Brady Wetherington
4b96721393
Attempt to de-escalate SAML login and logout errors
2024-08-13 14:55:13 +01:00
snipe
ae9085b11f
Modernize use statements, switch to auth()
...
Signed-off-by: snipe <snipe@snipe.net>
2024-07-04 20:49:22 +01:00
Brady Wetherington
6df9742664
Built a workaround for backup notification translations
2024-06-27 13:17:16 +01:00
Brady Wetherington
30cafef9f2
Add a reasonable-looking SAML baseurl, mosty for users behind proxies
2024-06-26 13:25:11 +01:00
snipe
fb233c0aa4
Cleaned up facade names and references
...
Signed-off-by: snipe <snipe@snipe.net>
2024-05-29 12:38:15 +01:00
Brady Wetherington
401e1842ee
Fixed pluralization bug due to dashed-locale names instead of underscored
...
Our locale directories are named things like 'en-US'. But the pluralization
code used by Laravel (through Symfony) requires locale names to be
in the format en_US. This change introduces a new Translator,
SnipeTranslator, which is a tiny set of changes against the built-in
one. It additionally adds a SnipeTranslationServiceProvider, which
loads up the new Translator.
2024-01-26 15:40:55 +00:00
Brady Wetherington
81b8243e1d
Enforce SAML assertion ID uniqueness and notValidOnOrAfter attribute
2024-01-25 19:53:24 +00:00
snipe
161999fbca
Fixed #12772 - use the APP_URL config more consistently
...
Signed-off-by: snipe <snipe@snipe.net>
2023-04-05 16:05:40 -07:00
snipe
8a8575bf2d
Made constant DATA_SESSION_KEY public
...
Signed-off-by: snipe <snipe@snipe.net>
2023-02-06 12:40:32 -08:00
snipe
910fc08406
Dropped log level to warn on SAML error
...
Signed-off-by: snipe <snipe@snipe.net>
2022-06-02 17:07:49 -07:00
Brady Wetherington
4e65a8d755
Reduce SAML debugging output to actual error conditions
2022-05-17 19:54:14 -07:00
snipe
780222d372
Merge remote-tracking branch 'origin/master' into develop
...
Signed-off-by: snipe <snipe@snipe.net>
# Conflicts:
# app/Http/Controllers/Api/AssetsController.php
# app/Http/Controllers/Auth/LoginController.php
# resources/views/users/print.blade.php
2022-05-10 17:26:26 -07:00
snipe
f4650c65db
Clearer phrasing for log
...
Signed-off-by: snipe <snipe@snipe.net>
2022-05-10 13:00:48 -07:00
snipe
d3830a44d8
Added more verbose messaging
...
Signed-off-by: snipe <snipe@snipe.net>
2022-05-10 12:40:50 -07:00
snipe
5869b6ed0c
And still more debugging
...
Signed-off-by: snipe <snipe@snipe.net>
2022-05-10 12:38:46 -07:00
Brady Wetherington
c8fe929e09
Add new UserAccountControl to permitted UAC's for AD.
2022-01-12 12:07:51 -08:00
Brady Wetherington
4dda28de9e
WIP: cleaning up LDAP
2021-10-28 18:19:50 -07:00
snipe
e27065fe16
Merge branch 'develop-v6-integration' into develop-v6-rc1
...
Signed-off-by: snipe <snipe@snipe.net>
# Conflicts:
# .all-contributorsrc
# README.md
# app/Console/Commands/ResetDemoSettings.php
# app/Helpers/Helper.php
# app/Http/Controllers/Api/AccessoriesController.php
# app/Http/Controllers/Api/AssetsController.php
# app/Http/Controllers/Api/CategoriesController.php
# app/Http/Controllers/Api/ComponentsController.php
# app/Http/Controllers/Api/ConsumablesController.php
# app/Http/Controllers/Api/LocationsController.php
# app/Http/Controllers/Api/StatuslabelsController.php
# app/Http/Controllers/Api/SuppliersController.php
# app/Http/Controllers/AssetMaintenancesController.php
# app/Http/Controllers/Auth/ForgotPasswordController.php
# app/Http/Controllers/DepreciationsController.php
# app/Http/Controllers/ReportsController.php
# app/Http/Controllers/SettingsController.php
# app/Http/Requests/ImageUploadRequest.php
# app/Http/Transformers/ActionlogsTransformer.php
# app/Http/Transformers/DepreciationsTransformer.php
# app/Listeners/CheckoutableListener.php
# app/Models/Accessory.php
# app/Models/Asset.php
# app/Models/Company.php
# app/Models/Ldap.php
# app/Models/User.php
# app/Presenters/AssetPresenter.php
# app/Presenters/CategoryPresenter.php
# composer.json
# composer.lock
# config/version.php
# database/factories/AssetModelFactory.php
# database/migrations/2020_10_22_233743_move_accessory_checkout_note_to_join_table.php
