dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
10,851 Commits 3 Branches 0 Tags 75 MiB
8a6f00c53c
Commit Graph

2775 Commits

Author SHA1 Message Date
Christophe Maudoux
71ba189edc Append special characters password policy (#2130) 2020-04-02 12:14:05 +02:00
Christophe Maudoux
b924b96176 WIP - Append PP special characters options (#2130) 2020-04-02 01:03:42 +02:00
Christophe Maudoux
154250e6e7 Use real authentificationLevel & Improve unit test (#2129) 2020-04-01 19:33:18 +02:00
Christophe Maudoux
2a34d1ae8c Update sessionInfo if second factor succeeds & Improve unit tests (#2129) 2020-04-01 15:43:46 +02:00
Christophe Maudoux
ea8b0bb024 Highlight error message (#2126 & #1625) 2020-03-28 18:12:34 +01:00
Christophe Maudoux
68e2e81898 Fix warning if error is undefined (#2126 & #1625) 2020-03-28 17:59:37 +01:00
Xavier Montagutelli
9c0e09f89d Update OpenIDConnect.pm - Correct typo staticPrefi*x* 2020-03-26 16:48:31 +01:00
Maxime Besson
e9bab71585 Make sure restCall returns a hashref (#2125) 2020-03-26 11:31:33 +01:00
Maxime Besson
845ff2da85 fix param transmission in rest2f (#2123) 2020-03-26 10:58:27 +01:00
Maxime Besson
34928123f3 OIDC refactoring 
split token method by response type
factor ID token generation between implicit and hybrid flows
still a lot to do!
 2020-03-18 21:14:54 +01:00
Maxime Besson
168dc75f96 OIDC: return id_token in hybrid flow (#2120) 2020-03-18 21:05:39 +01:00
Clément OUDOT
4c36c77452 Set default value for encryption_mode (#2117) 2020-03-12 17:00:50 +01:00
Clément OUDOT
9620e6870a Possibility to preselect choice tab (#2115) 2020-03-11 11:46:14 +01:00
Clément OUDOT
921cf16fcf Format parameters for trspan (#2113) 2020-03-10 11:28:04 +01:00
Clément OUDOT
7c947ab976 Use the correct message for ppolicy time before expiration (#2113) 2020-03-10 11:16:43 +01:00
Clément OUDOT
f830fc4d8a Add some debug logs for ppolicy (#2113) 2020-03-10 10:50:02 +01:00
Christophe Maudoux
c9b2eff039 More explicit error message (#2108) 2020-03-05 22:14:02 +01:00
Christophe Maudoux
824acec27f Improve log (#2071) 2020-03-03 22:25:30 +01:00
Christophe Maudoux
ea9f019bc8 Append debug logs (#2071) 2020-03-03 17:41:19 +01:00
Maxime Besson
fab2553064 Merge branch 'improve-group-2036' into 'v2.0' 
New macro for group handling, and group-handling examples in default config

See merge request lemonldap-ng/lemonldap-ng!128
 2020-03-02 17:02:35 +01:00
Christophe Maudoux
903d3540e4 Show lang flags with redirect template 2020-03-02 14:30:58 +01:00
Christophe Maudoux
8753cc4cf6 Option to hide empty headers with CheckUser (#2106) 2020-02-28 22:24:13 +01:00
Christophe Maudoux
a4a73ca907 Don t prompt second factor after a failed log in attempt (#2088) 2020-02-27 14:49:27 +01:00
Christophe Maudoux
549d0e8d5c Typo 2020-02-25 22:03:01 +01:00
Christophe Maudoux
683d5f0d86 Append unit test (#2088) 2020-02-25 16:50:50 +01:00
Christophe Maudoux
549658fa72 Compute session with real and spoofed attributes & Improve unit test (#2104) 2020-02-25 14:02:16 +01:00
Christophe Maudoux
e89c017ff6 Increase lock time after each failed login attempt (#2088) 2020-02-24 22:20:40 +01:00
Maxime Besson
4ae628bfcd Avoid generatin a bogus ID token when generation fails (#2105) 2020-02-24 16:28:41 +01:00
Christophe Maudoux
53d7923cd4 WIP - Increase lock time after each failed login attempt (#2088) 2020-02-23 23:19:32 +01:00
Christophe Maudoux
9a6b604f5c Skip bad rule & improve unit test (#2102) 2020-02-22 22:03:00 +01:00
Christophe Maudoux
18b43cacfc Avoid unprotected urldc host with wildcard-protected hosts (#2101) 2020-02-22 00:13:52 +01:00
Clément OUDOT
53263c7f10 Remove references to keepPdata = 1 in code (#2099) 2020-02-21 09:29:10 +01:00
Xavier Guimard
4459a47f76 Tidy 2020-02-20 23:37:05 +01:00
Xavier Guimard
a76cba3856 Update versions 2020-02-20 23:37:01 +01:00
Maxime Besson
47068c51b8 Revert "Prevent portal from crashing when keepPdata=1 (#1893)" 
This reverts commit 2b4defb2a9 and
implements a fix "at the source" instead. Should fix #2099.
