Christophe Maudoux
de1be30176
Fix other Backend ( #1976 )
2021-01-02 19:21:16 +01:00
Christophe Maudoux
597455dfcf
FindUser with LDAP & AD & Append unit test ( #1976 )
2020-12-27 23:37:40 +01:00
Christophe Maudoux
072f68004a
Improve debug log & unit tests ( #1976 )
2020-12-27 18:03:08 +01:00
Christophe Maudoux
0b750fb6cc
Append Choice unit tests ( #1976 )
2020-12-27 14:24:15 +01:00
Christophe Maudoux
c0f71ee0f1
Fix FindUSer with Choice ( #1976 )
2020-12-27 13:29:10 +01:00
Christophe Maudoux
510a1dc1c2
WIP: UserDB findUser ( #1976 )
2020-12-22 17:02:51 +01:00
Christophe Maudoux
bfcdd370df
Merge branch 'v2.0' into findUser
2020-12-21 21:11:55 +01:00
Maxime Besson
ed0be42c93
Merge branch 'WIP-plugin-hooks-2359' into 'v2.0'
...
Plugin hook system to extend issuers (and maybe more)
See merge request lemonldap-ng/lemonldap-ng!166
2020-12-21 16:35:03 +01:00
Christophe Maudoux
4d04672c20
WIP: FindUser skeleton ( #1976 )
2020-12-20 22:54:35 +01:00
Clément OUDOT
8211850be7
Better userLogger messages for password change ( #2393 )
2020-11-29 18:02:13 +01:00
Maxime Besson
f49c1adf17
add oidcGenerateIDToken hook ( #2359 )
2020-11-27 14:00:58 +01:00
Maxime Besson
daef0cf776
add oidcGenerateUserInfoResponse hook ( #2359 )
2020-11-27 14:00:58 +01:00
Christophe Maudoux
dfc68f9f98
Use Mouse instead of Exporter
2020-11-16 21:54:54 +01:00
Christophe Maudoux
c742d8320e
Set user and oldpassword fields into reset password form & Improve unit tests ( #2377 )
2020-11-09 13:27:16 +01:00
Maxime Besson
fa2301ab0e
Force OIDC claim types according to config ( #2330 )
2020-11-06 19:00:52 +01:00
Maxime Besson
367f1bc5ad
Add LDAP IO timeout ( #2267 )
2020-10-27 16:01:39 +01:00
Maxime Besson
fcb8e6b3c5
Use keepalive for LDAP connections ( #2344 )
2020-10-09 12:22:28 +02:00
Maxime Besson
5606d0ed6f
Add support for SHA384 and SHA512 ( #2322 )
2020-10-07 15:31:57 +02:00
Maxime Besson
1234d5294f
Let users override default SAML signature method ( #2319 )
2020-10-07 15:31:27 +02:00
Christophe Maudoux
055ec69b92
Code cleaning & refactoring
2020-10-02 20:40:41 +02:00
Maxime Besson
89ec2b09b1
Improve SMTP error reporting ( #2293 )
2020-09-16 17:29:49 +02:00
Maxime Besson
1db67d735a
Put mail transport code in Common so the manager can use it (#2293,#2304)
2020-09-16 17:27:00 +02:00
Xavier Guimard
e110517942
Fix misspelled parameter in call to ldap->search() ( Fixes : #2310 )
2020-09-10 08:40:23 +02:00
Maxime Besson
d31a14c303
Avoid accidentally creating an empty session ( #2262 )
2020-09-09 12:05:09 +02:00
Maxime Besson
683b5a7861
Resume logout when returning from Auth::SAML IDP ( #2262 )
2020-09-08 15:47:58 +02:00
Maxime Besson
3771ead3db
Make LDAP auth/userdb/pass modules use ldapVerify ( #2250 )
2020-09-05 12:21:37 +02:00
Xavier Guimard
c8df084247
Update versions
2020-09-04 17:59:00 +02:00
Maxime Besson
ffb7c7430d
Fix encoding workaround in recursive group search ( #2306 )
2020-09-03 15:59:18 +02:00
Christophe Maudoux
779fd983e5
Typo ( #2302 )
2020-08-28 21:56:54 +02:00
Maxime Besson
52c6edb453
Lookup oidcRPMetaDataOptionsUserIDAttr in per-RP macros ( #2280 )
2020-08-17 22:06:09 +02:00
Maxime Besson
b2a2575896
Fix incorrect SOAP content type in SAML issuer ( #2263 )
2020-08-10 15:06:00 +02:00
Maxime Besson
a96820d6f6
Set secure flag when removing cookie ( #2272 )
2020-08-10 12:10:33 +02:00
dcoutadeur
0045daa592
fix increase log level for mail sending and password reset ( #2265 )
2020-07-28 15:04:55 +02:00
Clément OUDOT
d1418952eb
Convert mutli-valued attributes into arrays for OIDC UserInfo ( #2256 )