# database/seeds/AssetModelSeeder.php
# package-lock.json
# public/css/build/AdminLTE.css
# public/css/build/app.css
# public/css/build/overrides.css
# public/css/dist/all.css
# public/css/dist/bootstrap-table.css
# public/css/dist/skins/skin-black-dark.css
# public/css/dist/skins/skin-black-dark.min.css
# public/css/dist/skins/skin-black.css
# public/css/dist/skins/skin-black.min.css
# public/css/dist/skins/skin-blue-dark.css
# public/css/dist/skins/skin-blue-dark.min.css
# public/css/dist/skins/skin-blue.css
# public/css/dist/skins/skin-blue.min.css
# public/css/dist/skins/skin-contrast.css
# public/css/dist/skins/skin-contrast.min.css
# public/css/dist/skins/skin-green-dark.css
# public/css/dist/skins/skin-green-dark.min.css
# public/css/dist/skins/skin-green.css
# public/css/dist/skins/skin-green.min.css
# public/css/dist/skins/skin-orange-dark.css
# public/css/dist/skins/skin-orange-dark.min.css
# public/css/dist/skins/skin-orange.css
# public/css/dist/skins/skin-orange.min.css
# public/css/dist/skins/skin-purple-dark.css
# public/css/dist/skins/skin-purple-dark.min.css
# public/css/dist/skins/skin-purple.css
# public/css/dist/skins/skin-purple.min.css
# public/css/dist/skins/skin-red-dark.css
# public/css/dist/skins/skin-red-dark.min.css
# public/css/dist/skins/skin-red.css
# public/css/dist/skins/skin-red.min.css
# public/css/dist/skins/skin-yellow-dark.css
# public/css/dist/skins/skin-yellow-dark.min.css
# public/css/dist/skins/skin-yellow.css
# public/css/dist/skins/skin-yellow.min.css
# public/js/build/app.js
# public/js/build/vendor.js
# public/js/dist/all.js
# public/js/dist/bootstrap-table.js
# public/mix-manifest.json
# resources/assets/js/vue.js
# resources/lang/af/validation.php
# resources/lang/ar/admin/settings/general.php
# resources/lang/ar/validation.php
# resources/lang/bg/admin/settings/general.php
# resources/lang/bg/validation.php
# resources/lang/cs/admin/settings/general.php
# resources/lang/cs/validation.php
# resources/lang/cy/help.php
# resources/lang/cy/validation.php
# resources/lang/da/admin/settings/general.php
# resources/lang/da/validation.php
# resources/lang/de/admin/settings/general.php
# resources/lang/de/validation.php
# resources/lang/el/validation.php
# resources/lang/en-GB/admin/settings/general.php
# resources/lang/en-GB/validation.php
# resources/lang/en-ID/admin/hardware/table.php
# resources/lang/en-ID/admin/settings/general.php
# resources/lang/en-ID/validation.php
# resources/lang/es-CO/admin/settings/general.php
# resources/lang/es-CO/auth/message.php
# resources/lang/es-CO/button.php
# resources/lang/es-CO/help.php
# resources/lang/es-CO/validation.php
# resources/lang/es-ES/admin/settings/general.php
# resources/lang/es-ES/auth/message.php
# resources/lang/es-ES/button.php
# resources/lang/es-ES/help.php
# resources/lang/es-ES/validation.php
# resources/lang/es-MX/admin/settings/general.php
# resources/lang/es-MX/validation.php
# resources/lang/es-VE/admin/settings/general.php
# resources/lang/es-VE/auth/message.php
# resources/lang/es-VE/button.php
# resources/lang/es-VE/help.php
# resources/lang/es-VE/validation.php
# resources/lang/et/validation.php
# resources/lang/fa/validation.php
# resources/lang/fi/admin/settings/general.php
# resources/lang/fi/validation.php
# resources/lang/fil/validation.php
# resources/lang/fr/admin/settings/general.php
# resources/lang/fr/validation.php
# resources/lang/ga-IE/validation.php
# resources/lang/he/admin/settings/general.php
# resources/lang/he/general.php
# resources/lang/he/validation.php
# resources/lang/hr/validation.php
# resources/lang/hu/validation.php
# resources/lang/id/validation.php
# resources/lang/is/admin/categories/general.php
# resources/lang/is/admin/companies/message.php
# resources/lang/is/admin/companies/table.php
# resources/lang/is/admin/components/general.php
# resources/lang/is/admin/components/table.php
# resources/lang/is/admin/consumables/table.php
# resources/lang/is/admin/depreciations/general.php
