dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Display U2F device attributes in 2FA session explorer

Browse Source
This commit is contained in:
Christophe Maudoux 2018-04-15 00:01:37 +02:00
parent e808c4a0c3
commit 1faef8d036
8 changed files with 98 additions and 122 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

117
lemonldap-ng-manager/site/coffee/2ndfa.coffee
View File

@ -72,13 +72,14 @@ hiddenAttributes = '_password'
categories =
dateTitle: ['_utime', '_startTime', '_updateTime', '_lastAuthnUTime', '_lastSeen']
connectionTitle: ['ipAddr', '_timezone', '_url']
authenticationTitle:['_session_id', '_user', '_password', 'authenticationLevel']
modulesTitle: ['_auth', '_userDB', '_passwordDB', '_issuerDB', '_authChoice', '_authMulti', '_userDBMulti']
saml: ['_idp', '_idpConfKey', '_samlToken', '_lassoSessionDump', '_lassoIdentityDump']
groups: ['groups', 'hGroups']
ldap: ['dn']
BrowserID: ['_browserIdAnswer', '_browserIdAnswerRaw']
OpenIDConnect: ['_oidc_id_token', '_oidc_OP', '_oidc_access_token']
#authenticationTitle:['_session_id', '_user', '_password', 'authenticationLevel']
sfaTitle: ['_2fDevices']
#modulesTitle: ['_auth', '_userDB', '_passwordDB', '_issuerDB', '_authChoice', '_authMulti', '_userDBMulti']
#saml: ['_idp', '_idpConfKey', '_samlToken', '_lassoSessionDump', '_lassoIdentityDump']
#groups: ['groups', 'hGroups']
#ldap: ['dn']
#BrowserID: ['_browserIdAnswer', '_browserIdAnswerRaw']
#OpenIDConnect: ['_oidc_id_token', '_oidc_OP', '_oidc_access_token']
# Menu entries
menu =
@ -284,10 +285,7 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location',
else if key.match /^(_utime|_lastAuthnUTime|_lastSeen|notification)$/
session[key] = $scope.localeDate value
else if key.match /^(_startTime|_updateTime)$/
session[key] = _stToStr value
#else if key.match /^(_u2fKeyHandle|_u2fUserKey|_totp2fSecret)$/
# session[key] = '##########'
session[key] = _stToStr value
res = []
# 2. Push session keys in result, grouped by categories
@ -295,55 +293,70 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location',
subres = []
for attr in attrs
if session[attr]
subres.push
title: attr
value: session[attr]
delete session[attr]
if session[attr].match(/(?:UBK|TOTP|U2F)/)
array = JSON.parse(session[attr]);
for sfDevice in array
for key, value of sfDevice
if key == 'type'
type = value
if key == 'name'
name = value
subres.push
title: 'TYPE'
value: "#{type} / #{name}"
delete session[attr]
else
subres.push
title: attr
value: session[attr]
console.log("!=" + session[attr])
delete session[attr]
if subres.length >0
res.push
title: "__#{category}__"
nodes: subres
# 3. Add OpenID and notifications already notified
_insert '^openid', 'OpenID'
_insert '^notification_(.+)', '__notificationsDone__'
## 3. Add OpenID and notifications already notified
#_insert '^openid', 'OpenID'
#_insert '^notification_(.+)', '__notificationsDone__'
# 4. Add session history if exists
if session._loginHistory
tmp = []
if session._loginHistory.successLogin
for l in session._loginHistory.successLogin
tmp.push
t: l._utime
title: $scope.localeDate l._utime
value: "Success (IP #{l.ipAddr})"
if session._loginHistory.failedLogin
for l in session._loginHistory.failedLogin
tmp.push
t: l._utime
title: $scope.localeDate l._utime
value: "#{l.error} (IP #{l.ipAddr})"
delete session._loginHistory
tmp.sort (a,b) ->
a.t - b.t
res.push
title: '__loginHistory__'
nodes: tmp
## 4. Add session history if exists
#if session._loginHistory
#tmp = []
#if session._loginHistory.successLogin
#for l in session._loginHistory.successLogin
#tmp.push
#t: l._utime
#title: $scope.localeDate l._utime
#value: "Success (IP #{l.ipAddr})"
#if session._loginHistory.failedLogin
#for l in session._loginHistory.failedLogin
#tmp.push
#t: l._utime
#title: $scope.localeDate l._utime
#value: "#{l.error} (IP #{l.ipAddr})"
#delete session._loginHistory
#tmp.sort (a,b) ->
#a.t - b.t
#res.push
#title: '__loginHistory__'
#nodes: tmp
# 5. Other keys (attributes and macros)
tmp = []
for key, value of session
tmp.push
title: key
value: value
tmp.sort (a,b) ->
if a.title > b.title then 1
else if a.title < b.title then -1
else 0
## 5. Other keys (attributes and macros)
#tmp = []
#for key, value of session
#tmp.push
#title: key
#value: value
#tmp.sort (a,b) ->
#if a.title > b.title then 1
#else if a.title < b.title then -1
#else 0
res.push
title: '__attributesAndMacros__'
nodes: tmp
#res.push
#title: '__attributesAndMacros__'
#nodes: tmp
return {
_utime: time
id: id

