MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
25,717 Commits
34 Branches
364 Tags
187 MiB
Commit Graph

224 Commits (2.4)

Author SHA1 Message Date
Alexandre Dulaunoy 78d6f8b93f
Merge pull request #8217 from DCSO/linotp_errormessages 
[chg] LinOTP error exceptions up to the ui
 2022-03-17 15:48:35 +01:00
Hendrik Baecker eb7a1301bb [chg] LinOTP now with enable/disable as config feature 2022-03-17 15:19:58 +01:00
Hendrik Baecker c42d34faac [chg] LinOTP error exceptions up to the ui 2022-03-17 14:23:24 +01:00
Nils Kuhnert 48752ba624
Update OidcAuth readme 
Replaced required dependency.
 2022-03-17 14:12:32 +01:00
Jakub Onderka ff39069bbc fix: [oidc] Undefined index 2022-03-17 09:29:02 +01:00
Jakub Onderka 0783bda85b fix: [oidc] Specify correct column for user fetch 2022-03-15 10:20:43 +01:00
Jakub Onderka 3c8d07ca75 fix: [oidc] Throw exception if user email is empty 2022-03-15 09:55:50 +01:00
Jakub Onderka 8409a1871e chg: [oidc] Move OIDC to different class 2022-02-19 16:07:11 +01:00
Jakub Onderka f5e32123c5 chg: [oidc] Check user org when checking if user is valid 2022-02-19 16:07:11 +01:00
Jakub Onderka 316b6a9b9a chg: [oidc] Remove support for Jumbojett\OpenIDConnectClient 2022-02-19 16:07:11 +01:00
Jakub Onderka 6cb30515e7 chg: [oidc] Check user role when checking if user is valid 2022-02-19 16:07:11 +01:00
Jakub Onderka e1774abe80 new: [oidc] Check user validity 2022-02-19 16:07:10 +01:00
Jakub Onderka fc8f399b89 new: [oidc] Support for setting code challenge method 2022-02-07 14:00:48 +01:00
Jakub Onderka f2bff258f5 chg: [oidc] Store user sid in session 2022-02-04 15:13:46 +01:00
Jakub Onderka 7ae6f4af32 new: [oidc] Add new option: OidcAuth.authentication_method 2022-01-28 15:11:44 +01:00
Jakub Onderka d067e69ad5 new: [oidc] Add support for jakub-onderka/openid-connect-php OIDC fork 2022-01-28 14:24:31 +01:00
Hendrik Baecker a49ee739be [chg] Improved LinOTP error handling 
Matches if ssl verify fails for example
 2022-01-13 13:16:03 +01:00
iglocska f905eef8f0
Merge branch '8042' into develop 2021-12-21 16:42:50 +01:00
Hendrik Baecker 12ba2981ef LinOTP: nitpicking and failsafe 
Also one CodeFactor fix
 2021-12-21 15:59:55 +01:00
Hendrik Baecker 8964a36b39 [chg] Ensure 'false' if LinOTP Request fails 2021-12-21 13:48:02 +01:00
Hendrik Baecker 83c08362b9 [chg] Establish 'mixedauth' 
mixedauth=false: Only query LinOTP for OTP (or OTP-Pin+OTP Value)
mixedauth=true: Use MISP Userbase for Passwordchecking AND LinOTP for second factor

mixedauth=true will throw exceptions if OTP doesn't match to not fall back
to FormAuthenticate from MISP - which would get the 2FA useless.
 2021-12-15 12:48:44 +01:00
Hendrik Baecker f5eb5828bf [chg] Extract otp from request 2021-12-15 12:45:41 +01:00
Hendrik Baecker e58e4f712a [chg] Fix typos 2021-12-15 12:45:04 +01:00
Hendrik Baecker fecba0beec [chg] Adjust handling LinOTP response 2021-12-15 12:44:37 +01:00
Hendrik Baecker edf6bd41b7 [chg] no more php-curl but cake socket 2021-12-14 17:42:43 +01:00
Jakub Onderka 741a74165e
Merge pull request #7974 from JakubOnderka/url-cache 
fix: [internal] Remove UrlCache
 2021-11-22 15:59:59 +01:00
Jakub Onderka 0a941bd7f3 fix: [internal] Remove UrlCache 2021-11-19 11:56:14 +01:00
Jakub Onderka e8c4378893 new: [internal] Faster caching 2021-11-18 18:48:34 +01:00
Jakub Onderka 6806cdf574 new: [user] Add sub field for user 2021-11-11 16:34:27 +01:00
Thijs Kinkhorst abb8cecb7e Fix docblock formatting and add newer settings to README documentation 2021-11-05 15:53:15 +01:00
Thijs Kinkhorst a0cf77bdc9 Clarify some aspects of the Shibboleth config 2021-10-29 09:24:52 +02:00
Jakub Onderka 3773fdff93 new: [CLI] Assign UserSetting to list output 2021-10-18 10:08:20 +02:00
Jakub Onderka 2ed41a0964 new: [oidc] User setting for oidc metadata 2021-10-18 10:08:18 +02:00
Jakub Onderka 904a747738 new: [oidc] Allow to automatically unblock user after successful login 2021-08-24 20:59:09 +02:00
Liviu Valsan 4b74a0d342
chg: [shibbauth] added option to block organisation changes at login 
- New ApacheShibbAuth.BlockOrgModifications setting added, defaults to false, boolean. If set to true, will block updates to the organisation of existing users on authentication. This preserves any modifications made by a site admin in MISP and is similar to ApacheShibbauth.BlockRoleModifications (same logic applied to role modifications).
