Christophe Maudoux
7a7751e569
Code refactoring & typos ( #2334 )
2020-11-25 21:59:49 +01:00
Christophe Maudoux
b04bb6ab84
Test if Vhost is HTTP or HTTPS & improve unit test ( #2386 )
2020-11-25 19:09:33 +01:00
Christophe Maudoux
f963afd812
Logs more explicit ( #2334 )
2020-11-25 17:17:36 +01:00
Christophe Maudoux
0a4fabb4e4
Use strict & fix warnings
2020-11-21 19:24:04 +01:00
Christophe Maudoux
6060a54536
Use whatToTrace in log ( #2393 )
2020-11-19 21:51:58 +01:00
Christophe Maudoux
a19d229cd3
Use whatToTrace in log ( #2393 )
2020-11-19 21:28:52 +01:00
Christophe Maudoux
0294df1cc8
URI are case sensitive ( #2386 )
2020-11-17 22:03:55 +01:00
Christophe Maudoux
df99148b68
Fix wildcarded VHost & improve unit test ( #2386 )
2020-11-17 22:03:55 +01:00
Christophe Maudoux
dfc68f9f98
Use Mouse instead of Exporter
2020-11-16 21:54:54 +01:00
Maxime Besson
8f1b30b6d0
Return an error if http session could not be found ( #2382 )
2020-11-16 18:38:53 +01:00
Maxime Besson
0263865faa
Add CORS headers to error pages ( #2380 )
2020-11-12 14:34:16 +01:00
Christophe Maudoux
231ec50d63
Fix protocol in log
2020-11-10 10:47:14 +01:00
Christophe Maudoux
91907eba90
Improve & fix AD backend ( #2377 )
2020-11-09 17:50:15 +01:00
Christophe Maudoux
c742d8320e
Set user and oldpassword fields into reset password form & Improve unit tests ( #2377 )
2020-11-09 13:27:16 +01:00
Maxime Besson
fa2301ab0e
Force OIDC claim types according to config ( #2330 )
2020-11-06 19:00:52 +01:00
Xavier Guimard
893385d007
Replace application/javascript by application/json ( Fixes #2376 )
2020-11-06 17:58:41 +01:00
Clément OUDOT
fa0f043f18
Check internal refresh result ( #2375 )
2020-11-05 12:26:35 +01:00
Maxime Besson
d63a55d619
Check Kerberos domain against optional whitelist ( #2372 )
2020-11-05 10:38:47 +01:00
Clément OUDOT
18c1a753ad
Remove space from generated login in register process ( #2373 )
2020-11-04 21:10:09 +01:00
Christophe Maudoux
31ff8484bb
Tidy
2020-11-04 17:02:07 +01:00
Christophe Maudoux
20f5f467dd
Typos ( #2368 )
2020-11-04 16:12:04 +01:00
Christophe Maudoux
50f01e2cbe
Remove cookie & code refactoring ( #2368 )
2020-11-04 13:49:51 +01:00
Maxime Besson
1de41224f8
Avoid memory leaks in $req->steps ( #2369 )
2020-11-02 23:22:04 +01:00
Clément OUDOT
8c1f5c6d50
Launch adaptative authentication plugin just before storing session values ( #2336 )
2020-11-02 15:56:19 +01:00
Xavier Guimard
6990a4a0c0
Set "secure" to StayConnected cookie
2020-11-01 08:15:09 +01:00
Christophe Maudoux
0469d36aec
Update version & tidy ( #2366 )
2020-10-31 23:55:41 +01:00
Christophe Maudoux
d8114e0e16
Submit 2FA with StayConnected plugin ( #2366 )
2020-10-31 23:20:18 +01:00
Christophe Maudoux
7ac2a0da80
Allow to check last logins with stayConnected plugin & improve unit test ( #2365 )
2020-10-31 22:10:14 +01:00
Christophe Maudoux
b869b59da7
Avoid assignment ( #2360 )
2020-10-30 12:55:39 +01:00
Maxime Besson
367f1bc5ad
Add LDAP IO timeout ( #2267 )
2020-10-27 16:01:39 +01:00
Christophe Maudoux
e704fe24ea
Fix warning if no path given & code refactoring
2020-10-26 19:21:54 +01:00
Christophe Maudoux
90c8c2ba86
Improve messages ( #2332 )
2020-10-16 23:27:06 +02:00
Christophe Maudoux
da9dc04657
redirect user to 2fregisters after reAuthn process ( #2332 )
2020-10-14 22:02:57 +02:00
Christophe Maudoux
a86bf488c4
Test if a skip option is enabled ( #2352 )
2020-10-13 22:30:06 +02:00
Christophe Maudoux
929e00e91a
Display button only if upgradeSession plugin is enabled ( #2332 )
2020-10-12 22:32:05 +02:00
Christophe Maudoux
f6eb9e5c1a
Improve unit test ( #2332 )
2020-10-12 22:16:36 +02:00
Christophe Maudoux
605d724453
Improve GUI & unit tests ( #2332 )
2020-10-12 19:24:52 +02:00
Christophe Maudoux
d76438b1e8
Update langs & error code ( #2238 )
2020-10-12 15:16:55 +02:00
Christophe Maudoux
9245fc4ee1
Append unit test ( #2338 )
2020-10-12 14:55:46 +02:00
Christophe Maudoux
01031d8c4f
Code refactoring ( #2339 )
2020-10-10 19:47:55 +02:00
Maxime Besson
fcb8e6b3c5
Use keepalive for LDAP connections ( #2344 )
2020-10-09 12:22:28 +02:00
Maxime Besson
5606d0ed6f
Add support for SHA384 and SHA512 ( #2322 )
2020-10-07 15:31:57 +02:00
Maxime Besson
1234d5294f
Let users override default SAML signature method ( #2319 )
2020-10-07 15:31:27 +02:00
Christophe Maudoux
cd02b8023e
Fix warning ( #2332 )
2020-10-05 20:45:05 +02:00
Christophe Maudoux
352b97f681
Append option to modify 2FA during context switching ( #2338 )
2020-10-04 21:18:09 +02:00
Christophe Maudoux
da91097969
Improve fix ( #2332 )
2020-10-04 19:32:10 +02:00
Christophe Maudoux
a8343ac7be
Test authLevel before removing 2F device ( #2332 )
2020-10-04 19:29:31 +02:00
Clément OUDOT
16211e5573
Remove unused sort rule ( #2336 )
2020-10-04 17:05:16 +02:00
Clément OUDOT
2c9ef41c2c
Use whatToTrace ( #2336 )
2020-10-04 17:02:55 +02:00
Clément OUDOT
fd5170c945
Use buildRule ( #2336 )
2020-10-04 16:59:21 +02:00
Christophe Maudoux
b573dbb789
Better fix and improve unit test ( #2337 )
2020-10-04 11:35:26 +02:00
Christophe Maudoux
452594dbb5
Revert "Avoid to create persistentSession during switching process"
...
This reverts commit 5707f40c5a
2020-10-03 13:05:51 +02:00
Christophe Maudoux
cb0fed8e13
Prevent to update SFA if impersonation is in progress ( #2337 )
2020-10-03 11:58:49 +02:00
Christophe Maudoux
5707f40c5a
Avoid to create persistentSession during switching process
2020-10-02 21:41:07 +02:00
Christophe Maudoux
055ec69b92
Code cleaning & refactoring
2020-10-02 20:40:41 +02:00
Clément OUDOT
6cccea0e46
First version of adaptative authentication level plugin ( #2336 )
2020-10-02 15:05:15 +02:00
Christophe Maudoux
4ecce4726b
Remove corrupted sessions ( #2334 )
2020-09-30 21:39:09 +02:00
Maxime Besson
89ec2b09b1
Improve SMTP error reporting ( #2293 )
2020-09-16 17:29:49 +02:00
Maxime Besson
1db67d735a
Put mail transport code in Common so the manager can use it (#2293,#2304)
2020-09-16 17:27:00 +02:00
Christophe Maudoux
6d5ff2468b
Typo
2020-09-16 11:17:14 +02:00
Christophe Maudoux
d57c314abe
Code refactoring ( #2314 )
2020-09-15 22:24:21 +02:00
Christophe Maudoux
1a73f7ab7f
Append rule & fix userData ( #2314 & #2315 )
2020-09-15 14:13:34 +02:00
Xavier Guimard
5b22310eab
Log IP address in auth combination failures
...
Fixes : #2317
2020-09-15 11:22:13 +02:00
Xavier Guimard
e110517942
Fix misspelled parameter in call to ldap->search() ( Fixes : #2310 )
2020-09-10 08:40:23 +02:00
Maxime Besson
d31a14c303
Avoid accidentally creating an empty session ( #2262 )
2020-09-09 12:05:09 +02:00
Maxime Besson
277e0872fa
Fix missing session timeouts ( #2262 )
2020-09-09 12:04:17 +02:00
Maxime Besson
d598513504
Fix warning when resolving cas target authlevel ( #2309 )
2020-09-09 10:37:00 +02:00
Maxime Besson
f9c7d0bdf7
saml proxy logout: Delay info until we return from idp ( #2262 )
2020-09-08 17:25:11 +02:00
Maxime Besson
683b5a7861
Resume logout when returning from Auth::SAML IDP ( #2262 )
2020-09-08 15:47:58 +02:00
Maxime Besson
24297aa942
Redirect to external provider for logout ( #2262 )
2020-09-08 14:16:49 +02:00
Maxime Besson
8b5ddf6e43
Perform authLogout step during SAML SLO ( #2262 )
2020-09-08 14:16:49 +02:00
Maxime Besson
3816fac9b6
Allow user to disable sig validation during SOAP SLO ( #2262 )
2020-09-08 14:16:27 +02:00
Christophe Maudoux
059b2b13f1
Merge branch 'v2.0' into 2266
2020-09-07 18:56:37 +02:00
Clément OUDOT
f835f3d36f
Update version in modules
2020-09-06 19:58:58 +02:00
Maxime Besson
3771ead3db
Make LDAP auth/userdb/pass modules use ldapVerify ( #2250 )
2020-09-05 12:21:37 +02:00
Xavier Guimard
c8df084247
Update versions
2020-09-04 17:59:00 +02:00
Maxime Besson
66c68f6056
Merge branch 'feature-delayed-2fa-2124' into 'v2.0'
...
