Add epoch as default keyname if empty (#1386

This commit is contained in:
Christophe Maudoux 2018-04-03 17:15:38 +02:00
parent 0637601d8b
commit 6718cd304c
3 changed files with 53 additions and 52 deletions

View File

@ -8,12 +8,12 @@ sub types {
'authParamsText' => { 'authParamsText' => {
'test' => sub { 'test' => sub {
1; 1;
} }
}, },
'blackWhiteList' => { 'blackWhiteList' => {
'test' => sub { 'test' => sub {
1; 1;
} }
}, },
'bool' => { 'bool' => {
'msgFail' => '__notABoolean__', 'msgFail' => '__notABoolean__',
@ -27,7 +27,7 @@ sub types {
BEGIN { BEGIN {
${^WARNING_BITS} = ${^WARNING_BITS} =
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05"; "\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x01";
} }
eval "$s $val"; eval "$s $val";
my $err = join( my $err = join(
@ -36,17 +36,17 @@ sub types {
split( /\n/, $@, 0 ) ) split( /\n/, $@, 0 ) )
); );
return $err ? ( 1, "__badExpression__: $err" ) : 1; return $err ? ( 1, "__badExpression__: $err" ) : 1;
} }
}, },
'catAndAppList' => { 'catAndAppList' => {
'test' => sub { 'test' => sub {
1; 1;
} }
}, },
'file' => { 'file' => {
'test' => sub { 'test' => sub {
1; 1;
} }
}, },
'hostname' => { 'hostname' => {
'form' => 'text', 'form' => 'text',
@ -80,48 +80,48 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-
if $_ =~ /exportedvars$/i and defined $conf->{$_}{$val}; if $_ =~ /exportedvars$/i and defined $conf->{$_}{$val};
} }
return 1, "__unknownAttrOrMacro__: $val"; return 1, "__unknownAttrOrMacro__: $val";
} }
}, },
'longtext' => { 'longtext' => {
'test' => sub { 'test' => sub {
1; 1;
} }
}, },
'menuApp' => { 'menuApp' => {
'test' => sub { 'test' => sub {
1; 1;
} }
}, },
'menuCat' => { 'menuCat' => {
'test' => sub { 'test' => sub {
1; 1;
} }
}, },
'oidcmetadatajson' => { 'oidcmetadatajson' => {
'test' => sub { 'test' => sub {
1; 1;
} }
}, },
'oidcmetadatajwks' => { 'oidcmetadatajwks' => {
'test' => sub { 'test' => sub {
1; 1;
} }
}, },
'oidcOPMetaDataNode' => { 'oidcOPMetaDataNode' => {
'test' => sub { 'test' => sub {
1; 1;
} }
}, },
'oidcRPMetaDataNode' => { 'oidcRPMetaDataNode' => {
'test' => sub { 'test' => sub {
1; 1;
} }
}, },
'password' => { 'password' => {
'msgFail' => '__malformedValue__', 'msgFail' => '__malformedValue__',
'test' => sub { 'test' => sub {
1; 1;
} }
}, },
'pcre' => { 'pcre' => {
'form' => 'text', 'form' => 'text',
@ -132,7 +132,7 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-
} }
}; };
return $@ ? ( 0, "__badRegexp__: $@" ) : 1; return $@ ? ( 0, "__badRegexp__: $@" ) : 1;
} }
}, },
'PerlModule' => { 'PerlModule' => {
'form' => 'text', 'form' => 'text',
@ -142,17 +142,17 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-
'portalskin' => { 'portalskin' => {
'test' => sub { 'test' => sub {
1; 1;
} }
}, },
'portalskinbackground' => { 'portalskinbackground' => {
'test' => sub { 'test' => sub {
1; 1;
} }
}, },
'post' => { 'post' => {
'test' => sub { 'test' => sub {
1; 1;
} }
}, },
'RSAPrivateKey' => { 'RSAPrivateKey' => {
'test' => sub { 'test' => sub {
@ -160,7 +160,7 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-
m[^(?:(?:\-+\s*BEGIN\s+(?:RSA\s+)?PRIVATE\s+KEY\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+(?:RSA\s+)PRIVATE\s+KEY\s*\-+)?[\r\n]*)?$]s m[^(?:(?:\-+\s*BEGIN\s+(?:RSA\s+)?PRIVATE\s+KEY\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+(?:RSA\s+)PRIVATE\s+KEY\s*\-+)?[\r\n]*)?$]s
? 1 ? 1
: ( 1, '__badPemEncoding__' ); : ( 1, '__badPemEncoding__' );
} }
}, },
'RSAPublicKey' => { 'RSAPublicKey' => {
'test' => sub { 'test' => sub {
@ -168,7 +168,7 @@ m[^(?:(?:\-+\s*BEGIN\s+(?:RSA\s+)?PRIVATE\s+KEY\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\n]+=
m[^(?:(?:\-+\s*BEGIN\s+PUBLIC\s+KEY\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+PUBLIC\s+KEY\s*\-+)?[\r\n]*)?$]s m[^(?:(?:\-+\s*BEGIN\s+PUBLIC\s+KEY\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+PUBLIC\s+KEY\s*\-+)?[\r\n]*)?$]s
? 1 ? 1
: ( 1, '__badPemEncoding__' ); : ( 1, '__badPemEncoding__' );
} }
}, },
'RSAPublicKeyOrCertificate' => { 'RSAPublicKeyOrCertificate' => {
'test' => sub { 'test' => sub {
@ -176,37 +176,37 @@ m[^(?:(?:\-+\s*BEGIN\s+PUBLIC\s+KEY\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\
m[^(?:(?:\-+\s*BEGIN\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+)?[\r\n]*)?$]s m[^(?:(?:\-+\s*BEGIN\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+)?[\r\n]*)?$]s
? 1 ? 1
: ( 1, '__badPemEncoding__' ); : ( 1, '__badPemEncoding__' );
} }
}, },
'rule' => { 'rule' => {
'test' => sub { 'test' => sub {
1; 1;
} }
}, },
'samlAssertion' => { 'samlAssertion' => {
'test' => sub { 'test' => sub {
1; 1;
} }
}, },
'samlAttribute' => { 'samlAttribute' => {
'test' => sub { 'test' => sub {
1; 1;
} }
}, },
'samlIDPMetaDataNode' => { 'samlIDPMetaDataNode' => {
'test' => sub { 'test' => sub {
1; 1;
} }
}, },
'samlService' => { 'samlService' => {
'test' => sub { 'test' => sub {
1; 1;
} }
}, },
'samlSPMetaDataNode' => { 'samlSPMetaDataNode' => {
'test' => sub { 'test' => sub {
1; 1;
} }
}, },
'select' => { 'select' => {
'test' => sub { 'test' => sub {
@ -216,19 +216,19 @@ m[^(?:(?:\-+\s*BEGIN\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\
return $test return $test
? 1 ? 1
: ( 1, "Invalid value '$_[0]' for this select" ); : ( 1, "Invalid value '$_[0]' for this select" );
} }
}, },
'subContainer' => { 'subContainer' => {
'keyTest' => qr/\w/, 'keyTest' => qr/\w/,
'test' => sub { 'test' => sub {
1; 1;
} }
}, },
'text' => { 'text' => {
'msgFail' => '__malformedValue__', 'msgFail' => '__malformedValue__',
'test' => sub { 'test' => sub {
1; 1;
} }
}, },
'trool' => { 'trool' => {
'msgFail' => '__authorizedValues__: -1, 0, 1', 'msgFail' => '__authorizedValues__: -1, 0, 1',
@ -660,7 +660,7 @@ sub attributes {
BEGIN { BEGIN {
${^WARNING_BITS} = ${^WARNING_BITS} =
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05"; "\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x01";
} }
eval "$s $val"; eval "$s $val";
my $err = join( my $err = join(
@ -1024,7 +1024,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
BEGIN { BEGIN {
${^WARNING_BITS} = ${^WARNING_BITS} =
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05"; "\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x01";
} }
eval $s; eval $s;
my $err = join( my $err = join(
@ -1033,7 +1033,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
split( /\n/, $@, 0 ) ) split( /\n/, $@, 0 ) )
); );
return $err ? ( 1, "__badExpression__: $err" ) : 1; return $err ? ( 1, "__badExpression__: $err" ) : 1;
} }
}, },
'type' => 'keyTextContainer' 'type' => 'keyTextContainer'
}, },
@ -1109,7 +1109,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
BEGIN { BEGIN {
${^WARNING_BITS} = ${^WARNING_BITS} =
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05"; "\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x01";
} }
eval "$s $val"; eval "$s $val";
my $err = join( my $err = join(
@ -1132,7 +1132,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
BEGIN { BEGIN {
${^WARNING_BITS} = ${^WARNING_BITS} =
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05"; "\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x01";
} }
eval "$s $val"; eval "$s $val";
my $err = join( my $err = join(
@ -1208,7 +1208,7 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
and defined $conf->{$_}{$val}; and defined $conf->{$_}{$val};
} }
return 1, "__unknownAttrOrMacro__: $val"; return 1, "__unknownAttrOrMacro__: $val";
} }
}, },
'type' => 'doubleHash' 'type' => 'doubleHash'
}, },
@ -1487,7 +1487,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
BEGIN { BEGIN {
${^WARNING_BITS} = ${^WARNING_BITS} =
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05"; "\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x01";
} }
eval $s; eval $s;
my $err = join( my $err = join(
@ -1496,7 +1496,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
split( /\n/, $@, 0 ) ) split( /\n/, $@, 0 ) )
); );
return $err ? ( 1, "__badExpression__: $err" ) : 1; return $err ? ( 1, "__badExpression__: $err" ) : 1;
} }
}, },
'type' => 'ruleContainer' 'type' => 'ruleContainer'
}, },
@ -1524,7 +1524,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
BEGIN { BEGIN {
${^WARNING_BITS} = ${^WARNING_BITS} =
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05"; "\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x01";
} }
eval "$s $val"; eval "$s $val";
my $err = join( my $err = join(
@ -1875,7 +1875,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
BEGIN { BEGIN {
${^WARNING_BITS} = ${^WARNING_BITS} =
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05"; "\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x01";
} }
eval "$s $val"; eval "$s $val";
my $err = join( my $err = join(
@ -2212,7 +2212,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
BEGIN { BEGIN {
${^WARNING_BITS} = ${^WARNING_BITS} =
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05"; "\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x01";
} }
eval "$s $val"; eval "$s $val";
my $err = join( my $err = join(
@ -2916,7 +2916,7 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
BEGIN { BEGIN {
${^WARNING_BITS} = ${^WARNING_BITS} =
"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05"; "\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x01";
} }
eval "$s $val"; eval "$s $val";
my $err = join( my $err = join(

View File

@ -173,21 +173,20 @@ sub run {
} }
); );
} }
if ( $self->conf->{totp2fUserCanChangeKey} ) {
return $self->p->sendError( $req, 'notAutorizated', 200 );
}
# Get or generate master key # Get or generate master key
elsif ( $action eq 'unregister' ) { if ( $action eq 'unregister' ) {
if ( $self->conf->{totp2fUserCanChangeKey} ) {
$self->p->updatePersistentSession( $req, { _totp2fSecret => '' } ); $self->p->updatePersistentSession( $req, { _totp2fSecret => '' } );
$self->userLogger->notice('TOTP unregistration succeed'); $self->userLogger->notice('TOTP unregistration succeed');
return [ return [
200, [ 'Content-Type' => 'application/json' ], 200, [ 'Content-Type' => 'application/json' ],
['{"result":1}'] ['{"result":1}']
]; ];
} }
else {
return $self->p->sendError( $req, 'notAutorizated', 200 );
}
}
elsif ( $action eq 'delete' ) { elsif ( $action eq 'delete' ) {
my $epoch = $req->param('epoch'); my $epoch = $req->param('epoch');

View File

@ -47,7 +47,7 @@ sub run {
$self->logger->debug('Registration response'); $self->logger->debug('Registration response');
unless ($resp = $req->param('registration') unless ($resp = $req->param('registration')
and $challenge = $req->param('challenge') and $challenge = $req->param('challenge')
and $req->param('keyName') ) )
{ {
return $self->p->sendError( $req, 'Missing registration parameter', return $self->p->sendError( $req, 'Missing registration parameter',
400 ); 400 );
@ -78,6 +78,8 @@ sub run {
$list2FDevices = []; $list2FDevices = [];
} }
my $keyName = $req->param('keyName'); my $keyName = $req->param('keyName');
my $epoch = time();
$keyName ||= $epoch;
$self->logger->debug("Key name : $keyName"); $self->logger->debug("Key name : $keyName");
# Select U2F Devices only # Select U2F Devices only
@ -106,7 +108,7 @@ sub run {
name => $keyName, name => $keyName,
_userKey => $self->encode_base64url( $userKey, '' ), _userKey => $self->encode_base64url( $userKey, '' ),
_keyHandle => $keyHandle, _keyHandle => $keyHandle,
epoch => time() epoch => $epoch
}; };
$self->logger->debug( $self->logger->debug(
"Append 2F Device : { type => 'U2F', name => $keyName }"); "Append 2F Device : { type => 'U2F', name => $keyName }");