Merge branch '1988' into 'v2.0'
Append an authentication level option for each URI (#1988) See merge request lemonldap-ng/lemonldap-ng!101
This commit is contained in:
Christophe Maudoux
commit
0182b793a4
|
|
@ -1,4 +1,4 @@
|
|||
.\" Automatically generated by Pod::Man 4.10 (Pod::Simple 3.35)
|
||||
.\" Automatically generated by Pod::Man 4.09 (Pod::Simple 3.35)
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ========================================================================
|
||||
|
|
@ -54,20 +54,16 @@
|
|||
.\" Avoid warning from groff about undefined register 'F'.
|
||||
.de IX
|
||||
..
|
||||
.nr rF 0
|
||||
.if \n(.g .if rF .nr rF 1
|
||||
.if (\n(rF:(\n(.g==0)) \{\
|
||||
. if \nF \{\
|
||||
. de IX
|
||||
. tm Index:\\$1\t\\n%\t"\\$2"
|
||||
.if !\nF .nr F 0
|
||||
.if \nF>0 \{\
|
||||
. de IX
|
||||
. tm Index:\\$1\t\\n%\t"\\$2"
|
||||
..
|
||||
. if !\nF==2 \{\
|
||||
. nr % 0
|
||||
. nr F 2
|
||||
. \}
|
||||
. if !\nF==2 \{\
|
||||
. nr % 0
|
||||
. nr F 2
|
||||
. \}
|
||||
.\}
|
||||
.rr rF
|
||||
.\"
|
||||
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
|
||||
.\" Fear. Run. Save yourself. No user-serviceable parts.
|
||||
|
|
@ -133,7 +129,7 @@
|
|||
.\" ========================================================================
|
||||
.\"
|
||||
.IX Title "llng-fastcgi-server 8"
|
||||
.TH llng-fastcgi-server 8 "2019-09-24" "perl v5.28.1" "User Contributed Perl Documentation"
|
||||
.TH llng-fastcgi-server 8 "2019-10-30" "perl v5.26.1" "User Contributed Perl Documentation"
|
||||
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
|
||||
.\" way too many mistakes in technical documents.
|
||||
.if n .ad l
|
||||
|
|
|
|||
|
|
@ -195,9 +195,11 @@ sub virtualHosts {
|
|||
type => 'keyText',
|
||||
};
|
||||
|
||||
# If rule contains a comment, split it
|
||||
# If rule contains a comment or an AuthLevel, split them
|
||||
if ( $query eq 'locationRules' ) {
|
||||
$res->{comment} = '';
|
||||
$res->{level} = '';
|
||||
$res->{level} = $1 if ( $r =~ s/\(\?#AuthnLevel=(-?\d+)\)// );
|
||||
if ( $r =~ s/\(\?#(.*?)\)// ) {
|
||||
$res->{title} = $res->{comment} = $1;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -281,6 +281,7 @@ sub locationRulesInit {
|
|||
$class->tsv->{locationProtection}->{$vhost} = [];
|
||||
$class->tsv->{locationRegexp}->{$vhost} = [];
|
||||
$class->tsv->{locationConditionText}->{$vhost} = [];
|
||||
$class->tsv->{locationAuthnLevel}->{$vhost} = [];
|
||||
|
||||
foreach my $url ( sort keys %{$rules} ) {
|
||||
my ( $cond, $prot ) = $class->conditionSub( $rules->{$url} );
|
||||
|
|
@ -300,10 +301,14 @@ sub locationRulesInit {
|
|||
push @{ $class->tsv->{locationCondition}->{$vhost} }, $cond;
|
||||
push @{ $class->tsv->{locationProtection}->{$vhost} }, $prot;
|
||||
push @{ $class->tsv->{locationRegexp}->{$vhost} }, qr/$url/;
|
||||
push @{ $class->tsv->{locationAuthnLevel}->{$vhost} },
|
||||
$url =~ /\(\?#AuthnLevel=(-?\d+)\)/
|
||||
? $1
|
||||
: undef;
|
||||
push @{ $class->tsv->{locationConditionText}->{$vhost} },
|
||||
$url =~ /^\(\?#(.*?)\)/ ? $1
|
||||
: $url =~ /^(.*?)##(.+)$/ ? $2
|
||||
: $url;
|
||||
: $url;
|
||||
$class->tsv->{locationCount}->{$vhost}++;
|
||||
}
|
||||
}
|
||||
|
|
@ -451,6 +456,7 @@ sub postUrlInit {
|
|||
# @return array (ref(sub), int)
|
||||
sub conditionSub {
|
||||
my ( $class, $cond ) = @_;
|
||||
$cond =~ s/\(\?#(\d+)\)$//;
|
||||
my ( $OK, $NOK ) = ( sub { 1 }, sub { 0 } );
|
||||
|
||||
# Simple cases : accept and deny
|
||||
|
|
|
|||
|
|
@ -267,10 +267,31 @@ sub checkMaintenanceMode {
|
|||
# @return True if the user is granted to access to the current URL
|
||||
sub grant {
|
||||
my ( $class, $req, $session, $uri, $cond, $vhost ) = @_;
|
||||
my $level;
|
||||
|
||||
return $cond->( $req, $session ) if ($cond);
|
||||
|
||||
$vhost ||= $class->resolveAlias($req);
|
||||
if ( my $level = $class->tsv->{authnLevel}->{$vhost} ) {
|
||||
|
||||
# Using URL authentification level if exists
|
||||
for (
|
||||
my $i = 0 ;
|
||||
$i < ( $class->tsv->{locationCount}->{$vhost} || 0 ) ;
|
||||
$i++
|
||||
)
|
||||
{
|
||||
if ( $uri =~ $class->tsv->{locationRegexp}->{$vhost}->[$i] ) {
|
||||
$level = $class->tsv->{locationAuthnLevel}->{$vhost}->[$i];
|
||||
last;
|
||||
}
|
||||
}
|
||||
$level
|
||||
? $class->logger->debug(
|
||||
'Found AuthnLevel=' . $level . ' for "' . "$vhost$uri" . '"' )
|
||||
: $class->logger->debug("No URL authentication level found...");
|
||||
|
||||
# Using VH authentification level if exists
|
||||
if ( $level ||= $class->tsv->{authnLevel}->{$vhost} ) {
|
||||
if ( $session->{authenticationLevel} < $level ) {
|
||||
$class->logger->debug(
|
||||
"User authentication level = $session->{authenticationLevel}");
|
||||
|
|
|
|||
|
|
@ -10,6 +10,7 @@ init('Lemonldap::NG::Handler::PSGI');
|
|||
my $res;
|
||||
|
||||
# Unauthentified query
|
||||
# --------------------
|
||||
ok( $res = $client->_get('/'), 'Unauthentified query' );
|
||||
