dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
10,955 Commits 3 Branches 0 Tags 75 MiB
8debc0fd1d
Commit Graph

766 Commits

Author SHA1 Message Date
Christophe Maudoux
e4444c907f Append CheckUser normalized headers option & Improve unit test (#2436) 2021-01-08 18:38:05 +01:00
Christophe Maudoux
c0f71ee0f1 Fix FindUSer with Choice (#1976) 2020-12-27 13:29:10 +01:00
Christophe Maudoux
406fdbc54b Append unit test if Impersonation is missing (#1976) 2020-12-26 15:27:25 +01:00
Christophe Maudoux
f956810e48 Redirect to Portal (#1976) 2020-12-23 22:47:08 +01:00
Christophe Maudoux
bfcdd370df Merge branch 'v2.0' into findUser 2020-12-21 21:11:55 +01:00
Maxime Besson
ed0be42c93 Merge branch 'WIP-plugin-hooks-2359' into 'v2.0' 
Plugin hook system to extend issuers (and maybe more)

See merge request lemonldap-ng/lemonldap-ng!166
 2020-12-21 16:35:03 +01:00
Christophe Maudoux
4d04672c20 WIP: FindUser skeleton (#1976) 2020-12-20 22:54:35 +01:00
Christophe Maudoux
652d8ba9bc Prevent authentication on backend if account is locked (#2243) 2020-12-16 22:49:41 +01:00
Maxime Besson
9ba6938e90 Show a friendlier error message when a module fails init (#2410) 2020-12-07 16:59:48 +01:00
Christophe Maudoux
c2266720f9 Unauthenticated logout request with route & improve unit test (#2342) 2020-12-06 11:21:11 +01:00
Christophe Maudoux
41889e5ee2 Append unit test (#2342) 2020-12-05 20:37:50 +01:00
Christophe Maudoux
b2306cc8ad Unauthenticated logout (#2342) 2020-12-05 19:31:23 +01:00
Maxime Besson
699679a8e0 Documentation for #2359 2020-11-27 14:00:58 +01:00
Maxime Besson
f0dbb28866 Add Hook system for plugins (#2359) 2020-11-27 14:00:58 +01:00
Christophe Maudoux
0a4fabb4e4 Use strict & fix warnings 2020-11-21 19:24:04 +01:00
Maxime Besson
0263865faa Add CORS headers to error pages (#2380) 2020-11-12 14:34:16 +01:00
Christophe Maudoux
231ec50d63 Fix protocol in log 2020-11-10 10:47:14 +01:00
Christophe Maudoux
c742d8320e Set user and oldpassword fields into reset password form & Improve unit tests (#2377) 2020-11-09 13:27:16 +01:00
Xavier Guimard
893385d007 Replace application/javascript by application/json (Fixes #2376) 2020-11-06 17:58:41 +01:00
Maxime Besson
1de41224f8 Avoid memory leaks in $req->steps (#2369) 2020-11-02 23:22:04 +01:00
Christophe Maudoux
7ac2a0da80 Allow to check last logins with stayConnected plugin & improve unit test (#2365) 2020-10-31 22:10:14 +01:00
Christophe Maudoux
b869b59da7 Avoid assignment (#2360) 2020-10-30 12:55:39 +01:00
Christophe Maudoux
90c8c2ba86 Improve messages (#2332) 2020-10-16 23:27:06 +02:00
Christophe Maudoux
cd02b8023e Fix warning (#2332) 2020-10-05 20:45:05 +02:00
Christophe Maudoux
352b97f681 Append option to modify 2FA during context switching (#2338) 2020-10-04 21:18:09 +02:00
Christophe Maudoux
da91097969 Improve fix (#2332) 2020-10-04 19:32:10 +02:00
Christophe Maudoux
a8343ac7be Test authLevel before removing 2F device (#2332) 2020-10-04 19:29:31 +02:00
Christophe Maudoux
b573dbb789 Better fix and improve unit test (#2337) 2020-10-04 11:35:26 +02:00
Christophe Maudoux
cb0fed8e13 Prevent to update SFA if impersonation is in progress (#2337) 2020-10-03 11:58:49 +02:00
Clément OUDOT
6cccea0e46 First version of adaptative authentication level plugin (#2336) 2020-10-02 15:05:15 +02:00
Maxime Besson
f9c7d0bdf7 saml proxy logout: Delay info until we return from idp (#2262) 2020-09-08 17:25:11 +02:00
Christophe Maudoux
059b2b13f1 Merge branch 'v2.0' into 2266 2020-09-07 18:56:37 +02:00
Xavier Guimard
c8df084247 Update versions 2020-09-04 17:59:00 +02:00
Maxime Besson
66c68f6056 Merge branch 'feature-delayed-2fa-2124' into 'v2.0' 
Delay 2FA until required by an application

See merge request lemonldap-ng/lemonldap-ng!147
 2020-09-04 17:40:46 +02:00
Maxime Besson
f9cdb5497a Only clean _url part of pdata when redirecting to issuer (#1878,#2124) 2020-09-04 17:17:04 +02:00
Maxime Besson
eb191be72e Add error message when no sf available during upgrade (#2124) 2020-09-04 17:17:02 +02:00
Maxime Besson
f69babadef Differentiate renew and upgrade in Upgrade plugin (#2124) 2020-09-04 17:16:11 +02:00
Maxime Besson
1cf1990fe2 Add portal code for session upgrade 2020-09-04 17:15:34 +02:00
Maxime Besson
ef6b8587ee Remember target authlevel in handler (#2124) 2020-09-04 17:14:05 +02:00
Clément OUDOT
828ecd7bfb Show password form with change password after reset (#2307) 2020-09-04 16:14:17 +02:00
Christophe Maudoux
01beb5d48b Allow all special chars (#2266) 2020-08-29 22:12:09 +02:00
Christophe Maudoux
e84b29aca4 Display special chars password policy with expired password form (#2289) 2020-08-24 22:43:15 +02:00
Maxime Besson
4497f39efe Factor psession id calculation into Common 2020-08-17 18:43:29 +02:00
Maxime Besson
26cd1945fb Try to compute the correct value of SameSite by default (#2281) 2020-08-17 18:05:09 +02:00
Maxime Besson
7a02fdf8e5 rollback caa346d075 (#2179) 
No longer needed since #2261
 2020-08-12 09:49:14 +02:00
Maxime Besson
9d9e16e3f9 Remove setAuthSessionInfo from refresh process (#2261) 2020-08-12 09:49:14 +02:00
Maxime Besson
9aa3b9b03f Add correct secure flag to pdata cookie (#2272) 2020-08-10 12:10:33 +02:00
Maxime Besson
a96820d6f6 Set secure flag when removing cookie (#2272) 2020-08-10 12:10:33 +02:00
Maxime Besson
5df1850847 Add cache-control headers to sendJSONresponse (#2234) 2020-06-24 15:49:50 +02:00
Maxime Besson
33a5496e55 Fix regression in #2085 (#2224) 
Clearing all hidden form values was a mistake as it breaks SAML when the
redirection URL contains a query string. We should keep existing hidden
fields. In the context of OIDC request, we clear them before redirection
to avoid #2085
 2020-05-29 15:51:51 +02:00