make tidy
This commit is contained in:
Xavier Guimard
parent
84e137b8c9
commit
62d5c7836c
|
|
@ -47,8 +47,7 @@ sub deleteNotification {
|
||||||
# Check input parameters
|
# Check input parameters
|
||||||
unless ( $uid and $myref ) {
|
unless ( $uid and $myref ) {
|
||||||
$self->userLogger->error(
|
$self->userLogger->error(
|
||||||
'REST service "delete notification" called without all parameters'
|
'REST service "delete notification" called without all parameters');
|
||||||
);
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -89,9 +89,7 @@ sub print {
|
||||||
sub addToHtmlHead {
|
sub addToHtmlHead {
|
||||||
my $self = shift;
|
my $self = shift;
|
||||||
$self->logger->error(
|
$self->logger->error(
|
||||||
'Features like form replay or logout_app can only be used with Apache'
|
'Features like form replay or logout_app can only be used with Apache');
|
||||||
),
|
|
||||||
;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
sub cgiName {
|
sub cgiName {
|
||||||
|
|
|
||||||
|
|
@ -21,7 +21,7 @@ ok(
|
||||||
cookieName => 'lemonldap',
|
cookieName => 'lemonldap',
|
||||||
securedCookie => 0,
|
securedCookie => 0,
|
||||||
https => 0,
|
https => 0,
|
||||||
userLogger => 'Lemonldap::NG::Common::Logger::Null',
|
userLogger => 'Lemonldap::NG::Common::Logger::Null',
|
||||||
}
|
}
|
||||||
),
|
),
|
||||||
'initialization'
|
'initialization'
|
||||||
|
|
|
||||||
|
|
@ -29,7 +29,7 @@ sub init {
|
||||||
cookieName => 'lemonldap',
|
cookieName => 'lemonldap',
|
||||||
securedCookie => 0,
|
securedCookie => 0,
|
||||||
https => 0,
|
https => 0,
|
||||||
logger => 'Lemonldap::NG::Common::Logger::Std',
|
logger => 'Lemonldap::NG::Common::Logger::Std',
|
||||||
%$prms
|
%$prms
|
||||||
);
|
);
|
||||||
ok(
|
ok(
|
||||||
|
|
|
||||||
|
|
@ -76,9 +76,10 @@ sub del2F {
|
||||||
or return $self->sendError( $req, 'Bad mode', 400 );
|
or return $self->sendError( $req, 'Bad mode', 400 );
|
||||||
|
|
||||||
my $params = $req->parameters();
|
my $params = $req->parameters();
|
||||||
my $type = $params->{type} or return $self->sendError( $req, 'Missing "type" parameter', 400 );
|
my $type = $params->{type}
|
||||||
my $epoch = $params->{epoch} or return $self->sendError( $req, 'Missing "epoch" parameter', 400 );
|
or return $self->sendError( $req, 'Missing "type" parameter', 400 );
|
||||||
|
my $epoch = $params->{epoch}
|
||||||
|
or return $self->sendError( $req, 'Missing "epoch" parameter', 400 );
|
||||||
|
|
||||||
if ( $type =~ /\b(?:U2F|TOTP|UBK)\b/ ) {
|
if ( $type =~ /\b(?:U2F|TOTP|UBK)\b/ ) {
|
||||||
$self->logger->debug(
|
$self->logger->debug(
|
||||||
|
|
@ -242,10 +243,13 @@ sub sfa {
|
||||||
$self->logger->debug(
|
$self->logger->debug(
|
||||||
"Removing sessions unless a $_ device is registered");
|
"Removing sessions unless a $_ device is registered");
|
||||||
}
|
}
|
||||||
|
|
||||||
#else {
|
#else {
|
||||||
#(
|
# (
|
||||||
#return $self->sendError( $req, "Bad or Missing " . $_ . "Check parameter",
|
# return $self->sendError(
|
||||||
#400 ) );
|
# $req, "Bad or Missing " . $_ . "Check parameter", 400
|
||||||
|
# )
|
||||||
|
# );
|
||||||
#}
|
#}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -68,7 +68,7 @@ has confChanged => (
|
||||||
);
|
);
|
||||||
|
|
||||||
# Properties required during build
|
# Properties required during build
|
||||||
has refConf => ( is => 'ro', isa => 'HashRef', required => 1 );
|
has refConf => ( is => 'ro', isa => 'HashRef', required => 1 );
|
||||||
has req => ( is => 'ro', required => 1 );
|
has req => ( is => 'ro', required => 1 );
|
