Commit Graph

Select branches

Hide Pull Requests

1784

2.0.13-patch-2595

2009-display-authentication-error-on-login-form-with-combination-kerberos-ldap

2595-quick-fix

2620-ppolicy-binding

2712

2715

2721

2769-doc-nginx-logs

2769-missing-handler-logs

2902-native-sso-for-mobile-app

2947

2952

2969-rest-with-oauth2

2fa-self-registered-mail

3051-message-broker-DBI

3075-SAML

3111-hide-code2f-secrets-even-from-debug-logs

3125-base-class-for-reset-by-code

3187-clicking-twice-on-2fa-code-submit-button-raises-an-error

3196

3273-admin-logout

3273-drop-access-tokens

3273-refrehToken-logout

3306-simplify-nginx-initial-configuration

3333-auditlog-json-logger

3335-level-in-auditlogs

3336-loki-logger

3338-unescape-path

3353-ldap-sasl-binding-for-active-directory-protected-users-security-group

3356-cas-hashedstore

3364-fix-public-notif-error

3364-public-notifications-no-more-shown-when-authentication-leads-to-an-error

3369-insert-sid-into-introspection

3370-conf-cli-without-manager

3374-saml-key

3382

3415-improve

3429-fix-max-age

3442-oidc-mtls

3455-block-submit-unless-recaptcha-is-loaded

3477

3488-pacc

3492-email-modern-auth

3496

3512-oidc-key-test

3515-oidc-key-test

3522-issuers-timeout

3540-sfonlyupgrade-sfrequired

3542-rfc-8707

3543-fix-globla-logout-plugin

3546-rfc-9126

3547-rfc-9207-jarm

3548-oidc-security-scheme

3549-value-2-for-oidcRPMetaDataOptionsRequirePKCE

3553-dpop-rfc-9449

3554-oidc-ciba

3555-hook-sfDeleteDevice

Fix-warnings

Moo

PKCEwithPublicRP

add-option-to-preserve-log-level-in-duplication

adminLogout-into-lemonldap-ng-sessions

allow-portal-to-be-in-maintenance

appGrid-api

automatic-hanler-wrapper

check-sid-during-auth

ci-bookworm

ci-el10

ci-image-official

clean-jwt-subs

comparison

crowdsec-scenarii

defaultRequiredAuthLevel

fix-cli-unknown-action

fix-dedup

fix-sonar

git-backend

ignorepoller-plugin

import-keycloak

increase-RDBI-perf

issue-2734-2fa-passphrase

lowercase-endpoints

mail2f-api

master

matrix-sp

messages_1772

minimal-skin

more-saml-checks

new-manager-ui

new-struct.json

new-vuejs-manager

oidc-ensure-that-confirm-is-not-in-RP-request

perlcritic

plugin-generate-uuid

portal-notif-carousel

pwa

react-ui

react-ui-2.0

refactor-ci-jobs

refactor-ppolicy-tests

register-approval

reject-browser-part-of-url

revert-b947d569

rfc-8628

save-old-master

sessionInfo-accessor

signal-usr1

systemd-crontab-generator

teogoddet/lemonldap-ng-sessionsmanager

use-moo

user-agent-decoder

userlogger-in-req

v0.8

v0.9

v1.0

v1.1

v1.2

v1.3

v1.4

v1.9

v2.0

v2.11

v2.16

v2.17

v2.18

v2.19

v2.2

v2.20

