Compare commits
328 Commits
Author | SHA1 | Date | |
---|---|---|---|
7bd5b219b0 | |||
|
9834e182f5 | ||
|
79bb915716 | ||
|
8bce426477 | ||
|
781c9b0a8b | ||
|
ac1cfd6398 | ||
|
f1fe0f3e5e | ||
|
6c4a5b911c | ||
|
467bbf0f5e | ||
|
94ec375094 | ||
|
1a5d30799e | ||
|
ce02973702 | ||
|
6d2d4ee2c3 | ||
|
051a8e4331 | ||
|
a3b24418c6 | ||
|
18fdb0f700 | ||
|
9c70f905f3 | ||
|
d4f957ec35 | ||
|
ecebe2a349 | ||
|
779f79bace | ||
|
143cc5a5c3 | ||
|
cb28b7cb1e | ||
|
a282a37b66 | ||
|
3ea79317e2 | ||
|
0cf1dbd37d | ||
|
8653dde5b5 | ||
|
0ae606c02b | ||
|
a36a4912b0 | ||
|
76ec67be69 | ||
|
fc8e508065 | ||
|
956c4c4ec2 | ||
|
30b5b93adc | ||
|
95e53e0a5f | ||
|
fca479f675 | ||
|
96d9ebf102 | ||
|
75d8ba3723 | ||
|
1795b71f1f | ||
|
ad88e8149b | ||
|
4bc3933b7e | ||
|
e830f40268 | ||
|
4d79969a0e | ||
|
0e77c835b3 | ||
|
8f8399ec99 | ||
|
ed84fdd771 | ||
|
0727d58878 | ||
|
965f9360c4 | ||
|
2947a828de | ||
|
cb5a9627cf | ||
|
f56fd636fe | ||
|
8e64671575 | ||
|
aa55f3d04a | ||
|
b1232739a0 | ||
|
7ec5f5c1c6 | ||
|
1d8a46493c | ||
|
93cb619cd2 | ||
|
ba638e50b7 | ||
|
ac98c223d3 | ||
|
28c9623b73 | ||
|
61df3e83e7 | ||
|
e7526f32af | ||
|
4583f3a9e6 | ||
|
b8102d127e | ||
|
17da7d2e6d | ||
|
530b57561d | ||
|
e0620e8d5c | ||
|
0ace7560fb | ||
|
4e130f327c | ||
|
937bdd4e8b | ||
|
148adaad71 | ||
|
5496d798a3 | ||
|
285ea93a65 | ||
|
01edf42017 | ||
|
3c6c5423c1 | ||
|
986a3974b0 | ||
|
0795454620 | ||
|
d8bda9fa5d | ||
|
5571e22a55 | ||
|
24ecbb2f18 | ||
|
068370a893 | ||
|
f78b2bfa16 | ||
|
e246bfd137 | ||
|
c487efc7da | ||
|
3d92ab15dd | ||
|
b855f175bc | ||
|
afc3bc7029 | ||
|
557f458803 | ||
|
b2a1f055c3 | ||
|
79246c8da9 | ||
|
279538613f | ||
|
532ffe3fea | ||
|
d2d9988b61 | ||
|
1972443477 | ||
|
5dc1bc0a49 | ||
|
c09797ff11 | ||
|
01424a71ac | ||
|
3b1b1b1997 | ||
|
57f6a10a3e | ||
|
5804a11099 | ||
|
28dc89796c | ||
|
be55df6d1d | ||
|
7c0e6a2d00 | ||
|
c4ebfc3484 | ||
|
a394dfbe82 | ||
|
a81dbb108b | ||
|
d67f32d2b2 | ||
|
cc4e53c36f | ||
|
e39f67290c | ||
|
22a58a6f44 | ||
|
3b3c1bff16 | ||
|
f0031cc7f6 | ||
|
50316f2e50 | ||
|
aab0dcca14 | ||
|
ab292a034e | ||
|
1c44733bfc | ||
|
0b8f84ae2d | ||
|
4fc458b174 | ||
|
0546303dac | ||
|
ff095ca156 | ||
|
d544eae57f | ||
|
f62a366812 | ||
|
74d2bc92c8 | ||
|
4ead8b17ba | ||
|
c6740692af | ||
|
947dd9a438 | ||
|
2efb445534 | ||
|
9231711a41 | ||
|
3f7ae26d49 | ||
|
aa2fa22074 | ||
|
6453a04a55 | ||
|
1cf89af06b | ||
|
f7d8547260 | ||
|
6e54b8b304 | ||
|
2323c031ec | ||
|
e612f53838 | ||
|
cc79680b89 | ||
|
9ec3ef8cfe | ||
|
8af332c265 | ||
|
df83595e8e | ||
|
e3336d8117 | ||
|
f63f481cea | ||
|
373f2f1a39 | ||
|
0466a2c8cc | ||
|
52cacf4a08 | ||
|
cccd025dfc | ||
|
fedea4abbd | ||
|
52be87b012 | ||
|
b18d47065a | ||
|
9d149a95f6 | ||
|
a8cab64c5b | ||
|
212a07ca20 | ||
|
8b5387a48b | ||
|
f9704e8982 | ||
|
40215168c0 | ||
|
e1fe12a94d | ||
|
ebd4c41a62 | ||
|
d881605fed | ||
|
374cac7874 | ||
|
61200a67a7 | ||
|
ba7f8695f7 | ||
|
afd915f64c | ||
|
c312e16712 | ||
|
174193e74c | ||
|
7c40b39a8d | ||
|
8ac93e034d | ||
|
a3ec47bbb7 | ||
|
4193f4fb51 | ||
|
7e5d6d6afd | ||
|
1212cd9ba2 | ||
|
89179afb88 | ||
|
bef05c6f5d | ||
|
e32eb491d2 | ||
|
28732d614b | ||
|
115cc9b027 | ||
|
866d5457f3 | ||
|
7bd1d23087 | ||
|
3a660bde24 | ||
|
499b16bd07 | ||
|
c82fc0f572 | ||
|
f47f93533c | ||
|
b81ccf7517 | ||
|
b705b10da8 | ||
|
1fbfbc5c21 | ||
|
b7c8d30b3f | ||
|
4f6c0632bd | ||
|
82c25b4e2e | ||
|
8f7e3eba37 | ||
|
6f365c9e43 | ||
|
3b7a70e0b7 | ||
|
891f926196 | ||
|
77d72896f8 | ||
|
af63d55c08 | ||
|
1718efe6d5 | ||
|
8b7ce08587 | ||
|
c8d38d52a6 | ||
|
cbde82bdfc | ||
|
1a1ccd7568 | ||
|
2fcaf52bcf | ||
|
b1f12b72e5 | ||
|
cc8c5e057e | ||
|
9d5d1f6cd5 | ||
|
0b1643c294 | ||
|
c7cb6594dd | ||
|
72439d341f | ||
|
400b9eaab9 | ||
|
b4ec8eaeeb | ||
|
3d1be3e7e5 | ||
|
1c0ffb3e83 | ||
|
1b4600b15c | ||
|
4bfad92530 | ||
|
243cad350f | ||
|
2e7b3c584a | ||
|
9e16e2b75c | ||
|
9ac5834bfe | ||
|
44e472f0f5 | ||
|
c7dd179f2c | ||
|
eabe1dc129 | ||
|
fe55ba3567 | ||
|
c1a8723b90 | ||
|
b8c3b45aa3 | ||
|
d27e4bcc55 | ||
|
020553ab6a | ||
|
a2454ff4cc | ||
|
aabb65629b | ||
|
f59681e80e | ||
|
f3a37d2387 | ||
|
ee661fc61d | ||
|
59f6106ba6 | ||
|
f75093d433 | ||
|
1509d44d5f | ||
|
4678649367 | ||
|
8fe4fb0b09 | ||
|
63f11f31f3 | ||
|
9d0a07f04c | ||
|
857ee8b0a0 | ||
|
8c562c7817 | ||
|
5a1c090a18 | ||
|
bdc68d5833 | ||
|
224307515f | ||
|
0cbbb75971 | ||
|
db4b46c487 | ||
|
a3ec2eb225 | ||
|
f1f3929cf1 | ||
|
c233ef37ef | ||
|
97bb3e44e4 | ||
|
cb9add6eac | ||
|
a06d91a16e | ||
|
9ac0b65a91 | ||
|
e9b26bb79a | ||
|
29b71569de | ||
|
14ae7ea1a2 | ||
|
66ec4da991 | ||
|
130f6ba983 | ||
|
f9ba34006e | ||
|
6e2e3456fe | ||
|
f1c82e52cd | ||
|
58279c029f | ||
|
4cce434e93 | ||
|
e9fd5815c9 | ||
|
12e96a3056 | ||
|
82bf2e4a4c | ||
|
ce4135c4b9 | ||
|
548032fbe0 | ||
|
441df6e7ea | ||
|
239bb4634f | ||
|
6011eaf7b7 | ||
|
0279d16f62 | ||
|
aea313e2e6 | ||
|
547a688c28 | ||
|
140d697cfa | ||
|
106e20bbc5 | ||
|
1cf78550b4 | ||
|
4adc002327 | ||
|
1926c121c8 | ||
|
33f8970a17 | ||
|
5f8dcfb2b1 | ||
|
b2397f2b9c | ||
|
9c0b7dbc00 | ||
|
7a2f104ba8 | ||
|
8460e47b49 | ||
|
76b3e7b17c | ||
|
999ecb32bc | ||
|
80f9889271 | ||
|
c496d979f5 | ||
|
a2b03dbbf7 | ||
|
b736b2c638 | ||
|
5af27967c6 | ||
|
c968b39715 | ||
|
48d51b1c5e | ||
|
1c1f556aff | ||
|
e3e4239563 | ||
|
2f3f1bd99b | ||
|
bd94c5579d | ||
|
ad00102662 | ||
|
7a284338be | ||
|
e490addd2d | ||
|
476212094a | ||
|
27bf1ea3d8 | ||
|
4d7a3b8a33 | ||
|
01b5951b73 | ||
|
4798683129 | ||
|
b40f292d8a | ||
|
6a13b4f40d | ||
|
4cb497e5a2 | ||
|
3cea903c79 | ||
|
4fcf77e721 | ||
|
8941ee4dd5 | ||
|
77301e70ca | ||
|
82242481e1 | ||
|
44eb01b857 | ||
|
24ba2889af | ||
|
b5abdee8f3 | ||
|
b18fd9c9fe | ||
|
c50b86cd51 | ||
|
461120ad65 | ||
|
6bd8e2219a | ||
|
2653cfdc9e | ||
|
6a0b71b01a | ||
|
d78e45cb50 | ||
|
1f5c7a83a9 | ||
|
f857f1a8a7 | ||
|
6740269cce | ||
|
48b86bd224 | ||
|
0eef2220d2 | ||
|
5324da2c15 | ||
|
59d163c663 | ||
|
4e0113ddd6 | ||
|
721214d528 | ||
|
5862481956 |
|
@ -30,6 +30,21 @@ stages:
|
|||
before_script:
|
||||
- env | grep ^CI_
|
||||
|
||||
autopkgtest:
|
||||
stage: build
|
||||
image: buildpkg/debian:buster
|
||||
script:
|
||||
- cd $CI_PROJECT_DIR
|
||||
- env DEBIAN_FRONTEND=noninteractive apt-get -q -y update
|
||||
- env DEBIAN_FRONTEND=noninteractive apt-get -q -y install --no-install-recommends aspcud apt-cudf pkg-perl-autopkgtest
|
||||
- env DEBIAN_FRONTEND=noninteractive apt-get -q -y --solver aspcud -o APT::Solver::Strict-Pinning=0 -o Debug::pkgProblemResolver=yes build-dep .