||||||
has newConf => ( is => 'rw', isa => 'HashRef' );
|
has newConf => ( is => 'rw', isa => 'HashRef' );
|
||||||
has tree => ( is => 'rw', isa => 'ArrayRef' );
|
has tree => ( is => 'rw', isa => 'ArrayRef' );
|
||||||
|
|
@ -157,7 +157,7 @@ sub _scanNodes {
|
||||||
hdebug("Looking to $name");
|
hdebug("Looking to $name");
|
||||||
|
|
||||||
# subnode
|
# subnode
|
||||||
my $subNodes = $leaf->{nodes} // $leaf->{_nodes};
|
my $subNodes = $leaf->{nodes} // $leaf->{_nodes};
|
||||||
my $subNodesCond = $leaf->{nodes_cond} // $leaf->{_nodes_cond};
|
my $subNodesCond = $leaf->{nodes_cond} // $leaf->{_nodes_cond};
|
||||||
|
|
||||||
##################################
|
##################################
|
||||||
|
|
@ -531,7 +531,7 @@ sub _scanNodes {
|
||||||
: {}
|
: {}
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
for ( my $i = 0 ; $i < @listCatNew; $i++ ) {
|
for ( my $i = 0 ; $i < @listCatNew ; $i++ ) {
|
||||||
if ( not( defined $listCatRef[$i] )
|
if ( not( defined $listCatRef[$i] )
|
||||||
or $listCatRef[$i] ne $listCatNew[$i] )
|
or $listCatRef[$i] ne $listCatNew[$i] )
|
||||||
{
|
{
|
||||||
|
|
@ -1051,15 +1051,15 @@ sub _unitTest {
|
||||||
or $attr->{type} =~ /Container$/ )
|
or $attr->{type} =~ /Container$/ )
|
||||||
{
|
{
|
||||||
my $keyMsg = $attr->{keyMsgFail} // $type->{keyMsgFail};
|
my $keyMsg = $attr->{keyMsgFail} // $type->{keyMsgFail};
|
||||||
my $msg = $attr->{msgFail} // $type->{msgFail};
|
my $msg = $attr->{msgFail} // $type->{msgFail};
|
||||||
$res = 0
|
$res = 0
|
||||||
unless (
|
unless (
|
||||||
$self->_execTest(
|
$self->_execTest(
|
||||||
{
|
{
|
||||||
keyTest => $attr->{keyTest} // $type->{keyTest},
|
keyTest => $attr->{keyTest} // $type->{keyTest},
|
||||||
keyMsgFail => $attr->{keyMsgFail}
|
keyMsgFail => $attr->{keyMsgFail}
|
||||||
// $type->{keyMsgFail},
|
// $type->{keyMsgFail},
|
||||||
test => $attr->{test} // $type->{test},
|
test => $attr->{test} // $type->{test},
|
||||||
msgFail => $attr->{msgFail} // $type->{msgFail},
|
msgFail => $attr->{msgFail} // $type->{msgFail},
|
||||||
},
|
},
|
||||||
$conf->{$key},
|
$conf->{$key},
|
||||||
|
|
|
||||||
|
|
@ -40,14 +40,14 @@ sub addRoutes {
|
||||||
['DELETE']
|
['DELETE']
|
||||||
)
|
)
|
||||||
|
|
||||||
# DELETE OIDC CONSENT
|
# DELETE OIDC CONSENT
|
||||||
->addRoute(
|
->addRoute(
|
||||||
sessions => {
|
sessions => {
|
||||||
OIDCConsent =>
|
OIDCConsent =>
|
||||||
{ ':sessionType' => { ':sessionId' => 'delOIDCConsent' } }
|
{ ':sessionType' => { ':sessionId' => 'delOIDCConsent' } }
|
||||||
},
|
},
|
||||||
['DELETE']
|
['DELETE']
|
||||||
);
|
);
|
||||||
|
|
||||||
$self->setTypes($conf);
|
$self->setTypes($conf);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -24,7 +24,7 @@ delete $forms{restore};
|
||||||
my ( @types, $attr, $tree, $ctrees );
|
my ( @types, $attr, $tree, $ctrees );
|
||||||
ok( $tree = Lemonldap::NG::Manager::Build::Tree::tree(), 'Get tree' );
|
ok( $tree = Lemonldap::NG::Manager::Build::Tree::tree(), 'Get tree' );
|
||||||
ok( $ctrees = Lemonldap::NG::Manager::Build::CTrees::cTrees(), 'Get cTrees' );
|
ok( $ctrees = Lemonldap::NG::Manager::Build::CTrees::cTrees(), 'Get cTrees' );
|
||||||
ok( $attr = Lemonldap::NG::Manager::Build::Attributes::attributes(),
|
ok( $attr = Lemonldap::NG::Manager::Build::Attributes::attributes(),
|
||||||
'Get attributes' );
|
'Get attributes' );
|
||||||
$count += 4;
|
$count += 4;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -48,6 +48,7 @@ my $res;
|
||||||
## Sessions creation
|
## Sessions creation
|
||||||
# SSO session
|
