +02:00 |
|
Christophe Maudoux
|
0634fcaf98
|
Typos & tidy
|
2021-07-01 22:50:32 +02:00 |
|
Marek Wójtowicz
|
80a364839a
|
Fix yubikey from session.
|
2021-07-01 11:36:44 +00:00 |
|
Marek Wójtowicz
|
48f934045e
|
Support for multiple yubikeys.
|
2021-06-30 20:33:50 +00:00 |
|
Yadd
|
4a61606ee8
|
typo
|
2021-06-29 16:55:29 +02:00 |
|
Yadd
|
b0e7ba5d8a
|
Fix URIRE
|
2021-06-29 16:50:39 +02:00 |
|
Yadd
|
83b45db614
|
Fix versions
|
2021-06-28 15:36:29 +02:00 |
|
Maxime Besson
|
7de1793386
|
Let users specify a longer timeout for totp reg (#2544)
|
2021-06-28 11:36:44 +02:00 |
|
Christophe Maudoux
|
7f91820224
|
Display removed SF name (#1782)
|
2021-06-26 22:38:42 +02:00 |
|
Maxime Besson
|
316c734bbc
|
Merge branch 'fix-totp-options-2541' into v2.0
|
2021-06-25 13:55:53 +02:00 |
|
Clément OUDOT
|
262210398d
|
Remove OIDC check session iframe from metadata (#2554)
|
2021-06-25 12:49:51 +02:00 |
|
Yadd
|
3b8222ae8a
|
Fix trusted domains regex (#2535)
|
2021-06-25 08:59:52 +02:00 |
|
Maxime Besson
|
15054b9038
|
Extra precaution for #2539
|
2021-06-25 07:54:03 +02:00 |
|
Maxime Besson
|
cf70ebe293
|
Stop triggering XSS protection on escaped commas
Commas are safe in HTML and JS, so there is no risk of XSS
|
2021-06-24 20:16:20 +02:00 |
|
Maxime Besson
|
4a2a786598
|
Fix CDA wildcard regexp (#2534)
|
2021-06-24 19:02:17 +02:00 |
|
Maxime Besson
|
dbd65d1b2b
|
Handle wildcards in CDA check (#2534)
|
2021-06-24 16:59:20 +02:00 |
|
Christophe Maudoux
|
71fa5d09f7
|
Be more strict with URL (#2477)
|
2021-06-24 14:33:27 +02:00 |
|
Yadd
|
3732cdcc19
|
Better URL parsing (#2477)
|
2021-06-24 14:33:27 +02:00 |
|
Maxime Besson
|
8db02a693f
|
Only release IDtoken when scope contains openid (#2550)
|
2021-06-21 09:38:03 +02:00 |
|
Maxime Besson
|
beaacca9a0
|
Refactor _handleRefreshTokenGrant to use _generateIDToken (#2550)
|
2021-06-21 09:38:03 +02:00 |
|
Maxime Besson
|
c931b30263
|
Refactor _generateIDToken (#2550)
|
2021-06-21 09:38:03 +02:00 |
|
Clément OUDOT
|
bdeb1e70d9
|
Allow to display password value in login form (#2454)
|
2021-06-16 20:50:11 +02:00 |
|
Maxime Besson
|
3c37565eb9
|
Improve TOTP error reporting (#2541)
|
2021-06-15 18:07:03 +02:00 |
|
Maxime Besson
|
14548b9a1f
|
Remove "new totp" from portal js
|
2021-06-15 14:54:33 +02:00 |
|
Maxime Besson
|
7b0990addd
|
Remove totp options from code (#2541)
|
2021-06-15 14:54:32 +02:00 |
|
Maxime Besson
|
6f5cd3b645
|
Fix some undef warnings
|
2021-06-15 12:40:15 +02:00 |
|
Maxime Besson
|
75b81fcb5a
|
Fix NameID value when unspecified is requested by SP (#2518)
|
2021-06-15 11:27:37 +02:00 |
|
Maxime Besson
|
63cd5ffb40
|
Revert 652d8ba9bc
See #2482
|
2021-06-11 08:53:26 +02:00 |
|
Christophe Maudoux
|
86f46ebc5b
|
Fix some warnings (#2538)
|
2021-06-08 23:03:54 +02:00 |
|
Maxime Besson
|
87295178e0
|
optimize SingleSession to avoid unneeded session fetches (#2536)
|
2021-06-04 16:17:18 +02:00 |
|
Maxime Besson
|
b8e8bbcedd
|
Ignore unknown scopes (#2496)
|
2021-06-03 18:24:55 +02:00 |
|
Maxime Besson
|
55cdfefd7b
|
Workaround for #2472
|
2021-06-02 15:36:05 +02:00 |
|
Maxime Besson
|
fad337c58c
|
Add hooks on password change (#2510)
|
2021-06-02 11:07:28 +02:00 |
|
Maxime Besson
|
91cfba275a
|
Skip registration of SAML SP when config has errors (#2525)
|
2021-06-02 08:34:02 +02:00 |
|
Maxime Besson
|
71a8fc6d16
|
Skip registration of CAS App when config has errors (#2525)
|
2021-06-02 08:34:02 +02:00 |
