dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
12,267 Commits 3 Branches 0 Tags 75 MiB
79bd842424
Commit Graph

600 Commits

Author SHA1 Message Date
Maxime Besson
ea2365cc98 Implement OIDC Offline sessions through refresh tokens (#813) 2019-11-04 10:44:54 +01:00
Maxime Besson
474bb48aa1 Make Password::LDAP/AD check connection before use (#1909) 
Also remove a mostly redundant wrapper method in Auth::LDAP
 2019-10-01 19:17:31 +02:00
Maxime Besson
fa49e77495 Better logs in case of a LDAP error 2019-10-01 15:14:51 +02:00
Maxime Besson
5d5ac66a6e Add Date: field to emails (#1953) 
This adds a dependancy to Email::Date::Format, but it's already a
dependancy of Email::Sender::Simple (and probably more), so in practice
no new packages are going to be installed
 2019-09-26 12:32:58 +02:00
Christophe Maudoux
146aca7c82 Remove trailing whitespaces 2019-09-16 20:30:35 +02:00
Christophe Maudoux
fcf05c5602 Avoid warning 2019-09-16 17:22:35 +02:00
Christophe Maudoux
9784e75ead Check Slave credential headers (#1935) 2019-09-13 22:21:09 +02:00
Xavier
e50e7d09d1 Update version of (really) modified files 2019-09-12 21:56:49 +02:00
Clément OUDOT
e54355ff9f Use conf as HASH key (#1619) 2019-09-05 17:16:55 +02:00
Clément OUDOT
5b7bb4b9cd Check error message from ITDS (#1619) 2019-09-05 17:14:44 +02:00
Maxime Besson
ff3d4e218c doc: suggest a better fix for #1864 
We can't do it yet because the issue isn't fixed in versions of Lasso
found in the wild. But someday it will be.
 2019-09-03 18:13:13 +02:00
Maxime Besson
d61935ab6e Implement introspection endpoint for access tokens (#1843) 2019-08-29 19:10:51 +02:00
Maxime Besson
fd7453b7a5 Refactor endpoint auth 2019-08-29 18:57:26 +02:00
Xavier Guimard
1660109e2f Security: use 3-form for open 2019-08-28 11:32:54 +02:00
Maxime Besson
810d2c7f94 Disable template cache to avoid translation issues in mail (#1897) 2019-08-27 23:13:36 +02:00
Maxime Besson
a04a376777 Make regular template variables available in mails 
SKIN, PORTAL_URL, env_*, session_* are now available in email templates

Preliminary work for #1861
 2019-08-27 23:13:36 +02:00
Xavier Guimard
323d92fa1b Don't load Data::Dumper unless debug 2019-08-27 10:10:11 +02:00
Xavier Guimard
0415370f2c More REST debug 2019-08-22 15:17:51 +02:00
Maxime Besson
661a007b4a Check OIDC access token expiration (#1879) 2019-08-21 12:18:55 +02:00
Christophe Maudoux
78a82dbee9 Override OTT conf. for Upgrade tokens (#1884) 2019-08-15 22:01:44 +02:00
Christophe Maudoux
9dac92064c Better fix & update unit tests (#1861) 2019-08-07 22:29:12 +02:00
Christophe Maudoux
7aad470586 Delete pdata cookie after XML notif validation & Improve unit test (#1861) 2019-08-06 22:29:48 +02:00
Christophe Maudoux
c630a90064 Delete pdata cookie after notif validation & Improve unit test (#1861) 2019-08-06 22:25:09 +02:00
Xavier