# SSO session
|
||||||
$ids[0] = newSession( 'dwho', '127.10.0.1', 'SSO', $sfaDevices );
|
$ids[0] = newSession( 'dwho', '127.10.0.1', 'SSO', $sfaDevices );
|
||||||
|
|
||||||
# Peristent sesssions
|
# Peristent sesssions
|
||||||
$ids[1] = newSession( 'msmith', '127.10.0.1', 'Persistent', $sfaDevices );
|
$ids[1] = newSession( 'msmith', '127.10.0.1', 'Persistent', $sfaDevices );
|
||||||
$sfaDevices = [
|
$sfaDevices = [
|
||||||
|
|
@ -115,14 +116,13 @@ $sfaDevices = [
|
||||||
];
|
];
|
||||||
$ids[5] = newSession( 'tof', '127.10.0.1', 'Persistent', $sfaDevices );
|
$ids[5] = newSession( 'tof', '127.10.0.1', 'Persistent', $sfaDevices );
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## Verify sessions creation
|
## Verify sessions creation
|
||||||
# Single SSO session access
|
# Single SSO session access
|
||||||
$res = &client->jsonResponse("/sessions/global/$ids[0]");
|
$res = &client->jsonResponse("/sessions/global/$ids[0]");
|
||||||
ok( ( $res->{uid} and $res->{uid} eq 'dwho' ), 'UID found' );
|
ok( ( $res->{uid} and $res->{uid} eq 'dwho' ), 'UID found' );
|
||||||
ok( ( $res->{ipAddr} and $res->{ipAddr} eq '127.10.0.1' ), 'IP found' );
|
ok( ( $res->{ipAddr} and $res->{ipAddr} eq '127.10.0.1' ), 'IP found' );
|
||||||
count(2);
|
count(2);
|
||||||
|
|
||||||
# Single Persistent sessions access
|
# Single Persistent sessions access
|
||||||
for ( my $i = 1 ; $i < 6 ; $i++ ) {
|
for ( my $i = 1 ; $i < 6 ; $i++ ) {
|
||||||
$res = &client->jsonResponse("/sessions/persistent/$ids[$i]");
|
$res = &client->jsonResponse("/sessions/persistent/$ids[$i]");
|
||||||
|
|
@ -132,17 +132,25 @@ for ( my $i = 1 ; $i < 6 ; $i++ ) {
|
||||||
and $res->{uid} =~ /^(?:dwho|rtyler|msmith|davros|tof)$/
|
and $res->{uid} =~ /^(?:dwho|rtyler|msmith|davros|tof)$/
|
||||||
),
|
),
|
||||||
'Persistent sessions with UID found'
|
'Persistent sessions with UID found'
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
count(5);
|
count(5);
|
||||||
|
|
||||||
## Single Persistent sfa access
|
## Single Persistent sfa access
|
||||||
$res = &client->jsonResponse("/sfa/persistent/$ids[3]");
|
$res = &client->jsonResponse("/sfa/persistent/$ids[3]");
|
||||||
ok( ( $res->{uid} and $res->{uid} eq 'dwho' ), 'UID found' ) or print STDERR Dumper($res);
|
ok( ( $res->{uid} and $res->{uid} eq 'dwho' ), 'UID found' )
|
||||||
ok( ( $res->{ipAddr} and $res->{ipAddr} eq '127.10.0.1' ), 'IP found' ) or print STDERR Dumper($res);
|
or print STDERR Dumper($res);
|
||||||
ok( ( $res->{_2fDevices} and $res->{_2fDevices} =~ /"type":\s*"U2F"/s ), 'U2F found' ) or print STDERR Dumper($res);
|
ok( ( $res->{ipAddr} and $res->{ipAddr} eq '127.10.0.1' ), 'IP found' )
|
||||||
ok( ( $res->{_2fDevices} and $res->{_2fDevices} =~ /"type":\s*"TOTP"/s ), 'TOTP found' ) or print STDERR Dumper($res);
|
or print STDERR Dumper($res);
|
||||||
ok( ( $res->{_2fDevices} and $res->{_2fDevices} =~ /"type":\s*"UBK"/s ), 'UBK found' ) or print STDERR Dumper($res);
|
ok( ( $res->{_2fDevices} and $res->{_2fDevices} =~ /"type":\s*"U2F"/s ),
|
||||||
|
'U2F found' )
|
||||||
|
or print STDERR Dumper($res);
|
||||||
|
ok( ( $res->{_2fDevices} and $res->{_2fDevices} =~ /"type":\s*"TOTP"/s ),
|
||||||
|
'TOTP found' )
|
||||||
|
or print STDERR Dumper($res);
|
||||||
|
ok( ( $res->{_2fDevices} and $res->{_2fDevices} =~ /"type":\s*"UBK"/s ),
|
||||||
|
'UBK found' )
|
||||||
|
or print STDERR Dumper($res);
|
||||||
count(5);
|
count(5);
|
||||||
|
|
||||||
## "All" query
|
## "All" query
|
||||||
|
|
|
||||||
|
|
@ -103,7 +103,7 @@ sub init {
|
||||||
|
|
||||||
