lemonldap-ng merge requestshttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests2023-10-02T14:11:55Zhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/322Allow fontawesome icons to be used as application logos (#2853)2023-10-02T14:11:55ZMaxime BessonAllow fontawesome icons to be used as application logos (#2853)This MR changes the behavior of applications `logo`.
When it contains a dot (`.`), nothing changes, the logo is considered to be an image file.
When it doesn't contain a dot, it is treated as a Font Awesome icons, with special templat...This MR changes the behavior of applications `logo`.
When it contains a dot (`.`), nothing changes, the logo is considered to be an image file.
When it doesn't contain a dot, it is treated as a Font Awesome icons, with special template processing.
Example, replacing default LLNG icons with FA icons:
![image](/uploads/a2803b7b7a6cc879087f28526a4cc8ec/image.png)
Manager UI has been extended:
with dot:
![image](/uploads/8951d75b3b836ddac4ed662ae96d5027/image.png)
without dot:
![image](/uploads/78a3592e0e6ab95848c5f924d762a745/image.png)
a help text links to the list of [Font Awesome v4 icons](https://fontawesome.com/v4/icons/):
![image](/uploads/d2aac0a94e2a98ae42b613dc5a5c45ba/image.png)
Implementing this change required adding font awesome to the manager.
I did not update Font-Awesome version because the version provided by debian is stuck at 4.7.0, we should discuss this separately. Of course, a custom portal theme could use any higher version, or even a different icon pack2.17.0Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/365Lazy load OIDC config + enable config via hook2023-08-30T07:56:03ZMaxime BessonLazy load OIDC config + enable config via hookSee #2867
Unlike SAML, even RPs set in conf are lazy loaded because. In a future version I'll try to align SAML and CAS to this behaviorSee #2867
Unlike SAML, even RPs set in conf are lazy loaded because. In a future version I'll try to align SAML and CAS to this behavior2.17.0Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/370Documentation for Apache Apisix with OpenID Connect2023-08-29T18:49:18ZTung TranDocumentation for Apache Apisix with OpenID ConnectThe document guideline on how to configure the Apache James project with LemonLDAP and Apache ApisixThe document guideline on how to configure the Apache James project with LemonLDAP and Apache Apisix2.17.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/375Request captcha when changing password in login flow (#2952)2023-08-29T16:47:44ZClément OUDOTRequest captcha when changing password in login flow (#2952)This is a rewrite of !371 to avoid too much changes.This is a rewrite of !371 to avoid too much changes.2.17.0Clément OUDOTClément OUDOThttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/332Changes for the still in progress Fedora review2023-08-29T16:38:03ZXavier BachelotChanges for the still in progress Fedora reviewHere's the current state of the changes needed for the Fedora package review [1].
This is still considered a draft as the final review is still pending.
I'll update this PR if new items need to be added, although any preliminary feedback...Here's the current state of the changes needed for the Fedora package review [1].
This is still considered a draft as the final review is still pending.
I'll update this PR if new items need to be added, although any preliminary feedback would be indeed very appreciated
List of changes:
- Improve Summary:
- Drop updates-alternatives from %%post
- Split long line
- Drop useless comments
- Add provides for bundled javascript libraries and adapt License tag accordingly
- Add provides for bundled font and adapt License tag accordingly
- Make use of %%lm_sharedir instead of plain path
- Add BR: for uglify-js
- Move examples to %%_docdir
- Fix perms on %%lm_vardir/captcha and %%_rundir/llng-fastcgi-server
- Drop redundant dirs creation and perms change
- Conditionalize test that needs network access
- Disable lasso for F38+
[1] https://bugzilla.redhat.com/show_bug.cgi?id=20506822.17.0Clément OUDOTClément OUDOThttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/366Group LDAP Filter (#2929)2023-08-18T16:24:18ZClément OUDOTGroup LDAP Filter (#2929)Possibility to configure an LDAP filter to search for groupsPossibility to configure an LDAP filter to search for groups2.17.0Clément OUDOTClément OUDOThttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/348Remove | separator for Choice values (#2922)2023-08-18T16:20:10ZYaddRemove | separator for Choice values (#2922)2.17.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/368Make UWSGI utf8 behaviour consistent with Apache and FastCGI (#2847,#2705)2023-07-27T09:50:08ZMaxime BessonMake UWSGI utf8 behaviour consistent with Apache and FastCGI (#2847,#2705)This patch wraps the LLNG app with a middleware that ensures anything that leaves LLNG is a binary string, including header values, as per PSGI spec.
@maudoux: this will probably cause regressions for you, make sure you update macros to...This patch wraps the LLNG app with a middleware that ensures anything that leaves LLNG is a binary string, including header values, as per PSGI spec.