ea713a3169 Avoid conflict in $req->data between DBI and LDAP 
Closes: #1875
 2019-08-06 21:54:41 +02:00
Maxime Besson
68c8be333a Fix translation override in mails 2019-08-02 17:45:03 +02:00
Maxime Besson
c9dba5212e HTML-decode entityID from metadata (#1864) 2019-07-25 18:29:46 +02:00
Christophe Maudoux
3d6a7bd843 Sort notifications: JSON format (#1862) 2019-07-25 12:42:58 +02:00
Christophe Maudoux
bf5fe2246d Send specified parameters (#1851) 2019-07-25 12:00:37 +02:00
Christophe Maudoux
11f2d0f34a Improve notifications REST API & unit test (#1851) 2019-07-23 15:54:53 +02:00
Christophe Maudoux
fb7a222c9d Append notifications REST API (#1851) 2019-07-22 15:39:59 +02:00
Christophe Maudoux
81aa2fb37b Improve test-lib & unit test (#1851) 2019-07-21 23:23:20 +02:00
Christophe Maudoux
3972861ba4 WIP - Improve unit test & need to fix list notifications feature!!! (#1851) 2019-07-21 22:47:48 +02:00
Clément OUDOT
f15e8bd108 Possibility to list notifications (#1851) 2019-07-21 20:47:16 +02:00
Christophe Maudoux
ca7ebe09f7 WIP - REST service to remove notification (#1851) 2019-07-20 22:25:03 +02:00
Christophe Maudoux
21c1d83df3 Typo 2019-07-20 13:28:48 +02:00
Christophe Maudoux
4eecd90230 Typo (#1857) 2019-07-17 12:20:30 +02:00
Christophe Maudoux
b99b76e2d6 Improve code (#1857) 2019-07-17 12:18:15 +02:00
Christophe Maudoux
d8b3eb2a34 Remove cipher cookie if notification refused (#1857) 2019-07-16 13:51:01 +02:00
Clément OUDOT
e12cb3a905 Fix loop on notifications (#1856) 2019-07-15 10:55:33 +02:00
Xavier
64c587417b Improvement 2019-07-12 19:09:55 +02:00
Clément OUDOT
c024ed0fe6 Improve logging when a notification is added by REST (#1853) 2019-07-12 18:34:55 +02:00
Xavier
a104db2f2d Clean logs 2019-07-04 07:24:50 +02:00
Maxime Besson
6f058fb2fa Add manager manpages to deb 2019-07-03 15:17:16 +02:00
Xavier Guimard
c1137edba8 make tidy with perltidy-20181120 2019-07-02 20:03:40 +02:00
Clément OUDOT
e04a6f1983 Reject none algorithm when checking JWT signature (#1835) 2019-07-02 16:36:43 +02:00
Clément OUDOT
60c03010ce Use Base64URL for JWT generation (#1834) 2019-07-01 17:29:35 +02:00
Xavier
c921c295ed Use user skin in loadTemplate (Fixes: #1828) 2019-06-28 13:40:56 +02:00
Xavier Guimard
44a6e25851 Improve cryptographic functions (#1823) 2019-06-28 10:30:37 +02:00
Xavier Guimard
e15a41bc66 Fix typo: s/templatesDir/templateDir/g (#1819) 2019-06-26 11:59:13 +02:00
Xavier Guimard
45a0b68c3b Disable external entities in XML parsers (Fixes: #1818) 2019-06-26 11:32:10 +02:00
Xavier
8b488e4d51 Move LDAP::getUser() to Lib::LDAP (Fixes: #1805) 2019-06-17 21:15:38 +02:00
Xavier Guimard
5fbff01b27 Update versions 2019-06-14 17:27:54 +02:00
Xavier Guimard
2a021e37ea Don't require getDisplayType in Choice (#1800) 2019-06-13 17:51:36 +02:00
Xavier Guimard
946384272e Partial revert "Typo" 
This reverts commit f63a63eedb.