# Enable REST request only if more than 1 2F module is enabled
|
# Enable REST request only if more than 1 2F module is enabled
|
||||||
if ( @{ $self->{sfModules} } > 1 ) {
|
if ( @{ $self->{sfModules} } > 1 ) {
|
||||||
$self->addUnauthRoute( '2fchoice' => '_choice', ['POST'] );
|
$self->addUnauthRoute( '2fchoice' => '_choice', ['POST'] );
|
||||||
$self->addUnauthRoute( '2fchoice' => '_redirect', ['GET'] );
|
$self->addUnauthRoute( '2fchoice' => '_redirect', ['GET'] );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -67,7 +67,7 @@ sub run {
|
||||||
my $TOTPName = $req->param('TOTPName');
|
my $TOTPName = $req->param('TOTPName');
|
||||||
my $epoch = time();
|
my $epoch = time();
|
||||||
|
|
||||||
# Set default name if empty, check characters and truncate name if too long
|
# Set default name if empty, check characters and truncate name if too long
|
||||||
$TOTPName ||= $epoch;
|
$TOTPName ||= $epoch;
|
||||||
unless ( $TOTPName =~ /^[\w]+$/ ) {
|
unless ( $TOTPName =~ /^[\w]+$/ ) {
|
||||||
$self->userLogger->error('TOTP name with bad character(s)');
|
$self->userLogger->error('TOTP name with bad character(s)');
|
||||||
|
|
|
||||||
|
|
@ -34,7 +34,8 @@ sub init {
|
||||||
if ( $self->conf->{totp2fSelfRegistration}
|
if ( $self->conf->{totp2fSelfRegistration}
|
||||||
and $self->conf->{totp2fActivation} eq '1' )
|
and $self->conf->{totp2fActivation} eq '1' )
|
||||||
{
|
{
|
||||||
$self->conf->{totp2fActivation} = '$_2fDevices && $_2fDevices =~ /"type":\s*"TOTP"/s';
|
$self->conf->{totp2fActivation} =
|
||||||
|
'$_2fDevices && $_2fDevices =~ /"type":\s*"TOTP"/s';
|
||||||
}
|
}
|
||||||
return $self->SUPER::init();
|
return $self->SUPER::init();
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -37,7 +37,8 @@ sub init {
|
||||||
if ( $self->conf->{u2fSelfRegistration}
|
if ( $self->conf->{u2fSelfRegistration}
|
||||||
and $self->conf->{u2fActivation} eq '1' )
|
and $self->conf->{u2fActivation} eq '1' )
|
||||||
{
|
{
|
||||||
$self->conf->{u2fActivation} = '$_2fDevices && $_2fDevices =~ /"type":\s*"U2F"/s';
|
$self->conf->{u2fActivation} =
|
||||||
|
'$_2fDevices && $_2fDevices =~ /"type":\s*"U2F"/s';
|
||||||
}
|
}
|
||||||
return 0
|
return 0
|
||||||
unless ( $self->Lemonldap::NG::Portal::Main::SecondFactor::init()
|
unless ( $self->Lemonldap::NG::Portal::Main::SecondFactor::init()
|
||||||
|
|
@ -79,9 +80,9 @@ sub run {
|
||||||
|
|
||||||
$self->ott->updateToken( $token, __ch => $data->{challenge} );
|
$self->ott->updateToken( $token, __ch => $data->{challenge} );
|
||||||
|
|
||||||
$self->logger->debug("Prepare U2F verification");
|
$self->logger->debug("Prepare U2F verification");
|
||||||
$self->logger->debug(" -> Send challenge: ". $data->{challenge});
|
$self->logger->debug( " -> Send challenge: " . $data->{challenge} );
|
||||||
|
|
||||||
# Serialize data
|
# Serialize data
|
||||||
$data = to_json(
|
$data = to_json(
|
||||||
{
|
{
|
||||||
|
|
@ -208,7 +209,7 @@ sub loadUser {
|
||||||
return PE_ERROR;
|
return PE_ERROR;
|
||||||
}
|
}
|
||||||
$self->logger->debug("2F Device(s) found");
|
$self->logger->debug("2F Device(s) found");
|
||||||
|
|
||||||
$self->logger->debug("Looking for registered U2F key(s) ...");
|
$self->logger->debug("Looking for registered U2F key(s) ...");
|
||||||
foreach (@$_2fDevices) {
|
foreach (@$_2fDevices) {
|
||||||
if ( $_->{type} eq 'U2F' ) {
|
if ( $_->{type} eq 'U2F' ) {
|
||||||
|
|
|
||||||
|
|
@ -34,7 +34,7 @@ sub init {
|
||||||
$self->logger->error($@);
|
$self->logger->error($@);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
