Xavier Guimard
c8df084247
Update versions
2020-09-04 17:59:00 +02:00
Maxime Besson
66c68f6056
Merge branch 'feature-delayed-2fa-2124' into 'v2.0'
...
Delay 2FA until required by an application
See merge request lemonldap-ng/lemonldap-ng!147
2020-09-04 17:40:46 +02:00
Maxime Besson
f9cdb5497a
Only clean _url part of pdata when redirecting to issuer (#1878,#2124)
2020-09-04 17:17:04 +02:00
Maxime Besson
eb191be72e
Add error message when no sf available during upgrade ( #2124 )
2020-09-04 17:17:02 +02:00
Maxime Besson
f69babadef
Differentiate renew and upgrade in Upgrade plugin ( #2124 )
2020-09-04 17:16:11 +02:00
Maxime Besson
1cf1990fe2
Add portal code for session upgrade
2020-09-04 17:15:34 +02:00
Maxime Besson
ef6b8587ee
Remember target authlevel in handler ( #2124 )
2020-09-04 17:14:05 +02:00
Clément OUDOT
828ecd7bfb
Show password form with change password after reset ( #2307 )
2020-09-04 16:14:17 +02:00
Christophe Maudoux
01beb5d48b
Allow all special chars ( #2266 )
2020-08-29 22:12:09 +02:00
Christophe Maudoux
e84b29aca4
Display special chars password policy with expired password form ( #2289 )
2020-08-24 22:43:15 +02:00
Maxime Besson
4497f39efe
Factor psession id calculation into Common
2020-08-17 18:43:29 +02:00
Maxime Besson
26cd1945fb
Try to compute the correct value of SameSite by default ( #2281 )
2020-08-17 18:05:09 +02:00
Maxime Besson
7a02fdf8e5
rollback caa346d075
( #2179 )
...
No longer needed since #2261
2020-08-12 09:49:14 +02:00
Maxime Besson
9d9e16e3f9
Remove setAuthSessionInfo from refresh process ( #2261 )
2020-08-12 09:49:14 +02:00
Maxime Besson
9aa3b9b03f
Add correct secure flag to pdata cookie ( #2272 )
2020-08-10 12:10:33 +02:00
Maxime Besson
a96820d6f6
Set secure flag when removing cookie ( #2272 )
2020-08-10 12:10:33 +02:00
Maxime Besson
5df1850847
Add cache-control headers to sendJSONresponse ( #2234 )
2020-06-24 15:49:50 +02:00
Maxime Besson
33a5496e55
Fix regression in #2085 ( #2224 )
...
Clearing all hidden form values was a mistake as it breaks SAML when the
redirection URL contains a query string. We should keep existing hidden
fields. In the context of OIDC request, we clear them before redirection
to avoid #2085
2020-05-29 15:51:51 +02:00
Christophe Maudoux
bb9e03d1e5
Tidy
2020-05-24 00:04:33 +02:00
Christophe Maudoux
9bf915b5dc
Fix unit tests & Version
2020-05-08 23:03:16 +02:00
Xavier Guimard
6caf88a174
Better warning fix
2020-05-04 16:42:41 +02:00
Xavier Guimard
5d10695a79
Fix warning
2020-05-04 16:40:57 +02:00
Maxime Besson
9464bd2503
Merge branch 'fix-oidc-consent-2fa-2142' into 'v2.0'
...
Fix #2142
See merge request lemonldap-ng/lemonldap-ng!135
2020-05-04 16:00:35 +02:00
Xavier Guimard
317bfcd97d
Clean all issuer when issuerTs expires ( fixes : #2186 )
2020-05-04 15:42:25 +02:00
Christophe Maudoux
7014327232
Append an option to display sfManager link ( #2185 )
2020-04-30 20:50:10 +02:00
Xavier Guimard
d801070a8f
Clean also pdata in Main::Issuer::_redirect() ("1939) and add @maxbes test
2020-04-30 12:56:28 +02:00
Christophe Maudoux
dc672c2d1f
Force FF to submit forms ( #2158 )
2020-04-30 12:43:06 +02:00
Christophe Maudoux
bd28760bd7
Change plugins loading order ( #2180 )
2020-04-29 19:36:18 +02:00
Christophe Maudoux
763eb04b4b
Update tree ( #2178 )
2020-04-27 20:39:02 +02:00
Christophe Maudoux
caa346d075
Restore previous authentication level ( #2179 )
2020-04-27 18:20:23 +02:00
Maxime Besson
7e502af391
Add option to remove "Refresh my rights" from menu
2020-04-27 17:19:41 +02:00
Clément OUDOT
a97041f8cd
Fix test for Issuer timeout ( #1939 )
2020-04-27 14:40:45 +02:00
Xavier Guimard
dff45f5456
Fix tytpe ( #1939 )
2020-04-27 10:31:03 +02:00
Xavier Guimard
c868cb431f
Add pdata timeout for issuers ( #1939 )
2020-04-26 09:31:38 +02:00
Maxime Besson
37f71a43b5
create helper function to display portal error code
2020-04-23 17:49:25 +02:00
Xavier Guimard
0baf014e6b
Revert "Fix part of circular links (related to #1990 )"
...
