lemonldap-ng merge requestshttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests2023-10-16T08:41:07Zhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/391Auth::SAML serialize data in between auth steps (#2994)2023-10-16T08:41:07ZMaxime BessonAuth::SAML serialize data in between auth steps (#2994)This fixes #2994 by using an explicit afterData step in Auth::SAML instead of modifying $req->steps
(as mentionned in #3000, $req->steps is not preserved by the 2FA flow)
Special point of attention: in order for it to work with Choice, ...This fixes #2994 by using an explicit afterData step in Auth::SAML instead of modifying $req->steps
(as mentionned in #3000, $req->steps is not preserved by the 2FA flow)
Special point of attention: in order for it to work with Choice, I also had to modify Lib::Wrapper to look at $req->sessionInfo->{_choice} because $req->data->{enabledModsX} is also not preserved by the 2FA flow2.18.0Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/390Handle acr_values OIDC request parameter2023-10-10T08:16:25ZMaxime BessonHandle acr_values OIDC request parametersee #3017see #30172.18.0Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/389JWE support in OIDC2023-12-01T10:55:54ZYaddJWE support in OIDCRelated to #811
Based on !393Related to #811
Based on !3932.18.0Clément OUDOTClément OUDOThttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/388Resolve "Add a log to give details if CAS SLO request returns an error"2023-10-09T15:13:37ZClément OUDOTResolve "Add a log to give details if CAS SLO request returns an error"Related to #3022Related to #30222.18.0Clément OUDOTClément OUDOThttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/387Sync with the freshly imported Fedora spec2023-11-14T08:45:45ZXavier BachelotSync with the freshly imported Fedora specSync with the freshly imported Fedora spec.Sync with the freshly imported Fedora spec.2.17.2https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/386fix issue when using Choice and OIDC offline_access (#3018)2023-10-04T06:09:08ZYaddfix issue when using Choice and OIDC offline_access (#3018)Related to #3018Related to #30182.18.0Clément OUDOTClément OUDOThttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/385Fix #30092023-09-28T06:45:09ZMaxime BessonFix #3009Tested on Centos7 (mod_perl-2.0.11/httpd-2.4.6) and Centos9 (mod_perl-2.0.12/httpd-2.4.53)Tested on Centos7 (mod_perl-2.0.11/httpd-2.4.6) and Centos9 (mod_perl-2.0.12/httpd-2.4.53)2.18.0Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/384Fix oidc logout (#3014)2023-09-29T09:24:45ZMaxime BessonFix oidc logout (#3014)LLNG logout will break in a seemingly random way without this fix, any time a logout is processed if:
* The user has logged in to a RP
* The current LLNG process has not loaded this rp's config yet (/authorized or /token call)
It might ...LLNG logout will break in a seemingly random way without this fix, any time a logout is processed if:
* The user has logged in to a RP
* The current LLNG process has not loaded this rp's config yet (/authorized or /token call)
It might need to be released shortly, sorry for missing that use case when I implemented #2867 :disappointed:2.17.2Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/383Improve OIDC request_uri handling2023-09-20T16:50:20ZMaxime BessonImprove OIDC request_uri handlingThis MR fixes #2998 and does some other improvements regarding OIDC specs complianceThis MR fixes #2998 and does some other improvements regarding OIDC specs compliance2.17.1Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/382Keep old tmpfiles conf name in debian package2023-09-20T10:52:37ZMaxime BessonKeep old tmpfiles conf name in debian packageAfter f5ac3513, tmpfiles.d conf is no longer found in debian package:
```
# dpkg -c /root/lemonldap-ng-fastcgi-server_2.16.2-1_all.deb | grep tmpfiles.d
drwxr-xr-x root/root 0 2023-05-12 11:00 ./usr/lib/tmpfiles.d/
-rw-r--r-- r...After f5ac3513, tmpfiles.d conf is no longer found in debian package:
```
# dpkg -c /root/lemonldap-ng-fastcgi-server_2.16.2-1_all.deb | grep tmpfiles.d
drwxr-xr-x root/root 0 2023-05-12 11:00 ./usr/lib/tmpfiles.d/
-rw-r--r-- root/root 54 2023-05-12 11:00 ./usr/lib/tmpfiles.d/lemonldap-ng-fastcgi-server.conf
# dpkg -c /root/lemonldap-ng-fastcgi-server_306cf2fc.deb | grep tmpfiles.d
#
```
I fixed it by undoing the rename2.17.1YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/381Allow offline_access when oidcServiceAllowOnlyDeclaredScopes is set - #30102023-09-20T08:15:54ZYaddAllow offline_access when oidcServiceAllowOnlyDeclaredScopes is set - #3010Related to #3010Related to #30102.17.1Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/380Add a dep on SSOaaS version2023-10-02T16:01:53ZXavier BachelotAdd a dep on SSOaaS versionTentative fix for #2997Tentative fix for #29972.18.0https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/379Don't pollute configuration with configuration access parameters (#3001)2023-09-20T06:29:00ZYaddDon't pollute configuration with configuration access parameters (#3001)Related to #3001Related to #30012.17.1Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/378Patch for working with your own zh_TW and pt_BR translations in lemonldapng.ini2023-09-08T12:46:10ZMarek WójtowiczPatch for working with your own zh_TW and pt_BR translations in lemonldapng.iniPatch for working with your own zh_TW and pt_BR translations in lemonldapng.iniPatch for working with your own zh_TW and pt_BR translations in lemonldapng.ini2.18.0https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/377Resolve "Invalid URL for application logo in myapplications web service"2023-09-15T12:43:24ZClément OUDOTResolve "Invalid URL for application logo in myapplications web service"Related to #2996Related to #29962.17.1https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/376Update Systemd2023-11-20T16:57:07ZYaddUpdate SystemdThese files are included in Debian official packagesThese files are included in Debian official packages2.18.0Clément OUDOTClément OUDOThttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/375Request captcha when changing password in login flow (#2952)2023-08-29T16:47:44ZClément OUDOTRequest captcha when changing password in login flow (#2952)This is a rewrite of !371 to avoid too much changes.This is a rewrite of !371 to avoid too much changes.2.17.0Clément OUDOTClément OUDOThttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/374encrypt password in session (#2988)2023-12-15T11:31:59ZClément OUDOTencrypt password in session (#2988)The goal is to encrypt password instead of storing it in clear text if the configuration requires to keep the password in session
The password can then be decrypted in a header, attribute or post field when it needs to be sent to anothe...The goal is to encrypt password instead of storing it in clear text if the configuration requires to keep the password in session
The password can then be decrypted in a header, attribute or post field when it needs to be sent to another application2.18.0Clément OUDOTClément OUDOThttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/373Resolve "LLNG mails flagged as spam by SpamAssassin"2023-12-15T17:28:38ZYaddResolve "LLNG mails flagged as spam by SpamAssassin"Related to #2990Related to #29902.18.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/372Fix perlcritic ProhibitCaptureWithoutTest2023-08-22T13:19:11ZMaxime BessonFix perlcritic ProhibitCaptureWithoutTestThis can cause random issues in production when global $1, $2 are used
after an expression that didn't match.This can cause random issues in production when global $1, $2 are used
after an expression that didn't match.