Add portal code for session upgrade
This commit is contained in:
parent
bd110e7de6
commit
1cf1990fe2
|
@ -18,6 +18,7 @@ sub portalConsts {
|
||||||
'10' => 'PE_BADCERTIFICATE',
|
'10' => 'PE_BADCERTIFICATE',
|
||||||
'100' => 'PE_PP_NOT_ALLOWED_CHARACTER',
|
'100' => 'PE_PP_NOT_ALLOWED_CHARACTER',
|
||||||
'101' => 'PE_PP_NOT_ALLOWED_CHARACTERS',
|
'101' => 'PE_PP_NOT_ALLOWED_CHARACTERS',
|
||||||
|
'102' => 'PE_UPGRADESESSION',
|
||||||
'2' => 'PE_FORMEMPTY',
|
'2' => 'PE_FORMEMPTY',
|
||||||
'21' => 'PE_PP_ACCOUNT_LOCKED',
|
'21' => 'PE_PP_ACCOUNT_LOCKED',
|
||||||
'22' => 'PE_PP_PASSWORD_EXPIRED',
|
'22' => 'PE_PP_PASSWORD_EXPIRED',
|
||||||
|
|
|
@ -108,7 +108,8 @@ sub portalConstants {
|
||||||
PE_RESETCERTIFICATE_FORMEMPTY => 98,
|
PE_RESETCERTIFICATE_FORMEMPTY => 98,
|
||||||
PE_RESETCERTIFICATE_FIRSTACCESS => 99,
|
PE_RESETCERTIFICATE_FIRSTACCESS => 99,
|
||||||
PE_PP_NOT_ALLOWED_CHARACTER => 100,
|
PE_PP_NOT_ALLOWED_CHARACTER => 100,
|
||||||
PE_PP_NOT_ALLOWED_CHARACTERS => 101
|
PE_PP_NOT_ALLOWED_CHARACTERS => 101,
|
||||||
|
PE_UPGRADESESSION => 102
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -105,6 +105,7 @@ use constant {
|
||||||
PE_RESETCERTIFICATE_FIRSTACCESS => 99,
|
PE_RESETCERTIFICATE_FIRSTACCESS => 99,
|
||||||
PE_PP_NOT_ALLOWED_CHARACTER => 100,
|
PE_PP_NOT_ALLOWED_CHARACTER => 100,
|
||||||
PE_PP_NOT_ALLOWED_CHARACTERS => 101,
|
PE_PP_NOT_ALLOWED_CHARACTERS => 101,
|
||||||
|
PE_UPGRADESESSION => 102,
|
||||||
};
|
};
|
||||||
|
|
||||||
sub portalConsts {
|
sub portalConsts {
|
||||||
|
@ -119,6 +120,7 @@ sub portalConsts {
|
||||||
'10' => 'PE_BADCERTIFICATE',
|
'10' => 'PE_BADCERTIFICATE',
|
||||||
'100' => 'PE_PP_NOT_ALLOWED_CHARACTER',
|
'100' => 'PE_PP_NOT_ALLOWED_CHARACTER',
|
||||||
'101' => 'PE_PP_NOT_ALLOWED_CHARACTERS',
|
'101' => 'PE_PP_NOT_ALLOWED_CHARACTERS',
|
||||||
|
'102' => 'PE_UPGRADESESSION',
|
||||||
'2' => 'PE_FORMEMPTY',
|
'2' => 'PE_FORMEMPTY',
|
||||||
'21' => 'PE_PP_ACCOUNT_LOCKED',
|
'21' => 'PE_PP_ACCOUNT_LOCKED',
|
||||||
'22' => 'PE_PP_PASSWORD_EXPIRED',
|
'22' => 'PE_PP_PASSWORD_EXPIRED',
|
||||||
|
@ -310,7 +312,8 @@ our @EXPORT_OK = (
|
||||||
'PE_RESETCERTIFICATE_FORMEMPTY',
|
'PE_RESETCERTIFICATE_FORMEMPTY',
|
||||||
'PE_RESETCERTIFICATE_FIRSTACCESS',
|
'PE_RESETCERTIFICATE_FIRSTACCESS',
|
||||||
'PE_PP_NOT_ALLOWED_CHARACTER',
|
'PE_PP_NOT_ALLOWED_CHARACTER',
|
||||||
'PE_PP_NOT_ALLOWED_CHARACTERS'
|
'PE_PP_NOT_ALLOWED_CHARACTERS',
|
||||||
|
'PE_UPGRADESESSION'
|
||||||
);
|
);
|
||||||
our %EXPORT_TAGS = ( 'all' => [ @EXPORT_OK, 'import' ], );
|
our %EXPORT_TAGS = ( 'all' => [ @EXPORT_OK, 'import' ], );
|
||||||
|
|
||||||
|
|
|
@ -261,6 +261,25 @@ sub display {