# resources/lang/is/admin/depreciations/message.php
# resources/lang/is/admin/hardware/form.php
# resources/lang/is/admin/hardware/general.php
# resources/lang/is/admin/hardware/message.php
# resources/lang/is/admin/hardware/table.php
# resources/lang/is/admin/kits/general.php
# resources/lang/is/admin/licenses/form.php
# resources/lang/is/admin/licenses/general.php
# resources/lang/is/admin/locations/table.php
# resources/lang/is/admin/manufacturers/table.php
# resources/lang/is/admin/reports/message.php
# resources/lang/is/admin/settings/general.php
# resources/lang/is/admin/settings/message.php
# resources/lang/is/admin/statuslabels/message.php
# resources/lang/is/admin/suppliers/message.php
# resources/lang/is/admin/suppliers/table.php
# resources/lang/is/admin/users/table.php
# resources/lang/is/mail.php
# resources/lang/is/validation.php
# resources/lang/it/admin/settings/general.php
# resources/lang/it/validation.php
# resources/lang/iu/validation.php
# resources/lang/ja/mail.php
# resources/lang/ja/validation.php
# resources/lang/ko/validation.php
# resources/lang/lt/validation.php
# resources/lang/lv/validation.php
# resources/lang/mi/validation.php
# resources/lang/mk/validation.php
# resources/lang/ml-IN/validation.php
# resources/lang/mn/validation.php
# resources/lang/ms/validation.php
# resources/lang/nl/admin/settings/general.php
# resources/lang/nl/validation.php
# resources/lang/no/validation.php
# resources/lang/pl/admin/settings/general.php
# resources/lang/pl/validation.php
# resources/lang/pt-BR/admin/settings/general.php
# resources/lang/pt-BR/mail.php
# resources/lang/pt-BR/validation.php
# resources/lang/pt-PT/validation.php
# resources/lang/ro/validation.php
# resources/lang/ru/validation.php
# resources/lang/sl/validation.php
# resources/lang/sr-CS/admin/settings/general.php
# resources/lang/sr-CS/validation.php
# resources/lang/sv-SE/admin/settings/general.php
# resources/lang/sv-SE/auth/message.php
# resources/lang/sv-SE/button.php
# resources/lang/sv-SE/mail.php
# resources/lang/sv-SE/validation.php
# resources/lang/ta/validation.php
# resources/lang/th/validation.php
# resources/lang/tl/validation.php
# resources/lang/tr/mail.php
# resources/lang/tr/validation.php
# resources/lang/uk/admin/accessories/table.php
# resources/lang/uk/admin/asset_maintenances/message.php
# resources/lang/uk/admin/asset_maintenances/table.php
# resources/lang/uk/validation.php
# resources/lang/ur-PK/validation.php
# resources/lang/vi/admin/settings/general.php
# resources/lang/vi/validation.php
# resources/lang/zh-CN/admin/settings/general.php
# resources/lang/zh-CN/validation.php
# resources/lang/zh-HK/validation.php
# resources/lang/zh-TW/validation.php
# resources/lang/zu/validation.php
# resources/views/partials/bootstrap-table.blade.php
# resources/views/partials/forms/edit/company-select.blade.php
# routes/api.php
2021-09-21 23:46:50 -07:00
Brady Wetherington
4d4badf830
Got the client-side LDAP setup working well enough for sync!
2021-08-17 14:43:36 -07:00
Laravel Shift
934afa036f
Adopt Laravel coding style
...
Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions.
You may customize the adopted coding style by adding your own [PHP CS Fixer][1] `.php_cs` config file to your project root. Feel free to use [Shift's Laravel ruleset][2] to help you get started.
[1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer
[2]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200
2021-06-10 20:15:52 +00:00
snipe
ded61614d1
Attempt to fix transient LDAP bug
...
Signed-off-by: snipe <snipe@snipe.net>
2021-05-07 18:13:04 -07:00
snipe
e1c6d4ced7
Merge branch 'develop' of https://github.com/Skywalker-11/snipe-it into Skywalker-11-develop
...
Signed-off-by: snipe <snipe@snipe.net>
# Conflicts:
# app/Http/Requests/SettingsSamlRequest.php
2021-04-14 15:15:07 -07:00
Raell Dottin
78cc47a859
Added sanity check to determine if a bind user account is set. ( #9340 )
2021-03-24 14:08:37 -07:00
snipe
8fd8e716ac
Changed debug level on bad LDAP connection ( #9314 )
...