Delay 2FA until required by an application
See merge request lemonldap-ng/lemonldap-ng!147
2020-09-04 17:40:46 +02:00
Maxime Besson
f9cdb5497a
Only clean _url part of pdata when redirecting to issuer (#1878,#2124)
2020-09-04 17:17:04 +02:00
Maxime Besson
b2bfa38d5a
Handle errors when no 2FA is available during upgrade ( #2124 )
2020-09-04 17:17:04 +02:00
Maxime Besson
eb191be72e
Add error message when no sf available during upgrade ( #2124 )
2020-09-04 17:17:02 +02:00
Maxime Besson
f69babadef
Differentiate renew and upgrade in Upgrade plugin ( #2124 )
2020-09-04 17:16:11 +02:00
Maxime Besson
1cf1990fe2
Add portal code for session upgrade
2020-09-04 17:15:34 +02:00
Maxime Besson
bd110e7de6
cas issuer: check auth level and reauth if insufficient ( #2124 )
2020-09-04 17:15:34 +02:00
Maxime Besson
ce5c19e3f4
saml issuer: check auth level and reauth if insufficient ( #2124 )
2020-09-04 17:15:34 +02:00
Maxime Besson
7a36489b73
oidc issuer: check auth level and reauth if insufficient ( #2124 )
2020-09-04 17:15:34 +02:00
Maxime Besson
e811ea3b2d
Skip 2FA if target level is enough ( #2124 )
2020-09-04 17:15:34 +02:00
Maxime Besson
ef6b8587ee
Remember target authlevel in handler ( #2124 )
2020-09-04 17:14:05 +02:00
Maxime Besson
8bfa5179cc
Issuers: Store required auth level in pdata ( #2124 )
2020-09-04 17:14:04 +02:00
Clément OUDOT
e86293e165
Merge branch 'v2.0' of gitlab.ow2.org:lemonldap-ng/lemonldap-ng into v2.0
2020-09-04 16:14:37 +02:00
Clément OUDOT
828ecd7bfb
Show password form with change password after reset ( #2307 )
2020-09-04 16:14:17 +02:00
Maxime Besson
ffb7c7430d
Fix encoding workaround in recursive group search ( #2306 )
2020-09-03 15:59:18 +02:00
Christophe Maudoux
05096327c0
Re-order menu & Update langs ( #2266 )
2020-08-29 22:50:29 +02:00
Christophe Maudoux
01beb5d48b
Allow all special chars ( #2266 )
2020-08-29 22:12:09 +02:00
Christophe Maudoux
7a9020ff25
Modify type ( #2266 )
2020-08-29 20:13:11 +02:00
Christophe Maudoux
0a4812203c
Allowed all special chars and rule to disable local password policy ( #2266 )
2020-08-29 19:08:47 +02:00
Christophe Maudoux
b4222b50f3
Tidy & Update doc
2020-08-28 23:50:57 +02:00
Christophe Maudoux
779fd983e5
Typo ( #2302 )
2020-08-28 21:56:54 +02:00
Christophe Maudoux
317172c8ac
Fix unit tests ( #2276 )
2020-08-28 14:44:03 +02:00
Christophe Maudoux
525eab006d
Improve unit test ( #2276 )
2020-08-28 10:41:40 +02:00
Christophe Maudoux
8b6ab584cf
WIP: Update langs & append conf test ( #2276 )
2020-08-27 14:38:11 +02:00
Christophe Maudoux
4d52fedfe5
WIP - Incremental tempo
2020-08-25 22:58:47 +02:00
Maxime Besson
c5900ece14
Kerberos: fail with an explicit message on NTLM ticket ( #2295 )
2020-08-25 20:01:28 +02:00
Clément OUDOT
f158961fa6
Fix bad reference usage on hash
2020-08-25 00:27:06 +02:00
Christophe Maudoux
e84b29aca4
Display special chars password policy with expired password form ( #2289 )
2020-08-24 22:43:15 +02:00
Maxime Besson
a7b09f8dbb
Auth::SAML: fix warning on empty session index ( #2291 )
2020-08-24 17:24:55 +02:00
Maxime Besson
5e78464d7f
Resolve nameid session attribute from local macros ( #2280 )
2020-08-17 22:06:09 +02:00
Maxime Besson
9ac49b881a
Lookup casAppMetaDataOptionsUserAttribute in per-app macros ( #2280 )
2020-08-17 22:06:09 +02:00
Maxime Besson
52c6edb453
Lookup oidcRPMetaDataOptionsUserIDAttr in per-RP macros ( #2280 )
2020-08-17 22:06:09 +02:00
Maxime Besson
4497f39efe
Factor psession id calculation into Common
2020-08-17 18:43:29 +02:00
Maxime Besson
26cd1945fb
Try to compute the correct value of SameSite by default ( #2281 )
2020-08-17 18:05:09 +02:00
Maxime Besson
7a02fdf8e5
rollback caa346d075 ( #2179 )
...
No longer needed since #2261
2020-08-12 09:49:14 +02:00
Maxime Besson
9d9e16e3f9
Remove setAuthSessionInfo from refresh process ( #2261 )
2020-08-12 09:49:14 +02:00
Christophe Maudoux
ca514f69e5
Fix version ( #2274 )
2020-08-11 22:43:32 +02:00
Christophe Maudoux
08ad68824e
Fix 500 error ( #2274 )
2020-08-11 22:03:32 +02:00
Maxime Besson
b2a2575896
Fix incorrect SOAP content type in SAML issuer ( #2263 )
2020-08-10 15:06:00 +02:00
Maxime Besson
9aa3b9b03f
Add correct secure flag to pdata cookie ( #2272 )
2020-08-10 12:10:33 +02:00
Maxime Besson
a96820d6f6
Set secure flag when removing cookie ( #2272 )
2020-08-10 12:10:33 +02:00
Christophe Maudoux
a1ebb0ee02
Fix ContextSwitching redirect & update unit tests ( #2273 )
2020-08-08 20:00:41 +02:00
dcoutadeur
0045daa592
fix increase log level for mail sending and password reset ( #2265 )
2020-07-28 15:04:55 +02:00
Clément OUDOT
d1418952eb
Convert mutli-valued attributes into arrays for OIDC UserInfo ( #2256 )
2020-07-16 20:19:41 +02:00
Clément OUDOT
c5db3bc8bd
Add country to address claim ( #2257 )
2020-07-16 19:58:53 +02:00
Baptiste Pecatte
5fbf7ae533
Remove useless variable
2020-07-05 13:11:28 +02:00
Baptiste Pecatte
2816bed66e
Add host to logs for use with fail2ban
2020-07-05 13:11:28 +02:00
Maxime Besson
5df1850847
Add cache-control headers to sendJSONresponse ( #2234 )
2020-06-24 15:49:50 +02:00
Clément OUDOT
e544ee7778
Adapt user log in SAML issuer ( #2244 )
2020-06-18 18:40:13 +02:00
Clément OUDOT
5d5eda9799
Adapt user log in CAS issuer ( #2244 )
2020-06-18 18:39:53 +02:00
Clément OUDOT
0b3908e6dc
Add user log in GET issuer ( #2244 )
2020-06-18 18:01:33 +02:00
Clément OUDOT
2da914cc90
Publish support for refresh_token grant_type ( #2242 )
2020-06-18 09:43:56 +02:00
Clément OUDOT
7d327f0e2e
Do not remove mail token before form has been submitted ( #2239 )
2020-06-17 16:29:31 +02:00
Christophe Maudoux
b86c3431c2
Append setSession info step ( #2172 )
2020-06-07 13:25:07 +02:00
Christophe Maudoux
b04b2076de
Preserve real_hGroups ( #2229 )
2020-06-06 23:27:37 +02:00
Maxime Besson
568c28d707
Fix REST clock tolerance ( #2225 )
...
plus a bit of refactoring
2020-06-03 10:47:37 +02:00
Maxime Besson
33a5496e55
Fix regression in #2085 ( #2224 )
...