v2.21

v2.22

warnings

workflow-cas-oidc

xss-fix

debian/2.0.11+ds-4

debian/2.0.11+ds-4+deb11u1

debian/2.0.11+ds-4+deb11u2

debian/2.0.11+ds-4+deb11u4

debian/bookworm

debian/bullseye

debian/buster

debian/jessie

debian/lenny

debian/squeeze

debian/stretch

debian/wheezy

ubuntu/bionic

ubuntu/cosmic

ubuntu/disco

ubuntu/eoan

ubuntu/focal

ubuntu/groovy

ubuntu/hirsute

ubuntu/jammy

ubuntu/precise

ubuntu/trusty

ubuntu/xenial

v0.8.0

v0.8.1

v0.8.2

v0.8.3

v0.9.0

v0.9.1

v0.9.2

v0.9.3

v0.9.4

v1.0.0

v1.0.1

v1.0.2

v1.0.3

v1.0.4

v1.0.5

v1.0.6

v1.1.0

v1.1.1

v1.1.2

v1.2.0

v1.2.1

v1.2.2

v1.2.3

v1.2.4

v1.2.5

v1.3.0

v1.3.1

v1.3.2

v1.3.3

v1.4.0

v1.4.1

v1.4.10

v1.4.11

v1.4.2

v1.4.3

v1.4.4

v1.4.5

v1.4.6

v1.4.7

v1.4.8

v1.4.9

v1.9.0

v1.9.1

v1.9.10

v1.9.11

v1.9.12

v1.9.13

v1.9.14

v1.9.15

v1.9.16

v1.9.17

v1.9.18

v1.9.19

v1.9.2

v1.9.20

v1.9.21

v1.9.22

v1.9.3

v1.9.4

v1.9.5

v1.9.6

v1.9.7

v1.9.8

v1.9.9

v2.0.0

v2.0.1

v2.0.10

v2.0.11

v2.0.12

v2.0.13

v2.0.14

v2.0.15

v2.0.15.1

v2.0.16

v2.0.2

v2.0.3

v2.0.4

v2.0.5

v2.0.6

v2.0.7

v2.0.8

v2.0.9

v2.16.1

v2.16.2

v2.16.3

v2.16.4

v2.16.5

v2.16.6

v2.16.7

v2.17.0

v2.17.1

v2.17.2

v2.18.0

v2.18.1

v2.18.2

v2.19.0

v2.19.1

v2.19.2

v2.20.0

v2.20.1

v2.20.2

v2.21.0

v2.21.1

v2.21.2

v2.21.3

v2.22.0

v2.22.1

v2.22.2

Mono Color

• 92e85097f6 Merge branch 'crowdsec-scenarii' into 'v2.0' Yadd 2026-03-01 16:19:35 +0000
• b693d32e59 Extend CrowdSecFilter to support named scenarios via .scenario files. crowdsec-scenarii Yadd 2026-03-01 12:09:38 +0100
• 06dced243f Merge branch '3555-hook-sfDeleteDevice' into 'v2.0' dcoutadeur dcoutadeur 2026-02-27 17:54:02 +0000
• fa1bafbfc1 add sfDeleteDevice hook (#3555) 3555-hook-sfDeleteDevice David Coutadeur 2026-02-24 17:46:13 +0100
• 56eda4f1bb Merge branch '3546-rfc-9126' into 'v2.0' Yadd 2026-02-27 13:11:14 +0000
• b9c464413b Merge branch '3496-2' into 'v2.0' v2.0 Maxime Besson 2026-02-27 10:23:09 +0000
• 1a903d1293 Merge branch '3496-2' into 'v2.0' Christophe Maudoux 2026-02-27 11:22:36 +0100
• f0770a421e Merge branch '3548-oidc-security-scheme' into 'v2.0' Yadd 2026-02-27 10:22:03 +0000
• 63c841c685 Merge branch '3540-sfonlyupgrade-sfrequired' into 'v2.0' Maxime Besson 2026-02-26 09:30:15 +0000
• ffe3d92b14 Merge branch '3558-duplicate-buttons' into 'v2.0' Yadd 2026-02-25 17:34:17 +0000
• 0c274ca254 Merge branch '3558-duplicate-buttons' into 'v2.0' Yadd 2026-02-25 17:06:16 +0000
• f59f623514 Add duplicate feature for SAML SP and CAS App clients Yadd 2026-02-25 18:02:31 +0100
• 681f682dad Add duplicate feature for OIDC RP clients (#3558) Yadd 2026-02-25 18:00:57 +0100
