Christophe Maudoux
b869b59da7
Avoid assignment ( #2360 )
2020-10-30 12:55:39 +01:00
Christophe Maudoux
90c8c2ba86
Improve messages ( #2332 )
2020-10-16 23:27:06 +02:00
Christophe Maudoux
cd02b8023e
Fix warning ( #2332 )
2020-10-05 20:45:05 +02:00
Christophe Maudoux
352b97f681
Append option to modify 2FA during context switching ( #2338 )
2020-10-04 21:18:09 +02:00
Christophe Maudoux
da91097969
Improve fix ( #2332 )
2020-10-04 19:32:10 +02:00
Christophe Maudoux
a8343ac7be
Test authLevel before removing 2F device ( #2332 )
2020-10-04 19:29:31 +02:00
Christophe Maudoux
b573dbb789
Better fix and improve unit test ( #2337 )
2020-10-04 11:35:26 +02:00
Christophe Maudoux
cb0fed8e13
Prevent to update SFA if impersonation is in progress ( #2337 )
2020-10-03 11:58:49 +02:00
Clément OUDOT
6cccea0e46
First version of adaptative authentication level plugin ( #2336 )
2020-10-02 15:05:15 +02:00
Maxime Besson
f9c7d0bdf7
saml proxy logout: Delay info until we return from idp ( #2262 )
2020-09-08 17:25:11 +02:00
Christophe Maudoux
059b2b13f1
Merge branch 'v2.0' into 2266
2020-09-07 18:56:37 +02:00
Xavier Guimard
c8df084247
Update versions
2020-09-04 17:59:00 +02:00
Maxime Besson
66c68f6056
Merge branch 'feature-delayed-2fa-2124' into 'v2.0'
...
Delay 2FA until required by an application
See merge request lemonldap-ng/lemonldap-ng!147
2020-09-04 17:40:46 +02:00
Maxime Besson
f9cdb5497a
Only clean _url part of pdata when redirecting to issuer (#1878,#2124)
2020-09-04 17:17:04 +02:00
Maxime Besson
eb191be72e
Add error message when no sf available during upgrade ( #2124 )
2020-09-04 17:17:02 +02:00
Maxime Besson
f69babadef
Differentiate renew and upgrade in Upgrade plugin ( #2124 )
2020-09-04 17:16:11 +02:00
Maxime Besson
1cf1990fe2
Add portal code for session upgrade
2020-09-04 17:15:34 +02:00
Maxime Besson
ef6b8587ee
Remember target authlevel in handler ( #2124 )
2020-09-04 17:14:05 +02:00
Clément OUDOT
828ecd7bfb
Show password form with change password after reset ( #2307 )
2020-09-04 16:14:17 +02:00
Christophe Maudoux
01beb5d48b
Allow all special chars ( #2266 )
2020-08-29 22:12:09 +02:00
Christophe Maudoux
e84b29aca4
Display special chars password policy with expired password form ( #2289 )
2020-08-24 22:43:15 +02:00
Maxime Besson
4497f39efe
Factor psession id calculation into Common
2020-08-17 18:43:29 +02:00
Maxime Besson
26cd1945fb
Try to compute the correct value of SameSite by default ( #2281 )
2020-08-17 18:05:09 +02:00
Maxime Besson
7a02fdf8e5
rollback caa346d075
( #2179 )
...
No longer needed since #2261
2020-08-12 09:49:14 +02:00
Maxime Besson
9d9e16e3f9
Remove setAuthSessionInfo from refresh process ( #2261 )
2020-08-12 09:49:14 +02:00
Maxime Besson
9aa3b9b03f
Add correct secure flag to pdata cookie ( #2272 )
2020-08-10 12:10:33 +02:00
Maxime Besson
a96820d6f6
Set secure flag when removing cookie ( #2272 )
2020-08-10 12:10:33 +02:00
Maxime Besson
5df1850847
Add cache-control headers to sendJSONresponse ( #2234 )
2020-06-24 15:49:50 +02:00
Maxime Besson
33a5496e55
Fix regression in #2085 ( #2224 )
...