This reverts commit c9e7f3a1b0
.
2020-04-23 12:00:51 +02:00
Xavier Guimard
24c1a2e90a
Restore default route ( #1990 )
2020-04-22 22:09:15 +02:00
Xavier Guimard
d5da0362fd
Fix #1990
2020-04-22 21:46:59 +02:00
Christophe Maudoux
a74b5acafa
Merge branch 'fix-oidc-info-2085' into 'v2.0'
...
Fix OIDC info before redirect (#2085 )
See merge request lemonldap-ng/lemonldap-ng!134
2020-04-22 18:17:58 +02:00
Christophe Maudoux
df9beb25f2
Merge branch 'fix-2081' into 'v2.0'
...
Fix #2081 by detecting external URL
See merge request lemonldap-ng/lemonldap-ng!138
2020-04-22 17:58:26 +02:00
Xavier Guimard
1f80a0ab8c
Avoid little warning in test
2020-04-22 15:37:19 +02:00
Xavier Guimard
c9e7f3a1b0
Fix part of circular links (related to #1990 )
2020-04-22 14:13:14 +02:00
Maxime Besson
ecbcc0b6b6
Fix #2081 by detecting external URL
2020-04-22 11:25:06 +02:00
Maxime Besson
0983c66139
Portal: add helper method to build a rule from a string
2020-04-22 11:02:59 +02:00
Maxime Besson
b8d72e21b4
fix display of deleted sessions ( #2159 )
2020-04-21 10:18:50 +02:00
Christophe Maudoux
478d205f07
Code refactoring & Tidy ( #2138 )
2020-04-17 20:00:36 +02:00
dcoutadeur dcoutadeur
2c6df4dfc0
Merge branch 'logoutforward' into 'v2.0'
...
fix #2138 logout forward doesn't work anymore
See merge request lemonldap-ng/lemonldap-ng!136
2020-04-17 17:56:48 +02:00
dcoutadeur
c984bb8b4a
fix CAS logoutServices (see #2138 logout forward doesn't work anymore)
2020-04-17 17:36:43 +02:00
dcoutadeur
17e56da82b
cleaner solution for #2138 logout forward doesn't work anymore
2020-04-17 16:26:40 +02:00
dcoutadeur
cd15ac7a67
fix #2138 logout forward doesn't work anymore
2020-04-16 17:27:14 +02:00
Maxime Besson
8c94bf0f13
Allow portal JSON responses to include a rendered HTML error block ( #2110 )
2020-04-15 18:42:31 +02:00
Maxime Besson
e1767abfda
CORS: special handling for AJAX SSL ( #2110 )
2020-04-15 18:42:31 +02:00
Maxime Besson
2440fc7866
use sendJSONresponse instead of handcrafting portal response
2020-04-15 18:42:31 +02:00
Maxime Besson
4bcb391121
Add an easy way to set level of additional second factors ( #2149 )
2020-04-15 17:20:27 +02:00
Maxime Besson
755a5c3a6b
post confirm to issuer url after restoring ( #2142 )
2020-04-14 21:46:30 +02:00
Maxime Besson
b512cc700c
Replace hidden form values on info when urldc has a QS ( #2085 )
2020-04-14 18:48:35 +02:00
Christophe Maudoux
13bb55a818
Append an option to define apps tooltip & Improve unit test ( #2140 )
2020-04-08 22:40:28 +02:00
Christophe Maudoux
202a500c3e
Tidy
2020-04-07 11:47:32 +02:00
Christophe Maudoux
0fb0bd1d07
Code refactoring ( #2129 )
2020-04-07 11:39:32 +02:00
Christophe Maudoux
9e84447d2d
Fix update session ( #2129 )
2020-04-06 23:28:01 +02:00
Christophe Maudoux
e68d5ed2c8
Revert "Fix update session ( #2129 )"
...
This reverts commit 1c65c72a62
.
2020-04-06 19:35:29 +02:00
Christophe Maudoux
1c65c72a62
Fix update session ( #2129 )
2020-04-06 19:24:50 +02:00
Christophe Maudoux
d53cddae39
Better fix & De-duplicate groups ( #2129 )
2020-04-06 19:05:50 +02:00
Clément OUDOT
c87a36e3ca
Do not run setGroups after 2FA ( #2129 )
2020-04-06 18:36:51 +02:00
Christophe Maudoux
37a9360625
Append PPolicyNone message & Unit test & Update manifest
2020-04-05 12:19:05 +02:00
Christophe Maudoux
d6d9d6031d
Append debug log ( #1796 )
2020-04-03 18:56:11 +02:00
Christophe Maudoux
f469180663
Improve unit test ' #2130 )
2020-04-03 00:21:15 +02:00
Christophe Maudoux
6382c35cd4
Update PP display ( #2130 )
2020-04-02 13:30:22 +02:00
Christophe Maudoux
71ba189edc
Append special characters password policy ( #2130 )
2020-04-02 12:14:05 +02:00
Christophe Maudoux
2a34d1ae8c
Update sessionInfo if second factor succeeds & Improve unit tests ( #2129 )
2020-04-01 15:43:46 +02:00
Clément OUDOT
9620e6870a
Possibility to preselect choice tab ( #2115 )
2020-03-11 11:46:14 +01:00
Christophe Maudoux
c9b2eff039
More explicit error message ( #2108 )
2020-03-05 22:14:02 +01:00
Christophe Maudoux
903d3540e4
Show lang flags with redirect template
2020-03-02 14:30:58 +01:00
Christophe Maudoux
a4a73ca907
Don t prompt second factor after a failed log in attempt ( #2088 )
2020-02-27 14:49:27 +01:00
Christophe Maudoux
e89c017ff6
Increase lock time after each failed login attempt ( #2088 )
2020-02-24 22:20:40 +01:00
Christophe Maudoux
18b43cacfc
Avoid unprotected urldc host with wildcard-protected hosts ( #2101 )
2020-02-22 00:13:52 +01:00
Clément OUDOT
53263c7f10
Remove references to keepPdata = 1 in code ( #2099 )
2020-02-21 09:29:10 +01:00
Xavier Guimard
4459a47f76
Tidy
2020-02-20 23:37:05 +01:00
Xavier Guimard
a76cba3856
Update versions
2020-02-20 23:37:01 +01:00
Maxime Besson
47068c51b8
Revert "Prevent portal from crashing when keepPdata=1 ( #1893 )"
...
This reverts commit 2b4defb2a9
and
implements a fix "at the source" instead. Should fix #2099 .
2020-02-20 22:24:26 +01:00
Christophe Maudoux
57b546d112
Fix lmConfigEditor logger error ( #2059 )
2020-02-16 12:58:12 +01:00
Christophe Maudoux
8129d76d63
Improve code
2020-02-13 23:27:13 +01:00
Christophe Maudoux
2f04ffcc4a
WIP - Notifications explorer ( #2071 )
2020-02-09 17:47:25 +01:00
Christophe Maudoux
dd9e849b3e
Don t send params with GET method ( #2081 )
2020-02-07 21:39:58 +01:00
Maxime Besson
68be974e51
Add option to compute userdb groups before macros ( #1877 )
2020-02-05 15:39:45 +01:00
Maxime Besson
f997a26e41
Fix form method when displaying info in autoPost ( #2080 )
2020-01-30 20:43:04 +01:00
Clément OUDOT
faa65c4abf
Options to add a custom CSS file ( #2076 )
2020-01-28 15:14:24 +01:00
Maxime Besson
5149ba8118
Make debug message less confusing when portal status is <0
2020-01-23 20:37:18 +01:00
Christophe Maudoux
8279733fbd
Update Process.pm
...
Typo
2020-01-22 12:39:02 +01:00
Xavier Guimard
f3f97ccb80
Add sameSite parameter ( #2069 )
2020-01-20 06:21:09 +01:00
Christophe Maudoux
0408ce80b8
Better better fix ( #2061 )
2020-01-19 18:06:56 +01:00
Xavier Guimard
0fa90c5efe
Avoid double encode_base64 call ( #2061 )
2020-01-18 22:25:48 +01:00
Christophe Maudoux
32d7f46b1a
Better fix ( #2061 )
2020-01-18 18:58:42 +01:00
Christophe Maudoux
fd2a9ce226
Append info log msg ( #2061 )
2020-01-17 22:27:03 +01:00
Christophe Maudoux
138ef363d4
Force cleaning pdata cookie if redirect url match _url & Improve unit test ( #2061 )
2020-01-17 22:17:02 +01:00
Christophe Maudoux
6f31d98710
Revert "Force cleaning pdata cookie if redirect url match _url & Improve unit test ( #2063 )"
...
This reverts commit 965678dde2
.
2020-01-17 22:16:44 +01:00
Christophe Maudoux
965678dde2
Force cleaning pdata cookie if redirect url match _url & Improve unit test ( #2063 )
2020-01-17 22:10:06 +01:00
Christophe Maudoux
583bbbe285
Append CSP frame-ancestors option & Improve unit test ( #2068 )
2020-01-15 16:09:57 +01:00
Christophe Maudoux
b28a9d148e
Modify log level
2020-01-08 23:06:49 +01:00
Christophe Maudoux
f37c2399b1
Update sessionInfo during auth process with 2FA
2020-01-04 13:36:21 +01:00