2775 Commits

Author	SHA1	Message	Date
Maxime Besson	8f1b30b6d0	Return an error if http session could not be found (#2382)	2020-11-16 18:38:53 +01:00
Maxime Besson	0263865faa	Add CORS headers to error pages (#2380)	2020-11-12 14:34:16 +01:00
Christophe Maudoux	231ec50d63	Fix protocol in log	2020-11-10 10:47:14 +01:00
Christophe Maudoux	91907eba90	Improve & fix AD backend (#2377)	2020-11-09 17:50:15 +01:00
Christophe Maudoux	c742d8320e	Set user and oldpassword fields into reset password form & Improve unit tests (#2377)	2020-11-09 13:27:16 +01:00
Maxime Besson	fa2301ab0e	Force OIDC claim types according to config (#2330)	2020-11-06 19:00:52 +01:00
Xavier Guimard	893385d007	Replace application/javascript by application/json (Fixes #2376)	2020-11-06 17:58:41 +01:00
Clément OUDOT	fa0f043f18	Check internal refresh result (#2375)	2020-11-05 12:26:35 +01:00
Maxime Besson	d63a55d619	Check Kerberos domain against optional whitelist (#2372)	2020-11-05 10:38:47 +01:00
Clément OUDOT	18c1a753ad	Remove space from generated login in register process (#2373)	2020-11-04 21:10:09 +01:00
Christophe Maudoux	31ff8484bb	Tidy	2020-11-04 17:02:07 +01:00
Christophe Maudoux	20f5f467dd	Typos (#2368)	2020-11-04 16:12:04 +01:00
Christophe Maudoux	50f01e2cbe	Remove cookie & code refactoring (#2368)	2020-11-04 13:49:51 +01:00
Maxime Besson	1de41224f8	Avoid memory leaks in $req->steps (#2369)	2020-11-02 23:22:04 +01:00
Clément OUDOT	8c1f5c6d50	Launch adaptative authentication plugin just before storing session values (#2336)	2020-11-02 15:56:19 +01:00
Xavier Guimard	6990a4a0c0	Set "secure" to StayConnected cookie	2020-11-01 08:15:09 +01:00
Christophe Maudoux	0469d36aec	Update version & tidy (#2366)	2020-10-31 23:55:41 +01:00
Christophe Maudoux	d8114e0e16	Submit 2FA with StayConnected plugin (#2366)	2020-10-31 23:20:18 +01:00
Christophe Maudoux	7ac2a0da80	Allow to check last logins with stayConnected plugin & improve unit test (#2365)	2020-10-31 22:10:14 +01:00
Christophe Maudoux	b869b59da7	Avoid assignment (#2360)	2020-10-30 12:55:39 +01:00
Maxime Besson	367f1bc5ad	Add LDAP IO timeout (#2267)	2020-10-27 16:01:39 +01:00
Christophe Maudoux	e704fe24ea	Fix warning if no path given & code refactoring	2020-10-26 19:21:54 +01:00
Christophe Maudoux	90c8c2ba86	Improve messages (#2332)	2020-10-16 23:27:06 +02:00
Christophe Maudoux	da9dc04657	redirect user to 2fregisters after reAuthn process (#2332)	2020-10-14 22:02:57 +02:00
Christophe Maudoux	a86bf488c4	Test if a skip option is enabled (#2352)	2020-10-13 22:30:06 +02:00
Christophe Maudoux	929e00e91a	Display button only if upgradeSession plugin is enabled (#2332)	2020-10-12 22:32:05 +02:00
Christophe Maudoux	f6eb9e5c1a	Improve unit test (#2332)	2020-10-12 22:16:36 +02:00
Christophe Maudoux	605d724453	Improve GUI & unit tests (#2332)	2020-10-12 19:24:52 +02:00
Christophe Maudoux	d76438b1e8	Update langs & error code (#2238)	2020-10-12 15:16:55 +02:00
Christophe Maudoux	9245fc4ee1	Append unit test (#2338)	2020-10-12 14:55:46 +02:00
Christophe Maudoux	01031d8c4f	Code refactoring (#2339)	2020-10-10 19:47:55 +02:00
Maxime Besson	fcb8e6b3c5	Use keepalive for LDAP connections (#2344)	2020-10-09 12:22:28 +02:00
Maxime Besson	5606d0ed6f	Add support for SHA384 and SHA512 (#2322)	2020-10-07 15:31:57 +02:00
Maxime Besson	1234d5294f	Let users override default SAML signature method (#2319)	2020-10-07 15:31:27 +02:00