Clearing all hidden form values was a mistake as it breaks SAML when the
redirection URL contains a query string. We should keep existing hidden
fields. In the context of OIDC request, we clear them before redirection
to avoid #2085
2020-05-29 15:51:51 +02:00
Christophe Maudoux
bb9e03d1e5
Tidy
2020-05-24 00:04:33 +02:00
Christophe Maudoux
9bf915b5dc
Fix unit tests & Version
2020-05-08 23:03:16 +02:00
Xavier Guimard
6caf88a174
Better warning fix
2020-05-04 16:42:41 +02:00
Xavier Guimard
5d10695a79
Fix warning
2020-05-04 16:40:57 +02:00
Maxime Besson
9464bd2503
Merge branch 'fix-oidc-consent-2fa-2142' into 'v2.0'
...
Fix #2142
See merge request lemonldap-ng/lemonldap-ng!135
2020-05-04 16:00:35 +02:00
Xavier Guimard
317bfcd97d
Clean all issuer when issuerTs expires ( fixes : #2186 )
2020-05-04 15:42:25 +02:00
Christophe Maudoux
7014327232
Append an option to display sfManager link ( #2185 )
2020-04-30 20:50:10 +02:00
Xavier Guimard
d801070a8f
Clean also pdata in Main::Issuer::_redirect() ("1939) and add @maxbes test
2020-04-30 12:56:28 +02:00
Christophe Maudoux
dc672c2d1f
Force FF to submit forms ( #2158 )
2020-04-30 12:43:06 +02:00
Christophe Maudoux
bd28760bd7
Change plugins loading order ( #2180 )
2020-04-29 19:36:18 +02:00
Christophe Maudoux
763eb04b4b
Update tree ( #2178 )
2020-04-27 20:39:02 +02:00
Christophe Maudoux
caa346d075
Restore previous authentication level ( #2179 )
2020-04-27 18:20:23 +02:00
Maxime Besson
7e502af391
Add option to remove "Refresh my rights" from menu
2020-04-27 17:19:41 +02:00
Clément OUDOT
a97041f8cd
Fix test for Issuer timeout ( #1939 )
2020-04-27 14:40:45 +02:00
Xavier Guimard
dff45f5456
Fix tytpe ( #1939 )
2020-04-27 10:31:03 +02:00
Xavier Guimard
c868cb431f
Add pdata timeout for issuers ( #1939 )
2020-04-26 09:31:38 +02:00
Maxime Besson
37f71a43b5
create helper function to display portal error code
2020-04-23 17:49:25 +02:00
Xavier Guimard
0baf014e6b
Revert "Fix part of circular links (related to #1990 )"
...
This reverts commit c9e7f3a1b0
.
2020-04-23 12:00:51 +02:00
Xavier Guimard
24c1a2e90a
Restore default route ( #1990 )
2020-04-22 22:09:15 +02:00
Xavier Guimard
d5da0362fd
Fix #1990
2020-04-22 21:46:59 +02:00
Christophe Maudoux
a74b5acafa
Merge branch 'fix-oidc-info-2085' into 'v2.0'
...
Fix OIDC info before redirect (#2085 )
See merge request lemonldap-ng/lemonldap-ng!134
2020-04-22 18:17:58 +02:00
Christophe Maudoux
df9beb25f2
Merge branch 'fix-2081' into 'v2.0'
...
Fix #2081 by detecting external URL
See merge request lemonldap-ng/lemonldap-ng!138
2020-04-22 17:58:26 +02:00
Xavier Guimard
1f80a0ab8c
Avoid little warning in test
2020-04-22 15:37:19 +02:00
Xavier Guimard
c9e7f3a1b0
Fix part of circular links (related to #1990 )
2020-04-22 14:13:14 +02:00
Maxime Besson
ecbcc0b6b6
Fix #2081 by detecting external URL
2020-04-22 11:25:06 +02:00
Maxime Besson
0983c66139
Portal: add helper method to build a rule from a string
2020-04-22 11:02:59 +02:00
Maxime Besson
b8d72e21b4
fix display of deleted sessions ( #2159 )
2020-04-21 10:18:50 +02:00
Christophe Maudoux
478d205f07
Code refactoring & Tidy ( #2138 )
2020-04-17 20:00:36 +02:00
dcoutadeur dcoutadeur
2c6df4dfc0
Merge branch 'logoutforward' into 'v2.0'
...