• 62d0552549 Merge branch 'minimal-skin' into 'v2.0' Yadd 2026-02-25 16:14:29 +0000
• 9f44d00071 Merge branch '3519-glpi-configuration-docs' into 'v2.0' Abhishek Pai 2026-02-24 22:25:11 +0000
• a8f1b475d1 Update Kerberos doc Maxime Besson 2026-02-24 14:37:56 +0100
• 37fcd1caf8 Fix unit tests Maxime Besson 2025-12-09 18:12:05 +0100
• 051fc52286 Documentation for #3496 Maxime Besson 2025-11-04 13:40:35 +0100
• a8daaf1e7a Unit test for #3496 Christophe Maudoux 2025-10-31 17:26:11 +0100
• 43b210ad8e Expose audience to OAuth2 handler rules (#3496) Maxime Besson 2025-11-04 13:45:37 +0100
• faf2a2139d Use OIDCPlugin 3546-rfc-9126 Yadd 2026-02-20 21:34:39 +0100
• d9f5b9f7d2 Add PAR into oidc-security.rst Yadd 2026-02-19 09:39:04 +0100
• 674ad14804 Add PAR test with JWS auth Yadd 2026-02-19 07:55:03 +0100
• 0fe7f6f56a Implement PAR on Auth/OIDC side (#3546) Yadd 2026-02-18 20:44:34 +0100
• 0419c828a7 Add PAR doc (#3546) Yadd 2026-02-17 23:04:54 +0100
• 2b3fe0cea8 [OIDC] Implement RFC 9128 (Pushed Authorization Requests == SAML Artefact for OIDC) Yadd 2026-02-17 22:58:18 +0100
• 85c0a82e58 Merge branch '3543-fix-globla-logout-plugin' into 'v2.0' Yadd 2026-02-24 09:40:09 +0000
• e0a9377884 Merge branch 'oauth-mtls-client-auth' into 'v2.0' Raphael Geissert 2026-02-24 09:40:06 +0000
• 9195da6842 Merge branch '3551-rfc9701-jwt-introspection' into 'v2.0' Yadd 2026-02-24 09:37:32 +0000
• 2570745e76 Merge branch '3551-rfc9701-jwt-introspection' into 'v2.0' Yadd 2026-02-23 15:30:15 +0000
• 0c46dcfda3 Implement JWS/JWE responses for introspection (RFC 9701, #3551) Yadd 2026-02-19 10:44:40 +0100
• 07fe41941d Merge branch '3442-oidc-mtls' into 'v2.0' Yadd 2026-02-23 14:58:59 +0000
• 553d77de95 Implement mTls authentication for OIDC endmpoints (RFC 8705, #3442) 3442-oidc-mtls Yadd 2026-02-20 07:59:17 +0100
• bde0f13f49 Merge branch '3353-ldap-sasl-binding-for-active-directory-protected-users-security-group' into 'v2.0' Clément OUDOT 2026-02-23 14:51:17 +0000
• 9478d2d951 Merge branch '3477' into 'v2.0' Christophe Maudoux 2026-02-23 15:51:11 +0100
• 49e7511cff Merge branch '3488-pacc' into 'v2.0' Yadd 2026-02-23 14:51:09 +0000
• 6808b7223f Merge branch '3455-block-submit-unless-recaptcha-is-loaded' into 'v2.0' Yadd 2026-02-23 14:49:47 +0000
• 167e8e0889 Merge branch '3515-oidc-key-test' into 'v2.0' Maxime Besson 2026-02-23 14:49:44 +0000
• 297cf3edb7 Merge branch 'import-keycloak' into 'v2.0' Yadd 2026-02-23 14:49:42 +0000
• 1067f5c593 Merge branch 'warnings' into 'v2.0' Christophe Maudoux 2026-02-23 15:49:41 +0100
• 3a40470c20 Merge branch '3542-rfc-8707' into 'v2.0' Yadd 2026-02-23 14:49:32 +0000
