Compare commits
328 Commits
Author | SHA1 | Date |
---|---|---|
Daniel Berteaud | fa6de8e904 | |
Yadd | 9834e182f5 | |
Yadd | 79bb915716 | |
Maxime Besson | 8bce426477 | |
Yadd | 781c9b0a8b | |
Yadd | ac1cfd6398 | |
Yadd | f1fe0f3e5e | |
Yadd | 6c4a5b911c | |
Yadd | 467bbf0f5e | |
Yadd | 94ec375094 | |
Yadd | 1a5d30799e | |
Yadd | ce02973702 | |
Yadd | 6d2d4ee2c3 | |
Yadd | 051a8e4331 | |
Yadd | a3b24418c6 | |
Yadd | 18fdb0f700 | |
Yadd | 9c70f905f3 | |
Yadd | d4f957ec35 | |
Yadd | ecebe2a349 | |
Christophe Maudoux | 779f79bace | |
Christophe Maudoux | 143cc5a5c3 | |
Christophe Maudoux | cb28b7cb1e | |
Yadd | a282a37b66 | |
Christophe Maudoux | 3ea79317e2 | |
Christophe Maudoux | 0cf1dbd37d | |
Yadd | 8653dde5b5 | |
Yadd | 0ae606c02b | |
Yadd | a36a4912b0 | |
Yadd | 76ec67be69 | |
Maxime Besson | fc8e508065 | |
Maxime Besson | 956c4c4ec2 | |
Yadd | 30b5b93adc | |
Yadd | 95e53e0a5f | |
Yadd | fca479f675 | |
Yadd | 96d9ebf102 | |
Yadd | 75d8ba3723 | |
Yadd | 1795b71f1f | |
Yadd | ad88e8149b | |
Yadd | 4bc3933b7e | |
Yadd | e830f40268 | |
Yadd | 4d79969a0e | |
Christophe Maudoux | 0e77c835b3 | |
Yadd | 8f8399ec99 | |
Yadd | ed84fdd771 | |
Yadd | 0727d58878 | |
Yadd | 965f9360c4 | |
Yadd | 2947a828de | |
Yadd | cb5a9627cf | |
Yadd | f56fd636fe | |
Maxime Besson | 8e64671575 | |
Maxime Besson | aa55f3d04a | |
Christophe Maudoux | b1232739a0 | |
Clément OUDOT | 7ec5f5c1c6 | |
atisne | 1d8a46493c | |
Xavier Guimard | 93cb619cd2 | |
Xavier Guimard | ba638e50b7 | |
Christophe Maudoux | ac98c223d3 | |
Xavier Guimard | 28c9623b73 | |
Xavier Guimard | 61df3e83e7 | |
Xavier Guimard | e7526f32af | |
Xavier Guimard | 4583f3a9e6 | |
Xavier Guimard | b8102d127e | |
Xavier Guimard | 17da7d2e6d | |
Xavier Guimard | 530b57561d | |
Nicolas R | e0620e8d5c | |
Nicolas R | 0ace7560fb | |
Xavier Guimard | 4e130f327c | |
Christophe Maudoux | 937bdd4e8b | |
Christophe Maudoux | 148adaad71 | |
Christophe Maudoux | 5496d798a3 | |
Maxime Besson | 285ea93a65 | |
Maxime Besson | 01edf42017 | |
Maxime Besson | 3c6c5423c1 | |
Clément OUDOT | 986a3974b0 | |
Baptiste Pecatte | 0795454620 | |
Xavier Guimard | d8bda9fa5d | |
Olof Johansson | 5571e22a55 | |
Baptiste Pecatte | 24ecbb2f18 | |
Baptiste Pecatte | 068370a893 | |
Clément OUDOT | f78b2bfa16 | |
Maxime Besson | e246bfd137 | |
Maxime Besson | c487efc7da | |
Maxime Besson | 3d92ab15dd | |
Maxime Besson | b855f175bc | |
Christophe Maudoux | afc3bc7029 | |
Christophe Maudoux | 557f458803 | |
Christophe Maudoux | b2a1f055c3 | |
Christophe Maudoux | 79246c8da9 | |
Christophe Maudoux | 279538613f | |
Christophe Maudoux | 532ffe3fea | |
Christophe Maudoux | d2d9988b61 | |
Xavier Guimard | 1972443477 | |
Xavier Guimard | 5dc1bc0a49 | |
Xavier Guimard | c09797ff11 | |
Christophe Maudoux | 01424a71ac | |
Christophe Maudoux | 3b1b1b1997 | |
Christophe Maudoux | 57f6a10a3e | |
Christophe Maudoux | 5804a11099 | |
Christophe Maudoux | 28dc89796c | |
Christophe Maudoux | be55df6d1d | |
Christophe Maudoux | 7c0e6a2d00 | |
Christophe Maudoux | c4ebfc3484 | |
Clément OUDOT | a394dfbe82 | |
Christophe Maudoux | a81dbb108b | |
Christophe Maudoux | d67f32d2b2 | |
Maxime Besson | cc4e53c36f | |
Maxime Besson | e39f67290c | |
Xavier Guimard | 22a58a6f44 | |
Christophe Maudoux | 3b3c1bff16 | |
Christophe Maudoux | f0031cc7f6 | |
Christophe Maudoux | 50316f2e50 | |
Christophe Maudoux | aab0dcca14 | |
Christophe Maudoux | ab292a034e | |
Christophe Maudoux | 1c44733bfc | |
Christophe Maudoux | 0b8f84ae2d | |
Christophe Maudoux | 4fc458b174 | |
Christophe Maudoux | 0546303dac | |
Christophe Maudoux | ff095ca156 | |
Xavier | d544eae57f | |
Xavier | f62a366812 | |
Xavier Guimard | 74d2bc92c8 | |
Maxime Besson | 4ead8b17ba | |
Xavier | c6740692af | |
Xavier | 947dd9a438 | |
Christophe Maudoux | 2efb445534 | |
Christophe Maudoux | 9231711a41 | |
Xavier | 3f7ae26d49 | |
Xavier | aa2fa22074 | |
Xavier | 6453a04a55 | |
Xavier Guimard | 1cf89af06b | |
Vincent Mazenod | f7d8547260 | |
Xavier | 6e54b8b304 | |
Xavier | 2323c031ec | |
Christophe Maudoux | e612f53838 | |
Xavier | cc79680b89 | |
Christophe Maudoux | 9ec3ef8cfe | |
Christophe Maudoux | 8af332c265 | |
Christophe Maudoux | df83595e8e | |
Xavier | e3336d8117 | |
Xavier | f63f481cea | |
Clément OUDOT | 373f2f1a39 | |
Clément OUDOT | 0466a2c8cc | |
Christophe Maudoux | 52cacf4a08 | |
Xavier | cccd025dfc | |
Xavier | fedea4abbd | |
Christophe Maudoux | 52be87b012 | |
mamesene | b18d47065a | |
mamesene | 9d149a95f6 | |
Maxime Besson | a8cab64c5b | |
Xavier | 212a07ca20 | |
Xavier | 8b5387a48b | |
Xavier | f9704e8982 | |
Xavier | 40215168c0 | |
Xavier | e1fe12a94d | |
Xavier | ebd4c41a62 | |
Xavier | d881605fed | |
Clément OUDOT | 374cac7874 | |
Xavier | 61200a67a7 | |
Xavier | ba7f8695f7 | |
Christophe Maudoux | afd915f64c | |
Xavier | c312e16712 | |
Christophe Maudoux | 174193e74c | |
Christophe Maudoux | 7c40b39a8d | |
Xavier Guimard | 8ac93e034d | |
Xavier Guimard | a3ec47bbb7 | |
Xavier Guimard | 4193f4fb51 | |
Xavier | 7e5d6d6afd | |
Christophe Maudoux | 1212cd9ba2 | |
Xavier | 89179afb88 | |
Xavier | bef05c6f5d | |
Xavier | e32eb491d2 | |
Christophe Maudoux | 28732d614b | |
Christophe Maudoux | 115cc9b027 | |
Christophe Maudoux | 866d5457f3 | |
Christophe Maudoux | 7bd1d23087 | |
Christophe Maudoux | 3a660bde24 | |
Christophe Maudoux | 499b16bd07 | |
Christophe Maudoux | c82fc0f572 | |
Christophe Maudoux | f47f93533c | |
Christophe Maudoux | b81ccf7517 | |
Christophe Maudoux | b705b10da8 | |
Xavier | 1fbfbc5c21 | |
Christophe Maudoux | b7c8d30b3f | |
Christophe Maudoux | 4f6c0632bd | |
Xavier | 82c25b4e2e | |
Christophe Maudoux | 8f7e3eba37 | |
Xavier | 6f365c9e43 | |
Xavier | 3b7a70e0b7 | |
Xavier | 891f926196 | |
Xavier Guimard | 77d72896f8 | |
Xavier Guimard | af63d55c08 | |
Xavier | 1718efe6d5 | |
Xavier Guimard | 8b7ce08587 | |
Xavier | c8d38d52a6 | |
Xavier | cbde82bdfc | |
Xavier | 1a1ccd7568 | |
Xavier | 2fcaf52bcf | |
Xavier | b1f12b72e5 | |
Xavier Guimard | cc8c5e057e | |
Xavier Guimard | 9d5d1f6cd5 | |
Xavier Guimard | 0b1643c294 | |
Xavier Guimard | c7cb6594dd | |
Xavier Guimard | 72439d341f | |
Xavier | 400b9eaab9 | |
Xavier | b4ec8eaeeb | |
Xavier Guimard | 3d1be3e7e5 | |
Xavier Guimard | 1c0ffb3e83 | |
Xavier Guimard | 1b4600b15c | |
Xavier Guimard | 4bfad92530 | |
Xavier | 243cad350f | |
Xavier | 2e7b3c584a | |
Xavier | 9e16e2b75c | |
Christophe Maudoux | 9ac5834bfe | |
Xavier | 44e472f0f5 | |
Xavier | c7dd179f2c | |
Xavier | eabe1dc129 | |
Xavier | fe55ba3567 | |
Xavier | c1a8723b90 | |
Xavier | b8c3b45aa3 | |
Xavier | d27e4bcc55 | |
Xavier Guimard | 020553ab6a | |
Xavier | a2454ff4cc | |
Christophe Maudoux | aabb65629b | |
Xavier Guimard | f59681e80e | |
Christophe Maudoux | f3a37d2387 | |
Xavier Guimard | ee661fc61d | |
Christophe Maudoux | 59f6106ba6 | |
Xavier | f75093d433 | |
Xavier Guimard | 1509d44d5f | |
Xavier Guimard | 4678649367 | |
Xavier Guimard | 8fe4fb0b09 | |
Xavier Guimard | 63f11f31f3 | |
Xavier Guimard | 9d0a07f04c | |
Xavier Guimard | 857ee8b0a0 | |
Xavier | 8c562c7817 | |
Xavier Guimard | 5a1c090a18 | |
Xavier Guimard | bdc68d5833 | |
Xavier | 224307515f | |
Christophe Maudoux | 0cbbb75971 | |
Xavier Guimard | db4b46c487 | |
Christophe Maudoux | a3ec2eb225 | |
Xavier | f1f3929cf1 | |
Christophe Maudoux | c233ef37ef | |
Christophe Maudoux | 97bb3e44e4 | |
Christophe Maudoux | cb9add6eac | |
Christophe Maudoux | a06d91a16e | |
Christophe Maudoux | 9ac0b65a91 | |
Christophe Maudoux | e9b26bb79a | |
Xavier | 29b71569de | |
Christophe Maudoux | 14ae7ea1a2 | |
Christophe Maudoux | 66ec4da991 | |
Christophe Maudoux | 130f6ba983 | |
Christophe Maudoux | f9ba34006e | |
Christophe Maudoux | 6e2e3456fe | |
Christophe Maudoux | f1c82e52cd | |
Christophe Maudoux | 58279c029f | |
Christophe Maudoux | 4cce434e93 | |
Christophe Maudoux | e9fd5815c9 | |
Christophe Maudoux | 12e96a3056 | |
Christophe Maudoux | 82bf2e4a4c | |
Christophe Maudoux | ce4135c4b9 | |
Christophe Maudoux | 548032fbe0 | |
Christophe Maudoux | 441df6e7ea | |
Christophe Maudoux | 239bb4634f | |
Christophe Maudoux | 6011eaf7b7 | |
Christophe Maudoux | 0279d16f62 | |
Christophe Maudoux | aea313e2e6 | |
Christophe Maudoux | 547a688c28 | |
Christophe Maudoux | 140d697cfa | |
Christophe Maudoux | 106e20bbc5 | |
Christophe Maudoux | 1cf78550b4 | |
Christophe Maudoux | 4adc002327 | |
Christophe Maudoux | 1926c121c8 | |
Christophe Maudoux | 33f8970a17 | |
Christophe Maudoux | 5f8dcfb2b1 | |
Christophe Maudoux | b2397f2b9c | |
Christophe Maudoux | 9c0b7dbc00 | |
Christophe Maudoux | 7a2f104ba8 | |
Christophe Maudoux | 8460e47b49 | |
Xavier Guimard | 76b3e7b17c | |
Xavier Guimard | 999ecb32bc | |
Xavier Guimard | 80f9889271 | |
Xavier Guimard | c496d979f5 | |
Xavier Guimard | a2b03dbbf7 | |
Xavier Guimard | b736b2c638 | |
Xavier Guimard | 5af27967c6 | |
Xavier | c968b39715 | |
Christophe Maudoux | 48d51b1c5e | |
Christophe Maudoux | 1c1f556aff | |
Christophe Maudoux | e3e4239563 | |
Xavier | 2f3f1bd99b | |
Xavier Guimard | bd94c5579d | |
Christophe Maudoux | ad00102662 | |
Christophe Maudoux | 7a284338be | |
Christophe Maudoux | e490addd2d | |
Christophe Maudoux | 476212094a | |
Xavier | 27bf1ea3d8 | |
Xavier | 4d7a3b8a33 | |
Xavier Guimard | 01b5951b73 | |
Xavier | 4798683129 | |
Xavier Guimard | b40f292d8a | |
Xavier Guimard | 6a13b4f40d | |
Xavier Guimard | 4cb497e5a2 | |
Xavier | 3cea903c79 | |
Xavier | 4fcf77e721 | |
Xavier Guimard | 8941ee4dd5 | |
Xavier Guimard | 77301e70ca | |
Xavier Guimard | 82242481e1 | |
Xavier Guimard | 44eb01b857 | |
Christophe Maudoux | 24ba2889af | |
Christophe Maudoux | b5abdee8f3 | |
Christophe Maudoux | b18fd9c9fe | |
Christophe Maudoux | c50b86cd51 | |
Christophe Maudoux | 461120ad65 | |
Christophe Maudoux | 6bd8e2219a | |
Christophe Maudoux | 2653cfdc9e | |
Christophe Maudoux | 6a0b71b01a | |
Christophe Maudoux | d78e45cb50 | |
Christophe Maudoux | 1f5c7a83a9 | |
Christophe Maudoux | f857f1a8a7 | |
Clément OUDOT | 6740269cce | |
Clément OUDOT | 48b86bd224 | |
dcoutadeur | 0eef2220d2 | |
dcoutadeur | 5324da2c15 | |
Clément OUDOT | 59d163c663 | |
Xavier Guimard | 4e0113ddd6 | |
Xavier Guimard | 721214d528 | |
Xavier Guimard | 5862481956 |
|
@ -30,6 +30,21 @@ stages:
|
||||||
before_script:
|
before_script:
|
||||||
- env | grep ^CI_
|
- env | grep ^CI_
|
||||||
|
|
||||||
|
autopkgtest:
|
||||||
|
stage: build
|
||||||
|
image: buildpkg/debian:buster
|
||||||
|
script:
|
||||||
|
- cd $CI_PROJECT_DIR
|
||||||
|
- env DEBIAN_FRONTEND=noninteractive apt-get -q -y update
|
||||||
|
- env DEBIAN_FRONTEND=noninteractive apt-get -q -y install --no-install-recommends aspcud apt-cudf pkg-perl-autopkgtest
|
||||||
|
- env DEBIAN_FRONTEND=noninteractive apt-get -q -y --solver aspcud -o APT::Solver::Strict-Pinning=0 -o Debug::pkgProblemResolver=yes build-dep .
|
||||||
|
- make
|
||||||
|
- make -j8 autopkgtest
|
||||||
|
|
||||||
|
build_stretch:
|
||||||
|
extends: .debian_build_job
|
||||||
|
image: buildpkg/debian:stretch
|
||||||
|
|
||||||
build_buster:
|
build_buster:
|
||||||
extends: .debian_build_job
|
extends: .debian_build_job
|
||||||
image: buildpkg/debian:buster
|
image: buildpkg/debian:buster
|
||||||
|
|
|
@ -1,8 +1,10 @@
|
||||||
### Concerned version
|
### Environment
|
||||||
|
|
||||||
Version: %X.X.X
|
LemonLDAP::NG version: (version number)
|
||||||
|
|
||||||
Platform: (Nginx/Apache/Node.js)
|
Operating system: (distribution and version)
|
||||||
|
|
||||||
|
Web server: (Nginx/Apache/Node.js/...)
