From 2185f0ef27dcddd41d28be5669d9b0c1bfb2098d Mon Sep 17 00:00:00 2001
From: Christophe Maudoux <chrmdx@gmail.com>
Date: Wed, 4 Apr 2018 23:14:25 +0200
Subject: [PATCH] Add Max2FDevices & Max2FDevicesNameLength attributes (#1386)

---
 e2e-tests/lemonldap-ng.ini                    |  2 ++
 .../Lemonldap/NG/Common/Conf/DefaultValues.pm |  2 ++
 .../lib/Lemonldap/NG/Manager/Attributes.pm    | 36 +++++++++++--------
 .../Lemonldap/NG/Manager/Build/Attributes.pm  | 14 +++++++-
 4 files changed, 39 insertions(+), 15 deletions(-)

diff --git a/e2e-tests/lemonldap-ng.ini b/e2e-tests/lemonldap-ng.ini
index 98e3627e3..e5e7806e0 100644
--- a/e2e-tests/lemonldap-ng.ini
+++ b/e2e-tests/lemonldap-ng.ini
@@ -24,6 +24,8 @@ portalSkin = bootstrap
 staticPrefix = /static
 languages    = fr, en, vi, it, ar
 templateDir  = __pwd__/lemonldap-ng-portal/site/templates
+max2FDevices = 10
+max2FDevicesNameLength = 20 
 ;totp2fActivation = 1
 ;totp2fSelfRegistration = 1
 
diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
index a9f9c6ecc..aef9e4401 100644
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
@@ -119,6 +119,8 @@ sub defaultValues {
         'mailUrl'                    => 'http://auth.example.com/resetpwd',
         'managerDn'                  => '',
         'managerPassword'            => '',
+        'max2FDevices'               => 10,
+        'max2FDevicesNameLength'     => 20,
         'multiValuesSeparator'       => '; ',
         'notificationStorage'        => 'File',
         'notificationStorageOptions' => {
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
index fa2a1f4cf..557dce2d2 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
@@ -27,7 +27,7 @@ sub types {
 
                 BEGIN {
                     ${^WARNING_BITS} =
-"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x01";
+"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05";
                 }
                 eval "$s $val";
                 my $err = join(
@@ -662,7 +662,7 @@ sub attributes {
 
                 BEGIN {
                     ${^WARNING_BITS} =
-"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x01";
+"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05";
                 }
                 eval "$s $val";
                 my $err = join(
@@ -1026,7 +1026,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
 
                     BEGIN {
                         ${^WARNING_BITS} =
-"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x01";
+"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05";
                     }
                     eval $s;
                     my $err = join(
@@ -1111,7 +1111,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
 
                 BEGIN {
                     ${^WARNING_BITS} =
-"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x01";
+"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05";
                 }
                 eval "$s $val";
                 my $err = join(
@@ -1134,7 +1134,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
 
                 BEGIN {
                     ${^WARNING_BITS} =
-"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x01";
+"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05";
                 }
                 eval "$s $val";
                 my $err = join(
@@ -1489,7 +1489,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
 
                     BEGIN {
                         ${^WARNING_BITS} =
-"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x01";
+"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05";
                     }
                     eval $s;
                     my $err = join(
@@ -1526,7 +1526,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
 
                 BEGIN {
                     ${^WARNING_BITS} =
-"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x01";
+"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05";
                 }
                 eval "$s $val";
                 my $err = join(
@@ -1596,6 +1596,14 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
             'test'    => qr/^\S*$/,
             'type'    => 'password'
         },
+        'max2FDevices' => {
+            'default' => 10,
+            'type'    => 'int'
+        },
+        'max2FDevicesNameLength' => {
+            'default' => 20,
+            'type'    => 'int'
+        },
         'multiValuesSeparator' => {
             'default' => '; ',
             'type'    => 'authParamsText'
@@ -1877,7 +1885,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
 
                 BEGIN {
                     ${^WARNING_BITS} =
-"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x01";
+"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05";
                 }
                 eval "$s $val";
                 my $err = join(
@@ -2214,7 +2222,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
 
                 BEGIN {
                     ${^WARNING_BITS} =
-"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x01";
+"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05";
                 }
                 eval "$s $val";
                 my $err = join(
@@ -2917,7 +2925,7 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
 
                 BEGIN {
                     ${^WARNING_BITS} =
-"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x01";
+"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05";
                 }
                 eval "$s $val";
                 my $err = join(
@@ -2996,19 +3004,19 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
             'default' => 0,
             'select'  => [
                 {
-                    'k' => '0',
+                    'k' => 0,
                     'v' => 'unsecuredCookie'
                 },
                 {
-                    'k' => '1',
+                    'k' => 1,
                     'v' => 'securedCookie'
                 },
                 {
-                    'k' => '2',
+                    'k' => 2,
                     'v' => 'doubleCookie'
                 },
                 {
-                    'k' => '3',
+                    'k' => 3,
                     'v' => 'doubleCookieForSingleSession'
                 }
             ],
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
index 9171ce4b6..fb078f2cb 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
@@ -1054,7 +1054,19 @@ sub attributes {
             default       => 1,
             documentation => 'Upgrade session activation',
         },
-
+        
+        # 2F
+        max2FDevices => {
+            default       => 10,
+            type          => 'int',
+            documentation => 'Register session timeout',
+        },
+        max2FDevicesNameLength => {
+            default       => 20,
+            type          => 'int',
+            documentation => 'Register session timeout',
+        },
+        
         # U2F
         u2fActivation => {
             type          => 'boolOrExpr',