 2020-02-20 22:24:26 +01:00
Xavier Guimard
22c1f7270c Add feature to override SOAP Proxy URN (#2100) 2020-02-20 21:49:55 +01:00
Maxime Besson
5758e371bf Improve introspection endpoint (#2096) 2020-02-19 21:49:51 +01:00
Christophe Maudoux
95ad4cac37 Improve code 2020-02-17 23:22:31 +01:00
Christophe Maudoux
385a1c1f38 Improve code & typo 2020-02-16 22:53:15 +01:00
Christophe Maudoux
82f2e8d00c Append log (#2019) 2020-02-16 13:20:37 +01:00
Christophe Maudoux
57b546d112 Fix lmConfigEditor logger error (#2059) 2020-02-16 12:58:12 +01:00
Christophe Maudoux
9a8d668c61 Improve code (#2093) 2020-02-14 22:02:10 +01:00
Christophe Maudoux
15c12346ab Hide persistent session attributes & Improve unit tests (#2093) 2020-02-14 16:21:31 +01:00
Christophe Maudoux
8129d76d63 Improve code 2020-02-13 23:27:13 +01:00
Christophe Maudoux
a0ef149b5f Fix userData (#2071) 2020-02-12 22:50:08 +01:00
Christophe Maudoux
4da346b104 Merge branch 'v2.0' into 2071 2020-02-12 22:22:56 +01:00
Christophe Maudoux
6996c79cab Improve code (#2071) 2020-02-12 22:14:02 +01:00
Christophe Maudoux
99c539fe53 Use a var & Update version (#2071) 2020-02-10 22:35:37 +01:00
Christophe Maudoux
d91bb8f6b9 Improve toggle (#2071) 2020-02-10 11:57:49 +01:00
Christophe Maudoux
83e802f208 Disable & tick checkboxes (#2071) 2020-02-10 10:04:10 +01:00
Christophe Maudoux
0df38323af Typo & improve msg (#2071) 2020-02-10 09:31:43 +01:00
Christophe Maudoux
0b2ab19b7f Toggle buttons - Fix message (#2071) 2020-02-09 23:05:33 +01:00
Christophe Maudoux
73a0ec9dc6 Toggle buttons (#2071) 2020-02-09 21:55:52 +01:00
Christophe Maudoux
c23b6c90ff Fix missing flags 2020-02-09 18:42:29 +01:00
Christophe Maudoux
ef01060c54 Update langs (#2071) 2020-02-09 18:30:08 +01:00
Christophe Maudoux
2f04ffcc4a WIP - Notifications explorer (#2071) 2020-02-09 17:47:25 +01:00
Christophe Maudoux
dd9e849b3e Don t send params with GET method (#2081) 2020-02-07 21:39:58 +01:00
Maxime Besson
f8b93f8c35 Add some demo groups (#2036) 2020-02-06 16:22:23 +01:00
Maxime Besson
68be974e51 Add option to compute userdb groups before macros (#1877) 2020-02-05 15:39:45 +01:00
Maxime Besson
3b48746948 SAML: Hide error in storeEnv (#2084) 2020-02-03 17:08:18 +01:00
Maxime Besson
e52f6d3ba7 Increase visibility of Lasso errors (#2084) 2020-02-03 17:08:18 +01:00
Maxime Besson
f4b11e9a0d fix whitespace (#2082) 2020-01-31 17:48:21 +01:00
Maxime Besson
e40568a330 Manager: fix SSLVarIf syntax (#2082) 2020-01-31 17:43:49 +01:00
Maxime Besson
f997a26e41 Fix form method when displaying info in autoPost (#2080) 2020-01-30 20:43:04 +01:00
Clément OUDOT
faa65c4abf Options to add a custom CSS file (#2076) 2020-01-28 15:14:24 +01:00
Clément OUDOT
681452524d Associate SAML access rule to SP conf key and not SP entityID (#2074) 2020-01-24 09:01:56 +01:00
Maxime Besson
5149ba8118 Make debug message less confusing when portal status is <0 2020-01-23 20:37:18 +01:00
Christophe Maudoux
8279733fbd Update Process.pm 
Typo
 2020-01-22 12:39:02 +01:00
Xavier Guimard
f3f97ccb80 Add sameSite parameter (#2069) 2020-01-20 06:21:09 +01:00
Christophe Maudoux
0408ce80b8 Better better fix (#2061) 2020-01-19 18:06:56 +01:00
Xavier Guimard
0fa90c5efe Avoid double encode_base64 call (#2061) 2020-01-18 22:25:48 +01:00
Christophe Maudoux
32d7f46b1a Better fix (#2061) 2020-01-18 18:58:42 +01:00
Christophe Maudoux
fd2a9ce226 Append info log msg (#2061) 2020-01-17 22:27:03 +01:00
Christophe Maudoux
138ef363d4 Force cleaning pdata cookie if redirect url match _url & Improve unit test (#2061) 2020-01-17 22:17:02 +01:00
Christophe Maudoux
6f31d98710 Revert "Force cleaning pdata cookie if redirect url match _url & Improve unit test (#2063)" 
This reverts commit 965678dde2.