92
lemonldap-ng-manager/site/htdocs/static/js/2ndfa.js
View File

@ -82,13 +82,7 @@
categories = {
dateTitle: ['_utime', '_startTime', '_updateTime', '_lastAuthnUTime', '_lastSeen'],
connectionTitle: ['ipAddr', '_timezone', '_url'],
authenticationTitle: ['_session_id', '_user', '_password', 'authenticationLevel'],
modulesTitle: ['_auth', '_userDB', '_passwordDB', '_issuerDB', '_authChoice', '_authMulti', '_userDBMulti'],
saml: ['_idp', '_idpConfKey', '_samlToken', '_lassoSessionDump', '_lassoIdentityDump'],
groups: ['groups', 'hGroups'],
ldap: ['dn'],
BrowserID: ['_browserIdAnswer', '_browserIdAnswerRaw'],
OpenIDConnect: ['_oidc_id_token', '_oidc_OP', '_oidc_access_token']
sfaTitle: ['_2fDevices']
};
menu = {
@ -278,7 +272,7 @@
$scope.displaySession = function(scope) {
var sessionId, transformSession;
transformSession = function(session) {
var _insert, _stToStr, attr, attrs, category, i, id, k, key, l, len, len1, len2, m, ref, ref1, res, subres, time, tmp, value;
var _insert, _stToStr, array, attr, attrs, category, i, id, k, key, len, len1, res, sfDevice, subres, time, value;
_stToStr = function(s) {
return s;
};
@ -331,11 +325,27 @@
for (i = 0, len = attrs.length; i < len; i++) {
attr = attrs[i];
if (session[attr]) {
subres.push({
title: attr,
value: session[attr]
});
delete session[attr];
if (session[attr].match(/(?:UBK|TOTP|U2F)/)) {
array = JSON.parse(session[attr]);
for (k = 0, len1 = array.length; k < len1; k++) {
sfDevice = array[k];
for (key in sfDevice) {
value = sfDevice[key];
subres.push({
title: key,
value: value
});
}
}
delete session[attr];
} else {
subres.push({
title: attr,
value: session[attr]
});
console.log("!=" + session[attr]);
delete session[attr];
}
}
}
if (subres.length > 0) {
@ -345,62 +355,6 @@
});
}
}
_insert('^openid', 'OpenID');
_insert('^notification_(.+)', '__notificationsDone__');
if (session._loginHistory) {
tmp = [];
if (session._loginHistory.successLogin) {
ref = session._loginHistory.successLogin;
for (k = 0, len1 = ref.length; k < len1; k++) {
l = ref[k];
tmp.push({
t: l._utime,
title: $scope.localeDate(l._utime),
value: "Success (IP " + l.ipAddr + ")"
});
}
}
if (session._loginHistory.failedLogin) {
ref1 = session._loginHistory.failedLogin;
for (m = 0, len2 = ref1.length; m < len2; m++) {
l = ref1[m];
tmp.push({
t: l._utime,
title: $scope.localeDate(l._utime),
value: l.error + " (IP " + l.ipAddr + ")"
});
}
}
delete session._loginHistory;
tmp.sort(function(a, b) {
return a.t - b.t;
});
res.push({
title: '__loginHistory__',
nodes: tmp
});
}
tmp = [];
for (key in session) {
value = session[key];
tmp.push({
title: key,
value: value
});
}
tmp.sort(function(a, b) {
if (a.title > b.title) {
return 1;
} else if (a.title < b.title) {
return -1;
} else {
return 0;
}
});
res.push({
title: '__attributesAndMacros__',
nodes: tmp
});
return {
_utime: time,
id: id,

2
lemonldap-ng-manager/site/htdocs/static/js/2ndfa.min.js vendored
View File

File diff suppressed because one or more lines are too long

1
lemonldap-ng-manager/site/htdocs/static/languages/en.json
View File

@ -672,6 +672,7 @@
"sessionStartedAt":"Session started on",
"sessionStorage":"Sessions Storage",
"sessionTitle":"Session content",
"sfaTitle":"Seconds Factors authentication",
"show":"Show",
"showHelp":"Show help",
"singleIP":"One IP only by user",

1
lemonldap-ng-manager/site/htdocs/static/languages/fr.json
View File

@ -672,6 +672,7 @@
"sessionStartedAt":"Session démarrée le ",
"sessionStorage":"Stockage des sessions",
"sessionTitle":"Contenu de la session",
"sfaTitle":"Seconds Facteurs d'authentification",
"show":"Montrer",
"showHelp":"Montrer l'aide",
"singleIP":"Une seule session par couple utilisateur/IP",

1
lemonldap-ng-manager/site/htdocs/static/languages/it.json
View File

@ -672,6 +672,7 @@
"sessionStartedAt":"La sessione è stata avviata",
"sessionStorage":"Conservazione di sessioni",
"sessionTitle":"Contenuto della sessione",
"sfaTitle":"Seconds Factors authentication",
"show":"Mostra",
"showHelp":"Mostra aiuto",
"singleIP":"Solo un IP per utente",

1
lemonldap-ng-manager/site/htdocs/static/languages/vi.json
View File

@ -672,6 +672,7 @@
"sessionStartedAt":"Phiên bắt đầu lúc",
"sessionStorage":"Sessions lưu trữ",
"sessionTitle":"Nội dung phiên",
"sfaTitle":"Seconds Factors authentication",
"show":"Hiển thị",
"showHelp":"Hiển thị trợ giúp",
"singleIP":"Chỉ một địa chỉ IP bởi người dùng",

5
lemonldap-ng-manager/site/templates/2ndfa.tpl
View File

@ -97,6 +97,11 @@
</div>
</div>
<div class="panel panel-default" ng-hide="currentSession===null">
<div class="panel-heading">
<h1 class="panel-title text-center">{{translate("sessionTitle")}} {{currentSession.id}}</h1>