• last updated a few minutes ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
fixed typoes in documentation

  1. … 22 more files in changeset.
improved spelling

  1. … 29 more files in changeset.
improved spelling

  1. … 3 more files in changeset.
skip hopeless tests, where mail server is not configured

    • -4
    • +15
    ./tcl/test/acs-authentication-procs.tcl
fixed regression test to use [::acs::test::url] instead of [ad_url] during regression test

improved spelling

  1. … 14 more files in changeset.
Don't pollute the cache for other tests

Fixes acs-tcl.parameter__check_procs test when run after this one

    • -0
    • +12
    ./tcl/test/authentication-procs.tcl
Prefer the test authority: downstream local authorities may depend on other systems to perform additional checks, which may fail on a test user

In case the user used an external_registry for login, we have to allow the redirect to a complete url

bumped version numbers to 5.10.1b1

  1. … 85 more files in changeset.
regenerated documentation

    • -25
    • +26
    ./www/doc/ext-auth-ldap-install.adp
    • -20
    • +29
    ./www/doc/ext-auth-pam-install.adp
  1. … 292 more files in changeset.
External identity provider reform (part 2)

Use the external identity provider for refresh of logins. When a user

is logged in via an external identity provider, use the same identity

provider for a refresh when it expires. The expiration time is

controlled via the classical OpenACS parameters.

Note that in general, the same user might be authenticated via a

classical OpenACS authority (e.g. local authority) and/or via an

external one (e.g. Microsoft Identity Platform (Azure) or GitHub).

For single-sign-ons, when the token is still valid, the redirect to

the external identity provider does not mean necessarily that the use

is shown the external identity provider's login page.

  1. … 2 more files in changeset.
improve spelling

  1. … 2 more files in changeset.
Handle acs-mail-lite conf regarding the recipient in the test

Make sure test email is fine even when usernames are emails

Use lowercase letter to append to the fake username, so that if it should be an email, it will still be valid

Fix typo in test

Complete coverage for the ACS Service Contract 'auth_user_info'

Complete coverage of ACS Service Contract 'auth_sync_retrieve' implementations

Test IMS_Enterprise_v_1p1 implementation of the auth_sync_process Service Contract

Rework parameter check:

the way the if was construed would allow e.g.:

1. a value for EmailRegistrationConfirmationToUserP = 'nottrue' to pass the first if, but fail the second.

2. a value EmailRegistrationConfirmationToUserP = 'false' to be "true" in the first if, but not in the second

In fact, if EmailRegistrationConfirmationToUserP should be a boolean, there is no need to further check the other parameters and variables in the second if. This change is not 100% equivalent to the previous code, but makes it clear that EmailRegistrationConfirmationToUserP should be interpreted as a boolean and fixes these inconsistencies.

Make clear that parameters come from the same subsite

Test implementations of ACS Service Contract 'auth_registration'

This exposes a bug in auth::local::registration::Register where the acs-subsite parameter NotifyAdminOfNewRegistrationsP is fetched from the ad_conn package_id, rather than the subsite_id

Fix signature of service contract implementation, that is defined with 3 and not 4 arguments, complete coverage of the auth_password contract local implementation

Complete coverage of the auth_authentication contract 'local' implementation

file local-procs.tcl was initially added on branch oacs-5-10.

    • -0
    • +0
    ./tcl/test/local-procs.tcl
Deprecate template::util::is_true, implemented as a simple string command oneliner since 2015 and inline occurrences

  1. … 31 more files in changeset.
Specify the empty value correctly in the authentication form fields

fixes for Oracle 19c

  1. … 4 more files in changeset.
fix indentation