dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8,954 Commits 3 Branches 0 Tags 75 MiB
c1137edba8
Commit Graph

357 Commits

Author SHA1 Message Date
Xavier Guimard
c1137edba8 make tidy with perltidy-20181120 2019-07-02 20:03:40 +02:00
Clément OUDOT
e04a6f1983 Reject none algorithm when checking JWT signature (#1835) 2019-07-02 16:36:43 +02:00
Clément OUDOT
60c03010ce Use Base64URL for JWT generation (#1834) 2019-07-01 17:29:35 +02:00
Xavier
c921c295ed Use user skin in loadTemplate (Fixes: #1828) 2019-06-28 13:40:56 +02:00
Xavier Guimard
44a6e25851 Improve cryptographic functions (#1823) 2019-06-28 10:30:37 +02:00
Xavier Guimard
e15a41bc66 Fix typo: s/templatesDir/templateDir/g (#1819) 2019-06-26 11:59:13 +02:00
Xavier Guimard
45a0b68c3b Disable external entities in XML parsers (Fixes: #1818) 2019-06-26 11:32:10 +02:00
Xavier
8b488e4d51 Move LDAP::getUser() to Lib::LDAP (Fixes: #1805) 2019-06-17 21:15:38 +02:00
Xavier Guimard
5fbff01b27 Update versions 2019-06-14 17:27:54 +02:00
Xavier Guimard
2a021e37ea Don't require getDisplayType in Choice (#1800) 2019-06-13 17:51:36 +02:00
Xavier Guimard
946384272e Partial revert "Typo" 
This reverts commit f63a63eedb.
 2019-06-06 16:00:49 +02:00
Christophe Maudoux
f63a63eedb Typo 2019-06-05 11:25:50 +02:00
Christophe Maudoux
3dd4c52c65 Update version (#1766) 2019-05-26 10:33:39 +02:00
Christophe Maudoux
0e47cb4f5b Fix warning message 2019-05-23 15:52:11 +02:00
Clément OUDOT
c024952b8f Do not fail if no RP or no OP configured (#1759) 2019-05-17 16:00:33 +02:00
Xavier
b91d1d4b87 Tidy 2019-05-16 20:45:14 +02:00
Xavier
a2e78c88c3 Set versions 2019-05-16 20:42:31 +02:00
Christophe Maudoux
e46fac82b2 CheckUser with tokenGlobalStorage & Warn if SSO groups are merged 2019-05-15 23:45:06 +02:00
Clément OUDOT
05cd4d4a58 Fix update token with global storage (#1742) 2019-05-12 20:39:25 +02:00
Clément OUDOT
07de622e83 Fix getRegisterSession and getMailSession (#1743) 2019-05-12 17:36:14 +02:00
Xavier
f3c4ea0afb Tydy 2019-05-11 20:18:43 +02:00
Xavier Guimard
1cd50bb353 Fix Auth::Remote session kind (#1742) 2019-05-10 18:02:56 +02:00
Xavier Guimard
638a0de81a Don't use SSO session type for tokens (Fixes security part of #1742) 2019-05-10 17:35:10 +02:00
Christophe Maudoux
c8dd4554aa Test if required secret elements are set to sign JWT 2019-05-02 14:33:56 +02:00
Clément OUDOT
926262170b Implement PKCE in OIDC provider (#1722) 2019-04-29 17:18:16 +02:00
Clément OUDOT
8e6f678be7 Create a configuration option to allow a Relying Party to be a public client 
Allow unauthenticated requests on OAuth2 token endoint

#1725
 2019-04-29 10:02:16 +02:00
Antoine ROSIER
8875a4e985 perltidy 2019-04-10 17:21:33 +02:00
Antoine ROSIER
8636da45be Sorting SAML idp (#1704) 2019-04-10 17:06:41 +02:00
Clément OUDOT
ae3a728378 Manage template inclusion when file is not in configured portal theme (#1653) 2019-04-10 15:42:58 +02:00
maudoux
1bc519d11d Fix warning (#1694) 2019-04-06 14:09:58 +02:00
Christophe Maudoux
cf36b44162 Cleaning code (#1664) 2019-04-05 20:04:17 +02:00
Christophe Maudoux
2b818a9c02 Append specific ottRule dependency (#1694) 2019-04-05 17:23:09 +02:00
Xavier Guimard
2159957c34 Update versions 2019-04-05 09:54:43 +02:00
Xavier Guimard
ece9b21219 Remove trailing whitespaces 2019-04-03 14:15:16 +02:00
Maxime Besson
d44a042fd5 Revert 8f5fbb077e and change the way logout errors are handled 
Relating to issue #1668, the proposed fix works when there is only one
service provider to logout of.

Now that multiple service provider logout is starting to work again on
2.0, we cannot read the remote_ProviderID from the logout object because
it is only filled by lasso when actually building the response.

Instead, we ignore any error that could occur when building the
response, log a warning and show the portal instead. Still better than
an internal server error.
 2019-04-03 11:20:24 +02:00
Clément OUDOT
502a32e257 Add unit test and fix code for ppolicy grace (#1691) 2019-04-01 09:58:56 +02:00
Xavier
01ab88ba57 Fix for #1691 2019-04-01 06:52:21 +02:00
Clément OUDOT
d620ae2e8b Merge branch 'maxbes/lemonldap-ng-saml-issuer-entityid-override' into v2.0 2019-03-13 10:30:16 +01:00
Maxime Besson
8f5fbb077e When logout-initiating SP has no known SLO endpoint, fallback to portal 
In some federations, SLO endpoints are not published, yet SP are still
able to initiate logouts.

This used to cause an error on the portal, this commit changes the error
into a warning in logs. The user remains on the portal and sees a normal
logout message.
 2019-03-12 17:58:41 +01:00
Xavier Guimard
bc2bef4ff4 Please use our .perltidyrc 2019-03-07 18:22:58 +01:00
Maxime Besson
e290cd59d6 Fix undef warnings in metadata generation 
Fix some undef warnings introduced in
12d2db35a9
 2019-03-04 09:33:12 +01:00
dcoutadeur
3af15b139e fix id_token validity not correctly evaluated #1662 2019-02-28 09:56:21 +01:00
Maxime Besson
12d2db35a9 Add new URLs for SP-only or IDP-only SAML metadata 
This commit adds two new URLs:

/saml/metadata/idp : IDP-only metadata
/saml/metadata/sp : SP-only metadata

/saml/metadata keeps providing metadata for all SAML services
 2019-02-27 18:14:30 +01:00
Xavier Guimard
c7b4eb5051 tidy with new conf 2019-02-07 09:27:56 +01:00
Xavier Guimard
58fc9c2fad Update versions 2019-02-06 19:30:57 +01:00
Clément OUDOT
8b76218025 Fix error message for ppolicy (#1639) 2019-02-06 11:39:37 +01:00
Xavier Guimard
5886cbe2a0 Tidy 2019-02-05 23:12:17 +01:00
Xavier Guimard
e2b026b7c8 Fix versions 2019-02-05 23:06:18 +01:00
Christophe Maudoux
21206099ce Append display options for SAML IDP (#1637) 2019-02-05 22:39:09 +01:00
Clément OUDOT
c77783eb2f Merge branch 'v2.0' 2019-02-05 18:46:40 +01:00