|
||||
- make
|
||||
- make -j8 autopkgtest
|
||||
|
||||
build_stretch:
|
||||
extends: .debian_build_job
|
||||
image: buildpkg/debian:stretch
|
||||
|
||||
build_buster:
|
||||
extends: .debian_build_job
|
||||
image: buildpkg/debian:buster
|
||||
|
|
|
@ -1,8 +1,10 @@
|
|||
### Concerned version
|
||||
### Environment
|
||||
|
||||
Version: %X.X.X
|
||||
LemonLDAP::NG version: (version number)
|
||||
|
||||
Platform: (Nginx/Apache/Node.js)
|
||||
Operating system: (distribution and version)
|
||||
|
||||
Web server: (Nginx/Apache/Node.js/...)
|
||||
|
||||
### Summary
|
||||
|
||||
|
@ -11,7 +13,7 @@ Summarize the bug encountered concisely
|
|||
### Logs
|
||||
|
||||
```
|
||||
Set here the logs using debug mode if possible. Attach it as file if it's too big
|
||||
Include the logs using logLevel = debug if possible. Attach it as file if it's too big
|
||||
```
|
||||
|
||||
### Backends used
|
||||
|
|
12
COPYING
12
COPYING
|
@ -113,6 +113,18 @@ License: CC-3
|
|||
Comment: This work, "sfa_manager.png", is a derivative of
|
||||
"Noun project 1162.svg" by Christopher T. Howlett, under CC-BY-3.0.
|
||||
|
||||
Files: lemonldap-ng-portal/site/htdocs/static/common/icons/star0.png
|
||||
Copyright: Christophe Maudoux <chrmdx@gmail.com>
|
||||
License: CC-3
|
||||
Comment: This work, "star0.png", is a derivative of
|
||||
"Silver star with red border.png" by ANGELUS, under CC-BYSA-3.0.
|
||||
|
||||
Files: lemonldap-ng-portal/site/htdocs/static/common/icons/star1.png
|
||||
Copyright: Christophe Maudoux <chrmdx@gmail.com>
|
||||
License: CC-3
|
||||
Comment: This work, "star1.png", is a derivative of
|
||||
"Golden star with red border.png" by ANGELUS, under CC-BYSA-3.0.
|
||||
|
||||
Files: lemonldap-ng-portal/site/htdocs/static/common/icons/notifsExplorer.png
|
||||
Copyright: Various artists
|
||||
License: CC-BY-NC-ND-3.0 or GFDL-1.3
|
||||
|
|
12
INSTALL
12
INSTALL
|
@ -31,12 +31,12 @@ package for Debian works fine).
|
|||
|
||||
Perl modules:
|
||||
Apache::Session, Net::LDAP, MIME::Base64, CGI, LWP::UserAgent, Cache::Cache,
|
||||
DBI, XML::Simple, SOAP::Lite, HTML::Template, XML::LibXML, XML::LibXSLT
|
||||
DBI, SOAP::Lite, HTML::Template, XML::LibXML, XML::LibXSLT
|
||||
|
||||
With Debian:
|
||||
apt-get install libapache-session-perl libnet-ldap-perl libcache-cache-perl \
|
||||
libdbi-perl perl-modules libwww-perl libcache-cache-perl \
|
||||
libxml-simple-perl libhtml-template-perl libsoap-lite-perl \
|
||||
libhtml-template-perl libsoap-lite-perl \
|
||||
libxml-libxml-perl libxml-libxslt-perl
|
||||
|
||||
1.2 - BUILDING
|
||||
|
@ -129,17 +129,17 @@ to access to configuration.
|
|||
|
||||
Manager:
|
||||
--------
|
||||
Apache::Session, MIME::Base64, CGI, LWP::UserAgent, DBI, XML::Simple,
|
||||
Apache::Session, MIME::Base64, CGI, LWP::UserAgent, DBI,
|
||||
SOAP::Lite, XML::LibXML, XML::LibXSLT, Lemonldap::NG::Common
|
||||
|
||||
With Debian:
|
||||
apt-get install perl-modules libxml-simple-perl libdbi-perl libwww-perl
|
||||
apt-get install perl-modules libdbi-perl libwww-perl
|
||||
# If you want to use SOAP
|
||||
apt-get install libsoap-lite-perl
|
||||
|
||||
Portal:
|
||||
-------
|
||||
Apache::Session, Net::LDAP, MIME::Base64, CGI, Cache::Cache, DBI, XML::Simple,
|
||||
Apache::Session, Net::LDAP, MIME::Base64, CGI, Cache::Cache, DBI,
|
||||
SOAP::Lite, HTML::Template, XML::LibXML, Lemonldap::NG::Common
|
||||
|
||||
With Debian:
|
||||
|
@ -148,7 +148,7 @@ With Debian:
|
|||
Handler:
|
||||
--------
|
||||
Apache::Session, MIME::Base64, CGI, LWP::UserAgent, Cache::Cache, DBI,
|
||||
XML::Simple, SOAP::Lite, Lemonldap::NG::Common
|
||||
SOAP::Lite, Lemonldap::NG::Common
|
||||
|
||||
With Debian:
|
||||
apt-get install libapache-session-perl libwww-perl libcache-cache-perl
|
||||
|
|
|
@ -13,6 +13,11 @@ the requested URL and the rule calculates if the user is authorized.
|
|||
|
||||
You can find documentation on [our website](https://lemonldap-ng.org/)
|
||||
|
||||
# Contribute
|
||||
|
||||
LemonLDAP::NG is hosted on [OW2](https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng).
|
||||
Please use this platform to post issues, merge requests,...
|
||||
|
||||
# Upgrade
|
||||
|
||||
See https://lemonldap-ng.org/documentation/latest/upgrade
|
||||
|
@ -29,8 +34,8 @@ but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
You should have received a [copy of the GNU General Public License](LICENSE)
|
||||
along with this program. If not, see http://www.gnu.org/licenses/.
|
||||
|
||||
Copyright: see COPYING
|
||||
Copyright: see [COPYING](COPYING)
|
||||
|
||||
|
|
|
@ -87,7 +87,7 @@
|
|||
"cfgAuthor" : "The LemonLDAP::NG team",
|
||||
"cfgDate" : "1627287638",
|
||||
"cfgNum" : 1,
|
||||
"cfgVersion" : "2.0.13",
|
||||
"cfgVersion" : "2.1.0",
|
||||
"cookieName" : "lemonldap",
|
||||
"demoExportedVars" : {
|
||||
"cn" : "cn",
|
||||
|
|
8
debian/control
vendored
8
debian/control
vendored
|
@ -19,6 +19,7 @@ Build-Depends-Indep: gsfonts <!nocheck>,
|
|||
libcrypt-openssl-x509-perl <!nocheck>,
|
||||
libcrypt-urandom-perl <!nocheck>,
|
||||
libcrypt-rijndael-perl <!nocheck>,
|
||||
libdatetime-format-rfc3339-perl <!nocheck>,
|
||||
libdbd-sqlite3-perl <!nocheck>,
|
||||
libdbi-perl <!nocheck>,
|
||||
libdigest-hmac-perl <!nocheck>,
|
||||
|
@ -228,8 +229,7 @@ Recommends: libapache-session-browseable-perl,
|
|||
Suggests: libconvert-base32-perl,
|
||||
libnet-ldap-perl,
|
||||
libsoap-lite-perl,
|
||||
libxml-libxml-perl,
|
||||
libxml-simple-perl
|
||||
libxml-libxml-perl
|
||||
Conflicts: liblemonldap-ng-cli-perl
|
||||
Description: Lemonldap::NG common files
|
||||
Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
|
||||
|
@ -257,8 +257,7 @@ Depends: ${misc:Depends},
|
|||
lemonldap-ng-fastcgi-server (= ${binary:Version}) | lemonldap-ng-uwsgi-app (= ${binary:Version}) | apache2 | httpd-cgi
|
||||
Recommends: lemonldap-ng-doc (= ${binary:Version}),
|
||||
libxml-libxml-perl,
|
||||
libxml-libxslt-perl,
|
||||
libxml-simple-perl
|
||||
libxml-libxslt-perl
|
||||
Suggests: libclone-perl,
|
||||
libregexp-assemble-perl
|
||||
Pre-Depends: debconf
|
||||
|
@ -298,6 +297,7 @@ Recommends: gsfonts,
|
|||
libunicode-string-perl
|
||||
Suggests: gpg,
|
||||
libcrypt-u2f-server-perl,
|
||||
libdatetime-format-rfc3339-perl,
|
||||
libdbi-perl,
|
||||
libglib-perl,
|
||||
libgssapi-perl,
|
||||
|
|
2
debian/lemonldap-ng-handler.links
vendored
2
debian/lemonldap-ng-handler.links
vendored
|
@ -2,3 +2,5 @@
|
|||
/etc/lemonldap-ng/handler-nginx.conf /etc/nginx/sites-available/handler-nginx.conf
|
||||
/etc/lemonldap-ng/test-apache2.conf /etc/apache2/sites-available/test-apache2.conf
|
||||
/etc/lemonldap-ng/test-nginx.conf /etc/nginx/sites-available/test-nginx.conf
|
||||
/etc/lemonldap-ng/nginx-lmlog.conf /etc/nginx/snippets/llng-lmlog.conf
|
||||
/etc/lemonldap-ng/nginx-lua-headers.conf /etc/nginx/snippets/llng-lua-headers.conf
|
|
@ -269,16 +269,3 @@ SSL authentication
|
|||
|
||||
To chain SSL, you have to set "SSLRequire optional" in Apache
|
||||
configuration, else users will be authenticated by SSL only.
|
||||
|
||||
Migrating from Multi
|
||||
--------------------
|
||||
|
||||
Old :doc:`Multiple backends stack<authmulti>`
|
||||
implemented only \`if\` and \`or\` keywords. Examples:
|
||||
|
||||
================================================================ =====================================================
|
||||
Multi expressions Combination
|
||||
================================================================ =====================================================
|
||||
``LDAP;DBI`` ``[myLDAP] or [myDBI]``
|
||||
``DBI $ENV{REMOTE_ADDR}=~/^192/;LDAP $ENV{REMOTE_ADDR}!~/^192/`` ``if $env->{REMOTE_ADDR} then [myDBI] else [myLDAP]``
|
||||
================================================================ =====================================================
|
||||
|
|
|
@ -121,8 +121,6 @@ Filters
|
|||
In LDAP filters, $user is replaced by user login, and $mail by
|
||||
user email.
|
||||
|
||||
- **Default filter**: default LDAP filter for searches, should not be
|
||||
modified.
|
||||
- **Authentication filter**: Filter to find user from its login
|
||||
(default: ``(&(uid=$user)(objectClass=inetOrgPerson))``)
|
||||
- **Mail filter**: Filter to find user from its mail (default:
|
||||
|
|
|
@ -30,8 +30,6 @@ Then, go in ``LinkedIn parameters``:
|
|||
- **Authentication level**: authentication level for this module.
|
||||
- **Client ID**: the application ID you get
|
||||
- **Client secret**: the corresponding secret
|
||||
- **Searched fields** (deprecated): Fields requested on People endpoint
|
||||
in v1, no more used in v2 API
|
||||
- **Field containing user identifier**: Field that will be used as main
|
||||
user identifier in LL::NG, usually ``id`` (LinkedIn numeric
|
||||
identifer) or ``emailAddress``.