* Changed debug level on bad LDAP connection
TODO:
Unfuck all of this. It’s a mess and it really doesn’t work the way we think it does. AdLdap library strikes again. :(
Signed-off-by: snipe <snipe@snipe.net>
* Improved phrasing
Signed-off-by: snipe <snipe@snipe.net>
2021-03-17 19:24:28 -07:00
johnson-yi
763e17f491
Added saml custom setting retrieveParametersFromServer to enable fixing SLO issues with Azure AD ( #9187 )
2021-02-23 11:05:22 -08:00
snipe
bec2b170ec
Only overwrite notes if the LDAP user is new
2020-12-02 11:00:18 -08:00
Brady Wetherington
93cf8d4e0a
Forward-port of the old LDAP sync system ( #8801 )
...
* Forward-port of the old LDAP sync system
* Need to rename the class to avoid classname conflicts
* Make 'classic' LDAP sync not add surrounding parens to filters that already have them
* Re-work Test LDAP button to return 10 sample users
* Remove useless debugging code
2020-11-30 17:11:44 -08:00
johnson-yi
0cdd83aabf
Fixes #8584 , #8654 , #8727 - fixes and improvements for saml ( #8795 )
...
* Let onelogin/php-saml know to use 'X-Forwarded-*' headers if it is from a trusted proxy
* Gracefully handle the case where openssl_csr_new fails when openssl.cnf is invalid/missing
* Improve ui of saml sp metadata by displaying it's url and a download button
2020-11-20 18:54:25 -08:00
Brady Wetherington
734cb941dd
Fix for #8772 - initial LDAP import of users are deactivated ( #8776 )
2020-11-20 11:11:14 -08:00
Brady Wetherington
8457207c8f
Fix for 500-page on deactivated LDAP user trying to log in ( #8774 )
2020-11-17 22:31:22 -08:00
Brady Wetherington
3dda4c9116
Add a new UAC setting to valid User Accounts for Active Directory ( #8775 )
2020-11-17 19:25:49 -08:00
Brady Wetherington
de6f3f866f
Attempt to solve LDAP sync overriding administrator choices ( #8742 )
2020-11-17 00:11:00 -08:00
Brady Wetherington
a97b15ec96
Re-add LDAP "test login" feature to LDAP settings (helps with #8751 ) ( #8757 )
...
* Start work on re-adding back the "Test LDAP logins" feature to develop
* Add back-end method to allow LDAP test users to try to log in.
2020-11-16 21:23:08 -08:00
snipe
fc6a33ad38
Added some LDAP debugging - related to #8670
2020-11-12 22:19:16 -08:00
Anthony Winstanley
cc79bb1449
Exclude blank LDAP attributes
...
Asking for '' attributes is an error for some LDAP servers.
2020-11-12 09:34:28 -08:00
Sanjay Govind
ab6d2987a4
Include documentation from @uberbrady
...
Previously on v4 this was all documented, so i have copied that documentation across to v5
2020-11-06 12:31:33 +13:00
Sanjay Govind
45c140814f
Fix AD Accounts with delegation disabled
2020-11-06 12:02:19 +13:00
Brady Wetherington
b626b7895a
Ensure misdefined active flags will not prevent user syncing
2020-10-15 19:10:47 -07:00
Brady Wetherington
be4aa07d8c
Some logic bugs in the AD-specific code for logging in via AD/LDAP
2020-10-09 15:33:17 -07:00
Brady Wetherington
b015cff8bd
Modify Snipe-IT v5 AD handling to use the same ldap_host, and improve OU handling
2020-10-06 18:31:06 -07:00
snipe
cb5104c27d
Hopefully fixes #8418 - migrations on new install go wonky because of LDAP service provider
2020-09-08 21:13:24 -07:00
snipe
c23e28d0df
Merge pull request #8372 from snipe/fix_adldap_sync
...
Fix adldap sync
2020-08-26 13:34:07 -07:00
Brady Wetherington
67a1d2fa5f
Remove hardcoding of LDAP Auth query to 'uid=', use setting instead
2020-08-26 12:25:10 -07:00
Brady Wetherington
6c23e881c7
Merge branch 'develop' of https://github.com/bushelpowered/snipe-it into bushelpowered-develop
2020-08-24 21:42:04 -07:00
Brady Wetherington
262a964760
[WIP] fix ldap-sync for v5 with AdLdap2
2020-08-14 14:45:05 -07:00
Michael Pietsch
4f5374b2e8
enable use custom file based saml certificate/private key
2020-08-14 12:25:00 +02:00
Johnson Yi
3d8fce50d0
Removed unnecessary default saml settings
2020-05-09 01:51:48 +10:00
Johnson Yi
c1c37d521c
Allow downloading sp metadata without idp
2020-05-06 19:50:50 +10:00
Johnson Yi
b2930d6069
Added #542 : add saml authentication
2020-05-06 00:06:19 +10:00
snipe
c9ed205bb0
Added @throws to documentation
...
Signed-off-by: snipe <snipe@snipe.net>
2020-04-23 14:41:37 -07:00