ok( ref($res) eq 'ARRAY', 'Response is an array' ) or explain( $res, 'array' );
|
||||
ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 );
|
||||
|
|
@ -24,26 +25,47 @@ ok(
|
|||
'Location => http://auth.example.com/?url='
|
||||
. encode_base64( 'http://test1.example.com/', '' )
|
||||
);
|
||||
|
||||
count(4);
|
||||
|
||||
# Authentified queries
|
||||
# --------------------
|
||||
|
||||
# Authorized query
|
||||
ok( $res = $client->_get( '/', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Authentified query' );
|
||||
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res, 200 );
|
||||
|
||||
count(2);
|
||||
|
||||
# Denied query
|
||||
ok( $res = $client->_get( '/deny', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Denied query' );
|
||||
ok( $res->[0] == 403, 'Code is 403' ) or explain( $res->[0], 403 );
|
||||
|
||||
count(2);
|
||||
|
||||
# Required AuthnLevel = 1
|
||||
ok( $res = $client->_get( '/AuthWeak', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Weak Authentified query' );
|
||||
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res, 200 );
|
||||
count(2);
|
||||
|
||||
# Required AuthnLevel = 5
|
||||
ok(
|
||||
$res = $client->_get( '/AuthStrong', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Strong Authentified query'
|
||||
);
|
||||
ok( $res->[0] == 302, 'Code is 302' ) or explain( $res, 302 );
|
||||
%h = @{ $res->[1] };
|
||||
ok(
|
||||
$h{Location} eq 'http://auth.example.com//upgradesession?url='
|
||||
. encode_base64( 'http://test1.example.com/AuthStrong', '' ),
|
||||
'Redirection points to http://test1.example.com/AuthStrong'
|
||||
)
|
||||
or explain(
|
||||
\%h,
|
||||
'http://auth.example.com//upgradesession?url='
|
||||
. encode_base64( 'http://test1.example.com/AuthStrong', '' )
|
||||
);
|
||||
count(3);
|
||||
|
||||
# Bad cookie
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
|
|
@ -58,9 +80,38 @@ ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 );
|
|||
unlink(
|
||||
't/sessions/lock/Apache-Session-e5eec18ebb9bc96352595e2d8ce962e8ecf7af7c9a98cb9a43f9cd181cf4b545.lock'
|
||||
);
|
||||
|
||||
count(2);
|
||||
|
||||
# Required AuthnLevel = 1
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
'/AuthWeak', undef, 'test2.example.com', "lemonldap=$sessionId"
|
||||
),
|
||||
'Weak Authentified query'
|
||||
);
|
||||
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res, 200 );
|
||||
count(2);
|
||||
|
||||
# Required AuthnLevel = 5
|
||||
ok(
|
||||
$res =
|
||||
$client->_get( '/', undef, 'test2.example.com', "lemonldap=$sessionId" ),
|
||||
'Default Authentified query'
|
||||
);
|
||||
ok( $res->[0] == 302, 'Code is 302' ) or explain( $res, 302 );
|
||||
%h = @{ $res->[1] };
|
||||
ok(
|
||||
$h{Location} eq 'http://auth.example.com//upgradesession?url='
|
||||
. encode_base64( 'http://test2.example.com/', '' ),
|
||||
'Redirection points to http://test2.example.com/'
|
||||
)
|
||||
or explain(
|
||||
\%h,
|
||||
'http://auth.example.com//upgradesession?url='
|
||||
. encode_base64( 'http://test2.example.com/', '' )
|
||||
);
|
||||
count(3);
|
||||
|
||||
done_testing( count() );
|
||||
|
||||
clean();
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ init('Lemonldap::NG::Handler::Server');
|
|||
my $res;
|
||||
|
||||
# Unauthentified query
|
||||
# --------------------
|
||||
ok( $res = $client->_get('/'), 'Unauthentified query' );
|
||||
ok( ref($res) eq 'ARRAY', 'Response is an array' ) or explain( $res, 'array' );
|
||||
ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 );
|
||||
|
|
@ -23,17 +24,14 @@ ok(
|
|||
'Location => http://auth.example.com/?url='
|
||||
. encode_base64( 'http://test1.example.com/', '' )
|
||||
);
|
||||
|
||||
count(4);
|
||||
|
||||
# Authentified queries
|
||||
# --------------------
|
||||
|
||||
# Authorized query
|
||||
ok( $res = $client->_get( '/', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Authentified query' );
|
||||
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res->[0], 200 );
|
||||
|
||||
count(2);
|
||||
|
||||
# Check headers
|
||||
|
|
@ -46,9 +44,33 @@ count(1);
|
|||
ok( $res = $client->_get( '/deny', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Denied query' );
|
||||
ok( $res->[0] == 403, 'Code is 403' ) or explain( $res->[0], 403 );
|
||||
|
||||
count(2);
|
||||
|
||||
# Required AuthnLevel = 1
|
||||
ok( $res = $client->_get( '/AuthWeak', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Weak Authentified query' );
|
||||
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res, 200 );
|
||||
count(2);
|
||||
|
||||
# Required AuthnLevel = 5
|
||||
ok(
|
||||
$res = $client->_get( '/AuthStrong', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Strong Authentified query'
|
||||
);
|
||||
ok( $res->[0] == 302, 'Code is 302' ) or explain( $res, 302 );
|
||||
%h = @{ $res->[1] };
|
||||
ok(
|
||||
$h{Location} eq 'http://auth.example.com//upgradesession?url='
|
||||