|
||||
|
|
|
@ -13,6 +13,11 @@ Presentation
|
|||
LL::NG is able to send (through REST or SOAP) authentication
|
||||
credentials to another LL::NG portal, like a proxy.
|
||||
|
||||
|
||||
.. warning::
|
||||
|
||||
SOAP support may be removed in LLNG 3.0
|
||||
|
||||
The difference with :doc:`remote authentication<authremote>` is that the
|
||||
client will never be redirect to the main LL::NG portal. This
|
||||
configuration is usable if you want to expose your internal SSO portal
|
||||
|
|
|
@ -15,8 +15,6 @@ This page shows some examples of LL::NG Command Line Interface. See
|
|||
Save/restore configuration
|
||||
--------------------------
|
||||
|
||||
This part requires LLNG 2.0.5 at least.
|
||||
|
||||
Save:
|
||||
|
||||
.. code-block:: sh
|
||||
|
@ -31,7 +29,7 @@ Restore:
|
|||
# Or
|
||||
/usr/share/lemonldap-ng/bin/lemonldap-ng-cli restore - <config.json
|
||||
|
||||
Rollback (restore previous configuration, *since 2.0.8*):
|
||||
Rollback (restore previous configuration):
|
||||
|
||||
.. code-block:: shell
|
||||
|
||||
|
@ -314,15 +312,6 @@ these commands;
|
|||
|
||||
openssl req -new -newkey rsa:4096 -keyout saml.key -nodes -out saml.pem -x509 -days 3650
|
||||
|
||||
Fix the certificate key format (you can skip this step if you are
|
||||
running >= 2.0.6)
|
||||
|
||||
::
|
||||
|
||||
sed -e "s/END PRIVATE/END RSA PRIVATE/" \
|
||||
-e "s/BEGIN PRIVATE/BEGIN RSA PRIVATE/" \
|
||||
-i saml.key
|
||||
|
||||
Import them in configuration and activate the SAML issuer
|
||||
|
||||
::
|
||||
|
|
|
@ -58,9 +58,9 @@ author = u'LemonLDAP::NG'
|
|||
# built documents.
|
||||
#
|
||||
# The short X.Y version.
|
||||
version = u'2.0'
|
||||
version = u'3.0'
|
||||
# The full version, including alpha/beta/rc tags.
|
||||
release = u'2.0'
|
||||
release = u'3.0'
|
||||
|
||||
# The language for content autogenerated by Sphinx. Refer to documentation
|
||||
# for a list of supported languages.
|
||||
|
|
|
@ -132,7 +132,7 @@ configuration.
|
|||
Manager API
|
||||
-----------
|
||||
|
||||
Since 2.0.8, a Manager API is available for:
|
||||
Manager API is available for:
|
||||
|
||||
- Second factors management for users
|
||||
- OpenID Connect RP management
|
||||
|
|
|
@ -95,16 +95,17 @@ As *user*, create directory in directory:
|
|||
git checkout master # go to master branch
|
||||
git remote add upstream https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng.git # to connect to remote branch
|
||||
git fetch upstream # import branch
|
||||
git checkout v2.0 # to change branch
|
||||
git checkout v2.1 # to change branch
|
||||
git fetch upstream
|
||||
|
||||
Import version branch on linux station:
|
||||
|
||||
::
|
||||
|
||||
git checkout v2.0
|
||||
git fetch upstream
|
||||
git rebase upstream/v2.0 # to align to parent project remote branch
|
||||
git checkout v2.1
|
||||
git fetch upstream --all
|
||||
git rebase upstream/v2.1 # to align to parent project remote branch
|
||||
git push # to push to working remote branch
|
||||
|
||||
On gitlab, create working branch, one per thematic on linux station:
|
||||
|
||||
|
@ -115,9 +116,9 @@ On gitlab, create working branch, one per thematic on linux station:
|
|||
git status
|
||||
git commit -am "explanations (#number gitlab ticket)"
|
||||
git commit --amend file(s) # to modify a commit
|
||||
git rebase v2.0 # align local working branch to local 2.0
|
||||
git rebase v2.1 # align local working branch to local 2.1
|
||||
git checkout -- file(s) # revert
|
||||
git push # to send on remote working branch ! Only after doing some commits !
|
||||
git push # to send on remote working branch
|
||||
|
||||
On gitlab, submit merge request when tests are corrects.
|
||||
|
||||
|
@ -126,7 +127,7 @@ Install dependencies
|
|||
|
||||
::
|
||||
|
||||
aptitude install libapache-session-perl libcache-cache-perl libclone-perl libconfig-inifiles-perl libconvert-pem-perl libcrypt-openssl-bignum-perl libcrypt-openssl-rsa-perl libcrypt-openssl-x509-perl libcrypt-rijndael-perl libdbi-perl libdigest-hmac-perl libemail-sender-perl libgd-securityimage-perl libhtml-template-perl libio-string-perl libjson-perl libmime-tools-perl libmouse-perl libnet-ldap-perl libplack-perl libregexp-assemble-perl libregexp-common-perl libsoap-lite-perl libstring-random-perl libtext-unidecode-perl libunicode-string-perl liburi-perl libwww-perl libxml-simple-perl libxml-libxslt-perl libcrypt-urandom-perl libconvert-base32-perl cpanminus
|
||||
aptitude install libapache-session-perl libcache-cache-perl libclone-perl libconfig-inifiles-perl libconvert-pem-perl libcrypt-openssl-bignum-perl libcrypt-openssl-rsa-perl libcrypt-openssl-x509-perl libcrypt-rijndael-perl libdbi-perl libdigest-hmac-perl libemail-sender-perl libgd-securityimage-perl libhtml-template-perl libio-string-perl libjson-perl libmime-tools-perl libmouse-perl libnet-ldap-perl libplack-perl libregexp-assemble-perl libregexp-common-perl libsoap-lite-perl libstring-random-perl libtext-unidecode-perl libunicode-string-perl liburi-perl libwww-perl libxml-libxslt-perl libcrypt-urandom-perl libconvert-base32-perl cpanminus
|
||||
aptitude install apache2 libapache2-mod-fcgid libapache2-mod-perl2 # install Apache
|
||||
aptitude install nginx nginx-extras # install Nginx
|
||||
cpanm perltidy@20181120
|
||||
|
|
|
@ -53,36 +53,13 @@ portal:
|
|||
attributes: it can contain boolean results or any string
|
||||
- macros can also be used to import environment variables *(these
|
||||
variables are in CGI format)*. Example: ``$ENV{HTTP_COOKIE}``
|
||||
- groups are stored as a string with values separated by ''; ''
|
||||
(default values separator) in the special attribute ``groups``: it
|
||||
contains the names of groups whose rules were returned true for the
|
||||
current user. For example:
|
||||
|
||||
.. code-block:: perl
|
||||
|
||||
$groups = group3; admin
|
||||
|
||||
- You can also get groups in ``$hGroups`` which is a Hash Reference of
|
||||
this form:
|
||||
|
||||
.. code-block:: perl
|
||||
|
||||
$hGroups = {
|
||||
'group3' => {
|
||||
'description' => [
|
||||
'Service 3',
|
||||
'Service 3 TEST'
|
||||
],
|
||||
'cn' => [
|
||||
'group3'
|
||||
],
|
||||
'name' => 'group3'
|
||||
},
|
||||
'admin' => {
|
||||
'name' => 'admin'
|
||||
}
|
||||
}
|
||||
|
||||
- You can check for group membership of a particular user with the
|
||||
``inGroup`` function, see examples below.
|
||||
- If you need more advanced processing of the group list (filtering,
|
||||
rewriting) you may use ``$groups``, a flat list of all the user's
|
||||
groups, separated by ''; '' (default values separator). Or the
|
||||
``$hGroups`` variable which is a perl hash whose keys are the group
|
||||
names.
|
||||
|
||||
Example for macros:
|
||||
|
||||
|
@ -107,6 +84,42 @@ Defining a group for admins
|
|||
|
||||
Using groups in a rule
|
||||
|
||||
.. code-block:: perl
|
||||
|
||||
^/admin -> inGroup('admin')
|
||||
|
||||
# Advanced usage
|
||||
^/admin -> defined $hGroups->{'admin'}
|
||||
^/admin -> $groups =~ /\badmin\b/
|
||||
|
||||
|
||||
.. note::
|
||||
|
||||
Groups are computed after macros, so a group rule may involve a
|
||||
macro value.
|
||||
|
||||
.. warning::
|
||||
|
||||
Macros and groups are computed in alphanumeric order,
|
||||
that is, in the order they are displayed in the manager. For example,
|
||||
macro "macro1" will be computed before macro "macro2": so, expression of
|
||||
macro2 may involve value of macro1. As same for groups: a group rule may
|
||||
involve another, previously computed group.
|
||||
|
||||
# Use a boolean macro in a rule
|
||||
^/admin -> $isAdmin
|
||||
# Use a string macro in a HTTP header
|
||||
Display-Name -> $displayName
|
||||
|
||||
Defining a group for admins
|
||||
|
||||
.. code-block:: perl
|
||||
|
||||
# group
|
||||
admin -> $uid eq 'foo' or $uid eq 'bar'
|
||||
|
||||
Using groups in a rule
|
||||
|
||||
.. code-block:: perl
|
||||
|
||||
^/admin -> $groups =~ /\badmin\b/
|
||||
|
|
|
@ -321,8 +321,6 @@ Example::
|
|||
listMatch
|
||||
~~~~~~~~~
|
||||
|
||||
.. versionadded:: 2.0.7
|
||||
|
||||
This function lets you test if a particular value can be found with a
|
||||
multi-valued session attribute.
|
||||
|
||||
|
@ -349,8 +347,6 @@ found.
|
|||
inGroup
|
||||
~~~~~~~
|
||||
|
||||
.. versionadded:: 2.0.8
|
||||
|
||||
This function lets you test if the user is in a given group. It is
|
||||
case-insensitive.
|
||||
|
||||
|
@ -405,11 +401,8 @@ IP address is local*:
|
|||
varIsInUri
|
||||
~~~~~~~~~~
|
||||
|
||||
.. versionadded:: 2.0.7
|
||||
|
||||
Function to check if a variable is in requested URI
|
||||
|
||||
Example *check if $uid is in /check-auth/ URI*:
|
||||
Function to check if a variable is in requested URI. Example *check if
|
||||
$uid is in /check-auth/ URI*:
|
||||
|
||||
.. code-block:: perl
|
||||
|
||||
|
@ -429,7 +422,3 @@ Example *check if $uid is in /check-auth/ URI*:
|
|||
https://test1.example.com/check-auth/rtyler/api -> false
|
||||
https://test1.example.com/check-auth/rtyler -> false
|
||||
|
||||
.. |image0| image:: /documentation/new.png
|
||||
:width: 35px
|
||||
.. |image1| image:: /documentation/new.png
|
||||
:width: 35px
|
||||
|
|
|
@ -11,6 +11,16 @@ Handlers are build on rows of modules:
|
|||
- Library types if needed *(may inherit from Main)*
|
||||
- Main: the main handler library
|
||||
|
||||
Since version 2.1, wrappers are autogenerated when undefined. Generated
|
||||
code is simply:
|
||||
|
||||
.. code:: perl
|
||||
|
||||
package Lemonldap::NG::Handler::Platform::Type;
|
||||
use base 'Lemonldap::NG::Handler::Lib::Type',
|
||||
'Lemonldap::NG::Handler::Platform::Main';
|
||||
1;
|
||||
|
||||
Overview of Handler packages
|
||||
----------------------------
|
||||
|
||||
|
|
|
@ -95,8 +95,7 @@ Then, add the official LL::NG repository
|
|||
version
|
||||
- Use the ``testing`` repository to get packages from next major
|
||||
version
|
||||
- Use the ``2.0`` repository to avoid upgrade to next major version
|
||||
|
||||
- Use the ``2.1`` repository to avoid upgrade to next major version
|
||||
|
||||
|
||||
Finally update your APT cache:
|
||||
|
|
|
@ -356,7 +356,7 @@ Available options:
|
|||
|
||||
- **Server**: Enable/Disable notification server
|
||||
- **Default condition**: Condition appended to ALL notifications
|
||||
inserted by notification server (JSON format only)
|
||||
inserted by notification server
|
||||
- **Notification parameters to send**: Notifications parameters
|
||||
returned by ``GET`` method
|
||||
- **HTTP methods**: Enable/Disable HTTP methods
|
||||
|
|
|
@ -18,7 +18,6 @@ Key name Documentation
|
|||
ADPwdExpireWarning AD password expire warning ✔
|
||||
ADPwdMaxAge AD password max age ✔
|
||||
AuthLDAPFilter LDAP filter for auth search ✔
|
||||
LDAPFilter Default LDAP filter ✔
|
||||
SMTPAuthPass Password to use to send mails ✔
|
||||
SMTPAuthUser Login to use to send mails ✔
|
||||
SMTPPort Fix SMTP port ✔
|
||||
|
|
|
@ -247,17 +247,10 @@ First, create a file to contain the plugin code ::
|
|||
Enabling your plugin
|
||||
~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Declare the plugin in lemonldap-ng.ini:
|
||||
Declare the plugin in Manager, in General Parameters > Plugins > Custom
|
||||
Plugins.
