Maxime Besson
|
0d513ce5b7
|
Fix CORS on userinfo error response (#2567)
|
2021-07-26 15:44:20 +02:00 |
|
Yadd
|
83b45db614
|
Fix versions
|
2021-06-28 15:36:29 +02:00 |
|
Yadd
|
3732cdcc19
|
Better URL parsing (#2477)
|
2021-06-24 14:33:27 +02:00 |
|
Maxime Besson
|
b8e8bbcedd
|
Ignore unknown scopes (#2496)
|
2021-06-03 18:24:55 +02:00 |
|
Maxime Besson
|
55cdfefd7b
|
Workaround for #2472
|
2021-06-02 15:36:05 +02:00 |
|
Maxime Besson
|
91cfba275a
|
Skip registration of SAML SP when config has errors (#2525)
|
2021-06-02 08:34:02 +02:00 |
|
Maxime Besson
|
71a8fc6d16
|
Skip registration of CAS App when config has errors (#2525)
|
2021-06-02 08:34:02 +02:00 |
|
Maxime Besson
|
e50db3f083
|
Skip registration of OIDC RP when config has errors (#2525)
|
2021-06-02 08:34:01 +02:00 |
|
Maxime Besson
|
15298466ea
|
Fix JWT userinfo in Auth::OpenIDConnect (#2529)
|
2021-05-31 09:52:02 +02:00 |
|
Maxime Besson
|
cd97d3b922
|
Refactor $req->{cspFormAction} (#2513)
|
2021-04-23 09:02:24 +02:00 |
|
Maxime Besson
|
913ebbd556
|
fix missing domain in child-src during SAML POST logout (#2513)
|
2021-04-23 09:02:24 +02:00 |
|
Maxime Besson
|
a94fb616bd
|
Allow admin to disallow host-based match (#2506)
|
2021-04-09 17:51:54 +02:00 |
|
Maxime Besson
|
c1e059eeb3
|
Use authChoiceAuthBasic to select Choice (#2502)
|
2021-04-07 16:40:32 +02:00 |
|
Christophe Maudoux
|
4751427105
|
Fix error level & Improve doc (#1976)
|
2021-04-01 23:31:48 +02:00 |
|
Christophe Maudoux
|
c0db322ef0
|
Perl critic
|
2021-04-01 23:07:58 +02:00 |
|
Maxime Besson
|
d696853556
|
Factor MAIN_LOGO variable in loadMailTemplate (#2495)
|
2021-03-31 14:27:23 +02:00 |
|
Maxime Besson
|
20e1f9ded0
|
Hash JWT to catch tampering (#2419)
This mechanism's only purpose is to make the introsection endpoint fail
to verify the token when the JWT itself has been tampered with.
|
2021-03-30 16:32:14 +02:00 |
|
Clément OUDOT
|
55ab4b5a5f
|
Fix CAS log message on service ticket validation error (#2494)
|
2021-03-25 16:33:48 +01:00 |
|
Maxime Besson
|
a70051e3fe
|
Remove deprecated base64url implementation
All our target distros now have base64url in Mime::Base64
|
2021-03-03 11:03:19 +01:00 |
|
Maxime Besson
|
bb95e681e6
|
Tidy
|
2021-03-03 11:03:19 +01:00 |
|
Maxime Besson
|
e10d1e291c
|
Return granted scopes if different from requested scopes (#2424)
|
2021-03-03 11:03:19 +01:00 |
|
Maxime Besson
|
2d7f9e34a6
|
OIDC: Return error if multiple client auth used (#2474)
|
2021-02-24 17:48:12 +01:00 |
|
Maxime Besson
|
cceb6f767e
|
Use a dedicated function for OIDC error reporting (#2465)
|
2021-02-18 22:06:39 +01:00 |
|
Maxime Besson
|
a1ed57c035
|
Add typ header to access token jwt (#2419)
|
