dcoutadeur
0045daa592
fix increase log level for mail sending and password reset ( #2265 )
2020-07-28 15:04:55 +02:00
Clément OUDOT
d1418952eb
Convert mutli-valued attributes into arrays for OIDC UserInfo ( #2256 )
2020-07-16 20:19:41 +02:00
Clément OUDOT
c5db3bc8bd
Add country to address claim ( #2257 )
2020-07-16 19:58:53 +02:00
Baptiste Pecatte
5fbf7ae533
Remove useless variable
2020-07-05 13:11:28 +02:00
Baptiste Pecatte
2816bed66e
Add host to logs for use with fail2ban
2020-07-05 13:11:28 +02:00
Maxime Besson
5df1850847
Add cache-control headers to sendJSONresponse ( #2234 )
2020-06-24 15:49:50 +02:00
Clément OUDOT
e544ee7778
Adapt user log in SAML issuer ( #2244 )
2020-06-18 18:40:13 +02:00
Clément OUDOT
5d5eda9799
Adapt user log in CAS issuer ( #2244 )
2020-06-18 18:39:53 +02:00
Clément OUDOT
0b3908e6dc
Add user log in GET issuer ( #2244 )
2020-06-18 18:01:33 +02:00
Clément OUDOT
2da914cc90
Publish support for refresh_token grant_type ( #2242 )
2020-06-18 09:43:56 +02:00
Clément OUDOT
7d327f0e2e
Do not remove mail token before form has been submitted ( #2239 )
2020-06-17 16:29:31 +02:00
Christophe Maudoux
b86c3431c2
Append setSession info step ( #2172 )
2020-06-07 13:25:07 +02:00
Christophe Maudoux
b04b2076de
Preserve real_hGroups ( #2229 )
2020-06-06 23:27:37 +02:00
Maxime Besson
568c28d707
Fix REST clock tolerance ( #2225 )
...
plus a bit of refactoring
2020-06-03 10:47:37 +02:00
Maxime Besson
33a5496e55
Fix regression in #2085 ( #2224 )
...
Clearing all hidden form values was a mistake as it breaks SAML when the
redirection URL contains a query string. We should keep existing hidden
fields. In the context of OIDC request, we clear them before redirection
to avoid #2085
2020-05-29 15:51:51 +02:00
Maxime Besson
e9c05a63b2
Yubikey: use userdb-provisionned session field ( #2189 )
2020-05-25 18:57:07 +02:00
Christophe Maudoux
bb9e03d1e5
Tidy
2020-05-24 00:04:33 +02:00
Christophe Maudoux
53e16eca8c
Append unit tests ( #2207 )
2020-05-23 23:02:37 +02:00
Clément OUDOT
39d7344f75
Add userLogger message in Demo backend ( #2216 )
2020-05-22 14:52:58 +02:00
Clément OUDOT
4b5670a723
Fetch Public keys and GPG keys from GitHub ( #2203 )
2020-05-21 22:55:42 +02:00
Christophe Maudoux
1113fab014
Append ContextSwitching unrestrictedUsers rule ( #2207 )
2020-05-20 21:53:13 +02:00
Christophe Maudoux
312445d543
Append checkUser unrestrictedUsers rule & Fix idRule ( #2207 & #2215 )
2020-05-20 21:23:31 +02:00
Christophe Maudoux
eb65264d5d
Append Impersonation unrestrictedUsers rule & Update langs ( #2207 )
2020-05-19 23:33:07 +02:00
Maxime Besson
9d7e5c61cc
handle empty string value for yubikey parameters ( #2211 )
2020-05-18 12:34:34 +02:00
Christophe Maudoux
2ecd0b18a8
Skip bad GrantSession rules & Improve unit test ( #2201 )
2020-05-10 14:26:08 +02:00
Maxime Besson
db9e862843
Merge branch 'feature-userdb-password-restserver' into v2.0
2020-05-09 20:07:24 +02:00
Christophe Maudoux
9bf915b5dc
Fix unit tests & Version
2020-05-08 23:03:16 +02:00
Clément OUDOT
7efaf9d5cd
User not always known in try subroutine ( #2165 )
2020-05-04 22:20:17 +02:00
Clément OUDOT
0bf1bfb7dd
Do not stop logout process on error in Combination ( #2165 )
2020-05-04 21:53:14 +02:00
Clément OUDOT
7ed251ce3f
Better log messages ( #2165 )
2020-05-04 21:48:06 +02:00
Xavier Guimard
6caf88a174
Better warning fix
2020-05-04 16:42:41 +02:00
Xavier Guimard
5d10695a79
Fix warning
2020-05-04 16:40:57 +02:00
Xavier Guimard
0f4ed9ecbe
Add a test in combination to catch error when combination rule is unstable ( #2165 )
2020-05-04 16:37:15 +02:00
Maxime Besson
9464bd2503
Merge branch 'fix-oidc-consent-2fa-2142' into 'v2.0'
...