|
||||
|
||||
::
|
||||
|
||||
vi /etc/lemonldap-ng/lemonldap-ng.ini
|
||||
|
||||
.. code-block:: perl
|
||||
|
||||
[portal]
|
||||
customPlugins = Lemonldap::NG::Portal::MyPlugin
|
||||
;customPlugins = Lemonldap::NG::Portal::MyPlugin1, Lemonldap::NG::Portal::MyPlugin2, ...
|
||||
|
||||
Since 2.0.7, it can also be configured in Manager, in General Parameters
|
||||
> Plugins > Custom Plugins.
|
||||
- Modules list: for example
|
||||
``Lemonldap::NG::Portal::MyPlugin1, Lemonldap::NG::Portal::MyPlugin2``
|
||||
- Additional parameters: parameters that will be available in
|
||||
``customPluginsParams`` configuration key
|
||||
|
|
|
@ -346,7 +346,6 @@ Password management
|
|||
revealed. Disabled by default.
|
||||
|
||||
Password Policy
|
||||
---------------
|
||||
|
||||
.. tip::
|
||||
|
||||
|
|
|
@ -65,8 +65,8 @@ Core
|
|||
- Regexp::Common
|
||||
- SOAP::Lite *(optional)*
|
||||
- String::Random
|
||||
- Text::Unidecode *(Since LemonLDAP::NG 2.0.5)*
|
||||
- Unicode::String
|
||||
- Text::Unidecode
|
||||
- URI
|
||||
- URI::Escape
|
||||
|
||||
|
@ -88,7 +88,6 @@ SAML2
|
|||
|
||||
- `Lasso <http://lasso.entrouvert.org/>`__
|
||||
- GLib
|
||||
- XML::Simple
|
||||
|
||||
Second factor
|
||||
~~~~~~~~~~~~~
|
||||
|
@ -135,11 +134,11 @@ SMTP & Reset password/certificate by mail
|
|||
Unit tests
|
||||
~~~~~~~~~~
|
||||
|
||||
- Authen::U2F::Tester
|
||||
- Crypt::U2F::Server
|
||||
- Test::MockObject
|
||||
- Test::Output
|
||||
- Test::POD
|
||||
- Test::MockObject
|
||||
- Crypt::U2F::Server
|
||||
- Authen::U2F::Tester
|
||||
- Test::Output
|
||||
- Time::Fake
|
||||
- YAML
|
||||
|
||||
|
@ -169,7 +168,7 @@ Perl dependencies:
|
|||
|
||||
::
|
||||
|
||||
apt install libapache-session-perl libcache-cache-perl libclone-perl libconfig-inifiles-perl libconvert-pem-perl libcrypt-openssl-bignum-perl libcrypt-openssl-rsa-perl libcrypt-openssl-x509-perl libcrypt-rijndael-perl libdbi-perl libdigest-hmac-perl libemail-sender-perl libgd-securityimage-perl libhtml-template-perl libio-string-perl libjson-perl libmime-tools-perl libmouse-perl libnet-ldap-perl libplack-perl libregexp-assemble-perl libregexp-common-perl libsoap-lite-perl libstring-random-perl libunicode-string-perl liburi-perl libwww-perl libxml-simple-perl libxml-libxslt-perl libcrypt-urandom-perl libtext-unidecode-perl libcookie-baker-xs-perl
|
||||
apt install libapache-session-perl libcache-cache-perl libclone-perl libconfig-inifiles-perl libconvert-pem-perl libcrypt-openssl-bignum-perl libcrypt-openssl-rsa-perl libcrypt-openssl-x509-perl libcrypt-rijndael-perl libdbi-perl libdigest-hmac-perl libemail-sender-perl libgd-securityimage-perl libhtml-template-perl libio-string-perl libjson-perl libmime-tools-perl libmouse-perl libnet-ldap-perl libplack-perl libregexp-assemble-perl libregexp-common-perl libsoap-lite-perl libstring-random-perl libunicode-string-perl liburi-perl libwww-perl libxml-libxslt-perl libcrypt-urandom-perl libtext-unidecode-perl libcookie-baker-xs-perl
|
||||
|
||||
For Apache:
|
||||
|
||||
|
@ -199,7 +198,7 @@ Perl dependencies:
|
|||
|
||||
::
|
||||
|
||||
yum install perl-Apache-Session perl-Cache-Cache perl-Clone perl-Config-IniFiles perl-Convert-PEM perl-Crypt-OpenSSL-RSA perl-Crypt-OpenSSL-X509 perl-Crypt-Rijndael perl-Digest-HMAC perl-Digest-SHA perl-GD-SecurityImage perl-HTML-Template perl-IO-String perl-JSON perl-LDAP perl-Mouse perl-Plack perl-Regexp-Assemble perl-Regexp-Common perl-SOAP-Lite perl-String-Random perl-Unicode-String perl-version perl-XML-Simple perl-Crypt-URandom perl-Email-Sender
|
||||
yum install perl-Apache-Session perl-Cache-Cache perl-Clone perl-Config-IniFiles perl-Convert-PEM perl-Crypt-OpenSSL-RSA perl-Crypt-OpenSSL-X509 perl-Crypt-Rijndael perl-Digest-HMAC perl-Digest-SHA perl-GD-SecurityImage perl-HTML-Template perl-IO-String perl-JSON perl-LDAP perl-Mouse perl-Plack perl-Regexp-Assemble perl-Regexp-Common perl-SOAP-Lite perl-String-Random perl-Unicode-String perl-version perl-Crypt-URandom perl-Email-Sender
|
||||
|
||||
For Apache:
|
||||
|
||||
|
|
|
@ -5,8 +5,6 @@ This plugin appends an endpoint to refresh sessions by user. It provides
|
|||
``https://portal/refreshsession`` endpoint. Protect it by webserver
|
||||
configuration.
|
||||
|
||||
This plugin is available with LLNG ≥ 2.0.7.
|
||||
|
||||
Usage
|
||||
-----
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
Documentation for LemonLDAP::NG 2.0
|
||||
Documentation for LemonLDAP::NG 3.0
|
||||
===================================
|
||||
|
||||
.. image:: logos/logo_llng_600px.png
|
||||
|
|
|
@ -1,2 +1,4 @@
|
|||
.. include:: upgrade_2_1_x.rst
|
||||
.. include:: upgrade_2_1.rst
|
||||
.. include:: upgrade_2_0_x.rst
|
||||
.. include:: upgrade_2_0.rst
|
||||
|
|
9
doc/sources/admin/upgrade_2_1.rst
Normal file
9
doc/sources/admin/upgrade_2_1.rst
Normal file
|
@ -0,0 +1,9 @@
|
|||
Upgrade from 2.0 to 2.1
|
||||
=======================
|
||||
|
||||
SOAP deprecation
|
||||
----------------
|
||||
|
||||
LLNG 2.1.x will be the last major version supporting SOAP services.
|
||||
Please start migration to :doc:`REST services<restservices>` *(available
|
||||
since 2.0.0)*.
|
10
doc/sources/admin/upgrade_2_1_x.rst
Normal file
10
doc/sources/admin/upgrade_2_1_x.rst
Normal file
|
@ -0,0 +1,10 @@
|
|||
Upgrade from 2.1.x to 2.1.y
|
||||
===========================
|
||||
|
||||
Update from one minor version to another does not require any particular
|
||||
action. Please apply general caution as you would with any software:
|
||||
have backups and a rollback plan ready!
|
||||
|
||||
Do not forget to read the release notes of the version you are about to
|
||||
install for any specific instructions.
|
||||
|
|
@ -132,12 +132,11 @@ There are three ways to impose users a higher authentication level:
|
|||
|
||||
- writing a rule based on authentication level:
|
||||
``$authenticationLevel > 3``
|
||||
- since 2.0, set a minimum level in virtual host options (default value
|
||||
for ALL access rules)
|
||||
- since 2.0.7, a minimum authentication level can be set for each URI
|
||||
access rule. Useful if URI are protected by different types of
|
||||
handler (AuthBasic -> level 2, Main -> level set by authentication
|
||||
backend).
|
||||
- set a minimum level in virtual host options (default value for ALL
|
||||
access rules)
|
||||
- a minimum authentication level can be set for each URI access rule.
|
||||
Useful if URI are protected by different types of handler (AuthBasic
|
||||
-> level 2, Main -> level set by authentication backend).
|
||||
|
||||
|
||||
.. tip::
|
||||
|
@ -146,6 +145,24 @@ There are three ways to impose users a higher authentication level:
|
|||
to a form that explain that a higher level is required and propose to
|
||||
reauthenticate himself.
|
||||
|
||||
Using regexp capture in rules
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
If URL regexp captures something *(using parenthesis)*, you can use them
|
||||
in the corresponding rule using ``$_rulematch[1]``. Example: only user
|
||||
can access to its personal area:
|
||||
|
||||
- Regexp: ``/^public_html/(\w+)(/.*)?$``
|
||||
- Rule: ``$uid eq $_rulematch[1]``
|
||||
|
||||
$_rulematch is an array that contains all captured strings. First index
|
||||
is 1.
|
||||
|
||||
|
||||
.. warning::
|
||||
|
||||
This feature requires Perl ≥ 5.25.7
|
||||
|
||||
.. _headers:
|
||||
|
||||
Headers
|
||||
|
@ -209,8 +226,8 @@ headers:
|
|||
Wildcards in hostnames
|
||||
----------------------
|
||||
|
||||
|image1| Since 2.0, a wildcard can be used in virtualhost name (not in
|
||||
aliases !): ``*.example.com`` matches all hostnames that belong to
|
||||
Since 2.0, a wildcard can be used in virtualhost name (not in aliases
|
||||
!): ``*.example.com`` matches all hostnames that belong to
|
||||
``example.com`` domain. Version 2.0.9 improves this and allows better
|
||||
wildcards such as ``test-*.example.com`` or ``test-%.example.com``. The
|
||||
``%`` wilcard doesn't match subdomains.