2021-02-03 09:43:35 +01:00 |
|
Maxime Besson
|
1cd7dd3d2c
|
Add hook for access token JWT payload (#2419)
|
2021-02-01 18:20:32 +01:00 |
|
Maxime Besson
|
d86e8ce0df
|
Refactor: remove extractJWT
|
2021-02-01 18:20:32 +01:00 |
|
Maxime Besson
|
cb04670003
|
Refactor checksignature
|
2021-02-01 18:20:32 +01:00 |
|
Maxime Besson
|
435ba82144
|
Refactor: rename and move getJWTJSONData
|
2021-02-01 18:20:32 +01:00 |
|
Maxime Besson
|
6aef1a6317
|
Refactor: getUserInfo now returns a hash
|
2021-02-01 18:20:32 +01:00 |
|
Maxime Besson
|
f3c97c22dc
|
Refactor access token id lookup into Common::JWT
|
2021-02-01 18:20:32 +01:00 |
|
Maxime Besson
|
aa877cf0a3
|
Let newAccessToken emit JWT (#2419)
|
2021-02-01 18:15:55 +01:00 |
|
Maxime Besson
|
dc0bacd6f0
|
Accept Access Tokens in JWT format (#2419)
|
2021-02-01 18:15:55 +01:00 |
|
Maxime Besson
|
acaaf1c749
|
Refactor buildUserInfo (#2419)
|
2021-02-01 18:15:55 +01:00 |
|
Maxime Besson
|
dbddddfba1
|
Refactor newAccessToken (#2419)
|
2021-02-01 18:15:55 +01:00 |
|
Maxime Besson
|
5562d8b1dd
|
Add a function to resolve allowed scopes from rules (#2424)
|
2021-02-01 16:25:35 +01:00 |
|
Maxime Besson
|
c30b452aa3
|
Load dynamic scopes from config (#2424)
|
2021-02-01 16:25:35 +01:00 |
|
Maxime Besson
|
c844cc25b0
|
Fix SAML logout propagation with Redirect binding (#2449)
|
2021-01-29 09:45:50 +01:00 |
|
Christophe Maudoux
|
5d56a88ff3
|
Use strict & Typo
|
2021-01-23 18:57:24 +01:00 |
|
Christophe Maudoux
|
d6e351ab90
|
Tidy
|
2021-01-19 22:45:05 +01:00 |
|
Maxime Besson
|
5b4e533f44
|
Add _scope and _clientID to portal (#1987)
|
2021-01-19 17:06:21 +01:00 |
|
Maxime Besson
|
dd5e9ec156
|
Tidy
|
2021-01-19 16:44:06 +01:00 |
|
Christophe Maudoux
|
bd1a0bf6da
|
Fix regex (#1976)
|
2021-01-07 09:54:00 +01:00 |
|
Christophe Maudoux
|
1c45e8a8c0
|
Merge branch 'v2.0' into findUser
|
2021-01-05 22:14:28 +01:00 |
|
Christophe Maudoux
|
846d6a3655
|
Allow wildcard with searching parameters (#1976) & Improve unit tests
|
2021-01-05 22:08:48 +01:00 |
|
Maxime Besson
|
2a805e06b9
|
Match CAS service via prefix (#2331)
|
2021-01-05 17:34:57 +01:00 |
|
Maxime Besson
|
e78f8a2270
|
Refactor CAS code (#2321)
|
2021-01-05 17:34:57 +01:00 |
|
Christophe Maudoux
|
fc6ea96954
|
FindUser with combination (#1976)
|
2021-01-03 19:00:20 +01:00 |
|
Christophe Maudoux
|
c2c02b4c86
|
Append REST UserDB unit test (#1976)
|
2021-01-02 22:50:56 +01:00 |
|
Christophe Maudoux
|
de1be30176
|
Fix other Backend (#1976)
|
2021-01-02 19:21:16 +01:00 |
|
Christophe Maudoux
|
597455dfcf
|
FindUser with LDAP & AD & Append unit test (#1976)
|
2020-12-27 23:37:40 +01:00 |
|
Christophe Maudoux
|
072f68004a
|
Improve debug log & unit tests (#1976)
|