Fix #2142
See merge request lemonldap-ng/lemonldap-ng!135
2020-05-04 16:00:35 +02:00
Xavier Guimard
317bfcd97d
Clean all issuer when issuerTs expires ( fixes : #2186 )
2020-05-04 15:42:25 +02:00
Xavier Guimard
52938222a5
Fix combination logout if condition changed ( Fixes : #2165 )
2020-05-04 15:29:16 +02:00
Christophe Maudoux
46bb6fea4f
Return PE_SESSIONEXPIRED instead of 400 bad request ( #2184 )
2020-05-01 19:52:32 +02:00
Maxime Besson
dfc4411eae
Add UserDB methods to REST server ( #1659 )
2020-05-01 13:44:23 +02:00
Maxime Besson
b5d461da47
Add password methods to REST server ( #1598 )
2020-05-01 13:44:23 +02:00
Maxime Besson
6adb0e17b3
Use req->data instead of req->userData to retrieve LDAP dn ( #1598 )
2020-05-01 13:44:23 +02:00
Maxime Besson
0c77c0b46d
Add missing SetSecurity in UserDB::REST ( #1659 )
2020-05-01 13:43:12 +02:00
Maxime Besson
172993fcd6
Add useMail to UserDB::REST ( #1659 )
2020-05-01 13:43:12 +02:00
Maxime Besson
29d44121d7
Add useMail to Password::REST ( #1598 )
2020-05-01 13:43:12 +02:00
Christophe Maudoux
7014327232
Append an option to display sfManager link ( #2185 )
2020-04-30 20:50:10 +02:00
Clément OUDOT
ac9769ff69
Prepare release 2.0.8
2020-04-30 19:59:37 +02:00
Xavier Guimard
d801070a8f
Clean also pdata in Main::Issuer::_redirect() ("1939) and add @maxbes test
2020-04-30 12:56:28 +02:00
Christophe Maudoux
dc672c2d1f
Force FF to submit forms ( #2158 )
2020-04-30 12:43:06 +02:00
Christophe Maudoux
bd28760bd7
Change plugins loading order ( #2180 )
2020-04-29 19:36:18 +02:00
Maxime Besson
8eb9120af7
RESTServer: Clarify error message when time skew is too great
...
deab21e091
did only half the job
2020-04-29 18:41:11 +02:00
Christophe Maudoux
a7a0f25321
Update function signature and params list
2020-04-28 18:24:55 +02:00
Christophe Maudoux
591f953d5e
Merge branch 'v2.0' into 2178-new
2020-04-28 18:20:49 +02:00
Clément OUDOT
9cd079e8fe
Manage multi valued attributes in CAS authentication module ( #2118 )
2020-04-28 12:44:16 +02:00
Christophe Maudoux
a52c8f53b0
Use rule ( #2178 )
2020-04-27 22:12:12 +02:00
Christophe Maudoux
763eb04b4b
Update tree ( #2178 )
2020-04-27 20:39:02 +02:00
Christophe Maudoux
caa346d075
Restore previous authentication level ( #2179 )
2020-04-27 18:20:23 +02:00
Maxime Besson
c1fb1a1b66
Mitigate #1980 by displaying an error to the user
2020-04-27 17:40:34 +02:00
Maxime Besson
7e502af391
Add option to remove "Refresh my rights" from menu
2020-04-27 17:19:41 +02:00
Clément OUDOT
a97041f8cd
Fix test for Issuer timeout ( #1939 )
2020-04-27 14:40:45 +02:00
Xavier Guimard
dff45f5456
Fix tytpe ( #1939 )
2020-04-27 10:31:03 +02:00
Christophe Maudoux
ac06832c1e
Partial revert
2020-04-26 12:13:13 +02:00