 2021-07-27 15:27:48 +02:00
mzp e1fee78dd5 Block org modiufication option for shibb auth. 2021-07-16 11:40:16 +02:00
Jakub Onderka ad1b373766 new: [log] Audit log 2021-05-03 13:44:44 +02:00
Jakub Onderka c25dd7082a
Merge pull request #7230 from jozuatec/patch-2 
Update OidcAuthenticate.php
 2021-04-20 14:46:30 +02:00
iglocska e3799d7104
Merge branch '2.4' into develop 2021-03-24 21:49:16 +01:00
Jeroen Pinoy a8e08a6892
chg: [ShibbAuth] Add login entry on logging in for audit 2021-03-23 13:32:58 +01:00
jozuatec 85040d68f1
Update OidcAuthenticate.php 
With our IDP the user roles do not get delivered through claims. With this edit (get roles through "requestUserInfo" when claims fails to do so), our IDP can deliver the roles through an "Extra Attributes" field.
I am already using this code in our production, it works fine for us.
 2021-03-22 09:36:38 +01:00
iglocska 5a917f008f
Merge branch '2.4' into develop 2021-03-16 23:15:30 +01:00
iglocska a65cb60d7a
fix: [shibbauth] fixed invalid varname 2021-03-15 20:37:25 +01:00
iglocska 2312fd72ff
chg: [shibbauth] added two extra settings 
- ApacheShibbauth.DefaultRole: defaults to false, if set, pick the supplied roleID for any user authenticating. Can be used together with BlockRoleModifications
- ApacheShibbauth.BlockRoleModifications: defaults to false, boolean. If set to true, will block any updates to the existing users on authentication. This preserves any modifications made by a site admin in MISP.
 2021-03-15 14:51:48 +01:00
Jakub Onderka 6487a079d6
Merge pull request #7138 from JakubOnderka/oidc-role-fix 
fix: [OIDC] Change algo how roles are assigned to users
 2021-03-03 13:58:47 +01:00
Jakub Onderka 6a553d39da fix: [OIDC] Change algo how roles are assigned to users 2021-03-03 13:37:08 +01:00
iglocska e7f6c10256
Merge branch '2.4' into develop 2021-03-03 01:26:18 +01:00
Andras Iklody 2fee084250
Merge pull request #6661 from cudeso/2.4 
Azure Active Directory Authentication
 2021-03-03 00:14:30 +01:00
Jakub Onderka af4e248690
Merge pull request #7094 from JakubOnderka/oidc-readme 
new: [oidc] Readme
 2021-03-01 08:59:11 +01:00
Jakub Onderka 37dd3038b1 new: [oidc] Readme 2021-03-01 08:58:45 +01:00
Jakub Onderka 8cf1bbb9a9 chg: [oidc] Use first match as user role 2021-02-27 16:54:23 +01:00
Jakub Onderka 08925f4612 new: [oidc] OpenID Connect authentication 2021-02-16 10:47:56 +01:00
Alexandre Dulaunoy 3247d3959c
Merge branch '2.4' into develop 2020-12-22 12:52:36 +01:00
Alexandre Dulaunoy 99166f9f7b
handlerSSL should be true 2020-12-22 10:48:23 +01:00
Steve Clement f6eccb65b1
Merge branch '2.4' into develop 2020-12-21 13:33:26 +09:00
iglocska 06bbde7141
Merge branch 'develop' into 2.4 2020-12-16 11:53:18 +01:00
Jakub Onderka 9310f5f871 chg: [shibb] Better log messages for ApacheShibbAuthenticate 2020-12-15 13:20:15 +01:00
Alexandre Dulaunoy ce96003b89
fix: [doc] Location typo fixed 2020-12-08 15:47:03 +01:00
Jakub Onderka 1381e6c0d4 chg: [shibb] Newly created org should be local 2020-12-04 20:40:26 +01:00
Koen Van Impe b5e67948ed Avoid "TODO" in the README to avoid CodeFactor 2020-11-27 20:29:38 +01:00
Koen Van Impe a8275e7503 Azure Active Directory Authentication 2020-11-27 12:41:23 +01:00
Jakub Onderka c9e96322a9 new: [shibb] Allow to get organisation UUID from HTTP headers 2020-11-25 21:21:14 +01:00
Jakub Onderka 088c573040 chg: [internal] Code style 2020-11-19 21:16:32 +01:00
Jakub Onderka 3a253cda6d chg: [logging] Allow to disable syslog logging to stderr 2020-11-19 21:16:31 +01:00
Jakub Onderka be1e861117 fix: [internal] Do not start session for shell commands 2020-10-31 18:12:21 +01:00
Jeroen Pinoy 2311ce2f85 Extending documentation of ShibbAuth plugin 2020-10-16 15:49:25 +00:00
mokaddem 944b613a19
Merge branch '2.4' of github.com:MISP/MISP into pr-5856 2020-05-18 09:22:46 +02:00
