dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
10,108 Commits 3 Branches 0 Tags 75 MiB
7c0e6a2d00
Commit Graph

2587 Commits

Author SHA1 Message Date
Christophe Maudoux
138cfe6edb Append DecryptValue plugin (#1956) 2019-09-30 22:29:49 +02:00
Christophe Maudoux
a219a51e1c Revert "Make manifest" 
This reverts commit c00110ed01.
 2019-09-30 22:28:55 +02:00
Christophe Maudoux
35de9fd3e8 Re-order 2019-09-30 22:27:03 +02:00
Christophe Maudoux
c00110ed01 Make manifest 2019-09-30 22:26:55 +02:00
Christophe Maudoux
b3791cc65b Typo 2019-09-30 19:10:05 +02:00
Christophe Maudoux
b505d3a475 Typo 2019-09-30 19:10:05 +02:00
Maxime Besson
e9153957da IDP selection phrasing 2019-09-30 18:55:09 +02:00
Maxime Besson
e693e5e649 Fix IDP selection rules (#1961) 2019-09-30 18:54:02 +02:00
Xavier
461cd51e45 Try to fix #1785 without breaking pdata 2019-09-29 23:04:17 +02:00
Christophe Maudoux
e612f53838 Merge branch 'v2.0' 2019-09-27 22:33:00 +02:00
Christophe Maudoux
6df7412bcf Fix log with Impersonation plugin (#1664) 2019-09-26 20:24:12 +02:00
Maxime Besson
5d5ac66a6e Add Date: field to emails (#1953) 
This adds a dependancy to Email::Date::Format, but it's already a
dependancy of Email::Sender::Simple (and probably more), so in practice
no new packages are going to be installed
 2019-09-26 12:32:58 +02:00
Christophe Maudoux
9ec3ef8cfe Merge branch 'v2.0' 2019-09-22 15:54:58 +02:00
Christophe Maudoux
5d9fc02205 Typo & logger 2019-09-20 22:47:48 +02:00
Christophe Maudoux
df83595e8e Typo 2019-09-20 21:56:38 +02:00
Christophe Maudoux
c34c6e646e Append search parameters & improve unit test (#1938) 2019-09-19 22:51:10 +02:00
Clément OUDOT
dc0a8f7848 Add some log when user is authorized to access to service (#1702) 2019-09-19 16:52:08 +02:00
Clément OUDOT
dd76c4f3db Improve log for CAS Issuer (#1702) 2019-09-19 16:18:51 +02:00
Clément OUDOT
e446e09a7f Improve log (#1702) 2019-09-19 16:07:10 +02:00
Clément OUDOT
0466a2c8cc Merge remote-tracking branch 'origin/master' into maxbes/lemonldap-ng-fix-1882-remove-oidcServiceMetaDataIssuer 2019-09-19 15:31:25 +02:00
Xavier
cccd025dfc Tidy + typo 2019-09-18 21:49:55 +02:00
Xavier
fedea4abbd Merge remote-tracking branch 'mamesene/certificateReset-1605' 2019-09-18 21:44:31 +02:00
Christophe Maudoux
52be87b012 Merge branch 'v2.0' 2019-09-18 21:14:24 +02:00
Christophe Maudoux
84778604fd Typo 2019-09-18 21:01:24 +02:00
Christophe Maudoux
2095fdf316 Improve log (#1702) 2019-09-18 19:59:35 +02:00
Christophe Maudoux
92c8e6791f Typo (#1702) 2019-09-18 19:49:22 +02:00
Clément OUDOT
5512d38f81 Improve log on 2F unregistration (#1702) 2019-09-18 18:09:18 +02:00
mamesene
9d149a95f6 Reset Certificate module (#1605) 2019-09-18 16:04:45 +02:00
Clément OUDOT
ce6f6c3977 Get login to use it in password force change form (#1910) 2019-09-18 15:55:13 +02:00
Maxime Besson
a8cab64c5b Remove oidcServiceMetaDataIssuer (#1882) 2019-09-17 21:34:25 +02:00
Xavier
8b5387a48b Merge branch 'v2.0' 2019-09-17 20:56:39 +02:00
Maxime Besson
98f55fd384 Translate the error code displayed in debug logs 2019-09-17 20:17:57 +02:00
Xavier
f9704e8982 Merge branch 'v2.0' 2019-09-16 22:58:01 +02:00
Christophe Maudoux
146aca7c82 Remove trailing whitespaces 2019-09-16 20:30:35 +02:00
Christophe Maudoux
fcf05c5602 Avoid warning 2019-09-16 17:22:35 +02:00
Maxime Besson
c94e2534a9 Send CORS headers when doing JSON responses too (#1765) 2019-09-16 16:55:15 +02:00
Maxime Besson
e281ad7cc3 Add support for CORS preflight (#1765) 2019-09-16 16:55:15 +02:00
Christophe Maudoux