fix #2138 logout forward doesn't work anymore
See merge request lemonldap-ng/lemonldap-ng!136
2020-04-17 17:56:48 +02:00
dcoutadeur
c984bb8b4a
fix CAS logoutServices (see #2138 logout forward doesn't work anymore)
2020-04-17 17:36:43 +02:00
dcoutadeur
17e56da82b
cleaner solution for #2138 logout forward doesn't work anymore
2020-04-17 16:26:40 +02:00
dcoutadeur
cd15ac7a67
fix #2138 logout forward doesn't work anymore
2020-04-16 17:27:14 +02:00
Maxime Besson
8c94bf0f13
Allow portal JSON responses to include a rendered HTML error block ( #2110 )
2020-04-15 18:42:31 +02:00
Maxime Besson
e1767abfda
CORS: special handling for AJAX SSL ( #2110 )
2020-04-15 18:42:31 +02:00
Maxime Besson
2440fc7866
use sendJSONresponse instead of handcrafting portal response
2020-04-15 18:42:31 +02:00
Maxime Besson
4bcb391121
Add an easy way to set level of additional second factors ( #2149 )
2020-04-15 17:20:27 +02:00
Maxime Besson
755a5c3a6b
post confirm to issuer url after restoring ( #2142 )
2020-04-14 21:46:30 +02:00
Maxime Besson
b512cc700c
Replace hidden form values on info when urldc has a QS ( #2085 )
2020-04-14 18:48:35 +02:00
Christophe Maudoux
13bb55a818
Append an option to define apps tooltip & Improve unit test ( #2140 )
2020-04-08 22:40:28 +02:00
Christophe Maudoux
202a500c3e
Tidy
2020-04-07 11:47:32 +02:00
Christophe Maudoux
0fb0bd1d07
Code refactoring ( #2129 )
2020-04-07 11:39:32 +02:00
Christophe Maudoux
9e84447d2d
Fix update session ( #2129 )
2020-04-06 23:28:01 +02:00
Christophe Maudoux
e68d5ed2c8
Revert "Fix update session ( #2129 )"
...
This reverts commit 1c65c72a62
.
2020-04-06 19:35:29 +02:00
Christophe Maudoux
1c65c72a62
Fix update session ( #2129 )
2020-04-06 19:24:50 +02:00
Christophe Maudoux
d53cddae39
Better fix & De-duplicate groups ( #2129 )
2020-04-06 19:05:50 +02:00
Clément OUDOT
c87a36e3ca
Do not run setGroups after 2FA ( #2129 )
2020-04-06 18:36:51 +02:00
Christophe Maudoux
37a9360625
Append PPolicyNone message & Unit test & Update manifest
2020-04-05 12:19:05 +02:00
Christophe Maudoux
d6d9d6031d
Append debug log ( #1796 )
2020-04-03 18:56:11 +02:00
Christophe Maudoux
f469180663
Improve unit test ' #2130 )
2020-04-03 00:21:15 +02:00
Christophe Maudoux
6382c35cd4
Update PP display ( #2130 )
2020-04-02 13:30:22 +02:00
Christophe Maudoux
71ba189edc
Append special characters password policy ( #2130 )
2020-04-02 12:14:05 +02:00
Christophe Maudoux
2a34d1ae8c
Update sessionInfo if second factor succeeds & Improve unit tests ( #2129 )
2020-04-01 15:43:46 +02:00
Clément OUDOT
9620e6870a
Possibility to preselect choice tab ( #2115 )
2020-03-11 11:46:14 +01:00
Christophe Maudoux
c9b2eff039
More explicit error message ( #2108 )
2020-03-05 22:14:02 +01:00
Christophe Maudoux
903d3540e4
Show lang flags with redirect template
2020-03-02 14:30:58 +01:00
Christophe Maudoux
a4a73ca907
Don t prompt second factor after a failed log in attempt ( #2088 )
2020-02-27 14:49:27 +01:00
Christophe Maudoux
e89c017ff6
Increase lock time after each failed login attempt ( #2088 )
2020-02-24 22:20:40 +01:00
Christophe Maudoux
18b43cacfc
Avoid unprotected urldc host with wildcard-protected hosts ( #2101 )
2020-02-22 00:13:52 +01:00
Clément OUDOT
53263c7f10
Remove references to keepPdata = 1 in code ( #2099 )
2020-02-21 09:29:10 +01:00
Xavier Guimard
4459a47f76
Tidy
2020-02-20 23:37:05 +01:00
Xavier Guimard
a76cba3856
Update versions
2020-02-20 23:37:01 +01:00
Maxime Besson
47068c51b8
Revert "Prevent portal from crashing when keepPdata=1 ( #1893 )"
...