Jakub Onderka a0476bda3d new: [internal] Do not log auhtkeys 2020-05-04 15:13:17 +02:00
Jakub Onderka a2933030b6
fix: [internal] syslog shouldn't end with new line 
Because then two lines are logged
 2020-04-27 18:19:29 +02:00
garanews 85c28ce36e Fix some typo 
Fix some typo
 2019-10-04 13:02:59 +02:00
Andras Iklody 267e48ce66
Merge pull request #4470 from pettai/ShibbAuth 
Update README.md
 2019-04-13 18:45:18 +02:00
frpet e9352bf811 Update README.md 
Makes API Authorization work
 2019-04-13 04:32:04 +02:00
Andreas Rammhold 516cf0767b new: WIP LinOTP authentication 2019-03-13 14:15:06 +01:00
Fredrik Pettai 7d0f605ae1 add date_created for provisioned users 
add date_created then new users are provisioned via shibbauth
 2018-09-29 22:04:15 +02:00
Fredrik Pettai 69ae9155c8 fix docs 
fix docs
(DefaultRoleId is not implemented in the code)
 2018-09-28 14:33:50 +02:00
Fredrik Pettai de24c88e8c fix typo 
fix typo in error message
 2018-09-28 14:16:13 +02:00
Steve Clement 1bac3749c5 fix: [i18n] Variables are in no need to be translated, it will break stuff, horribly. 
upd: [i18n] Update default.pot again
 2018-08-21 14:48:23 +03:00
iglocska 6135468c41 new: Added full audit logging to ZMQ and Syslog, fixes #2635 
- syslog now includes all audit log entries and it's separated into proper severity levels
- ZMQ logging and syslog logging are both optional features
 2017-11-24 12:01:53 +01:00
Pablo Panero 491e826690 added possibility to use always default org for new users 2017-11-17 17:06:52 +01:00
Richard van den Berg 0e97e67be0 Allow creating users with CertAuth via userDefaults, fixes #2538 2017-10-05 11:41:54 +02:00
iglocska 48b1679216 Merge branch '2.4' into objects_wip 2017-09-18 10:41:54 +02:00
iglocska be111a4702 fix: Fix to certauth pains 2017-09-08 14:25:36 +02:00
iglocska 9c9048422a fix: fixes various issues with the certauth 2017-09-07 00:06:02 +02:00
iglocska 4230601116 fix: Fixes to various issues with the cert auth 2017-09-06 23:26:21 +02:00
iglocska d10c7cd4b0 Merge branch '2.4' into objects_wip 2017-07-02 00:08:14 +02:00
iglocska ee1c1c5de9 new: Further progress on the objects 2017-07-02 00:05:15 +02:00
Guilherme Capilé 794acb987e fixed issue #2036 2017-06-27 19:56:32 -03:00
Guilherme Capilé 4fd5df3b38 bugfixes in certificate authentication 2017-06-27 19:17:46 -03:00
Pablo Panero 8829e90547 newsread attribute fixed for user registration via sso 2017-05-11 14:49:42 +02:00
Ángel González 926895733b Cosmetic changes 
Change space indents to tabs
Remove ?> at end of file
Add or remove some indentation where appropriate
 2017-05-08 00:45:57 +02:00
Alexandre Dulaunoy 9affedaab9 Markdown typo fixed 2017-04-27 14:55:42 +02:00
Pablo Panero 0def28e57e Update README.md 
Updated readme with apache config for API/Syncs filtering from SSO
 2017-02-22 12:15:38 +01:00
devnull- 5b79e80bbf Clean & improve README.md of CertAuth 2017-02-16 18:46:34 +01:00
devnull- a40c0c456a Don't login or create an empty account if the user doesn't exist 2017-02-16 18:29:36 +01:00
ppanero bfca484c2a default org changed to id instead of name 2016-09-23 14:34:20 +02:00
ppanero 7493107634 warining due to session start fixed, warning due to org assigment when possible null fixed, readme updated 2016-09-20 16:12:31 +02:00
Andreas Ziegler 7a5dad6598 chg: use new Tool for random string generation 2016-09-15 17:07:12 +02:00
Andras Iklody 7f0ae7554d Merge pull request #1520 from ppanero/shibbsso 
stringer checks on email and nids_sid of user calculated from max
 2016-09-09 23:47:59 +02:00
ppanero 8820133ae0 stringer checks on email and nids_sid of user calculated from max 2016-09-09 10:01:42 +02:00
Alexandre Dulaunoy ad3b59e9c7 Merge pull request #1504 from ppanero/shibbsso 
shibboleth sso debug log capabilities added
 2016-09-07 11:13:31 +02:00