dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9,102 Commits 3 Branches 0 Tags 75 MiB
c3a01c042c
Commit Graph

2207 Commits

Author SHA1 Message Date
Christophe Maudoux
0b567d6c15 Merge branch 'v2.0' into 1783 2019-06-25 20:23:48 +02:00
Christophe Maudoux
b9af5d1adc Use Id 2019-06-25 19:30:06 +02:00
Christophe Maudoux
7a97bc46c4 Improve code (#1783) 2019-06-25 19:28:05 +02:00
Xavier Guimard
93ccb9fd76 Set Content-Length in Apache::Session::REST requests (#1813) 2019-06-25 09:37:37 +02:00
Xavier Guimard
ddde26fa1c Add searchOn() in Apache::Session::REST (#1813) 2019-06-25 09:18:58 +02:00
Christophe Maudoux
32cb9e3a8f Delete session (#1783) 2019-06-24 23:52:39 +02:00
Christophe Maudoux
266f2fdf02 Merge branch 'v2.0' into 1783 2019-06-24 23:36:54 +02:00
Christophe Maudoux
786e136754 Create session with ContextSwitching plugin (#1783) 2019-06-24 23:36:23 +02:00
Christophe Maudoux
28fd7ea0b8 Change log level (#1664) 2019-06-24 23:35:33 +02:00
Xavier
c5d6bc42b6 Add get_key_from_all_sessions in Apache::Session::REST (#1813) 2019-06-24 23:07:34 +02:00
Xavier
9df3d57bc9 In REST, PE_LOGOUT_OK must return 200 2019-06-24 23:06:15 +02:00
Christophe Maudoux
5efa6c111a Append log (#1783) 2019-06-23 22:56:05 +02:00
Christophe Maudoux
8d2367c6d7 Typo 2019-06-23 22:55:46 +02:00
Christophe Maudoux
e5f03f34d9 Append ContextSwitching plugin (#1783) 2019-06-23 22:19:40 +02:00
Christophe Maudoux
c24ff711a0 WIP - ContextSwitching (#1783) 2019-06-23 10:51:10 +02:00
Christophe Maudoux
bdc5007e43 Update sort condition (#1658) 2019-06-23 10:18:05 +02:00
Christophe Maudoux
dd94351f35 WIP - ContextSwitching (#1783) 2019-06-22 23:46:02 +02:00
Christophe Maudoux
8c47c913fe WIP - ContextSwitching (#1783) 2019-06-21 16:24:50 +02:00
Christophe Maudoux
b69ffc0ff8 WIP - ContextSwitching (#1783) 2019-06-21 15:23:06 +02:00
Christophe Maudoux
a2ebaf31b1 WIP - AdminImpersonation skeleton (#1783) 2019-06-19 18:13:17 +02:00
Christophe Maudoux
c4d4b482a5 Provide to plugins message display functions (#1796) 2019-06-18 22:00:03 +02:00
Christophe Maudoux
86b305d19b Typo (#1664) 2019-06-18 21:57:40 +02:00
Christophe Maudoux
9fa11709e6 Append options to use Notifications plugin & set notification reference (#1796) 2019-06-17 22:31:44 +02:00
Xavier
8b488e4d51 Move LDAP::getUser() to Lib::LDAP (Fixes: #1805) 2019-06-17 21:15:38 +02:00
Xavier
aff7527580 Fix bad call in LDAP (#1805) 2019-06-17 19:21:48 +02:00
Christophe Maudoux
1b4d1b5bdf Avoid notification reference to be truncated (#1796) 2019-06-16 20:57:53 +02:00
Christophe Maudoux
d6f3dd459a Display message (#1796) 2019-06-16 16:02:48 +02:00
Christophe Maudoux
ecf84e8a4d WIP (#1796) 2019-06-14 23:09:32 +02:00
Christophe Maudoux
fde6ff2cc8 WIP (#1796) 2019-06-14 23:09:32 +02:00
Xavier Guimard
5fbff01b27 Update versions 2019-06-14 17:27:54 +02:00
Xavier Guimard
65eaefa75f Tidy 2019-06-14 17:23:26 +02:00
Clément OUDOT
4e5c450b8b Return error if no code provided on token endpoint (#1802) 2019-06-14 16:05:39 +02:00
Xavier Guimard
e7bc7b3f4e Add restExportSecretKeys option (#1799) 2019-06-14 08:51:58 +02:00
Xavier
5dc5b88daa Permit to show $_password in REST session server (#1799) 2019-06-14 07:09:55 +02:00
Xavier
4ad0da0315 Fix syntax error (#1794) 2019-06-14 06:33:27 +02:00
Christophe Maudoux
73f689eca4 Fix 2F types (#1782) 2019-06-13 23:28:57 +02:00
Christophe Maudoux
c8295b60b5 Fix 2F types (#1782) 2019-06-13 23:27:30 +02:00
Xavier
c7ef665bf9 Fix #1782 2019-06-13 22:23:20 +02:00
Xavier
8d642da8cb Improve #1782 2019-06-13 22:10:30 +02:00
Xavier Guimard
2a021e37ea Don't require getDisplayType in Choice (#1800) 2019-06-13 17:51:36 +02:00
Maxime Besson
1a66da30f9 Store portal language in _language user session key (#1764) 2019-06-13 09:26:19 +02:00
Xavier
a6aaf8a507 Add XSS test (#1795) 2019-06-11 21:30:15 +02:00
Xavier
1a8948894d Check CAS "service" parameter (Fixes: #1795) 2019-06-11 21:02:43 +02:00
Maxime Besson
97d0bbf0aa Fix CASv2 logout (#1753) 2019-06-11 16:18:15 +02:00
Xavier Guimard
9e932b525c Merge branch 'issue1794-accentregister' into 'v2.0' 
Register: better handling of special chars (#1794)