 2019-06-06 16:00:49 +02:00
Christophe Maudoux
f63a63eedb Typo 2019-06-05 11:25:50 +02:00
Christophe Maudoux
3dd4c52c65 Update version (#1766) 2019-05-26 10:33:39 +02:00
Christophe Maudoux
0e47cb4f5b Fix warning message 2019-05-23 15:52:11 +02:00
Clément OUDOT
c024952b8f Do not fail if no RP or no OP configured (#1759) 2019-05-17 16:00:33 +02:00
Xavier
b91d1d4b87 Tidy 2019-05-16 20:45:14 +02:00
Xavier
a2e78c88c3 Set versions 2019-05-16 20:42:31 +02:00
Christophe Maudoux
e46fac82b2 CheckUser with tokenGlobalStorage & Warn if SSO groups are merged 2019-05-15 23:45:06 +02:00
Clément OUDOT
05cd4d4a58 Fix update token with global storage (#1742) 2019-05-12 20:39:25 +02:00
Clément OUDOT
07de622e83 Fix getRegisterSession and getMailSession (#1743) 2019-05-12 17:36:14 +02:00
Xavier
f3c4ea0afb Tydy 2019-05-11 20:18:43 +02:00
Xavier Guimard
1cd50bb353 Fix Auth::Remote session kind (#1742) 2019-05-10 18:02:56 +02:00
Xavier Guimard
638a0de81a Don't use SSO session type for tokens (Fixes security part of #1742) 2019-05-10 17:35:10 +02:00
Christophe Maudoux
c8dd4554aa Test if required secret elements are set to sign JWT 2019-05-02 14:33:56 +02:00
Clément OUDOT
926262170b Implement PKCE in OIDC provider (#1722) 2019-04-29 17:18:16 +02:00
Clément OUDOT
8e6f678be7 Create a configuration option to allow a Relying Party to be a public client 
Allow unauthenticated requests on OAuth2 token endoint

#1725
 2019-04-29 10:02:16 +02:00
Antoine ROSIER
8875a4e985 perltidy 2019-04-10 17:21:33 +02:00
Antoine ROSIER
8636da45be Sorting SAML idp (#1704) 2019-04-10 17:06:41 +02:00
Clément OUDOT
ae3a728378 Manage template inclusion when file is not in configured portal theme (#1653) 2019-04-10 15:42:58 +02:00
maudoux
1bc519d11d Fix warning (#1694) 2019-04-06 14:09:58 +02:00
Christophe Maudoux
cf36b44162 Cleaning code (#1664) 2019-04-05 20:04:17 +02:00
Christophe Maudoux
2b818a9c02 Append specific ottRule dependency (#1694) 2019-04-05 17:23:09 +02:00
Xavier Guimard
2159957c34 Update versions 2019-04-05 09:54:43 +02:00
Xavier Guimard
ece9b21219 Remove trailing whitespaces 2019-04-03 14:15:16 +02:00
Maxime Besson
d44a042fd5 Revert 8f5fbb077e and change the way logout errors are handled 
Relating to issue #1668, the proposed fix works when there is only one
service provider to logout of.

Now that multiple service provider logout is starting to work again on
2.0, we cannot read the remote_ProviderID from the logout object because
it is only filled by lasso when actually building the response.

Instead, we ignore any error that could occur when building the
response, log a warning and show the portal instead. Still better than
an internal server error.
 2019-04-03 11:20:24 +02:00
Clément OUDOT
502a32e257 Add unit test and fix code for ppolicy grace (#1691) 2019-04-01 09:58:56 +02:00
Xavier
01ab88ba57 Fix for #1691 2019-04-01 06:52:21 +02:00
Clément OUDOT
d620ae2e8b Merge branch 'maxbes/lemonldap-ng-saml-issuer-entityid-override' into v2.0 2019-03-13 10:30:16 +01:00
Maxime Besson
8f5fbb077e When logout-initiating SP has no known SLO endpoint, fallback to portal 
In some federations, SLO endpoints are not published, yet SP are still
able to initiate logouts.

This used to cause an error on the portal, this commit changes the error
into a warning in logs. The user remains on the portal and sees a normal
logout message.