9c01c46fea Typo (#1932) 2019-09-14 23:37:50 +02:00
Christophe Maudoux
dd66f37739 Return httpSession id if exists (#1932) 2019-09-14 22:47:11 +02:00
Christophe Maudoux
5615d5b2a3 Append display Slave logo option (#1936) 2019-09-14 22:07:44 +02:00
Christophe Maudoux
ce4cdcee85 Don t display Slave module 2019-09-13 22:37:35 +02:00
Christophe Maudoux
9784e75ead Check Slave credential headers (#1935) 2019-09-13 22:21:09 +02:00
Clément OUDOT
5c7905e342 Improve regexp (#1891) 2019-09-13 15:35:05 +02:00
Clément OUDOT
36a1f07786 Remove cancel parameter in CAS service value (#1891) 2019-09-13 15:17:51 +02:00
Xavier
e1fe12a94d Merge branch 'v2.0' 2019-09-12 22:03:57 +02:00
Xavier
e50e7d09d1 Update version of (really) modified files 2019-09-12 21:56:49 +02:00
Clément OUDOT
70d2856d71 Option to display password generation box (#1928) 2019-09-12 18:26:56 +02:00
Clément OUDOT
c75a74da5a Display password form if password is refused (#1930) 2019-09-12 17:54:43 +02:00
Xavier
ebd4c41a62 Fix ppolicy merge from v2.0 2019-09-11 21:32:33 +02:00
Xavier
d881605fed Merge branch 'v2.0' 2019-09-11 21:22:50 +02:00
Christophe Maudoux
4287c39f5b typo 2019-09-11 16:20:28 +02:00
Christophe Maudoux
bb0b5814f7 Fix empty groups (#1791) 2019-09-11 16:18:35 +02:00
Christophe Maudoux
c1af9e49f7 WIP - Append extractFormInfo step & AuthChoiceParam for AuthChoice (#1925) 2019-09-09 23:23:52 +02:00
Christophe Maudoux
132f42d44c Forbid browsers to store users password & Improve unit tests (#1913) 2019-09-08 19:28:28 +02:00
Maxime Besson
94877793d4 increase clock tolerance during rest secret check (#1923) 2019-09-06 17:45:51 +02:00
Maxime Besson
00e91f374b Add specific error code when missing a required SAML attr (#1919) 
The MISSINGREQATTR message is a good default value, but a site
administrator may decide to override it with a personnalized version
that only applies to issuer errors caused by an incomplete user profile
(for example, giving a pointer to the local user profile management
application)
 2019-09-06 11:04:39 +02:00
Clément OUDOT
e54355ff9f Use conf as HASH key (#1619) 2019-09-05 17:16:55 +02:00
Clément OUDOT
5b7bb4b9cd Check error message from ITDS (#1619) 2019-09-05 17:14:44 +02:00
Clément OUDOT
17123d6196 Avoid plugin conflicts (#993) 2019-09-05 13:30:49 +02:00
Clément OUDOT
068ffbe604 Define portalDisplayPasswordPolicy parameter in Manager (#993) 2019-09-05 13:02:51 +02:00
Clément OUDOT
b44c13ba2f Display password policy in password change form (#993) 2019-09-05 12:46:32 +02:00
Clément OUDOT
2f2f62ae1c Check password quality in mail reset plugin (#993) 2019-09-05 12:02:51 +02:00
Clément OUDOT
3700a1b54c Fix logger in Kerberos Auth init 2019-09-04 15:42:33 +02:00
Xavier
ba7f8695f7 Merge branch 'v2.0' (fix versions) 2019-09-03 23:14:45 +02:00
Christophe Maudoux
afd915f64c Merge branch 'v2.0' 2019-09-03 23:00:07 +02:00
Christophe Maudoux
3e9a424090 Update version (#1916) 2019-09-03 22:57:51 +02:00
Christophe Maudoux
56ed8a5724 Append issuersTimeout option (#1916) 2019-09-03 22:52:07 +02:00
Clément OUDOT
a2d3ae1d03 Local password policy: minimal digits (#993) 2019-09-03 19:08:19 +02:00
Clément OUDOT
28309dca9b Merge branch 'v2.0' of gitlab.ow2.org:lemonldap-ng/lemonldap-ng into v2.0 2019-09-03 19:07:22 +02:00
Clément OUDOT
b52bbdb838 Local password policy: minimal upper characters (#993) 2019-09-03 18:45:35 +02:00
Maxime Besson
ff3d4e218c doc: suggest a better fix for #1864 
We can't do it yet because the issue isn't fixed in versions of Lasso
found in the wild. But someday it will be.
