dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9,088 Commits 3 Branches 0 Tags 75 MiB
d565dc66c3
Commit Graph

3313 Commits

Author SHA1 Message Date
Maxime Besson
396e61491e Improve mail2F display in outlook 2019-07-03 11:03:37 +02:00
Xavier
78a4bb4987 ContextSwitching: Check (expiration) errors (#1783) 2019-07-03 06:47:33 +02:00
Christophe Maudoux
5a53fee2db WIP - Improve log (#1783) 2019-07-03 00:09:14 +02:00
Christophe Maudoux
42bc5efdb3 Use skin rules in plugins (#1828) 2019-07-02 22:17:53 +02:00
Christophe Maudoux
9c62a04f22 Improve code (#1783) 2019-07-02 22:08:17 +02:00
Christophe Maudoux
12e0853b51 Improve log (#1783) 2019-07-02 21:33:32 +02:00
Xavier Guimard
c1137edba8 make tidy with perltidy-20181120 2019-07-02 20:03:40 +02:00
Clément OUDOT
26c107cddb Add unit test (#1835) 2019-07-02 17:47:27 +02:00
Clément OUDOT
7c7dad9ab6 Enforce ID token signature verification in unit test (#1835) 2019-07-02 17:27:17 +02:00
Clément OUDOT
e04a6f1983 Reject none algorithm when checking JWT signature (#1835) 2019-07-02 16:36:43 +02:00
Xavier Guimard
f370255c3a Fix Perl dependencies (see RT#129960) 2019-07-02 08:56:12 +02:00
Clément OUDOT
60c03010ce Use Base64URL for JWT generation (#1834) 2019-07-01 17:29:35 +02:00
Xavier Guimard
360db2b5d5 Update manifest 2019-07-01 16:15:25 +02:00
Christophe Maudoux
b94cbe0144 Fix default value (#1825) 2019-07-01 13:28:01 +02:00
Christophe Maudoux
69d2a2db0c Fix default value (#1825) 2019-07-01 12:56:10 +02:00
Christophe Maudoux
a1f5791e06 Merge branch '1783' into v2.0 2019-06-30 19:00:41 +02:00
Christophe Maudoux
bcbea7bee0 Update version (#1825) 2019-06-29 21:48:52 +02:00
Christophe Maudoux
eda8151432 Don t mix && with and (#1825) 2019-06-29 21:35:13 +02:00
Christophe Maudoux
5054f5ac95 Append unit test (#1825) 2019-06-29 21:13:08 +02:00
Christophe Maudoux
11d2909b0a WIP - Disable persistent sessions storage (#1825) 2019-06-29 21:10:16 +02:00
Christophe Maudoux
acd6e5513c Improve unit test (#1783) 2019-06-29 00:16:37 +02:00
Christophe Maudoux
d97c36a97e Disable spoofed sessions (#1783) 2019-06-28 23:53:43 +02:00
Christophe Maudoux
897d04ac93 Merge branch 'v2.0' into 1783 2019-06-28 22:05:48 +02:00
Xavier Guimard
43d5139040 Update versions 2019-06-28 17:04:14 +02:00
Xavier Guimard
f59caf3ea1 Merge branch 'ssl-button-race-fix' into 'v2.0' 
Avoid race when clicking the login button in SSL form (#1826)

See merge request lemonldap-ng/lemonldap-ng!82
 2019-06-28 16:56:46 +02:00
Clément OUDOT
b0a69d3473 Use skin rules in 2F plugins (#1828) 2019-06-28 15:56:57 +02:00
Xavier
c921c295ed Use user skin in loadTemplate (Fixes: #1828) 2019-06-28 13:40:56 +02:00
Christophe Maudoux
87329a26a1 Make manifest 2019-06-28 11:22:23 +02:00
Xavier Guimard
44a6e25851 Improve cryptographic functions (#1823) 2019-06-28 10:30:37 +02:00
Christophe Maudoux
6519695797 Tidy (#1783) 2019-06-27 22:02:11 +02:00
Christophe Maudoux
bb39dca317 Append & update unit tests (#1783) 2019-06-27 21:54:14 +02:00
Christophe Maudoux
6510f854c8 Append unit test (#1783) 2019-06-27 21:13:10 +02:00
Christophe Maudoux
8ad895c3b8 Merge branch 'v2.0' into 1783 2019-06-27 21:11:56 +02:00
Maxime Besson
a7c7c51bba Avoid race when clicking the login button in SSL form (#1826) 2019-06-27 17:05:29 +02:00
Xavier Guimard
264410409d Move CAS service verification from main to Issuer::CAS (#1795) 2019-06-27 16:55:12 +02:00
Maxime Besson
e1f927a195 Check service= parameter on CAS logout (#1795) 
service= redirect URL is not checked when logging out from CAS, to avoid
insecure redirect attacks. The verification is only made if CAS access
control is enabled.