• 8e16b29550 Merge branch '3547-rfc-9207-jarm' into 'v2.0' Yadd 2026-02-23 14:49:29 +0000
• a50f37f747 Merge branch '3554-oidc-ciba' into 'v2.0' Yadd 2026-02-23 14:04:53 +0000
• 664eb991e2 Merge branch '3522-issuers-timeout' into 'v2.0' Maxime Besson 2026-02-22 21:50:18 +0000
• 06197b511e Merge branch 'rfc-8628' into 'v2.0' Yadd 2026-02-21 05:59:41 +0000
• 8c914a5472 Add DPoP inside schema 3548-oidc-security-scheme Yadd 2026-02-21 06:56:56 +0100
• 936fb27536 Merge branch '3553-dpop-rfc-9449' into 'v2.0' Yadd 2026-02-21 05:52:00 +0000
• 197320dabd Add schema to doc/sources/admin/oidc-security.rst Yadd 2026-02-20 06:58:33 +0100
• 9ff411e243 Merge branch '3549-value-2-for-oidcRPMetaDataOptionsRequirePKCE' into 'v2.0' Yadd 2026-02-20 20:58:44 +0000
• e53df677c2 PKCE: add "2" value to require PKCE only if secret is not given 3549-value-2-for-oidcRPMetaDataOptionsRequirePKCE Yadd 2026-02-18 16:18:05 +0100
• 908a49c257 Use Lib::OIDCPlugin 3488-pacc Yadd 2026-02-20 21:56:39 +0100
• 7ca603adbe allow pacc.json for auth users also: maybe used by a webmail Yadd 2025-10-17 13:01:16 +0200
• c19a51d7c0 Add PACC (Provider Automatic Configuration for Clients) plugin Yadd 2025-10-17 11:29:59 +0200
• 6358450860 Use Lib::OIDCPlugin 3547-rfc-9207-jarm Yadd 2026-02-20 21:53:01 +0100
• 0ef5d13661 Add JARM into oidc-security.rst Yadd 2026-02-19 09:45:17 +0100
• 1d73addb15 Add new hooks doc Yadd 2026-02-18 14:17:10 +0100
• 3951cbd0b4 Update JARM doc Yadd 2026-02-18 14:11:27 +0100
• 7aed266fdf Implement JARM into Auth::OpenIDConnect Yadd 2026-02-18 11:26:06 +0100
• 2f9e04d169 Add JARM doc Yadd 2026-02-17 23:56:45 +0100
• 521e28f08b Implement JARM (JWT Secured Authorization Response Mode) Yadd 2026-02-17 23:51:59 +0100
• 5c71fb70b4 Add oidcBuildAuthorizationResponse hook Yadd 2026-02-17 23:46:11 +0100
• 8974357054 Use Lib::OIDCPlugin rfc-8628 Yadd 2026-02-20 21:47:58 +0100
• 2f92f448f0 manifest Yadd 2026-01-13 13:38:21 +0100
• 50d126a676 Add some auditLog Yadd 2025-12-20 07:11:04 +0100
• 5d723eaddb Implement security part of RFC8628 Yadd 2025-12-18 17:21:14 +0100
• 376d8fc832 More tests for RFC-8628 with PKCE Yadd 2025-12-18 10:10:09 +0100
• 7e5ad15244 ALlow device enrollment using PKCE Yadd 2025-12-18 08:24:32 +0100
• 6025146cd8 Implement RFC 8628 Yadd 2025-12-14 08:41:20 +0100
• b8bf269911 Add path to OIDCPlugin.pm Yadd 2026-02-20 21:36:42 +0100
• 2414f42425 Implement RFC 8707 (#3542) 3542-rfc-8707 Yadd 2026-02-11 21:46:28 +0100
• 272aaa3b5f DPoP: Add documentation + non standard Introspection validation 3553-dpop-rfc-9449 Yadd 2026-02-20 16:31:43 +0100