|
||||
|
|
|
@ -100,7 +100,7 @@
|
|||
"cfgDate": 1428138808,
|
||||
"cfgLog": "Default configuration provided by LemonLDAP::NG team",
|
||||
"cfgNum": "1",
|
||||
"cfgVersion": "2.0.0",
|
||||
"cfgVersion": "2.1.0",
|
||||
"cookieName": "lemonldap",
|
||||
"customFunctions": "My::hello My::get_additional_arg",
|
||||
"demoExportedVars": {
|
||||
|
|
|
@ -133,7 +133,7 @@
|
|||
.\" ========================================================================
|
||||
.\"
|
||||
.IX Title "llng-fastcgi-server 8"
|
||||
.TH llng-fastcgi-server 8 "2021-08-10" "perl v5.32.1" "User Contributed Perl Documentation"
|
||||
.TH llng-fastcgi-server 8 "2021-08-01" "perl v5.32.1" "User Contributed Perl Documentation"
|
||||
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
|
||||
.\" way too many mistakes in technical documents.
|
||||
.if n .ad l
|
||||
|
|
|
@ -7,7 +7,7 @@ use POSIX;
|
|||
use Getopt::Long;
|
||||
use Lemonldap::NG::Handler::Main::Reload;
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
our (
|
||||
$foreground, $engine, $nproc, $pidFile,
|
||||
|
|
|
@ -37,6 +37,7 @@ lib/Lemonldap/NG/Common/Conf/Wrapper.pm
|
|||
lib/Lemonldap/NG/Common/Crypto.pm
|
||||
lib/Lemonldap/NG/Common/EmailTransport.pm
|
||||
lib/Lemonldap/NG/Common/FormEncode.pm
|
||||
lib/Lemonldap/NG/Common/IO/Filter.pm
|
||||
lib/Lemonldap/NG/Common/IPv6.pm
|
||||
lib/Lemonldap/NG/Common/JWT.pm
|
||||
lib/Lemonldap/NG/Common/Logger/_Duplicate.pm
|
||||
|
@ -91,8 +92,11 @@ t/35-Common-Crypto.t
|
|||
t/36-Common-Regexp.t
|
||||
t/40-Common-Session.t
|
||||
t/50-Combination-Parser.t
|
||||
t/60-Common-IO-Filter.t
|
||||
t/60-Session-Cli.t
|
||||
t/99-pod.t
|
||||
t/inc.tpl
|
||||
t/test.tpl
|
||||
tools/apache-session-mysql.sql
|
||||
tools/lmConfig.CDBI.mysql
|
||||
tools/lmConfig.RDBI.mysql
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
"Xavier Guimard <x.guimard@free.fr>, Clément Oudot <clement@oodo.net>"
|
||||
],
|
||||
"dynamic_config" : 1,
|
||||
"generated_by" : "ExtUtils::MakeMaker version 7.34, CPAN::Meta::Converter version 2.150010",
|
||||
"generated_by" : "ExtUtils::MakeMaker version 7.44, CPAN::Meta::Converter version 2.150010",
|
||||
"license" : [
|
||||
"open_source"
|
||||
],
|
||||
|
@ -78,6 +78,6 @@
|
|||
],
|
||||
"x_MailingList" : "mailto:lemonldap-ng-dev@ow2.org"
|
||||
},
|
||||
"version" : "v2.0.13",
|
||||
"version" : "v2.1.0",
|
||||
"x_serialization_backend" : "JSON::PP version 4.04"
|
||||
}
|
||||
|
|
|
@ -10,7 +10,7 @@ build_requires:
|
|||
configure_requires:
|
||||
ExtUtils::MakeMaker: '0'
|
||||
dynamic_config: 1
|
||||
generated_by: 'ExtUtils::MakeMaker version 7.34, CPAN::Meta::Converter version 2.150010'
|
||||
generated_by: 'ExtUtils::MakeMaker version 7.44, CPAN::Meta::Converter version 2.150010'
|
||||
license: open_source
|
||||
meta-spec:
|
||||
url: http://module-build.sourceforge.net/META-spec-v1.4.html
|
||||
|
@ -54,5 +54,5 @@ resources:
|
|||
bugtracker: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues
|
||||
homepage: http://lemonldap-ng.org/
|
||||
license: http://opensource.org/licenses/GPL-2.0
|
||||
version: v2.0.13
|
||||
version: v2.1.0
|
||||
x_serialization_backend: 'CPAN::Meta::YAML version 0.018'
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
package Lemonldap::NG::Common;
|
||||
|
||||
our $VERSION = '2.0.13';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
1;
|
||||
__END__
|
||||
|
|
|
@ -15,7 +15,7 @@ use Lemonldap::NG::Common::Apache::Session::Serialize::JSON;
|
|||
use Lemonldap::NG::Common::Apache::Session::Store;
|
||||
use Lemonldap::NG::Common::Apache::Session::Lock;
|
||||
|
||||
our $VERSION = '2.0.6';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
sub _load {
|
||||
my ( $backend, $func ) = @_;
|
||||
|
|
|
@ -11,7 +11,7 @@ package Lemonldap::NG::Common::Apache::Session::Generate::SHA256;
|
|||
use strict;
|
||||
use Crypt::URandom;
|
||||
|
||||
our $VERSION = '2.0.2';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
sub generate {
|
||||
my $session = shift;
|
||||
|
@ -21,17 +21,8 @@ sub generate {
|
|||
$length = $session->{args}->{IDLength};
|
||||
}
|
||||
|
||||
eval {
|
||||
$session->{data}->{_session_id} =
|
||||
unpack( 'H*', Crypt::URandom::urandom( int( $length / 2 ) ) );
|
||||
};
|
||||
if ($@) {
|
||||
print STDERR "Crypt::URandom::urandom failed: $@\n";
|
||||
require Digest::SHA;
|
||||
$session->{data}->{_session_id} =
|
||||
substr( Digest::SHA::sha256_hex( time() . {} . rand() . $$ ),
|
||||
0, $length );
|
||||
}
|
||||
}
|
||||
|
||||
sub validate {
|
||||
|
|
|
@ -3,7 +3,7 @@ package Lemonldap::NG::Common::Apache::Session::Lock;
|
|||
|
||||
use strict;
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
sub new {
|
||||
my $class = shift;
|
||||
|
|
|
@ -5,7 +5,7 @@ use Lemonldap::NG::Common::UserAgent;
|
|||
use Lemonldap::NG::Common::Apache::Session::Generate::SHA256;
|
||||
use JSON qw(from_json to_json);
|
||||
|
||||
our $VERSION = '2.0.5';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
our @ISA = qw(Lemonldap::NG::Common::Apache::Session::Generate::SHA256);
|
||||
|
||||
|
|
|
@ -8,7 +8,7 @@ package Lemonldap::NG::Common::Apache::Session::SOAP;
|
|||
use strict;
|
||||
use SOAP::Lite;
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
#parameter proxy Url of SOAP service
|
||||
#parameter proxyOptions SOAP::Lite options
|
||||
|
|
|
@ -3,7 +3,7 @@ package Lemonldap::NG::Common::Apache::Session::Serialize::JSON;
|
|||
use strict;
|
||||
use JSON qw(to_json from_json);
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
sub serialize {
|
||||
my $session = shift;
|
||||
|
|
|
@ -3,7 +3,7 @@ package Lemonldap::NG::Common::Apache::Session::Store;
|
|||
|
||||
use strict;
|
||||
|
||||
our $VERSION = '2.0.10';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
sub new {
|
||||
my $class = shift;
|
||||
|
|
|
@ -5,10 +5,10 @@ use Mouse;
|
|||
use Lemonldap::NG::Common::Conf;
|
||||
use Lemonldap::NG::Common::EmailTransport;
|
||||
|
||||
our $VERSION = '2.0.8';
|
||||
|
||||
extends 'Lemonldap::NG::Common::PSGI::Cli::Lib';
|
||||
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
has confAccess => (
|
||||
is => 'rw',
|
||||
builder => sub {
|
||||
|
|
|
@ -9,7 +9,7 @@ use Lemonldap::NG::Common::Apache::Session;
|
|||
use Lemonldap::NG::Common::Session;
|
||||
use Lemonldap::NG::Common::Util qw/getPSessionID genId2F/;
|
||||
|
||||
our $VERSION = '2.0.9';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
has opts => ( is => 'rw' );
|
||||
|
||||
|
|
|
@ -5,7 +5,7 @@ use Mouse;
|
|||
use Safe;
|
||||
use constant PE_OK => 0;
|
||||
|
||||
our $VERSION = '2.0.6';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
# Handle "if then else" (used during init)
|
||||
# return a sub that can be called with ($req) to get a [array] of combination
|
||||
|
|
|
@ -27,7 +27,7 @@ use Config::IniFiles;
|
|||
#inherits Lemonldap::NG::Common::Conf::Backends::SOAP
|
||||
#inherits Lemonldap::NG::Common::Conf::Backends::LDAP
|
||||
|
||||
our $VERSION = '2.0.14';
|
||||
our $VERSION = '2.1.0';
|
||||
our $msg = '';
|
||||
our $iniObj;
|
||||
|
||||
|
|
|
@ -11,7 +11,7 @@ has 'configStorage' => ( is => 'rw', isa => 'HashRef', default => sub { {} } );
|
|||
has 'currentConf' => ( is => 'rw', required => 1, default => sub { {} } );
|
||||
has 'protection' => ( is => 'rw', isa => 'Str', default => 'manager' );
|
||||
|
||||
our $VERSION = '2.0.11';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
## @method Lemonldap::NG::Common::Conf confAcc()
|
||||
# Configuration access object
|
||||
|
|
|
@ -5,7 +5,7 @@ use utf8;
|
|||
use JSON;
|
||||
use Lemonldap::NG::Common::Conf::Backends::_DBI;
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.1.0';
|
||||
our @ISA = qw(Lemonldap::NG::Common::Conf::Backends::_DBI);
|
||||
|
||||
sub store {
|
||||
|
|
|
@ -5,7 +5,7 @@ use utf8;
|
|||
use Lemonldap::NG::Common::Conf::Serializer;
|
||||
use Lemonldap::NG::Common::Conf::Backends::_DBI;
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.1.0';
|
||||
our @ISA = qw(Lemonldap::NG::Common::Conf::Backends::_DBI);
|
||||
|
||||
sub store {
|
||||
|
|
|
@ -5,7 +5,7 @@ use Lemonldap::NG::Common::Conf::Constants; #inherits
|
|||
use JSON;
|
||||
use Encode;
|
||||
|
||||
our $VERSION = '2.0.9';
|
||||
our $VERSION = '2.1.0';
|
||||
our $initDone;
|
||||
|
||||
sub Lemonldap::NG::Common::Conf::_lock {
|
||||
|
|
|
@ -5,7 +5,7 @@ package Lemonldap::NG::Common::Conf::Backends::JSONFile;
|
|||
use Lemonldap::NG::Common::Conf::Backends::File;
|
||||
|
||||
our @ISA = qw(Lemonldap::NG::Common::Conf::Backends::File);
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
1;
|
||||
|
||||
|
|
|
@ -11,7 +11,7 @@ use Net::LDAP;
|
|||
use Lemonldap::NG::Common::Conf::Constants; #inherits
|
||||
use Lemonldap::NG::Common::Conf::Serializer;
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
BEGIN {
|
||||
*Lemonldap::NG::Common::Conf::ldap = \&ldap;
|
||||
|
|
|
@ -3,7 +3,7 @@ package Lemonldap::NG::Common::Conf::Backends::Local;
|
|||
use strict;
|
||||
use Lemonldap::NG::Common::Conf::Constants;