. encode_base64( 'http://test1.example.com/AuthStrong', '' ),
|
||||
'Redirection points to http://test1.example.com/AuthStrong'
|
||||
)
|
||||
or explain(
|
||||
\%h,
|
||||
'http://auth.example.com//upgradesession?url='
|
||||
. encode_base64( 'http://test1.example.com/AuthStrong', '' )
|
||||
);
|
||||
count(3);
|
||||
|
||||
# Bad cookie
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
|
|
@ -63,9 +85,38 @@ ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 );
|
|||
unlink(
|
||||
't/sessions/lock/Apache-Session-e5eec18ebb9bc96352595e2d8ce962e8ecf7af7c9a98cb9a43f9cd181cf4b545.lock'
|
||||
);
|
||||
|
||||
count(2);
|
||||
|
||||
# Required AuthnLevel = 1
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
'/AuthWeak', undef, 'test2.example.com', "lemonldap=$sessionId"
|
||||
),
|
||||
'Weak Authentified query'
|
||||
);
|
||||
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res, 200 );
|
||||
count(2);
|
||||
|
||||
# Required AuthnLevel = 5
|
||||
ok(
|
||||
$res =
|
||||
$client->_get( '/', undef, 'test2.example.com', "lemonldap=$sessionId" ),
|
||||
'Default Authentified query'
|
||||
);
|
||||
ok( $res->[0] == 302, 'Code is 302' ) or explain( $res, 302 );
|
||||
%h = @{ $res->[1] };
|
||||
ok(
|
||||
$h{Location} eq 'http://auth.example.com//upgradesession?url='
|
||||
. encode_base64( 'http://test2.example.com/', '' ),
|
||||
'Redirection points to http://test2.example.com/'
|
||||
)
|
||||
or explain(
|
||||
\%h,
|
||||
'http://auth.example.com//upgradesession?url='
|
||||
. encode_base64( 'http://test2.example.com/', '' )
|
||||
);
|
||||
count(3);
|
||||
|
||||
done_testing( count() );
|
||||
|
||||
clean();
|
||||
|
|
|
|||
|
|
@ -34,7 +34,6 @@ count(4);
|
|||
ok( $res = $client->_get( '/', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Authentified query' );
|
||||
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res->[0], 200 );
|
||||
|
||||
count(2);
|
||||
|
||||
# Check headers
|
||||
|
|
@ -49,9 +48,33 @@ count(2);
|
|||
ok( $res = $client->_get( '/deny', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Denied query' );
|
||||
ok( $res->[0] == 403, 'Code is 403' ) or explain( $res->[0], 403 );
|
||||
|
||||
count(2);
|
||||
|
||||
# Required AuthnLevel = 1
|
||||
ok( $res = $client->_get( '/AuthWeak', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Weak Authentified query' );
|
||||
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res, 200 );
|
||||
count(2);
|
||||
|
||||
# Required AuthnLevel = 5
|
||||
ok(
|
||||
$res = $client->_get( '/AuthStrong', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Strong Authentified query'
|
||||
);
|
||||
ok( $res->[0] == 401, 'Code is 401' ) or explain( $res, 401 );
|
||||
%h = @{ $res->[1] };
|
||||
ok(
|
||||
$h{Location} eq 'http://auth.example.com//upgradesession?url='
|
||||
. encode_base64( 'http://test1.example.com/AuthStrong', '' ),
|
||||
'Redirection points to http://test1.example.com/AuthStrong'
|
||||
)
|
||||
or explain(
|
||||
\%h,
|
||||
'http://auth.example.com//upgradesession?url='
|
||||
. encode_base64( 'http://test1.example.com/AuthStrong', '' )
|
||||
);
|
||||
count(3);
|
||||
|
||||
# Bad cookie
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
|
|
@ -66,9 +89,38 @@ ok( $res->[0] == 401, 'Code is 401' ) or explain( $res->[0], 401 );
|
|||
unlink(
|
||||
't/sessions/lock/Apache-Session-e5eec18ebb9bc96352595e2d8ce962e8ecf7af7c9a98cb9a43f9cd181cf4b545.lock'
|
||||
);
|
||||
|
||||
count(2);
|
||||
|
||||
# Required AuthnLevel = 1
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
'/AuthWeak', undef, 'test2.example.com', "lemonldap=$sessionId"
|
||||
),
|
||||
'Weak Authentified query'
|
||||
);
|
||||
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res, 200 );
|
||||
count(2);
|
||||
|
||||
# Required AuthnLevel = 5
|
||||
ok(
|
||||
$res =
|
||||
$client->_get( '/', undef, 'test2.example.com', "lemonldap=$sessionId" ),
|
||||
'Default Authentified query'
|
||||
);
|
||||
ok( $res->[0] == 401, 'Code is 401' ) or explain( $res, 401 );
|
||||
%h = @{ $res->[1] };
|
||||
ok(
|
||||
$h{Location} eq 'http://auth.example.com//upgradesession?url='
|
||||
. encode_base64( 'http://test2.example.com/', '' ),
|
||||
'Redirection points to http://test2.example.com/'
|
||||
)
|
||||
or explain(
|
||||
\%h,
|
||||
'http://auth.example.com//upgradesession?url='
|
||||
. encode_base64( 'http://test2.example.com/', '' )
|
||||
);
|
||||
count(3);
|
||||
|
||||
done_testing( count() );
|
||||
|
||||
clean();
|
||||
|
|
|
|||
|
|
@ -41,11 +41,14 @@
|
|||
"default": "$uid eq \"dwho\""
|
||||
},
|
||||
"test1.example.com": {
|
||||
"^/AuthStrong(?#AuthnLevel=5)": "accept",
|
||||
"^/AuthWeak(?#AuthnLevel=1)": "accept",
|
||||
"^/logout": "logout_sso",
|
||||
"^/deny": "deny",
|
||||
"default": "accept"
|
||||
},
|
||||
"test2.example.com": {
|
||||
"^/AuthWeak(?#AuthnLevel=1)": "accept",
|
||||
"^/logout": "logout_sso",
|
||||
"default": "accept"
|
||||
},
|
||||
|
|
@ -60,5 +63,10 @@