Christophe Maudoux
81185fef82
Improve code
2020-04-26 11:25:12 +02:00
Xavier Guimard
c868cb431f
Add pdata timeout for issuers ( #1939 )
2020-04-26 09:31:38 +02:00
Christophe Maudoux
fd19547c1c
Tidy
2020-04-25 14:51:11 +02:00
Christophe Maudoux
a3c11a662a
Code refactoring ( #1664 )
2020-04-25 14:47:10 +02:00
Christophe Maudoux
5dffb9de78
Code refactoring ( #1999 )
2020-04-25 14:42:02 +02:00
Christophe Maudoux
23d721c7c5
Code refactoring ( #1956 )
2020-04-25 14:41:33 +02:00
Christophe Maudoux
522b2bd860
Code refactoring ( #1783 )
2020-04-25 14:41:23 +02:00
Christophe Maudoux
4fefa02028
Code refactoring ( #1658 )
2020-04-25 14:39:40 +02:00
Christophe Maudoux
9d6197232f
Improve code ( #2163 )
2020-04-25 11:44:27 +02:00
Christophe Maudoux
c61ae6be59
Tidy ( #2163 )
2020-04-25 01:02:25 +02:00
Christophe Maudoux
36fbc98bed
Fix error return ( #1999 )
2020-04-25 01:01:57 +02:00
Christophe Maudoux
d387c0f355
Display otherSessions & remove Link ( #2163 )
2020-04-25 00:43:56 +02:00
Maxime Besson
e607d8281f
OIDC: do not advertise missing functionality ( #1194 )
...
Back-Channel logout is not supported yet
2020-04-24 12:15:51 +02:00
Clément OUDOT
138ee4284f
Disable cache when registering a new OIDC client ( #2058 )
2020-04-24 11:52:04 +02:00
Maxime Besson
a3821fc560
Implement additional audiences in ID token ( #2177 )
2020-04-24 11:10:44 +02:00
Christophe Maudoux
6018610196
Make checkUser option rules ( #2173 )
2020-04-24 00:25:10 +02:00
Maxime Besson
6ccf078432
Implement Resource Owner Password Credentials grant ( #2155 )
2020-04-23 17:49:25 +02:00
Maxime Besson
37f71a43b5
create helper function to display portal error code
2020-04-23 17:49:25 +02:00
Maxime Besson
ded6c74fe0
Allow special characters in scope names ( #2168 )
2020-04-23 14:50:53 +02:00
Christophe Maudoux
d11442ed26
Append setSessionInfo step ( #2172 )
2020-04-23 14:16:46 +02:00
Xavier Guimard
0baf014e6b
Revert "Fix part of circular links (related to #1990 )"
...
This reverts commit c9e7f3a1b0
.
2020-04-23 12:00:51 +02:00
Maxime Besson
31f05b9e2d
Make Introspection endpoint look for offline sessions ( #2171 )
2020-04-23 10:29:08 +02:00
Xavier Guimard
24c1a2e90a
Restore default route ( #1990 )
2020-04-22 22:09:15 +02:00
Xavier Guimard
d5da0362fd
Fix #1990
2020-04-22 21:46:59 +02:00
Maxime Besson
626715a580
Prevent duplicate consents in psession ( #2169 )
2020-04-22 21:26:38 +02:00
Maxime Besson
a217590869
Tidy OIDC
2020-04-22 21:25:56 +02:00
Christophe Maudoux
a74b5acafa
Merge branch 'fix-oidc-info-2085' into 'v2.0'
...
Fix OIDC info before redirect (#2085 )
See merge request lemonldap-ng/lemonldap-ng!134
2020-04-22 18:17:58 +02:00
Christophe Maudoux
df9beb25f2
Merge branch 'fix-2081' into 'v2.0'
...
