Check if VerifyURL is set when REST2F is enabled (#1486)

2018-08-07 18:06:36 +02:00 · 2018-08-07 18:06:36 +02:00 · 4d47aa87a0
commit 4d47aa87a0
parent d46f40cf40
3 changed files with 15 additions and 2 deletions
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
@ -2104,7 +2104,10 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
        },
        'portal' => {
            'default' => 'http://auth.example.com/',
-            'type'    => 'url'
+            'msgFail' => '__badUrl__',
+            'test' =>
+qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/,
+            'type' => 'url'
        },
        'portalAntiFrame' => {
            'default' => 1,
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
@ -342,6 +342,8 @@ sub attributes {
            default       => 'http://auth.example.com/',
            documentation => 'Portal URL',
            flags         => 'hmp',
+            test          => $url,
+            msgFail       => '__badUrl__',
        },
        portalStatus => {
            type          => 'bool',
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm
@ -386,7 +386,7 @@ sub tests {
            return 1;
        },

-        # Warn if manager seems to be unprotected
+        # Warn if 2F dependencies seem missing
        sfaDependencies => sub {
            return 1
              unless ( $conf->{utotp2fActivation}
@ -453,6 +453,14 @@ sub tests {
            );
        },

+        # Error if REST 2F verify URL is missing
+        rest2fVerifyUrl => sub {
+            return ( 0, "REST 2F Verify URL must be set" )
+		  			if ( $conf->{rest2fActivation} ne "0" && ( $conf->{rest2fVerifyUrl} eq "" ) );
+		  	
+		  	return 1;
+        },
+
        # Warn if XSRF token TTL is higher than 10s
        formTimeout => sub {
            return 1 unless ( defined $conf->{formTimeout} );