|
|||
"portal": "http://auth.example.com/",
|
||||
"reloadUrls": {},
|
||||
"userDB": "Demo",
|
||||
"vhostOptions": {
|
||||
"test2.example.com": {
|
||||
"vhostAuthnLevel": 5
|
||||
}
|
||||
},
|
||||
"whatToTrace": "_whatToTrace"
|
||||
}
|
||||
|
|
|
|||
|
|
@ -266,6 +266,7 @@ sub _scanNodes {
|
|||
$leaf->{comment}
|
||||
? "(?#$leaf->{comment})$leaf->{re}"
|
||||
: $leaf->{re};
|
||||
$k .= "(?#AuthnLevel=$leaf->{level})" if $leaf->{level};
|
||||
$self->set( $target, $key, $k, $leaf->{data} );
|
||||
}
|
||||
else {
|
||||
|
|
|
|||
|
|
@ -592,6 +592,10 @@ llapp.controller 'TreeCtrl', [
|
|||
if a.template
|
||||
a._nodes = templates a.template, a.title
|
||||
node.nodes.push a
|
||||
if a.type.match /^rule$/
|
||||
console.log "Parse rule AuthnLevel as integer"
|
||||
if a.level and typeof a.level == 'string'
|
||||
a.level = parseInt(a.level, 10)
|
||||
d.resolve 'OK'
|
||||
$scope.waiting = false
|
||||
, (response) ->
|
||||
|
|
|
|||
|
|
@ -17,6 +17,10 @@
|
|||
<th><span trspan="rule"></span></th>
|
||||
<td><textarea rows="3" id="hashvalueinput" class="form-control" ng-model="currentNode.data"/></td>
|
||||
</tr>
|
||||
<tr ng-if="currentNode.re!='default'">
|
||||
<th><span trspan="ruleAuthnLevel"></span></th>
|
||||
<td><input id="ruleAuthnLevel" type="number" class="form-control" ng-model="currentNode.level"/></td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
<script type="text/menu">
|
||||
|
|
|
|||
|
|
@ -7,7 +7,8 @@
|
|||
<tr>
|
||||
<th width="20%" trspan="comments"></th>
|
||||
<th width="30%" trspan="regexps"></th>
|
||||
<th width="50%" trspan="rules"></th>
|
||||
<th width="40%" trspan="rules"></th>
|
||||
<th width="7%" trspan="rulesAuthnLevel"></th>
|
||||
<th />
|
||||
</tr>
|
||||
</thead>
|
||||
|
|
@ -28,6 +29,12 @@
|
|||
<td>
|
||||
<input class="form-control" ng-model="s.data"/>
|
||||
</td>
|
||||
<td ng-if="s.re!='default'">
|
||||
<input type="number" class="form-control" ng-model="s.level"/>
|
||||
</td>
|
||||
<td ng-if="s.re=='default'">
|
||||
<input class="form-control" placeholder="defaultLevel" readonly/>
|
||||
</td>
|
||||
<td>
|
||||
<span ng-if="s.re!='default'" class="link text-danger glyphicon glyphicon-minus-sign" ng-click="del(currentNode.nodes,$index)"/>
|
||||
<span ng-if="$last" class="link text-success glyphicon glyphicon-plus-sign" ng-click="menuClick({title:'newRule'})"/>
|
||||
|
|
|
|||
|
|
@ -1 +1,2 @@
|
|||
(function(){var F;F={authParams:function(C,b,y){var n,o,x,e,s;for(s=[],n=0,o=(e=y.nodes).length;n<o;n++)x=e[n],s.push(C.getKey(x));return b.all(s).then(function(){var n,o,e,s,t,a,d,i,r,l,c,f,h,u,g,m,_,p,w,P,v;for(!1,l=[],h=function(n){var o;if("openidconnect"===(o=n.toLowerCase())&&(o="oidc"),l.push(o+"Params"),"ad"===o)return l.push("ldapParams")},n=0,s=(m=y.nodes).length;n<s;n++)h((x=m[n]).data);for(o=0,t=(_=y.nodes_cond).length;o<t;o++){if(P=0,c=(x=_[o])._nodes?x._nodes:x.nodes,"Choice"===y.nodes[0].data&&"choiceParams"===x.id)if(console.log("Choice is selected"),c[1].cnodes)P++;else for(e=0,a=(c=c[1]._nodes?c[1]._nodes:c[1].nodes).length;e<a;e++)for(f=0,d=(p=c[e].data).length;f<d;f++)"string"==typeof(v=p[f])&&h(v);else if("Combination"===y.nodes[0].data&&"combinationParams"===x.id)if(console.log("Combination is selected"),c[1].cnodes)P++;else for(u=0,i=(c=c[1]._nodes?c[1]._nodes:c[1].nodes).length;u<i;u++)h(c[u].data.type);if(P)return C.waiting=!0,void C.download({$modelValue:c[1]}).then(function(){return F.authParams(C,b,y)})}for(g=0,r=(w=y.nodes_cond).length;g<r;g++)x=w[g],-1===l.indexOf(x.id)?x.show=!1:x.show=!0})}},window.filterFunctions=F}).call(this);
|
||||
(function(){var n;n={authParams:function(o,e,s){var t,a,d,i,r;for(r=[],i=s.nodes,t=0,a=i.length;t<a;t++)d=i[t],r.push(o.getKey(d));return e.all(r).then(function(){var t,a,i,r,l,c,f,h,u,g,m,_,p,w,P,v,C,b,y,x,F,K,L;for(t=!1,_=[],P=function(n){var o;if(o=n.toLowerCase(),"openidconnect"===o&&(o="oidc"),_.push(o+"Params"),"ad"===o)return _.push("ldapParams")},b=s.nodes,a=0,l=b.length;a<l;a++)d=b[a],P(d.data);for(y=s.nodes_cond,i=0,c=y.length;i<c;i++){if(d=y[i],K=0,p=d._nodes?d._nodes:d.nodes,"Choice"===s.nodes[0].data&&"choiceParams"===d.id)if(console.log("Choice is selected"),p[1].cnodes)K++;else for(p=p[1]._nodes?p[1]._nodes:p[1].nodes,r=0,f=p.length;r<f;r++)for(m=p[r],x=m.data,w=0,h=x.length;w<h;w++)"string"==typeof(L=x[w])&&P(L);else if("Combination"===s.nodes[0].data&&"combinationParams"===d.id)if(console.log("Combination is selected"),p[1].cnodes)K++;else for(p=p[1]._nodes?p[1]._nodes:p[1].nodes,v=0,u=p.length;v<u;v++)m=p[v],P(m.data.type);if(K)return o.waiting=!0,void o.download({$modelValue:p[1]}).then(function(){return n.authParams(o,e,s)})}for(F=s.nodes_cond,C=0,g=F.length;C<g;C++)d=F[C],t||-1!==_.indexOf(d.id)?d.show=!0:d.show=!1})}},window.filterFunctions=n}).call(this);
|
||||
//# sourceMappingURL=lemonldap-ng-manager/site/htdocs/static/js/filterFunctions.min.js.map
|
||||
|
|
@ -1 +1 @@
|
|||
{"version":3,"sources":["lemonldap-ng-manager/site/htdocs/static/js/filterFunctions.js"],"names":["filterFunctions","authParams","scope","$q","node","i","len","n","ref","wait","nodes","length","push","getKey","all","then","j","k","l","len1","len2","len3","len4","len5","len6","nToShow","nd","o","p","q","r","ref1","ref2","ref3","ref4","restart","s","tmp","toLowerCase","data","nodes_cond","_nodes","id","console","log","cnodes","type","waiting","download","$modelValue","indexOf","show","window","call","this"],"mappings":"CACA,WACE,IAAIA,EAEJA,EAAkB,CAChBC,WAAY,SAASC,EAAOC,EAAIC,GAC9B,IAAIC,EAAGC,EAAKC,EAAGC,EAAKC,EAGpB,IAFAA,EAAO,GAEFJ,EAAI,EAAGC,GADZE,EAAMJ,EAAKM,OACWC,OAAQN,EAAIC,EAAKD,IACrCE,EAAIC,EAAIH,GACRI,EAAKG,KAAKV,EAAMW,OAAON,IAEzB,OAAOJ,EAAGW,IAAIL,GAAMM,KAAK,WACvB,IAASC,EAAGC,EAAGC,EAAGC,EAAMC,EAAMC,EAAMC,EAAMC,EAAMC,EAASC,EAASC,EAAIC,EAAGC,EAAGC,EAAGC,EAAGC,EAAMC,EAAMC,EAAMC,EAAMC,EAASC,EAenH,KAdM,EACNX,EAAU,GACVG,EAAI,SAASQ,GACX,IAAIC,EAMJ,GAJY,mBADZA,EAAMD,EAAEE,iBAEND,EAAM,QAERZ,EAAQb,KAAKyB,EAAM,UACP,OAARA,EACF,OAAOZ,EAAQb,KAAK,eAInBI,EAAI,EAAGG,GADZY,EAAO3B,EAAKM,OACYC,OAAQK,EAAIG,EAAMH,IAExCY,GADArB,EAAIwB,EAAKf,IACLuB,MAGN,IAAKtB,EAAI,EAAGG,GADZY,EAAO5B,EAAKoC,YACY7B,OAAQM,EAAIG,EAAMH,IAAK,CAI7C,GAFAkB,EAAU,EACVT,GAFAnB,EAAIyB,EAAKf,IAEFwB,OAASlC,EAAEkC,OAASlC,EAAEG,MACF,WAAvBN,EAAKM,MAAM,GAAG6B,MAA8B,iBAAThC,EAAEmC,GAEvC,GADAC,QAAQC,IAAI,sBACRlB,EAAG,GAAGmB,OACRV,SAGA,IAAKjB,EAAI,EAAGG,GADZK,EAAKA,EAAG,GAAGe,OAASf,EAAG,GAAGe,OAASf,EAAG,GAAGhB,OACnBC,OAAQO,EAAIG,EAAMH,IAGtC,IAAKS,EAAI,EAAGL,GADZW,EADIP,EAAGR,GACEqB,MACe5B,OAAQgB,EAAIL,EAAMK,IAEvB,iBADjBS,EAAIH,EAAKN,KAEPC,EAAEQ,QAKL,GAA2B,gBAAvBhC,EAAKM,MAAM,GAAG6B,MAAmC,sBAAThC,EAAEmC,GAEnD,GADAC,QAAQC,IAAI,2BACRlB,EAAG,GAAGmB,OACRV,SAGA,IAAKN,EAAI,EAAGN,GADZG,EAAKA,EAAG,GAAGe,OAASf,EAAG,GAAGe,OAASf,EAAG,GAAGhB,OACnBC,OAAQkB,EAAIN,EAAMM,IAEtCD,EADIF,EAAGG,GACHU,KAAKO,MAIf,GAAIX,EAOF,OANAjC,EAAM6C,SAAU,OAChB7C,EAAM8C,SAAS,CACbC,YAAevB,EAAG,KACjBX,KAAK,WACN,OAAOf,EAAgBC,WAAWC,EAAOC,EAAIC,KAMnD,IAAK0B,EAAI,EAAGN,GADZU,EAAO9B,EAAKoC,YACY7B,OAAQmB,EAAIN,EAAMM,IACxCvB,EAAI2B,EAAKJ,IAC8B,IAA3BL,EAAQyB,QAAQ3C,EAAEmC,IAC5BnC,EAAE4C,MAAO,EAET5C,EAAE4C,MAAO,MAOnBC,OAAOpD,gBAAkBA,IAExBqD,KAAKC"}
|
||||
{"version":3,"sources":["lemonldap-ng-manager/site/htdocs/static/js/filterFunctions.js"],"names":["filterFunctions","authParams","scope","$q","node","i","len","n","ref","wait","nodes","length","push","getKey","all","then","j","k","l","len1","len2","len3","len4","len5","len6","m","nToShow","nd","o","p","q","r","ref1","ref2","ref3","ref4","restart","s","tmp","toLowerCase","data","nodes_cond","_nodes","id","console","log","cnodes","type","waiting","download","$modelValue","indexOf","show","window","call","this"],"mappings":"CACA,WACE,GAAIA,EAEJA,IACEC,WAAY,SAASC,EAAOC,EAAIC,GAC9B,GAAIC,GAAGC,EAAKC,EAAGC,EAAKC,CAGpB,KAFAA,KACAD,EAAMJ,EAAKM,MACNL,EAAI,EAAGC,EAAME,EAAIG,OAAQN,EAAIC,EAAKD,IACrCE,EAAIC,EAAIH,GACRI,EAAKG,KAAKV,EAAMW,OAAON,GAEzB,OAAOJ,GAAGW,IAAIL,GAAMM,KAAK,WACvB,GAAID,GAAKE,EAAGC,EAAGC,EAAGC,EAAMC,EAAMC,EAAMC,EAAMC,EAAMC,EAAMC,EAAGC,EAASC,EAAIC,EAAGC,EAAGC,EAAGC,EAAGC,EAAMC,EAAMC,EAAMC,EAAMC,EAASC,CAenH,KAdAvB,GAAM,EACNY,KACAG,EAAI,SAASQ,GACX,GAAIC,EAMJ,IALAA,EAAMD,EAAEE,cACI,kBAARD,IACFA,EAAM,QAERZ,EAAQd,KAAK0B,EAAM,UACP,OAARA,EACF,MAAOZ,GAAQd,KAAK,eAGxBoB,EAAO5B,EAAKM,MACPM,EAAI,EAAGG,EAAOa,EAAKrB,OAAQK,EAAIG,EAAMH,IACxCT,EAAIyB,EAAKhB,GACTa,EAAEtB,EAAEiC,KAGN,KADAP,EAAO7B,EAAKqC,WACPxB,EAAI,EAAGG,EAAOa,EAAKtB,OAAQM,EAAIG,EAAMH,IAAK,CAI7C,GAHAV,EAAI0B,EAAKhB,GACTmB,EAAU,EACVT,EAAKpB,EAAEmC,OAASnC,EAAEmC,OAASnC,EAAEG,MACF,WAAvBN,EAAKM,MAAM,GAAG8B,MAA8B,iBAATjC,EAAEoC,GAEvC,GADAC,QAAQC,IAAI,sBACRlB,EAAG,GAAGmB,OACRV,QAGA,KADAT,EAAKA,EAAG,GAAGe,OAASf,EAAG,GAAGe,OAASf,EAAG,GAAGjB,MACpCQ,EAAI,EAAGG,EAAOM,EAAGhB,OAAQO,EAAIG,EAAMH,IAGtC,IAFAO,EAAIE,EAAGT,GACPgB,EAAOT,EAAEe,KACJZ,EAAI,EAAGN,EAAOY,EAAKvB,OAAQiB,EAAIN,EAAMM,IAEvB,iBADjBS,EAAIH,EAAKN,KAEPC,EAAEQ,OAKL,IAA2B,gBAAvBjC,EAAKM,MAAM,GAAG8B,MAAmC,sBAATjC,EAAEoC,GAEnD,GADAC,QAAQC,IAAI,2BACRlB,EAAG,GAAGmB,OACRV,QAGA,KADAT,EAAKA,EAAG,GAAGe,OAASf,EAAG,GAAGe,OAASf,EAAG,GAAGjB,MACpCoB,EAAI,EAAGP,EAAOI,EAAGhB,OAAQmB,EAAIP,EAAMO,IACtCL,EAAIE,EAAGG,GACPD,EAAEJ,EAAEe,KAAKO,KAIf,IAAIX,EAOF,MANAlC,GAAM8C,SAAU,MAChB9C,GAAM+C,UACJC,YAAevB,EAAG,KACjBZ,KAAK,WACN,MAAOf,GAAgBC,WAAWC,EAAOC,EAAIC,KAMnD,IADA+B,EAAO/B,EAAKqC,WACPV,EAAI,EAAGP,EAAOW,EAAKxB,OAAQoB,EAAIP,EAAMO,IACxCxB,EAAI4B,EAAKJ,GACJjB,IAAkC,IAA3BY,EAAQyB,QAAQ5C,EAAEoC,IAG5BpC,EAAE6C,MAAO,EAFT7C,EAAE6C,MAAO,MASnBC,OAAOrD,gBAAkBA,IAExBsD,KAAKC","file":"lemonldap-ng-manager/site/htdocs/static/js/filterFunctions.min.js"}
|
||||
|
|
@ -739,6 +739,12 @@ This file contains:
|
|||
a._nodes = templates(a.template, a.title);
|
||||
}
|
||||
node.nodes.push(a);
|
||||
if (a.type.match(/^rule$/)) {
|
||||
console.log("Parse rule AuthnLevel as integer");
|
||||
if (a.level && typeof a.level === 'string') {
|
||||
a.level = parseInt(a.level, 10);
|
||||
}
|
||||
}
|
||||
}
|
||||
d.resolve('OK');
|
||||
}
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
|
@ -752,7 +752,9 @@
|
|||
"returnUrl":"إرجاع اليو آر إل",
|
||||
"rp":"Relying Party",
|
||||
"rule":"القاعدة",
|
||||
"ruleAuthnLevel":"Required authentication level",
|
||||
"rules":"القواعد",
|
||||
"rulesAuthnLevel":"Required authentication levels",
|
||||
"Same":"نفسه",
|
||||
"save":"حفظ",
|
||||
"saveReport":"احفظ التقرير",
|
||||
|
|
|
|||
|
|
@ -414,7 +414,7 @@
|
|||
"loadFromUrl":"Load from URL",
|
||||
"localSessionStorage":"Cache module",
|
||||
"localSessionStorageOptions":"Cache module options",
|
||||
"locationRules":"Access rule",
|
||||
"locationRules":"Access rules",
|
||||
"loginHistory":"Login history",
|
||||
"loginHistoryEnabled":"Activation",
|
||||
"logo":"Logo",
|
||||
|
|
@ -752,7 +752,9 @@
|
|||
"returnUrl":"Return URL",
|
||||
"rp":"Relying Party",
|
||||
"rule":"Rule",
|
||||
"ruleAuthnLevel":"Required authentication level",
|
||||
"rules":"Regeln",
|
||||
"rulesAuthnLevel":"Required authentication levels",
|
||||
"Same":"Same",
|
||||
"save":"Save",
|
||||
"saveReport":"Save report",
|
||||
|
|
|
|||
|
|
@ -414,7 +414,7 @@
|
|||
"loadFromUrl":"Load from URL",
|
||||
"localSessionStorage":"Cache module",
|
||||
"localSessionStorageOptions":"Cache module options",
|
||||
"locationRules":"Access rule",
|
||||
"locationRules":"Access rules",
|
||||
"loginHistory":"Login history",
|
||||
"loginHistoryEnabled":"Activation",
|
||||
"logo":"Logo",
|
||||
|
|
@ -752,7 +752,9 @@
|
|||
"returnUrl":"Return URL",
|
||||
"rp":"Relying Party",
|
||||
"rule":"Rule",
|
||||
"ruleAuthnLevel":"Required authentication level",
|
||||
"rules":"Rules",
|
||||
"rulesAuthnLevel":"Required authentication levels",
|
||||
"Same":"Same",
|
||||
"save":"Save",
|
||||
"saveReport":"Save report",
|
||||
|
|
|
|||
|
|
@ -752,7 +752,9 @@
|
|||
"returnUrl":"URL de retour",
|
||||
"rp":"Client",
|
||||
"rule":"Règle",
|
||||
"ruleAuthnLevel":"Niveau d'authentication requis",
|
||||
"rules":"Règles",
|
||||
"rulesAuthnLevel":"Niveaux d'authentification requis",
|
||||
"Same":"Identique",
|
||||
"save":"Sauver",
|
||||
"saveReport":"Rapport de sauvegarde",
|
||||
|
|
|
|||
|
|
@ -752,7 +752,9 @@
|
|||
"returnUrl":"URL di ritorno",
|
||||
"rp":"Parte facente affidamento",
|
||||
"rule":"Regola",
|
||||
"ruleAuthnLevel":"Required authentication level",
|
||||
"rules":"Regole",
|
||||
"rulesAuthnLevel":"Required authentication levels",
|
||||
"Same":"Stesso",
|
||||
"save":"Salva",
|
||||
"saveReport":"Salva report",
|
||||
|
|
|
|||
|
|
@ -752,7 +752,9 @@
|
|||
"returnUrl":"Trả lại URL",
|
||||
"rp":"Relying Party",
|
||||
"rule":"Quy tắc",
|
||||
"ruleAuthnLevel":"Required authentication level",
|
||||
"rules":"Quy tắc",
|
||||
"rulesAuthnLevel":"Required authentication levels",
|
||||
"Same":"Tương tự",
|
||||
"save":"Lưu",
|
||||
"saveReport":"Lưu báo cáo",
|
||||
|
|
|
|||
|
|
@ -414,7 +414,7 @@
|
|||
"loadFromUrl":"Load from URL",
|
||||
"localSessionStorage":"Cache module",
|
||||
"localSessionStorageOptions":"Cache module options",
|
||||
"locationRules":"Access rule",
|
||||
"locationRules":"Access rules",
|
||||
"loginHistory":"登陆记录",
|
||||
"loginHistoryEnabled":"激活",
|
||||
"logo":"Logo",
|
||||
|
|
@ -752,7 +752,9 @@
|
|||
"returnUrl":"Return URL",
|
||||
"rp":"Relying Party",
|
||||
"rule":"Rule",
|
||||
"ruleAuthnLevel":"Required authentication level",
|
||||
"rules":"Rules",
|
||||
"rulesAuthnLevel":"Required authentication levels",
|
||||
"Same":"Same",
|
||||
"save":"Save",
|
||||
"saveReport":"Save report",
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
|
@ -1 +1,2 @@
|
|||
(function(){var r,e,n,t,o;n=function(e,r){return $("#msg").html(window.translate(e)),$("#color").removeClass("message-positive message-warning message-danger alert-success alert-warning alert-danger"),$("#color").addClass("message-"+r),"positive"===r&&(r="success"),$("#color").addClass("alert-"+r)},r=function(e,r,t){var o;if(console.log("Error",t),(o=JSON.parse(e.responseText))&&o.error)return o=o.error.replace(/.* /,""),console.log("Returned error",o),n(o,"warning")},t="",e=function(e){return n("yourTotpKey","warning"),$.ajax({type:"POST",url:portal+"/2fregisters/totp/getkey",dataType:"json",data:{newkey:e},error:r,success:function(e){var r;return e.error?(e.error.match(/totpExistingKey/)&&$("#divToHide").hide(),n(e.error,"warning")):e.portal&&e.user&&e.secret?($("#divToHide").show(),r="otpauth://totp/"+escape(e.portal)+":"+escape(e.user)+"?secret="+e.secret+"&issuer="+escape(e.portal),6!==e.digits&&(r+="&digits="+e.digits),30!==e.interval&&(r+="&period="+e.interval),new QRious({element:document.getElementById("qr"),value:r,size:150}),$("#serialized").text(r),e.newkey?n("yourNewTotpKey","warning"):n("yourTotpKey","success"),t=e.token):n("PE24","danger")}})},o=function(){var e;return(e=$("#code").val())?$.ajax({type:"POST",url:portal+"/2fregisters/totp/verify",dataType:"json",data:{token:t,code:e,TOTPName:$("#TOTPName").val()},error:r,success:function(e){return e.error?e.error.match(/bad(Code|Name)/)?n(e.error,"warning"):n(e.error,"danger"):n("yourKeyIsRegistered","success")}}):n("fillTheForm","warning")},$(document).ready(function(){return e(0),$("#changekey").on("click",function(){return e(1)}),$("#verify").on("click",function(){return o()})})}).call(this);
|
||||
(function(){var e,r,t,o,n;t=function(e,r){return $("#msg").html(window.translate(e)),$("#color").removeClass("message-positive message-warning message-danger alert-success alert-warning alert-danger"),$("#color").addClass("message-"+r),"positive"===r&&(r="success"),$("#color").addClass("alert-"+r)},e=function(e,r,o){var n;if(console.log("Error",o),(n=JSON.parse(e.responseText))&&n.error)return n=n.error.replace(/.* /,""),console.log("Returned error",n),t(n,"warning")},o="",r=function(r){return t("yourTotpKey","warning"),$.ajax({type:"POST",url:portal+"/2fregisters/totp/getkey",dataType:"json",data:{newkey:r},error:e,success:function(e){var r;return e.error?(e.error.match(/totpExistingKey/)&&$("#divToHide").hide(),t(e.error,"warning")):e.portal&&e.user&&e.secret?($("#divToHide").show(),r="otpauth://totp/"+escape(e.portal)+":"+escape(e.user)+"?secret="+e.secret+"&issuer="+escape(e.portal),6!==e.digits&&(r+="&digits="+e.digits),30!==e.interval&&(r+="&period="+e.interval),new QRious({element:document.getElementById("qr"),value:r,size:150}),$("#serialized").text(r),e.newkey?t("yourNewTotpKey","warning"):t("yourTotpKey","success"),o=e.token):t("PE24","danger")}})},n=function(){var r;return r=$("#code").val(),r?$.ajax({type:"POST",url:portal+"/2fregisters/totp/verify",dataType:"json",data:{token:o,code:r,TOTPName:$("#TOTPName").val()},error:e,success:function(e){return e.error?e.error.match(/bad(Code|Name)/)?t(e.error,"warning"):t(e.error,"danger"):t("yourKeyIsRegistered","success")}}):t("fillTheForm","warning")},$(document).ready(function(){return r(0),$("#changekey").on("click",function(){return r(1)}),$("#verify").on("click",function(){return n()})})}).call(this);
|
||||
//# sourceMappingURL=lemonldap-ng-portal/site/htdocs/static/common/js/totpregistration.min.js.map
|
||||
|
|
@ -1 +1 @@
|
|||
{"version":3,"sources":["lemonldap-ng-portal/site/htdocs/static/common/js/totpregistration.js"],"names":["displayError","getKey","setMsg","token","verify","msg","level","$","html","window","translate","removeClass","addClass","j","status","err","res","console","log","JSON","parse","responseText","error","replace","reset","ajax","type","url","portal","dataType","data","newkey","success","s","match","hide","user","secret","show","escape","digits","interval","QRious","element","document","getElementById","value","size","text","val","code","TOTPName","ready","on","call","this"],"mappings":"CAMA,WACE,IAAIA,EAAcC,EAAQC,EAAQC,EAAOC,EAEzCF,EAAS,SAASG,EAAKC,GAOrB,OANAC,EAAE,QAAQC,KAAKC,OAAOC,UAAUL,IAChCE,EAAE,UAAUI,YAAY,4FACxBJ,EAAE,UAAUK,SAAS,WAAaN,GACpB,aAAVA,IACFA,EAAQ,WAEHC,EAAE,UAAUK,SAAS,SAAWN,IAGzCN,EAAe,SAASa,EAAGC,EAAQC,GACjC,IAAIC,EAGJ,GAFAC,QAAQC,IAAI,QAASH,IACrBC,EAAMG,KAAKC,MAAMP,EAAEQ,gBACRL,EAAIM,MAGb,OAFAN,EAAMA,EAAIM,MAAMC,QAAQ,MAAO,IAC/BN,QAAQC,IAAI,iBAAkBF,GACvBd,EAAOc,EAAK,YAIvBb,EAAQ,GAERF,EAAS,SAASuB,GAEhB,OADAtB,EAAO,cAAe,WACfK,EAAEkB,KAAK,CACZC,KAAM,OACNC,IAAKC,OAAS,2BACdC,SAAU,OACVC,KAAM,CACJC,OAAQP,GAEVF,MAAOtB,EACPgC,QAAS,SAASF,GAChB,IAAQG,EACR,OAAIH,EAAKR,OACHQ,EAAKR,MAAMY,MAAM,oBACnB3B,EAAE,cAAc4B,OAEXjC,EAAO4B,EAAKR,MAAO,YAEtBQ,EAAKF,QAAUE,EAAKM,MAAQN,EAAKO,QAGvC9B,EAAE,cAAc+B,OAChBL,EAAI,kBAAqBM,OAAOT,EAAKF,QAAW,IAAOW,OAAOT,EAAKM,MAAS,WAAaN,EAAKO,OAAS,WAAcE,OAAOT,EAAKF,QAC7G,IAAhBE,EAAKU,SACPP,GAAK,WAAaH,EAAKU,QAEH,KAAlBV,EAAKW,WACPR,GAAK,WAAaH,EAAKW,UAEpB,IAAIC,OAAO,CACdC,QAASC,SAASC,eAAe,MACjCC,MAAOb,EACPc,KAAM,MAERxC,EAAE,eAAeyC,KAAKf,GAClBH,EAAKC,OACP7B,EAAO,iBAAkB,WAEzBA,EAAO,cAAe,WAEjBC,EAAQ2B,EAAK3B,OArBXD,EAAO,OAAQ,cA0B9BE,EAAS,WACP,IAAI6C,EAEJ,OADAA,EAAM1C,EAAE,SAAS0C,OAIR1C,EAAEkB,KAAK,CACZC,KAAM,OACNC,IAAKC,OAAS,2BACdC,SAAU,OACVC,KAAM,CACJ3B,MAAOA,EACP+C,KAAMD,EACNE,SAAU5C,EAAE,aAAa0C,OAE3B3B,MAAOtB,EACPgC,QAAS,SAASF,GAChB,OAAIA,EAAKR,MACHQ,EAAKR,MAAMY,MAAM,kBACZhC,EAAO4B,EAAKR,MAAO,WAEnBpB,EAAO4B,EAAKR,MAAO,UAGrBpB,EAAO,sBAAuB,cApBpCA,EAAO,cAAe,YA2BjCK,EAAEqC,UAAUQ,MAAM,WAKhB,OAJAnD,EAAO,GACPM,EAAE,cAAc8C,GAAG,QAAS,WAC1B,OAAOpD,EAAO,KAETM,EAAE,WAAW8C,GAAG,QAAS,WAC9B,OAAOjD,UAIVkD,KAAKC"}
|
||||