See merge request lemonldap-ng/lemonldap-ng!78
 2019-06-10 22:57:34 +02:00
Maxime Besson
f195db2a5a Register: better handling of special chars (#1794) 2019-06-10 22:45:15 +02:00
Christophe Maudoux
7a3ded7efb Improve code (#1782) 2019-06-10 20:56:38 +02:00
Christophe Maudoux
441519a542 Typo (#1791) 2019-06-10 10:37:43 +02:00
Christophe Maudoux
8a35584e26 Fix empty hGroups (#1791) 2019-06-09 19:54:00 +02:00
Christophe Maudoux
63798f71f9 Change message condition (#1791) 2019-06-08 22:10:13 +02:00
Christophe Maudoux
b71f678f80 Filter SSO groups to merge (#1791) 2019-06-08 22:08:58 +02:00
Christophe Maudoux
e3c2766809 Test 2F TTL (#1782) 2019-06-07 19:51:51 +02:00
Xavier
94c2a0bc3b Add addAuthRouteWithRedirect() doc (#1787) 2019-06-06 23:02:46 +02:00
Xavier
f4bca7430a Add addAuthRouteWithRedirect() method to Try (#1787) 2019-06-06 22:59:02 +02:00
Xavier Guimard
946384272e Partial revert "Typo" 
This reverts commit f63a63eedb.
 2019-06-06 16:00:49 +02:00
Christophe Maudoux
801e2a17d6 Better fix (#1769) 2019-06-05 15:27:58 +02:00
Christophe Maudoux
30c4a9c787 setSecurity if failed login (#1769) 2019-06-05 11:29:04 +02:00
Christophe Maudoux
f63a63eedb Typo 2019-06-05 11:25:50 +02:00
Christophe Maudoux
c044ebc473 Fix functions parameter (#1774) 2019-06-04 23:18:06 +02:00
Christophe Maudoux
eab00052f3 Fix debug msg (#1774) 2019-06-04 20:42:54 +02:00
Christophe Maudoux
95b188ccfe Fix grant parameter, append warning msg & debug logs (#1774) 2019-06-04 18:19:33 +02:00
Christophe Maudoux
18dd7c2c41 Append debug msg (#1765) 2019-06-04 16:19:01 +02:00
Christophe Maudoux
f69b829f6c Restore loginHistory (#1780) & Improve code 2019-06-02 22:40:00 +02:00
Christophe Maudoux
054fda9cfd Fix warnings (#1781) 2019-06-01 23:22:20 +02:00
Christophe Maudoux
491c54a3ee Fix Impersonation with 2FA (#1781) 2019-06-01 19:13:45 +02:00
Christophe Maudoux
e36ce98dda SetSecurity with AuthChoice (#1769) 2019-06-01 11:47:49 +02:00
Christophe Maudoux
35f1677747 Append unit test and fix CORS headers (#1765) 2019-05-31 17:50:44 +02:00
Christophe Maudoux
132e57b4b3 Manage CORS headers (#1765) 2019-05-31 17:00:39 +02:00
Christophe Maudoux
432f2655bb Fix if no userDB (#1774) 2019-05-30 12:26:50 +02:00
Christophe Maudoux
04603c0169 Fix warning (#1774) 2019-05-30 12:26:50 +02:00
Xavier Guimard
6b5677b4ce Tidy (#1774) 2019-05-29 14:20:46 +02:00
Christophe Maudoux
224137462a Tidy (#1774) 2019-05-29 00:08:48 +02:00
Christophe Maudoux
a89f83294b Retrieve session from DB if exists & Improve unit test (#1774) 2019-05-28 23:55:54 +02:00
Xavier Guimard
8fd3f6be90 Merge branch 'issue1521-appmenu' into 'v2.0' 
Preserve applicationList key names (#1521)