 2020-01-17 22:16:44 +01:00
Christophe Maudoux
965678dde2 Force cleaning pdata cookie if redirect url match _url & Improve unit test (#2063) 2020-01-17 22:10:06 +01:00
Christophe Maudoux
583bbbe285 Append CSP frame-ancestors option & Improve unit test (#2068) 2020-01-15 16:09:57 +01:00
Christophe Maudoux
d7c2b36d15 Don t load bruteForceProtection plugin without persistent storage 2020-01-14 19:01:37 +01:00
Christophe Maudoux
c47466698d Load bruteForce plugin only if history is gt attempts 2020-01-13 14:10:36 +01:00
Christophe Maudoux
27b0b7fde4 Append Custom backend & Improve unit test (#1605) 2020-01-10 17:48:49 +01:00
Christophe Maudoux
2ba565693b Append Demo backend & Unit test (#1605) 2020-01-10 17:26:20 +01:00
Christophe Maudoux
b28a9d148e Modify log level 2020-01-08 23:06:49 +01:00
Christophe Maudoux
94cefa3ef4 Typo 2020-01-07 22:38:08 +01:00
Christophe Maudoux
cf6f1ca532 Test if Captcha is enabled & Improve unit test (#2057) 2020-01-05 21:57:24 +01:00
Christophe Maudoux
b08400d4bb Fix langs & Append template (#1605) 2020-01-05 19:24:47 +01:00
Christophe Maudoux
aa7df251b7 Remove useless parameters (#1605) 2020-01-04 22:19:21 +01:00
Christophe Maudoux
b029fdf604 Typo (#1605) 2020-01-04 16:58:33 +01:00
Christophe Maudoux
f37c2399b1 Update sessionInfo during auth process with 2FA 2020-01-04 13:36:21 +01:00
Xavier Guimard
43245bbf36 Fix warnings 2020-01-04 08:21:38 +01:00
Christophe Maudoux
a48daee305 Update sessionInfo during auth process 2020-01-03 23:39:57 +01:00
Christophe Maudoux
0f591496b4 Update sessionInfo during auth process to improve handler in-memory sessions security & Improve unit tests 2020-01-03 20:07:36 +01:00
Christophe Maudoux
f8046dd716 Update sessionInfo during auth process & Improve unit tests 2020-01-03 12:36:35 +01:00
Christophe Maudoux
1988983c90 Typo 2019-12-31 17:14:44 +01:00
Christophe Maudoux
23b7919940 Merge branch 'reset-certificate' into 'v2.0' 
fix call to mailTemplate in ResetCertificate module (#1605)

See merge request lemonldap-ng/lemonldap-ng!120
 2019-12-30 09:31:28 +01:00
Christophe Maudoux
bd85aff978 Typo & FR translation & Container type (#1605) 2019-12-29 21:48:56 +01:00
epictete
908082aa54 fix call to mailTemplate in ResetCertificate module (#1605) 2019-12-29 00:18:14 +01:00
Christophe Maudoux
7b499f9bd1 Fix wrong message & Improve unit test (#2050) 2019-12-26 17:06:59 +01:00
Xavier Guimard
3317ab9fb1 Fix... 2019-12-25 13:30:54 +01:00
Xavier Guimard
d069f32438 Fix bad export 2019-12-25 13:11:58 +01:00
Christophe Maudoux
2954ea2abc Disable compactConf by default & Update unit tests (#2046) 2019-12-22 13:06:10 +01:00
Clément OUDOT
7d13400be4 Update version in modules 2019-12-21 16:33:39 +01:00
Clément OUDOT
458d353af8 Merge branch 'v2.0' into dcoutadeur/lemonldap-ng-certificate-reset 2019-12-21 16:19:49 +01:00
Clément OUDOT
983af4dec1 make json (#1605) 2019-12-21 16:13:32 +01:00
Clément OUDOT
f5c2b81051 Possibility to add extra claims and extra vars in OIDC register (#2003) 2019-12-21 12:08:48 +01:00
Christophe Maudoux
39f93b0eb0 Retrieve all notifications & Improve unit test (#2012) 2019-12-19 20:52:34 +01:00
dcoutadeur
a465a5d768 Reset Certificate module for v2.0.7 (#1605) 2019-12-19 19:10:32 +01:00
Clément OUDOT
3831b81255 Adapt log message in refresh (#2005) 2019-12-19 18:11:33 +01:00
Clément OUDOT
ae0d455e7f Use base64 URL to decode JWT (#2045) 2019-12-19 17:31:02 +01:00
Maxime Besson
f7f526b825 Fix #1882 in refresh token code 2019-12-17 10:59:45 +01:00
Maxime Besson
3094c04470 Merge branch '2010-upgradesession-kerberos' into 'v2.0' 
Fix Kerberos in session upgrade (#2010)

See merge request lemonldap-ng/lemonldap-ng!105
 2019-12-16 18:14:57 +01:00
Maxime Besson
a410793122 CAS per-service macros portal code (#2042) 2019-12-16 17:26:35 +01:00
Maxime Besson
2a15bb0523 SAML per-service macros portal code (#2042) 2019-12-16 17:26:34 +01:00
Maxime Besson
32ecf37be4 OIDC per-service macros portal code (#2042) 2019-12-16 17:26:34 +01:00
Christophe Maudoux
c21ab76900 Better fix (#2005) 2019-12-15 12:54:28 +01:00
Christophe Maudoux
e4c5a9d723 Fix #2005 & improve unit test 2019-12-14 17:40:23 +01:00
Clément OUDOT
757399fa61 Catch PE_BADCREDENTIALS error in Combination display process (#2009) 2019-12-13 11:15:05 +01:00
Clément OUDOT
c2c11342ac setSecurity method for Combination (#2009) 2019-12-13 11:12:26 +01:00
Xavier
5bb6f2fd3b Refresh plugin (#2006) 2019-12-08 17:28:51 +01:00
Xavier
d01cfe94df Refresh plugin skeleton (#2006) 2019-12-08 17:19:50 +01:00
Christophe Maudoux
a3a800108c Append renew captcha button (#2019) 2019-12-01 22:03:58 +01:00
Christophe Maudoux
5d6151f0d1 Fix version 2019-11-29 19:23:22 +01:00
Maxime Besson
75559bfb15 Fix TTL of offline session (#813) 2019-11-27 12:12:47 +01:00
Christophe Maudoux
6f2e5c1811 Typo 2019-11-25 22:48:12 +01:00
Christophe Maudoux
a54a8228b4 Check only active notifications & Improve unit test - XML format (#2012) 2019-11-25 11:55:19 +01:00
Christophe Maudoux
80f19e4e71 Check only active notifications & Improve unit test - JSON format (#2012) 2019-11-25 11:51:08 +01:00
Christophe Maudoux
c1c6a8a9a6 Update langs & version (#1999) 2019-11-22 22:39:56 +01:00
Christophe Maudoux