|
||||||
|
|
||||||
### Summary
|
### Summary
|
||||||
|
|
||||||
|
@ -11,7 +13,7 @@ Summarize the bug encountered concisely
|
||||||
### Logs
|
### Logs
|
||||||
|
|
||||||
```
|
```
|
||||||
Set here the logs using debug mode if possible. Attach it as file if it's too big
|
Include the logs using logLevel = debug if possible. Attach it as file if it's too big
|
||||||
```
|
```
|
||||||
|
|
||||||
### Backends used
|
### Backends used
|
||||||
|
|
12
COPYING
12
COPYING
|
@ -113,6 +113,18 @@ License: CC-3
|
||||||
Comment: This work, "sfa_manager.png", is a derivative of
|
Comment: This work, "sfa_manager.png", is a derivative of
|
||||||
"Noun project 1162.svg" by Christopher T. Howlett, under CC-BY-3.0.
|
"Noun project 1162.svg" by Christopher T. Howlett, under CC-BY-3.0.
|
||||||
|
|
||||||
|
Files: lemonldap-ng-portal/site/htdocs/static/common/icons/star0.png
|
||||||
|
Copyright: Christophe Maudoux <chrmdx@gmail.com>
|
||||||
|
License: CC-3
|
||||||
|
Comment: This work, "star0.png", is a derivative of
|
||||||
|
"Silver star with red border.png" by ANGELUS, under CC-BYSA-3.0.
|
||||||
|
|
||||||
|
Files: lemonldap-ng-portal/site/htdocs/static/common/icons/star1.png
|
||||||
|
Copyright: Christophe Maudoux <chrmdx@gmail.com>
|
||||||
|
License: CC-3
|
||||||
|
Comment: This work, "star1.png", is a derivative of
|
||||||
|
"Golden star with red border.png" by ANGELUS, under CC-BYSA-3.0.
|
||||||
|
|
||||||
Files: lemonldap-ng-portal/site/htdocs/static/common/icons/notifsExplorer.png
|
Files: lemonldap-ng-portal/site/htdocs/static/common/icons/notifsExplorer.png
|
||||||
Copyright: Various artists
|
Copyright: Various artists
|
||||||
License: CC-BY-NC-ND-3.0 or GFDL-1.3
|
License: CC-BY-NC-ND-3.0 or GFDL-1.3
|
||||||
|
|
12
INSTALL
12
INSTALL
|
@ -31,12 +31,12 @@ package for Debian works fine).
|
||||||
|
|
||||||
Perl modules:
|
Perl modules:
|
||||||
Apache::Session, Net::LDAP, MIME::Base64, CGI, LWP::UserAgent, Cache::Cache,
|
Apache::Session, Net::LDAP, MIME::Base64, CGI, LWP::UserAgent, Cache::Cache,
|
||||||
DBI, XML::Simple, SOAP::Lite, HTML::Template, XML::LibXML, XML::LibXSLT
|
DBI, SOAP::Lite, HTML::Template, XML::LibXML, XML::LibXSLT
|
||||||
|
|
||||||
With Debian:
|
With Debian:
|
||||||
apt-get install libapache-session-perl libnet-ldap-perl libcache-cache-perl \
|
apt-get install libapache-session-perl libnet-ldap-perl libcache-cache-perl \
|
||||||
libdbi-perl perl-modules libwww-perl libcache-cache-perl \
|
libdbi-perl perl-modules libwww-perl libcache-cache-perl \
|
||||||
libxml-simple-perl libhtml-template-perl libsoap-lite-perl \
|
libhtml-template-perl libsoap-lite-perl \
|
||||||
libxml-libxml-perl libxml-libxslt-perl
|
libxml-libxml-perl libxml-libxslt-perl
|
||||||
|
|
||||||
1.2 - BUILDING
|
1.2 - BUILDING
|
||||||
|
@ -129,17 +129,17 @@ to access to configuration.
|
||||||
|
|
||||||
Manager:
|
Manager:
|
||||||
--------
|
--------
|
||||||
Apache::Session, MIME::Base64, CGI, LWP::UserAgent, DBI, XML::Simple,
|
Apache::Session, MIME::Base64, CGI, LWP::UserAgent, DBI,
|
||||||
SOAP::Lite, XML::LibXML, XML::LibXSLT, Lemonldap::NG::Common
|
SOAP::Lite, XML::LibXML, XML::LibXSLT, Lemonldap::NG::Common
|
||||||
|
|
||||||
With Debian:
|
With Debian:
|
||||||
apt-get install perl-modules libxml-simple-perl libdbi-perl libwww-perl
|
apt-get install perl-modules libdbi-perl libwww-perl
|
||||||
# If you want to use SOAP
|
# If you want to use SOAP
|
||||||
apt-get install libsoap-lite-perl
|
apt-get install libsoap-lite-perl
|
||||||
|
|
||||||
Portal:
|
Portal:
|
||||||
-------
|
-------
|
||||||
Apache::Session, Net::LDAP, MIME::Base64, CGI, Cache::Cache, DBI, XML::Simple,
|
Apache::Session, Net::LDAP, MIME::Base64, CGI, Cache::Cache, DBI,
|
||||||
SOAP::Lite, HTML::Template, XML::LibXML, Lemonldap::NG::Common
|
SOAP::Lite, HTML::Template, XML::LibXML, Lemonldap::NG::Common
|
||||||
|
|
||||||
With Debian:
|
With Debian:
|
||||||
|
@ -148,7 +148,7 @@ With Debian:
|
||||||
Handler:
|
Handler:
|
||||||
--------
|
--------
|
||||||
Apache::Session, MIME::Base64, CGI, LWP::UserAgent, Cache::Cache, DBI,
|
Apache::Session, MIME::Base64, CGI, LWP::UserAgent, Cache::Cache, DBI,
|
||||||
XML::Simple, SOAP::Lite, Lemonldap::NG::Common
|
SOAP::Lite, Lemonldap::NG::Common
|
||||||
|
|
||||||
With Debian:
|
With Debian:
|
||||||
apt-get install libapache-session-perl libwww-perl libcache-cache-perl
|
apt-get install libapache-session-perl libwww-perl libcache-cache-perl
|
||||||
|
|
|
@ -13,6 +13,11 @@ the requested URL and the rule calculates if the user is authorized.
|
||||||
|
|
||||||
You can find documentation on [our website](https://lemonldap-ng.org/)
|
You can find documentation on [our website](https://lemonldap-ng.org/)
|
||||||
|
|
||||||
|
# Contribute
|
||||||
|
|
||||||
|
LemonLDAP::NG is hosted on [OW2](https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng).
|
||||||
|
Please use this platform to post issues, merge requests,...
|
||||||
|
|
||||||
# Upgrade
|
# Upgrade
|
||||||
|
|
||||||
See https://lemonldap-ng.org/documentation/latest/upgrade
|
See https://lemonldap-ng.org/documentation/latest/upgrade
|
||||||
|
@ -29,8 +34,8 @@ but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
GNU General Public License for more details.
|
GNU General Public License for more details.
|
||||||
|
|
||||||
You should have received a copy of the GNU General Public License
|
You should have received a [copy of the GNU General Public License](LICENSE)
|
||||||
along with this program. If not, see http://www.gnu.org/licenses/.
|
along with this program. If not, see http://www.gnu.org/licenses/.
|
||||||
|
|
||||||
Copyright: see COPYING
|
Copyright: see [COPYING](COPYING)
|
||||||
|
|
||||||
|
|
|
@ -87,7 +87,7 @@
|
||||||
"cfgAuthor" : "The LemonLDAP::NG team",
|
"cfgAuthor" : "The LemonLDAP::NG team",
|
||||||
"cfgDate" : "1627287638",
|
"cfgDate" : "1627287638",
|
||||||
"cfgNum" : 1,
|
"cfgNum" : 1,
|
||||||
"cfgVersion" : "2.0.13",
|
"cfgVersion" : "2.1.0",
|
||||||
"cookieName" : "lemonldap",
|
"cookieName" : "lemonldap",
|
||||||
"demoExportedVars" : {
|
"demoExportedVars" : {
|
||||||
"cn" : "cn",
|
"cn" : "cn",
|
||||||
|
|
|
@ -19,6 +19,7 @@ Build-Depends-Indep: gsfonts <!nocheck>,
|
||||||
libcrypt-openssl-x509-perl <!nocheck>,
|
libcrypt-openssl-x509-perl <!nocheck>,
|
||||||
libcrypt-urandom-perl <!nocheck>,
|
libcrypt-urandom-perl <!nocheck>,
|
||||||
libcrypt-rijndael-perl <!nocheck>,
|
libcrypt-rijndael-perl <!nocheck>,
|
||||||
|
libdatetime-format-rfc3339-perl <!nocheck>,
|
||||||
libdbd-sqlite3-perl <!nocheck>,
|
libdbd-sqlite3-perl <!nocheck>,
|
||||||
libdbi-perl <!nocheck>,
|
libdbi-perl <!nocheck>,
|
||||||
libdigest-hmac-perl <!nocheck>,
|
libdigest-hmac-perl <!nocheck>,
|
||||||
|
@ -228,8 +229,7 @@ Recommends: libapache-session-browseable-perl,
|
||||||
Suggests: libconvert-base32-perl,
|
Suggests: libconvert-base32-perl,
|
||||||
libnet-ldap-perl,
|
libnet-ldap-perl,
|
||||||
libsoap-lite-perl,
|
libsoap-lite-perl,
|
||||||
libxml-libxml-perl,
|
libxml-libxml-perl
|
||||||
libxml-simple-perl
|
|
||||||
Conflicts: liblemonldap-ng-cli-perl
|
Conflicts: liblemonldap-ng-cli-perl
|
||||||
Description: Lemonldap::NG common files
|
Description: Lemonldap::NG common files
|
||||||
Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
|
Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
|
||||||
|
@ -257,8 +257,7 @@ Depends: ${misc:Depends},
|
||||||
lemonldap-ng-fastcgi-server (= ${binary:Version}) | lemonldap-ng-uwsgi-app (= ${binary:Version}) | apache2 | httpd-cgi
|
lemonldap-ng-fastcgi-server (= ${binary:Version}) | lemonldap-ng-uwsgi-app (= ${binary:Version}) | apache2 | httpd-cgi
|
||||||
Recommends: lemonldap-ng-doc (= ${binary:Version}),
|
Recommends: lemonldap-ng-doc (= ${binary:Version}),
|
||||||
libxml-libxml-perl,
|
libxml-libxml-perl,
|
||||||
libxml-libxslt-perl,
|
libxml-libxslt-perl
|
||||||
libxml-simple-perl
|
|
||||||
Suggests: libclone-perl,
|
Suggests: libclone-perl,
|
||||||
libregexp-assemble-perl
|
libregexp-assemble-perl
|
||||||
Pre-Depends: debconf
|
Pre-Depends: debconf
|
||||||
|
@ -298,6 +297,7 @@ Recommends: gsfonts,
|
||||||
libunicode-string-perl
|
libunicode-string-perl
|
||||||
Suggests: gpg,
|
Suggests: gpg,
|
||||||
libcrypt-u2f-server-perl,
|
libcrypt-u2f-server-perl,
|
||||||
|
libdatetime-format-rfc3339-perl,
|
||||||
libdbi-perl,
|
libdbi-perl,
|
||||||
libglib-perl,
|
libglib-perl,
|
||||||
libgssapi-perl,
|
libgssapi-perl,
|
||||||
|
|
|
@ -2,3 +2,5 @@
|
||||||
/etc/lemonldap-ng/handler-nginx.conf /etc/nginx/sites-available/handler-nginx.conf
|
/etc/lemonldap-ng/handler-nginx.conf /etc/nginx/sites-available/handler-nginx.conf
|
||||||
/etc/lemonldap-ng/test-apache2.conf /etc/apache2/sites-available/test-apache2.conf
|
/etc/lemonldap-ng/test-apache2.conf /etc/apache2/sites-available/test-apache2.conf
|
||||||
/etc/lemonldap-ng/test-nginx.conf /etc/nginx/sites-available/test-nginx.conf
|
/etc/lemonldap-ng/test-nginx.conf /etc/nginx/sites-available/test-nginx.conf
|
||||||
|
/etc/lemonldap-ng/nginx-lmlog.conf /etc/nginx/snippets/llng-lmlog.conf
|
||||||
|
/etc/lemonldap-ng/nginx-lua-headers.conf /etc/nginx/snippets/llng-lua-headers.conf
|
|
@ -269,16 +269,3 @@ SSL authentication
|
||||||
|
|
||||||
To chain SSL, you have to set "SSLRequire optional" in Apache
|
To chain SSL, you have to set "SSLRequire optional" in Apache
|
||||||
configuration, else users will be authenticated by SSL only.
|
configuration, else users will be authenticated by SSL only.
|
||||||
|
|
||||||
Migrating from Multi
|
|
||||||
--------------------
|
|
||||||
|
|
||||||
Old :doc:`Multiple backends stack<authmulti>`
|
|
||||||
implemented only \`if\` and \`or\` keywords. Examples:
|
|
||||||
|
|
||||||
================================================================ =====================================================
|
|
||||||
Multi expressions Combination
|
|
||||||
================================================================ =====================================================
|
|
||||||
``LDAP;DBI`` ``[myLDAP] or [myDBI]``
|
|
||||||
``DBI $ENV{REMOTE_ADDR}=~/^192/;LDAP $ENV{REMOTE_ADDR}!~/^192/`` ``if $env->{REMOTE_ADDR} then [myDBI] else [myLDAP]``
|
|
||||||
================================================================ =====================================================
|
|
||||||
|
|
|
@ -121,8 +121,6 @@ Filters
|
||||||
In LDAP filters, $user is replaced by user login, and $mail by
|
In LDAP filters, $user is replaced by user login, and $mail by
|
||||||
user email.
|
user email.
|
||||||
|
|
||||||
- **Default filter**: default LDAP filter for searches, should not be
|
|
||||||
modified.
|
|
||||||
- **Authentication filter**: Filter to find user from its login
|
- **Authentication filter**: Filter to find user from its login
|
||||||
(default: ``(&(uid=$user)(objectClass=inetOrgPerson))``)
|
(default: ``(&(uid=$user)(objectClass=inetOrgPerson))``)
|
||||||
- **Mail filter**: Filter to find user from its mail (default:
|
- **Mail filter**: Filter to find user from its mail (default:
|
||||||
|
@ -182,7 +180,7 @@ Groups
|
||||||
If your LDAP countains over a thousand groups, you
|
If your LDAP countains over a thousand groups, you
|
||||||
should avoid using group processing, check out
|
should avoid using group processing, check out
|
||||||
:ref:`the performance page<performances-ldap-performances>` for
|
:ref:`the performance page<performances-ldap-performances>` for
|
||||||
alternatives
|
alternatives
|
||||||
|
|
||||||
Password
|
Password
|
||||||
~~~~~~~~
|
~~~~~~~~
|
||||||
|
|
|
@ -30,8 +30,6 @@ Then, go in ``LinkedIn parameters``:
|
||||||
- **Authentication level**: authentication level for this module.
|
- **Authentication level**: authentication level for this module.
|
||||||
- **Client ID**: the application ID you get
|
- **Client ID**: the application ID you get
|
||||||
- **Client secret**: the corresponding secret
|
- **Client secret**: the corresponding secret
|
||||||
- **Searched fields** (deprecated): Fields requested on People endpoint
|
|
||||||
in v1, no more used in v2 API
|
|
||||||
- **Field containing user identifier**: Field that will be used as main
|
- **Field containing user identifier**: Field that will be used as main
|
||||||
user identifier in LL::NG, usually ``id`` (LinkedIn numeric
|
user identifier in LL::NG, usually ``id`` (LinkedIn numeric
|
||||||
identifer) or ``emailAddress``.
|
identifer) or ``emailAddress``.
|
||||||
|
|
|
@ -13,6 +13,11 @@ Presentation
|
||||||
LL::NG is able to send (through REST or SOAP) authentication
|
LL::NG is able to send (through REST or SOAP) authentication
|
||||||
credentials to another LL::NG portal, like a proxy.
|
credentials to another LL::NG portal, like a proxy.
|
||||||
|
|
||||||
|
|
||||||
|
.. warning::
|
||||||
|
|
||||||
|
SOAP support may be removed in LLNG 3.0
|
||||||
|
|
||||||
The difference with :doc:`remote authentication<authremote>` is that the
|
The difference with :doc:`remote authentication<authremote>` is that the
|
||||||
client will never be redirect to the main LL::NG portal. This
|
client will never be redirect to the main LL::NG portal. This
|
||||||
configuration is usable if you want to expose your internal SSO portal
|
configuration is usable if you want to expose your internal SSO portal
|
||||||
|
|
|
@ -15,8 +15,6 @@ This page shows some examples of LL::NG Command Line Interface. See
|
||||||
Save/restore configuration
|
Save/restore configuration
|
||||||
--------------------------
|
--------------------------
|
||||||
|
|
||||||
This part requires LLNG 2.0.5 at least.