Fix #2081 by detecting external URL
See merge request lemonldap-ng/lemonldap-ng!138
2020-04-22 17:58:26 +02:00
Xavier Guimard
1f80a0ab8c
Avoid little warning in test
2020-04-22 15:37:19 +02:00
Xavier Guimard
c9e7f3a1b0
Fix part of circular links (related to #1990 )
2020-04-22 14:13:14 +02:00
Maxime Besson
ecbcc0b6b6
Fix #2081 by detecting external URL
2020-04-22 11:25:06 +02:00
Maxime Besson
92af252ae9
Make SingleSession configurable by rule ( #2164 )
2020-04-22 11:02:59 +02:00
Maxime Besson
0983c66139
Portal: add helper method to build a rule from a string
2020-04-22 11:02:59 +02:00
Xavier Guimard
1a13e3d0dc
Really fix #2161
2020-04-21 22:09:40 +02:00
Maxime Besson
b8d72e21b4
fix display of deleted sessions ( #2159 )
2020-04-21 10:18:50 +02:00
Xavier Guimard
faadd4fc52
DBI: verify parameters during init ( Fixes : #2161 )
2020-04-21 07:55:07 +02:00
Christophe Maudoux
cd8f8bd847
Typo ( #2159 )
2020-04-21 00:03:45 +02:00
Maxime Besson
deab21e091
RESTServer: Clarify error message when time skew is too great
2020-04-20 17:14:32 +02:00
Christophe Maudoux
dcef93eea9
Update version ( #2154 )
2020-04-19 19:25:26 +02:00
Maxime Besson
55f3ca0e77
Improve error reporting for SAML replay protection
2020-04-18 19:54:02 +02:00
Christophe Maudoux
e00cb0ecf0
use localDate & Improve unit test ( #1999 )
2020-04-18 11:50:07 +02:00
Christophe Maudoux
612682fddb
Sort active sessions ( #1999 )
2020-04-18 00:32:21 +02:00
Clément OUDOT
fb29673fdf
GitHub authentication module ( #2154 )
2020-04-17 23:34:45 +02:00
Christophe Maudoux
478d205f07
Code refactoring & Tidy ( #2138 )
2020-04-17 20:00:36 +02:00
dcoutadeur dcoutadeur
2c6df4dfc0
Merge branch 'logoutforward' into 'v2.0'
...
fix #2138 logout forward doesn't work anymore
See merge request lemonldap-ng/lemonldap-ng!136
2020-04-17 17:56:48 +02:00
dcoutadeur
c984bb8b4a
fix CAS logoutServices (see #2138 logout forward doesn't work anymore)
2020-04-17 17:36:43 +02:00
dcoutadeur
641c523b62
revert c1b61f535
fix CAS logoutServices
2020-04-17 17:14:16 +02:00
dcoutadeur
c1b61f535a
fix CAS logoutServices (see #2138 logout forward doesn't work anymore)
2020-04-17 16:56:35 +02:00
dcoutadeur
17e56da82b
cleaner solution for #2138 logout forward doesn't work anymore
2020-04-17 16:26:40 +02:00
Christophe Maudoux
c3f7755055
Merge branch 'v2.0' into fix-ssl-error-reporting-2110
2020-04-16 23:05:09 +02:00
Christophe Maudoux
b82bdd9e6f
Tidy
2020-04-16 22:46:11 +02:00
Christophe Maudoux
4521705013
Avoid to create an empty SSO session ( #1783 )
2020-04-16 22:42:40 +02:00
dcoutadeur
cd15ac7a67
fix #2138 logout forward doesn't work anymore
2020-04-16 17:27:14 +02:00
Maxime Besson
7cc02dc179
Add auth routes for 2f choice screen ( #2151 )
2020-04-16 14:26:33 +02:00
Maxime Besson
6447396888
Improve SSL error reporting ( #2110 )
2020-04-15 18:43:27 +02:00
Maxime Besson
8c94bf0f13
Allow portal JSON responses to include a rendered HTML error block ( #2110 )
2020-04-15 18:42:31 +02:00
Maxime Besson
e1767abfda
CORS: special handling for AJAX SSL ( #2110 )
2020-04-15 18:42:31 +02:00
Maxime Besson
2440fc7866
use sendJSONresponse instead of handcrafting portal response
2020-04-15 18:42:31 +02:00
Maxime Besson
4bcb391121
Add an easy way to set level of additional second factors ( #2149 )
