# Session explorer
setMsg = (msg, level) ->
$('#msg').html window.translate msg
$('#color').removeClass 'message-positive message-warning alert-success alert-warning'
$('#color').addClass "message-#{level}"
level = 'success' if level == 'positive'
$('#color').addClass "alert-#{level}"
displayError = (j, status, err) ->
console.log 'Error', err
res = JSON.parse j.responseText
if res and res.error
res = res.error.replace /.* /, ''
console.log 'Returned error', res
setMsg res, 'warning'
# Max number of session to display (see overScheme)
max = 25
# Queries to do each type of display: each array item corresponds to the depth
# of opened nodes in the tree
schemes =
_whatToTrace: [
(t,v) ->
(t,v) ->
(t,v) ->
_startTime: [
(t,v) ->
(t,v) ->
(t,v) ->
(t,v) ->
(t,v) ->
(t,v,q) ->
console.log t
console.log v
console.log q
q.replace(/\&groupBy.*$/, '') + "&_whatToTrace=#{v}"
overScheme =
_whatToTrace: (t,v,level,over) ->
if level == 1
ipAddr: (t,v,level,over) ->
if level > 0 and level < 4
hiddenAttributes = '_password'
# Attributes to group in session display
categories =
dateTitle: ['_utime', '_startTime', '_updateTime', '_lastAuthnUTime', '_lastSeen']
connectionTitle: ['ipAddr', '_timezone', '_url']
authenticationTitle:['_session_id', '_user', '_password', 'authenticationLevel']
modulesTitle: ['_auth', '_userDB', '_passwordDB', '_issuerDB', '_authChoice', '_authMulti', '_userDBMulti']
saml: ['_idp', '_idpConfKey', '_samlToken', '_lassoSessionDump', '_lassoIdentityDump']
groups: ['groups', 'hGroups']
ldap: ['dn']
BrowserID: ['_browserIdAnswer', '_browserIdAnswerRaw']
OpenIDConnect: ['_oidc_id_token', '_oidc_OP', '_oidc_access_token']
# Menu entries
menu =
delU2FKey: [
title: 'deleteU2FKey'
icon: 'trash'
addU2FKey: [
title: 'addU2FKey'
icon: 'plus'
verifyU2FKey: [
title: 'verifyU2FKey'
icon: 'check'
delTOTPKey: [
title: 'deleteTOTPKey'
icon: 'trash'
addTOTPKey: [
title: 'addTOTPKey'
icon: 'plus'
verifyTOTPKey: [
title: 'verifyTOTPKey'
icon: 'check'
home: []
# AngularJS application
llapp = angular.module 'llngSessionsExplorer', ['ui.tree', 'ui.bootstrap', 'llApp']
# Main controller
llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location', '$q', '$http', ($scope, $translator, $location, $q, $http) ->
$scope.links = links
$scope.menulinks = menulinks
$scope.staticPrefix = staticPrefix
$scope.scriptname = scriptname
$scope.formPrefix = formPrefix
$scope.availableLanguages = availableLanguages
$scope.waiting = true
$scope.showM = false
$scope.showT = true
$scope.data = []
$scope.currentScope = null
$scope.currentSession = null
$scope.menu = menu
# Import translations functions
$scope.translateP = $translator.translateP
$scope.translate = $translator.translate
$scope.translateTitle = (node) ->
$translator.translateField node, 'title'
sessionType = 'global'
# Handle menu items
$scope.menuClick = (button) ->
if button.popup
window.open button.popup
button.action = button.title unless button.action
switch typeof button.action
when 'function'
button.action $scope.currentNode, $scope
when 'string'
console.log typeof button.action
$scope.showM = false
# Delete U2F key
$scope.deleteU2FKey = ->
$scope.waiting = true
$http['delete']("#{scriptname}sfa/#{sessionType}/#{$scope.currentSession.id}?Key=U2F").then (response) ->
$scope.currentSession = null
$scope.waiting = false
, (resp) ->
$scope.currentSession = null
$scope.waiting = false
$scope.showT = false
# Delete TOTP key
$scope.deleteTOTPKey = ->
$scope.waiting = true