Clearing all hidden form values was a mistake as it breaks SAML when the
redirection URL contains a query string. We should keep existing hidden
fields. In the context of OIDC request, we clear them before redirection
to avoid #2085
2020-05-29 15:51:51 +02:00
Maxime Besson
e9c05a63b2
Yubikey: use userdb-provisionned session field ( #2189 )
2020-05-25 18:57:07 +02:00
Christophe Maudoux
bb9e03d1e5
Tidy
2020-05-24 00:04:33 +02:00
Christophe Maudoux
53e16eca8c
Append unit tests ( #2207 )
2020-05-23 23:02:37 +02:00
Clément OUDOT
39d7344f75
Add userLogger message in Demo backend ( #2216 )
2020-05-22 14:52:58 +02:00
Clément OUDOT
4b5670a723
Fetch Public keys and GPG keys from GitHub ( #2203 )
2020-05-21 22:55:42 +02:00
Christophe Maudoux
1113fab014
Append ContextSwitching unrestrictedUsers rule ( #2207 )
2020-05-20 21:53:13 +02:00
Christophe Maudoux
312445d543
Append checkUser unrestrictedUsers rule & Fix idRule ( #2207 & #2215 )
2020-05-20 21:23:31 +02:00
Christophe Maudoux
eb65264d5d
Append Impersonation unrestrictedUsers rule & Update langs ( #2207 )
2020-05-19 23:33:07 +02:00
Maxime Besson
9d7e5c61cc
handle empty string value for yubikey parameters ( #2211 )
2020-05-18 12:34:34 +02:00
Christophe Maudoux
2ecd0b18a8
Skip bad GrantSession rules & Improve unit test ( #2201 )
2020-05-10 14:26:08 +02:00
Maxime Besson
db9e862843
Merge branch 'feature-userdb-password-restserver' into v2.0
2020-05-09 20:07:24 +02:00
Christophe Maudoux
9bf915b5dc
Fix unit tests & Version
2020-05-08 23:03:16 +02:00
Clément OUDOT
7efaf9d5cd
User not always known in try subroutine ( #2165 )
2020-05-04 22:20:17 +02:00
Clément OUDOT
0bf1bfb7dd
Do not stop logout process on error in Combination ( #2165 )
2020-05-04 21:53:14 +02:00
Clément OUDOT
7ed251ce3f
Better log messages ( #2165 )
2020-05-04 21:48:06 +02:00
Xavier Guimard
6caf88a174
Better warning fix
2020-05-04 16:42:41 +02:00
Xavier Guimard
5d10695a79
Fix warning
2020-05-04 16:40:57 +02:00
Xavier Guimard
0f4ed9ecbe
Add a test in combination to catch error when combination rule is unstable ( #2165 )
2020-05-04 16:37:15 +02:00
Maxime Besson
9464bd2503
Merge branch 'fix-oidc-consent-2fa-2142' into 'v2.0'
...
Fix #2142
See merge request lemonldap-ng/lemonldap-ng!135
2020-05-04 16:00:35 +02:00
Xavier Guimard
317bfcd97d
Clean all issuer when issuerTs expires ( fixes : #2186 )
2020-05-04 15:42:25 +02:00
Xavier Guimard
52938222a5
Fix combination logout if condition changed ( Fixes : #2165 )
2020-05-04 15:29:16 +02:00
Christophe Maudoux
46bb6fea4f
Return PE_SESSIONEXPIRED instead of 400 bad request ( #2184 )
2020-05-01 19:52:32 +02:00
Maxime Besson
dfc4411eae
Add UserDB methods to REST server ( #1659 )
2020-05-01 13:44:23 +02:00
Maxime Besson
b5d461da47
Add password methods to REST server ( #1598 )
2020-05-01 13:44:23 +02:00
Maxime Besson
6adb0e17b3
Use req->data instead of req->userData to retrieve LDAP dn ( #1598 )
2020-05-01 13:44:23 +02:00
Maxime Besson
0c77c0b46d
Add missing SetSecurity in UserDB::REST ( #1659 )
2020-05-01 13:43:12 +02:00
Maxime Besson
172993fcd6
Add useMail to UserDB::REST ( #1659 )
2020-05-01 13:43:12 +02:00
Maxime Besson
29d44121d7
Add useMail to Password::REST ( #1598 )
2020-05-01 13:43:12 +02:00
Christophe Maudoux
7014327232
Append an option to display sfManager link ( #2185 )
2020-04-30 20:50:10 +02:00
Clément OUDOT
ac9769ff69
Prepare release 2.0.8
2020-04-30 19:59:37 +02:00
Xavier Guimard
d801070a8f
Clean also pdata in Main::Issuer::_redirect() ("1939) and add @maxbes test
2020-04-30 12:56:28 +02:00
Christophe Maudoux
dc672c2d1f
Force FF to submit forms ( #2158 )
2020-04-30 12:43:06 +02:00
Christophe Maudoux
bd28760bd7
Change plugins loading order ( #2180 )
2020-04-29 19:36:18 +02:00
Maxime Besson
8eb9120af7
RESTServer: Clarify error message when time skew is too great
...
deab21e091
2020-04-29 18:41:11 +02:00
Christophe Maudoux
a7a0f25321
Update function signature and params list
2020-04-28 18:24:55 +02:00
Christophe Maudoux
591f953d5e
Merge branch 'v2.0' into 2178-new
2020-04-28 18:20:49 +02:00
Clément OUDOT
9cd079e8fe
Manage multi valued attributes in CAS authentication module ( #2118 )
2020-04-28 12:44:16 +02:00
Christophe Maudoux
a52c8f53b0
Use rule ( #2178 )
2020-04-27 22:12:12 +02:00
Christophe Maudoux
763eb04b4b
Update tree ( #2178 )
2020-04-27 20:39:02 +02:00
Christophe Maudoux
caa346d075
Restore previous authentication level ( #2179 )
2020-04-27 18:20:23 +02:00
Maxime Besson
c1fb1a1b66
Mitigate #1980 by displaying an error to the user
2020-04-27 17:40:34 +02:00
Maxime Besson
7e502af391
Add option to remove "Refresh my rights" from menu
2020-04-27 17:19:41 +02:00
Clément OUDOT
a97041f8cd
Fix test for Issuer timeout ( #1939 )
2020-04-27 14:40:45 +02:00
Xavier Guimard
dff45f5456
Fix tytpe ( #1939 )
2020-04-27 10:31:03 +02:00
Christophe Maudoux
ac06832c1e
Partial revert
2020-04-26 12:13:13 +02:00
Christophe Maudoux
81185fef82
Improve code
2020-04-26 11:25:12 +02:00
Xavier Guimard
c868cb431f
Add pdata timeout for issuers ( #1939 )
2020-04-26 09:31:38 +02:00
Christophe Maudoux
fd19547c1c
Tidy
2020-04-25 14:51:11 +02:00
Christophe Maudoux
a3c11a662a
Code refactoring ( #1664 )
2020-04-25 14:47:10 +02:00
Christophe Maudoux
5dffb9de78
Code refactoring ( #1999 )
2020-04-25 14:42:02 +02:00
Christophe Maudoux
23d721c7c5
Code refactoring ( #1956 )
2020-04-25 14:41:33 +02:00
Christophe Maudoux
522b2bd860
Code refactoring ( #1783 )
2020-04-25 14:41:23 +02:00
Christophe Maudoux
4fefa02028
Code refactoring ( #1658 )
2020-04-25 14:39:40 +02:00
Christophe Maudoux
9d6197232f
Improve code ( #2163 )
2020-04-25 11:44:27 +02:00
Christophe Maudoux
c61ae6be59
Tidy ( #2163 )
2020-04-25 01:02:25 +02:00
Christophe Maudoux
36fbc98bed
Fix error return ( #1999 )
2020-04-25 01:01:57 +02:00
Christophe Maudoux
d387c0f355
Display otherSessions & remove Link ( #2163 )
2020-04-25 00:43:56 +02:00
Maxime Besson
e607d8281f
OIDC: do not advertise missing functionality ( #1194 )
...
Back-Channel logout is not supported yet
2020-04-24 12:15:51 +02:00
Clément OUDOT
138ee4284f
Disable cache when registering a new OIDC client ( #2058 )
2020-04-24 11:52:04 +02:00
Maxime Besson
a3821fc560
Implement additional audiences in ID token ( #2177 )
2020-04-24 11:10:44 +02:00
Christophe Maudoux
6018610196
Make checkUser option rules ( #2173 )
2020-04-24 00:25:10 +02:00
Maxime Besson
6ccf078432
Implement Resource Owner Password Credentials grant ( #2155 )
2020-04-23 17:49:25 +02:00
Maxime Besson
37f71a43b5
create helper function to display portal error code
2020-04-23 17:49:25 +02:00
Maxime Besson
ded6c74fe0
Allow special characters in scope names ( #2168 )
2020-04-23 14:50:53 +02:00
Christophe Maudoux
d11442ed26
Append setSessionInfo step ( #2172 )
2020-04-23 14:16:46 +02:00
Xavier Guimard
0baf014e6b
Revert "Fix part of circular links (related to #1990 )"
...
This reverts commit c9e7f3a1b0
2020-04-23 12:00:51 +02:00
Maxime Besson
31f05b9e2d
Make Introspection endpoint look for offline sessions ( #2171 )
2020-04-23 10:29:08 +02:00
Xavier Guimard
24c1a2e90a
Restore default route ( #1990 )
2020-04-22 22:09:15 +02:00
Xavier Guimard
d5da0362fd
Fix #1990
2020-04-22 21:46:59 +02:00
Maxime Besson
626715a580
Prevent duplicate consents in psession ( #2169 )
2020-04-22 21:26:38 +02:00
Maxime Besson
a217590869
Tidy OIDC
2020-04-22 21:25:56 +02:00
Christophe Maudoux
a74b5acafa
Merge branch 'fix-oidc-info-2085' into 'v2.0'
...
Fix OIDC info before redirect (#2085 )
See merge request lemonldap-ng/lemonldap-ng!134
2020-04-22 18:17:58 +02:00
Christophe Maudoux
df9beb25f2
Merge branch 'fix-2081' into 'v2.0'
...