{"version":3,"sources":["lemonldap-ng-portal/site/htdocs/static/common/js/totpregistration.js"],"names":["displayError","getKey","setMsg","token","verify","msg","level","$","html","window","translate","removeClass","addClass","j","status","err","res","console","log","JSON","parse","responseText","error","replace","reset","ajax","type","url","portal","dataType","data","newkey","success","s","match","hide","user","secret","show","escape","digits","interval","QRious","element","document","getElementById","value","size","text","val","code","TOTPName","ready","on","call","this"],"mappings":"CAMA,WACE,GAAIA,GAAcC,EAAQC,EAAQC,EAAOC,CAEzCF,GAAS,SAASG,EAAKC,GAOrB,MANAC,GAAE,QAAQC,KAAKC,OAAOC,UAAUL,IAChCE,EAAE,UAAUI,YAAY,4FACxBJ,EAAE,UAAUK,SAAS,WAAaN,GACpB,aAAVA,IACFA,EAAQ,WAEHC,EAAE,UAAUK,SAAS,SAAWN,IAGzCN,EAAe,SAASa,EAAGC,EAAQC,GACjC,GAAIC,EAGJ,IAFAC,QAAQC,IAAI,QAASH,IACrBC,EAAMG,KAAKC,MAAMP,EAAEQ,gBACRL,EAAIM,MAGb,MAFAN,GAAMA,EAAIM,MAAMC,QAAQ,MAAO,IAC/BN,QAAQC,IAAI,iBAAkBF,GACvBd,EAAOc,EAAK,YAIvBb,EAAQ,GAERF,EAAS,SAASuB,GAEhB,MADAtB,GAAO,cAAe,WACfK,EAAEkB,MACPC,KAAM,OACNC,IAAKC,OAAS,2BACdC,SAAU,OACVC,MACEC,OAAQP,GAEVF,MAAOtB,EACPgC,QAAS,SAASF,GAChB,GAAQG,EACR,OAAIH,GAAKR,OACHQ,EAAKR,MAAMY,MAAM,oBACnB3B,EAAE,cAAc4B,OAEXjC,EAAO4B,EAAKR,MAAO,YAEtBQ,EAAKF,QAAUE,EAAKM,MAAQN,EAAKO,QAGvC9B,EAAE,cAAc+B,OAChBL,EAAI,kBAAqBM,OAAOT,EAAKF,QAAW,IAAOW,OAAOT,EAAKM,MAAS,WAAaN,EAAKO,OAAS,WAAcE,OAAOT,EAAKF,QAC7G,IAAhBE,EAAKU,SACPP,GAAK,WAAaH,EAAKU,QAEH,KAAlBV,EAAKW,WACPR,GAAK,WAAaH,EAAKW,UAEpB,GAAIC,SACPC,QAASC,SAASC,eAAe,MACjCC,MAAOb,EACPc,KAAM,MAERxC,EAAE,eAAeyC,KAAKf,GAClBH,EAAKC,OACP7B,EAAO,iBAAkB,WAEzBA,EAAO,cAAe,WAEjBC,EAAQ2B,EAAK3B,OArBXD,EAAO,OAAQ,cA0B9BE,EAAS,WACP,GAAI6C,EAEJ,OADAA,GAAM1C,EAAE,SAAS0C,MACZA,EAGI1C,EAAEkB,MACPC,KAAM,OACNC,IAAKC,OAAS,2BACdC,SAAU,OACVC,MACE3B,MAAOA,EACP+C,KAAMD,EACNE,SAAU5C,EAAE,aAAa0C,OAE3B3B,MAAOtB,EACPgC,QAAS,SAASF,GAChB,MAAIA,GAAKR,MACHQ,EAAKR,MAAMY,MAAM,kBACZhC,EAAO4B,EAAKR,MAAO,WAEnBpB,EAAO4B,EAAKR,MAAO,UAGrBpB,EAAO,sBAAuB,cApBpCA,EAAO,cAAe,YA2BjCK,EAAEqC,UAAUQ,MAAM,WAKhB,MAJAnD,GAAO,GACPM,EAAE,cAAc8C,GAAG,QAAS,WAC1B,MAAOpD,GAAO,KAETM,EAAE,WAAW8C,GAAG,QAAS,WAC9B,MAAOjD,WAIVkD,KAAKC","file":"lemonldap-ng-portal/site/htdocs/static/common/js/totpregistration.min.js"}
|
||||
|
|
@ -9,6 +9,7 @@ require 't/smtp.pm';
|
|||
use_ok('Lemonldap::NG::Common::FormEncode');
|
||||
count(1);
|
||||
|
||||
my $res;
|
||||
my $client = LLNG::Manager::Test->new( {
|
||||
ini => {
|
||||
logLevel => 'error',
|
||||
|
|
@ -26,6 +27,13 @@ my $client = LLNG::Manager::Test->new( {
|
|||
'vhostAuthnLevel' => 3
|
||||
},
|
||||
},
|
||||
"locationRules" => {
|
||||
"test1.example.com" => {
|
||||
'default' => 'accept',
|
||||
'^/AuthWeak(?#AuthnLevel=2)' => 'deny',
|
||||
'^/AuthStrong(?#AuthnLevel=5)' => 'deny',
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
);
|
||||
|
|
@ -33,7 +41,7 @@ my $client = LLNG::Manager::Test->new( {
|
|||
# Try to authenticate
|
||||
# -------------------
|
||||
ok(
|
||||
my $res = $client->_post(
|
||||
$res = $client->_post(
|
||||
'/',
|
||||
IO::String->new('user=dwho&password=dwho&lmAuth=weak'),
|
||||
length => 35,
|
||||
|
|
@ -42,15 +50,40 @@ ok(
|
|||
'Auth query'
|
||||
);
|
||||
count(1);
|
||||
|
||||
my $id = expectCookie($res);
|
||||
|
||||
|
||||
# Portal IS NOT a handler
|
||||
#########################
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
'/AuthWeak',
|
||||
accept => 'text/html',
|
||||
cookie => "lemonldap=$id",
|
||||
host => 'test1.example.com',
|
||||
),
|
||||
'GET http://test1.example.com/AuthWeak'
|
||||
);
|
||||
expectOK($res);
|
||||
count(1);
|
||||
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
'/AuthStrong',
|
||||
accept => 'text/html',
|
||||
cookie => "lemonldap=$id",
|
||||
host => 'test1.example.com',
|
||||
),
|
||||
'GET http://test1.example.com/AuthStrong'
|
||||
);
|
||||
count(1);
|
||||
|
||||
# After attempting to access test1,
|
||||
# the handler sends up back to /upgradesession
|
||||
# --------------------------------------------
|
||||
|
||||
ok(
|
||||
my $res = $client->_get(
|
||||
$res = $client->_get(
|
||||
'/upgradesession',
|
||||
query => 'url=aHR0cDovL3Rlc3QxLmV4YW1wbGUuY29t',
|
||||
accept => 'text/html',
|
||||
|
|
@ -67,7 +100,7 @@ my ( $host, $url, $query ) =
|
|||
# ----------------------
|
||||
|
||||
ok(
|
||||
my $res = $client->_post(
|
||||
$res = $client->_post(
|
||||
'/upgradesession',
|
||||
IO::String->new($query),
|
||||
length => length($query),
|
||||
|
|
@ -79,8 +112,7 @@ ok(
|
|||
count(1);
|
||||
|
||||
my $pdata = expectCookie( $res, 'lemonldappdata' );
|
||||
|
||||
my ( $host, $url, $query ) = expectForm( $res, '#', undef, 'upgrading', 'url' );
|
||||
( $host, $url, $query ) = expectForm( $res, '#', undef, 'upgrading', 'url' );
|
||||
|
||||
$query = $query . "&lmAuth=strong";
|
||||
|
||||
|
|
@ -89,7 +121,7 @@ $query = $query . "&lmAuth=strong";
|
|||
# -------------------------------------------
|
||||
|
||||
ok(
|
||||
my $res = $client->_post(
|
||||
$res = $client->_post(
|
||||
'/upgradesession',
|
||||
IO::String->new($query),
|
||||
length => length($query),
|
||||
|
|
@ -110,7 +142,7 @@ expectRedirection( $res, 'http://test1.example.com' );
|
|||
|
||||
# Make pdata was cleared and we aren't being redirected
|
||||
ok(
|
||||
my $res = $client->_get(
|
||||
$res = $client->_get(
|
||||
'/',
|
||||
accept => 'text/html',
|
||||
cookie => "lemonldap=$id;lemonldappdata=$pdata",
|
||||
|
|
@ -118,7 +150,6 @@ ok(
|
|||
'Post login'
|
||||
);
|
||||
count(1);
|
||||
|
||||
expectOK($res);
|
||||
|
||||
clean_sessions();
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user