60ef07bcd6 Check notifications date (#2012) 2019-11-22 21:08:28 +01:00
Christophe Maudoux
60bf01d27a Update version (#1999) 2019-11-22 20:40:28 +01:00
Christophe Maudoux
7324172023 Merge branch 'v2.0' into globalLogout 2019-11-20 21:11:34 +01:00
Maxime Besson
e130c6160b Validate LDAP connections in getUser (#2018) 2019-11-20 20:57:33 +01:00
Xavier
6cdfd72197 setSecurity skeleton for Combination (#2009) 2019-11-20 17:47:56 +01:00
Christophe Maudoux
ef5d0cde48 Merge branch 'v2.0' into globalLogout 2019-11-18 22:15:54 +01:00
Christophe Maudoux
e20555623e Append defaulCondition option (#2012) 2019-11-18 17:34:56 +01:00
Christophe Maudoux
ea3337574c Append conf manager test (#2012) 2019-11-17 22:36:52 +01:00
Christophe Maudoux
d935753eaf Append to JSON format condition check & improve unit test (#2012) 2019-11-17 22:25:06 +01:00
Christophe Maudoux
c548a4d03e Typo 2019-11-17 22:23:12 +01:00
Christophe Maudoux
15711c642e Merge branch 'v2.0' into globalLogout 2019-11-15 21:49:56 +01:00
Christophe Maudoux
7b637f5a04 Update response and unit test (#1999) 2019-11-15 21:49:01 +01:00
Christophe Maudoux
632f731774 Allow non array ref with single checkbox and split notification body (#2012) 2019-11-15 21:03:18 +01:00
Maxime Besson
04f5116c23 Fix Kerberos in session upgrade (#2010) 2019-11-15 16:10:37 +01:00
Maxime Besson
57b28940fa Do not show password change prompt when AD password is incorrect (#2007) 2019-11-15 11:59:03 +01:00
Maxime Besson
258fba5eaa Do not store session key if attribute was missing from UserDB (#2004) 2019-11-15 11:29:46 +01:00
Maxime Besson
bedcf20806 Change portal error code on 2F failure (#2008) 2019-11-15 11:19:08 +01:00
Christophe Maudoux
193666d963 Tidy (#1999) 2019-11-14 22:06:15 +01:00
Christophe Maudoux
bd3cfb0c1c Append REST service (#1999) 2019-11-14 22:02:18 +01:00
Christophe Maudoux
ad1040986b Typo 2019-11-13 21:27:48 +01:00
Christophe Maudoux
7ef9e132c9 Append GlobalLogout plugin (#1999) 2019-11-13 20:56:56 +01:00
Christophe Maudoux
818ebc89be Improve code (#1999) 2019-11-13 16:42:32 +01:00
Christophe Maudoux
8f3c0d234e Force globalLogout (#1999) 2019-11-13 16:10:20 +01:00
Christophe Maudoux
297ef8cd8c Merge branch 'v2.0' into globalLogout 2019-11-12 22:17:09 +01:00
Christophe Maudoux
75b37eadb2 Fix CheckUser search attributes 2019-11-12 22:16:05 +01:00
Christophe Maudoux
603293411b Use userData instead of sessionInfo to fix ContectSwitching debug log 2019-11-12 10:00:11 +01:00
Christophe Maudoux
7245e5349c Typo 2019-11-11 22:38:51 +01:00
Christophe Maudoux
0967a82e99 Check OTT (#1783) 2019-11-11 22:34:16 +01:00
Christophe Maudoux
80a1e4bf57 WIP - Append GlobalLogout plugin (#1999) 2019-11-11 22:33:30 +01:00
Christophe Maudoux
2e0d2b7e14 Typo 2019-11-11 21:50:28 +01:00
Christophe Maudoux
e225516105 Typo 2019-11-10 21:43:21 +01:00
Maxime Besson
2639c482b1 Fix cookie removal on SAML logout (#2001) 
Since the fixes for #1863, calling p->do consumes the response headers
set by any previous code. So we must only call do() in a return statement.
 2019-11-06 18:44:10 +01:00
Maxime Besson
7bdd33eb46 Fix token ID format (#1998) 2019-11-06 11:45:47 +01:00
Christophe Maudoux
32126c4aca Set ENV (#1996) 2019-11-05 11:03:10 +01:00
Maxime Besson
713737c11f Add an option to return claims in ID token 2019-11-04 18:27:28 +01:00
Maxime Besson
b34a229eda Add doc for buildUserInfoResponseFromId 2019-11-04 10:47:35 +01:00
Maxime Besson
68704955d2 Apply suggestion to lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm 2019-11-04 10:47:35 +01:00
Maxime Besson
a386a7502a Allow refresh tokens to be emitted for regular sessions (#813) 2019-11-04 10:44:54 +01:00
Maxime Besson
ea2365cc98 Implement OIDC Offline sessions through refresh tokens (#813) 2019-11-04 10:44:54 +01:00
Christophe Maudoux
c01c26af6a Append option to override Issuer OTT storage (#1993) 2019-10-31 11:40:33 +01:00
Maxime Besson
7d3b2a95a5 Avoid setting req->user to emtpy value in Demo module 
This can cause issues when using Combination and password reset in
testing environments
 2019-10-30 20:22:37 +01:00
Maxime Besson
5b2f3ca576 Merge branch 'remove-saml-idp-cookie-1941' into 'v2.0' 
Remove SAML IDP cookie (#1941)

See merge request lemonldap-ng/lemonldap-ng!99
 2019-10-30 16:01:11 +01:00
Clément OUDOT
fb74d03a89 Use whatToTrace for logging messages (#1991) 2019-10-29 17:28:55 +01:00
Christophe Maudoux
9892173cc3 Tidy & update version (#1989) 2019-10-27 21:15:48 +01:00
Christophe Maudoux
73d83dd7f0 Append missing parameters & improve unit test (#1989) 2019-10-27 21:13:25 +01:00
Maxime Besson
ed3e274ab1 Fix force password reset in Combination (#1984) 2019-10-24 08:58:04 +02:00
Maxime Besson
4afecb4620 Remove IDP cookie (#1941) 2019-10-17 23:09:03 +02:00
Christophe Maudoux
3c2ecfd04a Tidy (#1956) 2019-10-13 22:47:57 +02:00
Christophe Maudoux
f188426f8b Fix custom function parameter (#1956) 2019-10-13 22:29:12 +02:00
Christophe Maudoux
0ca649f106 Use custom decrypt functions (#1956) 2019-10-13 15:08:32 +02:00
Maxime Besson
2b4defb2a9 Prevent portal from crashing when keepPdata=1 (#1893) 
Since the changes introduced to fix #1893, keepPdata is expected to
contain an array of values.