Fix #2081 by detecting external URL
See merge request lemonldap-ng/lemonldap-ng!138
2020-04-22 17:58:26 +02:00
Xavier Guimard
1f80a0ab8c
Avoid little warning in test
2020-04-22 15:37:19 +02:00
Xavier Guimard
c9e7f3a1b0
Fix part of circular links (related to #1990 )
2020-04-22 14:13:14 +02:00
Maxime Besson
ecbcc0b6b6
Fix #2081 by detecting external URL
2020-04-22 11:25:06 +02:00
Maxime Besson
92af252ae9
Make SingleSession configurable by rule ( #2164 )
2020-04-22 11:02:59 +02:00
Maxime Besson
0983c66139
Portal: add helper method to build a rule from a string
2020-04-22 11:02:59 +02:00
Xavier Guimard
1a13e3d0dc
Really fix #2161
2020-04-21 22:09:40 +02:00
Maxime Besson
b8d72e21b4
fix display of deleted sessions ( #2159 )
2020-04-21 10:18:50 +02:00
Xavier Guimard
faadd4fc52
DBI: verify parameters during init ( Fixes : #2161 )
2020-04-21 07:55:07 +02:00
Christophe Maudoux
cd8f8bd847
Typo ( #2159 )
2020-04-21 00:03:45 +02:00
Maxime Besson
deab21e091
RESTServer: Clarify error message when time skew is too great
2020-04-20 17:14:32 +02:00
Christophe Maudoux
dcef93eea9
Update version ( #2154 )
2020-04-19 19:25:26 +02:00
Maxime Besson
55f3ca0e77
Improve error reporting for SAML replay protection
2020-04-18 19:54:02 +02:00
Christophe Maudoux
e00cb0ecf0
use localDate & Improve unit test ( #1999 )
2020-04-18 11:50:07 +02:00
Christophe Maudoux
612682fddb
Sort active sessions ( #1999 )
2020-04-18 00:32:21 +02:00
Clément OUDOT
fb29673fdf
GitHub authentication module ( #2154 )
2020-04-17 23:34:45 +02:00
Christophe Maudoux
478d205f07
Code refactoring & Tidy ( #2138 )
2020-04-17 20:00:36 +02:00
dcoutadeur dcoutadeur
2c6df4dfc0
Merge branch 'logoutforward' into 'v2.0'
...
fix #2138 logout forward doesn't work anymore
See merge request lemonldap-ng/lemonldap-ng!136
2020-04-17 17:56:48 +02:00
dcoutadeur
c984bb8b4a
fix CAS logoutServices (see #2138 logout forward doesn't work anymore)
2020-04-17 17:36:43 +02:00
dcoutadeur
641c523b62
revert c1b61f535 fix CAS logoutServices
2020-04-17 17:14:16 +02:00
dcoutadeur
c1b61f535a
fix CAS logoutServices (see #2138 logout forward doesn't work anymore)
2020-04-17 16:56:35 +02:00
dcoutadeur
17e56da82b
cleaner solution for #2138 logout forward doesn't work anymore
2020-04-17 16:26:40 +02:00
Christophe Maudoux
c3f7755055
Merge branch 'v2.0' into fix-ssl-error-reporting-2110
2020-04-16 23:05:09 +02:00
Christophe Maudoux
b82bdd9e6f
Tidy
2020-04-16 22:46:11 +02:00
Christophe Maudoux
4521705013
Avoid to create an empty SSO session ( #1783 )
2020-04-16 22:42:40 +02:00
dcoutadeur
cd15ac7a67
fix #2138 logout forward doesn't work anymore
2020-04-16 17:27:14 +02:00
Maxime Besson
7cc02dc179
Add auth routes for 2f choice screen ( #2151 )
2020-04-16 14:26:33 +02:00
Maxime Besson
6447396888
Improve SSL error reporting ( #2110 )
2020-04-15 18:43:27 +02:00
Maxime Besson
8c94bf0f13
Allow portal JSON responses to include a rendered HTML error block ( #2110 )
2020-04-15 18:42:31 +02:00
Maxime Besson
e1767abfda
CORS: special handling for AJAX SSL ( #2110 )
2020-04-15 18:42:31 +02:00
Maxime Besson
2440fc7866
use sendJSONresponse instead of handcrafting portal response
2020-04-15 18:42:31 +02:00
Maxime Besson
4bcb391121
Add an easy way to set level of additional second factors ( #2149 )
2020-04-15 17:20:27 +02:00
Maxime Besson
755a5c3a6b
post confirm to issuer url after restoring ( #2142 )
2020-04-14 21:46:30 +02:00
Maxime Besson
b512cc700c
Replace hidden form values on info when urldc has a QS ( #2085 )
2020-04-14 18:48:35 +02:00
Christophe Maudoux
6d146f9c4b
Verify that $field is defined with AuthSSL ( #2141 )
2020-04-11 22:54:55 +02:00
Christophe Maudoux
082d12ca5f
Append customParam to globalLogout plugin ( #2145 )
2020-04-11 22:34:29 +02:00
Christophe Maudoux
3a4ab3bbec
setSecurity if an error occurs with AuthChoice ( #2144 )
2020-04-11 18:55:44 +02:00
Christophe Maudoux
13bb55a818
Append an option to define apps tooltip & Improve unit test ( #2140 )
2020-04-08 22:40:28 +02:00
Christophe Maudoux
202a500c3e
Tidy
2020-04-07 11:47:32 +02:00
Christophe Maudoux
0fb0bd1d07
Code refactoring ( #2129 )
2020-04-07 11:39:32 +02:00
Christophe Maudoux
d56a76584a
Retrieve 'allusers' notifications ( #2071 )
2020-04-06 23:55:04 +02:00
Christophe Maudoux
9e84447d2d
Fix update session ( #2129 )
2020-04-06 23:28:01 +02:00
Christophe Maudoux
e68d5ed2c8
Revert "Fix update session ( #2129 )"
...
This reverts commit 1c65c72a62
2020-04-06 19:35:29 +02:00
Christophe Maudoux
1c65c72a62
Fix update session ( #2129 )
2020-04-06 19:24:50 +02:00
Christophe Maudoux
d53cddae39
Better fix & De-duplicate groups ( #2129 )
2020-04-06 19:05:50 +02:00
Clément OUDOT
c87a36e3ca
Do not run setGroups after 2FA ( #2129 )
2020-04-06 18:36:51 +02:00
Christophe Maudoux
37a9360625
Append PPolicyNone message & Unit test & Update manifest
2020-04-05 12:19:05 +02:00
Christophe Maudoux
dbf6415a12
Improve code ( #1783 )
2020-04-04 00:08:20 +02:00
Christophe Maudoux
30f6a889de
Append contextSwitching prefix parameter ( #1783 )
2020-04-03 23:09:55 +02:00
Christophe Maudoux
d6d9d6031d
Append debug log ( #1796 )
2020-04-03 18:56:11 +02:00
Christophe Maudoux
c179654fc4
Fix typo notification reference & Update unit tests( #2133 )
2020-04-03 18:26:22 +02:00
Christophe Maudoux
0ec9ff84e2
Fix test & notification reference ( #2133 )
2020-04-03 14:34:44 +02:00
Christophe Maudoux
f469180663
Improve unit test ' #2130 )
2020-04-03 00:21:15 +02:00
Christophe Maudoux
6382c35cd4
Update PP display ( #2130 )
2020-04-02 13:30:22 +02:00
Christophe Maudoux
71ba189edc
Append special characters password policy ( #2130 )
2020-04-02 12:14:05 +02:00
Christophe Maudoux
b924b96176
WIP - Append PP special characters options ( #2130 )
2020-04-02 01:03:42 +02:00
Christophe Maudoux
154250e6e7
Use real authentificationLevel & Improve unit test ( #2129 )
2020-04-01 19:33:18 +02:00
Christophe Maudoux
2a34d1ae8c
Update sessionInfo if second factor succeeds & Improve unit tests ( #2129 )
2020-04-01 15:43:46 +02:00
Christophe Maudoux
ea8b0bb024
Highlight error message ( #2126 & #1625 )
2020-03-28 18:12:34 +01:00
Christophe Maudoux
68e2e81898
Fix warning if error is undefined ( #2126 & #1625 )
2020-03-28 17:59:37 +01:00
Xavier Montagutelli
9c0e09f89d
Update OpenIDConnect.pm - Correct typo staticPrefi*x*
2020-03-26 16:48:31 +01:00
Maxime Besson
e9bab71585
Make sure restCall returns a hashref ( #2125 )
2020-03-26 11:31:33 +01:00
Maxime Besson
845ff2da85
fix param transmission in rest2f ( #2123 )
2020-03-26 10:58:27 +01:00
Maxime Besson
34928123f3
OIDC refactoring
...
split token method by response type
factor ID token generation between implicit and hybrid flows
still a lot to do!
2020-03-18 21:14:54 +01:00
Maxime Besson
168dc75f96
OIDC: return id_token in hybrid flow ( #2120 )
2020-03-18 21:05:39 +01:00
Clément OUDOT
4c36c77452
Set default value for encryption_mode ( #2117 )
2020-03-12 17:00:50 +01:00
Clément OUDOT
9620e6870a
Possibility to preselect choice tab ( #2115 )
2020-03-11 11:46:14 +01:00
Clément OUDOT
921cf16fcf
Format parameters for trspan ( #2113 )
2020-03-10 11:28:04 +01:00
Clément OUDOT
7c947ab976
Use the correct message for ppolicy time before expiration ( #2113 )
2020-03-10 11:16:43 +01:00
Clément OUDOT
f830fc4d8a
Add some debug logs for ppolicy ( #2113 )
2020-03-10 10:50:02 +01:00
Christophe Maudoux
c9b2eff039
More explicit error message ( #2108 )
2020-03-05 22:14:02 +01:00
Christophe Maudoux
824acec27f
Improve log ( #2071 )
2020-03-03 22:25:30 +01:00
Christophe Maudoux
ea9f019bc8
Append debug logs ( #2071 )
2020-03-03 17:41:19 +01:00
Maxime Besson
fab2553064
Merge branch 'improve-group-2036' into 'v2.0'
...