 2019-03-12 17:58:41 +01:00
Xavier Guimard
bc2bef4ff4 Please use our .perltidyrc 2019-03-07 18:22:58 +01:00
Maxime Besson
e290cd59d6 Fix undef warnings in metadata generation 
Fix some undef warnings introduced in
12d2db35a9
 2019-03-04 09:33:12 +01:00
dcoutadeur
3af15b139e fix id_token validity not correctly evaluated #1662 2019-02-28 09:56:21 +01:00
Maxime Besson
12d2db35a9 Add new URLs for SP-only or IDP-only SAML metadata 
This commit adds two new URLs:

/saml/metadata/idp : IDP-only metadata
/saml/metadata/sp : SP-only metadata

/saml/metadata keeps providing metadata for all SAML services
 2019-02-27 18:14:30 +01:00
Xavier Guimard
c7b4eb5051 tidy with new conf 2019-02-07 09:27:56 +01:00
Xavier Guimard
58fc9c2fad Update versions 2019-02-06 19:30:57 +01:00
Clément OUDOT
8b76218025 Fix error message for ppolicy (#1639) 2019-02-06 11:39:37 +01:00
Xavier Guimard
5886cbe2a0 Tidy 2019-02-05 23:12:17 +01:00
Xavier Guimard
e2b026b7c8 Fix versions 2019-02-05 23:06:18 +01:00
Christophe Maudoux
21206099ce Append display options for SAML IDP (#1637) 2019-02-05 22:39:09 +01:00
Clément OUDOT
c77783eb2f Merge branch 'v2.0' 2019-02-05 18:46:40 +01:00
Xavier Guimard
0ddcaa5dc9 Update versions 2019-02-05 18:44:38 +01:00
Christophe Maudoux
b39e6ce99f WIP - Append relative parameters (#1637) 2019-02-04 23:13:54 +01:00
Xavier Guimard
22a54210dd Merge branch 'fix-plaintext-email' into 'master' 
Fix plaintext email

See merge request lemonldap-ng/lemonldap-ng!53
 2019-02-01 15:37:00 +01:00
Xavier Guimard
c77317fef7 Update versions 2019-01-31 23:20:57 +01:00
Xavier Guimard
c60ba130b8 Replace rand() by Crypt::URandom::urandom() 2019-01-31 23:16:52 +01:00
Maxime Besson
6890b290b1 Fix plaintext email 
For the few of us who like plain text email better.

Before this commit, the mail body would not be correctly pulled from
config, and then the portal would error 500 due to MIME::Entity objects
not having an "attr" accessor, unlike the previously used MIME::Lite
objects
 2019-01-30 12:06:05 +01:00
Xavier Guimard
9ebc18ca5d Update version 2018-12-18 13:13:15 +01:00
Xavier Guimard
3cd14656f5 Add "all" trOver in mails (Fixes: #1586) 2018-12-17 21:09:24 +01:00
Xavier Guimard
dc0e173cf2 Fix #1588 2018-12-17 19:34:28 +01:00
Clément OUDOT
28208a5f2d Allow mail template message override (#1586) 2018-12-17 11:50:40 +01:00
Xavier Guimard
f6f1072ef6 Fix double init (#1550) 2018-11-29 21:19:39 +01:00
Xavier Guimard
11857d9f8a make tidy 2018-11-26 14:40:21 +01:00
Christophe Maudoux
3167aaeeb0 Avoid warning msg 2018-11-23 23:10:01 +01:00
Christophe Maudoux
217e4c43f3 Fix display (#1550) 2018-11-23 22:08:06 +01:00
Clément OUDOT
356a588a92 Fix DN encoding issue in LDAP password modification (#1540) 2018-11-14 10:15:28 +01:00
Xavier Guimard
e317d180b9 Fix MailReset for DBI (#1508) 
Same todo with other Password::* backends
 2018-11-13 11:30:45 +01:00
Christophe Maudoux
1e17506ee1 Fix warning msg (#1532) 2018-10-31 22:46:03 +01:00
Christophe Maudoux
3ac5f0f02b Update Choice.pm 2018-10-30 07:44:04 +01:00
Christophe Maudoux