# If self registration is enabled and "activation" is just set to
|
# If self registration is enabled and "activation" is just set to
|
||||||
# "enabled", replace the rule to detect if user has registered its key
|
# "enabled", replace the rule to detect if user has registered its key
|
||||||
if ( $self->conf->{yubikey2fSelfRegistration}
|
if ( $self->conf->{yubikey2fSelfRegistration}
|
||||||
|
|
|
||||||
|
|
@ -16,7 +16,7 @@ extends 'Lemonldap::NG::Portal::Main::Auth',
|
||||||
|
|
||||||
# INTERFACE
|
# INTERFACE
|
||||||
|
|
||||||
has opList => ( is => 'rw', default => sub { [] } );
|
has opList => ( is => 'rw', default => sub { [] } );
|
||||||
has opNumber => ( is => 'rw', default => 0 );
|
has opNumber => ( is => 'rw', default => 0 );
|
||||||
has path => ( is => 'rw', default => 'oauth2' );
|
has path => ( is => 'rw', default => 'oauth2' );
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -754,7 +754,7 @@ sub extractFormInfo {
|
||||||
my $res = $self->p->deleteSession($req);
|
my $res = $self->p->deleteSession($req);
|
||||||
return (
|
return (
|
||||||
$res eq PE_LOGOUT_OK ? PE_SENDRESPONSE : $res );
|
$res eq PE_LOGOUT_OK ? PE_SENDRESPONSE : $res );
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -41,8 +41,8 @@ sub init {
|
||||||
"Unable to load configuration: $Lemonldap::NG::Common::Conf::msg");
|
"Unable to load configuration: $Lemonldap::NG::Common::Conf::msg");
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
$lconf->{$_} = $args->{$_} foreach ( keys %$args );
|
$lconf->{$_} = $args->{$_} foreach ( keys %$args );
|
||||||
$conf->{$_} = $lconf->{$_} foreach ( keys %$lconf );
|
$conf->{$_} = $lconf->{$_} foreach ( keys %$lconf );
|
||||||
$self->SUPER::init($lconf) or return 0;
|
$self->SUPER::init($lconf) or return 0;
|
||||||
$self->cdc_name( $conf->{samlCommonDomainCookieName} || '_saml_idp' );
|
$self->cdc_name( $conf->{samlCommonDomainCookieName} || '_saml_idp' );
|
||||||
$self->cdc_domain( $conf->{samlCommonDomainCookieDomain} );
|
$self->cdc_domain( $conf->{samlCommonDomainCookieDomain} );
|
||||||
|
|
|
||||||
|
|
@ -398,7 +398,7 @@ sub run {
|
||||||
|
|
||||||
# Read existing RP
|
# Read existing RP
|
||||||
@RPoidcConsent = grep { $_->{rp} eq $rp } @$_oidcConsents;
|
@RPoidcConsent = grep { $_->{rp} eq $rp } @$_oidcConsents;
|
||||||
unless ( @RPoidcConsent ) {
|
unless (@RPoidcConsent) {
|
||||||
$self->logger->debug("No Relying Party $rp Consent found");
|
$self->logger->debug("No Relying Party $rp Consent found");
|
||||||
|
|
||||||
# Set default value
|
# Set default value
|
||||||
|
|
|
||||||
|
|
@ -778,7 +778,7 @@ sub run {
|
||||||
if ( $method == $self->getHttpMethod("post")
|
if ( $method == $self->getHttpMethod("post")
|
||||||
|| $method == $self->getHttpMethod("artifact-post") )
|
|| $method == $self->getHttpMethod("artifact-post") )
|
||||||
{
|
{
|
||||||
$artifact_method = $self->getHttpMethod("artifact-post")
|
$artifact_method = $self->getHttpMethod("artifact-post");
|
||||||
|
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
|
|
||||||
|
|
@ -160,8 +160,7 @@ sub getNotifBack {
|
||||||
$self->p->updatePersistentSession( $req,
|
$self->p->updatePersistentSession( $req,
|
||||||
{ "notification_$reference" => time() } );
|
{ "notification_$reference" => time() } );
|
||||||
$self->logger->debug(
|
$self->logger->debug(
|
||||||
"Notification $reference registered in persistent session"
|
"Notification $reference registered in persistent session");
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