New macro for group handling, and group-handling examples in default config
See merge request lemonldap-ng/lemonldap-ng!128
2020-03-02 17:02:35 +01:00
Christophe Maudoux
903d3540e4
Show lang flags with redirect template
2020-03-02 14:30:58 +01:00
Christophe Maudoux
8753cc4cf6
Option to hide empty headers with CheckUser ( #2106 )
2020-02-28 22:24:13 +01:00
Christophe Maudoux
a4a73ca907
Don t prompt second factor after a failed log in attempt ( #2088 )
2020-02-27 14:49:27 +01:00
Christophe Maudoux
549d0e8d5c
Typo
2020-02-25 22:03:01 +01:00
Christophe Maudoux
683d5f0d86
Append unit test ( #2088 )
2020-02-25 16:50:50 +01:00
Christophe Maudoux
549658fa72
Compute session with real and spoofed attributes & Improve unit test ( #2104 )
2020-02-25 14:02:16 +01:00
Christophe Maudoux
e89c017ff6
Increase lock time after each failed login attempt ( #2088 )
2020-02-24 22:20:40 +01:00
Maxime Besson
4ae628bfcd
Avoid generatin a bogus ID token when generation fails ( #2105 )
2020-02-24 16:28:41 +01:00
Christophe Maudoux
53d7923cd4
WIP - Increase lock time after each failed login attempt ( #2088 )
2020-02-23 23:19:32 +01:00
Christophe Maudoux
9a6b604f5c
Skip bad rule & improve unit test ( #2102 )
2020-02-22 22:03:00 +01:00
Christophe Maudoux
18b43cacfc
Avoid unprotected urldc host with wildcard-protected hosts ( #2101 )
2020-02-22 00:13:52 +01:00
Clément OUDOT
53263c7f10
Remove references to keepPdata = 1 in code ( #2099 )
2020-02-21 09:29:10 +01:00
Xavier Guimard
4459a47f76
Tidy
2020-02-20 23:37:05 +01:00
Xavier Guimard
a76cba3856
Update versions
2020-02-20 23:37:01 +01:00
Maxime Besson
47068c51b8
Revert "Prevent portal from crashing when keepPdata=1 ( #1893 )"
...
This reverts commit 2b4defb2a9fix #2099 .
2020-02-20 22:24:26 +01:00
Xavier Guimard
22c1f7270c
Add feature to override SOAP Proxy URN ( #2100 )
2020-02-20 21:49:55 +01:00
Maxime Besson
5758e371bf
Improve introspection endpoint ( #2096 )
2020-02-19 21:49:51 +01:00
Christophe Maudoux
95ad4cac37
Improve code
2020-02-17 23:22:31 +01:00
Christophe Maudoux
385a1c1f38
Improve code & typo
2020-02-16 22:53:15 +01:00
Christophe Maudoux
82f2e8d00c
Append log ( #2019 )
2020-02-16 13:20:37 +01:00
Christophe Maudoux
57b546d112
Fix lmConfigEditor logger error ( #2059 )
2020-02-16 12:58:12 +01:00
Christophe Maudoux
9a8d668c61
Improve code ( #2093 )
2020-02-14 22:02:10 +01:00
Christophe Maudoux
15c12346ab
Hide persistent session attributes & Improve unit tests ( #2093 )
2020-02-14 16:21:31 +01:00
Christophe Maudoux
8129d76d63
Improve code
2020-02-13 23:27:13 +01:00
Christophe Maudoux
a0ef149b5f
Fix userData ( #2071 )
2020-02-12 22:50:08 +01:00
Christophe Maudoux
4da346b104
Merge branch 'v2.0' into 2071
2020-02-12 22:22:56 +01:00
Christophe Maudoux
6996c79cab
Improve code ( #2071 )
2020-02-12 22:14:02 +01:00
Christophe Maudoux
99c539fe53
Use a var & Update version ( #2071 )
2020-02-10 22:35:37 +01:00
Christophe Maudoux
d91bb8f6b9
Improve toggle ( #2071 )
2020-02-10 11:57:49 +01:00
Christophe Maudoux
83e802f208
Disable & tick checkboxes ( #2071 )
2020-02-10 10:04:10 +01:00
Christophe Maudoux
0df38323af
Typo & improve msg ( #2071 )
2020-02-10 09:31:43 +01:00
Christophe Maudoux
0b2ab19b7f
Toggle buttons - Fix message ( #2071 )
2020-02-09 23:05:33 +01:00
Christophe Maudoux
73a0ec9dc6
Toggle buttons ( #2071 )
2020-02-09 21:55:52 +01:00
Christophe Maudoux
c23b6c90ff
Fix missing flags
2020-02-09 18:42:29 +01:00
Christophe Maudoux
ef01060c54
Update langs ( #2071 )
2020-02-09 18:30:08 +01:00
Christophe Maudoux
2f04ffcc4a
WIP - Notifications explorer ( #2071 )
2020-02-09 17:47:25 +01:00
Christophe Maudoux
dd9e849b3e
Don t send params with GET method ( #2081 )
2020-02-07 21:39:58 +01:00
Maxime Besson
f8b93f8c35
Add some demo groups ( #2036 )
2020-02-06 16:22:23 +01:00
Maxime Besson
68be974e51
Add option to compute userdb groups before macros ( #1877 )
2020-02-05 15:39:45 +01:00
Maxime Besson
3b48746948
SAML: Hide error in storeEnv ( #2084 )
2020-02-03 17:08:18 +01:00
Maxime Besson
e52f6d3ba7
Increase visibility of Lasso errors ( #2084 )
2020-02-03 17:08:18 +01:00
Maxime Besson
f4b11e9a0d
fix whitespace ( #2082 )
2020-01-31 17:48:21 +01:00
Maxime Besson
e40568a330
Manager: fix SSLVarIf syntax ( #2082 )
2020-01-31 17:43:49 +01:00
Maxime Besson
f997a26e41
Fix form method when displaying info in autoPost ( #2080 )
2020-01-30 20:43:04 +01:00
Clément OUDOT
faa65c4abf
Options to add a custom CSS file ( #2076 )
2020-01-28 15:14:24 +01:00
Clément OUDOT
681452524d
Associate SAML access rule to SP conf key and not SP entityID ( #2074 )
2020-01-24 09:01:56 +01:00
Maxime Besson
5149ba8118
Make debug message less confusing when portal status is <0
2020-01-23 20:37:18 +01:00
Christophe Maudoux
8279733fbd
Update Process.pm
...
Typo
2020-01-22 12:39:02 +01:00
Xavier Guimard
f3f97ccb80
Add sameSite parameter ( #2069 )
2020-01-20 06:21:09 +01:00
Christophe Maudoux
0408ce80b8
Better better fix ( #2061 )
2020-01-19 18:06:56 +01:00
Xavier Guimard
0fa90c5efe
Avoid double encode_base64 call ( #2061 )
2020-01-18 22:25:48 +01:00
Christophe Maudoux
32d7f46b1a
Better fix ( #2061 )
2020-01-18 18:58:42 +01:00
Christophe Maudoux
fd2a9ce226
Append info log msg ( #2061 )
2020-01-17 22:27:03 +01:00
Christophe Maudoux
138ef363d4
Force cleaning pdata cookie if redirect url match _url & Improve unit test ( #2061 )
2020-01-17 22:17:02 +01:00
Christophe Maudoux
6f31d98710
Revert "Force cleaning pdata cookie if redirect url match _url & Improve unit test ( #2063 )"
...