When migrating from previous LLNG versions, cookies may contain
keepPdata=1, which crashes the server because 1 isn't an arrayref

This change makes LLNG consider that keepPdata=1 is not a valid value,
and replaces it with an empty arrayref when starting the login or logout
flow.
 2019-10-09 17:35:48 +02:00
Maxime Besson
ff9bb46301 Make notification system take pdata url into account (#1893) 2019-10-08 22:40:10 +02:00
Maxime Besson
2bce713f65 Set issuer urldc in pdata (#1893) 2019-10-08 22:40:10 +02:00
Maxime Besson
3ee708d8ff Delay cookie restore after hooks (#1965) 2019-10-07 17:26:40 +02:00
Maxime Besson
474bb48aa1 Make Password::LDAP/AD check connection before use (#1909) 
Also remove a mostly redundant wrapper method in Auth::LDAP
 2019-10-01 19:17:31 +02:00
Maxime Besson
fa49e77495 Better logs in case of a LDAP error 2019-10-01 15:14:51 +02:00
Clément OUDOT
a239091553 Load String::Random (#1963) 2019-10-01 14:49:41 +02:00
Christophe Maudoux
138cfe6edb Append DecryptValue plugin (#1956) 2019-09-30 22:29:49 +02:00
Christophe Maudoux
a219a51e1c Revert "Make manifest" 
This reverts commit c00110ed01.
 2019-09-30 22:28:55 +02:00
Christophe Maudoux
35de9fd3e8 Re-order 2019-09-30 22:27:03 +02:00
Christophe Maudoux
c00110ed01 Make manifest 2019-09-30 22:26:55 +02:00
Christophe Maudoux
b3791cc65b Typo 2019-09-30 19:10:05 +02:00
Christophe Maudoux
b505d3a475 Typo 2019-09-30 19:10:05 +02:00
Maxime Besson
e9153957da IDP selection phrasing 2019-09-30 18:55:09 +02:00
Maxime Besson
e693e5e649 Fix IDP selection rules (#1961) 2019-09-30 18:54:02 +02:00
Xavier
461cd51e45 Try to fix #1785 without breaking pdata 2019-09-29 23:04:17 +02:00
Christophe Maudoux
6df7412bcf Fix log with Impersonation plugin (#1664) 2019-09-26 20:24:12 +02:00
Maxime Besson
5d5ac66a6e Add Date: field to emails (#1953) 
This adds a dependancy to Email::Date::Format, but it's already a
dependancy of Email::Sender::Simple (and probably more), so in practice
no new packages are going to be installed
 2019-09-26 12:32:58 +02:00
Christophe Maudoux
5d9fc02205 Typo & logger 2019-09-20 22:47:48 +02:00
Christophe Maudoux
c34c6e646e Append search parameters & improve unit test (#1938) 2019-09-19 22:51:10 +02:00
Clément OUDOT
dc0a8f7848 Add some log when user is authorized to access to service (#1702) 2019-09-19 16:52:08 +02:00
Clément OUDOT
dd76c4f3db Improve log for CAS Issuer (#1702) 2019-09-19 16:18:51 +02:00
Clément OUDOT
e446e09a7f Improve log (#1702) 2019-09-19 16:07:10 +02:00
Christophe Maudoux
84778604fd Typo 2019-09-18 21:01:24 +02:00
Christophe Maudoux
2095fdf316 Improve log (#1702) 2019-09-18 19:59:35 +02:00
Christophe Maudoux
92c8e6791f Typo (#1702) 2019-09-18 19:49:22 +02:00
Clément OUDOT
5512d38f81 Improve log on 2F unregistration (#1702) 2019-09-18 18:09:18 +02:00
Clément OUDOT
ce6f6c3977 Get login to use it in password force change form (#1910) 2019-09-18 15:55:13 +02:00
Maxime Besson
98f55fd384 Translate the error code displayed in debug logs 2019-09-17 20:17:57 +02:00
Christophe Maudoux
146aca7c82 Remove trailing whitespaces 2019-09-16 20:30:35 +02:00
Christophe Maudoux
fcf05c5602 Avoid warning 2019-09-16 17:22:35 +02:00
Maxime Besson
c94e2534a9 Send CORS headers when doing JSON responses too (#1765) 2019-09-16 16:55:15 +02:00
Maxime Besson
e281ad7cc3 Add support for CORS preflight (#1765) 2019-09-16 16:55:15 +02:00
Christophe Maudoux
9c01c46fea Typo (#1932) 2019-09-14 23:37:50 +02:00
Christophe Maudoux
dd66f37739 Return httpSession id if exists (#1932) 2019-09-14 22:47:11 +02:00
Christophe Maudoux
5615d5b2a3 Append display Slave logo option (#1936) 2019-09-14 22:07:44 +02:00
Christophe Maudoux
ce4cdcee85 Don t display Slave module 2019-09-13 22:37:35 +02:00
Christophe Maudoux
9784e75ead Check Slave credential headers (#1935) 2019-09-13 22:21:09 +02:00
Clément OUDOT
5c7905e342 Improve regexp (#1891) 2019-09-13 15:35:05 +02:00
Clément OUDOT
36a1f07786 Remove cancel parameter in CAS service value (#1891) 2019-09-13 15:17:51 +02:00
Xavier
e50e7d09d1 Update version of (really) modified files 2019-09-12 21:56:49 +02:00
Clément OUDOT
70d2856d71 Option to display password generation box (#1928) 2019-09-12 18:26:56 +02:00
Clément OUDOT
c75a74da5a Display password form if password is refused (#1930) 2019-09-12 17:54:43 +02:00
Christophe Maudoux
4287c39f5b typo 2019-09-11 16:20:28 +02:00
Christophe Maudoux
bb0b5814f7 Fix empty groups (#1791) 2019-09-11 16:18:35 +02:00
Christophe Maudoux