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
sub prereq {
|
||||
return 1;
|
||||
|
|
|
@ -5,7 +5,7 @@ use utf8;
|
|||
use strict;
|
||||
use Lemonldap::NG::Common::Conf::Serializer;
|
||||
|
||||
our $VERSION = '2.0.1';
|
||||
our $VERSION = '2.1.0';
|
||||
our $initDone;
|
||||
|
||||
sub prereq {
|
||||
|
|
|
@ -5,7 +5,7 @@ use utf8;
|
|||
use Lemonldap::NG::Common::Conf::Serializer;
|
||||
use Lemonldap::NG::Common::Conf::Backends::_DBI;
|
||||
|
||||
our $VERSION = '2.0.12';
|
||||
our $VERSION = '2.1.0';
|
||||
our @ISA = qw(Lemonldap::NG::Common::Conf::Backends::_DBI);
|
||||
|
||||
sub store {
|
||||
|
|
|
@ -4,7 +4,7 @@ use strict;
|
|||
use Lemonldap::NG::Common::UserAgent;
|
||||
use JSON qw(from_json to_json);
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
#parameter baseUrl, user, password, realm, lwpOpts
|
||||
|
||||
|
|
|
@ -5,7 +5,7 @@ use utf8;
|
|||
use SOAP::Lite;
|
||||
use Lemonldap::NG::Common::Conf::Constants;
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
#parameter proxy Url of SOAP service
|
||||
#parameter proxyOptions SOAP::Lite parameters
|
||||
|
|
|
@ -5,7 +5,7 @@ use Lemonldap::NG::Common::Conf::Constants; #inherits
|
|||
use YAML qw();
|
||||
use Encode;
|
||||
|
||||
our $VERSION = '2.0.9';
|
||||
our $VERSION = '2.1.0';
|
||||
our $initDone;
|
||||
$YAML::Numify = 1;
|
||||
|
||||
|
|
|
@ -5,7 +5,7 @@ use utf8;
|
|||
use DBI;
|
||||
use Lemonldap::NG::Common::Conf::Constants; #inherits
|
||||
|
||||
our $VERSION = '2.0.12';
|
||||
our $VERSION = '2.1.0';
|
||||
our @ISA = qw(Lemonldap::NG::Common::Conf::Constants);
|
||||
our ( @EXPORT, %EXPORT_TAGS );
|
||||
|
||||
|
|
|
@ -4,7 +4,7 @@ use strict;
|
|||
use Mouse;
|
||||
use Lemonldap::NG::Common::Conf::ReConstants;
|
||||
|
||||
our $VERSION = '2.0.8';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
sub compactConf {
|
||||
my ( $self, $conf ) = @_;
|
||||
|
|
|
@ -5,7 +5,7 @@ use strict;
|
|||
use Exporter 'import';
|
||||
use base qw(Exporter);
|
||||
|
||||
our $VERSION = '2.0.14';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
# CONSTANTS
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# This file is generated by Lemonldap::NG::Manager::Build. Don't modify it by hand
|
||||
package Lemonldap::NG::Common::Conf::DefaultValues;
|
||||
|
||||
our $VERSION = '2.0.14';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
sub defaultValues {
|
||||
return {
|
||||
|
@ -90,6 +90,7 @@ sub defaultValues {
|
|||
'facebookExportedVars' => {},
|
||||
'facebookUserField' => 'id',
|
||||
'failedLoginNumber' => 5,
|
||||
'favAppsMaxNumber' => 3,
|
||||
'findUserControl' => '^[*\\w]+$',
|
||||
'findUserWildcard' => '*',
|
||||
'formTimeout' => 120,
|
||||
|
@ -256,6 +257,7 @@ sub defaultValues {
|
|||
'portalCheckLogins' => 1,
|
||||
'portalDisplayAppslist' => 1,
|
||||
'portalDisplayChangePassword' => '$_auth =~ /^(LDAP|DBI|Demo)$/',
|
||||
'portalDisplayFavApps' => 1,
|
||||
'portalDisplayGeneratePassword' => 1,
|
||||
'portalDisplayLoginHistory' => 1,
|
||||
'portalDisplayLogout' => 1,
|
||||
|
|
|
@ -6,7 +6,7 @@ use Mouse;
|
|||
use Lemonldap::NG::Common::Conf::Constants;
|
||||
use Lemonldap::NG::Common::Conf::ReConstants;
|
||||
|
||||
our $VERSION = '2.0.12';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
extends 'Lemonldap::NG::Common::Conf::AccessLib';
|
||||
|
||||
|
|
|
@ -5,7 +5,7 @@ use strict;
|
|||
use Exporter 'import';
|
||||
use base qw(Exporter);
|
||||
|
||||
our $VERSION = '2.0.14';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
our %EXPORT_TAGS = ( 'all' => [qw($simpleHashKeys $doubleHashKeys $specialNodeKeys $casAppMetaDataNodeKeys $casSrvMetaDataNodeKeys $oidcOPMetaDataNodeKeys $oidcRPMetaDataNodeKeys $samlIDPMetaDataNodeKeys $samlSPMetaDataNodeKeys $virtualHostKeys $specialNodeHash $authParameters $issuerParameters $samlServiceParameters $oidcServiceParameters $casServiceParameters)] );
|
||||
our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } );
|
||||
|
@ -37,7 +37,7 @@ our $authParameters = {
|
|||
apacheParams => [qw(apacheAuthnLevel)],
|
||||
casParams => [qw(casAuthnLevel)],
|
||||
choiceParams => [qw(authChoiceParam authChoiceModules authChoiceAuthBasic authChoiceFindUser)],
|
||||
combinationParams => [qw(combination combModules)],
|
||||
combinationParams => [qw(combination combModules combinationForms)],
|
||||
customParams => [qw(customAuth customUserDB customPassword customRegister customResetCertByMail customAddParams)],
|
||||
dbiParams => [qw(dbiAuthnLevel dbiExportedVars dbiAuthChain dbiAuthUser dbiAuthPassword dbiUserChain dbiUserUser dbiUserPassword dbiAuthTable dbiUserTable dbiAuthLoginCol dbiAuthPasswordCol dbiPasswordMailCol userPivot dbiAuthPasswordHash dbiDynamicHashEnabled dbiDynamicHashValidSchemes dbiDynamicHashValidSaltedSchemes dbiDynamicHashNewPasswordScheme)],
|
||||
demoParams => [qw(demoExportedVars)],
|
||||
|
@ -45,7 +45,7 @@ our $authParameters = {
|
|||
githubParams => [qw(githubAuthnLevel githubClientID githubClientSecret githubUserField githubScope)],
|
||||
gpgParams => [qw(gpgAuthnLevel gpgDb)],
|
||||
kerberosParams => [qw(krbAuthnLevel krbKeytab krbByJs krbRemoveDomain krbAllowedDomains)],
|
||||
ldapParams => [qw(ldapAuthnLevel ldapExportedVars ldapServer ldapPort ldapVerify ldapBase managerDn managerPassword ldapTimeout ldapIOTimeout ldapVersion ldapRaw ldapCAFile ldapCAPath LDAPFilter AuthLDAPFilter mailLDAPFilter ldapSearchDeref ldapGroupBase ldapGroupObjectClass ldapGroupAttributeName ldapGroupAttributeNameUser ldapGroupAttributeNameSearch ldapGroupDecodeSearchedValue ldapGroupRecursive ldapGroupAttributeNameGroup ldapPpolicyControl ldapSetPassword ldapChangePasswordAsUser ldapPwdEnc ldapUsePasswordResetAttribute ldapPasswordResetAttribute ldapPasswordResetAttributeValue ldapAllowResetExpiredPassword ldapGetUserBeforePasswordChange ldapITDS)],
|
||||
ldapParams => [qw(ldapAuthnLevel ldapExportedVars ldapServer ldapPort ldapVerify ldapBase managerDn managerPassword ldapTimeout ldapIOTimeout ldapVersion ldapRaw ldapCAFile ldapCAPath AuthLDAPFilter mailLDAPFilter ldapSearchDeref ldapGroupBase ldapGroupObjectClass ldapGroupAttributeName ldapGroupAttributeNameUser ldapGroupAttributeNameSearch ldapGroupDecodeSearchedValue ldapGroupRecursive ldapGroupAttributeNameGroup ldapPpolicyControl ldapSetPassword ldapChangePasswordAsUser ldapPwdEnc ldapUsePasswordResetAttribute ldapPasswordResetAttribute ldapPasswordResetAttributeValue ldapAllowResetExpiredPassword ldapGetUserBeforePasswordChange ldapITDS)],
|
||||
linkedinParams => [qw(linkedInAuthnLevel linkedInClientID linkedInClientSecret linkedInFields linkedInUserField linkedInScope)],
|
||||
nullParams => [qw(nullAuthnLevel)],
|
||||
oidcParams => [qw(oidcAuthnLevel oidcRPCallbackGetParam oidcRPStateTimeout)],
|
||||
|
@ -69,6 +69,6 @@ our $issuerParameters = {
|
|||
issuerOptions => [qw(issuersTimeout)],
|
||||
};
|
||||
our $samlServiceParameters = [qw(samlEntityID samlServicePrivateKeySig samlServicePrivateKeySigPwd samlServicePublicKeySig samlServicePrivateKeyEnc samlServicePrivateKeyEncPwd samlServicePublicKeyEnc samlServiceUseCertificateInResponse samlServiceSignatureMethod samlNameIDFormatMapEmail samlNameIDFormatMapX509 samlNameIDFormatMapWindows samlNameIDFormatMapKerberos samlAuthnContextMapPassword samlAuthnContextMapPasswordProtectedTransport samlAuthnContextMapTLSClient samlAuthnContextMapKerberos samlOrganizationDisplayName samlOrganizationName samlOrganizationURL samlSPSSODescriptorAuthnRequestsSigned samlSPSSODescriptorWantAssertionsSigned samlSPSSODescriptorSingleLogoutServiceHTTPRedirect samlSPSSODescriptorSingleLogoutServiceHTTPPost samlSPSSODescriptorSingleLogoutServiceSOAP samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact samlSPSSODescriptorAssertionConsumerServiceHTTPPost samlSPSSODescriptorArtifactResolutionServiceArtifact samlIDPSSODescriptorWantAuthnRequestsSigned samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect samlIDPSSODescriptorSingleSignOnServiceHTTPPost samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect samlIDPSSODescriptorSingleLogoutServiceHTTPPost samlIDPSSODescriptorSingleLogoutServiceSOAP samlIDPSSODescriptorArtifactResolutionServiceArtifact samlAttributeAuthorityDescriptorAttributeServiceSOAP samlMetadataForceUTF8 samlRelayStateTimeout samlUseQueryStringSpecific samlOverrideIDPEntityID samlStorage samlStorageOptions samlCommonDomainCookieActivation samlCommonDomainCookieDomain samlCommonDomainCookieReader samlCommonDomainCookieWriter samlDiscoveryProtocolActivation samlDiscoveryProtocolURL samlDiscoveryProtocolPolicy samlDiscoveryProtocolIsPassive)];
|
||||