This reverts commit 965678dde2
2020-01-17 22:16:44 +01:00
Christophe Maudoux
965678dde2
Force cleaning pdata cookie if redirect url match _url & Improve unit test ( #2063 )
2020-01-17 22:10:06 +01:00
Christophe Maudoux
583bbbe285
Append CSP frame-ancestors option & Improve unit test ( #2068 )
2020-01-15 16:09:57 +01:00
Christophe Maudoux
d7c2b36d15
Don t load bruteForceProtection plugin without persistent storage
2020-01-14 19:01:37 +01:00
Christophe Maudoux
c47466698d
Load bruteForce plugin only if history is gt attempts
2020-01-13 14:10:36 +01:00
Christophe Maudoux
27b0b7fde4
Append Custom backend & Improve unit test ( #1605 )
2020-01-10 17:48:49 +01:00
Christophe Maudoux
2ba565693b
Append Demo backend & Unit test ( #1605 )
2020-01-10 17:26:20 +01:00
Christophe Maudoux
b28a9d148e
Modify log level
2020-01-08 23:06:49 +01:00
Christophe Maudoux
94cefa3ef4
Typo
2020-01-07 22:38:08 +01:00
Christophe Maudoux
cf6f1ca532
Test if Captcha is enabled & Improve unit test ( #2057 )
2020-01-05 21:57:24 +01:00
Christophe Maudoux
b08400d4bb
Fix langs & Append template ( #1605 )
2020-01-05 19:24:47 +01:00
Christophe Maudoux
aa7df251b7
Remove useless parameters ( #1605 )
2020-01-04 22:19:21 +01:00
Christophe Maudoux
b029fdf604
Typo ( #1605 )
2020-01-04 16:58:33 +01:00
Christophe Maudoux
f37c2399b1
Update sessionInfo during auth process with 2FA
2020-01-04 13:36:21 +01:00
Xavier Guimard
43245bbf36
Fix warnings
2020-01-04 08:21:38 +01:00
Christophe Maudoux
a48daee305
Update sessionInfo during auth process
2020-01-03 23:39:57 +01:00
Christophe Maudoux
0f591496b4
Update sessionInfo during auth process to improve handler in-memory sessions security & Improve unit tests
2020-01-03 20:07:36 +01:00
Christophe Maudoux
f8046dd716
Update sessionInfo during auth process & Improve unit tests
2020-01-03 12:36:35 +01:00
Christophe Maudoux
1988983c90
Typo
2019-12-31 17:14:44 +01:00
Christophe Maudoux
23b7919940
Merge branch 'reset-certificate' into 'v2.0'
...
fix call to mailTemplate in ResetCertificate module (#1605 )
See merge request lemonldap-ng/lemonldap-ng!120
2019-12-30 09:31:28 +01:00
Christophe Maudoux
bd85aff978
Typo & FR translation & Container type ( #1605 )
2019-12-29 21:48:56 +01:00
epictete
908082aa54
fix call to mailTemplate in ResetCertificate module ( #1605 )
2019-12-29 00:18:14 +01:00
Christophe Maudoux
7b499f9bd1
Fix wrong message & Improve unit test ( #2050 )
2019-12-26 17:06:59 +01:00
Xavier Guimard
3317ab9fb1
Fix...
2019-12-25 13:30:54 +01:00
Xavier Guimard
d069f32438
Fix bad export
2019-12-25 13:11:58 +01:00
Christophe Maudoux
2954ea2abc
Disable compactConf by default & Update unit tests ( #2046 )
2019-12-22 13:06:10 +01:00
Clément OUDOT
7d13400be4
Update version in modules
2019-12-21 16:33:39 +01:00
Clément OUDOT
458d353af8
Merge branch 'v2.0' into dcoutadeur/lemonldap-ng-certificate-reset
2019-12-21 16:19:49 +01:00
Clément OUDOT
983af4dec1
make json ( #1605 )
2019-12-21 16:13:32 +01:00
Clément OUDOT
f5c2b81051
Possibility to add extra claims and extra vars in OIDC register ( #2003 )
2019-12-21 12:08:48 +01:00
Christophe Maudoux
39f93b0eb0
Retrieve all notifications & Improve unit test ( #2012 )
2019-12-19 20:52:34 +01:00
dcoutadeur
a465a5d768
Reset Certificate module for v2.0.7 ( #1605 )
2019-12-19 19:10:32 +01:00
Clément OUDOT
3831b81255
Adapt log message in refresh ( #2005 )
2019-12-19 18:11:33 +01:00
Clément OUDOT
ae0d455e7f
Use base64 URL to decode JWT ( #2045 )
2019-12-19 17:31:02 +01:00
Maxime Besson
f7f526b825
Fix #1882 in refresh token code
2019-12-17 10:59:45 +01:00
Maxime Besson
3094c04470
Merge branch '2010-upgradesession-kerberos' into 'v2.0'
...
Fix Kerberos in session upgrade (#2010 )
See merge request lemonldap-ng/lemonldap-ng!105
2019-12-16 18:14:57 +01:00
Maxime Besson
a410793122
CAS per-service macros portal code ( #2042 )
2019-12-16 17:26:35 +01:00
Maxime Besson
2a15bb0523
SAML per-service macros portal code ( #2042 )
2019-12-16 17:26:34 +01:00
Maxime Besson
32ecf37be4
OIDC per-service macros portal code ( #2042 )
2019-12-16 17:26:34 +01:00
Christophe Maudoux
c21ab76900
Better fix ( #2005 )
2019-12-15 12:54:28 +01:00
Christophe Maudoux
e4c5a9d723
Fix #2005 & improve unit test
2019-12-14 17:40:23 +01:00
Clément OUDOT
757399fa61
Catch PE_BADCREDENTIALS error in Combination display process ( #2009 )
2019-12-13 11:15:05 +01:00
Clément OUDOT
c2c11342ac
setSecurity method for Combination ( #2009 )
2019-12-13 11:12:26 +01:00
Xavier
5bb6f2fd3b
Refresh plugin ( #2006 )
2019-12-08 17:28:51 +01:00
Xavier
d01cfe94df
Refresh plugin skeleton ( #2006 )
2019-12-08 17:19:50 +01:00
Christophe Maudoux
a3a800108c
Append renew captcha button ( #2019 )
2019-12-01 22:03:58 +01:00
Christophe Maudoux
5d6151f0d1
Fix version
2019-11-29 19:23:22 +01:00
Maxime Besson
75559bfb15
Fix TTL of offline session ( #813 )
2019-11-27 12:12:47 +01:00
Christophe Maudoux
6f2e5c1811
Typo
2019-11-25 22:48:12 +01:00
Christophe Maudoux
a54a8228b4
Check only active notifications & Improve unit test - XML format ( #2012 )
2019-11-25 11:55:19 +01:00
Christophe Maudoux
80f19e4e71
Check only active notifications & Improve unit test - JSON format ( #2012 )
2019-11-25 11:51:08 +01:00
Christophe Maudoux
c1c6a8a9a6
Update langs & version ( #1999 )
2019-11-22 22:39:56 +01:00
Christophe Maudoux
60ef07bcd6
Check notifications date ( #2012 )
2019-11-22 21:08:28 +01:00
Christophe Maudoux
60bf01d27a
Update version ( #1999 )
2019-11-22 20:40:28 +01:00
Christophe Maudoux
7324172023
Merge branch 'v2.0' into globalLogout
2019-11-20 21:11:34 +01:00
Maxime Besson
e130c6160b
Validate LDAP connections in getUser ( #2018 )
2019-11-20 20:57:33 +01:00
Xavier
6cdfd72197
setSecurity skeleton for Combination ( #2009 )
2019-11-20 17:47:56 +01:00
Christophe Maudoux
ef5d0cde48
Merge branch 'v2.0' into globalLogout
2019-11-18 22:15:54 +01:00
Christophe Maudoux
e20555623e
Append defaulCondition option ( #2012 )
2019-11-18 17:34:56 +01:00
Christophe Maudoux
ea3337574c
Append conf manager test ( #2012 )
2019-11-17 22:36:52 +01:00
Christophe Maudoux
d935753eaf
Append to JSON format condition check & improve unit test ( #2012 )
2019-11-17 22:25:06 +01:00
Christophe Maudoux
c548a4d03e
Typo
2019-11-17 22:23:12 +01:00
Christophe Maudoux
15711c642e
Merge branch 'v2.0' into globalLogout
2019-11-15 21:49:56 +01:00
Christophe Maudoux
7b637f5a04
Update response and unit test ( #1999 )
2019-11-15 21:49:01 +01:00
Christophe Maudoux
632f731774
Allow non array ref with single checkbox and split notification body ( #2012 )
2019-11-15 21:03:18 +01:00
Maxime Besson
04f5116c23
Fix Kerberos in session upgrade ( #2010 )
2019-11-15 16:10:37 +01:00
Maxime Besson
57b28940fa
Do not show password change prompt when AD password is incorrect ( #2007 )
2019-11-15 11:59:03 +01:00
Maxime Besson
258fba5eaa
Do not store session key if attribute was missing from UserDB ( #2004 )
2019-11-15 11:29:46 +01:00
Maxime Besson
bedcf20806
Change portal error code on 2F failure ( #2008 )
2019-11-15 11:19:08 +01:00
Christophe Maudoux
193666d963
Tidy ( #1999 )
2019-11-14 22:06:15 +01:00
Christophe Maudoux
bd3cfb0c1c
Append REST service ( #1999 )
2019-11-14 22:02:18 +01:00
Christophe Maudoux
ad1040986b
Typo
2019-11-13 21:27:48 +01:00
Christophe Maudoux
7ef9e132c9
Append GlobalLogout plugin ( #1999 )
2019-11-13 20:56:56 +01:00
Christophe Maudoux
818ebc89be
Improve code ( #1999 )
2019-11-13 16:42:32 +01:00
Christophe Maudoux
8f3c0d234e
Force globalLogout ( #1999 )
2019-11-13 16:10:20 +01:00
Christophe Maudoux
297ef8cd8c
Merge branch 'v2.0' into globalLogout
2019-11-12 22:17:09 +01:00
Christophe Maudoux
75b37eadb2
Fix CheckUser search attributes
2019-11-12 22:16:05 +01:00
Christophe Maudoux
603293411b
Use userData instead of sessionInfo to fix ContectSwitching debug log
2019-11-12 10:00:11 +01:00
Christophe Maudoux
7245e5349c
Typo
2019-11-11 22:38:51 +01:00
Christophe Maudoux
0967a82e99
Check OTT ( #1783 )
2019-11-11 22:34:16 +01:00
Christophe Maudoux
80a1e4bf57
WIP - Append GlobalLogout plugin ( #1999 )
2019-11-11 22:33:30 +01:00
Christophe Maudoux
2e0d2b7e14
Typo
2019-11-11 21:50:28 +01:00
Christophe Maudoux
e225516105
Typo
2019-11-10 21:43:21 +01:00
Maxime Besson
2639c482b1
Fix cookie removal on SAML logout ( #2001 )
...