In order for this to work in common cases (applications redirects to an
unprotected page after logout), we add CAS App domains to the list of
globally trusted domains.

If your application wants to redirect to a third-party domain, it needs
to be added to LLNG's trustedDomains
 2019-06-27 12:40:40 +02:00
Maxime Besson
5f9c4c231d Add authenticated routes to 2FA for session upgrade (#1822) 2019-06-26 23:33:00 +02:00
Maxime Besson
98650cd9f0 Add unit test for #1821 2019-06-26 22:13:12 +02:00
Xavier
3582cfb12b Don't keep pdata on upgrade (Fixes: #1821) 2019-06-26 21:47:01 +02:00
Xavier Guimard
a42c5f9f71 Clean tests (#1819) 2019-06-26 13:17:26 +02:00
Xavier Guimard
e15a41bc66 Fix typo: s/templatesDir/templateDir/g (#1819) 2019-06-26 11:59:13 +02:00
Xavier Guimard
45a0b68c3b Disable external entities in XML parsers (Fixes: #1818) 2019-06-26 11:32:10 +02:00
Christophe Maudoux
f11c34e9cd Cleaning code (#1783 & #1658) 2019-06-25 23:04:27 +02:00
Christophe Maudoux
f5587ac477 Improve code (#1783) 2019-06-25 22:01:20 +02:00
Christophe Maudoux
73cd751bfd Update manifest & copying (#1783) 2019-06-25 20:52:40 +02:00
Christophe Maudoux
0b567d6c15 Merge branch 'v2.0' into 1783 2019-06-25 20:23:48 +02:00
Christophe Maudoux
b9af5d1adc Use Id 2019-06-25 19:30:06 +02:00
Christophe Maudoux
7a97bc46c4 Improve code (#1783) 2019-06-25 19:28:05 +02:00
Christophe Maudoux
13ed1589e4 Update lang 2019-06-25 19:03:04 +02:00
Xavier Guimard
e91f6df254 Fix test count (#1813) 2019-06-25 10:00:46 +02:00
Xavier Guimard
390ccb4f5b Fix Apache::Session::REST::get_key_from_all_sessions when using CODE (#1813) 2019-06-25 09:48:15 +02:00
Xavier Guimard
93ccb9fd76 Set Content-Length in Apache::Session::REST requests (#1813) 2019-06-25 09:37:37 +02:00
Xavier Guimard
ddde26fa1c Add searchOn() in Apache::Session::REST (#1813) 2019-06-25 09:18:58 +02:00
Christophe Maudoux
32cb9e3a8f Delete session (#1783) 2019-06-24 23:52:39 +02:00
Christophe Maudoux
266f2fdf02 Merge branch 'v2.0' into 1783 2019-06-24 23:36:54 +02:00
Christophe Maudoux
786e136754 Create session with ContextSwitching plugin (#1783) 2019-06-24 23:36:23 +02:00
Christophe Maudoux
28fd7ea0b8 Change log level (#1664) 2019-06-24 23:35:33 +02:00
Xavier
c5d6bc42b6 Add get_key_from_all_sessions in Apache::Session::REST (#1813) 2019-06-24 23:07:34 +02:00
Xavier
9df3d57bc9 In REST, PE_LOGOUT_OK must return 200 2019-06-24 23:06:15 +02:00
Xavier Guimard