 2019-09-03 18:13:13 +02:00
Clément OUDOT
ef3d6a26c4 Local password policy: minimal lower characters (#993) 2019-09-03 16:10:04 +02:00
Clément OUDOT
8998eb183e Local password policy: minimal size (#993) 2019-09-03 14:30:22 +02:00
Clément OUDOT
82a06fce91 Pass skin parameter in 2F flows (#1915) 2019-09-03 11:56:48 +02:00
Christophe Maudoux
174193e74c Merge branch 'v2.0' 2019-09-01 22:11:33 +02:00
Clément OUDOT
fca831411b Fix call to logger in REST authentication backend 2019-08-30 09:46:25 +02:00
Clément OUDOT
177f446f25 Display main logo in redirect page (#1906) 2019-08-29 19:29:27 +02:00
Maxime Besson
d61935ab6e Implement introspection endpoint for access tokens (#1843) 2019-08-29 19:10:51 +02:00
Maxime Besson
fd7453b7a5 Refactor endpoint auth 2019-08-29 18:57:26 +02:00
Xavier Guimard
8ac93e034d Merge branch 'v2.0' 2019-08-29 11:33:42 +02:00
Xavier Guimard
ae6e69667a Fix warning 2019-08-29 10:49:01 +02:00
Xavier Guimard
9379188000 Fix ^ (#1903) 2019-08-28 19:28:20 +02:00
Xavier Guimard
df4e7e7522 Generic fix for issues like #1903 2019-08-28 19:12:29 +02:00
Clément OUDOT
2145483be7 Pass extra args in Combination module (#1903) 2019-08-28 18:22:19 +02:00
Xavier Guimard
4193f4fb51 Merge branch 'v2.0' 2019-08-28 11:35:43 +02:00
Xavier Guimard
1660109e2f Security: use 3-form for open 2019-08-28 11:32:54 +02:00
Xavier
1f2f0240f0 Love Perl (#1863) 
TIMTOWTDI
 2019-08-28 00:36:18 +02:00
Maxime Besson
810d2c7f94 Disable template cache to avoid translation issues in mail (#1897) 2019-08-27 23:13:36 +02:00
Maxime Besson
a04a376777 Make regular template variables available in mails 
SKIN, PORTAL_URL, env_*, session_* are now available in email templates

Preliminary work for #1861
 2019-08-27 23:13:36 +02:00
Xavier Guimard
48883dbe4e More tests 2019-08-27 10:32:26 +02:00
Xavier Guimard
323d92fa1b Don't load Data::Dumper unless debug 2019-08-27 10:10:11 +02:00
Xavier
7e5d6d6afd Merge branch 'v2.0' 2019-08-27 07:14:35 +02:00
Clément OUDOT
796d1b12e6 Add _session_kind to default exported attributes (#1896) 2019-08-26 17:38:08 +02:00
Christophe Maudoux
1212cd9ba2 Merge branch 'v2.0' 2019-08-25 18:47:43 +02:00
Christophe Maudoux