Since the fixes for #1863 , calling p->do consumes the response headers
set by any previous code. So we must only call do() in a return statement.
2019-11-06 18:44:10 +01:00
Maxime Besson
7bdd33eb46
Fix token ID format ( #1998 )
2019-11-06 11:45:47 +01:00
Christophe Maudoux
32126c4aca
Set ENV ( #1996 )
2019-11-05 11:03:10 +01:00
Maxime Besson
713737c11f
Add an option to return claims in ID token
2019-11-04 18:27:28 +01:00
Maxime Besson
b34a229eda
Add doc for buildUserInfoResponseFromId
2019-11-04 10:47:35 +01:00
Maxime Besson
68704955d2
Apply suggestion to lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm
2019-11-04 10:47:35 +01:00
Maxime Besson
a386a7502a
Allow refresh tokens to be emitted for regular sessions ( #813 )
2019-11-04 10:44:54 +01:00
Maxime Besson
ea2365cc98
Implement OIDC Offline sessions through refresh tokens ( #813 )
2019-11-04 10:44:54 +01:00
Christophe Maudoux
c01c26af6a
Append option to override Issuer OTT storage ( #1993 )
2019-10-31 11:40:33 +01:00
Maxime Besson
7d3b2a95a5
Avoid setting req->user to emtpy value in Demo module
...
This can cause issues when using Combination and password reset in
testing environments
2019-10-30 20:22:37 +01:00
Maxime Besson
5b2f3ca576
Merge branch 'remove-saml-idp-cookie-1941' into 'v2.0'
...
Remove SAML IDP cookie (#1941 )
See merge request lemonldap-ng/lemonldap-ng!99
2019-10-30 16:01:11 +01:00
Clément OUDOT
fb74d03a89
Use whatToTrace for logging messages ( #1991 )
2019-10-29 17:28:55 +01:00
Christophe Maudoux
9892173cc3
Tidy & update version ( #1989 )
2019-10-27 21:15:48 +01:00
Christophe Maudoux
73d83dd7f0
Append missing parameters & improve unit test ( #1989 )
2019-10-27 21:13:25 +01:00
Maxime Besson
ed3e274ab1
Fix force password reset in Combination ( #1984 )
2019-10-24 08:58:04 +02:00
Maxime Besson
4afecb4620
Remove IDP cookie ( #1941 )
2019-10-17 23:09:03 +02:00
Christophe Maudoux
3c2ecfd04a
Tidy ( #1956 )
2019-10-13 22:47:57 +02:00
Christophe Maudoux
f188426f8b
Fix custom function parameter ( #1956 )
2019-10-13 22:29:12 +02:00
Christophe Maudoux
0ca649f106
Use custom decrypt functions ( #1956 )
2019-10-13 15:08:32 +02:00
Maxime Besson
2b4defb2a9
Prevent portal from crashing when keepPdata=1 ( #1893 )
...
Since the changes introduced to fix #1893 , keepPdata is expected to
contain an array of values.
When migrating from previous LLNG versions, cookies may contain
keepPdata=1, which crashes the server because 1 isn't an arrayref
This change makes LLNG consider that keepPdata=1 is not a valid value,
and replaces it with an empty arrayref when starting the login or logout
flow.
2019-10-09 17:35:48 +02:00
Maxime Besson
ff9bb46301
Make notification system take pdata url into account ( #1893 )
2019-10-08 22:40:10 +02:00
Maxime Besson
2bce713f65
Set issuer urldc in pdata ( #1893 )
2019-10-08 22:40:10 +02:00
Maxime Besson
3ee708d8ff
Delay cookie restore after hooks ( #1965 )
2019-10-07 17:26:40 +02:00
Maxime Besson
474bb48aa1
Make Password::LDAP/AD check connection before use ( #1909 )
...
Also remove a mostly redundant wrapper method in Auth::LDAP
2019-10-01 19:17:31 +02:00
Maxime Besson
fa49e77495
Better logs in case of a LDAP error
2019-10-01 15:14:51 +02:00
Clément OUDOT
a239091553
Load String::Random ( #1963 )
2019-10-01 14:49:41 +02:00
Christophe Maudoux
138cfe6edb
Append DecryptValue plugin ( #1956 )
2019-09-30 22:29:49 +02:00
Christophe Maudoux
a219a51e1c
Revert "Make manifest"
...
This reverts commit c00110ed01
2019-09-30 22:28:55 +02:00
Christophe Maudoux
35de9fd3e8
Re-order
2019-09-30 22:27:03 +02:00
Christophe Maudoux
c00110ed01
Make manifest
2019-09-30 22:26:55 +02:00
Christophe Maudoux
b3791cc65b
Typo
2019-09-30 19:10:05 +02:00
Christophe Maudoux
b505d3a475
Typo
2019-09-30 19:10:05 +02:00
Maxime Besson
e9153957da
IDP selection phrasing
2019-09-30 18:55:09 +02:00
Maxime Besson
e693e5e649
Fix IDP selection rules ( #1961 )
2019-09-30 18:54:02 +02:00
Xavier
461cd51e45
Try to fix #1785 without breaking pdata
2019-09-29 23:04:17 +02:00
Christophe Maudoux
6df7412bcf
Fix log with Impersonation plugin ( #1664 )
2019-09-26 20:24:12 +02:00
Maxime Besson
5d5ac66a6e
Add Date: field to emails ( #1953 )
...
This adds a dependancy to Email::Date::Format, but it's already a
dependancy of Email::Sender::Simple (and probably more), so in practice
no new packages are going to be installed
2019-09-26 12:32:58 +02:00
Christophe Maudoux
5d9fc02205
Typo & logger
2019-09-20 22:47:48 +02:00
Christophe Maudoux
c34c6e646e
Append search parameters & improve unit test ( #1938 )
2019-09-19 22:51:10 +02:00
Clément OUDOT
dc0a8f7848
Add some log when user is authorized to access to service ( #1702 )
2019-09-19 16:52:08 +02:00
Clément OUDOT
dd76c4f3db
Improve log for CAS Issuer ( #1702 )
2019-09-19 16:18:51 +02:00
Clément OUDOT
e446e09a7f
Improve log ( #1702 )
2019-09-19 16:07:10 +02:00
Christophe Maudoux
84778604fd
Typo
2019-09-18 21:01:24 +02:00
Christophe Maudoux
2095fdf316
Improve log ( #1702 )
2019-09-18 19:59:35 +02:00
Christophe Maudoux
92c8e6791f
Typo ( #1702 )
2019-09-18 19:49:22 +02:00
Clément OUDOT
5512d38f81
Improve log on 2F unregistration ( #1702 )
2019-09-18 18:09:18 +02:00
Clément OUDOT
ce6f6c3977
Get login to use it in password force change form ( #1910 )
2019-09-18 15:55:13 +02:00
Maxime Besson
98f55fd384
Translate the error code displayed in debug logs
2019-09-17 20:17:57 +02:00
Christophe Maudoux
146aca7c82
Remove trailing whitespaces
2019-09-16 20:30:35 +02:00
Christophe Maudoux
fcf05c5602
Avoid warning
2019-09-16 17:22:35 +02:00
Maxime Besson
c94e2534a9
Send CORS headers when doing JSON responses too ( #1765 )
2019-09-16 16:55:15 +02:00
Maxime Besson
e281ad7cc3
Add support for CORS preflight ( #1765 )
2019-09-16 16:55:15 +02:00
Christophe Maudoux
9c01c46fea
Typo ( #1932 )
2019-09-14 23:37:50 +02:00
Christophe Maudoux
dd66f37739
Return httpSession id if exists ( #1932 )
2019-09-14 22:47:11 +02:00
Christophe Maudoux
5615d5b2a3
Append display Slave logo option ( #1936 )
2019-09-14 22:07:44 +02:00
Christophe Maudoux
ce4cdcee85
Don t display Slave module
2019-09-13 22:37:35 +02:00
Christophe Maudoux
9784e75ead
Check Slave credential headers ( #1935 )
2019-09-13 22:21:09 +02:00
Clément OUDOT
5c7905e342
Improve regexp ( #1891 )
2019-09-13 15:35:05 +02:00
Clément OUDOT
36a1f07786
Remove cancel parameter in CAS service value ( #1891 )
2019-09-13 15:17:51 +02:00
Xavier
e50e7d09d1
Update version of (really) modified files
2019-09-12 21:56:49 +02:00
Clément OUDOT
70d2856d71
Option to display password generation box ( #1928 )
2019-09-12 18:26:56 +02:00
Clément OUDOT
c75a74da5a
Display password form if password is refused ( #1930 )
2019-09-12 17:54:43 +02:00
Christophe Maudoux
4287c39f5b
typo
2019-09-11 16:20:28 +02:00
Christophe Maudoux
bb0b5814f7
Fix empty groups ( #1791 )
2019-09-11 16:18:35 +02:00
Christophe Maudoux
c1af9e49f7
WIP - Append extractFormInfo step & AuthChoiceParam for AuthChoice ( #1925 )
2019-09-09 23:23:52 +02:00
Christophe Maudoux
132f42d44c
Forbid browsers to store users password & Improve unit tests ( #1913 )
2019-09-08 19:28:28 +02:00
Maxime Besson
94877793d4
increase clock tolerance during rest secret check ( #1923 )
2019-09-06 17:45:51 +02:00
Maxime Besson
00e91f374b
Add specific error code when missing a required SAML attr ( #1919 )
...