our $oidcServiceParameters = [qw(oidcServiceMetaDataIssuer oidcServiceMetaDataAuthorizeURI oidcServiceMetaDataTokenURI oidcServiceMetaDataUserInfoURI oidcServiceMetaDataJWKSURI oidcServiceMetaDataRegistrationURI oidcServiceMetaDataIntrospectionURI oidcServiceMetaDataEndSessionURI oidcServiceMetaDataCheckSessionURI oidcServiceMetaDataFrontChannelURI oidcServiceMetaDataBackChannelURI oidcServiceMetaDataAuthnContext oidcServicePrivateKeySig oidcServicePublicKeySig oidcServiceKeyIdSig oidcServiceAllowDynamicRegistration oidcServiceAllowOnlyDeclaredScopes oidcServiceAllowAuthorizationCodeFlow oidcServiceAllowImplicitFlow oidcServiceAllowHybridFlow oidcServiceAuthorizationCodeExpiration oidcServiceAccessTokenExpiration oidcServiceIDTokenExpiration oidcServiceOfflineSessionExpiration oidcStorage oidcStorageOptions oidcServiceDynamicRegistrationExportedVars oidcServiceDynamicRegistrationExtraClaims)];
|
||||
our $oidcServiceParameters = [qw(oidcServiceMetaDataAuthorizeURI oidcServiceMetaDataTokenURI oidcServiceMetaDataUserInfoURI oidcServiceMetaDataJWKSURI oidcServiceMetaDataRegistrationURI oidcServiceMetaDataIntrospectionURI oidcServiceMetaDataEndSessionURI oidcServiceMetaDataCheckSessionURI oidcServiceMetaDataFrontChannelURI oidcServiceMetaDataBackChannelURI oidcServiceMetaDataAuthnContext oidcServicePrivateKeySig oidcServicePublicKeySig oidcServiceKeyIdSig oidcServiceAllowDynamicRegistration oidcServiceAllowOnlyDeclaredScopes oidcServiceAllowAuthorizationCodeFlow oidcServiceAllowImplicitFlow oidcServiceAllowHybridFlow oidcServiceAuthorizationCodeExpiration oidcServiceAccessTokenExpiration oidcServiceIDTokenExpiration oidcServiceOfflineSessionExpiration oidcStorage oidcStorageOptions oidcServiceDynamicRegistrationExportedVars oidcServiceDynamicRegistrationExtraClaims)];
|
||||
|
||||
1;
|
||||
|
|
|
@ -14,7 +14,7 @@ use MIME::Base64;
|
|||
use Safe;
|
||||
use Encode;
|
||||
|
||||
our $VERSION = '2.0.9';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
my $dataStart = tell(DATA);
|
||||
|
||||
|
|
|
@ -6,7 +6,7 @@ use Encode;
|
|||
use JSON;
|
||||
use Lemonldap::NG::Common::Conf::Constants;
|
||||
|
||||
our $VERSION = '2.0.12';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
BEGIN {
|
||||
*Lemonldap::NG::Common::Conf::normalize = \&normalize;
|
||||
|
|
|
@ -3,7 +3,7 @@ package Lemonldap::NG::Common::Conf::Wrapper;
|
|||
use strict;
|
||||
use JSON;
|
||||
|
||||
our $VERSION = '2.0.3';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
sub TIEHASH {
|
||||
my ( $class, $conf, $overrides ) = @_;
|
||||
|
|
|
@ -12,32 +12,22 @@ use strict;
|
|||
use Crypt::Rijndael;
|
||||
use MIME::Base64;
|
||||
use Digest::SHA;
|
||||
use Crypt::URandom;
|
||||
use bytes;
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
my ( $newIv, $randG, $hash );
|
||||
$hash = \&Digest::SHA::sha256;
|
||||
our $VERSION = '2.1.0';
|
||||
my $hash = \&Digest::SHA::sha256;
|
||||
|
||||
use constant HMAC_LENGTH => 32;
|
||||
use constant IV_LENGTH => 16;
|
||||
|
||||
# Build initialization vector subroutine
|
||||
BEGIN {
|
||||
eval { require Crypt::URandom; Crypt::URandom::urandom(IV_LENGTH) };
|
||||
if ($@) {
|
||||
$newIv = sub {
|
||||
return bytes::substr( Digest::SHA::sha1( rand() . time . {} ),
|
||||
0, IV_LENGTH );
|
||||
};
|
||||
$randG = sub { return int( rand( $_[0] ) ) };
|
||||
}
|
||||
else {
|
||||
$newIv = sub { return Crypt::URandom::urandom(IV_LENGTH) };
|
||||
$randG = sub {
|
||||
return
|
||||
int( unpack( "C", Crypt::URandom::urandom(1) ) * $_[0] / 256 );
|
||||
};
|
||||
}
|
||||
sub newIv {
|
||||
return Crypt::URandom::urandom(IV_LENGTH);
|
||||
}
|
||||
|
||||
sub randG {
|
||||
my ($max) = @_;
|
||||
return int( unpack( "C", Crypt::URandom::urandom(1) ) * $max / 256 );
|
||||
}
|
||||
|
||||
our $msg;
|
||||
|
@ -65,7 +55,7 @@ sub new {
|
|||
# @param key that secondary key
|
||||
# @return Crypt::Rijndael object
|
||||
sub _getCipher {
|
||||
my ( $self, $key ) = @_;
|
||||
my ( $self, $key, $iv ) = @_;
|
||||
$key ||= "";
|
||||
$self->{ciphers}->{$key} ||=
|
||||
Crypt::Rijndael->new( $hash->( $self->{key}, $key ), $self->{mode} );
|
||||
|
@ -87,7 +77,7 @@ sub encrypt {
|
|||
my $iv =
|
||||
$low
|
||||
? bytes::substr( Digest::SHA::sha1( rand() . time . {} ), 0, IV_LENGTH )
|
||||
: $newIv->();
|
||||
: newIv();
|
||||
my $hmac = $hash->($data);
|
||||
eval {
|
||||
$data =
|
||||
|
@ -190,7 +180,7 @@ sub _cryptHex {
|
|||
}
|
||||
my $iv;
|
||||
if ( $sub eq 'encrypt' ) {
|
||||
$iv = $newIv->();
|
||||
$iv = newIv();
|
||||
}
|
||||
$data = pack "H*", $data;
|
||||
if ( $sub eq 'decrypt' ) {
|
||||
|
@ -215,7 +205,7 @@ sub srandom {
|
|||
if ($@) {
|
||||
die 'Missing recommended dependency to String::Random';
|
||||
}
|
||||
return String::Random->new( rand_gen => $randG );
|
||||
return String::Random->new( rand_gen => \&randG );
|
||||
}
|
||||
|
||||
1;
|
||||
|
|
|
@ -6,7 +6,7 @@ use MIME::Entity;
|
|||
use Email::Sender::Simple qw(sendmail);
|
||||
use Email::Date::Format qw(email_date);
|
||||
|
||||
our $VERSION = '2.0.10';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
sub new {
|
||||
my ( $class, $conf ) = @_;
|
||||
|
|
|
@ -4,7 +4,7 @@ use strict;
|
|||
use Exporter;
|
||||
|
||||
our @ISA = qw(Exporter);
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
our @EXPORT_OK = qw(build_urlencoded);
|
||||
our @EXPORT = qw(build_urlencoded);
|
||||
|
|
176
lemonldap-ng-common/lib/Lemonldap/NG/Common/IO/Filter.pm
Normal file
176
lemonldap-ng-common/lib/Lemonldap/NG/Common/IO/Filter.pm
Normal file
|
@ -0,0 +1,176 @@
|
|||
# IO::Handle filter. Used to transform HTML::Template on the fly.
|
||||
package Lemonldap::NG::Common::IO::Filter;
|
||||
use strict;
|
||||
use IO::File;
|
||||
use Symbol;
|
||||
|
||||
#our @ISA = ('IO::File');
|
||||
|
||||
sub new {
|
||||
my ( $class, $file, $opt ) = @_;
|
||||
$opt->{_i} = ( ref $file ? $file : IO::File->new($file) )
|
||||
or die("Unable to build IO::File object $!");
|
||||
my $self = ref $class ? $class : bless gensym, $class;
|
||||
tie( *$self, $class, $opt );
|
||||
return $self;
|
||||
}
|
||||
|
||||
sub TIEHANDLE {
|
||||
my ( $class, $data ) = @_;
|
||||
return bless( $data, $class );
|
||||
}
|
||||
|
||||
sub READLINE {
|
||||
my ($self) = shift;
|
||||
my $res = $self->{_i}->getline;
|
||||
foreach my $key ( keys %$self ) {
|
||||
next if ( $key eq '_i' );
|
||||
if ( ref( $self->{$key} ) eq 'CODE' ) {
|
||||
$res =~ s/__LLNG_${key}__/$self->{$key}->()/gse;
|
||||
}
|
||||
elsif ( ref $self->{$key} eq 'ARRAY' ) {
|
||||
next;
|
||||
}
|
||||
elsif ( ref $self->{$key} ) {
|
||||
local $/ = undef;
|
||||
$res =~ s/__LLNG_${key}__/$self->{$key}->getline/gse;
|
||||
}
|
||||
}
|
||||
|
||||
# Parse strings after code/IO
|
||||
foreach my $key ( keys %$self ) {
|
||||
die "Undefined value for __LLNG_${key}__ substitution"
|
||||
unless $self->{$key};
|
||||
my $v =
|
||||
( ref $self->{$key} and ref $self->{$key} eq 'ARRAY' )
|
||||
? $self->{$key}
|
||||
: [ $self->{$key} ];
|
||||
$v = join "\n",
|
||||
map { ref $_ ? () : qq'<TMPL_INCLUDE NAME="$_.tpl">' } @$v;
|
||||
$res =~ s/__LLNG_${key}__/$v/gs;
|
||||
}
|
||||
return $res;
|
||||
}
|
||||
|
||||
sub DESTROY {
|
||||
my ($self) = @_;
|
||||
$self->close() if ( ref($self) eq 'SCALAR' );
|
||||
}
|
||||
|
||||
sub AUTOLOAD {
|
||||
no strict;
|
||||
my $self = shift;
|
||||
$AUTOLOAD =~ s/^.*:://;
|
||||
$AUTOLOAD = lc $AUTOLOAD;
|
||||
return tied( ${$self} )->{_i}->$AUTOLOAD(@_);
|
||||
}
|
||||
|
||||
1;
|
||||
__END__
|
||||
=head1 NAME
|
||||
|
||||
Lemonldap::NG::Common::IO::Filter - IO::Handle filter
|
||||
|
||||
=head1 SYNOPSIS
|
||||
|
||||
use HTML::Template;
|
||||
my $fh = Lemonldap::NG::Common::IO::Filter->new(
|
||||
'template.tpl',
|
||||
{
|
||||
# Replace all __LLNG_AUTH__ by:
|
||||
# <TMPL_INCLUDE NAME="login.tpl">
|
||||
AUTH => 'login',
|
||||
# Replace all __LLNG_CODE__ by the result of the given function
|
||||
CODE => sub {return "INCLUDED STRING"}
|
||||
}
|
||||
);
|
||||
my $h = HTML::Template->new( filehandle => $fh );
|
||||
print $h->output;
|
||||
|
||||
Input:
|
||||
|
||||
<html><body>
|
||||
__LLNG_AUTH__
|
||||
<hr>
|
||||
__LLNG_CODE__
|
||||
</body></html>
|
||||
|
||||
Output:
|
||||
|
||||
<html><body>
|
||||
<TMPL_INCLUDE NAME="login.tpl">
|
||||
<hr>
|
||||
INCLUDED STRING
|
||||
</body></html>
|
||||
|
||||
Same but with a L<IO::Handle> file:
|
||||
|
||||
use HTML::Template;
|
||||
my $file = IO::File->new('test.tpl');
|
||||
my $fh = Lemonldap::NG::Common::IO::Filter->new_from_io(
|
||||
$file,
|
||||
{
|
||||
# Replace all __LLNG_AUTH__ by:
|
||||
# <TMPL_INCLUDE NAME="login.tpl">
|
||||
AUTH => 'login',
|
||||
# Replace all __LLNG_CODE__ by the result of the given function
|
||||
CODE => sub {return "INCLUDED STRING"}
|
||||
}
|
||||
);
|
||||
my $h = HTML::Template->new( filehandle => $fh );
|
||||
print $h->output;
|
||||
|
||||
Or with an array:
|
||||
|
||||
use HTML::Template;
|
||||
my $fh = Lemonldap::NG::Common::IO::Filter->new_from_io(
|
||||
'template.tpl',
|
||||
{
|
||||
# Replace all __LLNG_AUTH__ by:
|
||||
# <TMPL_INCLUDE NAME="login.tpl"> <TMPL_INCLUDE NAME="login2.tpl">
|
||||
AUTH => [ 'login', 'login2' ],
|
||||
}
|
||||
);
|
||||
my $h = HTML::Template->new( filehandle => $fh );
|
||||
print $h->output;
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
IO::Handle filter used to transform HTML::Template files on the fly.