ec59cc164c Catch error earlier in process (#1867) 2019-08-24 23:26:42 +02:00
Xavier Guimard
0415370f2c More REST debug 2019-08-22 15:17:51 +02:00
Clément OUDOT
e42e71b5e3 Use LinkedIn v2 API (#1890) 2019-08-22 14:51:24 +02:00
Christophe Maudoux
894b8be541 By pass first access (#1867) 2019-08-21 23:40:23 +02:00
Maxime Besson
661a007b4a Check OIDC access token expiration (#1879) 2019-08-21 12:18:55 +02:00
Xavier
bef05c6f5d Merge branch 'v2.0' 2019-08-20 21:49:21 +02:00
Christophe Maudoux
b694b16a19 Avoid warning with Choice 2019-08-20 17:08:37 +02:00
Christophe Maudoux
8e9f4e513e Improve combination with FaceBook & LinkedIn 2019-08-17 17:27:14 +02:00
Christophe Maudoux
5985e6d258 Fix REST service (#1870) 2019-08-17 17:11:28 +02:00
Xavier
097183f2b3 Fix warning 2019-08-16 09:10:10 +02:00
Christophe Maudoux
28732d614b Merge branch 'v2.0' 2019-08-15 22:43:20 +02:00
Christophe Maudoux
78a82dbee9 Override OTT conf. for Upgrade tokens (#1884) 2019-08-15 22:01:44 +02:00
Maxime Besson
2e9f57ab6f Better default behavior for oidcServiceMetaDataIssuer (#1882) 2019-08-13 18:09:59 +02:00
Christophe Maudoux
7502e424e3 Revert "Concatenate pdata and lemon cookies in the same set-cookie header (#1863)" 
This reverts commit c3a01c042c
 2019-08-13 10:16:31 +02:00
Christophe Maudoux
c3a01c042c Concatenate pdata and lemon cookies in the same set-cookie header (#1863) 2019-08-12 23:52:33 +02:00
Christophe Maudoux
3891c9caec Fix log level & improve e2e ini file (#1878) 2019-08-12 22:20:22 +02:00
Christophe Maudoux
f8ef2797a8 Update manifest 2019-08-12 21:36:55 +02:00
Christophe Maudoux
d7cb8bf4b8 Force remove pdata cookie to avoid loop (#1878) 2019-08-12 21:29:08 +02:00
Christophe Maudoux
09158f0084 Return whatToTrace instead of uid & Fix + Append unit test (#1664) 2019-08-10 12:38:25 +02:00
Christophe Maudoux
52fa94bd55 Sort functions & append comments 2019-08-10 11:13:56 +02:00
Christophe Maudoux
115cc9b027 Fix #1867 for 2.1 2019-08-09 23:34:54 +02:00
Christophe Maudoux
866d5457f3 Merge branch 'v2.0' 2019-08-09 23:33:59 +02:00
Christophe Maudoux
bee0e675f3 Revert "Fix langs directory (#1870)" 
This reverts commit b453647b26.