This reverts commit 2b4defb2a9
and
implements a fix "at the source" instead. Should fix #2099 .
2020-02-20 22:24:26 +01:00
Christophe Maudoux
57b546d112
Fix lmConfigEditor logger error ( #2059 )
2020-02-16 12:58:12 +01:00
Christophe Maudoux
8129d76d63
Improve code
2020-02-13 23:27:13 +01:00
Christophe Maudoux
2f04ffcc4a
WIP - Notifications explorer ( #2071 )
2020-02-09 17:47:25 +01:00
Christophe Maudoux
dd9e849b3e
Don t send params with GET method ( #2081 )
2020-02-07 21:39:58 +01:00
Maxime Besson
68be974e51
Add option to compute userdb groups before macros ( #1877 )
2020-02-05 15:39:45 +01:00
Maxime Besson
f997a26e41
Fix form method when displaying info in autoPost ( #2080 )
2020-01-30 20:43:04 +01:00
Clément OUDOT
faa65c4abf
Options to add a custom CSS file ( #2076 )
2020-01-28 15:14:24 +01:00
Maxime Besson
5149ba8118
Make debug message less confusing when portal status is <0
2020-01-23 20:37:18 +01:00
Christophe Maudoux
8279733fbd
Update Process.pm
...
Typo
2020-01-22 12:39:02 +01:00
Xavier Guimard
f3f97ccb80
Add sameSite parameter ( #2069 )
2020-01-20 06:21:09 +01:00
Christophe Maudoux
0408ce80b8
Better better fix ( #2061 )
2020-01-19 18:06:56 +01:00
Xavier Guimard
0fa90c5efe
Avoid double encode_base64 call ( #2061 )
2020-01-18 22:25:48 +01:00
Christophe Maudoux
32d7f46b1a
Better fix ( #2061 )
2020-01-18 18:58:42 +01:00
Christophe Maudoux
fd2a9ce226
Append info log msg ( #2061 )
2020-01-17 22:27:03 +01:00
Christophe Maudoux
138ef363d4
Force cleaning pdata cookie if redirect url match _url & Improve unit test ( #2061 )
2020-01-17 22:17:02 +01:00
Christophe Maudoux
6f31d98710
Revert "Force cleaning pdata cookie if redirect url match _url & Improve unit test ( #2063 )"
...
This reverts commit 965678dde2
.
2020-01-17 22:16:44 +01:00
Christophe Maudoux
965678dde2
Force cleaning pdata cookie if redirect url match _url & Improve unit test ( #2063 )
2020-01-17 22:10:06 +01:00
Christophe Maudoux
583bbbe285
Append CSP frame-ancestors option & Improve unit test ( #2068 )
2020-01-15 16:09:57 +01:00
Christophe Maudoux
b28a9d148e
Modify log level
2020-01-08 23:06:49 +01:00
Christophe Maudoux
f37c2399b1
Update sessionInfo during auth process with 2FA
2020-01-04 13:36:21 +01:00
Xavier Guimard
43245bbf36
Fix warnings
2020-01-04 08:21:38 +01:00
Christophe Maudoux
a48daee305
Update sessionInfo during auth process
2020-01-03 23:39:57 +01:00
Christophe Maudoux
0f591496b4
Update sessionInfo during auth process to improve handler in-memory sessions security & Improve unit tests
2020-01-03 20:07:36 +01:00
Christophe Maudoux
f8046dd716
Update sessionInfo during auth process & Improve unit tests
2020-01-03 12:36:35 +01:00
Christophe Maudoux
1988983c90
Typo
2019-12-31 17:14:44 +01:00
Xavier Guimard
3317ab9fb1
Fix...