$http['delete']("#{scriptname}sfa/#{sessionType}/#{$scope.currentSession.id}?Key=TOTP").then (response) ->
$scope.currentSession = null
$scope.waiting = false
, (resp) ->
$scope.currentSession = null
$scope.waiting = false
$scope.showT = false
# Add U2F key
$scope.addU2FKey = ->
$scope.waiting = true
$http['put']("#{scriptname}sfa/#{sessionType}/#{$scope.currentSession.id}?Key=U2F").then (response) ->
$scope.currentSession = null
$scope.waiting = false
, (resp) ->
$scope.currentSession = null
$scope.waiting = false
$scope.showT = false
# Add TOTP key
$scope.addTOTPKey = ->
$scope.waiting = true
$http['put']("#{scriptname}sfa/#{sessionType}/#{$scope.currentSession.id}?Key=TOTP").then (response) ->
$scope.currentSession = null
$scope.waiting = false
, (resp) ->
$scope.currentSession = null
$scope.waiting = false
$scope.showT = false
# Verify U2F key
$scope.verifyU2FKey = ->
$scope.waiting = true
$http['post']("#{scriptname}sfa/#{sessionType}/#{$scope.currentSession.id}?Key=U2F").then (response) ->
$scope.currentSession = null
$scope.waiting = false
, (resp) ->
$scope.currentSession = null
$scope.waiting = false
$scope.showT = true
# Verify TOTP key
$scope.verifyTOTPKey = ->
$scope.waiting = true
$http['post']("#{scriptname}sfa/#{sessionType}/#{$scope.currentSession.id}?Key=TOTP").then (response) ->
$scope.currentSession = null
$scope.waiting = false
, (resp) ->
$scope.currentSession = null
$scope.waiting = false
$scope.showT = true
# Open node
$scope.stoggle = (scope) ->
node = scope.$modelValue
if node.nodes.length == 0
$scope.updateTree node.value, node.nodes, node.level, node.over, node.query, node.count
# Display selected session
$scope.displaySession = (scope) ->
# Private functions
# Session preparation
transformSession = (session) ->
_stToStr = (s) ->
_insert = (re, title) ->
tmp = []
reg = new RegExp(re)
for key,value of session
if key.match(reg) and value
title: key
value: value
delete session[key]
if tmp.length > 0
title: title
nodes: tmp
time = session._utime
id = session._session_id
# 1. Replace values if needed
for key, value of session
unless value
delete session[key]
if typeof session == 'string' and value.match(/; /)
session[key] = value.split '; '
if typeof session[key] != 'object'
if hiddenAttributes.match(new RegExp('\b' + key + '\b'))
session[key] = '********'
else if key.match /^(_utime|_lastAuthnUTime|_lastSeen|notification)$/
session[key] = $scope.localeDate value
else if key.match /^(_startTime|_updateTime)$/
session[key] = _stToStr value
else if key.match /^(_u2fKeyHandle|_u2fUserKey|_totp2fSecret)$/
session[key] = '##########'
res = []
# 2. Push session keys in result, grouped by categories
for category, attrs of categories
subres = []
for attr in attrs
if session[attr]
title: attr
value: session[attr]
delete session[attr]
if subres.length >0
title: "__#{category}__"
nodes: subres
# 3. Add OpenID and notifications already notified
_insert '^openid', 'OpenID'
_insert '^notification_(.+)', '__notificationsDone__'
# 4. Add session history if exists
if session._loginHistory
tmp = []
if session._loginHistory.successLogin
for l in session._loginHistory.successLogin
t: l._utime
title: $scope.localeDate l._utime
value: "Success (IP #{l.ipAddr})"
if session._loginHistory.failedLogin
for l in session._loginHistory.failedLogin
t: l._utime
title: $scope.localeDate l._utime
value: "#{l.error} (IP #{l.ipAddr})"
delete session._loginHistory
tmp.sort (a,b) ->
a.t - b.t
title: '__loginHistory__'
nodes: tmp
# 5. Other keys (attributes and macros)
tmp = []