 2019-08-09 22:46:43 +02:00
Christophe Maudoux
b453647b26 Fix langs directory (#1870) 2019-08-09 22:11:05 +02:00
Maxime Besson
daa03a9a9c OIDC: tie client_id to authorization code (#1881) 2019-08-09 13:54:53 +02:00
Christophe Maudoux
9dac92064c Better fix & update unit tests (#1861) 2019-08-07 22:29:12 +02:00
Maxime Besson
9b24fd02e5 Log more detailed information about Kerberos failures 2019-08-07 19:35:35 +02:00
Christophe Maudoux
ce05b44172 Remove useless constants (#1867) 2019-08-06 22:42:17 +02:00
Christophe Maudoux
7aad470586 Delete pdata cookie after XML notif validation & Improve unit test (#1861) 2019-08-06 22:29:48 +02:00
Christophe Maudoux
c630a90064 Delete pdata cookie after notif validation & Improve unit test (#1861) 2019-08-06 22:25:09 +02:00
Xavier
ea713a3169 Avoid conflict in $req->data between DBI and LDAP 
Closes: #1875
 2019-08-06 21:54:41 +02:00
Christophe Maudoux
742e7417d4 Better fix (#1867) 2019-08-06 21:04:52 +02:00
Maxime Besson
8de0a89029 Give more customization options for 2F prompt messages 
new translations labels for mail and rest, and we now pass the 2F prefix
to templates. It's not used in the default skin, but it should help in
cases where extra second factors are used to offer the user a more
helpful prompt message
 2019-08-05 20:08:28 +02:00
Christophe Maudoux
bf20db03b9 Improve unit test & fix (#1867) 2019-08-04 22:39:14 +02:00
Christophe Maudoux
c1736f7f82 Catch error if setSecurity is undefined (#1874) 2019-08-04 12:08:34 +02:00
Christophe Maudoux
1422c28c0b Improve fix & unit test (#1874) 2019-08-03 23:49:02 +02:00
Christophe Maudoux
6cf1c83151 Fix & Improve unit test (#1874) 2019-08-03 22:48:07 +02:00
Christophe Maudoux
3a660bde24 Merge branch 'v2.0' 2019-08-03 11:18:06 +02:00
Christophe Maudoux
058ef90662 Append dependency 2019-08-03 11:05:12 +02:00
Christophe Maudoux
6ad07f9c4d Fix debug log 2019-08-03 11:04:58 +02:00
Christophe Maudoux
dcd0c53fde Fix warning message 2019-08-02 22:58:36 +02:00
Christophe Maudoux
46208d74fe Improve unit test (#1870) 2019-08-02 21:58:08 +02:00
Maxime Besson
15c3b0bbf8 Add Radius second factor (#1847) 2019-08-02 18:03:10 +02:00
Maxime Besson
68c8be333a Fix translation override in mails 2019-08-02 17:45:03 +02:00
Maxime Besson
c1afdbefac Add labels and logos to all 2F providers (#1873) 2019-08-01 17:27:14 +02:00
Christophe Maudoux
216d683f22 Fix debug log (#1870) 2019-08-01 11:59:02 +02:00
Christophe Maudoux
188c7be337 perltidy 2019-07-31 23:38:48 +02:00
Christophe Maudoux
ee5a705d2f Append REST API to retrieve error message (#1870) 2019-07-31 23:09:38 +02:00
Christophe Maudoux
499b16bd07 Merge branch 'v2.0' 2019-07-31 16:34:38 +02:00
Clément OUDOT
4ee49de4c2 Adapt grant_types_supported attribute (#1846) 2019-07-25 19:06:53 +02:00
Maxime Besson
c9dba5212e HTML-decode entityID from metadata (#1864) 2019-07-25 18:29:46 +02:00
Christophe Maudoux
3d6a7bd843 Sort notifications: JSON format (#1862) 2019-07-25 12:42:58 +02:00
Christophe Maudoux
bf5fe2246d Send specified parameters (#1851) 2019-07-25 12:00:37 +02:00
Christophe Maudoux
3082168617 Append HTTP method options (#1851) 2019-07-25 10:49:49 +02:00
Christophe Maudoux
c82fc0f572 Merge branch 'v2.0' 2019-07-23 16:03:10 +02:00
Christophe Maudoux
11f2d0f34a Improve notifications REST API & unit test (#1851) 2019-07-23 15:54:53 +02:00
Maxime Besson
d82f776df8 Allow multi instanciation of 2F modules (#1860) 
This commit adds a manager interface to declare multiple instances of a
single 2F module, in a manner similar to Combination.

An additional portal code reads the `sfExtra` variable to load the
declared modules.

An empty rules means the module will be always active.