@maudoux: this will probably cause regressions for you, make sure you update macros to no longer use unicode2iso/iso2unicode, and review other UTF-8 related workaround you have done. There might also be some performance regressions
Since this is a breaking, but necessary change, I added a release note and a way for users to restore previous (but buggy) behavior2.17.0Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/360Export tooltip, logo and icon in myapplications REST service (#2970)2023-07-17T14:50:49ZClément OUDOTExport tooltip, logo and icon in myapplications REST service (#2970)Add AppTip, AppLogo and AppIcon in the JSON result of /myapplications
```js
{
"myapplications" : [
{
"Applications" : [
{
"Application Test 1" : {
"AppDesc" : "A simple appl...Add AppTip, AppLogo and AppIcon in the JSON result of /myapplications
```js
{
"myapplications" : [
{
"Applications" : [
{
"Application Test 1" : {
"AppDesc" : "A simple application displaying authenticated user",
"AppIcon" : "heart",
"AppTip" : "test info bulle",
"AppUri" : "http://test1.example.com:19876/"
}
},
{
"Application Test 2" : {
"AppDesc" : "The same simple application displaying authenticated user",
"AppLogo" : "http://auth.example.com:19876/static/common/apps/thumbnail.png",
"AppTip" : "Application Test 2",
"AppUri" : "http://test2.example.com:19876/"
}
}
],
"Category" : "Sample applications"
}
],
"result" : 1
}
```2.17.0Clément OUDOTClément OUDOThttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/355Add oidcDropCspHeaders parameter (#2960)2023-07-13T15:58:52ZYaddAdd oidcDropCspHeaders parameter (#2960)2.17.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/346Fix doc typo2023-07-13T14:07:54ZAlexandre KARIMFix doc typoFixing two small typos in documentation resetpassword.rst and writingrulesand_headers.rst.Fixing two small typos in documentation resetpassword.rst and writingrulesand_headers.rst.2.17.0Christophe Maudouxchrmdx@gmail.comChristophe Maudouxchrmdx@gmail.comhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/349OIDC: display also previous key in /oauth2/jwks endpoints (#2972)2023-07-13T13:07:00ZYaddOIDC: display also previous key in /oauth2/jwks endpoints (#2972)2.17.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/361Allow any ID token claim to be used as pivot attribute2023-07-13T08:53:02ZMaxime BessonAllow any ID token claim to be used as pivot attributeSee #2701
@guimard I had to slightly change OIDC backchannel to match incoming `sub` against a dedicated session attribute because `_user` is no longer always equal to OP `sub` when this new option is used.See #2701
@guimard I had to slightly change OIDC backchannel to match incoming `sub` against a dedicated session attribute because `_user` is no longer always equal to OP `sub` when this new option is used.2.17.0Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/353Reset captcha field when renewing (#2949)2023-07-12T23:37:45ZChristophe Maudouxchrmdx@gmail.comReset captcha field when renewing (#2949)2.17.0Christophe Maudouxchrmdx@gmail.comChristophe Maudouxchrmdx@gmail.comhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/351Match userControl with AuthSlave2023-07-12T22:56:45ZChristophe Maudouxchrmdx@gmail.comMatch userControl with AuthSlaveTest uid proved by AuthSLave with userControl regexpTest uid proved by AuthSLave with userControl regexp2.17.0Christophe Maudouxchrmdx@gmail.comChristophe Maudouxchrmdx@gmail.comhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/352Hide ppolicy if password is generated automatically (#2950)2023-07-12T21:59:42ZChristophe Maudouxchrmdx@gmail.comHide ppolicy if password is generated automatically (#2950)Show/hide password policy if box is un/tickedShow/hide password policy if box is un/ticked2.17.0Christophe Maudouxchrmdx@gmail.comChristophe Maudouxchrmdx@gmail.comhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/362OIDC refactoring to use accessors for config2023-07-11T13:58:37ZMaxime BessonOIDC refactoring to use accessors for configThis is preliminary work for #2867, after these changes, all access to oidcRP* / oidcOP* should be made through accessors instead of reading $self->conf
Passes regression testingThis is preliminary work for #2867, after these changes, all access to oidcRP* / oidcOP* should be made through accessors instead of reading $self->conf
Passes regression testing2.17.0Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/358Add intOrNull form (#2641)2023-07-10T17:33:35ZYaddAdd intOrNull form (#2641)2.17.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/357fix #2623 refactor ppolicy code of Lemonldap::NG::Portal::Lib::Net::LDAP2023-07-10T13:30:15Zdcoutadeur dcoutadeurfix #2623 refactor ppolicy code of Lemonldap::NG::Portal::Lib::Net::LDAPRelated to #2623Related to #26232.17.0dcoutadeur dcoutadeurdcoutadeur dcoutadeurhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/343Implement subject-id in SAML (#2934)2023-07-10T09:01:39ZMaxime BessonImplement subject-id in SAML (#2934)In order to add a subjectid() method in Safelib I had to copy encode_base32 from MIME::Base32 because it's only a few lines long and not worth adding a whole dependancy.
@guimard do I need to update debian/copyright to reflect this? Doe...In order to add a subjectid() method in Safelib I had to copy encode_base32 from MIME::Base32 because it's only a few lines long and not worth adding a whole dependancy.
@guimard do I need to update debian/copyright to reflect this? Does the borrowed code need to be a in a separate perl file, or is a simple mention in Safelib.pm enough ?
https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/343/diffs#e6a5536143c66419bc413c9e2e05ebc76795ff87_36_502.17.0Maxime BessonMaxime Besson