lemonldap-ng merge requestshttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests2024-03-28T16:36:33Zhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/472Allow dynamic portal URL2024-03-28T16:36:33ZMaxime BessonAllow dynamic portal URLThis MR fixes #3040 by restoring the ability to have a sub as the portal URL in the handler, and making the portal aware of this.
The main mechanism is storing the portal URL in the $req object.
It can be enabled like this:
```
...This MR fixes #3040 by restoring the ability to have a sub as the portal URL in the handler, and making the portal aware of this.
The main mechanism is storing the portal URL in the $req object.
It can be enabled like this:
```
# auto-set the cookie domain to the portal subdomain
domain => '#PORTALDOMAIN#',
# use auth.acme.com for all apps on *.acme.com, and auth.example.com in every other case (including CDA)
portal =>
'inDomain("acme.com") ? "http://auth.acme.com/" : "http://auth.example.com/"',
```
I have also ported some, but no all features of LemonLDAP to be compatible with this new ability:
* OIDC Issuer
* WebAuthn/U2F
But not Auth::SSL (as of yet)
I have written some minimal unit tests, and will be conducting some in-situation testing with a user over the next months. This therefore should be considered a beta feature (which is why I haven't documented it yet)2.19.0Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/470Draft: add common lib to reset password2024-03-27T10:21:30ZYaddDraft: add common lib to reset passwordRelated to #3125Related to #31252.20.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/468#1848: Showing Authentication Schema based on Auth Level2024-03-27T10:13:22ZAbhishek Pai#1848: Showing Authentication Schema based on Auth LevelRelated to #1848Related to #18482.19.0https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/462Change session storage2024-03-28T19:26:20ZYaddChange session storageRelated to #3075
Known problems:
* Plugin "Refresh"Related to #3075
Known problems:
* Plugin "Refresh"2.19.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/454Add Jitsi Meet issuer2024-03-27T04:30:35ZMaxime BessonAdd Jitsi Meet issuerRelated to #3103Related to #31032.19.0Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/436Draft: OpenID Connect Native SSO for Mobile Apps (#2902)2024-03-27T10:37:30ZYaddDraft: OpenID Connect Native SSO for Mobile Apps (#2902)2.20.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/435Improve systemd support and sync with Debian2024-03-27T11:21:20ZXavier BachelotImprove systemd support and sync with DebianI'm not sure yet renaming the fastcgi server unit file is such a great idea, I need to test an upgrade, but it was suggested in #3082I'm not sure yet renaming the fastcgi server unit file is such a great idea, I need to test an upgrade, but it was suggested in #30822.19.0https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/421rpm: Move httpd configs to their respective sub-packages2024-03-25T10:36:59ZXavier Bachelotrpm: Move httpd configs to their respective sub-packagesCurrently all httpd configurations are provided by lemonldap-ng-conf subpackage.
When installing LLNG components on several servers, httpd will thus not start because some resources specified in the httpd conf files may not be available.Currently all httpd configurations are provided by lemonldap-ng-conf subpackage.
When installing LLNG components on several servers, httpd will thus not start because some resources specified in the httpd conf files may not be available.2.19.0https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/416Automatic wrapper for handler platforms2023-12-13T14:04:49ZYaddAutomatic wrapper for handler platformsTaken from old master branchTaken from old master branch2.19.0Clément OUDOTClément OUDOThttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/413Handle USR1 signal to launch configuration reload (#3052)2023-12-05T02:16:22ZYaddHandle USR1 signal to launch configuration reload (#3052)Note that Plack system kills the process which receive signal USR1 after the `$handleUsr1->()` call, but anyway the `reloadConf()` method updates conf cache.
This provide another way to reload caches.
NB2: I think we could use 'USR2' t...Note that Plack system kills the process which receive signal USR1 after the `$handleUsr1->()` call, but anyway the `reloadConf()` method updates conf cache.
This provide another way to reload caches.
NB2: I think we could use 'USR2' to force reading MessageBroker messages in !4122.19.0Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/412Draft: Use message brokers to dispatch information in realtime (#3051)2023-12-02T04:07:09ZYaddDraft: Use message brokers to dispatch information in realtime (#3051)2.19.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/411Draft: Minimal skin (#3015)2023-12-01T06:26:32ZYaddDraft: Minimal skin (#3015)2.19.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/399Resolve "OKTA 2FA module"2024-03-19T11:41:34ZClément OUDOTResolve "OKTA 2FA module"New 2FA module for #3038New 2FA module for #30382.19.0Clément OUDOTClément OUDOThttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/359Draft: Authorize OAuth2 tokens to access to authenticated REST API2023-07-18T08:15:49ZYaddDraft: Authorize OAuth2 tokens to access to authenticated REST APIRelated to #2969Related to #2969In discussionMaxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/333Draft: Allow syslog to send logs to a remote host (#2890)2024-03-27T10:23:11ZYaddDraft: Allow syslog to send logs to a remote host (#2890)2.20.0YaddYaddhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/327Draft: Check sid in authorization_code flow (#2255, #2862)2023-11-20T16:54:02ZYaddDraft: Check sid in authorization_code flow (#2255, #2862)In discussionhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/255Set env_proxy=1 to LLNG::UserAgent (#2715)2023-12-17T02:33:46ZYaddSet env_proxy=1 to LLNG::UserAgent (#2715)3.0.0Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/212Draft: userlogger in req2023-07-07T09:00:23ZYaddDraft: userlogger in reqAdd `$req->userLogger` object (#2565)Add `$req->userLogger` object (#2565)3.0.0Maxime BessonMaxime Bessonhttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/200Increase RDBI performance2022-07-13T15:39:37ZYaddIncrease RDBI performance * Group inserts to increase RDBI store: unlike other backends, RDBI::store() isn't a single SQL request, then it takes to much time to commit each parameter. The idea here is to group them (10 in each) * Group inserts to increase RDBI store: unlike other backends, RDBI::store() isn't a single SQL request, then it takes to much time to commit each parameter. The idea here is to group them (10 in each)3.0.0Clément OUDOTClément OUDOThttps://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/181Draft: Sessionsmanager2023-11-21T08:51:47ZTéo GODDETDraft: SessionsmanagerThis MR create a page that can be used to manage sessions (delete) and see oidc token (Maybe I should add the possibility to delete a single oidc token instead of the whole associated session)
This feature could be added as a plugin. (B...This MR create a page that can be used to manage sessions (delete) and see oidc token (Maybe I should add the possibility to delete a single oidc token instead of the whole associated session)
This feature could be added as a plugin. (But there is no link to the page except if added as an portal app.
Or as a portal module. Don't what would be the bests.3.0.0Clément OUDOTClément OUDOT