1c17c6b077 Update portal JS 2019-06-24 11:38:00 +02:00
Christophe Maudoux
5efa6c111a Append log (#1783) 2019-06-23 22:56:05 +02:00
Christophe Maudoux
8d2367c6d7 Typo 2019-06-23 22:55:46 +02:00
Christophe Maudoux
e5f03f34d9 Append ContextSwitching plugin (#1783) 2019-06-23 22:19:40 +02:00
Christophe Maudoux
c24ff711a0 WIP - ContextSwitching (#1783) 2019-06-23 10:51:10 +02:00
Christophe Maudoux
6e029c413f Merge branch 'v2.0' into 1783 2019-06-23 10:19:13 +02:00
Christophe Maudoux
bdc5007e43 Update sort condition (#1658) 2019-06-23 10:18:05 +02:00
Christophe Maudoux
dd94351f35 WIP - ContextSwitching (#1783) 2019-06-22 23:46:02 +02:00
Christophe Maudoux
8c47c913fe WIP - ContextSwitching (#1783) 2019-06-21 16:24:50 +02:00
Christophe Maudoux
b69ffc0ff8 WIP - ContextSwitching (#1783) 2019-06-21 15:23:06 +02:00
Xavier
750eaafe65 Fix test rule to hide some warnings 2019-06-20 21:48:13 +02:00
Xavier
38bb0cedf6 Typo 2019-06-20 21:27:49 +02:00
Xavier
8bd2a6c244 Prove that sessionInfo() is launched by each UserDB in combination (#1809) 2019-06-20 21:17:29 +02:00
Christophe Maudoux
a2ebaf31b1 WIP - AdminImpersonation skeleton (#1783) 2019-06-19 18:13:17 +02:00
Xavier
2d5b38fb95 Fix LDAP schema path for Debian. This permits to enable LDAP tests during build 2019-06-19 09:22:44 +02:00
Xavier
05f2dc6993 Fix t/28-AuthChoice-and-password.t 2019-06-19 09:14:03 +02:00
Christophe Maudoux
c4d4b482a5 Provide to plugins message display functions (#1796) 2019-06-18 22:00:03 +02:00
Christophe Maudoux
86b305d19b Typo (#1664) 2019-06-18 21:57:40 +02:00
Christophe Maudoux
9fa11709e6 Append options to use Notifications plugin & set notification reference (#1796) 2019-06-17 22:31:44 +02:00
Xavier
8b488e4d51 Move LDAP::getUser() to Lib::LDAP (Fixes: #1805) 2019-06-17 21:15:38 +02:00
Christophe Maudoux
e0b593152f Merge branch 'bootstrap' into 'v2.0' 
Improve displaying checkuser template and rewrite tests #1806

See merge request lemonldap-ng/lemonldap-ng!79
 2019-06-17 21:00:41 +02:00
Xavier
aff7527580 Fix bad call in LDAP (#1805) 2019-06-17 19:21:48 +02:00
Antoine ROSIER
dab5a9c3df Improve displaying checkuser template and rewrite tests #1806 2019-06-17 14:56:31 +02:00
Christophe Maudoux
862116245d Fix unit tests (#1796) 2019-06-16 23:01:13 +02:00
Christophe Maudoux
1b4d1b5bdf Avoid notification reference to be truncated (#1796) 2019-06-16 20:57:53 +02:00
Christophe Maudoux
c3b3c281ad Hide _2fDevices with REST services 2019-06-16 20:33:34 +02:00