# Notifications accepted for this file, delete it unless it's a wildcard
|
# Notifications accepted for this file, delete it unless it's a wildcard
|
||||||
|
|
|
||||||
|
|
@ -219,8 +219,7 @@ sub getNotifBack {
|
||||||
$self->p->updatePersistentSession( $req,
|
$self->p->updatePersistentSession( $req,
|
||||||
{ "notification_$reference" => time() } );
|
{ "notification_$reference" => time() } );
|
||||||
$self->logger->debug(
|
$self->logger->debug(
|
||||||
"Notification $reference registered in persistent session"
|
"Notification $reference registered in persistent session");
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
# Notifications accepted for this file, delete it unless it's a wildcard
|
# Notifications accepted for this file, delete it unless it's a wildcard
|
||||||
|
|
|
||||||
|
|
@ -110,7 +110,7 @@ sub getToken {
|
||||||
return undef;
|
return undef;
|
||||||
}
|
}
|
||||||
my %h = %{ $tsession->{data} };
|
my %h = %{ $tsession->{data} };
|
||||||
$tsession->remove unless($keep);
|
$tsession->remove unless ($keep);
|
||||||
return \%h;
|
return \%h;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -174,7 +174,7 @@ sub send_mail {
|
||||||
foreach ( keys %cid ) {
|
foreach ( keys %cid ) {
|
||||||
$message->attach(
|
$message->attach(
|
||||||
Type => "image/" . ( $cid{$_} =~ m/\.(\w+)/ )[0],
|
Type => "image/" . ( $cid{$_} =~ m/\.(\w+)/ )[0],
|
||||||
Id => $_,
|
Id => $_,
|
||||||
Path => $self->p->{templateDir} . "/" . $cid{$_},
|
Path => $self->p->{templateDir} . "/" . $cid{$_},
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -106,7 +106,7 @@ sub display {
|
||||||
&& $req->data->{login},
|
&& $req->data->{login},
|
||||||
ASK_LOGINS => $req->param('checkLogins') || 0,
|
ASK_LOGINS => $req->param('checkLogins') || 0,
|
||||||
CONFIRMKEY => $self->stamp(),
|
CONFIRMKEY => $self->stamp(),
|
||||||
LIST => $req->data->{list} || [],
|
LIST => $req->data->{list} || [],
|
||||||
REMEMBER => $req->data->{confirmRemember},
|
REMEMBER => $req->data->{confirmRemember},
|
||||||
(
|
(
|
||||||
$req->data->{customScript}
|
$req->data->{customScript}
|
||||||
|
|
@ -550,7 +550,8 @@ sub mkOidcConsent {
|
||||||
$consents->{$rp}->{epoch} = $_->{epoch};
|
$consents->{$rp}->{epoch} = $_->{epoch};
|
||||||
$consents->{$rp}->{scope} = $_->{scope};
|
$consents->{$rp}->{scope} = $_->{scope};
|
||||||
$consents->{$rp}->{displayName} =
|
$consents->{$rp}->{displayName} =
|
||||||
$self->conf->{oidcRPMetaDataOptions}->{$rp}->{oidcRPMetaDataOptionsDisplayName};
|
$self->conf->{oidcRPMetaDataOptions}->{$rp}
|
||||||
|
->{oidcRPMetaDataOptionsDisplayName};
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -32,7 +32,7 @@ sub createUser {
|
||||||
givenName => $gn,
|
givenName => $gn,
|
||||||
unicodePwd => utf8(
|
unicodePwd => utf8(
|
||||||
chr(34) . $req->data->{registerInfo}->{password} . chr(34)
|
chr(34) . $req->data->{registerInfo}->{password} . chr(34)
|
||||||
)->utf16le(),
|
)->utf16le(),
|
||||||
mail => $req->data->{registerInfo}->{mail},
|
mail => $req->data->{registerInfo}->{mail},
|
||||||
]
|
]
|
||||||
);
|
);
|
||||||
|
|
|
||||||
|
|
@ -7,11 +7,13 @@ sub new {
|
||||||
unless ( $self->{conf}->{customRegister} ) {
|
unless ( $self->{conf}->{customRegister} ) {
|
||||||
die 'Custom register module not defined';
|
die 'Custom register module not defined';
|
||||||
}
|
}
|
||||||
|
|
||||||
eval $self->{p}->loadModule( $self->{conf}->{customRegister} );
|
eval $self->{p}->loadModule( $self->{conf}->{customRegister} );
|
||||||
($@)
|
($@)
|
||||||
? return $self->{p}->loadModule( $self->{conf}->{customRegister )
