Display U2F device attributes in 2FA session explorer
This commit is contained in:
parent
e808c4a0c3
commit
1faef8d036
|
@ -72,13 +72,14 @@ hiddenAttributes = '_password'
|
|||
categories =
|
||||
dateTitle: ['_utime', '_startTime', '_updateTime', '_lastAuthnUTime', '_lastSeen']
|
||||
connectionTitle: ['ipAddr', '_timezone', '_url']
|
||||
authenticationTitle:['_session_id', '_user', '_password', 'authenticationLevel']
|
||||
modulesTitle: ['_auth', '_userDB', '_passwordDB', '_issuerDB', '_authChoice', '_authMulti', '_userDBMulti']
|
||||
saml: ['_idp', '_idpConfKey', '_samlToken', '_lassoSessionDump', '_lassoIdentityDump']
|
||||
groups: ['groups', 'hGroups']
|
||||
ldap: ['dn']
|
||||
BrowserID: ['_browserIdAnswer', '_browserIdAnswerRaw']
|
||||
OpenIDConnect: ['_oidc_id_token', '_oidc_OP', '_oidc_access_token']
|
||||
#authenticationTitle:['_session_id', '_user', '_password', 'authenticationLevel']
|
||||
sfaTitle: ['_2fDevices']
|
||||
#modulesTitle: ['_auth', '_userDB', '_passwordDB', '_issuerDB', '_authChoice', '_authMulti', '_userDBMulti']
|
||||
#saml: ['_idp', '_idpConfKey', '_samlToken', '_lassoSessionDump', '_lassoIdentityDump']
|
||||
#groups: ['groups', 'hGroups']
|
||||
#ldap: ['dn']
|
||||
#BrowserID: ['_browserIdAnswer', '_browserIdAnswerRaw']
|
||||
#OpenIDConnect: ['_oidc_id_token', '_oidc_OP', '_oidc_access_token']
|
||||
|
||||
# Menu entries
|
||||
menu =
|
||||
|
@ -284,10 +285,7 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location',
|
|||
else if key.match /^(_utime|_lastAuthnUTime|_lastSeen|notification)$/
|
||||
session[key] = $scope.localeDate value
|
||||
else if key.match /^(_startTime|_updateTime)$/
|
||||
session[key] = _stToStr value
|
||||
#else if key.match /^(_u2fKeyHandle|_u2fUserKey|_totp2fSecret)$/
|
||||
# session[key] = '##########'
|
||||
|
||||
session[key] = _stToStr value
|
||||
res = []
|
||||
|
||||
# 2. Push session keys in result, grouped by categories
|
||||
|
@ -295,55 +293,70 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location',
|
|||
subres = []
|
||||
for attr in attrs
|
||||
if session[attr]
|
||||
subres.push
|
||||
title: attr
|
||||
value: session[attr]
|
||||
delete session[attr]
|
||||
if session[attr].match(/(?:UBK|TOTP|U2F)/)
|
||||
array = JSON.parse(session[attr]);
|
||||
for sfDevice in array
|
||||
for key, value of sfDevice
|
||||
if key == 'type'
|
||||
type = value
|
||||
if key == 'name'
|
||||
name = value
|
||||
subres.push
|
||||
title: 'TYPE'
|
||||
value: "#{type} / #{name}"
|
||||
delete session[attr]
|
||||
else
|
||||
subres.push
|
||||
title: attr
|
||||
value: session[attr]
|
||||
console.log("!=" + session[attr])
|
||||
delete session[attr]
|
||||
|
||||
if subres.length >0
|
||||
res.push
|
||||
title: "__#{category}__"
|
||||
nodes: subres
|
||||
|
||||
# 3. Add OpenID and notifications already notified
|
||||
_insert '^openid', 'OpenID'
|
||||
_insert '^notification_(.+)', '__notificationsDone__'
|
||||
## 3. Add OpenID and notifications already notified
|
||||
#_insert '^openid', 'OpenID'
|
||||
#_insert '^notification_(.+)', '__notificationsDone__'
|
||||
|
||||
# 4. Add session history if exists
|
||||
if session._loginHistory
|
||||
tmp = []
|
||||
if session._loginHistory.successLogin
|
||||
for l in session._loginHistory.successLogin
|
||||
tmp.push
|
||||
t: l._utime
|
||||
title: $scope.localeDate l._utime
|
||||
value: "Success (IP #{l.ipAddr})"
|
||||
if session._loginHistory.failedLogin
|
||||
for l in session._loginHistory.failedLogin
|
||||
tmp.push
|
