Subversion Repositories oidplus

Rev

Go to most recent revision | Show changed files | Details | Compare with Previous | Blame | RSS feed

Filtering Options

Rev Age Author Path Log message Diff
699 2021-12-17 16:48:07 daniel-marschall /trunk/ The new file edition.ini contains constants which might be useful if somebody wants to fork OIDplus
(However, we would appreciate it if you would try to contribute to the original OIDplus system rather than forking it!)		  
679 2021-12-04 22:47:34 daniel-marschall /trunk/ Updated 3P. Fixed deprecated JWT parameter.  
639 2021-09-24 16:31:57 daniel-marschall /trunk/ Replaced "register_shutdown_function" function with an individual function (since JWT login didn't work with Strato provider)  
635 2021-09-24 12:12:32 daniel-marschall /trunk/ Changed plugins path structure
Old: plugins/[plugintype]/[pluginname]
New: plugins/[vendor]/[plugintype]/[pluginname]

!!!!!! ATTENTION !!!!!! ATTENTION !!!!!! ATTENTION !!!!!!
ALL DIRECTORIES INSIDE THE FOLDER plugin/ WILL BE DELETED
PLEASE MAKE A BACKUP OF THESE FOLDERS BEFORE UPDATING!
!!!!!! ATTENTION !!!!!! ATTENTION !!!!!! ATTENTION !!!!!!

If you have individual third-party plugins, please make
sure that they make use of the new plugin directory structure.		  
622 2021-06-11 00:37:28 daniel-marschall /trunk/ Change to JWT key of HS512 (if no PKI is available)  
620 2021-06-10 16:16:05 daniel-marschall /trunk/ LDAP authentication plugin: The main authentication now works using UPN (userPrincipalName) instead of the mail address of the user. The control user is not required in the base configuration anymore, and there is no requirement in adding email addresses for the domain users.  
591 2021-05-23 20:19:56 daniel-marschall /trunk/ PHPStan Level 4 reached  
585 2021-05-23 17:36:08 daniel-marschall /trunk/ Very large refactoring of login methods; JWT methods encapsulated
"Remember me" (JWT cookie) and regular logins (PHP session) cannot be mixed anymore (which didn't work anyway)		  
576 2021-05-16 20:24:19 daniel-marschall /trunk/ Small improvements to JWT authentication. Renamed "NBF" to "Blacklisted" to avoid confusion  
571 2021-05-15 21:17:51 daniel-marschall /trunk/ OIDplusConfigInterface renamed to OIDplusGetterSetterInterface
Improved OIDplus class autoloader (supports namespaces)		  
570 2021-05-15 17:00:51 daniel-marschall /trunk/ Security: JWTs are now signed using RSA if OpenSSL is available.
Security: If not, then the key of JWT (which is the server secret) is processed via PBKDF2		  
566 2021-05-14 16:07:03 daniel-marschall /trunk/ Automated AJAX requests are now protected via a JWT, which is signed and doesn't contain the user's password anymore. The old method (username+password+antiBruteforceUnlockKey) is still accepted for backwards compatibility.
REMOVED: OIDplusSessionHandler->simulate
Created new class "OIDplusAuthContentStore" to make "OIDplusAuthUtils" more flexible