The MISSINGREQATTR message is a good default value, but a site
administrator may decide to override it with a personnalized version
that only applies to issuer errors caused by an incomplete user profile
(for example, giving a pointer to the local user profile management
application)
2019-09-06 11:04:39 +02:00
Clément OUDOT
e54355ff9f
Use conf as HASH key ( #1619 )
2019-09-05 17:16:55 +02:00
Clément OUDOT
5b7bb4b9cd
Check error message from ITDS ( #1619 )
2019-09-05 17:14:44 +02:00
Clément OUDOT
17123d6196
Avoid plugin conflicts ( #993 )
2019-09-05 13:30:49 +02:00
Clément OUDOT
068ffbe604
Define portalDisplayPasswordPolicy parameter in Manager ( #993 )
2019-09-05 13:02:51 +02:00
Clément OUDOT
b44c13ba2f
Display password policy in password change form ( #993 )
2019-09-05 12:46:32 +02:00
Clément OUDOT
2f2f62ae1c
Check password quality in mail reset plugin ( #993 )
2019-09-05 12:02:51 +02:00
Clément OUDOT
3700a1b54c
Fix logger in Kerberos Auth init
2019-09-04 15:42:33 +02:00
Christophe Maudoux
3e9a424090
Update version ( #1916 )
2019-09-03 22:57:51 +02:00
Christophe Maudoux
56ed8a5724
Append issuersTimeout option ( #1916 )
2019-09-03 22:52:07 +02:00
Clément OUDOT
a2d3ae1d03
Local password policy: minimal digits ( #993 )
2019-09-03 19:08:19 +02:00
Clément OUDOT
28309dca9b
Merge branch 'v2.0' of gitlab.ow2.org:lemonldap-ng/lemonldap-ng into v2.0
2019-09-03 19:07:22 +02:00
Clément OUDOT
b52bbdb838
Local password policy: minimal upper characters ( #993 )
2019-09-03 18:45:35 +02:00
Maxime Besson
ff3d4e218c
doc: suggest a better fix for #1864
...
We can't do it yet because the issue isn't fixed in versions of Lasso
found in the wild. But someday it will be.
2019-09-03 18:13:13 +02:00
Clément OUDOT
ef3d6a26c4
Local password policy: minimal lower characters ( #993 )
2019-09-03 16:10:04 +02:00
Clément OUDOT
8998eb183e
Local password policy: minimal size ( #993 )
2019-09-03 14:30:22 +02:00
Clément OUDOT
82a06fce91
Pass skin parameter in 2F flows ( #1915 )
2019-09-03 11:56:48 +02:00
Clément OUDOT
fca831411b
Fix call to logger in REST authentication backend
2019-08-30 09:46:25 +02:00
Clément OUDOT
177f446f25
Display main logo in redirect page ( #1906 )
2019-08-29 19:29:27 +02:00
Maxime Besson
d61935ab6e
Implement introspection endpoint for access tokens ( #1843 )
2019-08-29 19:10:51 +02:00
Maxime Besson
fd7453b7a5
Refactor endpoint auth
2019-08-29 18:57:26 +02:00
Xavier Guimard
ae6e69667a
Fix warning
2019-08-29 10:49:01 +02:00
Xavier Guimard
9379188000
Fix ^ ( #1903 )
2019-08-28 19:28:20 +02:00
Xavier Guimard
df4e7e7522
Generic fix for issues like #1903
2019-08-28 19:12:29 +02:00
Clément OUDOT
2145483be7
Pass extra args in Combination module ( #1903 )
2019-08-28 18:22:19 +02:00
Xavier Guimard
1660109e2f
Security: use 3-form for open
2019-08-28 11:32:54 +02:00
Xavier
1f2f0240f0
Love Perl ( #1863 )
...
TIMTOWTDI
2019-08-28 00:36:18 +02:00
Maxime Besson
810d2c7f94
Disable template cache to avoid translation issues in mail ( #1897 )
2019-08-27 23:13:36 +02:00
Maxime Besson
a04a376777
Make regular template variables available in mails
...
SKIN, PORTAL_URL, env_*, session_* are now available in email templates
Preliminary work for #1861
2019-08-27 23:13:36 +02:00
Xavier Guimard
48883dbe4e
More tests
2019-08-27 10:32:26 +02:00
Xavier Guimard
323d92fa1b
Don't load Data::Dumper unless debug
2019-08-27 10:10:11 +02:00
Clément OUDOT
796d1b12e6
Add _session_kind to default exported attributes ( #1896 )
2019-08-26 17:38:08 +02:00
Christophe Maudoux
ec59cc164c
Catch error earlier in process ( #1867 )
2019-08-24 23:26:42 +02:00
Xavier Guimard
0415370f2c
More REST debug
2019-08-22 15:17:51 +02:00
Clément OUDOT
e42e71b5e3
Use LinkedIn v2 API ( #1890 )
2019-08-22 14:51:24 +02:00
Christophe Maudoux
894b8be541
By pass first access ( #1867 )
2019-08-21 23:40:23 +02:00
Maxime Besson
661a007b4a
Check OIDC access token expiration ( #1879 )
2019-08-21 12:18:55 +02:00
Christophe Maudoux
b694b16a19
Avoid warning with Choice
2019-08-20 17:08:37 +02:00
Christophe Maudoux
8e9f4e513e
Improve combination with FaceBook & LinkedIn
2019-08-17 17:27:14 +02:00
Christophe Maudoux
5985e6d258
Fix REST service ( #1870 )
2019-08-17 17:11:28 +02:00
Xavier
097183f2b3
Fix warning
2019-08-16 09:10:10 +02:00
Christophe Maudoux
78a82dbee9
Override OTT conf. for Upgrade tokens ( #1884 )
2019-08-15 22:01:44 +02:00
Maxime Besson
2e9f57ab6f
Better default behavior for oidcServiceMetaDataIssuer ( #1882 )
2019-08-13 18:09:59 +02:00
Christophe Maudoux
7502e424e3
Revert "Concatenate pdata and lemon cookies in the same set-cookie header ( #1863 )"
...
This reverts commit c3a01c042c
2019-08-13 10:16:31 +02:00
Christophe Maudoux
c3a01c042c
Concatenate pdata and lemon cookies in the same set-cookie header ( #1863 )
2019-08-12 23:52:33 +02:00
Christophe Maudoux
3891c9caec
Fix log level & improve e2e ini file ( #1878 )
2019-08-12 22:20:22 +02:00
Christophe Maudoux
f8ef2797a8
Update manifest
2019-08-12 21:36:55 +02:00
Christophe Maudoux
d7cb8bf4b8
Force remove pdata cookie to avoid loop ( #1878 )
2019-08-12 21:29:08 +02:00
Christophe Maudoux
09158f0084
Return whatToTrace instead of uid & Fix + Append unit test ( #1664 )
2019-08-10 12:38:25 +02:00
Christophe Maudoux
52fa94bd55
Sort functions & append comments
2019-08-10 11:13:56 +02:00
Christophe Maudoux
bee0e675f3
Revert "Fix langs directory ( #1870 )"
...
This reverts commit b453647b26
2019-08-09 22:46:43 +02:00
Christophe Maudoux
b453647b26
Fix langs directory ( #1870 )
2019-08-09 22:11:05 +02:00
Maxime Besson
daa03a9a9c
OIDC: tie client_id to authorization code ( #1881 )
2019-08-09 13:54:53 +02:00
Christophe Maudoux
9dac92064c
Better fix & update unit tests ( #1861 )
2019-08-07 22:29:12 +02:00
Maxime Besson
9b24fd02e5
Log more detailed information about Kerberos failures
2019-08-07 19:35:35 +02:00
Christophe Maudoux
ce05b44172
Remove useless constants ( #1867 )
2019-08-06 22:42:17 +02:00
Christophe Maudoux
7aad470586
Delete pdata cookie after XML notif validation & Improve unit test ( #1861 )
2019-08-06 22:29:48 +02:00
Christophe Maudoux
c630a90064
Delete pdata cookie after notif validation & Improve unit test ( #1861 )
2019-08-06 22:25:09 +02:00
Xavier
ea713a3169
Avoid conflict in $req->data between DBI and LDAP
...
Closes : #1875
2019-08-06 21:54:41 +02:00
Christophe Maudoux
742e7417d4
Better fix ( #1867 )
2019-08-06 21:04:52 +02:00
Maxime Besson
8de0a89029
Give more customization options for 2F prompt messages
...
new translations labels for mail and rest, and we now pass the 2F prefix
to templates. It's not used in the default skin, but it should help in
cases where extra second factors are used to offer the user a more
helpful prompt message
2019-08-05 20:08:28 +02:00
Christophe Maudoux
bf20db03b9
Improve unit test & fix ( #1867 )
2019-08-04 22:39:14 +02:00
Christophe Maudoux
c1736f7f82
Catch error if setSecurity is undefined ( #1874 )
2019-08-04 12:08:34 +02:00
Christophe Maudoux
1422c28c0b
Improve fix & unit test ( #1874 )
2019-08-03 23:49:02 +02:00
Christophe Maudoux
6cf1c83151
Fix & Improve unit test ( #1874 )
2019-08-03 22:48:07 +02:00
Christophe Maudoux
058ef90662
Append dependency
2019-08-03 11:05:12 +02:00
Christophe Maudoux
6ad07f9c4d
Fix debug log
2019-08-03 11:04:58 +02:00