||||
t: l._utime
|
||||
title: $scope.localeDate l._utime
|
||||
value: "#{l.error} (IP #{l.ipAddr})"
|
||||
delete session._loginHistory
|
||||
tmp.sort (a,b) ->
|
||||
a.t - b.t
|
||||
res.push
|
||||
title: '__loginHistory__'
|
||||
nodes: tmp
|
||||
## 4. Add session history if exists
|
||||
#if session._loginHistory
|
||||
#tmp = []
|
||||
#if session._loginHistory.successLogin
|
||||
#for l in session._loginHistory.successLogin
|
||||
#tmp.push
|
||||
#t: l._utime
|
||||
#title: $scope.localeDate l._utime
|
||||
#value: "Success (IP #{l.ipAddr})"
|
||||
#if session._loginHistory.failedLogin
|
||||
#for l in session._loginHistory.failedLogin
|
||||
#tmp.push
|
||||
#t: l._utime
|
||||
#title: $scope.localeDate l._utime
|
||||
#value: "#{l.error} (IP #{l.ipAddr})"
|
||||
#delete session._loginHistory
|
||||
#tmp.sort (a,b) ->
|
||||
#a.t - b.t
|
||||
#res.push
|
||||
#title: '__loginHistory__'
|
||||
#nodes: tmp
|
||||
|
||||
# 5. Other keys (attributes and macros)
|
||||
tmp = []
|
||||
for key, value of session
|
||||
tmp.push
|
||||
title: key
|
||||
value: value
|
||||
tmp.sort (a,b) ->
|
||||
if a.title > b.title then 1
|
||||
else if a.title < b.title then -1
|
||||
else 0
|
||||
## 5. Other keys (attributes and macros)
|
||||
#tmp = []
|
||||
#for key, value of session
|
||||
#tmp.push
|
||||
#title: key
|
||||
#value: value
|
||||
#tmp.sort (a,b) ->
|
||||
#if a.title > b.title then 1
|
||||
#else if a.title < b.title then -1
|
||||
#else 0
|
||||
|
||||
res.push
|
||||
title: '__attributesAndMacros__'
|
||||
nodes: tmp
|
||||
#res.push
|
||||
#title: '__attributesAndMacros__'
|
||||
#nodes: tmp
|
||||
return {
|
||||
_utime: time
|
||||
id: id
|
||||
|
|
|
@ -82,13 +82,7 @@
|
|||
categories = {
|
||||
dateTitle: ['_utime', '_startTime', '_updateTime', '_lastAuthnUTime', '_lastSeen'],
|
||||
connectionTitle: ['ipAddr', '_timezone', '_url'],
|
||||
authenticationTitle: ['_session_id', '_user', '_password', 'authenticationLevel'],
|
||||
modulesTitle: ['_auth', '_userDB', '_passwordDB', '_issuerDB', '_authChoice', '_authMulti', '_userDBMulti'],
|
||||
saml: ['_idp', '_idpConfKey', '_samlToken', '_lassoSessionDump', '_lassoIdentityDump'],
|
||||
groups: ['groups', 'hGroups'],
|
||||
ldap: ['dn'],
|
||||
BrowserID: ['_browserIdAnswer', '_browserIdAnswerRaw'],
|
||||
OpenIDConnect: ['_oidc_id_token', '_oidc_OP', '_oidc_access_token']
|
||||
sfaTitle: ['_2fDevices']
|
||||
};
|
||||
|
||||
menu = {
|
||||
|
@ -278,7 +272,7 @@
|
|||
$scope.displaySession = function(scope) {
|
||||
var sessionId, transformSession;
|
||||
transformSession = function(session) {
|
||||
var _insert, _stToStr, attr, attrs, category, i, id, k, key, l, len, len1, len2, m, ref, ref1, res, subres, time, tmp, value;
|
||||
var _insert, _stToStr, array, attr, attrs, category, i, id, k, key, len, len1, res, sfDevice, subres, time, value;
|
||||
_stToStr = function(s) {
|
||||
return s;
|
||||
};
|
||||
|
@ -331,11 +325,27 @@
|
|||
for (i = 0, len = attrs.length; i < len; i++) {
|
||||
attr = attrs[i];
|
||||
if (session[attr]) {
|
||||
subres.push({
|
||||
title: attr,
|
||||
value: session[attr]
|
||||
});
|
||||
delete session[attr];
|
||||
if (session[attr].match(/(?:UBK|TOTP|U2F)/)) {
|
||||
array = JSON.parse(session[attr]);
|
||||
for (k = 0, len1 = array.length; k < len1; k++) {
|
||||
sfDevice = array[k];
|
||||
for (key in sfDevice) {
|
||||
value = sfDevice[key];
|
||||
subres.push({
|
||||
title: key,
|
||||
value: value
|
||||
});
|
||||
}
|
||||
}
|
||||
delete session[attr];
