dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
11,186 Commits 3 Branches 0 Tags 75 MiB
cd97d3b922
Commit Graph

2914 Commits

Author SHA1 Message Date
Maxime Besson
cd97d3b922 Refactor $req->{cspFormAction} (#2513) 2021-04-23 09:02:24 +02:00
Maxime Besson
a876d978af Suggest improvement for next major version 2021-04-23 09:02:24 +02:00
Maxime Besson
913ebbd556 fix missing domain in child-src during SAML POST logout (#2513) 2021-04-23 09:02:24 +02:00
Maxime Besson
5ba0c11b58 Add helper to build CSP host list (#2513) 2021-04-23 09:02:24 +02:00
Christophe Maudoux
b54c95ccd2 Improve unit tests & Fix regex (#2509) 2021-04-21 22:14:47 +02:00
Maxime Besson
8695a633a7 Force type of JSON fields in token response (#2511) 2021-04-20 11:31:32 +02:00
Christophe Maudoux
21ced5dbad Fix speChars test, typos & display (#2509) 2021-04-14 13:28:12 +02:00
Maxime Besson
a94fb616bd Allow admin to disallow host-based match (#2506) 2021-04-09 17:51:54 +02:00
Maxime Besson
c1e059eeb3 Use authChoiceAuthBasic to select Choice (#2502) 2021-04-07 16:40:32 +02:00
Christophe Maudoux
64dffcf4d0 Send only technical and exported attributes (#2503) 2021-04-03 16:46:43 +02:00
Christophe Maudoux
9f77e89f96 Send exported attributes with REST session server & typos (#2503) 2021-04-02 23:57:30 +02:00
Christophe Maudoux
4751427105 Fix error level & Improve doc (#1976) 2021-04-01 23:31:48 +02:00
Christophe Maudoux
c0db322ef0 Perl critic 2021-04-01 23:07:58 +02:00
Christophe Maudoux
bcfb075f63 Be more consistent with REST params & Update doc (#1976) 2021-04-01 22:48:08 +02:00
Christophe Maudoux
654184dd66 Fix bad request (#2501) 2021-04-01 14:49:44 +02:00
Maxime Besson
297dc830af Update mail templates to no longer use string substitution (#2495) 2021-03-31 14:27:23 +02:00
Maxime Besson
d696853556 Factor MAIN_LOGO variable in loadMailTemplate (#2495) 2021-03-31 14:27:23 +02:00
Christophe Maudoux
89111859a0 Typos (#1976) 2021-03-30 23:54:06 +02:00
Maxime Besson
20e1f9ded0 Hash JWT to catch tampering (#2419) 
This mechanism's only purpose is to make the introsection endpoint fail
to verify the token when the JWT itself has been tampered with.
 2021-03-30 16:32:14 +02:00
Maxime Besson
2c8cbbefe6 "xxx is allowed to update 2FA" should be a debug message 2021-03-30 16:32:14 +02:00
Clément OUDOT
55ab4b5a5f Fix CAS log message on service ticket validation error (#2494) 2021-03-25 16:33:48 +01:00
Maxime Besson
02b680df30 fix #2489 2021-03-19 16:45:37 +01:00
Maxime Besson
96a667cf2e clarify REST log messages 2021-03-17 14:24:47 +01:00
Maxime Besson
ca6c98c26c Allow selection of saml ACS during idp initiated (#2488) 2021-03-17 14:24:47 +01:00
Maxime Besson
c0f8e8f46b Skip serializing psgi streams when saving request 
It can interfere with unit tests in some cases, like #2000
 2021-03-15 21:18:08 +01:00
Maxime Besson
44abc1e889 Add hook for client credentials (#2484) 2021-03-10 15:47:19 +01:00
Maxime Besson
0f626ad94c Add expiration time to Client Credential sessions (#2481) 2021-03-03 15:43:18 +01:00
Maxime Besson
a70051e3fe Remove deprecated base64url implementation 
All our target distros now have base64url in Mime::Base64
 2021-03-03 11:03:19 +01:00
Maxime Besson
bb95e681e6 Tidy 2021-03-03 11:03:19 +01:00
Maxime Besson
e10d1e291c Return granted scopes if different from requested scopes (#2424) 2021-03-03 11:03:19 +01:00
Maxime Besson
6b9670c29d Use computed scopes to fill claims in ID token (#2424) 2021-03-03 11:03:19 +01:00
Maxime Besson
534745e5a2 Use computer scopes in Implicit/Hybrid responses (#2424) 2021-03-03 11:03:18 +01:00
Yadd
3883c5abff Fix vhost regexp (#2477) 2021-03-02 07:57:21 +01:00
Maxime Besson
4841c7755e Fix OAuth2 error code when supplying invalid code 2021-02-24 17:48:12 +01:00
Maxime Besson
5a8c20584b Fix OIDC message when calling technical endpoints with cookies (#2475) 2021-02-24 17:48:12 +01:00
Maxime Besson
2d7f9e34a6 OIDC: Return error if multiple client auth used (#2474) 2021-02-24 17:48:12 +01:00
Christophe Maudoux
ff36b81e73 Append accessor to avoid modify conf (#2451) 2021-02-19 07:44:00 +01:00
Xavier Guimard
b5c0ca94c4 CrowdSec plugin (#2451) 2021-02-19 07:40:36 +01:00
Christophe Maudoux
057cfb29e8 Improve code (#2458) 2021-02-18 23:35:25 +01:00
Maxime Besson
cceb6f767e Use a dedicated function for OIDC error reporting (#2465) 2021-02-18 22:06:39 +01:00
Christophe Maudoux
5f7981e256 Improve error message & unit test (#2458) 2021-02-16 22:04:38 +01:00
Christophe Maudoux
1757cf5337 Merge branch 'CheckDevOps-plugin' into 'v2.0' 
Check DevOps file plugin (#2458)

See merge request lemonldap-ng/lemonldap-ng!178
 2021-02-16 18:46:19 +00:00
Christophe Maudoux
4583108068 Append download unit test (#2458) 2021-02-16 14:21:10 +01:00
Christophe Maudoux
1f66e03969 Append an option to download rules.json file from remote server (#2458) 2021-02-16 12:15:18 +01:00
Maxime Besson
31d0f26174 Clear hook list on configuration reload (#2463) 2021-02-15 15:13:53 +01:00
Christophe Maudoux
e477a1cef8 Append unit test & Doc (#2458) 2021-02-15 11:40:46 +01:00
Christophe Maudoux
110974cce4 Display rules (#2458) 2021-02-12 22:39:34 +01:00
Christophe Maudoux
60cbb6d5f2 Improve code (#2458) 2021-02-12 19:31:11 +01:00
Christophe Maudoux
3bee740125 display headers (#2458) 2021-02-12 19:25:55 +01:00
Christophe Maudoux
6e1efc8bb5 WIP: CheckDevOps plugin skeleton (#2458) 2021-02-12 18:11:37 +01:00