2020-12-27 18:03:08 +01:00 |
|
Christophe Maudoux
|
0b750fb6cc
|
Append Choice unit tests (#1976)
|
2020-12-27 14:24:15 +01:00 |
|
Christophe Maudoux
|
c0f71ee0f1
|
Fix FindUSer with Choice (#1976)
|
2020-12-27 13:29:10 +01:00 |
|
Christophe Maudoux
|
510a1dc1c2
|
WIP: UserDB findUser (#1976)
|
2020-12-22 17:02:51 +01:00 |
|
Christophe Maudoux
|
bfcdd370df
|
Merge branch 'v2.0' into findUser
|
2020-12-21 21:11:55 +01:00 |
|
Maxime Besson
|
ed0be42c93
|
Merge branch 'WIP-plugin-hooks-2359' into 'v2.0'
Plugin hook system to extend issuers (and maybe more)
See merge request lemonldap-ng/lemonldap-ng!166
|
2020-12-21 16:35:03 +01:00 |
|
Christophe Maudoux
|
4d04672c20
|
WIP: FindUser skeleton (#1976)
|
2020-12-20 22:54:35 +01:00 |
|
Clément OUDOT
|
8211850be7
|
Better userLogger messages for password change (#2393)
|
2020-11-29 18:02:13 +01:00 |
|
Maxime Besson
|
f49c1adf17
|
add oidcGenerateIDToken hook (#2359)
|
2020-11-27 14:00:58 +01:00 |
|
Maxime Besson
|
daef0cf776
|
add oidcGenerateUserInfoResponse hook (#2359)
|
2020-11-27 14:00:58 +01:00 |
|
Christophe Maudoux
|
dfc68f9f98
|
Use Mouse instead of Exporter
|
2020-11-16 21:54:54 +01:00 |
|
Christophe Maudoux
|
c742d8320e
|
Set user and oldpassword fields into reset password form & Improve unit tests (#2377)
|
2020-11-09 13:27:16 +01:00 |
|
Maxime Besson
|
fa2301ab0e
|
Force OIDC claim types according to config (#2330)
|
2020-11-06 19:00:52 +01:00 |
|
Maxime Besson
|
367f1bc5ad
|
Add LDAP IO timeout (#2267)
|
2020-10-27 16:01:39 +01:00 |
|
Maxime Besson
|
fcb8e6b3c5
|
Use keepalive for LDAP connections (#2344)
|
2020-10-09 12:22:28 +02:00 |
|
Maxime Besson
|
5606d0ed6f
|
Add support for SHA384 and SHA512 (#2322)
|
2020-10-07 15:31:57 +02:00 |
|
Maxime Besson
|
1234d5294f
|
Let users override default SAML signature method (#2319)
|
2020-10-07 15:31:27 +02:00 |
|
Christophe Maudoux
|
055ec69b92
|
Code cleaning & refactoring
|
2020-10-02 20:40:41 +02:00 |
|
Maxime Besson
|
89ec2b09b1
|
Improve SMTP error reporting (#2293)
|
2020-09-16 17:29:49 +02:00 |
|
Maxime Besson
|
1db67d735a
|
Put mail transport code in Common so the manager can use it (#2293,#2304)
|
2020-09-16 17:27:00 +02:00 |
|
Xavier Guimard
|
e110517942
|
Fix misspelled parameter in call to ldap->search() (Fixes: #2310)
|
2020-09-10 08:40:23 +02:00 |
|
Maxime Besson
|
d31a14c303
|
Avoid accidentally creating an empty session (#2262)
|
2020-09-09 12:05:09 +02:00 |
|
Maxime Besson
|
683b5a7861
|
Resume logout when returning from Auth::SAML IDP (#2262)
|
2020-09-08 15:47:58 +02:00 |
|
Maxime Besson
|
3771ead3db
|
Make LDAP auth/userdb/pass modules use ldapVerify (#2250)
|
2020-09-05 12:21:37 +02:00 |
|
Xavier Guimard
|
c8df084247
|
Update versions