|
||||
|
||||
=head1 AUTHORS
|
||||
|
||||
=over
|
||||
|
||||
=item LemonLDAP::NG team L<http://lemonldap-ng.org/team>
|
||||
|
||||
=back
|
||||
|
||||
=head1 BUG REPORT
|
||||
|
||||
Use OW2 system to report bug or ask for features:
|
||||
L<https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues>
|
||||
|
||||
=head1 DOWNLOAD
|
||||
|
||||
Lemonldap::NG is available at
|
||||
L<http://forge.objectweb.org/project/showfiles.php?group_id=274>
|
||||
|
||||
=head1 COPYRIGHT AND LICENSE
|
||||
|
||||
See COPYING file for details.
|
||||
|
||||
This library is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see L<http://www.gnu.org/licenses/>.
|
||||
|
||||
=cut
|
|
@ -3,7 +3,7 @@ package Lemonldap::NG::Common::IPv6;
|
|||
use strict;
|
||||
use base 'Exporter';
|
||||
|
||||
our $VERSION = '2.0.10';
|
||||
our $VERSION = '2.1.0';
|
||||
our @EXPORT = qw(&isIPv6 &net6 &expand6);
|
||||
|
||||
sub isIPv6 {
|
||||
|
|
|
@ -2,7 +2,7 @@ package Lemonldap::NG::Common::Logger::Apache2;
|
|||
|
||||
use Apache2::ServerRec;
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
sub new {
|
||||
return bless {}, shift;
|
||||
|
|
|
@ -2,7 +2,7 @@ package Lemonldap::NG::Common::Logger::Dispatch;
|
|||
|
||||
use strict;
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
sub new {
|
||||
no warnings 'redefine';
|
||||
|
|
|
@ -3,7 +3,7 @@ package Lemonldap::NG::Common::Logger::Log4perl;
|
|||
use strict;
|
||||
use Log::Log4perl;
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
our $init = 0;
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
package Lemonldap::NG::Common::Logger::Null;
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
sub new {
|
||||
return bless {}, shift;
|
||||
|
|
|
@ -10,7 +10,7 @@ package Lemonldap::NG::Common::Logger::Sentry;
|
|||
use strict;
|
||||
use Sentry::Raven;
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
sub new {
|
||||
my $self = bless {}, shift;
|
||||
|
|
|
@ -2,7 +2,7 @@ package Lemonldap::NG::Common::Logger::Std;
|
|||
|
||||
use strict;
|
||||
|
||||
our $VERSION = '2.0.5';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
sub new {
|
||||
no warnings 'redefine';
|
||||
|
|
|
@ -3,7 +3,7 @@ package Lemonldap::NG::Common::Logger::Syslog;
|
|||
use strict;
|
||||
use Sys::Syslog qw(:standard);
|
||||
|
||||
our $VERSION = '2.0.9';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
sub new {
|
||||
my ( $class, $conf, %args ) = @_;
|
||||
|
|
|
@ -2,7 +2,7 @@ package Lemonldap::NG::Common::Logger::_Duplicate;
|
|||
|
||||
use strict;
|
||||
|
||||
our $VERSION = '2.0.6';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
sub new {
|
||||
my $self = bless {}, shift;
|
||||
|
|
|
@ -3,7 +3,7 @@ package Lemonldap::NG::Common::Module;
|
|||
use strict;
|
||||
use Mouse;
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
# Object that provides loggers and error methods (typically PSGI object)
|
||||
has p => ( is => 'rw', weak_ref => 1 );
|
||||
|
|
|
@ -4,7 +4,7 @@ use strict;
|
|||
use Mouse;
|
||||
use JSON qw(to_json);
|
||||
|
||||
our $VERSION = '2.0.8';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
extends 'Lemonldap::NG::Common::Module';
|
||||
|
||||
|
|
|
@ -11,7 +11,7 @@ use Time::Local;
|
|||
use DBI;
|
||||
use Encode;
|
||||
|
||||
our $VERSION = '2.0.8';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
extends 'Lemonldap::NG::Common::Notifications';
|
||||
|
||||
|
|
|
@ -10,7 +10,7 @@ use Mouse;
|
|||
use Time::Local;
|
||||
use MIME::Base64;
|
||||
|
||||
our $VERSION = '2.0.8';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
extends 'Lemonldap::NG::Common::Notifications';
|
||||
|
||||
|
|
|
@ -4,7 +4,7 @@ use strict;
|
|||
use Mouse;
|
||||
use JSON qw(from_json to_json);
|
||||
|
||||
our $VERSION = '2.0.8';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
sub newNotification {
|
||||
my ( $self, $jsonString, $defaultCond ) = @_;
|
||||
|
|
|
@ -13,7 +13,7 @@ use MIME::Base64 qw/encode_base64url/;
|
|||
use Net::LDAP;
|
||||
use utf8;
|
||||
|
||||
our $VERSION = '2.0.8';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
extends 'Lemonldap::NG::Common::Notifications';
|
||||
|
||||
|
|
|
@ -4,7 +4,7 @@ use strict;
|
|||
use Mouse;
|
||||
use XML::LibXML;
|
||||
|
||||
our $VERSION = '2.0.10';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
# XML parser
|
||||
has parser => (
|
||||
|
|
|
@ -3,10 +3,11 @@ package Lemonldap::NG::Common::PSGI;
|
|||
use strict;
|
||||
use Mouse;
|
||||
use JSON;
|
||||
use Lemonldap::NG::Common::IO::Filter;
|
||||
use Lemonldap::NG::Common::PSGI::Constants;
|
||||
use Lemonldap::NG::Common::PSGI::Request;
|
||||
|
||||
our $VERSION = '2.0.10';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
our $_json = JSON->new->allow_nonref;
|
||||
|
||||
|
@ -276,14 +277,23 @@ sub sendHtml {
|
|||
$args{code} ||= 200;
|
||||
$args{headers} ||= [ $req->spliceHdrs ];
|
||||
my $htpl;
|
||||
$template = ( $args{templateDir} // $self->templateDir ) . "/$template.tpl";
|
||||
|
||||
unless ( ref $template ) {
|
||||
$template =
|
||||
( $args{templateDir} // $self->templateDir ) . "/$template.tpl";
|
||||
return $self->sendError( $req, "Unable to read $template", 500 )
|
||||
unless ( -r $template and -f $template );
|
||||
eval {
|
||||
$self->logger->debug("Starting HTML generation using $template");
|
||||
}
|
||||
eval {
|
||||
require HTML::Template;
|
||||
my $io =
|
||||
$args{filter}
|
||||
? Lemonldap::NG::Common::IO::Filter->new( $template, $args{filter} )
|
||||
: ref $template ? $template
|
||||
: IO::File->new($template);
|
||||
$htpl = HTML::Template->new(
|
||||
filehandle => IO::File->new($template),
|
||||
filehandle => $io,
|
||||
path => $self->templateDir,
|
||||
search_path_on_include => 1,
|
||||
die_on_bad_params => 0,
|
||||
|
@ -305,6 +315,7 @@ sub sendHtml {
|
|||
? %{ $args{params} }
|
||||
: ()
|
||||
),
|
||||
%{ $req->{tplParams} },
|
||||
);
|
||||
};
|
||||
if ($@) {
|
||||
|
|
|
@ -5,7 +5,7 @@ use JSON;
|
|||
use Mouse;
|
||||
use Lemonldap::NG::Common::PSGI;
|
||||
|
||||
our $VERSION = '2.0.10';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
has iniFile => ( is => 'ro', isa => 'Str' );
|
||||
|
||||
|
|
|
@ -4,7 +4,7 @@ use strict;
|
|||
use Exporter 'import';
|
||||
|
||||
use base qw(Exporter);
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
# CONSTANTS
|
||||
|
||||
|
|
|
@ -6,7 +6,7 @@ use JSON;
|
|||
use Plack::Request;
|
||||
use URI::Escape;
|
||||
|
||||
our $VERSION = '2.0.10';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
our @ISA = ('Plack::Request');
|
||||
|
||||
|
@ -35,11 +35,14 @@ sub new {
|
|||
$self->{data} = {};
|
||||
$self->{error} = 0;
|
||||
$self->{respHeaders} = [];
|
||||
$self->{tplParams} = {};
|
||||
return bless( $self, $_[0] );
|
||||
}
|
||||
|
||||
sub data { $_[0]->{data} }
|
||||
|
||||
sub tplParams { $_[0]->{tplParams} }
|
||||
|
||||
sub uri { $_[0]->{uri} }
|
||||
|
||||
sub userData {
|
||||
|
|
|
@ -5,7 +5,7 @@ use Mouse;
|
|||
use Lemonldap::NG::Common::PSGI;
|
||||
use Lemonldap::NG::Common::PSGI::Constants;
|
||||
|
||||
our $VERSION = '2.0.10';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
extends 'Lemonldap::NG::Common::PSGI';
|
||||
|
||||
|
|
|
@ -8,7 +8,7 @@ use SOAP::Transport::HTTP;
|
|||
|
||||
our @ISA = ('SOAP::Transport::HTTP::Server');
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
# Call SOAP::Trace::objects().
|
||||
sub DESTROY { SOAP::Trace::objects('()') }
|
||||
|
|
|
@ -9,7 +9,7 @@ use strict;
|
|||
|
||||
require SOAP::Lite;
|
||||
|
||||
our $VERSION = '2.0.10';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
## @cmethod Lemonldap::NG::Common::PSGI::SOAPService new(object obj,string @func)
|
||||
# Constructor
|
||||
|
|
|
@ -5,7 +5,7 @@ package Lemonldap::NG::Common::Regexp;
|
|||
|
||||
use AutoLoader 'AUTOLOAD';
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
1;
|
||||
|
||||
|
|
|
@ -12,7 +12,7 @@ use Lemonldap::NG::Common::IPv6;
|
|||
use JSON::XS;
|
||||
use Date::Parse;
|
||||
|
||||
our $VERSION = '2.0.12';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
# Set here all the names of functions that must be available in Safe objects.
|
||||
# Not that only functions, not methods, can be written here
|
||||
|
|
|
@ -9,7 +9,7 @@ package Lemonldap::NG::Common::Session;
|
|||
use strict;
|
||||
use Lemonldap::NG::Common::Apache::Session;
|
||||
|
||||
our $VERSION = '2.0.10';
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
# Workaround for another ModPerl/Mouse issue...
|
||||
BEGIN {
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user