37c6498e3c Avoid append same URL (#1532) 2018-10-29 22:14:51 +01:00
Christophe Maudoux
52a7f884f6 Append URL test (#1532) 2018-10-29 22:10:49 +01:00
Clément OUDOT
3445b697c0 Set authChoice in request data (#1524) 2018-10-16 17:25:43 +02:00
Clément OUDOT
ce24a05168 Test if Choice condition is not empty (#1500) 2018-10-16 15:10:30 +02:00
Clément OUDOT
ba630d5117 Test if Choice condition is not empty (#1500) 2018-10-16 15:07:56 +02:00
Christophe Maudoux
c031e63f5e Merge branch 'master' of gitlab.ow2.org:lemonldap-ng/lemonldap-ng 2018-10-15 21:14:33 +02:00
Christophe Maudoux
05f207927f Fix syntax error (#1522) 2018-10-15 21:06:08 +02:00
Xavier Guimard
6331338105 Fix warning in inheritance 2018-10-15 20:58:16 +02:00
Clément OUDOT
c5f9a7f95b make tidy 2018-10-12 10:04:03 +02:00
Clément OUDOT
b8e10222f4 Do not stop if one SP or IDP cannot be loaded (#1516) 2018-10-09 19:36:59 +02:00
Xavier Guimard
1ef8c05908 Add "over" feature to choice (#1500) 2018-10-08 16:57:24 +02:00
Christophe Maudoux
6c4dcf44ec Fix typo 2018-10-07 14:12:36 +02:00
Xavier Guimard
0d3cccc491 Fix loadPlugin/loadModule issues in Choice (#1500) 2018-10-03 22:31:28 +02:00
Xavier Guimard
2ac66fc1d7 Missing "with" #1500 2018-10-03 22:01:13 +02:00
Xavier Guimard
29d00823e5 Factor loadPlugin override (#1500) 2018-10-03 21:48:57 +02:00
Clément OUDOT
9de86c39fa Use pdata choice first (#1461) 2018-09-27 15:12:38 +02:00
Clément OUDOT
800f0bd96a Do not create server error on SAML error (#1502) 2018-09-11 11:07:23 +02:00
Clément OUDOT
1f215987c2 Restore possibility to have a custom choice module logo 2018-09-07 20:11:36 +02:00
Xavier Guimard
10ed38bd3a Optimize notifications (#1497) 2018-09-05 13:35:50 +02:00
Xavier Guimard
6278398060 Move "afterData" entry point before "buildCookie" and add "endAuth" entrypoint (#1497) 
TODO: optimize notifications
 2018-09-05 09:22:20 +02:00
Christophe Maudoux
d08776b0ca Merge branch 'master' of gitlab.ow2.org:lemonldap-ng/lemonldap-ng 2018-09-04 21:38:41 +02:00
Christophe Maudoux
9ef7c051a4 Change inheritance links to be more consistent with Plugins architecture 2018-09-04 21:05:08 +02:00
Xavier Guimard
9ed4303db1 Don't fail on init() if DBI connection fails (#1496) 2018-09-04 09:57:05 +02:00
Xavier Guimard
5d05292c84 More info in logs #1496 2018-09-04 09:50:48 +02:00
Xavier Guimard
e001d4f8ef Don't populate ->error if LDAP connection fails 
Fixes: #1496
 2018-09-04 09:39:21 +02:00
Xavier Guimard
9beaac9c85 Improvements (#1496) 2018-09-04 07:08:46 +02:00
Xavier Guimard
62d5c7836c make tidy 2018-09-02 17:31:58 +02:00
Clément OUDOT
46702f3a62 Allow to add URLs in CSP from-action from the request object (#1480) 2018-08-28 18:24:01 +02:00
Xavier Guimard
4ef9fa374a Add sfRequired option (#1487) 2018-08-09 08:21:09 +02:00
Xavier Guimard
16dfbed636 Tidy 2018-07-12 09:04:05 +02:00
Clément OUDOT
b634bc91c2 token_type is case insensitive (#1474) 2018-07-10 18:53:40 +02:00
Xavier Guimard
c118a60c1e Fix "cancel" feature (#1461) 2018-07-10 11:43:36 +02:00
Xavier Guimard
8353215adb Add authCancel entry point (#1461) 
UNTESTED !!!
