| Rev |
Age |
Author |
Path |
Log message |
Diff |
| 1050 |
2022-12-21 01:13:04 |
daniel-marschall |
/trunk/ |
Huge change in internal code structure!
All OIDplus classes are now in the class namespace "ViaThinkSoft\OIDplus".
!!! WARNING:
!!! All plugins MUST put their classes in a namespace and the constant "INSIDE_OIDPLUS" must not be used anymore.
!!! If you have a third-party plugin installed which is NOT bundled with OIDplus, you MUST update it.
!!! Recommendation: Remove the plugin first, then update OIDplus, then ask the author to change the plugin.
!!! If you have not installed any third-party plugins, then it is safe to update now. |
|
| 830 |
2022-04-10 23:35:04 |
daniel-marschall |
/trunk/ |
- Security improvement: The private key stored in the database configuration table in the database is now encrypted using a key that will be stored in a file inside userdata ( userdata/privkey_secret.php ).
- !!! ATTENTION: If you have multiple systems access the same database (e.g. you have example.org/oidplus and example.org/oidplus_test ), then the file userdata/privkey_secret.php must kept synchronous between both, otherwise you will lose your private/public key-pair and get a new system-id every time you restart OIDplus !!!
- OIDplus can't connect to databases that are newer than the own program files anymore, avoiding data corruption.
- Changed database version from 205 to 1000. |
|
| 826 |
2022-04-09 12:03:36 |
daniel-marschall |
/trunk/includes/classes/ |
Fixed wrong hash_pbkdf2 length (has problems with OpenSSL supplement) |
|
| 699 |
2021-12-17 16:48:07 |
daniel-marschall |
/trunk/ |
The new file edition.ini contains constants which might be useful if somebody wants to fork OIDplus
(However, we would appreciate it if you would try to contribute to the original OIDplus system rather than forking it!) |
|
| 679 |
2021-12-04 22:47:34 |
daniel-marschall |
/trunk/ |
Updated 3P. Fixed deprecated JWT parameter. |
|
| 639 |
2021-09-24 16:31:57 |
daniel-marschall |
/trunk/ |
Replaced "register_shutdown_function" function with an individual function (since JWT login didn't work with Strato provider) |
|
| 635 |
2021-09-24 12:12:32 |
daniel-marschall |
/trunk/ |
Changed plugins path structure
Old: plugins/[plugintype]/[pluginname]
New: plugins/[vendor]/[plugintype]/[pluginname]
!!!!!! ATTENTION !!!!!! ATTENTION !!!!!! ATTENTION !!!!!!
ALL DIRECTORIES INSIDE THE FOLDER plugin/ WILL BE DELETED
PLEASE MAKE A BACKUP OF THESE FOLDERS BEFORE UPDATING!
!!!!!! ATTENTION !!!!!! ATTENTION !!!!!! ATTENTION !!!!!!
If you have individual third-party plugins, please make
sure that they make use of the new plugin directory structure. |
|
| 622 |
2021-06-11 00:37:28 |
daniel-marschall |
/trunk/ |
Change to JWT key of HS512 (if no PKI is available) |
|
| 620 |
2021-06-10 16:16:05 |
daniel-marschall |
/trunk/ |
LDAP authentication plugin: The main authentication now works using UPN (userPrincipalName) instead of the mail address of the user. The control user is not required in the base configuration anymore, and there is no requirement in adding email addresses for the domain users. |
|
| 591 |
2021-05-23 20:19:56 |
daniel-marschall |
/trunk/ |
PHPStan Level 4 reached |
|
| 585 |
2021-05-23 17:36:08 |
daniel-marschall |
/trunk/ |
Very large refactoring of login methods; JWT methods encapsulated
"Remember me" (JWT cookie) and regular logins (PHP session) cannot be mixed anymore (which didn't work anyway) |
|
| 576 |
2021-05-16 20:24:19 |
daniel-marschall |
/trunk/ |
Small improvements to JWT authentication. Renamed "NBF" to "Blacklisted" to avoid confusion |
|
| 571 |
2021-05-15 21:17:51 |
daniel-marschall |
/trunk/ |
OIDplusConfigInterface renamed to OIDplusGetterSetterInterface
Improved OIDplus class autoloader (supports namespaces) |
|
| 570 |
2021-05-15 17:00:51 |
daniel-marschall |
/trunk/ |
Security: JWTs are now signed using RSA if OpenSSL is available.
Security: If not, then the key of JWT (which is the server secret) is processed via PBKDF2 |
|
| 566 |
2021-05-14 16:07:03 |
daniel-marschall |
/trunk/ |
Automated AJAX requests are now protected via a JWT, which is signed and doesn't contain the user's password anymore. The old method (username+password+antiBruteforceUnlockKey) is still accepted for backwards compatibility.
REMOVED: OIDplusSessionHandler->simulate
Created new class "OIDplusAuthContentStore" to make "OIDplusAuthUtils" more flexible |
|