dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
12,142 Commits 3 Branches 0 Tags 75 MiB
a707cc13a5
Commit Graph

620 Commits

Author SHA1 Message Date
Christophe Maudoux
7a9020ff25 Modify type (#2266) 2020-08-29 20:13:11 +02:00
Christophe Maudoux
0a4812203c Allowed all special chars and rule to disable local password policy (#2266) 2020-08-29 19:08:47 +02:00
Christophe Maudoux
4d52fedfe5 WIP - Incremental tempo 2020-08-25 22:58:47 +02:00
Christophe Maudoux
81a5d2552e Make json - Display oidc tab only if not empty 2020-08-25 11:12:48 +02:00
Maxime Besson
26cd1945fb Try to compute the correct value of SameSite by default (#2281) 2020-08-17 18:05:09 +02:00
Maxime Besson
2054799baf Move cache directory to /var/cache (#2254) 
In order to avoid namespace issues, and for better compliance with the
FHS.

Only the default configs are changed.
 2020-08-10 15:15:32 +02:00
Maxime Besson
bef2411132 Allow empty URLs in config values by default (#2253) 2020-07-24 16:54:25 +02:00
Maxime Besson
d1cbb7263f Remove default value of ldapPort 2020-06-23 17:42:00 +02:00
Maxime Besson
0757f0af28 Add manager option for external yubikey ID provisionning (#2189) 2020-05-25 18:57:07 +02:00
Christophe Maudoux
eb65264d5d Append Impersonation unrestrictedUsers rule & Update langs (#2207) 2020-05-19 23:33:07 +02:00
Maxime Besson
db9e862843 Merge branch 'feature-userdb-password-restserver' into v2.0 2020-05-09 20:07:24 +02:00
Christophe Maudoux
9bf915b5dc Fix unit tests & Version 2020-05-08 23:03:16 +02:00
Christophe Maudoux
097ddc4251 Fix OIDC default value 2020-05-08 22:06:25 +02:00
Xavier Guimard
ba86f7e2f5 Accept vhost wildcards in manager 2020-05-06 10:30:23 +02:00
Maxime Besson
c687bb63ec Add manager option for password reset REST endpoint (/#1598) 2020-05-01 13:44:23 +02:00
Maxime Besson
444cacf2de Add option to enable REST auth/userdb server (#1659) 2020-05-01 13:44:00 +02:00
Christophe Maudoux
7014327232 Append an option to display sfManager link (#2185) 2020-04-30 20:50:10 +02:00
Christophe Maudoux
763eb04b4b Update tree (#2178) 2020-04-27 20:39:02 +02:00
Maxime Besson
7e502af391 Add option to remove "Refresh my rights" from menu 2020-04-27 17:19:41 +02:00
Maxime Besson
e607d8281f OIDC: do not advertise missing functionality (#1194) 
Back-Channel logout is not supported yet
 2020-04-24 12:15:51 +02:00
Maxime Besson
00e9e2ec57 Add manager option for additional audiences (#2177) 2020-04-24 11:10:44 +02:00
Maxime Besson
ada6e9f056 Reorganize OIDC options (#2175) 2020-04-24 11:10:44 +02:00
Christophe Maudoux
6018610196 Make checkUser option rules (#2173) 2020-04-24 00:25:10 +02:00
Maxime Besson
64d023b731 Add manager option for password grant (#2155) 2020-04-23 17:49:25 +02:00
Maxime Besson
ded6c74fe0 Allow special characters in scope names (#2168) 2020-04-23 14:50:53 +02:00
Maxime Besson
09ed2197df Config parser: fail if a "select"-type option does not contain a scalar 2020-04-22 11:41:43 +02:00
Maxime Besson