• 8a68338427 Implement "Demonstrating Proof of Possession (DPoP)" - RFC 9449 Yadd 2026-02-20 15:52:11 +0100
• 2fe36dd25b Implement OpenID Connect Client-Initiated Backchannel Authentication flow 3554-oidc-ciba Yadd 2026-02-20 21:11:05 +0100
• d4adaf4d74 Merge branch 'oidc-plugin-tmpl' into 'v2.0' Yadd 2026-02-20 18:22:43 +0000
• e422f7eccf Merge branch 'oidc-plugin-tmpl' into 'v2.0' Yadd 2026-02-20 17:55:01 +0000
• b4fc4a49b4 little refactor for OIDC plugins Yadd 2026-02-20 18:53:59 +0100
• 4d9751f200 Fix manager tests Yadd 2026-02-20 16:06:36 +0100
• 9424db628c Bad copy/paste Yadd 2026-02-20 15:00:48 +0100
• c0746a550f doc: remind users to quote the GrantSession message Maxime Besson 2026-02-20 11:47:16 +0100
• eacb722e20 Merge branch '3078-rest-attributes' into 'v2.0' Maxime Besson 2026-02-20 10:04:21 +0000
• b01f504d3a Merge branch '3078-rest-attributes' into 'v2.0' Maxime Besson 2026-02-20 10:02:16 +0000
• 0ab80384ff Another improvement for traces Yadd 2026-02-20 10:56:59 +0100
• 0ea6207bf2 Better remote-user detecteion when protection=none Yadd 2026-02-20 10:40:50 +0100
• 76f2e606b4 Merge branch '3051-message-broker-DBI' into 'v2.0' Yadd 2026-02-20 06:30:58 +0000
• a1d20b9f0b Documentation for #3078 Maxime Besson 2026-02-19 17:00:09 +0100
• 225aeb502f Unit test for #3078 Maxime Besson 2026-02-18 18:07:11 +0100
• fa26f10a77 Add extra arguments to REST calls (#3078) Maxime Besson 2026-02-18 18:22:56 +0100
• 972c94448d refactor Lib::REST to automatically handle Url/Args (#3078) Maxime Besson 2024-01-05 15:32:50 +0100
• 428971fc08 Add manager attributes for #3078 Maxime Besson 2024-01-05 14:24:39 +0100
• 524fe72969 Harmonize key management into Build/Attributes.pm, no functional change Yadd 2026-02-19 14:21:57 +0100
• 60515e4fde Merge branch '3548-improve-oidc-security-doc' into 'v2.0' Yadd 2026-02-19 06:55:54 +0000
• b6b77e3567 Return SLO error if a BCL failed during GlobalLogout 3543-fix-globla-logout-plugin Yadd 2026-02-19 07:20:31 +0100
• 4e5310960d Merge branch '3548-improve-oidc-security-doc' into 'v2.0' Yadd 2026-02-19 05:36:50 +0000
• 8b30073740 AI review Yadd 2026-02-19 06:36:35 +0100
• fba58f427d Better doc for OIDC security Yadd 2026-02-19 06:31:38 +0100
• 44df2b23be Improve OIDC security doc Yadd 2026-02-18 20:32:22 +0100
• 5db469ec56 Use process to iterate on session inside _triggerBackChannelLogout Yadd 2026-02-18 20:05:33 +0100
• a0e1f41800 Merge branch '3548-rfc9700-iss-parameter' into 'v2.0' Yadd 2026-02-18 13:20:58 +0000
• 23c135375e Merge branch '3548-rfc9700-iss-parameter' into 'v2.0' Yadd 2026-02-18 12:52:02 +0000
• 35da26c748 Merge branch '3548-rfc9700-pkce-downgrade' into 'v2.0' Yadd 2026-02-18 12:51:59 +0000