 2019-07-22 19:30:37 +02:00
Christophe Maudoux
fb7a222c9d Append notifications REST API (#1851) 2019-07-22 15:39:59 +02:00
Christophe Maudoux
81aa2fb37b Improve test-lib & unit test (#1851) 2019-07-21 23:23:20 +02:00
Christophe Maudoux
3972861ba4 WIP - Improve unit test & need to fix list notifications feature!!! (#1851) 2019-07-21 22:47:48 +02:00
Clément OUDOT
f15e8bd108 Possibility to list notifications (#1851) 2019-07-21 20:47:16 +02:00
Christophe Maudoux
ca7ebe09f7 WIP - REST service to remove notification (#1851) 2019-07-20 22:25:03 +02:00
Christophe Maudoux
21c1d83df3 Typo 2019-07-20 13:28:48 +02:00
Christophe Maudoux
b705b10da8 Merge branch 'v2.0' 2019-07-17 12:26:55 +02:00
Christophe Maudoux
4eecd90230 Typo (#1857) 2019-07-17 12:20:30 +02:00
Christophe Maudoux
b99b76e2d6 Improve code (#1857) 2019-07-17 12:18:15 +02:00
Christophe Maudoux
d8b3eb2a34 Remove cipher cookie if notification refused (#1857) 2019-07-16 13:51:01 +02:00
Clément OUDOT
e12cb3a905 Fix loop on notifications (#1856) 2019-07-15 10:55:33 +02:00
Xavier
64c587417b Improvement 2019-07-12 19:09:55 +02:00
Clément OUDOT
c024ed0fe6 Improve logging when a notification is added by REST (#1853) 2019-07-12 18:34:55 +02:00
Xavier Guimard
3c6a301785 Keep original PATH_INFO during notification process (Fixes: #1852) 2019-07-12 10:33:36 +02:00
Christophe Maudoux
b7c8d30b3f Merge branch 'v2.0' 2019-07-10 12:16:43 +02:00
Clément OUDOT
c76dc52436 Adapt response_types_supported attribute in OpenID Connect metadata depending on configured flows (#1846) 2019-07-08 15:38:57 +02:00
Clément OUDOT
9b98893c44 Manage claims in ID token if no access token requested (#1846) 2019-07-08 15:15:13 +02:00
Christophe Maudoux
240617d8d8 Fix unit tests 2019-07-06 23:27:45 +02:00
Christophe Maudoux
d0da10b375 Improve code (#1664) 2019-07-06 23:00:35 +02:00
Christophe Maudoux
619ea8258f Improve unit test & fix warning - Expired sessions (#1783) 2019-07-06 23:00:24 +02:00
Christophe Maudoux
2d6c46920e Fix & improve unit test (#1844) 2019-07-05 22:53:48 +02:00
Xavier
88f75c42ed Set pdata domain also when removing cookie (#1829) 2019-07-05 06:43:11 +02:00
Christophe Maudoux
6a579644f8 Fix warning (#1842) 2019-07-04 23:20:11 +02:00
Christophe Maudoux
f38a583967 Improve code 2019-07-04 22:50:46 +02:00
Christophe Maudoux
2016abd2ee Send pdata cookie to cross domain (#1829) 2019-07-04 21:49:28 +02:00
Xavier
9cdfd4c9a6 Add notice when user is connected 2019-07-04 21:22:06 +02:00
Clément OUDOT
1ebbde9a50 Tidy code and add missing check on hash_level (#1835) 2019-07-04 09:49:01 +02:00
Xavier
a104db2f2d Clean logs 2019-07-04 07:24:50 +02:00
Xavier
d4fedbdfcf Duplicate log rules in Plugin manpage 2019-07-04 07:09:39 +02:00
Christophe Maudoux
6df12176de Disable secondFactor (#1783) 2019-07-03 23:21:19 +02:00
Christophe Maudoux
2f541370a6 perltidy (#1783) 2019-07-03 23:12:15 +02:00
Christophe Maudoux
03f2d89d0c ContextSwitching: Check (expiration) errors & Improve logs (#1783) 2019-07-03 23:08:50 +02:00
Christophe Maudoux
161d6cee0f Fix unit test warning (Auth-and-issuer-OIDC-authorization_code-with-none-alg.t) 2019-07-03 22:17:22 +02:00
Maxime Besson
6f058fb2fa Add manager manpages to deb 2019-07-03 15:17:16 +02:00
Xavier
78a4bb4987 ContextSwitching: Check (expiration) errors (#1783) 2019-07-03 06:47:33 +02:00
Christophe Maudoux
5a53fee2db WIP - Improve log (#1783) 2019-07-03 00:09:14 +02:00