|
||||
} else {
|
||||
subres.push({
|
||||
title: attr,
|
||||
value: session[attr]
|
||||
});
|
||||
console.log("!=" + session[attr]);
|
||||
delete session[attr];
|
||||
}
|
||||
}
|
||||
}
|
||||
if (subres.length > 0) {
|
||||
|
@ -345,62 +355,6 @@
|
|||
});
|
||||
}
|
||||
}
|
||||
_insert('^openid', 'OpenID');
|
||||
_insert('^notification_(.+)', '__notificationsDone__');
|
||||
if (session._loginHistory) {
|
||||
tmp = [];
|
||||
if (session._loginHistory.successLogin) {
|
||||
ref = session._loginHistory.successLogin;
|
||||
for (k = 0, len1 = ref.length; k < len1; k++) {
|
||||
l = ref[k];
|
||||
tmp.push({
|
||||
t: l._utime,
|
||||
title: $scope.localeDate(l._utime),
|
||||
value: "Success (IP " + l.ipAddr + ")"
|
||||
});
|
||||
}
|
||||
}
|
||||
if (session._loginHistory.failedLogin) {
|
||||
ref1 = session._loginHistory.failedLogin;
|
||||
for (m = 0, len2 = ref1.length; m < len2; m++) {
|
||||
l = ref1[m];
|
||||
tmp.push({
|
||||
t: l._utime,
|
||||
title: $scope.localeDate(l._utime),
|
||||
value: l.error + " (IP " + l.ipAddr + ")"
|
||||
});
|
||||
}
|
||||
}
|
||||
delete session._loginHistory;
|
||||
tmp.sort(function(a, b) {
|
||||
return a.t - b.t;
|
||||
});
|
||||
res.push({
|
||||
title: '__loginHistory__',
|
||||
nodes: tmp
|
||||
});
|
||||
}
|
||||
tmp = [];
|
||||
for (key in session) {
|
||||
value = session[key];
|
||||
tmp.push({
|
||||
title: key,
|
||||
value: value
|
||||
});
|
||||
}
|
||||
tmp.sort(function(a, b) {
|
||||
if (a.title > b.title) {
|
||||
return 1;
|
||||
} else if (a.title < b.title) {
|
||||
return -1;
|
||||
} else {
|
||||
return 0;
|
||||
}
|
||||
});
|
||||
res.push({
|
||||
title: '__attributesAndMacros__',
|
||||
nodes: tmp
|
||||
});
|
||||
return {
|
||||
_utime: time,
|
||||
id: id,
|
||||
|
|
File diff suppressed because one or more lines are too long
|
@ -672,6 +672,7 @@
|
|||
"sessionStartedAt":"Session started on",
|
||||
"sessionStorage":"Sessions Storage",
|
||||
"sessionTitle":"Session content",
|
||||
"sfaTitle":"Seconds Factors authentication",
|
||||
"show":"Show",
|
||||
"showHelp":"Show help",
|
||||
"singleIP":"One IP only by user",
|
||||
|
|
|
@ -672,6 +672,7 @@
|
|||
"sessionStartedAt":"Session démarrée le ",
|
||||
"sessionStorage":"Stockage des sessions",
|
||||
"sessionTitle":"Contenu de la session",
|
||||
"sfaTitle":"Seconds Facteurs d'authentification",
|
||||
"show":"Montrer",
|
||||
"showHelp":"Montrer l'aide",
|
||||
"singleIP":"Une seule session par couple utilisateur/IP",
|
||||
|
|
|
@ -672,6 +672,7 @@
|
|||
"sessionStartedAt":"La sessione è stata avviata",
|
||||
"sessionStorage":"Conservazione di sessioni",
|
||||
"sessionTitle":"Contenuto della sessione",
|
||||
"sfaTitle":"Seconds Factors authentication",
|
||||
"show":"Mostra",
|
||||
"showHelp":"Mostra aiuto",
|
||||
"singleIP":"Solo un IP per utente",
|
||||
|
|
|
@ -672,6 +672,7 @@
|
|||
"sessionStartedAt":"Phiên bắt đầu lúc",
|
||||
"sessionStorage":"Sessions lưu trữ",
|
||||
"sessionTitle":"Nội dung phiên",
|
||||
"sfaTitle":"Seconds Factors authentication",
|
||||
"show":"Hiển thị",
|
||||
"showHelp":"Hiển thị trợ giúp",
|
||||
"singleIP":"Chỉ một địa chỉ IP bởi người dùng",
|
||||
|
|
|
@ -97,6 +97,11 @@
|
|||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<div class="panel panel-default" ng-hide="currentSession===null">
|
||||
<div class="panel-heading">
|
||||
<h1 class="panel-title text-center">{{translate("sessionTitle")}} {{currentSession.id}}</h1>
|
||||
|
|
Loading…
Reference in New Issue
Block a user