Xavier
82c25b4e2e
Don't use more test threads than make wants
2019-07-02 23:22:29 +02:00
Xavier
6f365c9e43
Parallelize common/portal tests
2019-07-02 22:06:37 +02:00
Xavier
3b7a70e0b7
Merge branch 'v2.0' (with new tidy)
2019-07-02 20:12:11 +02:00
Xavier Guimard
c1137edba8
make tidy with perltidy-20181120
2019-07-02 20:03:40 +02:00
Clément OUDOT
26c107cddb
Add unit test ( #1835 )
2019-07-02 17:47:27 +02:00
Clément OUDOT
7c7dad9ab6
Enforce ID token signature verification in unit test ( #1835 )
2019-07-02 17:27:17 +02:00
Clément OUDOT
e04a6f1983
Reject none algorithm when checking JWT signature ( #1835 )
2019-07-02 16:36:43 +02:00
Xavier Guimard
f370255c3a
Fix Perl dependencies (see RT#129960)
2019-07-02 08:56:12 +02:00
Xavier
891f926196
Trailing whitespaces
2019-07-01 21:30:03 +02:00
Xavier Guimard
af63d55c08
Merge branch 'v2.0'
2019-07-01 20:21:42 +02:00
Clément OUDOT
60c03010ce
Use Base64URL for JWT generation ( #1834 )
2019-07-01 17:29:35 +02:00
Xavier Guimard
360db2b5d5
Update manifest
2019-07-01 16:15:25 +02:00
Christophe Maudoux
b94cbe0144
Fix default value ( #1825 )
2019-07-01 13:28:01 +02:00
Christophe Maudoux
69d2a2db0c
Fix default value ( #1825 )
2019-07-01 12:56:10 +02:00
Christophe Maudoux
a1f5791e06
Merge branch '1783' into v2.0
2019-06-30 19:00:41 +02:00
Xavier
1718efe6d5
Merge branch 'v2.0'
2019-06-30 09:37:15 +02:00
Christophe Maudoux
bcbea7bee0
Update version ( #1825 )
2019-06-29 21:48:52 +02:00
Christophe Maudoux
eda8151432
Don t mix && with and ( #1825 )
2019-06-29 21:35:13 +02:00
Christophe Maudoux
5054f5ac95
Append unit test ( #1825 )
2019-06-29 21:13:08 +02:00
Christophe Maudoux
11d2909b0a
WIP - Disable persistent sessions storage ( #1825 )
2019-06-29 21:10:16 +02:00
Christophe Maudoux
acd6e5513c
Improve unit test ( #1783 )
2019-06-29 00:16:37 +02:00
Christophe Maudoux
d97c36a97e
Disable spoofed sessions ( #1783 )
2019-06-28 23:53:43 +02:00
Christophe Maudoux
897d04ac93
Merge branch 'v2.0' into 1783
2019-06-28 22:05:48 +02:00
Xavier Guimard
43d5139040
Update versions
2019-06-28 17:04:14 +02:00
Xavier Guimard
f59caf3ea1
Merge branch 'ssl-button-race-fix' into 'v2.0'
...
Avoid race when clicking the login button in SSL form (#1826 )
See merge request lemonldap-ng/lemonldap-ng!82
2019-06-28 16:56:46 +02:00
Clément OUDOT
b0a69d3473
Use skin rules in 2F plugins ( #1828 )
2019-06-28 15:56:57 +02:00
Xavier Guimard
8b7ce08587
Merge branch 'v2.0'
2019-06-28 14:35:30 +02:00
Xavier
c921c295ed
Use user skin in loadTemplate ( Fixes : #1828 )
2019-06-28 13:40:56 +02:00
Christophe Maudoux
87329a26a1
Make manifest
2019-06-28 11:22:23 +02:00
Xavier Guimard
44a6e25851
Improve cryptographic functions ( #1823 )
2019-06-28 10:30:37 +02:00
Xavier
1a1ccd7568
Merge branch 'crypto-improvements'
2019-06-27 22:03:05 +02:00
Christophe Maudoux
6519695797
Tidy ( #1783 )
2019-06-27 22:02:11 +02:00
Xavier
2fcaf52bcf
Better random string generation ( #1803 )
2019-06-27 21:59:18 +02:00
Christophe Maudoux
bb39dca317
Append & update unit tests ( #1783 )
2019-06-27 21:54:14 +02:00
Christophe Maudoux
6510f854c8
Append unit test ( #1783 )
2019-06-27 21:13:10 +02:00
Christophe Maudoux
8ad895c3b8
Merge branch 'v2.0' into 1783
2019-06-27 21:11:56 +02:00
Xavier Guimard
cc8c5e057e
Use IV for *cryptHex methods
2019-06-27 19:36:01 +02:00
Maxime Besson
a7c7c51bba
Avoid race when clicking the login button in SSL form ( #1826 )
2019-06-27 17:05:29 +02:00
Xavier Guimard
264410409d
Move CAS service verification from main to Issuer::CAS ( #1795 )
2019-06-27 16:55:12 +02:00
Maxime Besson
e1f927a195
Check service= parameter on CAS logout ( #1795 )
...
service= redirect URL is not checked when logging out from CAS, to avoid
insecure redirect attacks. The verification is only made if CAS access
control is enabled.
In order for this to work in common cases (applications redirects to an
unprotected page after logout), we add CAS App domains to the list of
globally trusted domains.
If your application wants to redirect to a third-party domain, it needs
to be added to LLNG's trustedDomains
2019-06-27 12:40:40 +02:00
Xavier Guimard
c7cb6594dd
Fix bad merge
2019-06-27 10:24:44 +02:00
Xavier Guimard
72439d341f
Merge branch 'v2.0'
2019-06-27 07:59:37 +02:00
Maxime Besson
5f9c4c231d
Add authenticated routes to 2FA for session upgrade ( #1822 )
2019-06-26 23:33:00 +02:00
Maxime Besson
98650cd9f0
Add unit test for #1821
2019-06-26 22:13:12 +02:00
Xavier
3582cfb12b
Don't keep pdata on upgrade ( Fixes : #1821 )
2019-06-26 21:47:01 +02:00
Xavier Guimard
a42c5f9f71
Clean tests ( #1819 )
2019-06-26 13:17:26 +02:00
Xavier Guimard
e15a41bc66
Fix typo: s/templatesDir/templateDir/g ( #1819 )
2019-06-26 11:59:13 +02:00
Xavier Guimard
45a0b68c3b
Disable external entities in XML parsers ( Fixes : #1818 )
2019-06-26 11:32:10 +02:00
Xavier
400b9eaab9
Revert "Better password generation ( #1803 )"
...
This reverts commit b4ec8eaeeb
.
2019-06-26 06:19:07 +02:00
Christophe Maudoux
f11c34e9cd
Cleaning code ( #1783 & #1658 )
2019-06-25 23:04:27 +02:00