|
|
||||||
|
|
||||||
Save:
|
Save:
|
||||||
|
|
||||||
.. code-block:: sh
|
.. code-block:: sh
|
||||||
|
@ -31,7 +29,7 @@ Restore:
|
||||||
# Or
|
# Or
|
||||||
/usr/share/lemonldap-ng/bin/lemonldap-ng-cli restore - <config.json
|
/usr/share/lemonldap-ng/bin/lemonldap-ng-cli restore - <config.json
|
||||||
|
|
||||||
Rollback (restore previous configuration, *since 2.0.8*):
|
Rollback (restore previous configuration):
|
||||||
|
|
||||||
.. code-block:: shell
|
.. code-block:: shell
|
||||||
|
|
||||||
|
@ -314,15 +312,6 @@ these commands;
|
||||||
|
|
||||||
openssl req -new -newkey rsa:4096 -keyout saml.key -nodes -out saml.pem -x509 -days 3650
|
openssl req -new -newkey rsa:4096 -keyout saml.key -nodes -out saml.pem -x509 -days 3650
|
||||||
|
|
||||||
Fix the certificate key format (you can skip this step if you are
|
|
||||||
running >= 2.0.6)
|
|
||||||
|
|
||||||
::
|
|
||||||
|
|
||||||
sed -e "s/END PRIVATE/END RSA PRIVATE/" \
|
|
||||||
-e "s/BEGIN PRIVATE/BEGIN RSA PRIVATE/" \
|
|
||||||
-i saml.key
|
|
||||||
|
|
||||||
Import them in configuration and activate the SAML issuer
|
Import them in configuration and activate the SAML issuer
|
||||||
|
|
||||||
::
|
::
|
||||||
|
|
|
@ -58,9 +58,9 @@ author = u'LemonLDAP::NG'
|
||||||
# built documents.
|
# built documents.
|
||||||
#
|
#
|
||||||
# The short X.Y version.
|
# The short X.Y version.
|
||||||
version = u'2.0'
|
version = u'3.0'
|
||||||
# The full version, including alpha/beta/rc tags.
|
# The full version, including alpha/beta/rc tags.
|
||||||
release = u'2.0'
|
release = u'3.0'
|
||||||
|
|
||||||
# The language for content autogenerated by Sphinx. Refer to documentation
|
# The language for content autogenerated by Sphinx. Refer to documentation
|
||||||
# for a list of supported languages.
|
# for a list of supported languages.
|
||||||
|
|
|
@ -132,7 +132,7 @@ configuration.
|
||||||
Manager API
|
Manager API
|
||||||
-----------
|
-----------
|
||||||
|
|
||||||
Since 2.0.8, a Manager API is available for:
|
Manager API is available for:
|
||||||
|
|
||||||
- Second factors management for users
|
- Second factors management for users
|
||||||
- OpenID Connect RP management
|
- OpenID Connect RP management
|
||||||
|
|
|
@ -95,16 +95,17 @@ As *user*, create directory in directory:
|
||||||
git checkout master # go to master branch
|
git checkout master # go to master branch
|
||||||
git remote add upstream https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng.git # to connect to remote branch
|
git remote add upstream https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng.git # to connect to remote branch
|
||||||
git fetch upstream # import branch
|
git fetch upstream # import branch
|
||||||
git checkout v2.0 # to change branch
|
git checkout v2.1 # to change branch
|
||||||
git fetch upstream
|
git fetch upstream
|
||||||
|
|
||||||
Import version branch on linux station:
|
Import version branch on linux station:
|
||||||
|
|
||||||
::
|
::
|
||||||
|
|
||||||
git checkout v2.0
|
git checkout v2.1
|
||||||
git fetch upstream
|
git fetch upstream --all
|
||||||
git rebase upstream/v2.0 # to align to parent project remote branch
|
git rebase upstream/v2.1 # to align to parent project remote branch
|
||||||
|
git push # to push to working remote branch
|
||||||
|
|
||||||
On gitlab, create working branch, one per thematic on linux station:
|
On gitlab, create working branch, one per thematic on linux station:
|
||||||
|
|
||||||
|
@ -115,9 +116,9 @@ On gitlab, create working branch, one per thematic on linux station:
|
||||||
git status
|
git status
|
||||||
git commit -am "explanations (#number gitlab ticket)"
|
git commit -am "explanations (#number gitlab ticket)"
|
||||||
git commit --amend file(s) # to modify a commit
|
git commit --amend file(s) # to modify a commit
|
||||||
git rebase v2.0 # align local working branch to local 2.0
|
git rebase v2.1 # align local working branch to local 2.1
|
||||||
git checkout -- file(s) # revert
|
git checkout -- file(s) # revert
|
||||||
git push # to send on remote working branch ! Only after doing some commits !
|
git push # to send on remote working branch
|
||||||
|
|
||||||
On gitlab, submit merge request when tests are corrects.
|
On gitlab, submit merge request when tests are corrects.
|
||||||
|
|
||||||
|
@ -126,7 +127,7 @@ Install dependencies
|
||||||
|
|
||||||
::
|
::
|
||||||
|
|
||||||
aptitude install libapache-session-perl libcache-cache-perl libclone-perl libconfig-inifiles-perl libconvert-pem-perl libcrypt-openssl-bignum-perl libcrypt-openssl-rsa-perl libcrypt-openssl-x509-perl libcrypt-rijndael-perl libdbi-perl libdigest-hmac-perl libemail-sender-perl libgd-securityimage-perl libhtml-template-perl libio-string-perl libjson-perl libmime-tools-perl libmouse-perl libnet-ldap-perl libplack-perl libregexp-assemble-perl libregexp-common-perl libsoap-lite-perl libstring-random-perl libtext-unidecode-perl libunicode-string-perl liburi-perl libwww-perl libxml-simple-perl libxml-libxslt-perl libcrypt-urandom-perl libconvert-base32-perl cpanminus
|
aptitude install libapache-session-perl libcache-cache-perl libclone-perl libconfig-inifiles-perl libconvert-pem-perl libcrypt-openssl-bignum-perl libcrypt-openssl-rsa-perl libcrypt-openssl-x509-perl libcrypt-rijndael-perl libdbi-perl libdigest-hmac-perl libemail-sender-perl libgd-securityimage-perl libhtml-template-perl libio-string-perl libjson-perl libmime-tools-perl libmouse-perl libnet-ldap-perl libplack-perl libregexp-assemble-perl libregexp-common-perl libsoap-lite-perl libstring-random-perl libtext-unidecode-perl libunicode-string-perl liburi-perl libwww-perl libxml-libxslt-perl libcrypt-urandom-perl libconvert-base32-perl cpanminus
|
||||||
aptitude install apache2 libapache2-mod-fcgid libapache2-mod-perl2 # install Apache
|
aptitude install apache2 libapache2-mod-fcgid libapache2-mod-perl2 # install Apache
|
||||||
aptitude install nginx nginx-extras # install Nginx
|
aptitude install nginx nginx-extras # install Nginx
|
||||||
cpanm perltidy@20181120
|
cpanm perltidy@20181120
|
||||||
|
|
|
@ -23,7 +23,7 @@ from a version older than 1.0
|
||||||
Can't locate /usr/share/lemonldap-ng/configStorage.pl
|
Can't locate /usr/share/lemonldap-ng/configStorage.pl
|
||||||
|
|
||||||
→ When you upgrade from Debian Lenny with customized index.pl files, you
|
→ When you upgrade from Debian Lenny with customized index.pl files, you
|
||||||
must upgrade them.
|
must upgrade them.
|
||||||
|
|
||||||
Lemonldap::NG::Handler
|
Lemonldap::NG::Handler
|
||||||
----------------------
|
----------------------
|
||||||
|
|
|
@ -53,36 +53,13 @@ portal:
|
||||||
attributes: it can contain boolean results or any string
|
attributes: it can contain boolean results or any string
|
||||||
- macros can also be used to import environment variables *(these
|
- macros can also be used to import environment variables *(these
|
||||||
variables are in CGI format)*. Example: ``$ENV{HTTP_COOKIE}``
|
variables are in CGI format)*. Example: ``$ENV{HTTP_COOKIE}``
|
||||||
- groups are stored as a string with values separated by ''; ''
|
- You can check for group membership of a particular user with the
|
||||||
(default values separator) in the special attribute ``groups``: it
|
``inGroup`` function, see examples below.
|
||||||
contains the names of groups whose rules were returned true for the
|
- If you need more advanced processing of the group list (filtering,
|
||||||
current user. For example:
|
rewriting) you may use ``$groups``, a flat list of all the user's
|
||||||
|
groups, separated by ''; '' (default values separator). Or the
|
||||||
.. code-block:: perl
|
``$hGroups`` variable which is a perl hash whose keys are the group
|
||||||
|
names.
|
||||||
$groups = group3; admin
|
|
||||||
|
|
||||||
- You can also get groups in ``$hGroups`` which is a Hash Reference of
|
|
||||||
this form:
|
|
||||||
|
|
||||||
.. code-block:: perl
|
|
||||||
|
|
||||||
$hGroups = {
|
|
||||||
'group3' => {
|
|
||||||
'description' => [
|
|
||||||
'Service 3',
|
|
||||||
'Service 3 TEST'
|
|
||||||
],
|
|
||||||
'cn' => [
|
|
||||||
'group3'
|
|
||||||
],
|
|
||||||
'name' => 'group3'
|
|
||||||
},
|
|
||||||
'admin' => {
|
|
||||||
'name' => 'admin'
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
Example for macros:
|
Example for macros:
|
||||||
|
|
||||||
|
@ -107,6 +84,42 @@ Defining a group for admins
|
||||||
|
|
||||||
Using groups in a rule
|
Using groups in a rule
|
||||||
|
|
||||||
|
.. code-block:: perl
|
||||||
|
|
||||||
|
^/admin -> inGroup('admin')
|
||||||
|
|
||||||
|
# Advanced usage
|
||||||
|
^/admin -> defined $hGroups->{'admin'}
|
||||||
|
^/admin -> $groups =~ /\badmin\b/
|
||||||
|
|
||||||
|
|
||||||
|
.. note::
|
||||||
|
|
||||||
|
Groups are computed after macros, so a group rule may involve a
|
||||||
|
macro value.
|
||||||
|
|
||||||
|
.. warning::
|
||||||
|
|
||||||
|
Macros and groups are computed in alphanumeric order,
|
||||||
|
that is, in the order they are displayed in the manager. For example,
|
||||||
|
macro "macro1" will be computed before macro "macro2": so, expression of
|
||||||
|
macro2 may involve value of macro1. As same for groups: a group rule may
|
||||||
|
involve another, previously computed group.
|
||||||
|
|
||||||
|
# Use a boolean macro in a rule
|
||||||
|
^/admin -> $isAdmin
|
||||||
|
# Use a string macro in a HTTP header
|
||||||
|
Display-Name -> $displayName
|
||||||
|
|
||||||
|
Defining a group for admins
|
||||||
|
|
||||||
|
.. code-block:: perl
|
||||||
|
|
||||||
|
# group
|
||||||
|
admin -> $uid eq 'foo' or $uid eq 'bar'
|
||||||
|
|
||||||
|
Using groups in a rule
|
||||||
|
|
||||||
.. code-block:: perl
|
.. code-block:: perl
|
||||||
|
|
||||||
^/admin -> $groups =~ /\badmin\b/
|
^/admin -> $groups =~ /\badmin\b/
|
||||||
|
|
|
@ -321,8 +321,6 @@ Example::
|
||||||
listMatch
|
listMatch
|
||||||
~~~~~~~~~
|
~~~~~~~~~
|
||||||
|
|
||||||
.. versionadded:: 2.0.7
|
|
||||||
|
|
||||||
This function lets you test if a particular value can be found with a
|
This function lets you test if a particular value can be found with a
|
||||||
multi-valued session attribute.
|
multi-valued session attribute.
|
||||||
|
|
||||||
|
@ -349,8 +347,6 @@ found.
|
||||||
inGroup
|
inGroup
|
||||||
~~~~~~~
|
~~~~~~~
|
||||||
|
|
||||||
.. versionadded:: 2.0.8
|
|
||||||
|
|
||||||
This function lets you test if the user is in a given group. It is
|
This function lets you test if the user is in a given group. It is
|
||||||
case-insensitive.
|
case-insensitive.
|
||||||
|
|
||||||
|
@ -405,11 +401,8 @@ IP address is local*:
|
||||||
varIsInUri
|
varIsInUri
|
||||||
~~~~~~~~~~
|
~~~~~~~~~~
|
||||||
|
|
||||||
.. versionadded:: 2.0.7
|
Function to check if a variable is in requested URI. Example *check if
|
||||||
|
$uid is in /check-auth/ URI*:
|
||||||
Function to check if a variable is in requested URI
|
|
||||||
|
|
||||||
Example *check if $uid is in /check-auth/ URI*:
|
|
||||||
|
|
||||||
.. code-block:: perl
|
.. code-block:: perl
|
||||||
|
|
||||||
|
@ -429,7 +422,3 @@ Example *check if $uid is in /check-auth/ URI*:
|
||||||
https://test1.example.com/check-auth/rtyler/api -> false
|
https://test1.example.com/check-auth/rtyler/api -> false
|
||||||
https://test1.example.com/check-auth/rtyler -> false
|
https://test1.example.com/check-auth/rtyler -> false
|
||||||
|
|
||||||
.. |image0| image:: /documentation/new.png
|
|
||||||
:width: 35px
|
|
||||||
.. |image1| image:: /documentation/new.png
|
|
||||||
:width: 35px
|
|
||||||
|
|
|
@ -11,6 +11,16 @@ Handlers are build on rows of modules:
|
||||||
- Library types if needed *(may inherit from Main)*
|
- Library types if needed *(may inherit from Main)*
|
||||||
- Main: the main handler library
|
- Main: the main handler library
|
||||||
|
|
||||||
|
Since version 2.1, wrappers are autogenerated when undefined. Generated
|
||||||
|
code is simply:
|
||||||
|
|
||||||
|
.. code:: perl
|
||||||
|
|
||||||
|
package Lemonldap::NG::Handler::Platform::Type;
|
||||||
|
use base 'Lemonldap::NG::Handler::Lib::Type',
|
||||||
|
'Lemonldap::NG::Handler::Platform::Main';
|
||||||
|
1;
|
||||||
|
|
||||||
Overview of Handler packages
|
Overview of Handler packages
|
||||||
----------------------------
|
----------------------------
|
||||||
|
|
||||||
|
|
|
@ -6,4 +6,4 @@ Standard SSO protocols
|
||||||
|
|
||||||
samlservice
|
samlservice
|
||||||
openidconnectservice
|
openidconnectservice
|
||||||
|
|
||||||
|
|
|
@ -95,8 +95,7 @@ Then, add the official LL::NG repository
|
||||||
version
|
version
|
||||||
- Use the ``testing`` repository to get packages from next major
|
- Use the ``testing`` repository to get packages from next major
|
||||||
version
|
version
|
||||||
- Use the ``2.0`` repository to avoid upgrade to next major version
|
- Use the ``2.1`` repository to avoid upgrade to next major version
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
Finally update your APT cache:
|
Finally update your APT cache:
|
||||||
|
|
|
@ -95,7 +95,7 @@ Run this to update packages cache:
|
||||||
|
|
||||||
You must also install the EPEL repository for non-core
|
You must also install the EPEL repository for non-core
|
||||||
dependencies. See :ref:`prerequisites and dependencies<prereq-yum>`
|
dependencies. See :ref:`prerequisites and dependencies<prereq-yum>`
|
||||||
chapter for more.
|
chapter for more.
|
||||||
|
|
||||||
Manual download
|
Manual download
|
||||||
~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~
|
||||||
|
|
|
@ -5,7 +5,7 @@ Each time you save a configuration, Manager launch a lot of tests:
|
||||||
|
|
||||||
- unit tests for each key: they are declared in
|
- unit tests for each key: they are declared in
|
||||||
Lemonldap::NG::Manager::Attributes *(source
|
Lemonldap::NG::Manager::Attributes *(source
|
||||||
Lemonldap::NG::Manager::Build::Attributes)*
|
Lemonldap::NG::Manager::Build::Attributes)*
|
||||||
- more advanced tests declared in Lemonldap::NG::Manager::Conf::Tests
|
- more advanced tests declared in Lemonldap::NG::Manager::Conf::Tests
|
||||||
|
|
||||||
In some case *(conf overridden in INI file,...)*, you may have to ignore
|
In some case *(conf overridden in INI file,...)*, you may have to ignore
|
||||||
|
|
|
@ -356,7 +356,7 @@ Available options:
|
||||||
|
|
||||||
- **Server**: Enable/Disable notification server
|
- **Server**: Enable/Disable notification server
|
||||||
- **Default condition**: Condition appended to ALL notifications
|
- **Default condition**: Condition appended to ALL notifications
|
||||||
inserted by notification server (JSON format only)
|
inserted by notification server
|
||||||
- **Notification parameters to send**: Notifications parameters
|
- **Notification parameters to send**: Notifications parameters
|
||||||
returned by ``GET`` method
|
returned by ``GET`` method
|
||||||
- **HTTP methods**: Enable/Disable HTTP methods
|
- **HTTP methods**: Enable/Disable HTTP methods
|
||||||
|
|
|
@ -18,7 +18,6 @@ Key name Documentation
|
||||||
ADPwdExpireWarning AD password expire warning ✔
|
ADPwdExpireWarning AD password expire warning ✔
|
||||||
ADPwdMaxAge AD password max age ✔
|
ADPwdMaxAge AD password max age ✔
|
||||||
AuthLDAPFilter LDAP filter for auth search ✔
|
AuthLDAPFilter LDAP filter for auth search ✔
|
||||||
LDAPFilter Default LDAP filter ✔
|
|
||||||
SMTPAuthPass Password to use to send mails ✔
|
SMTPAuthPass Password to use to send mails ✔
|
||||||
SMTPAuthUser Login to use to send mails ✔
|
SMTPAuthUser Login to use to send mails ✔
|
||||||
SMTPPort Fix SMTP port ✔
|
SMTPPort Fix SMTP port ✔
|
||||||
|
|
|
@ -247,17 +247,10 @@ First, create a file to contain the plugin code ::
|
||||||
Enabling your plugin
|
Enabling your plugin
|
||||||
~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
Declare the plugin in lemonldap-ng.ini:
|
Declare the plugin in Manager, in General Parameters > Plugins > Custom
|
||||||
|
Plugins.