2019-12-25 13:30:54 +01:00
Xavier Guimard
d069f32438
Fix bad export
2019-12-25 13:11:58 +01:00
Christophe Maudoux
2954ea2abc
Disable compactConf by default & Update unit tests ( #2046 )
2019-12-22 13:06:10 +01:00
Clément OUDOT
458d353af8
Merge branch 'v2.0' into dcoutadeur/lemonldap-ng-certificate-reset
2019-12-21 16:19:49 +01:00
Clément OUDOT
983af4dec1
make json ( #1605 )
2019-12-21 16:13:32 +01:00
dcoutadeur
a465a5d768
Reset Certificate module for v2.0.7 ( #1605 )
2019-12-19 19:10:32 +01:00
Clément OUDOT
3831b81255
Adapt log message in refresh ( #2005 )
2019-12-19 18:11:33 +01:00
Christophe Maudoux
c21ab76900
Better fix ( #2005 )
2019-12-15 12:54:28 +01:00
Christophe Maudoux
e4c5a9d723
Fix #2005 & improve unit test
2019-12-14 17:40:23 +01:00
Clément OUDOT
757399fa61
Catch PE_BADCREDENTIALS error in Combination display process ( #2009 )
2019-12-13 11:15:05 +01:00
Xavier
d01cfe94df
Refresh plugin skeleton ( #2006 )
2019-12-08 17:19:50 +01:00
Christophe Maudoux
15711c642e
Merge branch 'v2.0' into globalLogout
2019-11-15 21:49:56 +01:00
Maxime Besson
bedcf20806
Change portal error code on 2F failure ( #2008 )
2019-11-15 11:19:08 +01:00
Christophe Maudoux
297ef8cd8c
Merge branch 'v2.0' into globalLogout
2019-11-12 22:17:09 +01:00
Christophe Maudoux
603293411b
Use userData instead of sessionInfo to fix ContectSwitching debug log
2019-11-12 10:00:11 +01:00
Christophe Maudoux
80a1e4bf57
WIP - Append GlobalLogout plugin ( #1999 )
2019-11-11 22:33:30 +01:00
Christophe Maudoux
c01c26af6a
Append option to override Issuer OTT storage ( #1993 )
2019-10-31 11:40:33 +01:00
Maxime Besson
5b2f3ca576
Merge branch 'remove-saml-idp-cookie-1941' into 'v2.0'
...
Remove SAML IDP cookie (#1941 )
See merge request lemonldap-ng/lemonldap-ng!99
2019-10-30 16:01:11 +01:00
Clément OUDOT
fb74d03a89
Use whatToTrace for logging messages ( #1991 )
2019-10-29 17:28:55 +01:00
Maxime Besson
ed3e274ab1
Fix force password reset in Combination ( #1984 )
2019-10-24 08:58:04 +02:00
Maxime Besson
4afecb4620
Remove IDP cookie ( #1941 )
2019-10-17 23:09:03 +02:00
Christophe Maudoux
0ca649f106
Use custom decrypt functions ( #1956 )
2019-10-13 15:08:32 +02:00
Maxime Besson
2b4defb2a9
Prevent portal from crashing when keepPdata=1 ( #1893 )
...
Since the changes introduced to fix #1893 , keepPdata is expected to
contain an array of values.
When migrating from previous LLNG versions, cookies may contain
keepPdata=1, which crashes the server because 1 isn't an arrayref
This change makes LLNG consider that keepPdata=1 is not a valid value,
and replaces it with an empty arrayref when starting the login or logout
flow.
2019-10-09 17:35:48 +02:00
Maxime Besson
2bce713f65
Set issuer urldc in pdata ( #1893 )
2019-10-08 22:40:10 +02:00
Maxime Besson
3ee708d8ff
Delay cookie restore after hooks ( #1965 )
2019-10-07 17:26:40 +02:00
Christophe Maudoux
138cfe6edb
Append DecryptValue plugin ( #1956 )
2019-09-30 22:29:49 +02:00
Christophe Maudoux
a219a51e1c
Revert "Make manifest"
...