See merge request lemonldap-ng/lemonldap-ng!76
 2019-05-28 22:10:53 +02:00
Xavier
db2ee96bc8 Update versions (#1777) 2019-05-28 22:04:45 +02:00
Xavier
f0842569c2 Don't erase pdata on 404 errors (#1778) 2019-05-28 21:58:22 +02:00
Xavier
82171e9a90 Fix missing $req in SLO responses (#1777) 2019-05-28 21:45:54 +02:00
Xavier
acd6ba50e8 Fix some missing $req (#1777) 2019-05-28 19:52:08 +02:00
Christophe Maudoux
5126e9003b Allow double sessions for double cookies with singleSession (#1775) 2019-05-28 17:32:06 +02:00
Maxime Besson
b12992755f Preserve applicationList key names (#1521) 
Previously, every configuration save from the manager would overwrite
applicationList key names to preserve their ordering.

This commit introduces a new "order" key in the JSON config instead.
 2019-05-28 15:38:26 +02:00
Christophe Maudoux
dece7d8aa0 Allow double sessions for double cookies (#1775) 2019-05-27 22:42:02 +02:00
Christophe Maudoux
26233106a5 Set _updateTime session value (#1771) 2019-05-26 11:56:58 +02:00
Christophe Maudoux
3dd4c52c65 Update version (#1766) 2019-05-26 10:33:39 +02:00
Christophe Maudoux
0e47cb4f5b Fix warning message 2019-05-23 15:52:11 +02:00
Maxime Besson
0babf4c6c3 Fix non-sso session removal in SoapServer 
closes #1762
 2019-05-21 17:30:37 +02:00
Christophe Maudoux
59f07b7b8f Avoid to renew double cookie sessions for refresh request (#1747) 2019-05-20 23:03:10 +02:00
Christophe Maudoux
29b7341345 Change code order (#1749) 2019-05-19 13:40:46 +02:00
Christophe Maudoux
006f862a69 Cleaning code (#1755) 2019-05-17 22:18:09 +02:00
Clément OUDOT
c024952b8f Do not fail if no RP or no OP configured (#1759) 2019-05-17 16:00:33 +02:00
Xavier
b91d1d4b87 Tidy 2019-05-16 20:45:14 +02:00
Xavier
a2e78c88c3 Set versions 2019-05-16 20:42:31 +02:00
Xavier
1186aba52b lmError(): return JSON if wanted (#1745) 2019-05-16 06:50:13 +02:00
Christophe Maudoux
e46fac82b2 CheckUser with tokenGlobalStorage & Warn if SSO groups are merged 2019-05-15 23:45:06 +02:00
Maxime Besson
1f1eeab9c8 Do not log a warning when displaying form with Combination 
When form-based authentication methods return PE_FIRSTLOGIN, do not log
a warning because it's normal behavior to show the form.
 2019-05-14 19:47:28 +02:00
Christophe Maudoux
fc034ad4bf Impersonation with doubleCookie (#1746) 2019-05-12 22:59:21 +02:00
Clément OUDOT
05cd4d4a58 Fix update token with global storage (#1742) 2019-05-12 20:39:25 +02:00