c1af9e49f7 WIP - Append extractFormInfo step & AuthChoiceParam for AuthChoice (#1925) 2019-09-09 23:23:52 +02:00
Christophe Maudoux
132f42d44c Forbid browsers to store users password & Improve unit tests (#1913) 2019-09-08 19:28:28 +02:00
Maxime Besson
94877793d4 increase clock tolerance during rest secret check (#1923) 2019-09-06 17:45:51 +02:00
Maxime Besson
00e91f374b Add specific error code when missing a required SAML attr (#1919) 
The MISSINGREQATTR message is a good default value, but a site
administrator may decide to override it with a personnalized version
that only applies to issuer errors caused by an incomplete user profile
(for example, giving a pointer to the local user profile management
application)
 2019-09-06 11:04:39 +02:00
Clément OUDOT
e54355ff9f Use conf as HASH key (#1619) 2019-09-05 17:16:55 +02:00
Clément OUDOT
5b7bb4b9cd Check error message from ITDS (#1619) 2019-09-05 17:14:44 +02:00
Clément OUDOT
17123d6196 Avoid plugin conflicts (#993) 2019-09-05 13:30:49 +02:00
Clément OUDOT
068ffbe604 Define portalDisplayPasswordPolicy parameter in Manager (#993) 2019-09-05 13:02:51 +02:00
Clément OUDOT
b44c13ba2f Display password policy in password change form (#993) 2019-09-05 12:46:32 +02:00
Clément OUDOT
2f2f62ae1c Check password quality in mail reset plugin (#993) 2019-09-05 12:02:51 +02:00
Clément OUDOT
3700a1b54c Fix logger in Kerberos Auth init 2019-09-04 15:42:33 +02:00
Christophe Maudoux
3e9a424090 Update version (#1916) 2019-09-03 22:57:51 +02:00
Christophe Maudoux
56ed8a5724 Append issuersTimeout option (#1916) 2019-09-03 22:52:07 +02:00
Clément OUDOT
a2d3ae1d03 Local password policy: minimal digits (#993) 2019-09-03 19:08:19 +02:00
Clément OUDOT
28309dca9b Merge branch 'v2.0' of gitlab.ow2.org:lemonldap-ng/lemonldap-ng into v2.0 2019-09-03 19:07:22 +02:00
Clément OUDOT
b52bbdb838 Local password policy: minimal upper characters (#993) 2019-09-03 18:45:35 +02:00
Maxime Besson
ff3d4e218c doc: suggest a better fix for #1864 
We can't do it yet because the issue isn't fixed in versions of Lasso
found in the wild. But someday it will be.
 2019-09-03 18:13:13 +02:00
Clément OUDOT
ef3d6a26c4 Local password policy: minimal lower characters (#993) 2019-09-03 16:10:04 +02:00
Clément OUDOT
8998eb183e Local password policy: minimal size (#993) 2019-09-03 14:30:22 +02:00
Clément OUDOT
82a06fce91 Pass skin parameter in 2F flows (#1915) 2019-09-03 11:56:48 +02:00
Clément OUDOT
fca831411b Fix call to logger in REST authentication backend 2019-08-30 09:46:25 +02:00
Clément OUDOT
177f446f25 Display main logo in redirect page (#1906) 2019-08-29 19:29:27 +02:00
Maxime Besson
d61935ab6e Implement introspection endpoint for access tokens (#1843) 2019-08-29 19:10:51 +02:00
Maxime Besson
fd7453b7a5 Refactor endpoint auth 2019-08-29 18:57:26 +02:00
Xavier Guimard
ae6e69667a Fix warning 2019-08-29 10:49:01 +02:00
Xavier Guimard
9379188000 Fix ^ (#1903) 2019-08-28 19:28:20 +02:00
Xavier Guimard
df4e7e7522 Generic fix for issues like #1903 2019-08-28 19:12:29 +02:00
Clément OUDOT
2145483be7 Pass extra args in Combination module (#1903) 2019-08-28 18:22:19 +02:00
Xavier Guimard
1660109e2f Security: use 3-form for open 2019-08-28 11:32:54 +02:00
Xavier
1f2f0240f0 Love Perl (#1863) 
TIMTOWTDI
 2019-08-28 00:36:18 +02:00
Maxime Besson
810d2c7f94 Disable template cache to avoid translation issues in mail (#1897) 2019-08-27 23:13:36 +02:00
Maxime Besson
a04a376777 Make regular template variables available in mails 
SKIN, PORTAL_URL, env_*, session_* are now available in email templates

Preliminary work for #1861
 2019-08-27 23:13:36 +02:00
Xavier Guimard
48883dbe4e More tests 2019-08-27 10:32:26 +02:00
Xavier Guimard
323d92fa1b Don't load Data::Dumper unless debug 2019-08-27 10:10:11 +02:00
Clément OUDOT
796d1b12e6 Add _session_kind to default exported attributes (#1896) 2019-08-26 17:38:08 +02:00
Christophe Maudoux
ec59cc164c Catch error earlier in process (#1867) 2019-08-24 23:26:42 +02:00
Xavier Guimard
0415370f2c More REST debug 2019-08-22 15:17:51 +02:00
Clément OUDOT
e42e71b5e3 Use LinkedIn v2 API (#1890) 2019-08-22 14:51:24 +02:00
Christophe Maudoux
894b8be541 By pass first access (#1867) 2019-08-21 23:40:23 +02:00
Maxime Besson
661a007b4a Check OIDC access token expiration (#1879) 2019-08-21 12:18:55 +02:00
Christophe Maudoux
b694b16a19 Avoid warning with Choice 2019-08-20 17:08:37 +02:00
Christophe Maudoux
8e9f4e513e Improve combination with FaceBook & LinkedIn 2019-08-17 17:27:14 +02:00
Christophe Maudoux
5985e6d258 Fix REST service (#1870) 2019-08-17 17:11:28 +02:00