This reverts commit c00110ed01
.
2019-09-30 22:28:55 +02:00
Christophe Maudoux
c00110ed01
Make manifest
2019-09-30 22:26:55 +02:00
Christophe Maudoux
b505d3a475
Typo
2019-09-30 19:10:05 +02:00
Xavier
461cd51e45
Try to fix #1785 without breaking pdata
2019-09-29 23:04:17 +02:00
Christophe Maudoux
2095fdf316
Improve log ( #1702 )
2019-09-18 19:59:35 +02:00
Clément OUDOT
ce6f6c3977
Get login to use it in password force change form ( #1910 )
2019-09-18 15:55:13 +02:00
Maxime Besson
98f55fd384
Translate the error code displayed in debug logs
2019-09-17 20:17:57 +02:00
Maxime Besson
c94e2534a9
Send CORS headers when doing JSON responses too ( #1765 )
2019-09-16 16:55:15 +02:00
Maxime Besson
e281ad7cc3
Add support for CORS preflight ( #1765 )
2019-09-16 16:55:15 +02:00
Christophe Maudoux
9c01c46fea
Typo ( #1932 )
2019-09-14 23:37:50 +02:00
Christophe Maudoux
dd66f37739
Return httpSession id if exists ( #1932 )
2019-09-14 22:47:11 +02:00
Xavier
e50e7d09d1
Update version of (really) modified files
2019-09-12 21:56:49 +02:00
Christophe Maudoux
4287c39f5b
typo
2019-09-11 16:20:28 +02:00
Christophe Maudoux
132f42d44c
Forbid browsers to store users password & Improve unit tests ( #1913 )
2019-09-08 19:28:28 +02:00
Maxime Besson
00e91f374b
Add specific error code when missing a required SAML attr ( #1919 )
...
The MISSINGREQATTR message is a good default value, but a site
administrator may decide to override it with a personnalized version
that only applies to issuer errors caused by an incomplete user profile
(for example, giving a pointer to the local user profile management
application)
2019-09-06 11:04:39 +02:00
Clément OUDOT
068ffbe604
Define portalDisplayPasswordPolicy parameter in Manager ( #993 )
2019-09-05 13:02:51 +02:00
Clément OUDOT
b44c13ba2f
Display password policy in password change form ( #993 )
2019-09-05 12:46:32 +02:00
Christophe Maudoux
3e9a424090
Update version ( #1916 )
2019-09-03 22:57:51 +02:00
Christophe Maudoux
56ed8a5724
Append issuersTimeout option ( #1916 )
2019-09-03 22:52:07 +02:00
Clément OUDOT
177f446f25
Display main logo in redirect page ( #1906 )
2019-08-29 19:29:27 +02:00
Xavier Guimard
ae6e69667a
Fix warning
2019-08-29 10:49:01 +02:00
Xavier
1f2f0240f0
Love Perl ( #1863 )
...
TIMTOWTDI
2019-08-28 00:36:18 +02:00
Maxime Besson
810d2c7f94
Disable template cache to avoid translation issues in mail ( #1897 )
2019-08-27 23:13:36 +02:00
Xavier Guimard
323d92fa1b
Don't load Data::Dumper unless debug
2019-08-27 10:10:11 +02:00
Christophe Maudoux
ec59cc164c
Catch error earlier in process ( #1867 )
2019-08-24 23:26:42 +02:00
Xavier
097183f2b3
Fix warning
2019-08-16 09:10:10 +02:00
Christophe Maudoux
7502e424e3
Revert "Concatenate pdata and lemon cookies in the same set-cookie header ( #1863 )"
...