Christophe Maudoux
d6f3dd459a Display message (#1796) 2019-06-16 16:02:48 +02:00
Xavier
8cc2beb976 Fix #1799 test 2019-06-15 08:42:21 +02:00
Xavier
e30cf69053 Add #1799 test 2019-06-15 08:29:36 +02:00
Christophe Maudoux
5218944bf2 Improve unit tests (#1796) 2019-06-14 23:11:10 +02:00
Christophe Maudoux
ecf84e8a4d WIP (#1796) 2019-06-14 23:09:32 +02:00
Christophe Maudoux
fde6ff2cc8 WIP (#1796) 2019-06-14 23:09:32 +02:00
Xavier Guimard
5fbff01b27 Update versions 2019-06-14 17:27:54 +02:00
Xavier Guimard
65eaefa75f Tidy 2019-06-14 17:23:26 +02:00
Clément OUDOT
4e5c450b8b Return error if no code provided on token endpoint (#1802) 2019-06-14 16:05:39 +02:00
Xavier Guimard
e7bc7b3f4e Add restExportSecretKeys option (#1799) 2019-06-14 08:51:58 +02:00
Xavier
5dc5b88daa Permit to show $_password in REST session server (#1799) 2019-06-14 07:09:55 +02:00
Xavier
4ad0da0315 Fix syntax error (#1794) 2019-06-14 06:33:27 +02:00
Christophe Maudoux
73f689eca4 Fix 2F types (#1782) 2019-06-13 23:28:57 +02:00
Christophe Maudoux
c8295b60b5 Fix 2F types (#1782) 2019-06-13 23:27:30 +02:00
Xavier
c7ef665bf9 Fix #1782 2019-06-13 22:23:20 +02:00
Xavier
bb0784b843 Typo 2019-06-13 22:15:46 +02:00
Xavier
8d642da8cb Improve #1782 2019-06-13 22:10:30 +02:00
Xavier
c8696262ee Test that proves that Choice can be embedded in Combination (#1801) 
TODO: display fails
 2019-06-13 19:58:34 +02:00
Xavier Guimard
2a021e37ea Don't require getDisplayType in Choice (#1800) 2019-06-13 17:51:36 +02:00
Xavier Guimard
288fe5159c Merge remote-tracking branch 'maxbes/issue1764-langsession' into v2.0 2019-06-13 09:59:33 +02:00
Maxime Besson
0cd12999dd Make impersonation tests insensitive to ordering 2019-06-13 09:26:19 +02:00
Maxime Besson
1a66da30f9 Store portal language in _language user session key (#1764) 2019-06-13 09:26:19 +02:00
Christophe Maudoux
53daa6cee6 Improve unit tests (#1782) 2019-06-12 22:33:18 +02:00
Xavier
eef82808a2 Improve #1795 test 2019-06-11 21:49:27 +02:00
Xavier
a6aaf8a507 Add XSS test (#1795) 2019-06-11 21:30:15 +02:00
Xavier
1a8948894d Check CAS "service" parameter (Fixes: #1795) 2019-06-11 21:02:43 +02:00
Maxime Besson
97d0bbf0aa Fix CASv2 logout (#1753) 2019-06-11 16:18:15 +02:00
Xavier Guimard
77490381d0 Revert "Add systemd scripts for cron tasks" 
This reverts commit 78e50ac855.
 2019-06-11 15:07:57 +02:00
Xavier Guimard
4ea4b727d1 Revert "Add systemd timer (replace cron)" 
This reverts commit c47091b944.
 2019-06-11 15:07:49 +02:00
Xavier Guimard
9e932b525c Merge branch 'issue1794-accentregister' into 'v2.0' 
Register: better handling of special chars (#1794)

See merge request lemonldap-ng/lemonldap-ng!78
 2019-06-10 22:57:34 +02:00
Maxime Besson
f195db2a5a Register: better handling of special chars (#1794) 2019-06-10 22:45:15 +02:00
Christophe Maudoux
0d5903ea25 Update manifest 2019-06-10 21:29:05 +02:00
Christophe Maudoux
7a3ded7efb Improve code (#1782) 2019-06-10 20:56:38 +02:00
Christophe Maudoux
e638f5ff58 Improve & rename unit test (#1782) 2019-06-10 20:56:22 +02:00
Christophe Maudoux
441519a542 Typo (#1791) 2019-06-10 10:37:43 +02:00
Christophe Maudoux
8a35584e26 Fix empty hGroups (#1791) 2019-06-09 19:54:00 +02:00
Christophe Maudoux
0fd070cbad Append unit test (#1791) 2019-06-08 22:22:08 +02:00
Christophe Maudoux
63798f71f9 Change message condition (#1791) 2019-06-08 22:10:13 +02:00
Christophe Maudoux
e57de60ac2 Improve unit tests (#1791) 2019-06-08 22:09:32 +02:00
Christophe Maudoux
b71f678f80 Filter SSO groups to merge (#1791) 2019-06-08 22:08:58 +02:00
Christophe Maudoux
ee7af4aec0 Improve unit tests (#1782) 2019-06-07 19:51:51 +02:00
Christophe Maudoux
e3c2766809 Test 2F TTL (#1782) 2019-06-07 19:51:51 +02:00
Xavier Guimard
5885af8448 Typo in translations 2019-06-07 17:44:25 +02:00
Xavier
94c2a0bc3b Add addAuthRouteWithRedirect() doc (#1787) 2019-06-06 23:02:46 +02:00
Xavier
f4bca7430a Add addAuthRouteWithRedirect() method to Try (#1787) 2019-06-06 22:59:02 +02:00
Xavier Guimard
946384272e Partial revert "Typo" 
This reverts commit f63a63eedb.
 2019-06-06 16:00:49 +02:00
Christophe Maudoux
801e2a17d6 Better fix (#1769) 2019-06-05 15:27:58 +02:00
Christophe Maudoux
30c4a9c787 setSecurity if failed login (#1769) 2019-06-05 11:29:04 +02:00
Christophe Maudoux
f63a63eedb Typo 2019-06-05 11:25:50 +02:00
Christophe Maudoux
59637200fd Improve unit test (#1774) 2019-06-04 23:18:35 +02:00
Christophe Maudoux
c044ebc473 Fix functions parameter (#1774) 2019-06-04 23:18:06 +02:00
Christophe Maudoux
eab00052f3 Fix debug msg (#1774) 2019-06-04 20:42:54 +02:00
Christophe Maudoux
95b188ccfe Fix grant parameter, append warning msg & debug logs (#1774) 2019-06-04 18:19:33 +02:00
Christophe Maudoux
2b21762a9a Update unit tests (#1774) 2019-06-04 18:18:53 +02:00
Christophe Maudoux
dfe8335520 Update langs (#1774) 2019-06-04 18:18:33 +02:00
Christophe Maudoux
18dd7c2c41 Append debug msg (#1765) 2019-06-04 16:19:01 +02:00
Christophe Maudoux
3b68263761 Make manifest 2019-06-02 22:42:49 +02:00
Christophe Maudoux
02b7126d16 Append unit test (#1780) 2019-06-02 22:40:19 +02:00
Christophe Maudoux
f69b829f6c Restore loginHistory (#1780) & Improve code 2019-06-02 22:40:00 +02:00
Christophe Maudoux
0546af93e0 Append diag msg 2019-06-02 22:38:34 +02:00
Christophe Maudoux
5ce1220d76 Rename test file 2019-06-02 22:37:54 +02:00
Christophe Maudoux
1609fda5a4 Make manifest 2019-06-01 23:23:14 +02:00
Christophe Maudoux
9123cb0c35 Append unit test (#1781) 2019-06-01 23:22:48 +02:00
Christophe Maudoux
054fda9cfd Fix warnings (#1781) 2019-06-01 23:22:20 +02:00
Christophe Maudoux
58c1a58129 Append unit test - Captcha (#1769) 2019-06-01 20:54:39 +02:00