Christophe Maudoux	cd02b8023e	Fix warning (#2332)	2020-10-05 20:45:05 +02:00
Christophe Maudoux	352b97f681	Append option to modify 2FA during context switching (#2338)	2020-10-04 21:18:09 +02:00
Christophe Maudoux	da91097969	Improve fix (#2332)	2020-10-04 19:32:10 +02:00
Christophe Maudoux	a8343ac7be	Test authLevel before removing 2F device (#2332)	2020-10-04 19:29:31 +02:00
Clément OUDOT	16211e5573	Remove unused sort rule (#2336)	2020-10-04 17:05:16 +02:00
Clément OUDOT	2c9ef41c2c	Use whatToTrace (#2336)	2020-10-04 17:02:55 +02:00
Clément OUDOT	fd5170c945	Use buildRule (#2336)	2020-10-04 16:59:21 +02:00
Christophe Maudoux	b573dbb789	Better fix and improve unit test (#2337)	2020-10-04 11:35:26 +02:00
Christophe Maudoux	452594dbb5	Revert "Avoid to create persistentSession during switching process" ... This reverts commit 5707f40c5a.	2020-10-03 13:05:51 +02:00
Christophe Maudoux	cb0fed8e13	Prevent to update SFA if impersonation is in progress (#2337)	2020-10-03 11:58:49 +02:00
Christophe Maudoux	5707f40c5a	Avoid to create persistentSession during switching process	2020-10-02 21:41:07 +02:00
Christophe Maudoux	055ec69b92	Code cleaning & refactoring	2020-10-02 20:40:41 +02:00
Clément OUDOT	6cccea0e46	First version of adaptative authentication level plugin (#2336)	2020-10-02 15:05:15 +02:00
Christophe Maudoux	4ecce4726b	Remove corrupted sessions (#2334)	2020-09-30 21:39:09 +02:00
Maxime Besson	89ec2b09b1	Improve SMTP error reporting (#2293)	2020-09-16 17:29:49 +02:00
Maxime Besson	1db67d735a	Put mail transport code in Common so the manager can use it (#2293,#2304)	2020-09-16 17:27:00 +02:00
Christophe Maudoux	6d5ff2468b	Typo	2020-09-16 11:17:14 +02:00
Christophe Maudoux	d57c314abe	Code refactoring (#2314)	2020-09-15 22:24:21 +02:00
Christophe Maudoux	1a73f7ab7f	Append rule & fix userData (#2314 & #2315)	2020-09-15 14:13:34 +02:00
Xavier Guimard	5b22310eab	Log IP address in auth combination failures ... Fixes: #2317	2020-09-15 11:22:13 +02:00
Xavier Guimard	e110517942	Fix misspelled parameter in call to ldap->search() (Fixes: #2310)	2020-09-10 08:40:23 +02:00
Maxime Besson	d31a14c303	Avoid accidentally creating an empty session (#2262)	2020-09-09 12:05:09 +02:00
Maxime Besson	277e0872fa	Fix missing session timeouts (#2262)	2020-09-09 12:04:17 +02:00
Maxime Besson	d598513504	Fix warning when resolving cas target authlevel (#2309)	2020-09-09 10:37:00 +02:00
Maxime Besson	f9c7d0bdf7	saml proxy logout: Delay info until we return from idp (#2262)	2020-09-08 17:25:11 +02:00
Maxime Besson	683b5a7861	Resume logout when returning from Auth::SAML IDP (#2262)	2020-09-08 15:47:58 +02:00
Maxime Besson	24297aa942	Redirect to external provider for logout (#2262)	2020-09-08 14:16:49 +02:00
Maxime Besson	8b5ddf6e43	Perform authLogout step during SAML SLO (#2262)	2020-09-08 14:16:49 +02:00
Maxime Besson	3816fac9b6	Allow user to disable sig validation during SOAP SLO (#2262)	2020-09-08 14:16:27 +02:00
Christophe Maudoux	059b2b13f1	Merge branch 'v2.0' into 2266	2020-09-07 18:56:37 +02:00
Clément OUDOT	f835f3d36f	Update version in modules	2020-09-06 19:58:58 +02:00
Maxime Besson	3771ead3db	Make LDAP auth/userdb/pass modules use ldapVerify (#2250)	2020-09-05 12:21:37 +02:00
Xavier Guimard	c8df084247	Update versions	2020-09-04 17:59:00 +02:00
Maxime Besson	66c68f6056	Merge branch 'feature-delayed-2fa-2124' into 'v2.0' ... Delay 2FA until required by an application See merge request lemonldap-ng/lemonldap-ng!147	2020-09-04 17:40:46 +02:00