42b650247b Change singleSession options to allow a rule (#2164) 2020-04-22 11:02:59 +02:00
Maxime Besson
51e1d3651e Remove unused singleSessionUserByIP option (#2159) 2020-04-21 10:17:44 +02:00
Clément OUDOT
a5eadc49d3 Add GitHub parameters in Manager (#2154) 2020-04-18 00:08:43 +02:00
Christophe Maudoux
c83f5c203f Make json 2020-04-15 23:25:57 +02:00
Christophe Maudoux
082d12ca5f Append customParam to globalLogout plugin (#2145) 2020-04-11 22:34:29 +02:00
Christophe Maudoux
30f6a889de Append contextSwitching prefix parameter (#1783) 2020-04-03 23:09:55 +02:00
Christophe Maudoux
71ba189edc Append special characters password policy (#2130) 2020-04-02 12:14:05 +02:00
Christophe Maudoux
b924b96176 WIP - Append PP special characters options (#2130) 2020-04-02 01:03:42 +02:00
Christophe Maudoux
a7a2a425a5 Better fix to avoid side effects and Jail warning (#2126 & #1717) 2020-03-28 14:25:42 +01:00
Christophe Maudoux
fd337a2110 Don t save conf if bad expression (#2126) 2020-03-28 01:23:41 +01:00
Christophe Maudoux
09046e8bb9 Allow empty value to disable module with Manager (#2112) 2020-03-14 19:15:49 +01:00
Christophe Maudoux
093b4e6817 Typo 2020-03-03 19:52:42 +01:00
Christophe Maudoux
ea9f019bc8 Append debug logs (#2071) 2020-03-03 17:41:19 +01:00
Christophe Maudoux
8753cc4cf6 Option to hide empty headers with CheckUser (#2106) 2020-02-28 22:24:13 +01:00
Christophe Maudoux
e89c017ff6 Increase lock time after each failed login attempt (#2088) 2020-02-24 22:20:40 +01:00
Christophe Maudoux
53d7923cd4 WIP - Increase lock time after each failed login attempt (#2088) 2020-02-23 23:19:32 +01:00
Xavier Guimard
22c1f7270c Add feature to override SOAP Proxy URN (#2100) 2020-02-20 21:49:55 +01:00
Christophe Maudoux
79bb7f4138 Minor GUI improvements (Highlight active menu) 2020-02-14 23:23:49 +01:00
Christophe Maudoux
15c12346ab Hide persistent session attributes & Improve unit tests (#2093) 2020-02-14 16:21:31 +01:00
Christophe Maudoux
6996c79cab Improve code (#2071) 2020-02-12 22:14:02 +01:00
Christophe Maudoux
0df38323af Typo & improve msg (#2071) 2020-02-10 09:31:43 +01:00
Christophe Maudoux
73a0ec9dc6 Toggle buttons (#2071) 2020-02-09 21:55:52 +01:00
Christophe Maudoux
ef01060c54 Update langs (#2071) 2020-02-09 18:30:08 +01:00
Christophe Maudoux
2f04ffcc4a WIP - Notifications explorer (#2071) 2020-02-09 17:47:25 +01:00
Maxime Besson
68be974e51 Add option to compute userdb groups before macros (#1877) 2020-02-05 15:39:45 +01:00
Maxime Besson
e40568a330 Manager: fix SSLVarIf syntax (#2082) 2020-01-31 17:43:49 +01:00
Clément OUDOT
fc9efb1c11 Set portalCustomCss attribute in Manager (#2076) 2020-01-28 15:24:50 +01:00
Xavier Guimard
03a1c495e6 Change default SameSite value to "None" (#2070) 2020-01-20 13:17:10 +01:00
Xavier Guimard
f3f97ccb80 Add sameSite parameter (#2069) 2020-01-20 06:21:09 +01:00
Christophe Maudoux
4a0b092e7c make json 2020-01-15 22:12:02 +01:00
Christophe Maudoux