2020-04-15 17:20:27 +02:00
Maxime Besson
755a5c3a6b
post confirm to issuer url after restoring ( #2142 )
2020-04-14 21:46:30 +02:00
Maxime Besson
b512cc700c
Replace hidden form values on info when urldc has a QS ( #2085 )
2020-04-14 18:48:35 +02:00
Christophe Maudoux
6d146f9c4b
Verify that $field is defined with AuthSSL ( #2141 )
2020-04-11 22:54:55 +02:00
Christophe Maudoux
082d12ca5f
Append customParam to globalLogout plugin ( #2145 )
2020-04-11 22:34:29 +02:00
Christophe Maudoux
3a4ab3bbec
setSecurity if an error occurs with AuthChoice ( #2144 )
2020-04-11 18:55:44 +02:00
Christophe Maudoux
13bb55a818
Append an option to define apps tooltip & Improve unit test ( #2140 )
2020-04-08 22:40:28 +02:00
Christophe Maudoux
202a500c3e
Tidy
2020-04-07 11:47:32 +02:00
Christophe Maudoux
0fb0bd1d07
Code refactoring ( #2129 )
2020-04-07 11:39:32 +02:00
Christophe Maudoux
d56a76584a
Retrieve 'allusers' notifications ( #2071 )
2020-04-06 23:55:04 +02:00
Christophe Maudoux
9e84447d2d
Fix update session ( #2129 )
2020-04-06 23:28:01 +02:00
Christophe Maudoux
e68d5ed2c8
Revert "Fix update session ( #2129 )"
...
This reverts commit 1c65c72a62
.
2020-04-06 19:35:29 +02:00
Christophe Maudoux
1c65c72a62
Fix update session ( #2129 )
2020-04-06 19:24:50 +02:00
Christophe Maudoux
d53cddae39
Better fix & De-duplicate groups ( #2129 )
2020-04-06 19:05:50 +02:00
Clément OUDOT
c87a36e3ca
Do not run setGroups after 2FA ( #2129 )
2020-04-06 18:36:51 +02:00
Christophe Maudoux
37a9360625
Append PPolicyNone message & Unit test & Update manifest
2020-04-05 12:19:05 +02:00
Christophe Maudoux
dbf6415a12
Improve code ( #1783 )
2020-04-04 00:08:20 +02:00
Christophe Maudoux
30f6a889de
Append contextSwitching prefix parameter ( #1783 )
2020-04-03 23:09:55 +02:00
Christophe Maudoux
d6d9d6031d
Append debug log ( #1796 )
2020-04-03 18:56:11 +02:00
Christophe Maudoux
c179654fc4
Fix typo notification reference & Update unit tests( #2133 )
2020-04-03 18:26:22 +02:00
Christophe Maudoux
0ec9ff84e2
Fix test & notification reference ( #2133 )
2020-04-03 14:34:44 +02:00
Christophe Maudoux
f469180663
Improve unit test ' #2130 )
2020-04-03 00:21:15 +02:00
Christophe Maudoux
6382c35cd4
Update PP display ( #2130 )
2020-04-02 13:30:22 +02:00
Christophe Maudoux
71ba189edc
Append special characters password policy ( #2130 )
2020-04-02 12:14:05 +02:00
Christophe Maudoux
b924b96176
WIP - Append PP special characters options ( #2130 )
2020-04-02 01:03:42 +02:00
Christophe Maudoux
154250e6e7
Use real authentificationLevel & Improve unit test ( #2129 )
2020-04-01 19:33:18 +02:00
Christophe Maudoux
2a34d1ae8c
Update sessionInfo if second factor succeeds & Improve unit tests ( #2129 )
2020-04-01 15:43:46 +02:00
Christophe Maudoux
ea8b0bb024
Highlight error message ( #2126 & #1625 )
2020-03-28 18:12:34 +01:00
Christophe Maudoux
68e2e81898
Fix warning if error is undefined ( #2126 & #1625 )
2020-03-28 17:59:37 +01:00
Xavier Montagutelli
9c0e09f89d
Update OpenIDConnect.pm - Correct typo staticPrefi*x*
2020-03-26 16:48:31 +01:00
Maxime Besson
e9bab71585
Make sure restCall returns a hashref ( #2125 )
2020-03-26 11:31:33 +01:00
Maxime Besson
845ff2da85
fix param transmission in rest2f ( #2123 )
2020-03-26 10:58:27 +01:00