for key, value of session
title: key
value: value
tmp.sort (a,b) ->
if a.title > b.title then 1
else if a.title < b.title then -1
else 0
title: '__attributesAndMacros__'
nodes: tmp
return {
_utime: time
id: id
nodes: res
$scope.currentScope = scope
sessionId = scope.$modelValue.session
$http.get("#{scriptname}sfa/#{sessionType}/#{sessionId}").then (response) ->
$scope.currentSession = transformSession response.data
$scope.showT = false
$scope.localeDate = (s) ->
d = new Date(s * 1000)
return d.toLocaleString()
# Function to change interface language
$scope.getLanguage = (lang) ->
$scope.lang = lang
$scope.form = 'white'
$scope.showM = false
# URI local path management
pathEvent = (event, next, current) ->
n = next.match /#\/(\w+)/
sessionType = 'global'
if n == null
$scope.type = '_whatToTrace'
else if n[1].match /^(persistent)$/
sessionType = RegExp.$1
$scope.type = '_session_uid'
$scope.type = n[1]
$scope.$on '$locationChangeSuccess', pathEvent
# Function to update tree: download value of opened subkey
autoId = 0
$scope.updateTree = (value, node, level, over, currentQuery, count) ->
$scope.waiting = true
# Query scheme selection:
# - if defined above
scheme = if schemes[$scope.type]
# - _updateTime must be displayed as startDate
else if $scope.type == '_updateTime'
# - default to _whatToTrace scheme
# Build query using schemes
query = scheme[level] $scope.type, value, currentQuery
# If number of session exceeds "max" and overScheme exists, call it
if count > max and overScheme[$scope.type]
if tmp = overScheme[$scope.type] $scope.type, value, level, over, currentQuery
query = tmp
level = level - 1
over = 0
over = 0
# Launch HTTP query
$http.get("#{scriptname}sfa/#{sessionType}?#{query}").then (response) ->
data = response.data
if data.result
for n in data.values
n.id = "node#{autoId}"
if level < scheme.length - 1
n.nodes = []
n.level = level + 1
n.query = query
n.over = over
# Date display in tree
if $scope.type.match /^(?:start|update)Time$/
n.title = n.value
# 12 digits -> 12:34
# 11 digits -> 12:30
# 10 digits -> 12h
# 8 digits -> 2016-03-15
node.push n
$scope.total = data.total if value == ''
$scope.waiting = false
, (resp) ->
$scope.waiting = false
# Intialization function
# Simply set $scope.waiting to false during $translator and tree root
# initialization
$scope.init = ->
$scope.waiting = true
$scope.data = []
$q.all [
$translator.init $scope.lang
$scope.updateTree '', $scope.data, 0, 0
.then ->
$scope.waiting = false
, (resp) ->
$scope.waiting = false
# Query scheme initialization
# Default to '_whatToTrace'
c = $location.path().match /^\/(\w+)/
$scope.type = if c then c[1] else '_whatToTrace'
# Unregistration function (launched by "unregister" button)
u2fcheck = ->
$scope.currentSession = null
$scope.showT = false
type: "GET"
url: "https://manager.example.com:19876/sfa.html?U2FCheck=1"
data: {}
dataType: 'json'
error: displayError
success: (resp) ->
if resp.error
setMsg 'u2fFailed', 'warning'
else if resp.result
setMsg 'u2fUnregistered', 'positive'
error: displayError
totpcheck = ->
$scope.currentSession = null
$scope.showT = false
type: "GET"
url: "https://manager.example.com:19876/sfa.html?U2FCheck=1"
data: {}
dataType: 'json'
error: displayError
success: (resp) ->
if resp.error
setMsg 'u2fFailed', 'warning'
else if resp.result
setMsg 'u2fUnregistered', 'positive'
error: displayError
# CheckBox "click" events
$(document).ready ->
$('#U2FCheck').on 'click', u2fcheck
$('#TOTPCheck').on 'click', totpcheck