|
? return $self->{p}->loadModule(
|
||||||
: die 'Unable to load register module ' . $self->{conf}->{customRegister};
|
$self->{conf}->{ customRegister )
|
||||||
}
|
: die 'Unable to load register module '
|
||||||
|
. $self->{conf}->{customRegister};
|
||||||
|
}
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|
|
||||||
|
|
@ -292,6 +292,7 @@ ok(
|
||||||
);
|
);
|
||||||
count(1);
|
count(1);
|
||||||
$idpId = expectCookie($res);
|
$idpId = expectCookie($res);
|
||||||
|
|
||||||
#expectRedirection( $res, qr#^http://auth.rp.com/# );
|
#expectRedirection( $res, qr#^http://auth.rp.com/# );
|
||||||
|
|
||||||
#print STDERR Dumper($res);
|
#print STDERR Dumper($res);
|
||||||
|
|
|
||||||
|
|
@ -20,7 +20,7 @@ SKIP: {
|
||||||
);
|
);
|
||||||
$dbh->prepare(
|
$dbh->prepare(
|
||||||
q{INSERT INTO notifications VALUES ('dwho','testref','2016-05-30 00:00:00',?,null,null)}
|
q{INSERT INTO notifications VALUES ('dwho','testref','2016-05-30 00:00:00',?,null,null)}
|
||||||
)->execute(
|
)->execute(
|
||||||
'[
|
'[
|
||||||
{
|
{
|
||||||
"uid": "dwho",
|
"uid": "dwho",
|
||||||
|
|
@ -32,7 +32,7 @@ q{INSERT INTO notifications VALUES ('dwho','testref','2016-05-30 00:00:00',?,nul
|
||||||
"check": ["Accept test"]
|
"check": ["Accept test"]
|
||||||
}
|
}
|
||||||
]'
|
]'
|
||||||
);
|
);
|
||||||
|
|
||||||
my $client = LLNG::Manager::Test->new(
|
my $client = LLNG::Manager::Test->new(
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -50,8 +50,7 @@ ok(
|
||||||
$res = $client->_post(
|
$res = $client->_post(
|
||||||
'/',
|
'/',
|
||||||
IO::String->new(
|
IO::String->new(
|
||||||
'user=dwho&password=dwho&url=aHR0cDovL3Rlc3QxLmV4YW1wbGUuY29tLw=='
|
'user=dwho&password=dwho&url=aHR0cDovL3Rlc3QxLmV4YW1wbGUuY29tLw=='),
|
||||||
),
|
|
||||||
accept => 'text/html',
|
accept => 'text/html',
|
||||||
length => 64,
|
length => 64,
|
||||||
),
|
),
|
||||||
|
|
|
||||||
|
|
@ -81,7 +81,7 @@ SKIP: {
|
||||||
my $code;
|
my $code;
|
||||||
ok( $code = Lemonldap::NG::Common::TOTP::_code( undef, $key, 0, 30, 8 ),
|
ok( $code = Lemonldap::NG::Common::TOTP::_code( undef, $key, 0, 30, 8 ),
|
||||||
'Code' );
|
'Code' );
|
||||||
ok( $code =~ /^\d{8}$/, 'Code contains 8 digits' );
|
ok( $code =~ /^\d{8}$/, 'Code contains 8 digits' );
|
||||||
my $s = "code=$code&token=$token";
|
my $s = "code=$code&token=$token";
|
||||||
ok(
|
ok(
|
||||||
$res = $client->_post(
|
$res = $client->_post(
|
||||||
|
|
@ -110,19 +110,18 @@ SKIP: {
|
||||||
);
|
);
|
||||||
my ( $host, $url, $query ) =
|
my ( $host, $url, $query ) =
|
||||||
expectForm( $res, undef, '/totp2fcheck', 'token' );
|
expectForm( $res, undef, '/totp2fcheck', 'token' );
|
||||||
|
|
||||||
# Generate TOTP with LLNG
|
# Generate TOTP with LLNG
|
||||||
my $totp;
|
my $totp;
|
||||||
ok( $totp = Lemonldap::NG::Common::TOTP::_code( undef, $key, 0, 30, 8 ),
|
ok( $totp = Lemonldap::NG::Common::TOTP::_code( undef, $key, 0, 30, 8 ),
|
||||||
'LLNG Code' );
|
'LLNG Code' );
|
||||||
|
|
||||||
# Generate TOTP with an external application to validate LLNG TOTP formula
|
# Generate TOTP with an external application to validate LLNG TOTP formula
|
||||||
my $oath = Authen::OATH->new( digits => 8 );
|
my $oath = Authen::OATH->new( digits => 8 );
|
||||||
ok( $code = $oath->totp( $key ),
|
ok( $code = $oath->totp($key), 'Ext. App Code' );
|
||||||
'Ext. App Code' );
|
ok( $code == $totp, 'Both TOTP match' )
|
||||||
ok( $code == $totp, 'Both TOTP match')
|
or explain( [ $code, $totp ], 'LLNG and Ext. App TOTP mismatch' );
|
||||||