@clement_oudot: not enough time to test this morning
 2018-07-10 07:11:08 +02:00
Xavier Guimard
ea48c78a28 Change choice order (#1461) 2018-07-06 14:44:41 +02:00
Xavier Guimard
0f7b3ca71d make tidy 2018-07-05 23:00:40 +02:00
Xavier Guimard
b2620c2679 s/datas/data 
datas => des données
data => les données
 2018-07-05 22:56:16 +02:00
Xavier Guimard
1a6f717dfc Use pdata in Choice (#1461) 2018-07-05 22:05:24 +02:00
Xavier Guimard
1cd5a706c9 Avoid session conflict between Issuer and Auth OIDC (#1468) 2018-06-30 07:51:22 +02:00
Xavier Guimard
a5cc73a54c Avoid session conflict between Issuer and Auth CAS (#1468) 2018-06-30 07:44:05 +02:00
Xavier Guimard
33712dcf13 Set ignore system for issuers (#1468) 2018-06-29 14:31:43 +02:00
Xavier Guimard
e6ad687618 Change session key names between Auth and Issuer (SAML #1468) 2018-06-29 06:50:31 +02:00
Xavier Guimard
9ea5668232 #1468 in progress 2018-06-28 06:48:58 +02:00
Xavier Guimard
8596b339e8 Use build_urlencoded everywhere (#1461) 2018-06-26 19:13:06 +02:00
Xavier Guimard
95e76061cd Add debug for strange behavior (#1342) 2018-06-21 13:58:42 +02:00
Clément OUDOT
3168f7eb41 Workaround for server error (#1342) 2018-06-21 12:01:30 +02:00
Xavier Guimard
4087038c64 Bad management of entry point in choice (#1342) 2018-06-20 22:29:48 +02:00
Xavier Guimard
ff0c8029db Change oidc content key for removal (#1431) 2018-06-20 21:38:26 +02:00
Clément OUDOT
9dfe054e64 Fix CAS proxy code (#1224) 2018-06-19 16:47:09 +02:00
Xavier Guimard
21f588153e Fix #1342 2018-06-18 23:19:33 +02:00
Xavier Guimard
cea0f32801 #1342 in progress 2018-06-18 22:37:28 +02:00
Xavier Guimard
784304702b Useless arg (#1162) 2018-06-13 21:34:27 +02:00
Xavier Guimard
f5b3617ad9 Typo errors (#1162) 2018-06-13 21:18:15 +02:00
Clément OUDOT
28c4429b75 Configuration for SAML signature method (#1247) 2018-06-12 18:22:21 +02:00
Clément OUDOT
3898db68a7 Provide kid in JWT only for RS signatures (#1426) 2018-05-19 16:29:05 +02:00
Xavier Guimard
dfcd8486d2 Optimize URL escape calls (#595) 2018-05-18 16:34:59 +02:00
Xavier Guimard
0849df9da0 Avoid little warning (#595) 2018-05-14 21:52:52 +02:00
Clément OUDOT
bd33897a52 Fix multi values separator (#1420) 2018-05-14 12:21:17 +02:00
Clément OUDOT
0669303baf Display CAS responses in debug logs (#1420) 2018-05-11 21:58:59 +02:00
Xavier Guimard
c673be7cf2 Set some default values in Attributes.pm (#595) 2018-04-30 18:06:15 +02:00
Xavier Guimard
57715c8b69 Fix #1413 2018-04-28 09:09:34 +02:00
Xavier Guimard
564b34176b Fix rule if 0 (#1413) 2018-04-27 20:10:31 +02:00
Clément OUDOT
90dc78932e Fix error on undefined object method (#1413) 2018-04-27 15:57:07 +02:00
Xavier Guimard
baf0b90b68 Fix name error in rule (#1413) 2018-04-27 13:54:06 +02:00
Xavier Guimard
0283231dd9 Typo 2018-04-26 12:05:11 +02:00
Xavier Guimard
6557b2105a Merge branch 'master' of gitlab.ow2.org:lemonldap-ng/lemonldap-ng 2018-04-26 12:01:54 +02:00
Xavier Guimard
6f87ae5078 Debug hook (#1413) 2018-04-26 12:01:40 +02:00
Clément OUDOT
d3db202488 forcedSAML is no more a Choice (#1256) 2018-04-26 11:44:03 +02:00
Xavier Guimard
023be4c4eb Bad object (#1413) 2018-04-26 07:46:49 +02:00
Xavier Guimard
6605ea1857 Eval() in init() (#1413) 2018-04-26 07:38:17 +02:00
Clément OUDOT
