dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
10,083 Commits 3 Branches 0 Tags 75 MiB
c8eaf8978d
Commit Graph

280 Commits

Author SHA1 Message Date
Maxime Besson
e607d8281f OIDC: do not advertise missing functionality (#1194) 
Back-Channel logout is not supported yet
 2020-04-24 12:15:51 +02:00
Clément OUDOT
138ee4284f Disable cache when registering a new OIDC client (#2058) 2020-04-24 11:52:04 +02:00
Maxime Besson
a3821fc560 Implement additional audiences in ID token (#2177) 2020-04-24 11:10:44 +02:00
Maxime Besson
6ccf078432 Implement Resource Owner Password Credentials grant (#2155) 2020-04-23 17:49:25 +02:00
Maxime Besson
ded6c74fe0 Allow special characters in scope names (#2168) 2020-04-23 14:50:53 +02:00
Maxime Besson
31f05b9e2d Make Introspection endpoint look for offline sessions (#2171) 2020-04-23 10:29:08 +02:00
Maxime Besson
626715a580 Prevent duplicate consents in psession (#2169) 2020-04-22 21:26:38 +02:00
Maxime Besson
a217590869 Tidy OIDC 2020-04-22 21:25:56 +02:00
Christophe Maudoux
ea8b0bb024 Highlight error message (#2126 & #1625) 2020-03-28 18:12:34 +01:00
Christophe Maudoux
68e2e81898 Fix warning if error is undefined (#2126 & #1625) 2020-03-28 17:59:37 +01:00
Xavier Montagutelli
9c0e09f89d Update OpenIDConnect.pm - Correct typo staticPrefi*x* 2020-03-26 16:48:31 +01:00
Maxime Besson
34928123f3 OIDC refactoring 
split token method by response type
factor ID token generation between implicit and hybrid flows
still a lot to do!
 2020-03-18 21:14:54 +01:00
Maxime Besson
4ae628bfcd Avoid generatin a bogus ID token when generation fails (#2105) 2020-02-24 16:28:41 +01:00
Xavier Guimard
a76cba3856 Update versions 2020-02-20 23:37:01 +01:00
Maxime Besson
5758e371bf Improve introspection endpoint (#2096) 2020-02-19 21:49:51 +01:00
Maxime Besson
68be974e51 Add option to compute userdb groups before macros (#1877) 2020-02-05 15:39:45 +01:00
Maxime Besson
3b48746948 SAML: Hide error in storeEnv (#2084) 2020-02-03 17:08:18 +01:00
Clément OUDOT
681452524d Associate SAML access rule to SP conf key and not SP entityID (#2074) 2020-01-24 09:01:56 +01:00
Christophe Maudoux
1988983c90 Typo 2019-12-31 17:14:44 +01:00
Clément OUDOT
f5c2b81051 Possibility to add extra claims and extra vars in OIDC register (#2003) 2019-12-21 12:08:48 +01:00
Maxime Besson
f7f526b825 Fix #1882 in refresh token code 2019-12-17 10:59:45 +01:00
Maxime Besson
a410793122 CAS per-service macros portal code (#2042) 2019-12-16 17:26:35 +01:00
Maxime Besson
2a15bb0523 SAML per-service macros portal code (#2042) 2019-12-16 17:26:34 +01:00
Maxime Besson
32ecf37be4 OIDC per-service macros portal code (#2042) 2019-12-16 17:26:34 +01:00
Maxime Besson
75559bfb15 Fix TTL of offline session (#813) 2019-11-27 12:12:47 +01:00
Maxime Besson
2639c482b1 Fix cookie removal on SAML logout (#2001) 
Since the fixes for #1863, calling p->do consumes the response headers
set by any previous code. So we must only call do() in a return statement.
 2019-11-06 18:44:10 +01:00
Maxime Besson
713737c11f Add an option to return claims in ID token 2019-11-04 18:27:28 +01:00
Maxime Besson
68704955d2 Apply suggestion to lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm 2019-11-04 10:47:35 +01:00
Maxime Besson
a386a7502a Allow refresh tokens to be emitted for regular sessions (#813) 2019-11-04 10:44:54 +01:00
Maxime Besson
ea2365cc98 Implement OIDC Offline sessions through refresh tokens (#813) 2019-11-04 10:44:54 +01:00
Clément OUDOT
a239091553 Load String::Random (#1963) 2019-10-01 14:49:41 +02:00
Xavier
461cd51e45 Try to fix #1785 without breaking pdata 2019-09-29 23:04:17 +02:00
Christophe Maudoux
5d9fc02205 Typo & logger 2019-09-20 22:47:48 +02:00
Clément OUDOT
dc0a8f7848 Add some log when user is authorized to access to service (#1702) 2019-09-19 16:52:08 +02:00
Clément OUDOT
dd76c4f3db Improve log for CAS Issuer (#1702) 2019-09-19 16:18:51 +02:00
Clément OUDOT
e446e09a7f Improve log (#1702) 2019-09-19 16:07:10 +02:00
Christophe Maudoux
92c8e6791f Typo (#1702) 2019-09-18 19:49:22 +02:00
Xavier
e50e7d09d1 Update version of (really) modified files 2019-09-12 21:56:49 +02:00
Maxime Besson
00e91f374b Add specific error code when missing a required SAML attr (#1919) 
The MISSINGREQATTR message is a good default value, but a site
administrator may decide to override it with a personnalized version
that only applies to issuer errors caused by an incomplete user profile
(for example, giving a pointer to the local user profile management
application)
 2019-09-06 11:04:39 +02:00
Maxime Besson
d61935ab6e Implement introspection endpoint for access tokens (#1843) 2019-08-29 19:10:51 +02:00
Maxime Besson
fd7453b7a5 Refactor endpoint auth 2019-08-29 18:57:26 +02:00
Maxime Besson
661a007b4a Check OIDC access token expiration (#1879) 2019-08-21 12:18:55 +02:00
Maxime Besson
2e9f57ab6f Better default behavior for oidcServiceMetaDataIssuer (#1882) 2019-08-13 18:09:59 +02:00
Maxime Besson
daa03a9a9c OIDC: tie client_id to authorization code (#1881) 2019-08-09 13:54:53 +02:00
Clément OUDOT
4ee49de4c2 Adapt grant_types_supported attribute (#1846) 2019-07-25 19:06:53 +02:00
Clément OUDOT
c76dc52436 Adapt response_types_supported attribute in OpenID Connect metadata depending on configured flows (#1846) 2019-07-08 15:38:57 +02:00
Clément OUDOT
9b98893c44 Manage claims in ID token if no access token requested (#1846) 2019-07-08 15:15:13 +02:00
Clément OUDOT
1ebbde9a50 Tidy code and add missing check on hash_level (#1835) 2019-07-04 09:49:01 +02:00
Christophe Maudoux
161d6cee0f Fix unit test warning (Auth-and-issuer-OIDC-authorization_code-with-none-alg.t) 2019-07-03 22:17:22 +02:00
Xavier Guimard
c1137edba8 make tidy with perltidy-20181120 2019-07-02 20:03:40 +02:00