lemonldap-ng merge requestshttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests2022-09-06T12:57:47Zhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/288Remove hardcoded 2FA types from manager2022-09-06T12:57:47ZMaxime BessonRemove hardcoded 2FA types from managerCurrently, it is rather hard to add a new registrable 2FA type (such as WebAuthn) in the manager because the list of known 2FA types is hardcoded in a lot of places.
This MR eliminates all the hardcoding by:
* Generating the filtering ...Currently, it is rather hard to add a new registrable 2FA type (such as WebAuthn) in the manager because the list of known 2FA types is hardcoded in a lot of places.
This MR eliminates all the hardcoding by:
* Generating the filtering checkboxes by iterating on $conf->{available2FSelfRegistration}
![image](/uploads/3faf6c8cad15ea233f2e243a249362ca/image.png)
* Grouping filtering parameters in a single query parameter (UBKCheck/TOTPCheck/etc => multivalued 'type')
* Reworking the angular display model to use an object and adjust displaying logic
I had to do a little change in Common::PSGI::Router to allow .html templates to be served by a given function instead of always using an auto-generated sub. This is needed because I need to pass config-dependant variables ($conf->{available2FSelfRegistration}) to the template engine in order to generate the filtering checkboxes. Maybe there was a better way to do this? @guimard cf https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/commit/12ca5e62b96a7bec59997c7702951156537e4eba
@maudoux could you try this on your test environments and let me know if you spot any regressions?
It would be nice if we could have this in 2.0.15 so we can prepare for new registrable 2FA types in 2.0.162.0.15Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/287Fix #2791 (broken portal after 2FA timeout)2022-09-02T13:20:48ZMaxime BessonFix #2791 (broken portal after 2FA timeout)2.0.15Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/28626742022-08-31T14:23:27ZChristophe Maudouxchrmdx@gmail.com2674Append Strict-Transport-Security optionAppend Strict-Transport-Security option2.0.15Christophe Maudouxchrmdx@gmail.comChristophe Maudouxchrmdx@gmail.comhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/284Resolve "2fSelfRegistration == 0 + 2fActivation == 1 leads to registrable sec...2022-08-29T08:00:16ZChristophe Maudouxchrmdx@gmail.comResolve "2fSelfRegistration == 0 + 2fActivation == 1 leads to registrable second factor being presented every time"Related to #2712Related to #27122.0.15Christophe Maudouxchrmdx@gmail.comChristophe Maudouxchrmdx@gmail.comhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/282Fix translation overrides2022-08-25T14:58:05ZMaxime BessonFix translation overridesThis PR:
* Changes the priority order between lemonldap-ng.ini and skin/mytheme/*.json. lemonldap-ng.ini now takes priority #2773
* Allows per-skin translation of email templates, using skin/mytheme/*.json #2772This PR:
* Changes the priority order between lemonldap-ng.ini and skin/mytheme/*.json. lemonldap-ng.ini now takes priority #2773
* Allows per-skin translation of email templates, using skin/mytheme/*.json #27722.0.15Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/279Allow to continue notification process with JSON response2022-07-20T07:45:44ZChristophe Maudouxchrmdx@gmail.comAllow to continue notification process with JSON responseNo objection to merge?No objection to merge?2.0.15Christophe Maudouxchrmdx@gmail.comChristophe Maudouxchrmdx@gmail.comhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/278Correctly report the calling location in test functions2022-07-12T14:43:11ZMaxime BessonCorrectly report the calling location in test functionsWith this change, failure in a test lib function (expectForm,
expectJWT...) will be reported at the calling location in the original
*.t test file, instead of being reported in the test lib
Before:
```
t/30-SAML-ReAuth-with-choice.t .. ...With this change, failure in a test lib function (expectForm,
expectJWT...) will be reported at the calling location in the original
*.t test file, instead of being reported in the test lib
Before:
```
t/30-SAML-ReAuth-with-choice.t .. 1/?
# Failed test ' URI match'
# at t/test-lib.pm line 332.
```
After:
```
t/30-SAML-ReAuth-with-choice.t .. 1/?