2020-07-16 20:19:41 +02:00
Clément OUDOT
c5db3bc8bd
Add country to address claim ( #2257 )
2020-07-16 19:58:53 +02:00
Baptiste Pecatte
5fbf7ae533
Remove useless variable
2020-07-05 13:11:28 +02:00
Baptiste Pecatte
2816bed66e
Add host to logs for use with fail2ban
2020-07-05 13:11:28 +02:00
Christophe Maudoux
bb9e03d1e5
Tidy
2020-05-24 00:04:33 +02:00
Christophe Maudoux
a7a0f25321
Update function signature and params list
2020-04-28 18:24:55 +02:00
Christophe Maudoux
591f953d5e
Merge branch 'v2.0' into 2178-new
2020-04-28 18:20:49 +02:00
Clément OUDOT
9cd079e8fe
Manage multi valued attributes in CAS authentication module ( #2118 )
2020-04-28 12:44:16 +02:00
Christophe Maudoux
a52c8f53b0
Use rule ( #2178 )
2020-04-27 22:12:12 +02:00
Maxime Besson
a3821fc560
Implement additional audiences in ID token ( #2177 )
2020-04-24 11:10:44 +02:00
Maxime Besson
a217590869
Tidy OIDC
2020-04-22 21:25:56 +02:00
Xavier Guimard
faadd4fc52
DBI: verify parameters during init ( Fixes : #2161 )
2020-04-21 07:55:07 +02:00
Maxime Besson
55f3ca0e77
Improve error reporting for SAML replay protection
2020-04-18 19:54:02 +02:00
Maxime Besson
e9bab71585
Make sure restCall returns a hashref ( #2125 )
2020-03-26 11:31:33 +01:00
Maxime Besson
168dc75f96
OIDC: return id_token in hybrid flow ( #2120 )
2020-03-18 21:05:39 +01:00
Clément OUDOT
4c36c77452
Set default value for encryption_mode ( #2117 )
2020-03-12 17:00:50 +01:00
Clément OUDOT
921cf16fcf
Format parameters for trspan ( #2113 )
2020-03-10 11:28:04 +01:00
Clément OUDOT
7c947ab976
Use the correct message for ppolicy time before expiration ( #2113 )
2020-03-10 11:16:43 +01:00
Clément OUDOT
f830fc4d8a
Add some debug logs for ppolicy ( #2113 )
2020-03-10 10:50:02 +01:00
Christophe Maudoux
824acec27f
Improve log ( #2071 )
2020-03-03 22:25:30 +01:00
Xavier Guimard
4459a47f76
Tidy
2020-02-20 23:37:05 +01:00
Xavier Guimard
a76cba3856
Update versions
2020-02-20 23:37:01 +01:00
Xavier Guimard
22c1f7270c
Add feature to override SOAP Proxy URN ( #2100 )
2020-02-20 21:49:55 +01:00
Christophe Maudoux
a0ef149b5f
Fix userData ( #2071 )
2020-02-12 22:50:08 +01:00
Christophe Maudoux
99c539fe53
Use a var & Update version ( #2071 )
2020-02-10 22:35:37 +01:00
Christophe Maudoux
2f04ffcc4a
WIP - Notifications explorer ( #2071 )
2020-02-09 17:47:25 +01:00
Maxime Besson
3b48746948
SAML: Hide error in storeEnv ( #2084 )
2020-02-03 17:08:18 +01:00
Maxime Besson
e52f6d3ba7
Increase visibility of Lasso errors ( #2084 )
2020-02-03 17:08:18 +01:00
Clément OUDOT
681452524d
Associate SAML access rule to SP conf key and not SP entityID ( #2074 )
2020-01-24 09:01:56 +01:00
Christophe Maudoux
39f93b0eb0
Retrieve all notifications & Improve unit test ( #2012 )
2019-12-19 20:52:34 +01:00
Clément OUDOT
ae0d455e7f
Use base64 URL to decode JWT ( #2045 )
2019-12-19 17:31:02 +01:00
Maxime Besson
a410793122
CAS per-service macros portal code ( #2042 )
2019-12-16 17:26:35 +01:00
Maxime Besson
2a15bb0523
SAML per-service macros portal code ( #2042 )
2019-12-16 17:26:34 +01:00
Maxime Besson
32ecf37be4
OIDC per-service macros portal code ( #2042 )
2019-12-16 17:26:34 +01:00
Christophe Maudoux
6f2e5c1811
Typo
2019-11-25 22:48:12 +01:00
Christophe Maudoux
a54a8228b4
Check only active notifications & Improve unit test - XML format ( #2012 )
2019-11-25 11:55:19 +01:00
Christophe Maudoux
80f19e4e71
Check only active notifications & Improve unit test - JSON format ( #2012 )
2019-11-25 11:51:08 +01:00
Christophe Maudoux
60ef07bcd6
Check notifications date ( #2012 )
2019-11-22 21:08:28 +01:00
Maxime Besson
e130c6160b
Validate LDAP connections in getUser ( #2018 )
2019-11-20 20:57:33 +01:00
Christophe Maudoux
e20555623e
Append defaulCondition option ( #2012 )
2019-11-18 17:34:56 +01:00
Christophe Maudoux
ea3337574c
Append conf manager test ( #2012 )
2019-11-17 22:36:52 +01:00
Christophe Maudoux
d935753eaf
Append to JSON format condition check & improve unit test ( #2012 )
2019-11-17 22:25:06 +01:00
Christophe Maudoux
c548a4d03e
Typo
2019-11-17 22:23:12 +01:00
Christophe Maudoux
632f731774
Allow non array ref with single checkbox and split notification body ( #2012 )
2019-11-15 21:03:18 +01:00
Maxime Besson
57b28940fa
Do not show password change prompt when AD password is incorrect ( #2007 )
2019-11-15 11:59:03 +01:00
Maxime Besson
2639c482b1
Fix cookie removal on SAML logout ( #2001 )
...
Since the fixes for #1863 , calling p->do consumes the response headers
set by any previous code. So we must only call do() in a return statement.
2019-11-06 18:44:10 +01:00
Maxime Besson
7bdd33eb46
Fix token ID format ( #1998 )
2019-11-06 11:45:47 +01:00
Maxime Besson
713737c11f
Add an option to return claims in ID token
2019-11-04 18:27:28 +01:00
Maxime Besson
b34a229eda
Add doc for buildUserInfoResponseFromId
2019-11-04 10:47:35 +01:00
Maxime Besson
a386a7502a
Allow refresh tokens to be emitted for regular sessions ( #813 )
2019-11-04 10:44:54 +01:00
Maxime Besson
ea2365cc98
Implement OIDC Offline sessions through refresh tokens ( #813 )
2019-11-04 10:44:54 +01:00
Maxime Besson
474bb48aa1
Make Password::LDAP/AD check connection before use ( #1909 )
...
Also remove a mostly redundant wrapper method in Auth::LDAP
2019-10-01 19:17:31 +02:00
Maxime Besson
fa49e77495
Better logs in case of a LDAP error
2019-10-01 15:14:51 +02:00
Maxime Besson
5d5ac66a6e
Add Date: field to emails ( #1953 )
...
This adds a dependancy to Email::Date::Format, but it's already a
dependancy of Email::Sender::Simple (and probably more), so in practice
no new packages are going to be installed
2019-09-26 12:32:58 +02:00
Christophe Maudoux
146aca7c82
Remove trailing whitespaces
2019-09-16 20:30:35 +02:00
Christophe Maudoux
fcf05c5602
Avoid warning
2019-09-16 17:22:35 +02:00
Christophe Maudoux
9784e75ead
Check Slave credential headers ( #1935 )
2019-09-13 22:21:09 +02:00
Xavier
e50e7d09d1
Update version of (really) modified files
2019-09-12 21:56:49 +02:00
Clément OUDOT
e54355ff9f
Use conf as HASH key ( #1619 )
2019-09-05 17:16:55 +02:00
Clément OUDOT
5b7bb4b9cd
Check error message from ITDS ( #1619 )
2019-09-05 17:14:44 +02:00
Maxime Besson
ff3d4e218c
doc: suggest a better fix for #1864
...
We can't do it yet because the issue isn't fixed in versions of Lasso
found in the wild. But someday it will be.
2019-09-03 18:13:13 +02:00
Maxime Besson
d61935ab6e
Implement introspection endpoint for access tokens ( #1843 )
2019-08-29 19:10:51 +02:00
Maxime Besson
fd7453b7a5
Refactor endpoint auth
2019-08-29 18:57:26 +02:00
Xavier Guimard
1660109e2f
Security: use 3-form for open
2019-08-28 11:32:54 +02:00
Maxime Besson
810d2c7f94
Disable template cache to avoid translation issues in mail ( #1897 )
2019-08-27 23:13:36 +02:00
Maxime Besson
a04a376777
Make regular template variables available in mails
...
SKIN, PORTAL_URL, env_*, session_* are now available in email templates
Preliminary work for #1861
2019-08-27 23:13:36 +02:00
Xavier Guimard
323d92fa1b
Don't load Data::Dumper unless debug
2019-08-27 10:10:11 +02:00