Maxime Besson	f9cdb5497a	Only clean _url part of pdata when redirecting to issuer (#1878,#2124)	2020-09-04 17:17:04 +02:00
Maxime Besson	b2bfa38d5a	Handle errors when no 2FA is available during upgrade (#2124)	2020-09-04 17:17:04 +02:00
Maxime Besson	eb191be72e	Add error message when no sf available during upgrade (#2124)	2020-09-04 17:17:02 +02:00
Maxime Besson	f69babadef	Differentiate renew and upgrade in Upgrade plugin (#2124)	2020-09-04 17:16:11 +02:00
Maxime Besson	1cf1990fe2	Add portal code for session upgrade	2020-09-04 17:15:34 +02:00
Maxime Besson	bd110e7de6	cas issuer: check auth level and reauth if insufficient (#2124)	2020-09-04 17:15:34 +02:00
Maxime Besson	ce5c19e3f4	saml issuer: check auth level and reauth if insufficient (#2124)	2020-09-04 17:15:34 +02:00
Maxime Besson	7a36489b73	oidc issuer: check auth level and reauth if insufficient (#2124)	2020-09-04 17:15:34 +02:00
Maxime Besson	e811ea3b2d	Skip 2FA if target level is enough (#2124)	2020-09-04 17:15:34 +02:00
Maxime Besson	ef6b8587ee	Remember target authlevel in handler (#2124)	2020-09-04 17:14:05 +02:00
Maxime Besson	8bfa5179cc	Issuers: Store required auth level in pdata (#2124)	2020-09-04 17:14:04 +02:00
Clément OUDOT	e86293e165	Merge branch 'v2.0' of gitlab.ow2.org:lemonldap-ng/lemonldap-ng into v2.0	2020-09-04 16:14:37 +02:00
Clément OUDOT	828ecd7bfb	Show password form with change password after reset (#2307)	2020-09-04 16:14:17 +02:00
Maxime Besson	ffb7c7430d	Fix encoding workaround in recursive group search (#2306)	2020-09-03 15:59:18 +02:00
Christophe Maudoux	05096327c0	Re-order menu & Update langs (#2266)	2020-08-29 22:50:29 +02:00
Christophe Maudoux	01beb5d48b	Allow all special chars (#2266)	2020-08-29 22:12:09 +02:00
Christophe Maudoux	7a9020ff25	Modify type (#2266)	2020-08-29 20:13:11 +02:00
Christophe Maudoux	0a4812203c	Allowed all special chars and rule to disable local password policy (#2266)	2020-08-29 19:08:47 +02:00
Christophe Maudoux	b4222b50f3	Tidy & Update doc	2020-08-28 23:50:57 +02:00
Christophe Maudoux	779fd983e5	Typo (#2302)	2020-08-28 21:56:54 +02:00
Christophe Maudoux	317172c8ac	Fix unit tests (#2276)	2020-08-28 14:44:03 +02:00
Christophe Maudoux	525eab006d	Improve unit test (#2276)	2020-08-28 10:41:40 +02:00
Christophe Maudoux	8b6ab584cf	WIP: Update langs & append conf test (#2276)	2020-08-27 14:38:11 +02:00
Christophe Maudoux	4d52fedfe5	WIP - Incremental tempo	2020-08-25 22:58:47 +02:00
Maxime Besson	c5900ece14	Kerberos: fail with an explicit message on NTLM ticket (#2295)	2020-08-25 20:01:28 +02:00
Clément OUDOT	f158961fa6	Fix bad reference usage on hash	2020-08-25 00:27:06 +02:00
Christophe Maudoux	e84b29aca4	Display special chars password policy with expired password form (#2289)	2020-08-24 22:43:15 +02:00
Maxime Besson	a7b09f8dbb	Auth::SAML: fix warning on empty session index (#2291)	2020-08-24 17:24:55 +02:00
Maxime Besson	5e78464d7f	Resolve nameid session attribute from local macros (#2280)	2020-08-17 22:06:09 +02:00
Maxime Besson	9ac49b881a	Lookup casAppMetaDataOptionsUserAttribute in per-app macros (#2280)	2020-08-17 22:06:09 +02:00
Maxime Besson	52c6edb453	Lookup oidcRPMetaDataOptionsUserIDAttr in per-RP macros (#2280)	2020-08-17 22:06:09 +02:00
Maxime Besson	4497f39efe	Factor psession id calculation into Common	2020-08-17 18:43:29 +02:00