Xavier
097183f2b3 Fix warning 2019-08-16 09:10:10 +02:00
Christophe Maudoux
78a82dbee9 Override OTT conf. for Upgrade tokens (#1884) 2019-08-15 22:01:44 +02:00
Maxime Besson
2e9f57ab6f Better default behavior for oidcServiceMetaDataIssuer (#1882) 2019-08-13 18:09:59 +02:00
Christophe Maudoux
7502e424e3 Revert "Concatenate pdata and lemon cookies in the same set-cookie header (#1863)" 
This reverts commit c3a01c042c
 2019-08-13 10:16:31 +02:00
Christophe Maudoux
c3a01c042c Concatenate pdata and lemon cookies in the same set-cookie header (#1863) 2019-08-12 23:52:33 +02:00
Christophe Maudoux
3891c9caec Fix log level & improve e2e ini file (#1878) 2019-08-12 22:20:22 +02:00
Christophe Maudoux
f8ef2797a8 Update manifest 2019-08-12 21:36:55 +02:00
Christophe Maudoux
d7cb8bf4b8 Force remove pdata cookie to avoid loop (#1878) 2019-08-12 21:29:08 +02:00
Christophe Maudoux
09158f0084 Return whatToTrace instead of uid & Fix + Append unit test (#1664) 2019-08-10 12:38:25 +02:00
Christophe Maudoux
52fa94bd55 Sort functions & append comments 2019-08-10 11:13:56 +02:00
Christophe Maudoux
bee0e675f3 Revert "Fix langs directory (#1870)" 
This reverts commit b453647b26.
 2019-08-09 22:46:43 +02:00
Christophe Maudoux
b453647b26 Fix langs directory (#1870) 2019-08-09 22:11:05 +02:00
Maxime Besson
daa03a9a9c OIDC: tie client_id to authorization code (#1881) 2019-08-09 13:54:53 +02:00
Christophe Maudoux
9dac92064c Better fix & update unit tests (#1861) 2019-08-07 22:29:12 +02:00
Maxime Besson
9b24fd02e5 Log more detailed information about Kerberos failures 2019-08-07 19:35:35 +02:00
Christophe Maudoux
ce05b44172 Remove useless constants (#1867) 2019-08-06 22:42:17 +02:00
Christophe Maudoux
7aad470586 Delete pdata cookie after XML notif validation & Improve unit test (#1861) 2019-08-06 22:29:48 +02:00
Christophe Maudoux
c630a90064 Delete pdata cookie after notif validation & Improve unit test (#1861) 2019-08-06 22:25:09 +02:00
Xavier
ea713a3169 Avoid conflict in $req->data between DBI and LDAP 
Closes: #1875
 2019-08-06 21:54:41 +02:00
Christophe Maudoux
742e7417d4 Better fix (#1867) 2019-08-06 21:04:52 +02:00
Maxime Besson
8de0a89029 Give more customization options for 2F prompt messages 
new translations labels for mail and rest, and we now pass the 2F prefix
to templates. It's not used in the default skin, but it should help in
cases where extra second factors are used to offer the user a more
helpful prompt message
 2019-08-05 20:08:28 +02:00
Christophe Maudoux
bf20db03b9 Improve unit test & fix (#1867) 2019-08-04 22:39:14 +02:00
Christophe Maudoux
c1736f7f82 Catch error if setSecurity is undefined (#1874) 2019-08-04 12:08:34 +02:00
Christophe Maudoux
1422c28c0b Improve fix & unit test (#1874) 2019-08-03 23:49:02 +02:00
Christophe Maudoux
6cf1c83151 Fix & Improve unit test (#1874) 2019-08-03 22:48:07 +02:00
Christophe Maudoux
058ef90662 Append dependency 2019-08-03 11:05:12 +02:00
Christophe Maudoux
6ad07f9c4d Fix debug log 2019-08-03 11:04:58 +02:00
Christophe Maudoux
dcd0c53fde Fix warning message 2019-08-02 22:58:36 +02:00
Christophe Maudoux
46208d74fe Improve unit test (#1870) 2019-08-02 21:58:08 +02:00
Maxime Besson
15c3b0bbf8 Add Radius second factor (#1847) 2019-08-02 18:03:10 +02:00
Maxime Besson
68c8be333a Fix translation override in mails 2019-08-02 17:45:03 +02:00
Maxime Besson
c1afdbefac Add labels and logos to all 2F providers (#1873) 2019-08-01 17:27:14 +02:00
Christophe Maudoux
216d683f22 Fix debug log (#1870) 2019-08-01 11:59:02 +02:00
Christophe Maudoux
188c7be337 perltidy 2019-07-31 23:38:48 +02:00
Christophe Maudoux
ee5a705d2f Append REST API to retrieve error message (#1870) 2019-07-31 23:09:38 +02:00
Clément OUDOT
4ee49de4c2 Adapt grant_types_supported attribute (#1846) 2019-07-25 19:06:53 +02:00
Maxime Besson
c9dba5212e HTML-decode entityID from metadata (#1864) 2019-07-25 18:29:46 +02:00
Christophe Maudoux
3d6a7bd843 Sort notifications: JSON format (#1862) 2019-07-25 12:42:58 +02:00
Christophe Maudoux
bf5fe2246d Send specified parameters (#1851) 2019-07-25 12:00:37 +02:00
Christophe Maudoux
3082168617 Append HTTP method options (#1851) 2019-07-25 10:49:49 +02:00
Christophe Maudoux
11f2d0f34a Improve notifications REST API & unit test (#1851) 2019-07-23 15:54:53 +02:00
Maxime Besson
d82f776df8 Allow multi instanciation of 2F modules (#1860) 
This commit adds a manager interface to declare multiple instances of a
single 2F module, in a manner similar to Combination.