Christophe Maudoux
42bc5efdb3 Use skin rules in plugins (#1828) 2019-07-02 22:17:53 +02:00
Christophe Maudoux
9c62a04f22 Improve code (#1783) 2019-07-02 22:08:17 +02:00
Christophe Maudoux
12e0853b51 Improve log (#1783) 2019-07-02 21:33:32 +02:00
Xavier
3b7a70e0b7 Merge branch 'v2.0' (with new tidy) 2019-07-02 20:12:11 +02:00
Xavier Guimard
c1137edba8 make tidy with perltidy-20181120 2019-07-02 20:03:40 +02:00
Clément OUDOT
e04a6f1983 Reject none algorithm when checking JWT signature (#1835) 2019-07-02 16:36:43 +02:00
Xavier Guimard
af63d55c08 Merge branch 'v2.0' 2019-07-01 20:21:42 +02:00
Clément OUDOT
60c03010ce Use Base64URL for JWT generation (#1834) 2019-07-01 17:29:35 +02:00
Christophe Maudoux
b94cbe0144 Fix default value (#1825) 2019-07-01 13:28:01 +02:00
Christophe Maudoux
69d2a2db0c Fix default value (#1825) 2019-07-01 12:56:10 +02:00
Christophe Maudoux
a1f5791e06 Merge branch '1783' into v2.0 2019-06-30 19:00:41 +02:00
Xavier
1718efe6d5 Merge branch 'v2.0' 2019-06-30 09:37:15 +02:00
Christophe Maudoux
bcbea7bee0 Update version (#1825) 2019-06-29 21:48:52 +02:00
Christophe Maudoux
eda8151432 Don t mix && with and (#1825) 2019-06-29 21:35:13 +02:00
Christophe Maudoux
11d2909b0a WIP - Disable persistent sessions storage (#1825) 2019-06-29 21:10:16 +02:00
Christophe Maudoux
d97c36a97e Disable spoofed sessions (#1783) 2019-06-28 23:53:43 +02:00
Christophe Maudoux
897d04ac93 Merge branch 'v2.0' into 1783 2019-06-28 22:05:48 +02:00
Clément OUDOT
b0a69d3473 Use skin rules in 2F plugins (#1828) 2019-06-28 15:56:57 +02:00
Xavier
c921c295ed Use user skin in loadTemplate (Fixes: #1828) 2019-06-28 13:40:56 +02:00
Xavier Guimard
44a6e25851 Improve cryptographic functions (#1823) 2019-06-28 10:30:37 +02:00
Xavier
1a1ccd7568 Merge branch 'crypto-improvements' 2019-06-27 22:03:05 +02:00
Xavier
2fcaf52bcf Better random string generation (#1803) 2019-06-27 21:59:18 +02:00
Christophe Maudoux
bb39dca317 Append & update unit tests (#1783) 2019-06-27 21:54:14 +02:00
Christophe Maudoux
8ad895c3b8 Merge branch 'v2.0' into 1783 2019-06-27 21:11:56 +02:00
Xavier Guimard
264410409d Move CAS service verification from main to Issuer::CAS (#1795) 2019-06-27 16:55:12 +02:00
Maxime Besson
e1f927a195 Check service= parameter on CAS logout (#1795) 
service= redirect URL is not checked when logging out from CAS, to avoid
insecure redirect attacks. The verification is only made if CAS access
control is enabled.

In order for this to work in common cases (applications redirects to an
unprotected page after logout), we add CAS App domains to the list of
globally trusted domains.

If your application wants to redirect to a third-party domain, it needs
to be added to LLNG's trustedDomains
 2019-06-27 12:40:40 +02:00
Xavier Guimard
c7cb6594dd Fix bad merge 2019-06-27 10:24:44 +02:00
Xavier Guimard
72439d341f Merge branch 'v2.0' 2019-06-27 07:59:37 +02:00
Maxime Besson
5f9c4c231d Add authenticated routes to 2FA for session upgrade (#1822) 2019-06-26 23:33:00 +02:00
Xavier
3582cfb12b Don't keep pdata on upgrade (Fixes: #1821) 2019-06-26 21:47:01 +02:00
Xavier Guimard
e15a41bc66 Fix typo: s/templatesDir/templateDir/g (#1819) 2019-06-26 11:59:13 +02:00
Xavier Guimard
45a0b68c3b Disable external entities in XML parsers (Fixes: #1818) 2019-06-26 11:32:10 +02:00
Xavier
400b9eaab9 Revert "Better password generation (#1803)" 
This reverts commit b4ec8eaeeb.