583bbbe285 Append CSP frame-ancestors option & Improve unit test (#2068) 2020-01-15 16:09:57 +01:00
Christophe Maudoux
27b0b7fde4 Append Custom backend & Improve unit test (#1605) 2020-01-10 17:48:49 +01:00
Christophe Maudoux
aa7df251b7 Remove useless parameters (#1605) 2020-01-04 22:19:21 +01:00
Christophe Maudoux
2954ea2abc Disable compactConf by default & Update unit tests (#2046) 2019-12-22 13:06:10 +01:00
Clément OUDOT
458d353af8 Merge branch 'v2.0' into dcoutadeur/lemonldap-ng-certificate-reset 2019-12-21 16:19:49 +01:00
Clément OUDOT
983af4dec1 make json (#1605) 2019-12-21 16:13:32 +01:00
Clément OUDOT
9a8789e86a Add new parameters in Manager (#2003) 2019-12-21 12:30:39 +01:00
Clément OUDOT
ace32efe4a Change defaut value for cspFormAction (#2024) 2019-12-20 16:07:52 +01:00
dcoutadeur
a465a5d768 Reset Certificate module for v2.0.7 (#1605) 2019-12-19 19:10:32 +01:00
Maxime Besson
bbef316754 Add manager UI for per-service macros (#2042) 2019-12-16 17:26:35 +01:00
Xavier
5bb6f2fd3b Refresh plugin (#2006) 2019-12-08 17:28:51 +01:00
Clément OUDOT
8f101361bc Custom plugins in Manager (#1590) 2019-12-07 21:30:56 +01:00
Christophe Maudoux
7324172023 Merge branch 'v2.0' into globalLogout 2019-11-20 21:11:34 +01:00
Clément OUDOT
e454905493 Allow any value for managerDn (#1967) 2019-11-20 18:18:51 +01:00
Christophe Maudoux
ef5d0cde48 Merge branch 'v2.0' into globalLogout 2019-11-18 22:15:54 +01:00
Christophe Maudoux
e20555623e Append defaulCondition option (#2012) 2019-11-18 17:34:56 +01:00
Christophe Maudoux
7ef9e132c9 Append GlobalLogout plugin (#1999) 2019-11-13 20:56:56 +01:00
Christophe Maudoux
80a1e4bf57 WIP - Append GlobalLogout plugin (#1999) 2019-11-11 22:33:30 +01:00
Maxime Besson
713737c11f Add an option to return claims in ID token 2019-11-04 18:27:28 +01:00
Maxime Besson
a52c06e698 Add manager tab for Offline sessions (#813) 2019-11-04 10:47:35 +01:00
Maxime Besson
a386a7502a Allow refresh tokens to be emitted for regular sessions (#813) 2019-11-04 10:44:54 +01:00
Maxime Besson
ea2365cc98 Implement OIDC Offline sessions through refresh tokens (#813) 2019-11-04 10:44:54 +01:00
Maxime Besson
4afecb4620 Remove IDP cookie (#1941) 2019-10-17 23:09:03 +02:00
Christophe Maudoux
0ca649f106 Use custom decrypt functions (#1956) 2019-10-13 15:08:32 +02:00
Christophe Maudoux
138cfe6edb Append DecryptValue plugin (#1956) 2019-09-30 22:29:49 +02:00
Christophe Maudoux
a219a51e1c Revert "Make manifest" 
This reverts commit c00110ed01.
 2019-09-30 22:28:55 +02:00
Christophe Maudoux
c00110ed01 Make manifest 2019-09-30 22:26:55 +02:00
Christophe Maudoux
1d0a79ba5d Fix returned values (#1954) 2019-09-27 21:46:18 +02:00
Christophe Maudoux
c34c6e646e Append search parameters & improve unit test (#1938) 2019-09-19 22:51:10 +02:00
Christophe Maudoux
5615d5b2a3 Append display Slave logo option (#1936) 2019-09-14 22:07:44 +02:00
Christophe Maudoux
9784e75ead Check Slave credential headers (#1935) 2019-09-13 22:21:09 +02:00
