mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
15,924 Commits 47 Branches 151 Tags
f4a33c1a3497db9ec055ad2bf6f4de7b5a3bca66
Commit Graph

7 Commits

Author SHA1 Message Date
Tony Murray
f4a33c1a34 Prevent credentials from being leaked in backtrace in some instances (#9817) 
* Prevent credentials from being leak in backtrace in some instances
Particularly before the user is authenticated

* fix test
 2019-03-05 00:24:14 -06:00
Tony Murray
b5714820de Improved Exception handling (#9844) 
* Update LibreNMS exception output
Use built-in laravel exception rendering.
DuskUnsafeExcpetion is triggered before Blade(view) is booted, so, try to boot it

* Cleaner blade registration

* Change 500 error page to generic LibreNMS error page.

* Handle generic exceptions from laravel better.

* Custome LdapMissingException

* Cleanup, don't need to override convertExceptionToResponse anymore

* Update unauthenticated code to current upstream style

* UpgradableException interface

* LdapMissingException extend AuthenticationException

* Code climate cleanups

* Fix code style
 2019-02-21 12:08:35 -06:00
Tony Murray
1fc6a031b3 AD Authorization fixes (#9216) 
* AD Authorization fixes
Remove mres() and $_SESSION usage.
Remove broken addUser function and use Mysql addUser.

* AD Authorization fixes
Remove mres() and $_SESSION usage.
Remove broken addUser function and use Mysql addUser.
Extract common AD auth code to ADUtils

* AD Authorization fixes
Remove mres() and $_SESSION usage.
Remove broken addUser function and use Mysql addUser.
Extract common AD auth code to ADUtils

* Send no user info to log instead of toast.

* Remove commented code

* add abstract getConnection() method that is required.

* Actually return the value
 2018-09-18 07:57:23 -05:00
Tony Murray
588b115d66 Fix up ldap-authorizer, create non-existent users (#9192) 
* First attempt at ldap-auth fixes

* no, guest, so it is not allowed.

* cast to int

* don't count on Session

* return full user

* Specific error for guest not allowed.

* fix up external auth user creation

* fix check

* Fix user level missing
Simplify middleware

* use guard if configured
 2018-09-12 12:51:24 -05:00
Peter McNabb
2fb8dd7904 fix: ldap-authorization should be considered external (#8047) 
* fix: ldap-authorization should be considered external

When sso auth type was added (1c6b7a9), some code for getting a username
was moved into HttpAuthAuthorizer. LdapAuthorizationAuthorizer uses the
same process to get the username and needs to be updated as well.

* Use common implementation of getExternalUsername

Authorizers get the default implementation by setting AUTH_IS_EXTERNAL.
ADAuthorizationAuthorizer is another candidate.
 2018-01-09 16:13:47 -06:00
Tony Murray
6b5dccc169 refactor: AD Auth defer connection until it is needed (#7768) 
* refactor: AD Auth defer connection until it is needed
Nice error if php-ldap is missing instead of http 500.

* Add the same error when ldap is missing to other auth methods.
Not as graceful looking in the authorizers since they do not defer connection.
 2017-11-28 09:19:34 -06:00
mcq8
c9728a1f71 refactor: Refactored authorizers to classes (#7497) 
* Refactored authorizers to classes

* Merge changes for #7335

* ! fix php 5.3 incompatibility

* Update ADAuthorizationAuthorizer.php

* Fix get_user -> getUser

* Rename AuthorizerFactory to Auth, fix interface missing functions

* Add phpdocs to all interface methods and normalize the names a bit.

* Re-work auth_test.php AD bind tests to work properly with the new class.
Reflection is not the nicest tool, but I think it is appropriate here.
Handle exceptions more nicely in auth_test.php

* Restore AD getUseList fix

Not sure how it got removed

* fix auth_test.php style
 2017-11-18 10:33:03 +00:00