 2019-06-26 06:19:07 +02:00
Christophe Maudoux
f11c34e9cd Cleaning code (#1783 & #1658) 2019-06-25 23:04:27 +02:00
Christophe Maudoux
f5587ac477 Improve code (#1783) 2019-06-25 22:01:20 +02:00
Xavier
b4ec8eaeeb Better password generation (Fixes: #1803) 2019-06-25 21:01:57 +02:00
Christophe Maudoux
0b567d6c15 Merge branch 'v2.0' into 1783 2019-06-25 20:23:48 +02:00
Christophe Maudoux
b9af5d1adc Use Id 2019-06-25 19:30:06 +02:00
Christophe Maudoux
7a97bc46c4 Improve code (#1783) 2019-06-25 19:28:05 +02:00
Xavier Guimard
3d1be3e7e5 Set negetive values for PE_PASSWORD_OK and PE_LOGOUT_OK (Fixes: #1816) 2019-06-25 17:38:08 +02:00
Xavier Guimard
1b4600b15c Merge branch 'v2.0' 2019-06-25 17:14:00 +02:00
Xavier Guimard
93ccb9fd76 Set Content-Length in Apache::Session::REST requests (#1813) 2019-06-25 09:37:37 +02:00
Xavier Guimard
ddde26fa1c Add searchOn() in Apache::Session::REST (#1813) 2019-06-25 09:18:58 +02:00
Christophe Maudoux
32cb9e3a8f Delete session (#1783) 2019-06-24 23:52:39 +02:00
Christophe Maudoux
266f2fdf02 Merge branch 'v2.0' into 1783 2019-06-24 23:36:54 +02:00
Christophe Maudoux
786e136754 Create session with ContextSwitching plugin (#1783) 2019-06-24 23:36:23 +02:00
Christophe Maudoux
28fd7ea0b8 Change log level (#1664) 2019-06-24 23:35:33 +02:00
Xavier
c5d6bc42b6 Add get_key_from_all_sessions in Apache::Session::REST (#1813) 2019-06-24 23:07:34 +02:00
Xavier
9df3d57bc9 In REST, PE_LOGOUT_OK must return 200 2019-06-24 23:06:15 +02:00
Christophe Maudoux
5efa6c111a Append log (#1783) 2019-06-23 22:56:05 +02:00
Christophe Maudoux
8d2367c6d7 Typo 2019-06-23 22:55:46 +02:00
Christophe Maudoux
e5f03f34d9 Append ContextSwitching plugin (#1783) 2019-06-23 22:19:40 +02:00
Christophe Maudoux
c24ff711a0 WIP - ContextSwitching (#1783) 2019-06-23 10:51:10 +02:00
Christophe Maudoux
bdc5007e43 Update sort condition (#1658) 2019-06-23 10:18:05 +02:00
Xavier
2e7b3c584a Fix LDAP Policy 2019-06-23 08:18:19 +02:00
Xavier
9e16e2b75c Merge branch 'v2.0' 2019-06-23 07:21:55 +02:00
Christophe Maudoux
dd94351f35 WIP - ContextSwitching (#1783) 2019-06-22 23:46:02 +02:00
Christophe Maudoux
8c47c913fe WIP - ContextSwitching (#1783) 2019-06-21 16:24:50 +02:00
Christophe Maudoux
b69ffc0ff8 WIP - ContextSwitching (#1783) 2019-06-21 15:23:06 +02:00
Christophe Maudoux
a2ebaf31b1 WIP - AdminImpersonation skeleton (#1783) 2019-06-19 18:13:17 +02:00
Christophe Maudoux
c4d4b482a5 Provide to plugins message display functions (#1796) 2019-06-18 22:00:03 +02:00
Christophe Maudoux
86b305d19b Typo (#1664) 2019-06-18 21:57:40 +02:00
Christophe Maudoux
9ac5834bfe Merge branch 'v2.0' 2019-06-17 22:42:28 +02:00