Christophe Maudoux
c446f194eb Import custom functions into Conf Jail (#1929) 2019-09-13 10:03:28 +02:00
Clément OUDOT
84cea17ced Parameter in Manager (#1928) 2019-09-12 18:42:53 +02:00
Christophe Maudoux
86daaf54f6 Append parameter & update langs (#1925) 2019-09-10 10:15:17 +02:00
Christophe Maudoux
132f42d44c Forbid browsers to store users password & Improve unit tests (#1913) 2019-09-08 19:28:28 +02:00
Maxime Besson
94877793d4 increase clock tolerance during rest secret check (#1923) 2019-09-06 17:45:51 +02:00
Clément OUDOT
a0f9c85913 Define ldapITDS parameter in Manager (#1619) 2019-09-05 17:17:21 +02:00
Clément OUDOT
068ffbe604 Define portalDisplayPasswordPolicy parameter in Manager (#993) 2019-09-05 13:02:51 +02:00
Clément OUDOT
d7262767dc Add local password policy parameters in Manager (#993) 2019-09-05 10:55:08 +02:00
Christophe Maudoux
56ed8a5724 Append issuersTimeout option (#1916) 2019-09-03 22:52:07 +02:00
Christophe Maudoux
873e5084e0 Append "Don t compact conf" option (#1904) 2019-08-31 23:03:17 +02:00
Maxime Besson
d61935ab6e Implement introspection endpoint for access tokens (#1843) 2019-08-29 19:10:51 +02:00
Clément OUDOT
47dc4936ac Replace default LinkedIn scopes (#1890) 2019-08-22 15:08:45 +02:00
Christophe Maudoux
96c5006d9a Fix wrapper (#1885) 2019-08-20 22:36:51 +02:00
Christophe Maudoux
4d583ceb9c Append a custom param to log (#1885) 2019-08-20 22:04:05 +02:00
Christophe Maudoux
b1c637cfca Revert "Append a custom param to be logged (#1885)" 
This reverts commit 1e838f0487
 2019-08-16 15:28:47 +02:00
Christophe Maudoux
1e838f0487 Append a custom param to be logged (#1885) 2019-08-16 15:25:21 +02:00
Xavier
424121af8a Add forceGlobalStorageUpgradeOTT doc (#1884) 2019-08-16 12:58:08 +02:00
Christophe Maudoux
0f4d3c8b04 Fix default values display issue 2019-08-13 23:24:18 +02:00
Christophe Maudoux
1f782ec4c1 Fix viewer display issue 2019-08-13 21:59:30 +02:00
Maxime Besson
2e9f57ab6f Better default behavior for oidcServiceMetaDataIssuer (#1882) 2019-08-13 18:09:59 +02:00
Xavier Guimard
c928189779 Better manager regexps 2019-08-12 15:34:48 +02:00
Christophe Maudoux
fdee58a120 Better fix (#1880) 2019-08-09 09:24:32 +02:00
Maxime Besson
13937b948f Fix RSA private key regexp 
Previously it accepted BEGIN PRIVATE KEY but not END PRIVATE KEY
 2019-08-06 15:46:24 +02:00
Maxime Besson
15c3b0bbf8 Add Radius second factor (#1847) 2019-08-02 18:03:10 +02:00
Maxime Besson
c1afdbefac Add labels and logos to all 2F providers (#1873) 2019-08-01 17:27:14 +02:00
Christophe Maudoux
b1399fb583 perltidy 2019-07-31 23:08:49 +02:00
Christophe Maudoux
96ae65e800 Re-order 2FA (#1860) 2019-07-31 16:31:04 +02:00
Christophe Maudoux
ecb3204d38 Append conf parameters (#1851) 2019-07-25 11:59:00 +02:00
Maxime Besson
d82f776df8 Allow multi instanciation of 2F modules (#1860) 
This commit adds a manager interface to declare multiple instances of a
single 2F module, in a manner similar to Combination.