2d388c174a Condition on Choice tab (#1413) 2018-04-25 15:40:19 +02:00
Xavier Guimard
797fa5b5c3 Security: avoid challenge replay (#1148) 2018-04-17 17:27:49 +02:00
Xavier Guimard
492ae116f8 Missing debug (#1148) 2018-04-17 12:06:09 +02:00
Xavier Guimard
8e81d31bc1 Add Yubico debug (#1148) 
Available with Crypt::U2F::Server >= 0.43
 2018-04-09 14:31:15 +02:00
Xavier Guimard
c833a18939 Destroy LDAP object (#595) 2018-03-13 14:43:12 +01:00
Xavier Guimard
3383a68a25 Tidy 2018-03-13 07:14:01 +01:00
Xavier Guimard
3356afdaa8 Little security (#1385) 2018-03-10 09:42:29 +01:00
Xavier Guimard
33c764855d Don't encode + (may fix: #1385) 2018-03-10 09:33:14 +01:00
Xavier Guimard
8a434cc3f9 Type (#1390) 2018-03-09 16:50:44 +01:00
Xavier Guimard
6b9584989f Fix #1390 XSS for 2.0 2018-03-09 16:27:33 +01:00
Xavier Guimard
a944faba47 Use new crypt object for each crypter operation (#1148) 2018-03-06 07:03:42 +01:00
Xavier Guimard
09a47d72ba TOTP self registration skeleton (#1359) 2018-02-20 13:19:52 +01:00
Xavier Guimard
6a752a1a4b Move Auth::Base to Main::Auth 2018-02-19 22:11:43 +01:00
Xavier Guimard
057a8afcb2 #1353 in progress 2018-01-24 22:32:08 +01:00
Xavier Guimard
dfc28adcc3 Skeleton for "useMail" feature in getUser (#1353) 2018-01-22 21:57:48 +01:00
Clément OUDOT
f202a7fdf6 Correct test on expiration time in processLogoutRequestMsg (#1357) 2018-01-15 15:08:44 +01:00
Clément OUDOT
2eb91fc0ea Prevent duplicate group search (#1356) 2018-01-15 12:27:10 +01:00
Xavier Guimard
d3f65bbd7f Fix missing $_auth/_user in Choice (#1348) 2017-12-21 21:44:13 +01:00
Xavier Guimard
1015e4467e Fix some little errors (#1338) 2017-12-19 09:29:35 +01:00
Xavier Guimard
fab1eaf815 Error in warn msg (#595) 2017-12-18 11:17:52 +01:00
Xavier Guimard
6106f37fac Fix "refresh" feature for Choice 
Fixes: #1339
 2017-12-18 10:40:07 +01:00
Xavier Guimard
46a417fb83 More debug (#1333) 2017-12-11 19:36:55 +01:00
Clément OUDOT
341bbb22ee eval Lasso constants (#1312) 2017-11-17 07:26:44 +01:00
Xavier Guimard
b03558c504 Finish #1330 2017-11-11 21:16:52 +01:00
Xavier Guimard
7f0ff6d0d8 Replace Jira by GitLab 2017-11-11 14:06:23 +01:00
Xavier Guimard
0d491e96f4 Use same name for SP rules (#1330) 2017-11-11 13:51:48 +01:00
Clément Oudot
cddb4fc849 Change message log level from warn to debug (#1329) 2017-11-07 10:29:06 +00:00
Xavier Guimard
a09af34412 Missing $req in updatePersistentSession calls (fixes: #1319) 2017-10-31 12:04:05 +00:00
Xavier Guimard
17a3b5e976 Raise an error if notification connector fails (#595) 2017-10-19 14:59:19 +00:00
Xavier Guimard
1fb4c21af3 Move OI2-SREG HTML fragments to tpl (closes: #1302) 2017-10-11 12:21:40 +00:00
Xavier Guimard
91af1f63ff Move SAML HTML fragments to tpl (#1302) 2017-10-11 11:35:56 +00:00
Xavier Guimard
46364da414 Move some HTML fragments to templates (#1302) 2017-10-10 11:04:40 +00:00
Xavier Guimard
76769f8166 Move HTML::Template calls into Main::Plugin (prepare #1302) 2017-10-10 09:24:08 +00:00
Clément Oudot
a7401b72f6 Fix from_json methods (#1303) 2017-09-28 12:52:14 +00:00
Xavier Guimard
fc582377ff Clean SAML storage code (#1305) 2017-09-27 05:00:00 +00:00
Xavier Guimard
10177b4bfd Default storage values (may fix #1305) 2017-09-26 20:15:50 +00:00