|
||||||
|
|
||||||
::
|
- Modules list: for example
|
||||||
|
``Lemonldap::NG::Portal::MyPlugin1, Lemonldap::NG::Portal::MyPlugin2``
|
||||||
vi /etc/lemonldap-ng/lemonldap-ng.ini
|
- Additional parameters: parameters that will be available in
|
||||||
|
``customPluginsParams`` configuration key
|
||||||
.. code-block:: perl
|
|
||||||
|
|
||||||
[portal]
|
|
||||||
customPlugins = Lemonldap::NG::Portal::MyPlugin
|
|
||||||
;customPlugins = Lemonldap::NG::Portal::MyPlugin1, Lemonldap::NG::Portal::MyPlugin2, ...
|
|
||||||
|
|
||||||
Since 2.0.7, it can also be configured in Manager, in General Parameters
|
|
||||||
> Plugins > Custom Plugins.
|
|
||||||
|
|
|
@ -346,7 +346,6 @@ Password management
|
||||||
revealed. Disabled by default.
|
revealed. Disabled by default.
|
||||||
|
|
||||||
Password Policy
|
Password Policy
|
||||||
---------------
|
|
||||||
|
|
||||||
.. tip::
|
.. tip::
|
||||||
|
|
||||||
|
|
|
@ -65,8 +65,8 @@ Core
|
||||||
- Regexp::Common
|
- Regexp::Common
|
||||||
- SOAP::Lite *(optional)*
|
- SOAP::Lite *(optional)*
|
||||||
- String::Random
|
- String::Random
|
||||||
- Text::Unidecode *(Since LemonLDAP::NG 2.0.5)*
|
|
||||||
- Unicode::String
|
- Unicode::String
|
||||||
|
- Text::Unidecode
|
||||||
- URI
|
- URI
|
||||||
- URI::Escape
|
- URI::Escape
|
||||||
|
|
||||||
|
@ -88,7 +88,6 @@ SAML2
|
||||||
|
|
||||||
- `Lasso <http://lasso.entrouvert.org/>`__
|
- `Lasso <http://lasso.entrouvert.org/>`__
|
||||||
- GLib
|
- GLib
|
||||||
- XML::Simple
|
|
||||||
|
|
||||||
Second factor
|
Second factor
|
||||||
~~~~~~~~~~~~~
|
~~~~~~~~~~~~~
|
||||||
|
@ -135,11 +134,11 @@ SMTP & Reset password/certificate by mail
|
||||||
Unit tests
|
Unit tests
|
||||||
~~~~~~~~~~
|
~~~~~~~~~~
|
||||||
|
|
||||||
- Authen::U2F::Tester
|
|
||||||
- Crypt::U2F::Server
|
|
||||||
- Test::MockObject
|
|
||||||
- Test::Output
|
|
||||||
- Test::POD
|
- Test::POD
|
||||||
|
- Test::MockObject
|
||||||
|
- Crypt::U2F::Server
|
||||||
|
- Authen::U2F::Tester
|
||||||
|
- Test::Output
|
||||||
- Time::Fake
|
- Time::Fake
|
||||||
- YAML
|
- YAML
|
||||||
|
|
||||||
|
@ -169,7 +168,7 @@ Perl dependencies:
|
||||||
|
|
||||||
::
|
::
|
||||||
|
|
||||||
apt install libapache-session-perl libcache-cache-perl libclone-perl libconfig-inifiles-perl libconvert-pem-perl libcrypt-openssl-bignum-perl libcrypt-openssl-rsa-perl libcrypt-openssl-x509-perl libcrypt-rijndael-perl libdbi-perl libdigest-hmac-perl libemail-sender-perl libgd-securityimage-perl libhtml-template-perl libio-string-perl libjson-perl libmime-tools-perl libmouse-perl libnet-ldap-perl libplack-perl libregexp-assemble-perl libregexp-common-perl libsoap-lite-perl libstring-random-perl libunicode-string-perl liburi-perl libwww-perl libxml-simple-perl libxml-libxslt-perl libcrypt-urandom-perl libtext-unidecode-perl libcookie-baker-xs-perl
|
apt install libapache-session-perl libcache-cache-perl libclone-perl libconfig-inifiles-perl libconvert-pem-perl libcrypt-openssl-bignum-perl libcrypt-openssl-rsa-perl libcrypt-openssl-x509-perl libcrypt-rijndael-perl libdbi-perl libdigest-hmac-perl libemail-sender-perl libgd-securityimage-perl libhtml-template-perl libio-string-perl libjson-perl libmime-tools-perl libmouse-perl libnet-ldap-perl libplack-perl libregexp-assemble-perl libregexp-common-perl libsoap-lite-perl libstring-random-perl libunicode-string-perl liburi-perl libwww-perl libxml-libxslt-perl libcrypt-urandom-perl libtext-unidecode-perl libcookie-baker-xs-perl
|
||||||
|
|
||||||
For Apache:
|
For Apache:
|
||||||
|
|
||||||
|
@ -199,7 +198,7 @@ Perl dependencies:
|
||||||
|
|
||||||
::
|
::
|
||||||
|
|
||||||
yum install perl-Apache-Session perl-Cache-Cache perl-Clone perl-Config-IniFiles perl-Convert-PEM perl-Crypt-OpenSSL-RSA perl-Crypt-OpenSSL-X509 perl-Crypt-Rijndael perl-Digest-HMAC perl-Digest-SHA perl-GD-SecurityImage perl-HTML-Template perl-IO-String perl-JSON perl-LDAP perl-Mouse perl-Plack perl-Regexp-Assemble perl-Regexp-Common perl-SOAP-Lite perl-String-Random perl-Unicode-String perl-version perl-XML-Simple perl-Crypt-URandom perl-Email-Sender
|
yum install perl-Apache-Session perl-Cache-Cache perl-Clone perl-Config-IniFiles perl-Convert-PEM perl-Crypt-OpenSSL-RSA perl-Crypt-OpenSSL-X509 perl-Crypt-Rijndael perl-Digest-HMAC perl-Digest-SHA perl-GD-SecurityImage perl-HTML-Template perl-IO-String perl-JSON perl-LDAP perl-Mouse perl-Plack perl-Regexp-Assemble perl-Regexp-Common perl-SOAP-Lite perl-String-Random perl-Unicode-String perl-version perl-Crypt-URandom perl-Email-Sender
|
||||||
|
|
||||||
For Apache:
|
For Apache:
|
||||||
|
|
||||||
|
|
|
@ -5,8 +5,6 @@ This plugin appends an endpoint to refresh sessions by user. It provides
|
||||||
``https://portal/refreshsession`` endpoint. Protect it by webserver
|
``https://portal/refreshsession`` endpoint. Protect it by webserver
|
||||||
configuration.
|
configuration.
|
||||||
|
|
||||||
This plugin is available with LLNG ≥ 2.0.7.
|
|
||||||
|
|
||||||
Usage
|
Usage
|
||||||
-----
|
-----
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
Documentation for LemonLDAP::NG 2.0
|
Documentation for LemonLDAP::NG 3.0
|
||||||
===================================
|
===================================
|
||||||
|
|
||||||
.. image:: logos/logo_llng_600px.png
|
.. image:: logos/logo_llng_600px.png
|
||||||
|
|
|
@ -1,2 +1,4 @@
|
||||||
|
.. include:: upgrade_2_1_x.rst
|
||||||
|
.. include:: upgrade_2_1.rst
|
||||||
.. include:: upgrade_2_0_x.rst
|
.. include:: upgrade_2_0_x.rst
|
||||||
.. include:: upgrade_2_0.rst
|
.. include:: upgrade_2_0.rst
|
||||||
|
|
|
@ -0,0 +1,9 @@
|
||||||
|
Upgrade from 2.0 to 2.1
|
||||||
|
=======================
|
||||||
|
|
||||||
|
SOAP deprecation
|
||||||
|
----------------
|
||||||
|
|
||||||
|
LLNG 2.1.x will be the last major version supporting SOAP services.
|
||||||
|
Please start migration to :doc:`REST services<restservices>` *(available
|
||||||
|
since 2.0.0)*.
|
|
@ -0,0 +1,10 @@
|
||||||
|
Upgrade from 2.1.x to 2.1.y
|
||||||
|
===========================
|
||||||
|
|
||||||
|
Update from one minor version to another does not require any particular
|
||||||
|
action. Please apply general caution as you would with any software:
|
||||||
|
have backups and a rollback plan ready!
|
||||||
|
|
||||||
|
Do not forget to read the release notes of the version you are about to
|
||||||
|
install for any specific instructions.
|
||||||
|
|
|
@ -132,12 +132,11 @@ There are three ways to impose users a higher authentication level:
|
||||||
|
|
||||||
- writing a rule based on authentication level:
|
- writing a rule based on authentication level:
|
||||||
``$authenticationLevel > 3``
|
``$authenticationLevel > 3``
|
||||||
- since 2.0, set a minimum level in virtual host options (default value
|
- set a minimum level in virtual host options (default value for ALL
|
||||||
for ALL access rules)
|
access rules)
|
||||||
- since 2.0.7, a minimum authentication level can be set for each URI
|
- a minimum authentication level can be set for each URI access rule.
|
||||||
access rule. Useful if URI are protected by different types of
|
Useful if URI are protected by different types of handler (AuthBasic
|
||||||
handler (AuthBasic -> level 2, Main -> level set by authentication
|
-> level 2, Main -> level set by authentication backend).
|
||||||
backend).
|
|
||||||
|
|
||||||
|
|
||||||
.. tip::
|
.. tip::
|
||||||
|
@ -146,6 +145,24 @@ There are three ways to impose users a higher authentication level:
|
||||||
to a form that explain that a higher level is required and propose to
|
to a form that explain that a higher level is required and propose to
|
||||||
reauthenticate himself.
|
reauthenticate himself.
|
||||||
|
|
||||||
|
Using regexp capture in rules
|
||||||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
If URL regexp captures something *(using parenthesis)*, you can use them
|
||||||
|
in the corresponding rule using ``$_rulematch[1]``. Example: only user
|
||||||
|
can access to its personal area:
|
||||||
|
|
||||||
|
- Regexp: ``/^public_html/(\w+)(/.*)?$``
|
||||||
|
- Rule: ``$uid eq $_rulematch[1]``
|
||||||
|
|
||||||
|
$_rulematch is an array that contains all captured strings. First index
|
||||||
|
is 1.
|
||||||
|
|
||||||
|
|
||||||
|
.. warning::
|
||||||
|
|
||||||
|
This feature requires Perl ≥ 5.25.7
|
||||||
|
|
||||||
.. _headers:
|
.. _headers:
|
||||||
|
|
||||||
Headers
|
Headers
|
||||||
|
@ -209,8 +226,8 @@ headers:
|
||||||
Wildcards in hostnames
|
Wildcards in hostnames
|
||||||
----------------------
|
----------------------
|
||||||
|
|
||||||
|image1| Since 2.0, a wildcard can be used in virtualhost name (not in
|
Since 2.0, a wildcard can be used in virtualhost name (not in aliases
|
||||||
aliases !): ``*.example.com`` matches all hostnames that belong to
|
!): ``*.example.com`` matches all hostnames that belong to
|
||||||
``example.com`` domain. Version 2.0.9 improves this and allows better
|
``example.com`` domain. Version 2.0.9 improves this and allows better
|
||||||
wildcards such as ``test-*.example.com`` or ``test-%.example.com``. The
|
wildcards such as ``test-*.example.com`` or ``test-%.example.com``. The
|
||||||
``%`` wilcard doesn't match subdomains.
|
``%`` wilcard doesn't match subdomains.
|
||||||
|
|
|
@ -100,7 +100,7 @@
|
||||||
"cfgDate": 1428138808,
|
"cfgDate": 1428138808,
|
||||||
"cfgLog": "Default configuration provided by LemonLDAP::NG team",
|
"cfgLog": "Default configuration provided by LemonLDAP::NG team",
|
||||||
"cfgNum": "1",
|
"cfgNum": "1",
|
||||||
"cfgVersion": "2.0.0",
|
"cfgVersion": "2.1.0",
|
||||||
"cookieName": "lemonldap",
|
"cookieName": "lemonldap",
|
||||||
"customFunctions": "My::hello My::get_additional_arg",
|
"customFunctions": "My::hello My::get_additional_arg",
|
||||||
"demoExportedVars": {
|
"demoExportedVars": {
|
||||||
|
|
|
@ -133,7 +133,7 @@
|
||||||
.\" ========================================================================
|
.\" ========================================================================
|
||||||
.\"
|
.\"
|
||||||
.IX Title "llng-fastcgi-server 8"
|
.IX Title "llng-fastcgi-server 8"
|
||||||
.TH llng-fastcgi-server 8 "2021-08-10" "perl v5.32.1" "User Contributed Perl Documentation"
|
.TH llng-fastcgi-server 8 "2021-08-01" "perl v5.32.1" "User Contributed Perl Documentation"
|
||||||
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
|
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
|
||||||
.\" way too many mistakes in technical documents.
|
.\" way too many mistakes in technical documents.