# Failed test ' URI match'
# at t/30-SAML-ReAuth-with-choice.t line 72.
```2.0.15Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/276clarify which port to use for handler redirection in the documentation (#2770)2023-01-12T10:13:05Zdcoutadeur dcoutadeurclarify which port to use for handler redirection in the documentation (#2770)Related to #2770Related to #27702.0.15dcoutadeur dcoutadeurdcoutadeur dcoutadeurhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/275Fix for #26902022-07-07T12:16:15ZClément OUDOTFix for #2690Override logo and label in 2fregisters template (#2690)Override logo and label in 2fregisters template (#2690)2.0.15Clément OUDOTClément OUDOThttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/273Variables placeholder in configuration2022-07-01T14:12:22ZYaddVariables placeholder in configurationAccept environment variables placeholder in configuration (Closes: #2491)Accept environment variables placeholder in configuration (Closes: #2491)2.0.15Clément OUDOTClément OUDOThttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/272#2746 do not proceed to logout if no logoutService is defined into SAML MD2022-07-12T08:41:22ZAlbert Rinceau#2746 do not proceed to logout if no logoutService is defined into SAML MDRelated to #2746
Do not proceed to logout if no logoutService is defined into SAML MDRelated to #2746
Do not proceed to logout if no logoutService is defined into SAML MD2.0.15https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/270Added info on group from Active Directory2022-08-24T12:15:44ZSimon HoggartAdded info on group from Active DirectoryInform on value to use for Active directory groupsInform on value to use for Active directory groups2.0.15Clément OUDOTClément OUDOThttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/269Add specific 2FA timeout (#2757)2022-06-16T12:33:19ZMaxime BessonAdd specific 2FA timeout (#2757)2.0.15Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/267Add IDP resolution rules for CAS/OIDC (#2753)2022-05-19T15:00:44ZMaxime BessonAdd IDP resolution rules for CAS/OIDC (#2753)2.0.15Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/266Refactor WebAuthn to share some functions with other 2F plugins2022-06-14T12:50:15ZMaxime BessonRefactor WebAuthn to share some functions with other 2F pluginsWhen implementing 2F::WebAuthn, I created some functions to manipulate $_2fDevices more easily
This PR is about integrating a new Lib::2fDevices role into the codebase with these functions
I will create another PR later to migrate all ...When implementing 2F::WebAuthn, I created some functions to manipulate $_2fDevices more easily
This PR is about integrating a new Lib::2fDevices role into the codebase with these functions
I will create another PR later to migrate all existing 2F plugins to use these functions2.0.15Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/265Use portalEnablePasswordDisplay option in password change/reset forms2022-05-16T17:42:55ZChristophe Maudouxchrmdx@gmail.comUse portalEnablePasswordDisplay option in password change/reset formsFix #2745Fix #27452.0.15Christophe Maudouxchrmdx@gmail.comChristophe Maudouxchrmdx@gmail.comhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/264Fix __ALL__ special characters with password reset by mail2022-05-14T21:07:30ZChristophe Maudouxchrmdx@gmail.comFix __ALL__ special characters with password reset by mail2.0.15Christophe Maudouxchrmdx@gmail.comChristophe Maudouxchrmdx@gmail.comhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/262New Captcha API2022-06-17T14:31:13ZMaxime BessonNew Captcha APIThis new API allows users to create custom implementations for Captchas (#2692)
see [Captcha.pod](https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/blob/8620239a8dd6f479599180950d977d90c13c0780/lemonldap-ng-portal/lib/Lemonldap/NG/Port...This new API allows users to create custom implementations for Captchas (#2692)
see [Captcha.pod](https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/blob/8620239a8dd6f479599180950d977d90c13c0780/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Captcha.pod) for details
Compatibility with the old Lib::Captcha API is kept, but only when using SecurityImage
Compatibility with old templates (CAPTCHA_SRC + captcha.tpl) is also maintained, only when using SecurityImage2.0.15Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/261add RememberAuthChoice Plugin (references #2737)2022-08-19T09:21:34Zdcoutadeur dcoutadeuradd RememberAuthChoice Plugin (references #2737)2.0.15Clément OUDOTClément OUDOThttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/260improve doc package2022-04-12T14:13:49ZMaxime Bessonimprove doc packageFix for #2738Fix for #27382.0.15Maxime BessonMaxime Besson