Clément Oudot
04acb221d3 Fix JSON parsing for Debian 9 in OpenIDConnect code (#1303) 2017-09-21 13:35:26 +00:00
Xavier Guimard
facf676a4c Remove code duplication (#595) 2017-09-19 20:06:33 +00:00
Clément Oudot
54972a9bc7 Define default SAML session storage (#1251) 2017-08-29 16:51:50 +00:00
Clément Oudot
40af38f928 Define default CAS session storage (#1251) 2017-08-29 16:51:49 +00:00
Clément Oudot
ae4ef2e3e5 Set SAML server signature method (#1247) 2017-08-29 16:43:43 +00:00
Xavier Guimard
a06f8c2480 Typo (fixes: #1273) 2017-07-17 19:19:39 +00:00
David COUTADEUR
06691b85a2 fix remaining lmLog (references #1245) 2017-06-23 16:37:16 +00:00
David COUTADEUR
d8d296873f fix manager: ERROR, complex node inside. Don't use simpleInputContainer for dbiPassword (references #1245) 2017-06-23 14:54:35 +00:00
David COUTADEUR
80f5d06e82 perl tidy 2017-06-23 09:57:07 +00:00
David COUTADEUR
6533b0a36b first working version of dynamic hash passwords in trunk (LEMONLDAP-1245) 2017-06-23 09:23:29 +00:00
Xavier Guimard
5e4ef360e0 Use globalStorage unless oidcStorage is defined (may fix #1251) 2017-06-22 09:12:28 +00:00
Xavier Guimard
00423fc223 Fix proxied services in CAS (#1183) 2017-04-15 13:21:33 +00:00
Xavier Guimard
b83374b274 New Issuer::CAS (#1183) 2017-04-13 19:17:29 +00:00
Xavier Guimard
d1d57fae22 Adapt CAS "proxy" to new arch (#1183) 2017-04-13 18:54:06 +00:00
Xavier Guimard
7499d1198b Auth::CAS rebuild in progress (#1183) 2017-04-12 21:11:11 +00:00
Xavier Guimard
68707a0b36 Don't store request datas in $self (#1183) 2017-04-11 20:28:01 +00:00
Xavier Guimard
eed489a557 Store CAS attributes for UserDB::CAS (#1183) 
@coudot: can you validate this ?
 2017-04-11 17:05:02 +00:00
Clément Oudot
b175218d1d Fix parsing CAS XML (#1183) 2017-03-29 19:43:10 +00:00
Xavier Guimard
9944115c8d Fix CAS test (#1183) 2017-03-29 19:02:38 +00:00
Clément Oudot
75ffa010e7 Fix typo in CAS code (#1183) 2017-03-29 07:51:18 +00:00
Xavier Guimard
2e59ea441a Replace request management in handler (#1044) 
Note: this is a big change, more tests needed
 2017-03-28 21:07:49 +00:00
Clément Oudot
552c432fef Remove use of AuthCAS module (#1183) 2017-03-28 18:23:50 +00:00
Xavier Guimard
c761cc5781 Mark some properties "lazy" to be sure conf is intialized (#595) 2017-03-27 16:51:18 +00:00
Xavier Guimard
6efec8525f Install new SMTP options (#1206) 2017-03-27 07:02:19 +00:00
Xavier Guimard
6cb301c531 Replace MIME::Lite by Email::Sender/MIME::Entity (#1206) 2017-03-27 05:22:08 +00:00
Xavier Guimard
bd9e6f50bf Start replacing MIME::Lite (#1206) 2017-03-26 05:26:28 +00:00
Xavier Guimard
86d7a3a8c0 Add SecondFactor superclass (#1015) 2017-03-23 11:17:01 +00:00
Xavier Guimard
7e81e1b1e0 Add OIDC-RP rule (#1161) 2017-03-22 20:47:07 +00:00
Xavier Guimard
62528e8b6a Add SAML-SP rule (#1161) 2017-03-22 20:20:30 +00:00
Xavier Guimard
830f15f71d Bad safe usage (#595) 2017-03-22 19:03:49 +00:00
Xavier Guimard
077455e015 Update TODO list 2017-03-22 14:10:21 +00:00
Xavier Guimard
6dba4fd1c2 Better request management in issuers (#595) 2017-03-21 06:23:58 +00:00
Xavier Guimard
f1ac524c24 Use OTT for state token (#(595) 2017-03-18 19:51:00 +00:00
Xavier Guimard
1a65e9a0fe Use OTT for nonce token (#(595) 2017-03-18 19:50:56 +00:00