Clément OUDOT
682b193477 Use TOKEN kind for mail password reset sessions (#1743) 2019-05-12 20:04:38 +02:00
Clément OUDOT
07de622e83 Fix getRegisterSession and getMailSession (#1743) 2019-05-12 17:36:14 +02:00
Xavier
9a71709f44 Tidy 2019-05-11 23:03:48 +02:00
Christophe Maudoux
8737fc0808 Impersonation with doubleCookie & Append unit test (#1746) 2019-05-11 22:57:52 +02:00
Xavier
f3c4ea0afb Tydy 2019-05-11 20:18:43 +02:00
Christophe Maudoux
aeead582d8 Restore _httpSession (#1746) 2019-05-11 19:07:07 +02:00
Xavier
000db1536b Update versions 2019-05-11 17:37:56 +02:00
Xavier
2ce7396bf2 Don't filter on session_kind with SOAP (#1742) 2019-05-11 15:41:14 +02:00
Xavier
6235b303b3 #1742 in progress... 2019-05-11 09:31:17 +02:00
Xavier Guimard
1cd50bb353 Fix Auth::Remote session kind (#1742) 2019-05-10 18:02:56 +02:00
Xavier Guimard
638a0de81a Don't use SSO session type for tokens (Fixes security part of #1742) 2019-05-10 17:35:10 +02:00
Clément OUDOT
fce270408e Improve log in plugin GrantSession (#1739) 2019-05-06 19:10:26 +02:00
Clément OUDOT
755b1ace78 Add some debug in Ext2F (#1738) 2019-05-06 14:28:28 +02:00
Clément OUDOT
a7c8b9d466 Fix error handling in Ext2F (#1738) 2019-05-06 14:07:42 +02:00
Christophe Maudoux
c8dd4554aa Test if required secret elements are set to sign JWT 2019-05-02 14:33:56 +02:00
Christophe Maudoux
f4938f3489 Grant access only if required Impersonation succeeds (#1664) 2019-04-30 14:57:45 +02:00
Christophe Maudoux
321fe29c35 Update version 2019-04-29 22:33:11 +02:00
Christophe Maudoux
2e9092d2bd Clean code 2019-04-29 22:33:11 +02:00
Christophe Maudoux
a89b92f265 Improve code (#1386) 2019-04-29 22:33:11 +02:00
Christophe Maudoux
2e3c2e1a16 Sort by spoofed and real attributes (#1658) 2019-04-29 22:33:11 +02:00
Clément OUDOT
926262170b Implement PKCE in OIDC provider (#1722) 2019-04-29 17:18:16 +02:00
Clément OUDOT
8e6f678be7 Create a configuration option to allow a Relying Party to be a public client 
Allow unauthenticated requests on OAuth2 token endoint

#1725
 2019-04-29 10:02:16 +02:00
Maxime Besson
2f9e6aa623 Allow override of username attribute for CAS apps 
Global CAS options allows the admistrator to set the session attribute
that gets exported to all CAS application as the main identifier
(cas:user)

This commit adds the ability to override this configuration for a
particular CAS application.

OIDC already allows this

Fixes #1713
 2019-04-28 21:06:34 +02:00
Maxime Besson
62f16721ff Send username when calling CAS1.0 validation 
Fixes #1724
 2019-04-28 19:29:54 +02:00
Maxime Besson
64cc4ea0e6 Do not sent Kerberos js twice when using Combination 
Fixes #1720
 2019-04-25 17:17:03 +02:00
Christophe Maudoux
c86b76cb9c Init. rules by using accessors (#1658) 2019-04-21 11:56:29 +02:00
maudoux
9b711e6c81 Update version 2019-04-13 22:57:30 +02:00
maudoux
cfa98b2723 Fix logo display 2019-04-13 21:02:47 +02:00
Clément OUDOT
259f9d8d94 Use same JSON fields for failure and success (#1711) 2019-04-13 15:23:40 +02:00
Clément OUDOT
9256571f25 Return session id with successful REST authentication (#1711) 2019-04-12 16:57:22 +02:00
maudoux
026fcd9f76 Fix warnings (#1704) 2019-04-10 22:14:46 +02:00
maudoux
1d08372a8c Sort CAS servers & update langs (#1704) 2019-04-10 21:58:37 +02:00
Xavier
4a21e96426 Fix warning 2019-04-10 21:54:03 +02:00
Xavier
1bcf828a89 Merge remote-tracking branch 'arosier/idpsort' into v2.0 2019-04-10 19:48:26 +02:00
Antoine ROSIER
8875a4e985 perltidy 2019-04-10 17:21:33 +02:00
Antoine ROSIER
f7b296b032 Sorting OIDc (#1704) 2019-04-10 17:06:41 +02:00
Antoine ROSIER
8636da45be Sorting SAML idp (#1704) 2019-04-10 17:06:41 +02:00
Clément OUDOT
ae3a728378 Manage template inclusion when file is not in configured portal theme (#1653) 2019-04-10 15:42:58 +02:00
Christophe Maudoux
413cc98fba perltidy 2019-04-10 09:21:55 +02:00
Antoine ROSIER
6352dc6ac8 Sort idp and op (#1704) 2019-04-10 09:01:55 +02:00
Xavier
af707c5b1f Clear pdata on lmerror access 2019-04-10 07:14:36 +02:00
maudoux
4ff20f2d76 Fix Yubikey userLogger (#1702) 2019-04-09 23:40:16 +02:00
Xavier
a187e5c59b Fix some userLogger message (#1702) 2019-04-09 21:48:59 +02:00
Christophe Maudoux
f1cb8d236e Checkuser case unsensitive for URL only & Improve unit test (1667) 2019-04-09 16:56:00 +02:00
maudoux
1bc519d11d Fix warning (#1694) 2019-04-06 14:09:58 +02:00
Maxime Besson
666e59ad6e Fix #1698 by clearing saml request token on unauth issuer flow 
Add some unit tests to make sure relevant pdata is cleared after authentication
 2019-04-05 23:27:21 +02:00
maudoux
c573ec9625 Typo & upadte version 2019-04-05 22:58:48 +02:00
maudoux
956d934a93 Append GPG authentication level (#1699) 2019-04-05 22:38:20 +02:00
maudoux
85551ba5e1 Append REST authentication level (#1699) 2019-04-05 22:38:01 +02:00
Christophe Maudoux
cf36b44162 Cleaning code (#1664) 2019-04-05 20:04:17 +02:00
Christophe Maudoux
dc1f36daf0 Use OTT rule (#1664) 2019-04-05 20:03:42 +02:00
Christophe Maudoux
f4801f3587 Use OTT rule (#1664) 2019-04-05 20:03:37 +02:00
Christophe Maudoux
01006fc984 Use OTT rule (#1664) 2019-04-05 20:03:25 +02:00
Christophe Maudoux
cb53973881 Use OTT rule (#1694) 2019-04-05 17:24:16 +02:00