An additional portal code reads the `sfExtra` variable to load the
declared modules.

An empty rules means the module will be always active.
 2019-07-22 19:30:37 +02:00
Xavier Guimard
966eef33ee Fix df96168c error: _example/conf/lmConf-1.json is auto-generated (#1850) 2019-07-10 17:15:40 +02:00
Christophe Maudoux
36c806fa61 make json 2019-07-07 22:30:24 +02:00
Christophe Maudoux
2aee0467b0 Hide _session_id with CheckUser (#1658) 2019-07-06 22:55:31 +02:00
Christophe Maudoux
2016abd2ee Send pdata cookie to cross domain (#1829) 2019-07-04 21:49:28 +02:00
Xavier Guimard
c1137edba8 make tidy with perltidy-20181120 2019-07-02 20:03:40 +02:00
Christophe Maudoux
b94cbe0144 Fix default value (#1825) 2019-07-01 13:28:01 +02:00
Christophe Maudoux
a1f5791e06 Merge branch '1783' into v2.0 2019-06-30 19:00:41 +02:00
Christophe Maudoux
11d2909b0a WIP - Disable persistent sessions storage (#1825) 2019-06-29 21:10:16 +02:00
Christophe Maudoux
8ad895c3b8 Merge branch 'v2.0' into 1783 2019-06-27 21:11:56 +02:00
Xavier Guimard
e23611b73b Avoid failure with future Perl (warnings reserved) 2019-06-27 17:41:24 +02:00
Xavier Guimard
4b48f95507 Move missing deps in the good place (#1824) 2019-06-27 17:08:21 +02:00
Christophe Maudoux
8f834f5bb8 Append use directive (#1824) 2019-06-27 13:27:05 +02:00
Christophe Maudoux
831a988516 Append conf test (#1783) 2019-06-23 22:55:10 +02:00
Christophe Maudoux
b69ffc0ff8 WIP - ContextSwitching (#1783) 2019-06-21 15:23:06 +02:00
Christophe Maudoux
a2ebaf31b1 WIP - AdminImpersonation skeleton (#1783) 2019-06-19 18:13:17 +02:00
Christophe Maudoux
9fa11709e6 Append options to use Notifications plugin & set notification reference (#1796) 2019-06-17 22:31:44 +02:00
Christophe Maudoux
c3b3c281ad Hide _2fDevices with REST services 2019-06-16 20:33:34 +02:00
Christophe Maudoux
d6f3dd459a Display message (#1796) 2019-06-16 16:02:48 +02:00
Christophe Maudoux
f514da3c3a Hide _2fDevices with REST services 2019-06-15 22:38:21 +02:00
Christophe Maudoux
fde6ff2cc8 WIP (#1796) 2019-06-14 23:09:32 +02:00
Xavier Guimard
e7bc7b3f4e Add restExportSecretKeys option (#1799) 2019-06-14 08:51:58 +02:00
Xavier
a1ea32981c Optimize perlExpr handling (#1717) 2019-06-10 08:56:56 +02:00
Christophe Maudoux
b71f678f80 Filter SSO groups to merge (#1791) 2019-06-08 22:08:58 +02:00
Christophe Maudoux
e3c2766809 Test 2F TTL (#1782) 2019-06-07 19:51:51 +02:00
Christophe Maudoux
3015faef0e Share functions with Safe (#1717) 2019-06-07 11:26:07 +02:00
Christophe Maudoux
132e57b4b3 Manage CORS headers (#1765) 2019-05-31 17:00:39 +02:00
Christophe Maudoux
455221781f Modify ServiceToken TTL option (#1773) 2019-05-27 23:07:18 +02:00
Christophe Maudoux
535ae3f7be Append ServiceToken TTL option (#1773) 2019-05-26 21:43:13 +02:00
Christophe Maudoux
74b9960afb Build conf (#1773) 2019-05-26 18:32:38 +02:00
Clément OUDOT
d388461909 Add PKCE option in Manager (#1722) 2019-04-29 17:35:23 +02:00
Clément OUDOT
8e6f678be7 Create a configuration option to allow a Relying Party to be a public client 
Allow unauthenticated requests on OAuth2 token endoint

#1725
 2019-04-29 10:02:16 +02:00
Maxime Besson
2f9e6aa623 Allow override of username attribute for CAS apps 
Global CAS options allows the admistrator to set the session attribute
that gets exported to all CAS application as the main identifier
(cas:user)

This commit adds the ability to override this configuration for a
particular CAS application.

OIDC already allows this

Fixes #1713
 2019-04-28 21:06:34 +02:00
Clément OUDOT
06a7c97fd8 Add OAuth2 vhostType (#1146) 2019-04-22 19:10:50 +02:00
Christophe Maudoux
3491adbd3d Upgrade default authentication level (#1699) 2019-04-21 21:30:38 +02:00