Commit e4345641 authored by Christophe Maudoux's avatar Christophe Maudoux 🐛
Browse files

Merge branch 'v2.0' into 2605

parents 632dc320 10126d76
......@@ -119,11 +119,11 @@ Register LL::NG to an OpenID Connect Provider
To register LL::NG, you will need to give some information like
application name or logo.
You will be asked to provide a *Redirect URI* for LemonLDAP::NG, which is constructed by appending the ``openidcallback=1`` parameter to the Portal URL.
You will be asked to provide a *Redirect URI* for LemonLDAP::NG, which is constructed by appending the ``openidconnectcallback=1`` parameter to the Portal URL.
For example:
- https://auth.example.com/?openidcallback=1
- https://auth.example.com/?openidconnectcallback=1
.. attention::
......
......@@ -26,7 +26,7 @@ Use the following form:
https://doc.integ01.dev-franceconnect.fr/inscription.
You need to provide the callback URLs, for example
https://auth.domain.com/?openidcallback=1.
https://auth.domain.com/?openidconnectcallback=1.
You will then get a ``client_id`` and a ``client_secret``.
......
......@@ -28,7 +28,7 @@ Here you can go in API Manager and get new credentials (``client_id``
and ``client_secret``).
You need to provide the callback URLs, for example
https://auth.domain.com/?openidcallback=1.
https://auth.domain.com/?openidconnectcallback=1.
Declare Google in your LL::NG server
------------------------------------
......
......@@ -18,7 +18,7 @@ you need to register to Pro Santé Connect.
Go on https://integrateurs-cps.asipsante.fr.
You need to provide the callback URLs, for example
https://auth.domain.com/?openidcallback=1.
https://auth.domain.com/?openidconnectcallback=1.
And also a logout URL, for example
https://auth.domain.com/?logout=1.
......
......@@ -1038,11 +1038,19 @@ sub tests {
# Warn if Impersonation and proxyAuthServiceImpersonation are simultaneously enabled
impersonationProxy => sub {
return ( -1,
'Impersonation and internal portal Impersonation are simultaneously enabled'
'Impersonation and internal portal Impersonation are simultaneously enabled'
)
if ( $conf->{impersonationRule}
and $conf->{proxyAuthServiceImpersonation} );
return 1;
},
# CheckDevOps requires Safe jail
checkDevOpsWithSafeJail => sub {
return ( 0, 'Safe jail must be enabled with CheckDevOps plugin' )
if ( $conf->{checkDevOps}
and !$conf->{useSafeJail} );
return 1;
}
};
}
......
......@@ -51,6 +51,12 @@ sub init {
$self->addAuthRoute( checkdevops => 'run', ['POST'] )
->addAuthRouteWithRedirect( checkdevops => 'display', ['GET'] );
unless ( $self->conf->{useSafeJail} ) {
$self->logger->warn(
'"CheckDevOps" plugin enabled WITHOUT SafeJail');
return 0;
}
return 1;
}
......
......@@ -2,27 +2,27 @@
<div id="errorcontent" class="container">
<div class="alert <TMPL_VAR NAME="ALERTE"> alert"><div class="text-center"><span trspan="<TMPL_VAR NAME="MSG">"></span></div></div>
<TMPL_IF NAME="HEADERS">
<TMPL_IF NAME="RULES">
<div class="row">
<div class="card col border-secondary">
<div class="text-center bg-light text-dark"><b><span trspan="headers">HEADERS</span></b></div>
<div class="text-center bg-light text-dark"><b><span trspan="rules">RULES</span></b></div>
<br>
<div class="font-weight-bold">
<TMPL_LOOP NAME="HEADERS">
<TMPL_VAR NAME="key">: <TMPL_VAR NAME="value"><br/>
<TMPL_LOOP NAME="RULES">
<TMPL_VAR NAME="uri">: <span trspan="<TMPL_VAR NAME="access">"><TMPL_VAR NAME="access"></span><br/>
</TMPL_LOOP>
</div>
</div>
</div>
</TMPL_IF>
<TMPL_IF NAME="RULES">
<TMPL_IF NAME="HEADERS">
<div class="row">
<div class="card col border-secondary">
<div class="text-center bg-light text-dark"><b><span trspan="rules">RULES</span></b></div>
<div class="text-center bg-light text-dark"><b><span trspan="headers">HEADERS</span></b></div>
<br>
<div class="font-weight-bold">
<TMPL_LOOP NAME="RULES">
<TMPL_VAR NAME="uri">: <span trspan="<TMPL_VAR NAME="access">"><TMPL_VAR NAME="access"></span><br/>
<TMPL_LOOP NAME="HEADERS">
<TMPL_VAR NAME="key">: <TMPL_VAR NAME="value"><br/>
</TMPL_LOOP>
</div>
</div>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment