dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8,874 Commits 3 Branches 0 Tags 75 MiB
87329a26a1
Commit Graph

3162 Commits

Author SHA1 Message Date
Christophe Maudoux
87329a26a1 Make manifest 2019-06-28 11:22:23 +02:00
Xavier Guimard
44a6e25851 Improve cryptographic functions (#1823) 2019-06-28 10:30:37 +02:00
Xavier Guimard
264410409d Move CAS service verification from main to Issuer::CAS (#1795) 2019-06-27 16:55:12 +02:00
Maxime Besson
e1f927a195 Check service= parameter on CAS logout (#1795) 
service= redirect URL is not checked when logging out from CAS, to avoid
insecure redirect attacks. The verification is only made if CAS access
control is enabled.

In order for this to work in common cases (applications redirects to an
unprotected page after logout), we add CAS App domains to the list of
globally trusted domains.

If your application wants to redirect to a third-party domain, it needs
to be added to LLNG's trustedDomains
 2019-06-27 12:40:40 +02:00
Maxime Besson
5f9c4c231d Add authenticated routes to 2FA for session upgrade (#1822) 2019-06-26 23:33:00 +02:00
Maxime Besson
98650cd9f0 Add unit test for #1821 2019-06-26 22:13:12 +02:00
Xavier
3582cfb12b Don't keep pdata on upgrade (Fixes: #1821) 2019-06-26 21:47:01 +02:00
Xavier Guimard
a42c5f9f71 Clean tests (#1819) 2019-06-26 13:17:26 +02:00
Xavier Guimard
e15a41bc66 Fix typo: s/templatesDir/templateDir/g (#1819) 2019-06-26 11:59:13 +02:00
Xavier Guimard
45a0b68c3b Disable external entities in XML parsers (Fixes: #1818) 2019-06-26 11:32:10 +02:00
Christophe Maudoux
b9af5d1adc Use Id 2019-06-25 19:30:06 +02:00
Christophe Maudoux
13ed1589e4 Update lang 2019-06-25 19:03:04 +02:00
Xavier Guimard
e91f6df254 Fix test count (#1813) 2019-06-25 10:00:46 +02:00
Xavier Guimard
390ccb4f5b Fix Apache::Session::REST::get_key_from_all_sessions when using CODE (#1813) 2019-06-25 09:48:15 +02:00
Xavier Guimard
93ccb9fd76 Set Content-Length in Apache::Session::REST requests (#1813) 2019-06-25 09:37:37 +02:00
Xavier Guimard
ddde26fa1c Add searchOn() in Apache::Session::REST (#1813) 2019-06-25 09:18:58 +02:00
Xavier
c5d6bc42b6 Add get_key_from_all_sessions in Apache::Session::REST (#1813) 2019-06-24 23:07:34 +02:00
Xavier
9df3d57bc9 In REST, PE_LOGOUT_OK must return 200 2019-06-24 23:06:15 +02:00
Xavier Guimard
1c17c6b077 Update portal JS 2019-06-24 11:38:00 +02:00
Xavier
750eaafe65 Fix test rule to hide some warnings 2019-06-20 21:48:13 +02:00
Xavier
38bb0cedf6 Typo 2019-06-20 21:27:49 +02:00
Xavier
8bd2a6c244 Prove that sessionInfo() is launched by each UserDB in combination (#1809) 2019-06-20 21:17:29 +02:00
Xavier
2d5b38fb95 Fix LDAP schema path for Debian. This permits to enable LDAP tests during build 2019-06-19 09:22:44 +02:00
Xavier
05f2dc6993 Fix t/28-AuthChoice-and-password.t 2019-06-19 09:14:03 +02:00
Christophe Maudoux
c4d4b482a5 Provide to plugins message display functions (#1796) 2019-06-18 22:00:03 +02:00
Christophe Maudoux
86b305d19b Typo (#1664) 2019-06-18 21:57:40 +02:00
Christophe Maudoux
9fa11709e6 Append options to use Notifications plugin & set notification reference (#1796) 2019-06-17 22:31:44 +02:00
Xavier
8b488e4d51 Move LDAP::getUser() to Lib::LDAP (Fixes: #1805) 2019-06-17 21:15:38 +02:00
Christophe Maudoux
e0b593152f Merge branch 'bootstrap' into 'v2.0' 
Improve displaying checkuser template and rewrite tests #1806

See merge request lemonldap-ng/lemonldap-ng!79
 2019-06-17 21:00:41 +02:00
Xavier
aff7527580 Fix bad call in LDAP (#1805) 2019-06-17 19:21:48 +02:00
Antoine ROSIER
dab5a9c3df Improve displaying checkuser template and rewrite tests #1806 2019-06-17 14:56:31 +02:00
Christophe Maudoux
862116245d Fix unit tests (#1796) 2019-06-16 23:01:13 +02:00
Christophe Maudoux
1b4d1b5bdf Avoid notification reference to be truncated (#1796) 2019-06-16 20:57:53 +02:00
Christophe Maudoux
c3b3c281ad Hide _2fDevices with REST services 2019-06-16 20:33:34 +02:00
Christophe Maudoux
d6f3dd459a Display message (#1796) 2019-06-16 16:02:48 +02:00
Xavier
8cc2beb976 Fix #1799 test 2019-06-15 08:42:21 +02:00
Xavier
e30cf69053 Add #1799 test 2019-06-15 08:29:36 +02:00
Christophe Maudoux
5218944bf2 Improve unit tests (#1796) 2019-06-14 23:11:10 +02:00
Christophe Maudoux
ecf84e8a4d WIP (#1796) 2019-06-14 23:09:32 +02:00
Christophe Maudoux
fde6ff2cc8 WIP (#1796) 2019-06-14 23:09:32 +02:00
Xavier Guimard
5fbff01b27 Update versions 2019-06-14 17:27:54 +02:00
Xavier Guimard
65eaefa75f Tidy 2019-06-14 17:23:26 +02:00
Clément OUDOT
4e5c450b8b Return error if no code provided on token endpoint (#1802) 2019-06-14 16:05:39 +02:00
Xavier Guimard
e7bc7b3f4e Add restExportSecretKeys option (#1799) 2019-06-14 08:51:58 +02:00
Xavier
5dc5b88daa Permit to show $_password in REST session server (#1799) 2019-06-14 07:09:55 +02:00
Xavier
4ad0da0315 Fix syntax error (#1794) 2019-06-14 06:33:27 +02:00
Christophe Maudoux
73f689eca4 Fix 2F types (#1782) 2019-06-13 23:28:57 +02:00
Christophe Maudoux
c8295b60b5 Fix 2F types (#1782) 2019-06-13 23:27:30 +02:00
Xavier
c7ef665bf9 Fix #1782 2019-06-13 22:23:20 +02:00
Xavier
bb0784b843 Typo 2019-06-13 22:15:46 +02:00