An additional portal code reads the `sfExtra` variable to load the
declared modules.

An empty rules means the module will be always active.
 2019-07-22 19:30:37 +02:00
Christophe Maudoux
fb7a222c9d Append notifications REST API (#1851) 2019-07-22 15:39:59 +02:00
Christophe Maudoux
81aa2fb37b Improve test-lib & unit test (#1851) 2019-07-21 23:23:20 +02:00
Christophe Maudoux
3972861ba4 WIP - Improve unit test & need to fix list notifications feature!!! (#1851) 2019-07-21 22:47:48 +02:00
Clément OUDOT
f15e8bd108 Possibility to list notifications (#1851) 2019-07-21 20:47:16 +02:00
Christophe Maudoux
ca7ebe09f7 WIP - REST service to remove notification (#1851) 2019-07-20 22:25:03 +02:00
Christophe Maudoux
21c1d83df3 Typo 2019-07-20 13:28:48 +02:00
Christophe Maudoux
4eecd90230 Typo (#1857) 2019-07-17 12:20:30 +02:00
Christophe Maudoux
b99b76e2d6 Improve code (#1857) 2019-07-17 12:18:15 +02:00
Christophe Maudoux
d8b3eb2a34 Remove cipher cookie if notification refused (#1857) 2019-07-16 13:51:01 +02:00
Clément OUDOT
e12cb3a905 Fix loop on notifications (#1856) 2019-07-15 10:55:33 +02:00
Xavier
64c587417b Improvement 2019-07-12 19:09:55 +02:00
Clément OUDOT
c024ed0fe6 Improve logging when a notification is added by REST (#1853) 2019-07-12 18:34:55 +02:00
Xavier Guimard
3c6a301785 Keep original PATH_INFO during notification process (Fixes: #1852) 2019-07-12 10:33:36 +02:00
Clément OUDOT
c76dc52436 Adapt response_types_supported attribute in OpenID Connect metadata depending on configured flows (#1846) 2019-07-08 15:38:57 +02:00
Clément OUDOT
9b98893c44 Manage claims in ID token if no access token requested (#1846) 2019-07-08 15:15:13 +02:00
Christophe Maudoux
240617d8d8 Fix unit tests 2019-07-06 23:27:45 +02:00
Christophe Maudoux
d0da10b375 Improve code (#1664) 2019-07-06 23:00:35 +02:00
Christophe Maudoux
619ea8258f Improve unit test & fix warning - Expired sessions (#1783) 2019-07-06 23:00:24 +02:00
Christophe Maudoux
2d6c46920e Fix & improve unit test (#1844) 2019-07-05 22:53:48 +02:00
Xavier
88f75c42ed Set pdata domain also when removing cookie (#1829) 2019-07-05 06:43:11 +02:00
Christophe Maudoux
6a579644f8 Fix warning (#1842) 2019-07-04 23:20:11 +02:00
Christophe Maudoux
f38a583967 Improve code 2019-07-04 22:50:46 +02:00
Christophe Maudoux
2016abd2ee Send pdata cookie to cross domain (#1829) 2019-07-04 21:49:28 +02:00
Xavier
9cdfd4c9a6 Add notice when user is connected 2019-07-04 21:22:06 +02:00
Clément OUDOT
1ebbde9a50 Tidy code and add missing check on hash_level (#1835) 2019-07-04 09:49:01 +02:00
Xavier
a104db2f2d Clean logs 2019-07-04 07:24:50 +02:00
Xavier
d4fedbdfcf Duplicate log rules in Plugin manpage 2019-07-04 07:09:39 +02:00
Christophe Maudoux
6df12176de Disable secondFactor (#1783) 2019-07-03 23:21:19 +02:00
Christophe Maudoux
2f541370a6 perltidy (#1783) 2019-07-03 23:12:15 +02:00
Christophe Maudoux
03f2d89d0c ContextSwitching: Check (expiration) errors & Improve logs (#1783) 2019-07-03 23:08:50 +02:00
Christophe Maudoux
161d6cee0f Fix unit test warning (Auth-and-issuer-OIDC-authorization_code-with-none-alg.t) 2019-07-03 22:17:22 +02:00
Maxime Besson
6f058fb2fa Add manager manpages to deb 2019-07-03 15:17:16 +02:00
Xavier
78a4bb4987 ContextSwitching: Check (expiration) errors (#1783) 2019-07-03 06:47:33 +02:00
Christophe Maudoux
5a53fee2db WIP - Improve log (#1783) 2019-07-03 00:09:14 +02:00
Christophe Maudoux
42bc5efdb3 Use skin rules in plugins (#1828) 2019-07-02 22:17:53 +02:00
Christophe Maudoux
9c62a04f22 Improve code (#1783) 2019-07-02 22:08:17 +02:00
Christophe Maudoux
12e0853b51 Improve log (#1783) 2019-07-02 21:33:32 +02:00
Xavier Guimard
c1137edba8 make tidy with perltidy-20181120 2019-07-02 20:03:40 +02:00
Clément OUDOT
e04a6f1983 Reject none algorithm when checking JWT signature (#1835) 2019-07-02 16:36:43 +02:00
Clément OUDOT
60c03010ce Use Base64URL for JWT generation (#1834) 2019-07-01 17:29:35 +02:00
Christophe Maudoux
b94cbe0144 Fix default value (#1825) 2019-07-01 13:28:01 +02:00
Christophe Maudoux
69d2a2db0c Fix default value (#1825) 2019-07-01 12:56:10 +02:00
Christophe Maudoux
a1f5791e06 Merge branch '1783' into v2.0 2019-06-30 19:00:41 +02:00
Christophe Maudoux
bcbea7bee0 Update version (#1825) 2019-06-29 21:48:52 +02:00