|
||||||
.if n .ad l
|
.if n .ad l
|
||||||
|
|
|
@ -7,7 +7,7 @@ use POSIX;
|
||||||
use Getopt::Long;
|
use Getopt::Long;
|
||||||
use Lemonldap::NG::Handler::Main::Reload;
|
use Lemonldap::NG::Handler::Main::Reload;
|
||||||
|
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
our (
|
our (
|
||||||
$foreground, $engine, $nproc, $pidFile,
|
$foreground, $engine, $nproc, $pidFile,
|
||||||
|
|
|
@ -37,6 +37,7 @@ lib/Lemonldap/NG/Common/Conf/Wrapper.pm
|
||||||
lib/Lemonldap/NG/Common/Crypto.pm
|
lib/Lemonldap/NG/Common/Crypto.pm
|
||||||
lib/Lemonldap/NG/Common/EmailTransport.pm
|
lib/Lemonldap/NG/Common/EmailTransport.pm
|
||||||
lib/Lemonldap/NG/Common/FormEncode.pm
|
lib/Lemonldap/NG/Common/FormEncode.pm
|
||||||
|
lib/Lemonldap/NG/Common/IO/Filter.pm
|
||||||
lib/Lemonldap/NG/Common/IPv6.pm
|
lib/Lemonldap/NG/Common/IPv6.pm
|
||||||
lib/Lemonldap/NG/Common/JWT.pm
|
lib/Lemonldap/NG/Common/JWT.pm
|
||||||
lib/Lemonldap/NG/Common/Logger/_Duplicate.pm
|
lib/Lemonldap/NG/Common/Logger/_Duplicate.pm
|
||||||
|
@ -91,8 +92,11 @@ t/35-Common-Crypto.t
|
||||||
t/36-Common-Regexp.t
|
t/36-Common-Regexp.t
|
||||||
t/40-Common-Session.t
|
t/40-Common-Session.t
|
||||||
t/50-Combination-Parser.t
|
t/50-Combination-Parser.t
|
||||||
|
t/60-Common-IO-Filter.t
|
||||||
t/60-Session-Cli.t
|
t/60-Session-Cli.t
|
||||||
t/99-pod.t
|
t/99-pod.t
|
||||||
|
t/inc.tpl
|
||||||
|
t/test.tpl
|
||||||
tools/apache-session-mysql.sql
|
tools/apache-session-mysql.sql
|
||||||
tools/lmConfig.CDBI.mysql
|
tools/lmConfig.CDBI.mysql
|
||||||
tools/lmConfig.RDBI.mysql
|
tools/lmConfig.RDBI.mysql
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
"Xavier Guimard <x.guimard@free.fr>, Clément Oudot <clement@oodo.net>"
|
"Xavier Guimard <x.guimard@free.fr>, Clément Oudot <clement@oodo.net>"
|
||||||
],
|
],
|
||||||
"dynamic_config" : 1,
|
"dynamic_config" : 1,
|
||||||
"generated_by" : "ExtUtils::MakeMaker version 7.34, CPAN::Meta::Converter version 2.150010",
|
"generated_by" : "ExtUtils::MakeMaker version 7.44, CPAN::Meta::Converter version 2.150010",
|
||||||
"license" : [
|
"license" : [
|
||||||
"open_source"
|
"open_source"
|
||||||
],
|
],
|
||||||
|
@ -78,6 +78,6 @@
|
||||||
],
|
],
|
||||||
"x_MailingList" : "mailto:lemonldap-ng-dev@ow2.org"
|
"x_MailingList" : "mailto:lemonldap-ng-dev@ow2.org"
|
||||||
},
|
},
|
||||||
"version" : "v2.0.13",
|
"version" : "v2.1.0",
|
||||||
"x_serialization_backend" : "JSON::PP version 4.04"
|
"x_serialization_backend" : "JSON::PP version 4.04"
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,7 +10,7 @@ build_requires:
|
||||||
configure_requires:
|
configure_requires:
|
||||||
ExtUtils::MakeMaker: '0'
|
ExtUtils::MakeMaker: '0'
|
||||||
dynamic_config: 1
|
dynamic_config: 1
|
||||||
generated_by: 'ExtUtils::MakeMaker version 7.34, CPAN::Meta::Converter version 2.150010'
|
generated_by: 'ExtUtils::MakeMaker version 7.44, CPAN::Meta::Converter version 2.150010'
|
||||||
license: open_source
|
license: open_source
|
||||||
meta-spec:
|
meta-spec:
|
||||||
url: http://module-build.sourceforge.net/META-spec-v1.4.html
|
url: http://module-build.sourceforge.net/META-spec-v1.4.html
|
||||||
|
@ -54,5 +54,5 @@ resources:
|
||||||
bugtracker: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues
|
bugtracker: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues
|
||||||
homepage: http://lemonldap-ng.org/
|
homepage: http://lemonldap-ng.org/
|
||||||
license: http://opensource.org/licenses/GPL-2.0
|
license: http://opensource.org/licenses/GPL-2.0
|
||||||
version: v2.0.13
|
version: v2.1.0
|
||||||
x_serialization_backend: 'CPAN::Meta::YAML version 0.018'
|
x_serialization_backend: 'CPAN::Meta::YAML version 0.018'
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
package Lemonldap::NG::Common;
|
package Lemonldap::NG::Common;
|
||||||
|
|
||||||
our $VERSION = '2.0.13';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
1;
|
1;
|
||||||
__END__
|
__END__
|
||||||
|
|
|
@ -15,7 +15,7 @@ use Lemonldap::NG::Common::Apache::Session::Serialize::JSON;
|
||||||
use Lemonldap::NG::Common::Apache::Session::Store;
|
use Lemonldap::NG::Common::Apache::Session::Store;
|
||||||
use Lemonldap::NG::Common::Apache::Session::Lock;
|
use Lemonldap::NG::Common::Apache::Session::Lock;
|
||||||
|
|
||||||
our $VERSION = '2.0.6';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
sub _load {
|
sub _load {
|
||||||
my ( $backend, $func ) = @_;
|
my ( $backend, $func ) = @_;
|
||||||
|
|
|
@ -11,7 +11,7 @@ package Lemonldap::NG::Common::Apache::Session::Generate::SHA256;
|
||||||
use strict;
|
use strict;
|
||||||
use Crypt::URandom;
|
use Crypt::URandom;
|
||||||
|
|
||||||
our $VERSION = '2.0.2';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
sub generate {
|
sub generate {
|
||||||
my $session = shift;
|
my $session = shift;
|
||||||
|
@ -21,17 +21,8 @@ sub generate {
|
||||||
$length = $session->{args}->{IDLength};
|
$length = $session->{args}->{IDLength};
|
||||||
}
|
}
|
||||||
|
|
||||||
eval {
|
$session->{data}->{_session_id} =
|
||||||
$session->{data}->{_session_id} =
|
unpack( 'H*', Crypt::URandom::urandom( int( $length / 2 ) ) );
|
||||||
unpack( 'H*', Crypt::URandom::urandom( int( $length / 2 ) ) );
|
|
||||||
};
|
|
||||||
if ($@) {
|
|
||||||
print STDERR "Crypt::URandom::urandom failed: $@\n";
|
|
||||||
require Digest::SHA;
|
|
||||||
$session->{data}->{_session_id} =
|
|
||||||
substr( Digest::SHA::sha256_hex( time() . {} . rand() . $$ ),
|
|
||||||
0, $length );
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
sub validate {
|
sub validate {
|
||||||
|
|
|
@ -3,7 +3,7 @@ package Lemonldap::NG::Common::Apache::Session::Lock;
|
||||||
|
|
||||||
use strict;
|
use strict;
|
||||||
|
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
sub new {
|
sub new {
|
||||||
my $class = shift;
|
my $class = shift;
|
||||||
|
|
|
@ -5,7 +5,7 @@ use Lemonldap::NG::Common::UserAgent;
|
||||||
use Lemonldap::NG::Common::Apache::Session::Generate::SHA256;
|
use Lemonldap::NG::Common::Apache::Session::Generate::SHA256;
|
||||||
use JSON qw(from_json to_json);
|
use JSON qw(from_json to_json);
|
||||||
|
|
||||||
our $VERSION = '2.0.5';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
our @ISA = qw(Lemonldap::NG::Common::Apache::Session::Generate::SHA256);
|
our @ISA = qw(Lemonldap::NG::Common::Apache::Session::Generate::SHA256);
|
||||||
|
|
||||||
|
|
|
@ -8,7 +8,7 @@ package Lemonldap::NG::Common::Apache::Session::SOAP;
|
||||||
use strict;
|
use strict;
|
||||||
use SOAP::Lite;
|
use SOAP::Lite;
|
||||||
|
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
#parameter proxy Url of SOAP service
|
#parameter proxy Url of SOAP service
|
||||||
#parameter proxyOptions SOAP::Lite options
|
#parameter proxyOptions SOAP::Lite options
|
||||||
|
|
|
@ -3,7 +3,7 @@ package Lemonldap::NG::Common::Apache::Session::Serialize::JSON;
|
||||||
use strict;
|
use strict;
|
||||||
use JSON qw(to_json from_json);
|
use JSON qw(to_json from_json);
|
||||||
|
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
sub serialize {
|
sub serialize {
|
||||||
my $session = shift;
|
my $session = shift;
|
||||||
|
|
|
@ -3,7 +3,7 @@ package Lemonldap::NG::Common::Apache::Session::Store;
|
||||||
|
|
||||||
use strict;
|
use strict;
|
||||||
|
|
||||||
our $VERSION = '2.0.10';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
sub new {
|
sub new {
|
||||||
my $class = shift;
|
my $class = shift;
|
||||||
|
|
|
@ -5,10 +5,10 @@ use Mouse;
|
||||||
use Lemonldap::NG::Common::Conf;
|
use Lemonldap::NG::Common::Conf;
|
||||||
use Lemonldap::NG::Common::EmailTransport;
|
use Lemonldap::NG::Common::EmailTransport;
|
||||||
|
|
||||||
our $VERSION = '2.0.8';
|
|
||||||
|
|
||||||
extends 'Lemonldap::NG::Common::PSGI::Cli::Lib';
|
extends 'Lemonldap::NG::Common::PSGI::Cli::Lib';
|
||||||
|
|
||||||
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
has confAccess => (
|
has confAccess => (
|
||||||
is => 'rw',
|
is => 'rw',
|
||||||
builder => sub {
|
builder => sub {
|
||||||
|
|
|
@ -9,7 +9,7 @@ use Lemonldap::NG::Common::Apache::Session;
|
||||||
use Lemonldap::NG::Common::Session;
|
use Lemonldap::NG::Common::Session;
|
||||||
use Lemonldap::NG::Common::Util qw/getPSessionID genId2F/;
|
use Lemonldap::NG::Common::Util qw/getPSessionID genId2F/;
|
||||||
|
|
||||||
our $VERSION = '2.0.9';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
has opts => ( is => 'rw' );
|
has opts => ( is => 'rw' );
|
||||||
|
|
||||||
|
|
|
@ -5,7 +5,7 @@ use Mouse;
|
||||||
use Safe;
|
use Safe;
|
||||||
use constant PE_OK => 0;
|
use constant PE_OK => 0;
|
||||||
|
|
||||||
our $VERSION = '2.0.6';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
# Handle "if then else" (used during init)
|
# Handle "if then else" (used during init)
|
||||||
# return a sub that can be called with ($req) to get a [array] of combination
|
# return a sub that can be called with ($req) to get a [array] of combination
|
||||||
|
|
|
@ -27,7 +27,7 @@ use Config::IniFiles;
|
||||||
#inherits Lemonldap::NG::Common::Conf::Backends::SOAP
|
#inherits Lemonldap::NG::Common::Conf::Backends::SOAP
|
||||||
#inherits Lemonldap::NG::Common::Conf::Backends::LDAP
|
#inherits Lemonldap::NG::Common::Conf::Backends::LDAP
|
||||||
|
|
||||||
our $VERSION = '2.0.14';
|
our $VERSION = '2.1.0';
|
||||||
our $msg = '';
|
our $msg = '';
|
||||||
our $iniObj;
|
our $iniObj;
|
||||||
|
|
||||||
|
|
|
@ -11,7 +11,7 @@ has 'configStorage' => ( is => 'rw', isa => 'HashRef', default => sub { {} } );
|
||||||
has 'currentConf' => ( is => 'rw', required => 1, default => sub { {} } );
|
has 'currentConf' => ( is => 'rw', required => 1, default => sub { {} } );
|
||||||
has 'protection' => ( is => 'rw', isa => 'Str', default => 'manager' );
|
has 'protection' => ( is => 'rw', isa => 'Str', default => 'manager' );
|
||||||
|
|
||||||
our $VERSION = '2.0.11';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
## @method Lemonldap::NG::Common::Conf confAcc()
|
## @method Lemonldap::NG::Common::Conf confAcc()
|
||||||
# Configuration access object
|
# Configuration access object
|
||||||
|
|
|
@ -5,7 +5,7 @@ use utf8;
|
||||||
use JSON;
|
use JSON;
|
||||||
use Lemonldap::NG::Common::Conf::Backends::_DBI;
|
use Lemonldap::NG::Common::Conf::Backends::_DBI;
|
||||||
|
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.1.0';
|
||||||
our @ISA = qw(Lemonldap::NG::Common::Conf::Backends::_DBI);
|
our @ISA = qw(Lemonldap::NG::Common::Conf::Backends::_DBI);
|
||||||
|
|
||||||
sub store {
|
sub store {
|
||||||
|
|
|
@ -5,7 +5,7 @@ use utf8;
|
||||||
use Lemonldap::NG::Common::Conf::Serializer;
|
use Lemonldap::NG::Common::Conf::Serializer;
|
||||||
use Lemonldap::NG::Common::Conf::Backends::_DBI;
|
use Lemonldap::NG::Common::Conf::Backends::_DBI;
|
||||||
|
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.1.0';
|
||||||
our @ISA = qw(Lemonldap::NG::Common::Conf::Backends::_DBI);
|
our @ISA = qw(Lemonldap::NG::Common::Conf::Backends::_DBI);
|
||||||
|
|
||||||
sub store {
|
sub store {
|
||||||
|
|
|
@ -5,7 +5,7 @@ use Lemonldap::NG::Common::Conf::Constants; #inherits
|
||||||
use JSON;
|
use JSON;
|
||||||
use Encode;
|
use Encode;
|
||||||
|
|
||||||
our $VERSION = '2.0.9';
|
our $VERSION = '2.1.0';
|
||||||
our $initDone;
|
our $initDone;
|
||||||
|
|
||||||
sub Lemonldap::NG::Common::Conf::_lock {
|
sub Lemonldap::NG::Common::Conf::_lock {
|
||||||
|
|
|
@ -5,7 +5,7 @@ package Lemonldap::NG::Common::Conf::Backends::JSONFile;
|
||||||
use Lemonldap::NG::Common::Conf::Backends::File;
|
use Lemonldap::NG::Common::Conf::Backends::File;
|
||||||
|
|
||||||
our @ISA = qw(Lemonldap::NG::Common::Conf::Backends::File);
|
our @ISA = qw(Lemonldap::NG::Common::Conf::Backends::File);
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|
||||||
|
|
|
@ -11,7 +11,7 @@ use Net::LDAP;
|
||||||
use Lemonldap::NG::Common::Conf::Constants; #inherits
|
use Lemonldap::NG::Common::Conf::Constants; #inherits
|
||||||
use Lemonldap::NG::Common::Conf::Serializer;
|
use Lemonldap::NG::Common::Conf::Serializer;
|
||||||
|
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
BEGIN {
|
BEGIN {
|
||||||
*Lemonldap::NG::Common::Conf::ldap = \&ldap;
|
*Lemonldap::NG::Common::Conf::ldap = \&ldap;
|
||||||
|
|
|
@ -3,7 +3,7 @@ package Lemonldap::NG::Common::Conf::Backends::Local;
|
||||||
use strict;
|
use strict;
|
||||||
use Lemonldap::NG::Common::Conf::Constants;
|
use Lemonldap::NG::Common::Conf::Constants;
|
||||||
|
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
sub prereq {
|
sub prereq {
|
||||||
return 1;
|
return 1;
|
||||||
|
|
|
@ -5,7 +5,7 @@ use utf8;
|
||||||
use strict;
|
use strict;
|
||||||
use Lemonldap::NG::Common::Conf::Serializer;
|
use Lemonldap::NG::Common::Conf::Serializer;
|
||||||
|
|
||||||
our $VERSION = '2.0.1';
|
our $VERSION = '2.1.0';
|
||||||
our $initDone;
|
our $initDone;
|
||||||
|
|
||||||
sub prereq {
|
sub prereq {
|
||||||
|
|
|
@ -5,7 +5,7 @@ use utf8;
|
||||||
use Lemonldap::NG::Common::Conf::Serializer;
|
use Lemonldap::NG::Common::Conf::Serializer;
|
||||||
use Lemonldap::NG::Common::Conf::Backends::_DBI;
|
use Lemonldap::NG::Common::Conf::Backends::_DBI;
|
||||||
|
|
||||||
our $VERSION = '2.0.12';
|
our $VERSION = '2.1.0';
|
||||||
our @ISA = qw(Lemonldap::NG::Common::Conf::Backends::_DBI);
|
our @ISA = qw(Lemonldap::NG::Common::Conf::Backends::_DBI);
|
||||||
|
|
||||||
sub store {
|
sub store {
|
||||||
|
|
|
@ -4,7 +4,7 @@ use strict;
|
||||||
use Lemonldap::NG::Common::UserAgent;
|
use Lemonldap::NG::Common::UserAgent;
|
||||||
use JSON qw(from_json to_json);
|
use JSON qw(from_json to_json);
|
||||||
|
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
#parameter baseUrl, user, password, realm, lwpOpts