|
Maxime Besson
|
e50db3f083
|
Skip registration of OIDC RP when config has errors (#2525)
|
2021-06-02 08:34:01 +02:00 |
|
Maxime Besson
|
cf3809a0de
|
Add CAS hooks (#2533)
|
2021-06-01 11:27:45 +02:00 |
|
Maxime Besson
|
e98aafd6f7
|
add oidcGenerateCode hook (#2532)
|
2021-05-31 11:16:28 +02:00 |
|
Maxime Besson
|
15298466ea
|
Fix JWT userinfo in Auth::OpenIDConnect (#2529)
|
2021-05-31 09:52:02 +02:00 |
|
Christophe Maudoux
|
cf55716825
|
Allow findUser with UpgradeSession (#1976)
|
2021-05-06 23:16:26 +02:00 |
|
Yadd
|
a24ed7bc41
|
Fix GrantSession rules sort
|
2021-05-04 15:50:38 +02:00 |
|
Christophe Maudoux
|
de3164fea7
|
Fix button top margin (#1976)
|
2021-05-01 22:35:56 +02:00 |
|
Christophe Maudoux
|
fc481d40d2
|
Rename param (#1976)
|
2021-04-30 22:36:31 +02:00 |
|
Maxime Besson
|
cd97d3b922
|
Refactor $req->{cspFormAction} (#2513)
|
2021-04-23 09:02:24 +02:00 |
|
Maxime Besson
|
a876d978af
|
Suggest improvement for next major version
|
2021-04-23 09:02:24 +02:00 |
|
Maxime Besson
|
913ebbd556
|
fix missing domain in child-src during SAML POST logout (#2513)
|
2021-04-23 09:02:24 +02:00 |
|
Maxime Besson
|
5ba0c11b58
|
Add helper to build CSP host list (#2513)
|
2021-04-23 09:02:24 +02:00 |
|
Christophe Maudoux
|
b54c95ccd2
|
Improve unit tests & Fix regex (#2509)
|
2021-04-21 22:14:47 +02:00 |
|
Maxime Besson
|
8695a633a7
|
Force type of JSON fields in token response (#2511)
|
2021-04-20 11:31:32 +02:00 |
|
Christophe Maudoux
|
21ced5dbad
|
Fix speChars test, typos & display (#2509)
|
2021-04-14 13:28:12 +02:00 |
|
Maxime Besson
|
a94fb616bd
|
Allow admin to disallow host-based match (#2506)
|
2021-04-09 17:51:54 +02:00 |
|
Maxime Besson
|
c1e059eeb3
|
Use authChoiceAuthBasic to select Choice (#2502)
|
2021-04-07 16:40:32 +02:00 |
|
Christophe Maudoux
|
64dffcf4d0
|
Send only technical and exported attributes (#2503)
|
2021-04-03 16:46:43 +02:00 |
|
Christophe Maudoux
|
9f77e89f96
|
Send exported attributes with REST session server & typos (#2503)
|
2021-04-02 23:57:30 +02:00 |
|
Christophe Maudoux
|
4751427105
|
Fix error level & Improve doc (#1976)
|
2021-04-01 23:31:48 +02:00 |
|
Christophe Maudoux
|
c0db322ef0
|
Perl critic
|
2021-04-01 23:07:58 +02:00 |
|
Christophe Maudoux
|
bcfb075f63
|
Be more consistent with REST params & Update doc (#1976)
|
2021-04-01 22:48:08 +02:00 |
|
Christophe Maudoux
|
654184dd66
|
Fix bad request (#2501)
|
2021-04-01 14:49:44 +02:00 |
|
Maxime Besson
|
297dc830af
|
Update mail templates to no longer use string substitution (#2495)
|
2021-03-31 14:27:23 +02:00 |
|
Maxime Besson
|
d696853556
|
Factor MAIN_LOGO variable in loadMailTemplate (#2495)
|
2021-03-31 14:27:23 +02:00 |
|
Christophe Maudoux
|
89111859a0
|
Typos (#1976)
|
2021-03-30 23:54:06 +02:00 |
|
Maxime Besson
|
20e1f9ded0
|
Hash JWT to catch tampering (#2419)
This mechanism's only purpose is to make the introsection endpoint fail
to verify the token when the JWT itself has been tampered with.
|
2021-03-30 16:32:14 +02:00 |
|
Maxime Besson
|
2c8cbbefe6
|
"xxx is allowed to update 2FA" should be a debug message
|
2021-03-30 16:32:14 +02:00 |
|
Clément OUDOT
|
55ab4b5a5f
|
Fix CAS log message on service ticket validation error (#2494)
|
2021-03-25 16:33:48 +01:00 |
|
Maxime Besson
|
02b680df30
|
fix #2489
|
2021-03-19 16:45:37 +01:00 |
|
Maxime Besson
|
96a667cf2e
|
clarify REST log messages
|
2021-03-17 14:24:47 +01:00 |
|