This reverts commit c3a01c042c
2019-08-13 10:16:31 +02:00
Christophe Maudoux
c3a01c042c
Concatenate pdata and lemon cookies in the same set-cookie header ( #1863 )
2019-08-12 23:52:33 +02:00
Christophe Maudoux
3891c9caec
Fix log level & improve e2e ini file ( #1878 )
2019-08-12 22:20:22 +02:00
Christophe Maudoux
f8ef2797a8
Update manifest
2019-08-12 21:36:55 +02:00
Christophe Maudoux
d7cb8bf4b8
Force remove pdata cookie to avoid loop ( #1878 )
2019-08-12 21:29:08 +02:00
Christophe Maudoux
c1736f7f82
Catch error if setSecurity is undefined ( #1874 )
2019-08-04 12:08:34 +02:00
Christophe Maudoux
1422c28c0b
Improve fix & unit test ( #1874 )
2019-08-03 23:49:02 +02:00
Christophe Maudoux
6cf1c83151
Fix & Improve unit test ( #1874 )
2019-08-03 22:48:07 +02:00
Maxime Besson
c1afdbefac
Add labels and logos to all 2F providers ( #1873 )
2019-08-01 17:27:14 +02:00
Xavier
88f75c42ed
Set pdata domain also when removing cookie ( #1829 )
2019-07-05 06:43:11 +02:00
Christophe Maudoux
6a579644f8
Fix warning ( #1842 )
2019-07-04 23:20:11 +02:00
Christophe Maudoux
2016abd2ee
Send pdata cookie to cross domain ( #1829 )
2019-07-04 21:49:28 +02:00
Xavier
9cdfd4c9a6
Add notice when user is connected
2019-07-04 21:22:06 +02:00
Xavier
d4fedbdfcf
Duplicate log rules in Plugin manpage
2019-07-04 07:09:39 +02:00
Xavier Guimard
c1137edba8
make tidy with perltidy-20181120
2019-07-02 20:03:40 +02:00
Christophe Maudoux
b94cbe0144
Fix default value ( #1825 )
2019-07-01 13:28:01 +02:00
Christophe Maudoux
69d2a2db0c
Fix default value ( #1825 )
2019-07-01 12:56:10 +02:00
Christophe Maudoux
a1f5791e06
Merge branch '1783' into v2.0
2019-06-30 19:00:41 +02:00
Christophe Maudoux
bcbea7bee0
Update version ( #1825 )
2019-06-29 21:48:52 +02:00
Christophe Maudoux
eda8151432
Don t mix && with and ( #1825 )
2019-06-29 21:35:13 +02:00
Christophe Maudoux
11d2909b0a
WIP - Disable persistent sessions storage ( #1825 )
2019-06-29 21:10:16 +02:00
Christophe Maudoux
897d04ac93
Merge branch 'v2.0' into 1783
2019-06-28 22:05:48 +02:00
Xavier
c921c295ed
Use user skin in loadTemplate ( Fixes : #1828 )
2019-06-28 13:40:56 +02:00
Christophe Maudoux
8ad895c3b8
Merge branch 'v2.0' into 1783
2019-06-27 21:11:56 +02:00
Xavier Guimard
264410409d
Move CAS service verification from main to Issuer::CAS ( #1795 )
2019-06-27 16:55:12 +02:00
Maxime Besson
e1f927a195
Check service= parameter on CAS logout ( #1795 )
...
service= redirect URL is not checked when logging out from CAS, to avoid
insecure redirect attacks. The verification is only made if CAS access
control is enabled.
In order for this to work in common cases (applications redirects to an
unprotected page after logout), we add CAS App domains to the list of
globally trusted domains.
If your application wants to redirect to a third-party domain, it needs
to be added to LLNG's trustedDomains
2019-06-27 12:40:40 +02:00
Maxime Besson
5f9c4c231d
Add authenticated routes to 2FA for session upgrade ( #1822 )
2019-06-26 23:33:00 +02:00
Xavier Guimard
e15a41bc66
Fix typo: s/templatesDir/templateDir/g ( #1819 )
2019-06-26 11:59:13 +02:00
Christophe Maudoux
0b567d6c15
Merge branch 'v2.0' into 1783
2019-06-25 20:23:48 +02:00
Christophe Maudoux
b9af5d1adc
Use Id
2019-06-25 19:30:06 +02:00
Christophe Maudoux
266f2fdf02
Merge branch 'v2.0' into 1783
2019-06-24 23:36:54 +02:00
Xavier
9df3d57bc9
In REST, PE_LOGOUT_OK must return 200
2019-06-24 23:06:15 +02:00