|
2020-09-04 17:59:00 +02:00 |
|
Maxime Besson
|
ffb7c7430d
|
Fix encoding workaround in recursive group search (#2306)
|
2020-09-03 15:59:18 +02:00 |
|
Christophe Maudoux
|
779fd983e5
|
Typo (#2302)
|
2020-08-28 21:56:54 +02:00 |
|
Maxime Besson
|
52c6edb453
|
Lookup oidcRPMetaDataOptionsUserIDAttr in per-RP macros (#2280)
|
2020-08-17 22:06:09 +02:00 |
|
Maxime Besson
|
b2a2575896
|
Fix incorrect SOAP content type in SAML issuer (#2263)
|
2020-08-10 15:06:00 +02:00 |
|
Maxime Besson
|
a96820d6f6
|
Set secure flag when removing cookie (#2272)
|
2020-08-10 12:10:33 +02:00 |
|
dcoutadeur
|
0045daa592
|
fix increase log level for mail sending and password reset (#2265)
|
2020-07-28 15:04:55 +02:00 |
|
Clément OUDOT
|
d1418952eb
|
Convert mutli-valued attributes into arrays for OIDC UserInfo (#2256)
|
2020-07-16 20:19:41 +02:00 |
|
Clément OUDOT
|
c5db3bc8bd
|
Add country to address claim (#2257)
|
2020-07-16 19:58:53 +02:00 |
|
Baptiste Pecatte
|
5fbf7ae533
|
Remove useless variable
|
2020-07-05 13:11:28 +02:00 |
|
Baptiste Pecatte
|
2816bed66e
|
Add host to logs for use with fail2ban
|
2020-07-05 13:11:28 +02:00 |
|
Christophe Maudoux
|
bb9e03d1e5
|
Tidy
|
2020-05-24 00:04:33 +02:00 |
|
Christophe Maudoux
|
a7a0f25321
|
Update function signature and params list
|
2020-04-28 18:24:55 +02:00 |
|
Christophe Maudoux
|
591f953d5e
|
Merge branch 'v2.0' into 2178-new
|
2020-04-28 18:20:49 +02:00 |
|
Clément OUDOT
|
9cd079e8fe
|
Manage multi valued attributes in CAS authentication module (#2118)
|
2020-04-28 12:44:16 +02:00 |
|
Christophe Maudoux
|
a52c8f53b0
|
Use rule (#2178)
|
2020-04-27 22:12:12 +02:00 |
|
Maxime Besson
|
a3821fc560
|
Implement additional audiences in ID token (#2177)
|
2020-04-24 11:10:44 +02:00 |
|
Maxime Besson
|
a217590869
|
Tidy OIDC
|
2020-04-22 21:25:56 +02:00 |
|
Xavier Guimard
|
faadd4fc52
|
DBI: verify parameters during init (Fixes: #2161)
|
2020-04-21 07:55:07 +02:00 |
|
Maxime Besson
|
55f3ca0e77
|
Improve error reporting for SAML replay protection
|
2020-04-18 19:54:02 +02:00 |
|
Maxime Besson
|
e9bab71585
|
Make sure restCall returns a hashref (#2125)
|
2020-03-26 11:31:33 +01:00 |
|
Maxime Besson
|
168dc75f96
|
OIDC: return id_token in hybrid flow (#2120)
|
2020-03-18 21:05:39 +01:00 |
|
Clément OUDOT
|
4c36c77452
|
Set default value for encryption_mode (#2117)
|
2020-03-12 17:00:50 +01:00 |
|
Clément OUDOT
|
921cf16fcf
|
Format parameters for trspan (#2113)
|
2020-03-10 11:28:04 +01:00 |
|
Clément OUDOT
|
7c947ab976
|
Use the correct message for ppolicy time before expiration (#2113)
|
2020-03-10 11:16:43 +01:00 |
|
Clément OUDOT
|
f830fc4d8a
|
Add some debug logs for ppolicy (#2113)
|
2020-03-10 10:50:02 +01:00 |
|