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# when upgrading session, the administrator can configure LLNG
|
||||||
|
# to ask only for 2FA
|
||||||
|
elsif ( $req->error == PE_UPGRADESESSION ) {
|
||||||
|
$skinfile = 'upgradesession';
|
||||||
|
%templateParams = (
|
||||||
|
MAIN_LOGO => $self->conf->{portalMainLogo},
|
||||||
|
LANGS => $self->conf->{showLanguages},
|
||||||
|
MSG => 'askToUpgrade',
|
||||||
|
CONFIRMKEY => $self->stamp,
|
||||||
|
PORTAL => $self->conf->{portal},
|
||||||
|
URL => $req->data->{_url},
|
||||||
|
(
|
||||||
|
$req->data->{customScript}
|
||||||
|
? ( CUSTOM_SCRIPT => $req->data->{customScript} )
|
||||||
|
: ()
|
||||||
|
),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
# renew uses the same plugin as upgrade, but first factor is mandatory
|
||||||
elsif ( $req->error == PE_RENEWSESSION ) {
|
elsif ( $req->error == PE_RENEWSESSION ) {
|
||||||
$skinfile = 'upgradesession';
|
$skinfile = 'upgradesession';
|
||||||
%templateParams = (
|
%templateParams = (
|
||||||
|
@ -278,6 +297,7 @@ sub display {
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Looks a lot like upgradesession, but no portal logo
|
||||||
elsif ( $req->error == PE_MUSTAUTHN ) {
|
elsif ( $req->error == PE_MUSTAUTHN ) {
|
||||||
$skinfile = 'updatesession';
|
$skinfile = 'updatesession';
|
||||||
%templateParams = (
|
%templateParams = (
|
||||||
|
|
|
@ -17,6 +17,7 @@ use Lemonldap::NG::Common::FormEncode;
|
||||||
use Lemonldap::NG::Portal::Main::Constants qw(
|
use Lemonldap::NG::Portal::Main::Constants qw(
|
||||||
PE_OK
|
PE_OK
|
||||||
PE_RENEWSESSION
|
PE_RENEWSESSION
|
||||||
|
PE_UPGRADESESSION
|
||||||
);
|
);
|
||||||
|
|
||||||
extends 'Lemonldap::NG::Portal::Main::Plugin';
|
extends 'Lemonldap::NG::Portal::Main::Plugin';
|
||||||
|
@ -250,6 +251,19 @@ qq'<script type="text/javascript" src="$self->{p}->{staticPrefix}/common/js/auto
|
||||||
return PE_RENEWSESSION;
|
return PE_RENEWSESSION;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
sub upgradeAuth {
|
||||||
|
my ( $self, $req ) = @_;
|
||||||
|
$req->data->{customScript} =
|
||||||
|
qq'<script type="text/javascript" src="$self->{p}->{staticPrefix}/common/js/autoRenew.min.js"></script>'
|
||||||
|
if ( $self->conf->{skipUpgradeConfirmation} );
|
||||||
|
$req->data->{_url} =
|
||||||
|
encode_base64( $self->conf->{portal} . $req->path_info, '' );
|
||||||
|
$req->pdata->{ $self->ipath } = $self->storeRequest($req);
|
||||||
|
push @{ $req->pdata->{keepPdata} }, $self->ipath, $self->ipath . 'Path';
|
||||||
|
$req->pdata->{issuerTs} = time;
|
||||||
|
return PE_UPGRADESESSION;
|
||||||
|
}
|
||||||
|
|
||||||
1;
|
1;
|
||||||
__END__
|
__END__
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user