|
#parameter baseUrl, user, password, realm, lwpOpts
|
||||||
|
|
||||||
|
|
|
@ -5,7 +5,7 @@ use utf8;
|
||||||
use SOAP::Lite;
|
use SOAP::Lite;
|
||||||
use Lemonldap::NG::Common::Conf::Constants;
|
use Lemonldap::NG::Common::Conf::Constants;
|
||||||
|
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
#parameter proxy Url of SOAP service
|
#parameter proxy Url of SOAP service
|
||||||
#parameter proxyOptions SOAP::Lite parameters
|
#parameter proxyOptions SOAP::Lite parameters
|
||||||
|
|
|
@ -5,7 +5,7 @@ use Lemonldap::NG::Common::Conf::Constants; #inherits
|
||||||
use YAML qw();
|
use YAML qw();
|
||||||
use Encode;
|
use Encode;
|
||||||
|
|
||||||
our $VERSION = '2.0.9';
|
our $VERSION = '2.1.0';
|
||||||
our $initDone;
|
our $initDone;
|
||||||
$YAML::Numify = 1;
|
$YAML::Numify = 1;
|
||||||
|
|
||||||
|
|
|
@ -5,7 +5,7 @@ use utf8;
|
||||||
use DBI;
|
use DBI;
|
||||||
use Lemonldap::NG::Common::Conf::Constants; #inherits
|
use Lemonldap::NG::Common::Conf::Constants; #inherits
|
||||||
|
|
||||||
our $VERSION = '2.0.12';
|
our $VERSION = '2.1.0';
|
||||||
our @ISA = qw(Lemonldap::NG::Common::Conf::Constants);
|
our @ISA = qw(Lemonldap::NG::Common::Conf::Constants);
|
||||||
our ( @EXPORT, %EXPORT_TAGS );
|
our ( @EXPORT, %EXPORT_TAGS );
|
||||||
|
|
||||||
|
|
|
@ -4,7 +4,7 @@ use strict;
|
||||||
use Mouse;
|
use Mouse;
|
||||||
use Lemonldap::NG::Common::Conf::ReConstants;
|
use Lemonldap::NG::Common::Conf::ReConstants;
|
||||||
|
|
||||||
our $VERSION = '2.0.8';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
sub compactConf {
|
sub compactConf {
|
||||||
my ( $self, $conf ) = @_;
|
my ( $self, $conf ) = @_;
|
||||||
|
|
|
@ -5,7 +5,7 @@ use strict;
|
||||||
use Exporter 'import';
|
use Exporter 'import';
|
||||||
use base qw(Exporter);
|
use base qw(Exporter);
|
||||||
|
|
||||||
our $VERSION = '2.0.14';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
# CONSTANTS
|
# CONSTANTS
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
# This file is generated by Lemonldap::NG::Manager::Build. Don't modify it by hand
|
# This file is generated by Lemonldap::NG::Manager::Build. Don't modify it by hand
|
||||||
package Lemonldap::NG::Common::Conf::DefaultValues;
|
package Lemonldap::NG::Common::Conf::DefaultValues;
|
||||||
|
|
||||||
our $VERSION = '2.0.14';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
sub defaultValues {
|
sub defaultValues {
|
||||||
return {
|
return {
|
||||||
|
@ -18,18 +18,18 @@ sub defaultValues {
|
||||||
'authChoiceParam' => 'lmAuth',
|
'authChoiceParam' => 'lmAuth',
|
||||||
'authentication' => 'Demo',
|
'authentication' => 'Demo',
|
||||||
'available2F' => 'UTOTP,TOTP,U2F,REST,Mail2F,Ext2F,Yubikey,Radius',
|
'available2F' => 'UTOTP,TOTP,U2F,REST,Mail2F,Ext2F,Yubikey,Radius',
|
||||||
'available2FSelfRegistration' => 'TOTP,U2F,Yubikey',
|
'available2FSelfRegistration' => 'TOTP,U2F,Yubikey',
|
||||||
'bruteForceProtectionLockTimes' => '15, 30, 60, 300, 600',
|
'bruteForceProtectionLockTimes' => '15, 30, 60, 300, 600',
|
||||||
'bruteForceProtectionMaxAge' => 300,
|
'bruteForceProtectionMaxAge' => 300,
|
||||||
'bruteForceProtectionMaxFailed' => 3,
|
'bruteForceProtectionMaxFailed' => 3,
|
||||||
'bruteForceProtectionMaxLockTime' => 900,
|
'bruteForceProtectionMaxLockTime' => 900,
|
||||||
'bruteForceProtectionTempo' => 30,
|
'bruteForceProtectionTempo' => 30,
|
||||||
'captcha_mail_enabled' => 1,
|
'captcha_mail_enabled' => 1,
|
||||||
'captcha_register_enabled' => 1,
|
'captcha_register_enabled' => 1,
|
||||||
'captcha_size' => 6,
|
'captcha_size' => 6,
|
||||||
'casAccessControlPolicy' => 'none',
|
'casAccessControlPolicy' => 'none',
|
||||||
'casAuthnLevel' => 1,
|
'casAuthnLevel' => 1,
|
||||||
'certificateResetByMailCeaAttribute' => 'description',
|
'certificateResetByMailCeaAttribute' => 'description',
|
||||||
'certificateResetByMailCertificateAttribute' =>
|
'certificateResetByMailCertificateAttribute' =>
|
||||||
'userCertificate;binary',
|
'userCertificate;binary',
|
||||||
'certificateResetByMailURL' =>
|
'certificateResetByMailURL' =>
|
||||||
|
@ -90,6 +90,7 @@ sub defaultValues {
|
||||||
'facebookExportedVars' => {},
|
'facebookExportedVars' => {},
|
||||||
'facebookUserField' => 'id',
|
'facebookUserField' => 'id',
|
||||||
'failedLoginNumber' => 5,
|
'failedLoginNumber' => 5,
|
||||||
|
'favAppsMaxNumber' => 3,
|
||||||
'findUserControl' => '^[*\\w]+$',
|
'findUserControl' => '^[*\\w]+$',
|
||||||
'findUserWildcard' => '*',
|
'findUserWildcard' => '*',
|
||||||
'formTimeout' => 120,
|
'formTimeout' => 120,
|
||||||
|
@ -100,7 +101,7 @@ sub defaultValues {
|
||||||
'globalLogoutTimer' => 1,
|
'globalLogoutTimer' => 1,
|
||||||
'globalStorage' => 'Apache::Session::File',
|
'globalStorage' => 'Apache::Session::File',
|
||||||
'globalStorageOptions' => {
|
'globalStorageOptions' => {
|
||||||
'Directory' => '/var/lib/lemonldap-ng/sessions/',
|
'Directory' => '/var/lib/lemonldap-ng/sessions/',
|
||||||
'generateModule' =>
|
'generateModule' =>
|
||||||
'Lemonldap::NG::Common::Apache::Session::Generate::SHA256',
|
'Lemonldap::NG::Common::Apache::Session::Generate::SHA256',
|
||||||
'LockDirectory' => '/var/lib/lemonldap-ng/sessions/lock/'
|
'LockDirectory' => '/var/lib/lemonldap-ng/sessions/lock/'
|
||||||
|
@ -173,20 +174,20 @@ sub defaultValues {
|
||||||
'locationRules' => {
|
'locationRules' => {
|
||||||
'default' => 'deny'
|
'default' => 'deny'
|
||||||
},
|
},
|
||||||
'logoutServices' => {},
|
'logoutServices' => {},
|
||||||
'macros' => {},
|
'macros' => {},
|
||||||
'mail2fActivation' => 0,
|
'mail2fActivation' => 0,
|
||||||
'mail2fCodeRegex' => '\\d{6}',
|
'mail2fCodeRegex' => '\\d{6}',
|
||||||
'mailCharset' => 'utf-8',
|
'mailCharset' => 'utf-8',
|
||||||
'mailFrom' => 'noreply@example.com',
|
'mailFrom' => 'noreply@example.com',
|
||||||
'mailSessionKey' => 'mail',
|
'mailSessionKey' => 'mail',
|
||||||
'mailTimeout' => 0,
|
'mailTimeout' => 0,
|
||||||
'mailUrl' => 'http://auth.example.com/resetpwd',
|
'mailUrl' => 'http://auth.example.com/resetpwd',
|
||||||
'managerDn' => '',
|
'managerDn' => '',
|
||||||
'managerPassword' => '',
|
'managerPassword' => '',
|
||||||
'max2FDevices' => 10,
|
'max2FDevices' => 10,
|
||||||
'max2FDevicesNameLength' => 20,
|
'max2FDevicesNameLength' => 20,
|
||||||
'multiValuesSeparator' => '; ',
|
'multiValuesSeparator' => '; ',
|
||||||
'mySessionAuthorizedRWKeys' =>
|
'mySessionAuthorizedRWKeys' =>
|
||||||
[ '_appsListOrder', '_oidcConnectedRP', '_oidcConsents' ],
|
[ '_appsListOrder', '_oidcConnectedRP', '_oidcConsents' ],
|
||||||
'newLocationWarningLocationAttribute' => 'ipAddr',
|
'newLocationWarningLocationAttribute' => 'ipAddr',
|
||||||
|
@ -194,7 +195,7 @@ sub defaultValues {
|
||||||
'newLocationWarningMaxValues' => '0',
|
'newLocationWarningMaxValues' => '0',
|
||||||
'notificationDefaultCond' => '',
|
'notificationDefaultCond' => '',
|
||||||
'notificationServerPOST' => 1,
|
'notificationServerPOST' => 1,
|
||||||
'notificationServerSentAttributes' =>
|
'notificationServerSentAttributes' =>
|
||||||
'uid reference date title subtitle text check',
|
'uid reference date title subtitle text check',
|
||||||
'notificationsMaxRetrieve' => 3,
|
'notificationsMaxRetrieve' => 3,
|
||||||
'notificationStorage' => 'File',
|
'notificationStorage' => 'File',
|
||||||
|
@ -248,7 +249,7 @@ sub defaultValues {
|
||||||
'passwordPolicyMinUpper' => 0,
|
'passwordPolicyMinUpper' => 0,
|
||||||
'passwordPolicySpecialChar' => '__ALL__',
|
'passwordPolicySpecialChar' => '__ALL__',
|
||||||
'passwordResetAllowedRetries' => 3,
|
'passwordResetAllowedRetries' => 3,
|
||||||
'persistentSessionAttributes' =>
|
'persistentSessionAttributes' =>
|
||||||
'_loginHistory _2fDevices notification_',
|
'_loginHistory _2fDevices notification_',
|
||||||
'port' => -1,
|
'port' => -1,
|
||||||
'portal' => 'http://auth.example.com/',
|
'portal' => 'http://auth.example.com/',
|
||||||
|
@ -256,10 +257,11 @@ sub defaultValues {
|
||||||
'portalCheckLogins' => 1,
|
'portalCheckLogins' => 1,
|
||||||
'portalDisplayAppslist' => 1,
|
'portalDisplayAppslist' => 1,
|
||||||
'portalDisplayChangePassword' => '$_auth =~ /^(LDAP|DBI|Demo)$/',
|
'portalDisplayChangePassword' => '$_auth =~ /^(LDAP|DBI|Demo)$/',
|
||||||
|
'portalDisplayFavApps' => 1,
|
||||||
'portalDisplayGeneratePassword' => 1,
|
'portalDisplayGeneratePassword' => 1,
|
||||||
'portalDisplayLoginHistory' => 1,
|
'portalDisplayLoginHistory' => 1,
|
||||||
'portalDisplayLogout' => 1,
|
'portalDisplayLogout' => 1,
|
||||||
'portalDisplayOidcConsents' =>
|
'portalDisplayOidcConsents' =>
|
||||||
'$_oidcConsents && $_oidcConsents =~ /\\w+/',
|
'$_oidcConsents && $_oidcConsents =~ /\\w+/',
|
||||||
'portalDisplayRefreshMyRights' => 1,
|
'portalDisplayRefreshMyRights' => 1,
|
||||||
'portalDisplayRegister' => 1,
|
'portalDisplayRegister' => 1,
|
||||||
|
@ -287,11 +289,11 @@ sub defaultValues {
|
||||||
'http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService',
|
'http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService',
|
||||||
'proxy' => 'http://auth.example.com/sessions'
|
'proxy' => 'http://auth.example.com/sessions'
|
||||||
},
|
},
|
||||||
'requireToken' => 1,
|
'requireToken' => 1,
|
||||||
'rest2fActivation' => 0,
|
'rest2fActivation' => 0,
|
||||||
'restAuthnLevel' => 2,
|
'restAuthnLevel' => 2,
|
||||||
'restClockTolerance' => 15,
|
'restClockTolerance' => 15,
|
||||||
'sameSite' => '',
|
'sameSite' => '',
|
||||||
'samlAttributeAuthorityDescriptorAttributeServiceSOAP' =>
|
'samlAttributeAuthorityDescriptorAttributeServiceSOAP' =>
|
||||||
'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;',
|
'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;',
|
||||||
'samlAuthnContextMapKerberos' => 4,
|
'samlAuthnContextMapKerberos' => 4,
|
||||||
|
@ -331,7 +333,7 @@ sub defaultValues {
|
||||||
'0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact',
|
'0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact',
|
||||||
'samlSPSSODescriptorAssertionConsumerServiceHTTPPost' =>
|
'samlSPSSODescriptorAssertionConsumerServiceHTTPPost' =>
|
||||||
'1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost',
|
'1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost',
|
||||||
'samlSPSSODescriptorAuthnRequestsSigned' => 1,
|
'samlSPSSODescriptorAuthnRequestsSigned' => 1,
|
||||||
'samlSPSSODescriptorSingleLogoutServiceHTTPPost' =>
|
'samlSPSSODescriptorSingleLogoutServiceHTTPPost' =>
|
||||||
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn',
|
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn',
|
||||||
'samlSPSSODescriptorSingleLogoutServiceHTTPRedirect' =>
|
'samlSPSSODescriptorSingleLogoutServiceHTTPRedirect' =>
|
||||||
|
@ -343,7 +345,7 @@ sub defaultValues {
|
||||||
'sfEngine' => '::2F::Engines::Default',
|
'sfEngine' => '::2F::Engines::Default',
|
||||||
'sfManagerRule' => 1,
|
'sfManagerRule' => 1,
|
||||||
'sfRemovedMsgRule' => 0,
|
'sfRemovedMsgRule' => 0,
|
||||||
'sfRemovedNotifMsg' =>
|
'sfRemovedNotifMsg' =>
|
||||||
'_removedSF_ expired second factor(s) has/have been removed (_nameSF_)!',
|
'_removedSF_ expired second factor(s) has/have been removed (_nameSF_)!',
|
||||||
'sfRemovedNotifRef' => 'RemoveSF',
|
'sfRemovedNotifRef' => 'RemoveSF',
|
||||||
'sfRemovedNotifTitle' => 'Second factor notification',
|
'sfRemovedNotifTitle' => 'Second factor notification',
|
||||||
|
|
|
@ -6,7 +6,7 @@ use Mouse;
|
||||||
use Lemonldap::NG::Common::Conf::Constants;
|
use Lemonldap::NG::Common::Conf::Constants;
|
||||||
use Lemonldap::NG::Common::Conf::ReConstants;
|
use Lemonldap::NG::Common::Conf::ReConstants;
|
||||||
|
|
||||||
our $VERSION = '2.0.12';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
extends 'Lemonldap::NG::Common::Conf::AccessLib';
|
extends 'Lemonldap::NG::Common::Conf::AccessLib';
|
||||||
|
|
||||||
|
|
|
@ -5,7 +5,7 @@ use strict;
|
||||||
use Exporter 'import';
|
use Exporter 'import';
|
||||||
use base qw(Exporter);
|
use base qw(Exporter);
|
||||||
|
|
||||||
our $VERSION = '2.0.14';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
our %EXPORT_TAGS = ( 'all' => [qw($simpleHashKeys $doubleHashKeys $specialNodeKeys $casAppMetaDataNodeKeys $casSrvMetaDataNodeKeys $oidcOPMetaDataNodeKeys $oidcRPMetaDataNodeKeys $samlIDPMetaDataNodeKeys $samlSPMetaDataNodeKeys $virtualHostKeys $specialNodeHash $authParameters $issuerParameters $samlServiceParameters $oidcServiceParameters $casServiceParameters)] );
|
our %EXPORT_TAGS = ( 'all' => [qw($simpleHashKeys $doubleHashKeys $specialNodeKeys $casAppMetaDataNodeKeys $casSrvMetaDataNodeKeys $oidcOPMetaDataNodeKeys $oidcRPMetaDataNodeKeys $samlIDPMetaDataNodeKeys $samlSPMetaDataNodeKeys $virtualHostKeys $specialNodeHash $authParameters $issuerParameters $samlServiceParameters $oidcServiceParameters $casServiceParameters)] );
|
||||||
our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } );
|
our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } );
|
||||||
|
@ -37,7 +37,7 @@ our $authParameters = {
|
||||||
apacheParams => [qw(apacheAuthnLevel)],
|
apacheParams => [qw(apacheAuthnLevel)],
|
||||||
casParams => [qw(casAuthnLevel)],
|
casParams => [qw(casAuthnLevel)],
|
||||||
choiceParams => [qw(authChoiceParam authChoiceModules authChoiceAuthBasic authChoiceFindUser)],
|
choiceParams => [qw(authChoiceParam authChoiceModules authChoiceAuthBasic authChoiceFindUser)],
|
||||||
combinationParams => [qw(combination combModules)],
|
combinationParams => [qw(combination combModules combinationForms)],
|
||||||
customParams => [qw(customAuth customUserDB customPassword customRegister customResetCertByMail customAddParams)],
|