or explain( [ $code, $totp ], 'LLNG and Ext. App TOTP mismatch');
|
|
||||||
|
|
||||||
$query =~ s/code=/code=$code/;
|
$query =~ s/code=/code=$code/;
|
||||||
ok(
|
ok(
|
||||||
$res = $client->_post(
|
$res = $client->_post(
|
||||||
|
|
|
||||||
|
|
@ -11,12 +11,12 @@ SKIP: {
|
||||||
if ($@) {
|
if ($@) {
|
||||||
skip 'Convert::Base32 is missing', $maintests;
|
skip 'Convert::Base32 is missing', $maintests;
|
||||||
}
|
}
|
||||||
|
|
||||||
eval { require Crypt::U2F::Server; require Authen::U2F::Tester };
|
eval { require Crypt::U2F::Server; require Authen::U2F::Tester };
|
||||||
if ( $@ or $Crypt::U2F::Server::VERSION < 0.42 ) {
|
if ( $@ or $Crypt::U2F::Server::VERSION < 0.42 ) {
|
||||||
skip 'Missing libraries', $maintests;
|
skip 'Missing libraries', $maintests;
|
||||||
}
|
}
|
||||||
|
|
||||||
require Lemonldap::NG::Common::TOTP;
|
require Lemonldap::NG::Common::TOTP;
|
||||||
|
|
||||||
my $client = LLNG::Manager::Test->new(
|
my $client = LLNG::Manager::Test->new(
|
||||||
|
|
|
||||||
|
|
@ -296,8 +296,7 @@ has ini => (
|
||||||
$ini->{$k} //= $defaultIni->{$k};
|
$ini->{$k} //= $defaultIni->{$k};
|
||||||
}
|
}
|
||||||
$self->{ini} = $ini;
|
$self->{ini} = $ini;
|
||||||
main::ok( $self->{p} = $self->class->new(),
|
main::ok( $self->{p} = $self->class->new(), 'Portal object' );
|
||||||
'Portal object' );
|
|
||||||
main::ok( $self->{p}->init($ini), 'Init' );
|
main::ok( $self->{p}->init($ini), 'Init' );
|
||||||
main::ok( $self->{app} = $self->{p}->run(), 'Portal app' );
|
main::ok( $self->{app} = $self->{p}->run(), 'Portal app' );
|
||||||
main::count(3);
|
main::count(3);
|
||||||
|
|
@ -370,7 +369,7 @@ sub _get {
|
||||||
: ()
|
: ()
|
||||||
),
|
),
|
||||||
'REQUEST_METHOD' => $args{method} || 'GET',
|
'REQUEST_METHOD' => $args{method} || 'GET',
|
||||||
'REQUEST_URI' => $path . ( $args{query} ? "?$args{query}" : '' ),
|
'REQUEST_URI' => $path . ( $args{query} ? "?$args{query}" : '' ),
|
||||||
( $args{query} ? ( QUERY_STRING => $args{query} ) : () ),
|
( $args{query} ? ( QUERY_STRING => $args{query} ) : () ),
|
||||||
'SCRIPT_NAME' => '',
|
'SCRIPT_NAME' => '',
|
||||||
'SERVER_NAME' => 'auth.example.com',
|
'SERVER_NAME' => 'auth.example.com',
|
||||||
|
|
@ -406,10 +405,10 @@ sub _post {
|
||||||
: ()
|
: ()
|
||||||
),
|
),
|
||||||
'REQUEST_METHOD' => $args{method} || 'POST',
|
'REQUEST_METHOD' => $args{method} || 'POST',
|
||||||
'REQUEST_URI' => $path . ( $args{query} ? "?$args{query}" : '' ),
|
'REQUEST_URI' => $path . ( $args{query} ? "?$args{query}" : '' ),
|
||||||
'SCRIPT_NAME' => '',
|
'SCRIPT_NAME' => '',
|
||||||
'SERVER_NAME' => 'auth.example.com',
|
'SERVER_NAME' => 'auth.example.com',
|
||||||
'SERVER_PORT' => '80',
|
'SERVER_PORT' => '80',
|
||||||
'SERVER_PROTOCOL' => 'HTTP/1.1',
|
'SERVER_PROTOCOL' => 'HTTP/1.1',
|
||||||
( $args{custom} ? %{ $args{custom} } : () ),
|
( $args{custom} ? %{ $args{custom} } : () ),
|
||||||
'psgix.input.buffered' => 0,
|
'psgix.input.buffered' => 0,
|
||||||
|
|
|
||||||
|
|
@ -53,7 +53,7 @@ sub mirror {
|
||||||
: ()
|
: ()
|
||||||
),
|
),
|
||||||
'REQUEST_METHOD' => $args{method} || 'GET',
|
'REQUEST_METHOD' => $args{method} || 'GET',
|
||||||
'REQUEST_URI' => ( $args{path} || '/' )
|
'REQUEST_URI' => ( $args{path} || '/' )
|
||||||
. ( $args{query} ? "?$args{query}" : '' ),
|
. ( $args{query} ? "?$args{query}" : '' ),
|
||||||
( $args{query} ? ( QUERY_STRING => $args{query} ) : () ),
|
( $args{query} ? ( QUERY_STRING => $args{query} ) : () ),
|
||||||
'SCRIPT_NAME' => '',
|
'SCRIPT_NAME' => '',
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user