customParams => [qw(customAuth customUserDB customPassword customRegister customResetCertByMail customAddParams)],
|
||||||
dbiParams => [qw(dbiAuthnLevel dbiExportedVars dbiAuthChain dbiAuthUser dbiAuthPassword dbiUserChain dbiUserUser dbiUserPassword dbiAuthTable dbiUserTable dbiAuthLoginCol dbiAuthPasswordCol dbiPasswordMailCol userPivot dbiAuthPasswordHash dbiDynamicHashEnabled dbiDynamicHashValidSchemes dbiDynamicHashValidSaltedSchemes dbiDynamicHashNewPasswordScheme)],
|
dbiParams => [qw(dbiAuthnLevel dbiExportedVars dbiAuthChain dbiAuthUser dbiAuthPassword dbiUserChain dbiUserUser dbiUserPassword dbiAuthTable dbiUserTable dbiAuthLoginCol dbiAuthPasswordCol dbiPasswordMailCol userPivot dbiAuthPasswordHash dbiDynamicHashEnabled dbiDynamicHashValidSchemes dbiDynamicHashValidSaltedSchemes dbiDynamicHashNewPasswordScheme)],
|
||||||
demoParams => [qw(demoExportedVars)],
|
demoParams => [qw(demoExportedVars)],
|
||||||
|
@ -45,7 +45,7 @@ our $authParameters = {
|
||||||
githubParams => [qw(githubAuthnLevel githubClientID githubClientSecret githubUserField githubScope)],
|
githubParams => [qw(githubAuthnLevel githubClientID githubClientSecret githubUserField githubScope)],
|
||||||
gpgParams => [qw(gpgAuthnLevel gpgDb)],
|
gpgParams => [qw(gpgAuthnLevel gpgDb)],
|
||||||
kerberosParams => [qw(krbAuthnLevel krbKeytab krbByJs krbRemoveDomain krbAllowedDomains)],
|
kerberosParams => [qw(krbAuthnLevel krbKeytab krbByJs krbRemoveDomain krbAllowedDomains)],
|
||||||
ldapParams => [qw(ldapAuthnLevel ldapExportedVars ldapServer ldapPort ldapVerify ldapBase managerDn managerPassword ldapTimeout ldapIOTimeout ldapVersion ldapRaw ldapCAFile ldapCAPath LDAPFilter AuthLDAPFilter mailLDAPFilter ldapSearchDeref ldapGroupBase ldapGroupObjectClass ldapGroupAttributeName ldapGroupAttributeNameUser ldapGroupAttributeNameSearch ldapGroupDecodeSearchedValue ldapGroupRecursive ldapGroupAttributeNameGroup ldapPpolicyControl ldapSetPassword ldapChangePasswordAsUser ldapPwdEnc ldapUsePasswordResetAttribute ldapPasswordResetAttribute ldapPasswordResetAttributeValue ldapAllowResetExpiredPassword ldapGetUserBeforePasswordChange ldapITDS)],
|
ldapParams => [qw(ldapAuthnLevel ldapExportedVars ldapServer ldapPort ldapVerify ldapBase managerDn managerPassword ldapTimeout ldapIOTimeout ldapVersion ldapRaw ldapCAFile ldapCAPath AuthLDAPFilter mailLDAPFilter ldapSearchDeref ldapGroupBase ldapGroupObjectClass ldapGroupAttributeName ldapGroupAttributeNameUser ldapGroupAttributeNameSearch ldapGroupDecodeSearchedValue ldapGroupRecursive ldapGroupAttributeNameGroup ldapPpolicyControl ldapSetPassword ldapChangePasswordAsUser ldapPwdEnc ldapUsePasswordResetAttribute ldapPasswordResetAttribute ldapPasswordResetAttributeValue ldapAllowResetExpiredPassword ldapGetUserBeforePasswordChange ldapITDS)],
|
||||||
linkedinParams => [qw(linkedInAuthnLevel linkedInClientID linkedInClientSecret linkedInFields linkedInUserField linkedInScope)],
|
linkedinParams => [qw(linkedInAuthnLevel linkedInClientID linkedInClientSecret linkedInFields linkedInUserField linkedInScope)],
|
||||||
nullParams => [qw(nullAuthnLevel)],
|
nullParams => [qw(nullAuthnLevel)],
|
||||||
oidcParams => [qw(oidcAuthnLevel oidcRPCallbackGetParam oidcRPStateTimeout)],
|
oidcParams => [qw(oidcAuthnLevel oidcRPCallbackGetParam oidcRPStateTimeout)],
|
||||||
|
@ -69,6 +69,6 @@ our $issuerParameters = {
|
||||||
issuerOptions => [qw(issuersTimeout)],
|
issuerOptions => [qw(issuersTimeout)],
|
||||||
};
|
};
|
||||||
our $samlServiceParameters = [qw(samlEntityID samlServicePrivateKeySig samlServicePrivateKeySigPwd samlServicePublicKeySig samlServicePrivateKeyEnc samlServicePrivateKeyEncPwd samlServicePublicKeyEnc samlServiceUseCertificateInResponse samlServiceSignatureMethod samlNameIDFormatMapEmail samlNameIDFormatMapX509 samlNameIDFormatMapWindows samlNameIDFormatMapKerberos samlAuthnContextMapPassword samlAuthnContextMapPasswordProtectedTransport samlAuthnContextMapTLSClient samlAuthnContextMapKerberos samlOrganizationDisplayName samlOrganizationName samlOrganizationURL samlSPSSODescriptorAuthnRequestsSigned samlSPSSODescriptorWantAssertionsSigned samlSPSSODescriptorSingleLogoutServiceHTTPRedirect samlSPSSODescriptorSingleLogoutServiceHTTPPost samlSPSSODescriptorSingleLogoutServiceSOAP samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact samlSPSSODescriptorAssertionConsumerServiceHTTPPost samlSPSSODescriptorArtifactResolutionServiceArtifact samlIDPSSODescriptorWantAuthnRequestsSigned samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect samlIDPSSODescriptorSingleSignOnServiceHTTPPost samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect samlIDPSSODescriptorSingleLogoutServiceHTTPPost samlIDPSSODescriptorSingleLogoutServiceSOAP samlIDPSSODescriptorArtifactResolutionServiceArtifact samlAttributeAuthorityDescriptorAttributeServiceSOAP samlMetadataForceUTF8 samlRelayStateTimeout samlUseQueryStringSpecific samlOverrideIDPEntityID samlStorage samlStorageOptions samlCommonDomainCookieActivation samlCommonDomainCookieDomain samlCommonDomainCookieReader samlCommonDomainCookieWriter samlDiscoveryProtocolActivation samlDiscoveryProtocolURL samlDiscoveryProtocolPolicy samlDiscoveryProtocolIsPassive)];
|
our $samlServiceParameters = [qw(samlEntityID samlServicePrivateKeySig samlServicePrivateKeySigPwd samlServicePublicKeySig samlServicePrivateKeyEnc samlServicePrivateKeyEncPwd samlServicePublicKeyEnc samlServiceUseCertificateInResponse samlServiceSignatureMethod samlNameIDFormatMapEmail samlNameIDFormatMapX509 samlNameIDFormatMapWindows samlNameIDFormatMapKerberos samlAuthnContextMapPassword samlAuthnContextMapPasswordProtectedTransport samlAuthnContextMapTLSClient samlAuthnContextMapKerberos samlOrganizationDisplayName samlOrganizationName samlOrganizationURL samlSPSSODescriptorAuthnRequestsSigned samlSPSSODescriptorWantAssertionsSigned samlSPSSODescriptorSingleLogoutServiceHTTPRedirect samlSPSSODescriptorSingleLogoutServiceHTTPPost samlSPSSODescriptorSingleLogoutServiceSOAP samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact samlSPSSODescriptorAssertionConsumerServiceHTTPPost samlSPSSODescriptorArtifactResolutionServiceArtifact samlIDPSSODescriptorWantAuthnRequestsSigned samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect samlIDPSSODescriptorSingleSignOnServiceHTTPPost samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect samlIDPSSODescriptorSingleLogoutServiceHTTPPost samlIDPSSODescriptorSingleLogoutServiceSOAP samlIDPSSODescriptorArtifactResolutionServiceArtifact samlAttributeAuthorityDescriptorAttributeServiceSOAP samlMetadataForceUTF8 samlRelayStateTimeout samlUseQueryStringSpecific samlOverrideIDPEntityID samlStorage samlStorageOptions samlCommonDomainCookieActivation samlCommonDomainCookieDomain samlCommonDomainCookieReader samlCommonDomainCookieWriter samlDiscoveryProtocolActivation samlDiscoveryProtocolURL samlDiscoveryProtocolPolicy samlDiscoveryProtocolIsPassive)];
|
||||||
our $oidcServiceParameters = [qw(oidcServiceMetaDataIssuer oidcServiceMetaDataAuthorizeURI oidcServiceMetaDataTokenURI oidcServiceMetaDataUserInfoURI oidcServiceMetaDataJWKSURI oidcServiceMetaDataRegistrationURI oidcServiceMetaDataIntrospectionURI oidcServiceMetaDataEndSessionURI oidcServiceMetaDataCheckSessionURI oidcServiceMetaDataFrontChannelURI oidcServiceMetaDataBackChannelURI oidcServiceMetaDataAuthnContext oidcServicePrivateKeySig oidcServicePublicKeySig oidcServiceKeyIdSig oidcServiceAllowDynamicRegistration oidcServiceAllowOnlyDeclaredScopes oidcServiceAllowAuthorizationCodeFlow oidcServiceAllowImplicitFlow oidcServiceAllowHybridFlow oidcServiceAuthorizationCodeExpiration oidcServiceAccessTokenExpiration oidcServiceIDTokenExpiration oidcServiceOfflineSessionExpiration oidcStorage oidcStorageOptions oidcServiceDynamicRegistrationExportedVars oidcServiceDynamicRegistrationExtraClaims)];
|
our $oidcServiceParameters = [qw(oidcServiceMetaDataAuthorizeURI oidcServiceMetaDataTokenURI oidcServiceMetaDataUserInfoURI oidcServiceMetaDataJWKSURI oidcServiceMetaDataRegistrationURI oidcServiceMetaDataIntrospectionURI oidcServiceMetaDataEndSessionURI oidcServiceMetaDataCheckSessionURI oidcServiceMetaDataFrontChannelURI oidcServiceMetaDataBackChannelURI oidcServiceMetaDataAuthnContext oidcServicePrivateKeySig oidcServicePublicKeySig oidcServiceKeyIdSig oidcServiceAllowDynamicRegistration oidcServiceAllowOnlyDeclaredScopes oidcServiceAllowAuthorizationCodeFlow oidcServiceAllowImplicitFlow oidcServiceAllowHybridFlow oidcServiceAuthorizationCodeExpiration oidcServiceAccessTokenExpiration oidcServiceIDTokenExpiration oidcServiceOfflineSessionExpiration oidcStorage oidcStorageOptions oidcServiceDynamicRegistrationExportedVars oidcServiceDynamicRegistrationExtraClaims)];
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|
|
@ -14,7 +14,7 @@ use MIME::Base64;
|
||||||
use Safe;
|
use Safe;
|
||||||
use Encode;
|
use Encode;
|
||||||
|
|
||||||
our $VERSION = '2.0.9';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
my $dataStart = tell(DATA);
|
my $dataStart = tell(DATA);
|
||||||
|
|
||||||
|
|
|
@ -6,7 +6,7 @@ use Encode;
|
||||||
use JSON;
|
use JSON;
|
||||||
use Lemonldap::NG::Common::Conf::Constants;
|
use Lemonldap::NG::Common::Conf::Constants;
|
||||||
|
|
||||||
our $VERSION = '2.0.12';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
BEGIN {
|
BEGIN {
|
||||||
*Lemonldap::NG::Common::Conf::normalize = \&normalize;
|
*Lemonldap::NG::Common::Conf::normalize = \&normalize;
|
||||||
|
|
|
@ -3,7 +3,7 @@ package Lemonldap::NG::Common::Conf::Wrapper;
|
||||||
use strict;
|
use strict;
|
||||||
use JSON;
|
use JSON;
|
||||||
|
|
||||||
our $VERSION = '2.0.3';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
sub TIEHASH {
|
sub TIEHASH {
|
||||||
my ( $class, $conf, $overrides ) = @_;
|
my ( $class, $conf, $overrides ) = @_;
|
||||||
|
|
|
@ -12,32 +12,22 @@ use strict;
|
||||||
use Crypt::Rijndael;
|
use Crypt::Rijndael;
|
||||||
use MIME::Base64;
|
use MIME::Base64;
|
||||||
use Digest::SHA;
|
use Digest::SHA;
|
||||||
|
use Crypt::URandom;
|
||||||
use bytes;
|
use bytes;
|
||||||
|
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.1.0';
|
||||||
my ( $newIv, $randG, $hash );
|
my $hash = \&Digest::SHA::sha256;
|
||||||
$hash = \&Digest::SHA::sha256;
|
|
||||||
|
|
||||||
use constant HMAC_LENGTH => 32;
|
use constant HMAC_LENGTH => 32;
|
||||||
use constant IV_LENGTH => 16;
|
use constant IV_LENGTH => 16;
|
||||||
|
|
||||||
# Build initialization vector subroutine
|
sub newIv {
|
||||||
BEGIN {
|
return Crypt::URandom::urandom(IV_LENGTH);
|
||||||
eval { require Crypt::URandom; Crypt::URandom::urandom(IV_LENGTH) };
|
}
|
||||||
if ($@) {
|
|
||||||
$newIv = sub {
|
sub randG {
|
||||||
return bytes::substr( Digest::SHA::sha1( rand() . time . {} ),
|
my ($max) = @_;
|
||||||
0, IV_LENGTH );
|
return int( unpack( "C", Crypt::URandom::urandom(1) ) * $max / 256 );
|
||||||
};
|
|
||||||
$randG = sub { return int( rand( $_[0] ) ) };
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$newIv = sub { return Crypt::URandom::urandom(IV_LENGTH) };
|
|
||||||
$randG = sub {
|
|
||||||
return
|
|
||||||
int( unpack( "C", Crypt::URandom::urandom(1) ) * $_[0] / 256 );
|
|
||||||
};
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
our $msg;
|
our $msg;
|
||||||
|
@ -65,7 +55,7 @@ sub new {
|
||||||
# @param key that secondary key
|
# @param key that secondary key
|
||||||
# @return Crypt::Rijndael object
|
# @return Crypt::Rijndael object
|
||||||
sub _getCipher {
|
sub _getCipher {
|
||||||
my ( $self, $key ) = @_;
|
my ( $self, $key, $iv ) = @_;
|
||||||
$key ||= "";
|
$key ||= "";
|
||||||
$self->{ciphers}->{$key} ||=
|
$self->{ciphers}->{$key} ||=
|
||||||
Crypt::Rijndael->new( $hash->( $self->{key}, $key ), $self->{mode} );
|
Crypt::Rijndael->new( $hash->( $self->{key}, $key ), $self->{mode} );
|
||||||
|
@ -87,7 +77,7 @@ sub encrypt {
|
||||||
my $iv =
|
my $iv =
|
||||||
$low
|
$low
|
||||||
? bytes::substr( Digest::SHA::sha1( rand() . time . {} ), 0, IV_LENGTH )
|
? bytes::substr( Digest::SHA::sha1( rand() . time . {} ), 0, IV_LENGTH )
|
||||||
: $newIv->();
|
: newIv();
|
||||||
my $hmac = $hash->($data);
|
my $hmac = $hash->($data);
|
||||||
eval {
|
eval {
|
||||||
$data =
|
$data =
|
||||||
|
@ -190,7 +180,7 @@ sub _cryptHex {
|
||||||
}
|
}
|
||||||
my $iv;
|
my $iv;
|
||||||
if ( $sub eq 'encrypt' ) {
|
if ( $sub eq 'encrypt' ) {
|
||||||
$iv = $newIv->();
|
$iv = newIv();
|
||||||
}
|
}
|
||||||
$data = pack "H*", $data;
|
$data = pack "H*", $data;
|
||||||
if ( $sub eq 'decrypt' ) {
|
if ( $sub eq 'decrypt' ) {
|
||||||
|
@ -215,7 +205,7 @@ sub srandom {
|
||||||
if ($@) {
|
if ($@) {
|
||||||
die 'Missing recommended dependency to String::Random';
|
die 'Missing recommended dependency to String::Random';
|
||||||
}
|
}
|
||||||
return String::Random->new( rand_gen => $randG );
|
return String::Random->new( rand_gen => \&randG );
|
||||||
}
|
}
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|
|
@ -6,7 +6,7 @@ use MIME::Entity;
|
||||||
use Email::Sender::Simple qw(sendmail);
|
use Email::Sender::Simple qw(sendmail);
|
||||||
use Email::Date::Format qw(email_date);
|
use Email::Date::Format qw(email_date);
|
||||||
|
|
||||||
our $VERSION = '2.0.10';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
sub new {
|
sub new {
|
||||||
my ( $class, $conf ) = @_;
|
my ( $class, $conf ) = @_;
|
||||||
|
|
|
@ -4,7 +4,7 @@ use strict;
|
||||||
use Exporter;
|
use Exporter;
|
||||||
|
|
||||||
our @ISA = qw(Exporter);
|
our @ISA = qw(Exporter);
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
our @EXPORT_OK = qw(build_urlencoded);
|
our @EXPORT_OK = qw(build_urlencoded);
|
||||||
our @EXPORT = qw(build_urlencoded);
|
our @EXPORT = qw(build_urlencoded);
|
||||||
|
|
|
@ -0,0 +1,176 @@
|
||||||
|
# IO::Handle filter. Used to transform HTML::Template on the fly.
|
||||||
|
package Lemonldap::NG::Common::IO::Filter;
|
||||||
|
use strict;
|
||||||
|
use IO::File;
|
||||||
|
use Symbol;
|
||||||
|
|
||||||
|
#our @ISA = ('IO::File');
|
||||||
|
|
||||||
|
sub new {
|
||||||
|
my ( $class, $file, $opt ) = @_;
|
||||||
|
$opt->{_i} = ( ref $file ? $file : IO::File->new($file) )
|
||||||
|
or die("Unable to build IO::File object $!");
|
||||||
|
my $self = ref $class ? $class : bless gensym, $class;
|
||||||
|
tie( *$self, $class, $opt );
|
||||||
|
return $self;
|
||||||
|
}
|
||||||
|
|
||||||
|
sub TIEHANDLE {
|
||||||
|
my ( $class, $data ) = @_;
|
||||||
|
return bless( $data, $class );
|
||||||
|
}
|
||||||
|
|
||||||
|
sub READLINE {
|
||||||
|
my ($self) = shift;
|
||||||
|
my $res = $self->{_i}->getline;
|
||||||
|
foreach my $key ( keys %$self ) {
|
||||||
|
next if ( $key eq '_i' );
|
||||||
|
if ( ref( $self->{$key} ) eq 'CODE' ) {
|
||||||
|
$res =~ s/__LLNG_${key}__/$self->{$key}->()/gse;
|
||||||
|
}
|
||||||
|
elsif ( ref $self->{$key} eq 'ARRAY' ) {
|
||||||
|
next;
|
||||||
|
}
|
||||||
|
elsif ( ref $self->{$key} ) {
|
||||||
|
local $/ = undef;
|
||||||
|
$res =~ s/__LLNG_${key}__/$self->{$key}->getline/gse;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
# Parse strings after code/IO
|
||||||
|
foreach my $key ( keys %$self ) {
|
||||||
|
die "Undefined value for __LLNG_${key}__ substitution"
|
||||||
|
unless $self->{$key};
|
||||||
|
my $v =
|
||||||
|
( ref $self->{$key} and ref $self->{$key} eq 'ARRAY' )
|
||||||
|
? $self->{$key}
|
||||||
|
: [ $self->{$key} ];
|
||||||
|
$v = join "\n",
|
||||||
|
map { ref $_ ? () : qq'<TMPL_INCLUDE NAME="$_.tpl">' } @$v;
|
||||||
|
$res =~ s/__LLNG_${key}__/$v/gs;
|
||||||
|
}
|
||||||
|
return $res;
|
||||||
|
}
|
||||||
|
|
||||||
|
sub DESTROY {
|
||||||
|
my ($self) = @_;
|
||||||
|
$self->close() if ( ref($self) eq 'SCALAR' );
|
||||||
|
}
|
||||||
|
|
||||||
|
sub AUTOLOAD {
|
||||||
|
no strict;
|
||||||
|
my $self = shift;
|
||||||
|
$AUTOLOAD =~ s/^.*:://;
|
||||||
|
$AUTOLOAD = lc $AUTOLOAD;
|
||||||
|
return tied( ${$self} )->{_i}->$AUTOLOAD(@_);
|
||||||
|
}
|
||||||
|
|
||||||
|
1;
|
||||||
|
__END__
|
||||||
|
=head1 NAME
|
||||||
|
|
||||||
|
Lemonldap::NG::Common::IO::Filter - IO::Handle filter
|
||||||
|
|
||||||
|
=head1 SYNOPSIS
|
||||||
|
|
||||||
|
use HTML::Template;
|
||||||
|
my $fh = Lemonldap::NG::Common::IO::Filter->new(
|
||||||
|
'template.tpl',
|
||||||
|
{
|
||||||
|
# Replace all __LLNG_AUTH__ by:
|
||||||
|
# <TMPL_INCLUDE NAME="login.tpl">
|
||||||
|
AUTH => 'login',
|
||||||
|
# Replace all __LLNG_CODE__ by the result of the given function
|
||||||
|
CODE => sub {return "INCLUDED STRING"}
|
||||||
|
}
|
||||||
|
);
|
||||||
|
my $h = HTML::Template->new( filehandle => $fh );
|
||||||
|
print $h->output;
|
||||||
|
|
||||||
|
Input:
|
||||||
|
|
||||||
|
<html><body>
|
||||||
|
__LLNG_AUTH__
|
||||||
|
<hr>
|
||||||
|
__LLNG_CODE__
|
||||||
|
</body></html>
|
||||||
|
|
||||||
|
Output:
|
||||||
|
|
||||||
|
<html><body>
|
||||||
|
<TMPL_INCLUDE NAME="login.tpl">
|
||||||
|
<hr>
|
||||||
|
INCLUDED STRING
|
||||||
|
</body></html>
|
||||||
|
|
||||||
|
Same but with a L<IO::Handle> file:
|
||||||
|
|
||||||
|
use HTML::Template;
|
||||||
|
my $file = IO::File->new('test.tpl');
|
||||||
|
my $fh = Lemonldap::NG::Common::IO::Filter->new_from_io(
|
||||||
|
$file,
|
||||||
|
{
|
||||||
|
# Replace all __LLNG_AUTH__ by:
|
||||||
|
# <TMPL_INCLUDE NAME="login.tpl">
|
||||||
|
AUTH => 'login',
|
||||||
|
# Replace all __LLNG_CODE__ by the result of the given function
|
||||||
|
CODE => sub {return "INCLUDED STRING"}
|
||||||
|
}
|
||||||
|
);
|
||||||
|
my $h = HTML::Template->new( filehandle => $fh );
|
||||||
|
print $h->output;
|
||||||
|
|
||||||
|
Or with an array:
|
||||||
|
|
||||||
|
use HTML::Template;
|
||||||
|
my $fh = Lemonldap::NG::Common::IO::Filter->new_from_io(
|
||||||
|
'template.tpl',
|
||||||
|
{
|
||||||
|
# Replace all __LLNG_AUTH__ by:
|
||||||
|
# <TMPL_INCLUDE NAME="login.tpl"> <TMPL_INCLUDE NAME="login2.tpl">
|
||||||
|
AUTH => [ 'login', 'login2' ],
|
||||||
|
}
|
||||||
|
);
|
||||||
|
my $h = HTML::Template->new( filehandle => $fh );
|
||||||
|
print $h->output;
|
||||||
|
|
||||||
|
=head1 DESCRIPTION
|
||||||
|
|
||||||
|
IO::Handle filter used to transform HTML::Template files on the fly.
|
||||||
|
|
||||||
|
=head1 AUTHORS
|
||||||
|
|
||||||
|
=over
|
||||||
|
|
||||||
|
=item LemonLDAP::NG team L<http://lemonldap-ng.org/team>
|
||||||
|
|
||||||
|
=back
|
||||||
|
|
||||||
|
=head1 BUG REPORT
|
||||||
|
|
||||||
|
Use OW2 system to report bug or ask for features:
|
||||||
|
L<https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues>
|
||||||
|
|
||||||
|
=head1 DOWNLOAD
|
||||||
|
|
||||||
|
Lemonldap::NG is available at
|
||||||
|
L<http://forge.objectweb.org/project/showfiles.php?group_id=274>
|
||||||
|
|
||||||
|
=head1 COPYRIGHT AND LICENSE
|
||||||
|
|
||||||
|
See COPYING file for details.
|
||||||
|
|
||||||
|
This library is free software; you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation; either version 2, or (at your option)
|
||||||
|
any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see L<http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
=cut
|
|
@ -3,7 +3,7 @@ package Lemonldap::NG::Common::IPv6;
|
||||||
use strict;
|
use strict;
|
||||||
use base 'Exporter';
|
use base 'Exporter';
|
||||||
|
|
||||||
our $VERSION = '2.0.10';
|
our $VERSION = '2.1.0';
|
||||||
our @EXPORT = qw(&isIPv6 &net6 &expand6);
|
our @EXPORT = qw(&isIPv6 &net6 &expand6);
|
||||||
|
|
||||||
sub isIPv6 {
|
sub isIPv6 {
|
||||||
|
|
|
@ -2,7 +2,7 @@ package Lemonldap::NG::Common::Logger::Apache2;
|
||||||
|
|
||||||
use Apache2::ServerRec;
|
use Apache2::ServerRec;
|
||||||
|
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
sub new {
|
sub new {
|
||||||
return bless {}, shift;
|
return bless {}, shift;
|
||||||
|
|
|
@ -2,7 +2,7 @@ package Lemonldap::NG::Common::Logger::Dispatch;
|
||||||
|
|
||||||
use strict;
|
use strict;
|
||||||
|
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
sub new {
|
sub new {
|
||||||
no warnings 'redefine';
|
no warnings 'redefine';
|
||||||
|
|
|
@ -3,7 +3,7 @@ package Lemonldap::NG::Common::Logger::Log4perl;
|
||||||
use strict;
|
use strict;
|
||||||
use Log::Log4perl;
|
use Log::Log4perl;
|
||||||
|
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
our $init = 0;
|
our $init = 0;
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
package Lemonldap::NG::Common::Logger::Null;
|
package Lemonldap::NG::Common::Logger::Null;
|
||||||
|
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
sub new {
|
sub new {
|
||||||
return bless {}, shift;
|
return bless {}, shift;
|
||||||
|
|
|
@ -10,7 +10,7 @@ package Lemonldap::NG::Common::Logger::Sentry;
|
||||||
use strict;
|
use strict;
|
||||||
use Sentry::Raven;
|
use Sentry::Raven;
|
||||||
|
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
sub new {
|
sub new {
|
||||||
my $self = bless {}, shift;
|
my $self = bless {}, shift;
|
||||||
|
|
|
@ -2,7 +2,7 @@ package Lemonldap::NG::Common::Logger::Std;
|
||||||
|
|
||||||
use strict;
|
use strict;
|
||||||
|
|
||||||
our $VERSION = '2.0.5';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
sub new {
|
sub new {
|
||||||
no warnings 'redefine';
|
no warnings 'redefine';
|
||||||
|
|
|
@ -3,7 +3,7 @@ package Lemonldap::NG::Common::Logger::Syslog;
|
||||||
use strict;
|
use strict;
|
||||||
use Sys::Syslog qw(:standard);
|
use Sys::Syslog qw(:standard);
|
||||||
|
|
||||||
our $VERSION = '2.0.9';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
sub new {
|
sub new {
|
||||||
my ( $class, $conf, %args ) = @_;
|
my ( $class, $conf, %args ) = @_;
|
||||||
|
|
|
@ -2,7 +2,7 @@ package Lemonldap::NG::Common::Logger::_Duplicate;
|
||||||
|
|
||||||
use strict;
|
use strict;
|
||||||
|
|
||||||
our $VERSION = '2.0.6';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
sub new {
|
sub new {
|
||||||
my $self = bless {}, shift;
|
my $self = bless {}, shift;
|
||||||
|
|
|
@ -3,7 +3,7 @@ package Lemonldap::NG::Common::Module;
|
||||||
use strict;
|
use strict;
|
||||||
use Mouse;
|
use Mouse;
|
||||||
|
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
# Object that provides loggers and error methods (typically PSGI object)
|
# Object that provides loggers and error methods (typically PSGI object)
|
||||||
has p => ( is => 'rw', weak_ref => 1 );
|
has p => ( is => 'rw', weak_ref => 1 );
|
||||||
|
|
|
@ -4,7 +4,7 @@ use strict;
|
||||||
use Mouse;
|
use Mouse;
|
||||||
use JSON qw(to_json);
|
use JSON qw(to_json);
|
||||||
|
|
||||||
our $VERSION = '2.0.8';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
extends 'Lemonldap::NG::Common::Module';
|
extends 'Lemonldap::NG::Common::Module';
|
||||||
|
|
||||||
|
|
|
@ -11,7 +11,7 @@ use Time::Local;
|
||||||
use DBI;
|
use DBI;
|
||||||
use Encode;
|
use Encode;
|
||||||
|
|
||||||
our $VERSION = '2.0.8';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
extends 'Lemonldap::NG::Common::Notifications';
|
extends 'Lemonldap::NG::Common::Notifications';
|
||||||
|
|
||||||
|
|
|
@ -10,7 +10,7 @@ use Mouse;
|
||||||
use Time::Local;
|
use Time::Local;
|
||||||
use MIME::Base64;
|
use MIME::Base64;
|
||||||
|
|
||||||
our $VERSION = '2.0.8';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
extends 'Lemonldap::NG::Common::Notifications';
|
extends 'Lemonldap::NG::Common::Notifications';
|
||||||
|
|
||||||
|
|
|
@ -4,7 +4,7 @@ use strict;
|
||||||
use Mouse;
|
use Mouse;
|
||||||
use JSON qw(from_json to_json);
|
use JSON qw(from_json to_json);
|
||||||
|
|
||||||
our $VERSION = '2.0.8';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
sub newNotification {
|
sub newNotification {
|
||||||
my ( $self, $jsonString, $defaultCond ) = @_;
|
my ( $self, $jsonString, $defaultCond ) = @_;
|
||||||
|
|
|
@ -13,7 +13,7 @@ use MIME::Base64 qw/encode_base64url/;
|
||||||
use Net::LDAP;
|
use Net::LDAP;
|
||||||
use utf8;
|
use utf8;
|
||||||
|
|
||||||
our $VERSION = '2.0.8';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
extends 'Lemonldap::NG::Common::Notifications';
|
extends 'Lemonldap::NG::Common::Notifications';
|
||||||
|
|
||||||
|
|
|
@ -4,7 +4,7 @@ use strict;
|
||||||
use Mouse;
|
use Mouse;
|
||||||
use XML::LibXML;
|
use XML::LibXML;
|
||||||
|
|
||||||
our $VERSION = '2.0.10';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
# XML parser
|
# XML parser
|
||||||
has parser => (
|
has parser => (
|
||||||
|
|
|
@ -3,10 +3,11 @@ package Lemonldap::NG::Common::PSGI;
|
||||||
use strict;
|
use strict;
|
||||||
use Mouse;
|
use Mouse;
|
||||||
use JSON;
|
use JSON;
|
||||||
|
use Lemonldap::NG::Common::IO::Filter;
|
||||||
use Lemonldap::NG::Common::PSGI::Constants;
|
use Lemonldap::NG::Common::PSGI::Constants;
|
||||||
use Lemonldap::NG::Common::PSGI::Request;
|
use Lemonldap::NG::Common::PSGI::Request;
|
||||||
|
|
||||||
our $VERSION = '2.0.10';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
our $_json = JSON->new->allow_nonref;
|
our $_json = JSON->new->allow_nonref;
|
||||||
|
|
||||||
|
@ -276,14 +277,23 @@ sub sendHtml {
|
||||||
$args{code} ||= 200;
|
$args{code} ||= 200;
|
||||||
$args{headers} ||= [ $req->spliceHdrs ];
|
$args{headers} ||= [ $req->spliceHdrs ];
|
||||||
my $htpl;
|
my $htpl;
|
||||||
$template = ( $args{templateDir} // $self->templateDir ) . "/$template.tpl";
|
|
||||||
return $self->sendError( $req, "Unable to read $template", 500 )
|
unless ( ref $template ) {
|
||||||
unless ( -r $template and -f $template );
|
$template =
|
||||||
eval {
|
( $args{templateDir} // $self->templateDir ) . "/$template.tpl";
|
||||||
|
return $self->sendError( $req, "Unable to read $template", 500 )
|
||||||
|
unless ( -r $template and -f $template );
|
||||||
$self->logger->debug("Starting HTML generation using $template");
|
$self->logger->debug("Starting HTML generation using $template");
|
||||||
|
}
|
||||||
|
eval {
|
||||||
require HTML::Template;
|
require HTML::Template;
|
||||||
|
my $io =
|
||||||
|
$args{filter}
|
||||||
|
? Lemonldap::NG::Common::IO::Filter->new( $template, $args{filter} )
|
||||||
|
: ref $template ? $template
|
||||||
|
: IO::File->new($template);
|
||||||
$htpl = HTML::Template->new(
|
$htpl = HTML::Template->new(
|
||||||
filehandle => IO::File->new($template),
|
filehandle => $io,
|
||||||
path => $self->templateDir,
|
path => $self->templateDir,
|
||||||
search_path_on_include => 1,
|
search_path_on_include => 1,
|
||||||
die_on_bad_params => 0,
|
die_on_bad_params => 0,
|
||||||
|
@ -305,6 +315,7 @@ sub sendHtml {
|
||||||
? %{ $args{params} }
|
? %{ $args{params} }
|
||||||
: ()
|
: ()
|
||||||
),
|
),
|
||||||
|
%{ $req->{tplParams} },
|
||||||
);
|
);
|
||||||
};
|
};
|
||||||
if ($@) {
|
if ($@) {
|
||||||
|
|
|
@ -5,7 +5,7 @@ use JSON;
|
||||||
use Mouse;
|
use Mouse;
|
||||||
use Lemonldap::NG::Common::PSGI;
|
use Lemonldap::NG::Common::PSGI;
|
||||||
|
|
||||||
our $VERSION = '2.0.10';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
has iniFile => ( is => 'ro', isa => 'Str' );
|
has iniFile => ( is => 'ro', isa => 'Str' );
|
||||||
|
|
||||||
|
|
|
@ -4,7 +4,7 @@ use strict;
|
||||||
use Exporter 'import';
|
use Exporter 'import';
|
||||||
|
|
||||||
use base qw(Exporter);
|
use base qw(Exporter);
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
# CONSTANTS
|
# CONSTANTS
|
||||||
|
|
||||||
|
|
|
@ -6,7 +6,7 @@ use JSON;
|
||||||
use Plack::Request;
|
use Plack::Request;
|
||||||
use URI::Escape;
|
use URI::Escape;
|
||||||
|
|
||||||
our $VERSION = '2.0.10';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
our @ISA = ('Plack::Request');
|
our @ISA = ('Plack::Request');
|
||||||
|
|
||||||
|
@ -35,11 +35,14 @@ sub new {
|
||||||
$self->{data} = {};
|
$self->{data} = {};
|
||||||
$self->{error} = 0;
|
$self->{error} = 0;
|
||||||
$self->{respHeaders} = [];
|
$self->{respHeaders} = [];
|
||||||
|
$self->{tplParams} = {};
|
||||||
return bless( $self, $_[0] );
|
return bless( $self, $_[0] );
|
||||||
}
|
}
|
||||||
|
|
||||||
sub data { $_[0]->{data} }
|
sub data { $_[0]->{data} }
|
||||||
|
|
||||||
|
sub tplParams { $_[0]->{tplParams} }
|
||||||
|
|
||||||
sub uri { $_[0]->{uri} }
|
sub uri { $_[0]->{uri} }
|
||||||
|
|
||||||
sub userData {
|
sub userData {
|
||||||
|
|
|
@ -5,7 +5,7 @@ use Mouse;
|
||||||
use Lemonldap::NG::Common::PSGI;
|
use Lemonldap::NG::Common::PSGI;
|
||||||
use Lemonldap::NG::Common::PSGI::Constants;
|
use Lemonldap::NG::Common::PSGI::Constants;
|
||||||
|
|
||||||
our $VERSION = '2.0.10';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
extends 'Lemonldap::NG::Common::PSGI';
|
extends 'Lemonldap::NG::Common::PSGI';
|
||||||
|
|
||||||
|
|
|
@ -8,7 +8,7 @@ use SOAP::Transport::HTTP;
|
||||||
|
|
||||||
our @ISA = ('SOAP::Transport::HTTP::Server');
|
our @ISA = ('SOAP::Transport::HTTP::Server');
|
||||||
|
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.1.0';
|
||||||
|
|
||||||
# Call SOAP::Trace::objects().
|
# Call SOAP::Trace::objects().
|
||||||
sub DESTROY { SOAP::Trace::objects('()') }
|
sub DESTROY { SOAP::Trace::objects('()') }
|
||||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue