add RememberAuthChoice Plugin (references #2737)
This commit is contained in:
parent
d2df7a314e
commit
901a6d3697
|
@ -30,3 +30,4 @@ Plugins
|
||||||
restservices
|
restservices
|
||||||
soapservices
|
soapservices
|
||||||
stayconnected
|
stayconnected
|
||||||
|
rememberauthchoice
|
||||||
|
|
27
doc/sources/admin/rememberauthchoice.rst
Normal file
27
doc/sources/admin/rememberauthchoice.rst
Normal file
|
@ -0,0 +1,27 @@
|
||||||
|
Remember auth choice plugin
|
||||||
|
===========================
|
||||||
|
|
||||||
|
This plugin enables automatic authentication, based upon the last user authentication choice.
|
||||||
|
|
||||||
|
For this plugin to work, you have to configure a set of :doc:`authentication modules<authchoice>`.
|
||||||
|
|
||||||
|
If you have multiple SAML, OIDC or CAS issuers, you should define a dedicated choice for each of these issuers, and set the corresponding URL to ``/?idp=youridp``.
|
||||||
|
|
||||||
|
Configuration
|
||||||
|
-------------
|
||||||
|
|
||||||
|
Once enabled (section "General Parameters > Plugins"), you can set these parameters.
|
||||||
|
|
||||||
|
- **Parameters**:
|
||||||
|
|
||||||
|
- **Activation**: Rule to enable/disable this plugin
|
||||||
|
- **Cookie name**: Name of the cookie storing the authentication choice
|
||||||
|
- **Cookie lifetime**: Duration of the cookie (seconds) storing the authentication choice
|
||||||
|
- **Check by default**: Is the checkbox "Remember my choice" checked by default?
|
||||||
|
- **Timer before automatic authentication**: Timer before automatic authentication happens, if user has previously authorized the storage of authentication choice in a cookie
|
||||||
|
|
||||||
|
.. tip::
|
||||||
|
|
||||||
|
For instance, you may allow users from 192.168.0.0/16 private network to have the "Remember authentication choice" checkbox:
|
||||||
|
|
||||||
|
- Rule: ``$env->{REMOTE_ADDR} =~ /^192\.168\./``
|
|
@ -305,6 +305,7 @@ Name Description
|
||||||
:doc:`REST services<restservices>` |new| REST server for :doc:`Proxy<authproxy>`
|
:doc:`REST services<restservices>` |new| REST server for :doc:`Proxy<authproxy>`
|
||||||
:doc:`SOAP services<soapservices>` |deprecated| SOAP server for :doc:`Proxy<authproxy>`
|
:doc:`SOAP services<soapservices>` |deprecated| SOAP server for :doc:`Proxy<authproxy>`
|
||||||
:doc:`Stay connected<stayconnected>` |new| Enable persistent connection on same browser
|
:doc:`Stay connected<stayconnected>` |new| Enable persistent connection on same browser
|
||||||
|
:doc:`Remember auth choice<rememberauthchoice>` |new| Remember user last authentication choice
|
||||||
Upgrade session |new| This plugin explains to an already authenticated user that a higher authentication level is required to access the URL instead of reject him
|
Upgrade session |new| This plugin explains to an already authenticated user that a higher authentication level is required to access the URL instead of reject him
|
||||||
==================================================================== ============================================================================================================================================
|
==================================================================== ============================================================================================================================================
|
||||||
|
|
||||||
|
|
|
@ -31,7 +31,7 @@ use constant DEFAULTCONFBACKENDOPTIONS => (
|
||||||
);
|
);
|
||||||
our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|webID)ExportedVa|exported(?:Heade|Va)|issuerDBGetParamete)r|f(?:indUser(?:Exclud|Search)ingAttribute|acebookExportedVar)|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|macro)s|o(?:idc(?:S(?:ervice(?:DynamicRegistrationEx(?:portedVar|traClaim)s|MetaDataAuthnContext)|torageOptions)|RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar|ScopeRule|Macro)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node))|penIdExportedVars)|c(?:as(?:A(?:ppMetaData(?:(?:ExportedVar|Option|Macro)s|Node)|ttributes)|S(?:rvMetaData(?:(?:ExportedVar|Option)s|Node)|torageOptions))|(?:ustom(?:Plugins|Add)Param|heckUserHiddenHeader|ombModule)s)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option|Macro)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars|fExtra)|a(?:(?:daptativeAuthenticationLevelR|ut(?:hChoiceMod|oSigninR))ules|pplicationList)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|v(?:hostOptions|irtualHost)|S(?:MTPTLSOpts|SLVarIf))$/;
|
our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|webID)ExportedVa|exported(?:Heade|Va)|issuerDBGetParamete)r|f(?:indUser(?:Exclud|Search)ingAttribute|acebookExportedVar)|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|macro)s|o(?:idc(?:S(?:ervice(?:DynamicRegistrationEx(?:portedVar|traClaim)s|MetaDataAuthnContext)|torageOptions)|RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar|ScopeRule|Macro)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node))|penIdExportedVars)|c(?:as(?:A(?:ppMetaData(?:(?:ExportedVar|Option|Macro)s|Node)|ttributes)|S(?:rvMetaData(?:(?:ExportedVar|Option)s|Node)|torageOptions))|(?:ustom(?:Plugins|Add)Param|heckUserHiddenHeader|ombModule)s)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option|Macro)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars|fExtra)|a(?:(?:daptativeAuthenticationLevelR|ut(?:hChoiceMod|oSigninR))ules|pplicationList)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|v(?:hostOptions|irtualHost)|S(?:MTPTLSOpts|SLVarIf))$/;
|
||||||
our $arrayParameters = qr/^mySessionAuthorizedRWKeys$/;
|
our $arrayParameters = qr/^mySessionAuthorizedRWKeys$/;
|
||||||
our $boolKeys = qr/^(?:s(?:aml(?:IDP(?:MetaDataOptions(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|IsPassiv)e|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Force(?:Authn|UTF8)|StoreSAMLToken|RelayStateURL)|SSODescriptorWantAuthnRequestsSigned)|S(?:P(?:MetaDataOptions(?:(?:CheckS[LS]OMessageSignatur|OneTimeUs)e|EnableIDPInitiatedURL|ForceUTF8)|SSODescriptor(?:WantAssertion|AuthnRequest)sSigned)|erviceUseCertificateInResponse)|DiscoveryProtocol(?:Activation|IsPassive)|CommonDomainCookieActivation|UseQueryStringSpecific|MetadataForceUTF8)|t(?:ayConnectedBypassFG|orePassword)|f(?:RemovedUseNotif|OnlyUpgrade)|kip(?:Upgrade|Renew)Confirmation|oap(?:Session|Config)Server|laveDisplayLogo|howLanguages|slByAjax)|o(?:idc(?:RPMetaDataOptions(?:A(?:llow(?:(?:ClientCredentials|Password)Grant|Offline)|ccessToken(?:Claims|JWT))|Re(?:freshToken|quirePKCE)|LogoutSessionRequired|IDTokenForceClaims|BypassConsent|Public)|ServiceAllow(?:(?:AuthorizationCode|Implicit|Hybrid)Flow|DynamicRegistration|OnlyDeclaredScopes)|OPMetaDataOptions(?:(?:CheckJWTSignatur|UseNonc)e|StoreIDToken))|ldNotifFormat)|c(?:a(?:sS(?:rvMetaDataOptions(?:Gateway|Renew)|trictMatching)|ptcha_(?:register|login|mail)_enabled)|heck(?:DevOps(?:D(?:isplayNormalizedHeaders|ownload)|CheckSessionAttributes)?|State|User|XSS)|o(?:ntextSwitching(?:Allowed2fModifications|StopWithLogout)|mpactConf|rsEnabled)|rowdsec|da)|p(?:ortal(?:Display(?:Re(?:freshMyRights|setPassword|gister)|CertificateResetByMail|GeneratePassword|PasswordPolicy)|E(?:rrorOn(?:ExpiredSession|MailNotFound)|nablePasswordDisplay)|(?:CheckLogin|Statu)s|OpenLinkInNewWindow|ForceAuthn|AntiFrame)|roxy(?:AuthServiceImpersonation|UseSoap))|l(?:dap(?:(?:G(?:roup(?:DecodeSearchedValu|Recursiv)|etUserBeforePasswordChang)|UsePasswordResetAttribut)e|(?:AllowResetExpired|Set)Password|ChangePasswordAsUser|PpolicyControl|ITDS)|oginHistoryEnabled)|n(?:o(?:tif(?:ication(?:Server(?:(?:POS|GE)T|DELETE)?|sExplorer)?|y(?:Deleted|Other))|AjaxHook)|ewLocationWarning)|i(?:ssuerDB(?:OpenID(?:Connect)?|SAML|CAS|Get)Activation|mpersonationSkipEmptyValues)|u(?:se(?:RedirectOn(?:Forbidden|Error)|SafeJail)|2fUserCanRemoveKey|pgradeSession)|re(?:st(?:(?:Password|Session|Config|Auth)Server|ExportSecretKeys)|freshSessions)|br(?:uteForceProtection(?:IncrementalTempo)?|owsersDontStorePassword)|d(?:is(?:ablePersistentStorage|playSessionId)|biDynamicHashEnabled)|to(?:tp2f(?:UserCanRemoveKey|EncryptSecret)|kenUseGlobalStorage)|(?:mai(?:lOnPasswordChang|ntenanc)|vhostMaintenanc)e|w(?:ebauthn2fUserCanRemoveKey|sdlServer)|g(?:roupsBeforeMacros|lobalLogoutTimer)|a(?:voidAssignment|ctiveTimer)|h(?:ideOldPassword|ttpOnly)|yubikey2fUserCanRemoveKey|krb(?:RemoveDomain|ByJs)|findUser)$/;
|
our $boolKeys = qr/^(?:s(?:aml(?:IDP(?:MetaDataOptions(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|IsPassiv)e|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Force(?:Authn|UTF8)|StoreSAMLToken|RelayStateURL)|SSODescriptorWantAuthnRequestsSigned)|S(?:P(?:MetaDataOptions(?:(?:CheckS[LS]OMessageSignatur|OneTimeUs)e|EnableIDPInitiatedURL|ForceUTF8)|SSODescriptor(?:WantAssertion|AuthnRequest)sSigned)|erviceUseCertificateInResponse)|DiscoveryProtocol(?:Activation|IsPassive)|CommonDomainCookieActivation|UseQueryStringSpecific|MetadataForceUTF8)|t(?:ayConnectedBypassFG|orePassword)|f(?:RemovedUseNotif|OnlyUpgrade)|kip(?:Upgrade|Renew)Confirmation|oap(?:Session|Config)Server|laveDisplayLogo|howLanguages|slByAjax)|o(?:idc(?:RPMetaDataOptions(?:A(?:llow(?:(?:ClientCredentials|Password)Grant|Offline)|ccessToken(?:Claims|JWT))|Re(?:freshToken|quirePKCE)|LogoutSessionRequired|IDTokenForceClaims|BypassConsent|Public)|ServiceAllow(?:(?:AuthorizationCode|Implicit|Hybrid)Flow|DynamicRegistration|OnlyDeclaredScopes)|OPMetaDataOptions(?:(?:CheckJWTSignatur|UseNonc)e|StoreIDToken))|ldNotifFormat)|c(?:a(?:sS(?:rvMetaDataOptions(?:Gateway|Renew)|trictMatching)|ptcha_(?:register|login|mail)_enabled)|heck(?:DevOps(?:D(?:isplayNormalizedHeaders|ownload)|CheckSessionAttributes)?|State|User|XSS)|o(?:ntextSwitching(?:Allowed2fModifications|StopWithLogout)|mpactConf|rsEnabled)|rowdsec|da)|p(?:ortal(?:Display(?:Re(?:freshMyRights|setPassword|gister)|CertificateResetByMail|GeneratePassword|PasswordPolicy)|E(?:rrorOn(?:ExpiredSession|MailNotFound)|nablePasswordDisplay)|(?:CheckLogin|Statu)s|OpenLinkInNewWindow|ForceAuthn|AntiFrame)|roxy(?:AuthServiceImpersonation|UseSoap))|l(?:dap(?:(?:G(?:roup(?:DecodeSearchedValu|Recursiv)|etUserBeforePasswordChang)|UsePasswordResetAttribut)e|(?:AllowResetExpired|Set)Password|ChangePasswordAsUser|PpolicyControl|ITDS)|oginHistoryEnabled)|n(?:o(?:tif(?:ication(?:Server(?:(?:POS|GE)T|DELETE)?|sExplorer)?|y(?:Deleted|Other))|AjaxHook)|ewLocationWarning)|re(?:st(?:(?:Password|Session|Config|Auth)Server|ExportSecretKeys)|memberDefaultChecked|freshSessions)|i(?:ssuerDB(?:OpenID(?:Connect)?|SAML|CAS|Get)Activation|mpersonationSkipEmptyValues)|u(?:se(?:RedirectOn(?:Forbidden|Error)|SafeJail)|2fUserCanRemoveKey|pgradeSession)|br(?:uteForceProtection(?:IncrementalTempo)?|owsersDontStorePassword)|d(?:is(?:ablePersistentStorage|playSessionId)|biDynamicHashEnabled)|to(?:tp2f(?:UserCanRemoveKey|EncryptSecret)|kenUseGlobalStorage)|(?:mai(?:lOnPasswordChang|ntenanc)|vhostMaintenanc)e|w(?:ebauthn2fUserCanRemoveKey|sdlServer)|g(?:roupsBeforeMacros|lobalLogoutTimer)|a(?:voidAssignment|ctiveTimer)|h(?:ideOldPassword|ttpOnly)|yubikey2fUserCanRemoveKey|krb(?:RemoveDomain|ByJs)|findUser)$/;
|
||||||
|
|
||||||
our @sessionTypes = ( 'remoteGlobal', 'global', 'localSession', 'persistent', 'saml', 'oidc', 'cas' );
|
our @sessionTypes = ( 'remoteGlobal', 'global', 'localSession', 'persistent', 'saml', 'oidc', 'cas' );
|
||||||
|
|
||||||
|
|
|
@ -5,400 +5,384 @@ our $VERSION = '2.0.14';
|
||||||
|
|
||||||
sub defaultValues {
|
sub defaultValues {
|
||||||
return {
|
return {
|
||||||
'activeTimer' => 1,
|
'activeTimer' => 1,
|
||||||
'ADPwdExpireWarning' => 0,
|
'ADPwdExpireWarning' => 0,
|
||||||
'ADPwdMaxAge' => 0,
|
'ADPwdMaxAge' => 0,
|
||||||
'apacheAuthnLevel' => 3,
|
'apacheAuthnLevel' => 3,
|
||||||
'applicationList' => {
|
'applicationList' => {
|
||||||
'default' => {
|
'default' => {
|
||||||
'catname' => 'Default category',
|
'catname' => 'Default category',
|
||||||
'type' => 'category'
|
'type' => 'category'
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
'authChoiceParam' => 'lmAuth',
|
'authChoiceParam' => 'lmAuth',
|
||||||
'authentication' => 'Demo',
|
'authentication' => 'Demo',
|
||||||
'available2F' =>
|
'available2F' => 'UTOTP,TOTP,U2F,REST,Mail2F,Ext2F,WebAuthn,Yubikey,Radius',
|
||||||
'UTOTP,TOTP,U2F,REST,Mail2F,Ext2F,WebAuthn,Yubikey,Radius',
|
'available2FSelfRegistration' => 'TOTP,U2F,WebAuthn,Yubikey',
|
||||||
'available2FSelfRegistration' => 'TOTP,U2F,WebAuthn,Yubikey',
|
'bruteForceProtectionLockTimes' => '15, 30, 60, 300, 600',
|
||||||
'bruteForceProtectionLockTimes' => '15, 30, 60, 300, 600',
|
'bruteForceProtectionMaxAge' => 300,
|
||||||
'bruteForceProtectionMaxAge' => 300,
|
'bruteForceProtectionMaxFailed' => 3,
|
||||||
'bruteForceProtectionMaxFailed' => 3,
|
'bruteForceProtectionMaxLockTime' => 900,
|
||||||
'bruteForceProtectionMaxLockTime' => 900,
|
'bruteForceProtectionTempo' => 30,
|
||||||
'bruteForceProtectionTempo' => 30,
|
'captcha_mail_enabled' => 1,
|
||||||
'captcha_mail_enabled' => 1,
|
'captcha_register_enabled' => 1,
|
||||||
'captcha_register_enabled' => 1,
|
'captcha_size' => 6,
|
||||||
'captcha_size' => 6,
|
'casAccessControlPolicy' => 'none',
|
||||||
'casAccessControlPolicy' => 'none',
|
'casAuthnLevel' => 1,
|
||||||
'casAuthnLevel' => 1,
|
'casTicketExpiration' => 0,
|
||||||
'casTicketExpiration' => 0,
|
'certificateResetByMailCeaAttribute' => 'description',
|
||||||
'certificateResetByMailCeaAttribute' => 'description',
|
'certificateResetByMailCertificateAttribute' => 'userCertificate;binary',
|
||||||
'certificateResetByMailCertificateAttribute' =>
|
'certificateResetByMailURL' => 'http://auth.example.com/certificateReset',
|
||||||
'userCertificate;binary',
|
'certificateResetByMailValidityDelay' => 0,
|
||||||
'certificateResetByMailURL' =>
|
'checkDevOpsCheckSessionAttributes' => 1,
|
||||||
'http://auth.example.com/certificateReset',
|
'checkDevOpsDisplayNormalizedHeaders' => 1,
|
||||||
'certificateResetByMailValidityDelay' => 0,
|
'checkDevOpsDownload' => 1,
|
||||||
'checkDevOpsCheckSessionAttributes' => 1,
|
'checkTime' => 600,
|
||||||
'checkDevOpsDisplayNormalizedHeaders' => 1,
|
'checkUserDisplayComputedSession' => 1,
|
||||||
'checkDevOpsDownload' => 1,
|
'checkUserDisplayEmptyHeaders' => 0,
|
||||||
'checkTime' => 600,
|
'checkUserDisplayEmptyValues' => 0,
|
||||||
'checkUserDisplayComputedSession' => 1,
|
'checkUserDisplayHiddenAttributes' => 0,
|
||||||
'checkUserDisplayEmptyHeaders' => 0,
|
'checkUserDisplayHistory' => 0,
|
||||||
'checkUserDisplayEmptyValues' => 0,
|
'checkUserDisplayNormalizedHeaders' => 0,
|
||||||
'checkUserDisplayHiddenAttributes' => 0,
|
'checkUserDisplayPersistentInfo' => 0,
|
||||||
'checkUserDisplayHistory' => 0,
|
'checkUserHiddenAttributes' => '_loginHistory, _session_id, hGroups',
|
||||||
'checkUserDisplayNormalizedHeaders' => 0,
|
'checkUserIdRule' => 1,
|
||||||
'checkUserDisplayPersistentInfo' => 0,
|
'checkXSS' => 1,
|
||||||
'checkUserHiddenAttributes' => '_loginHistory, _session_id, hGroups',
|
'confirmFormMethod' => 'post',
|
||||||
'checkUserIdRule' => 1,
|
'contextSwitchingIdRule' => 1,
|
||||||
'checkXSS' => 1,
|
'contextSwitchingPrefix' => 'switching',
|
||||||
'confirmFormMethod' => 'post',
|
'contextSwitchingRule' => 0,
|
||||||
'contextSwitchingIdRule' => 1,
|
'contextSwitchingStopWithLogout' => 1,
|
||||||
'contextSwitchingPrefix' => 'switching',
|
'cookieName' => 'lemonldap',
|
||||||
'contextSwitchingRule' => 0,
|
'corsAllow_Credentials' => 'true',
|
||||||
'contextSwitchingStopWithLogout' => 1,
|
'corsAllow_Headers' => '*',
|
||||||
'cookieName' => 'lemonldap',
|
'corsAllow_Methods' => 'POST,GET',
|
||||||
'corsAllow_Credentials' => 'true',
|
'corsAllow_Origin' => '*',
|
||||||
'corsAllow_Headers' => '*',
|
'corsEnabled' => 1,
|
||||||
'corsAllow_Methods' => 'POST,GET',
|
'corsExpose_Headers' => '*',
|
||||||
'corsAllow_Origin' => '*',
|
'corsMax_Age' => '86400',
|
||||||
'corsEnabled' => 1,
|
'crowdsecAction' => 'reject',
|
||||||
'corsExpose_Headers' => '*',
|
'cspConnect' => '\'self\'',
|
||||||
'corsMax_Age' => '86400',
|
'cspDefault' => '\'self\'',
|
||||||
'crowdsecAction' => 'reject',
|
'cspFont' => '\'self\'',
|
||||||
'cspConnect' => '\'self\'',
|
'cspFormAction' => '*',
|
||||||
'cspDefault' => '\'self\'',
|
'cspFrameAncestors' => '',
|
||||||
'cspFont' => '\'self\'',
|
'cspImg' => '\'self\' data:',
|
||||||
'cspFormAction' => '*',
|
'cspScript' => '\'self\'',
|
||||||
'cspFrameAncestors' => '',
|
'cspStyle' => '\'self\'',
|
||||||
'cspImg' => '\'self\' data:',
|
'dbiAuthnLevel' => 2,
|
||||||
'cspScript' => '\'self\'',
|
'dbiExportedVars' => {},
|
||||||
'cspStyle' => '\'self\'',
|
'decryptValueRule' => 0,
|
||||||
'dbiAuthnLevel' => 2,
|
'demoExportedVars' => {
|
||||||
'dbiExportedVars' => {},
|
'cn' => 'cn',
|
||||||
'decryptValueRule' => 0,
|
'mail' => 'mail',
|
||||||
'demoExportedVars' => {
|
'uid' => 'uid'
|
||||||
'cn' => 'cn',
|
},
|
||||||
'mail' => 'mail',
|
'displaySessionId' => 1,
|
||||||
'uid' => 'uid'
|
'domain' => 'example.com',
|
||||||
},
|
'exportedVars' => {
|
||||||
'displaySessionId' => 1,
|
'UA' => 'HTTP_USER_AGENT'
|
||||||
'domain' => 'example.com',
|
},
|
||||||
'exportedVars' => {
|
'ext2fActivation' => 0,
|
||||||
'UA' => 'HTTP_USER_AGENT'
|
'ext2fCodeActivation' => '\\d{6}',
|
||||||
},
|
'facebookAuthnLevel' => 1,
|
||||||
'ext2fActivation' => 0,
|
'facebookExportedVars' => {},
|
||||||
'ext2fCodeActivation' => '\\d{6}',
|
'facebookUserField' => 'id',
|
||||||
'facebookAuthnLevel' => 1,
|
'failedLoginNumber' => 5,
|
||||||
'facebookExportedVars' => {},
|
'findUserControl' => '^[*\\w]+$',
|
||||||
'facebookUserField' => 'id',
|
'findUserWildcard' => '*',
|
||||||
'failedLoginNumber' => 5,
|
'formTimeout' => 120,
|
||||||
'findUserControl' => '^[*\\w]+$',
|
'githubAuthnLevel' => 1,
|
||||||
'findUserWildcard' => '*',
|
'githubScope' => 'user:email',
|
||||||
'formTimeout' => 120,
|
'githubUserField' => 'login',
|
||||||
'githubAuthnLevel' => 1,
|
'globalLogoutRule' => 0,
|
||||||
'githubScope' => 'user:email',
|
'globalLogoutTimer' => 1,
|
||||||
'githubUserField' => 'login',
|
'globalStorage' => 'Apache::Session::File',
|
||||||
'globalLogoutRule' => 0,
|
'globalStorageOptions' => {
|
||||||
'globalLogoutTimer' => 1,
|
'Directory' => '/var/lib/lemonldap-ng/sessions/',
|
||||||
'globalStorage' => 'Apache::Session::File',
|
'generateModule' => 'Lemonldap::NG::Common::Apache::Session::Generate::SHA256',
|
||||||
'globalStorageOptions' => {
|
'LockDirectory' => '/var/lib/lemonldap-ng/sessions/lock/'
|
||||||
'Directory' => '/var/lib/lemonldap-ng/sessions/',
|
},
|
||||||
'generateModule' =>
|
'gpgAuthnLevel' => 5,
|
||||||
'Lemonldap::NG::Common::Apache::Session::Generate::SHA256',
|
'gpgDb' => '',
|
||||||
'LockDirectory' => '/var/lib/lemonldap-ng/sessions/lock/'
|
'grantSessionRules' => {},
|
||||||
},
|
'groups' => {},
|
||||||
'gpgAuthnLevel' => 5,
|
'handlerInternalCache' => 15,
|
||||||
'gpgDb' => '',
|
'handlerServiceTokenTTL' => 30,
|
||||||
'grantSessionRules' => {},
|
'hiddenAttributes' => '_password, _2fDevices',
|
||||||
'groups' => {},
|
'httpOnly' => 1,
|
||||||
'handlerInternalCache' => 15,
|
'https' => -1,
|
||||||
'handlerServiceTokenTTL' => 30,
|
'impersonationHiddenAttributes' => '_2fDevices, _loginHistory',
|
||||||
'hiddenAttributes' => '_password, _2fDevices',
|
'impersonationIdRule' => 1,
|
||||||
'httpOnly' => 1,
|
'impersonationMergeSSOgroups' => 0,
|
||||||
'https' => -1,
|
'impersonationPrefix' => 'real_',
|
||||||
'impersonationHiddenAttributes' => '_2fDevices, _loginHistory',
|
'impersonationRule' => 0,
|
||||||
'impersonationIdRule' => 1,
|
'impersonationSkipEmptyValues' => 1,
|
||||||
'impersonationMergeSSOgroups' => 0,
|
'infoFormMethod' => 'get',
|
||||||
'impersonationPrefix' => 'real_',
|
'issuerDBCASPath' => '^/cas/',
|
||||||
'impersonationRule' => 0,
|
'issuerDBCASRule' => 1,
|
||||||
'impersonationSkipEmptyValues' => 1,
|
'issuerDBGetParameters' => {},
|
||||||
'infoFormMethod' => 'get',
|
'issuerDBGetPath' => '^/get/',
|
||||||
'issuerDBCASPath' => '^/cas/',
|
'issuerDBGetRule' => 1,
|
||||||
'issuerDBCASRule' => 1,
|
'issuerDBOpenIDConnectPath' => '^/oauth2/',
|
||||||
'issuerDBGetParameters' => {},
|
'issuerDBOpenIDConnectRule' => 1,
|
||||||
'issuerDBGetPath' => '^/get/',
|
'issuerDBOpenIDPath' => '^/openidserver/',
|
||||||
'issuerDBGetRule' => 1,
|
'issuerDBOpenIDRule' => 1,
|
||||||
'issuerDBOpenIDConnectPath' => '^/oauth2/',
|
'issuerDBSAMLPath' => '^/saml/',
|
||||||
'issuerDBOpenIDConnectRule' => 1,
|
'issuerDBSAMLRule' => 1,
|
||||||
'issuerDBOpenIDPath' => '^/openidserver/',
|
'issuersTimeout' => 120,
|
||||||
'issuerDBOpenIDRule' => 1,
|
'jsRedirect' => 0,
|
||||||
'issuerDBSAMLPath' => '^/saml/',
|
'krbAuthnLevel' => 3,
|
||||||
'issuerDBSAMLRule' => 1,
|
'krbRemoveDomain' => 1,
|
||||||
'issuersTimeout' => 120,
|
'ldapAuthnLevel' => 2,
|
||||||
'jsRedirect' => 0,
|
'ldapBase' => 'dc=example,dc=com',
|
||||||
'krbAuthnLevel' => 3,
|
'ldapExportedVars' => {
|
||||||
'krbRemoveDomain' => 1,
|
'cn' => 'cn',
|
||||||
'ldapAuthnLevel' => 2,
|
'mail' => 'mail',
|
||||||
'ldapBase' => 'dc=example,dc=com',
|
'uid' => 'uid'
|
||||||
'ldapExportedVars' => {
|
},
|
||||||
'cn' => 'cn',
|
'ldapGroupAttributeName' => 'member',
|
||||||
'mail' => 'mail',
|
'ldapGroupAttributeNameGroup' => 'dn',
|
||||||
'uid' => 'uid'
|
'ldapGroupAttributeNameSearch' => 'cn',
|
||||||
},
|
'ldapGroupAttributeNameUser' => 'dn',
|
||||||
'ldapGroupAttributeName' => 'member',
|
'ldapGroupObjectClass' => 'groupOfNames',
|
||||||
'ldapGroupAttributeNameGroup' => 'dn',
|
'ldapIOTimeout' => 10,
|
||||||
'ldapGroupAttributeNameSearch' => 'cn',
|
'ldapPasswordResetAttribute' => 'pwdReset',
|
||||||
'ldapGroupAttributeNameUser' => 'dn',
|
'ldapPasswordResetAttributeValue' => 'TRUE',
|
||||||
'ldapGroupObjectClass' => 'groupOfNames',
|
'ldapPwdEnc' => 'utf-8',
|
||||||
'ldapIOTimeout' => 10,
|
'ldapSearchDeref' => 'find',
|
||||||
'ldapPasswordResetAttribute' => 'pwdReset',
|
'ldapServer' => 'ldap://localhost',
|
||||||
'ldapPasswordResetAttributeValue' => 'TRUE',
|
'ldapTimeout' => 10,
|
||||||
'ldapPwdEnc' => 'utf-8',
|
'ldapUsePasswordResetAttribute' => 1,
|
||||||
'ldapSearchDeref' => 'find',
|
'ldapVerify' => 'require',
|
||||||
'ldapServer' => 'ldap://localhost',
|
'ldapVersion' => 3,
|
||||||
'ldapTimeout' => 10,
|
'linkedInAuthnLevel' => 1,
|
||||||
'ldapUsePasswordResetAttribute' => 1,
|
'linkedInFields' => 'id,first-name,last-name,email-address',
|
||||||
'ldapVerify' => 'require',
|
'linkedInScope' => 'r_liteprofile r_emailaddress',
|
||||||
'ldapVersion' => 3,
|
'linkedInUserField' => 'emailAddress',
|
||||||
'linkedInAuthnLevel' => 1,
|
'localSessionStorage' => 'Cache::FileCache',
|
||||||
'linkedInFields' => 'id,first-name,last-name,email-address',
|
'localSessionStorageOptions' => {
|
||||||
'linkedInScope' => 'r_liteprofile r_emailaddress',
|
'cache_depth' => 3,
|
||||||
'linkedInUserField' => 'emailAddress',
|
'cache_root' => '/var/cache/lemonldap-ng',
|
||||||
'localSessionStorage' => 'Cache::FileCache',
|
'default_expires_in' => 600,
|
||||||
'localSessionStorageOptions' => {
|
'directory_umask' => '007',
|
||||||
'cache_depth' => 3,
|
'namespace' => 'lemonldap-ng-sessions'
|
||||||
'cache_root' => '/var/cache/lemonldap-ng',
|
},
|
||||||
'default_expires_in' => 600,
|
'locationRules' => {
|
||||||
'directory_umask' => '007',
|
'default' => 'deny'
|
||||||
'namespace' => 'lemonldap-ng-sessions'
|
},
|
||||||
},
|
'logoutServices' => {},
|
||||||
'locationRules' => {
|
'macros' => {},
|
||||||
'default' => 'deny'
|
'mail2fActivation' => 0,
|
||||||
},
|
'mail2fCodeRegex' => '\\d{6}',
|
||||||
'logoutServices' => {},
|
'mailCharset' => 'utf-8',
|
||||||
'macros' => {},
|
'mailFrom' => 'noreply@example.com',
|
||||||
'mail2fActivation' => 0,
|
'mailSessionKey' => 'mail',
|
||||||
'mail2fCodeRegex' => '\\d{6}',
|
'mailTimeout' => 0,
|
||||||
'mailCharset' => 'utf-8',
|
'mailUrl' => 'http://auth.example.com/resetpwd',
|
||||||
'mailFrom' => 'noreply@example.com',
|
'managerDn' => '',
|
||||||
'mailSessionKey' => 'mail',
|
'managerPassword' => '',
|
||||||
'mailTimeout' => 0,
|
'max2FDevices' => 10,
|
||||||
'mailUrl' => 'http://auth.example.com/resetpwd',
|
'max2FDevicesNameLength' => 20,
|
||||||
'managerDn' => '',
|
'multiValuesSeparator' => '; ',
|
||||||
'managerPassword' => '',
|
'mySessionAuthorizedRWKeys' => [
|
||||||
'max2FDevices' => 10,
|
'_appsListOrder',
|
||||||
'max2FDevicesNameLength' => 20,
|
'_oidcConnectedRP',
|
||||||
'multiValuesSeparator' => '; ',
|
'_oidcConsents'
|
||||||
'mySessionAuthorizedRWKeys' =>
|
],
|
||||||
[ '_appsListOrder', '_oidcConnectedRP', '_oidcConsents' ],
|
'newLocationWarningLocationAttribute' => 'ipAddr',
|
||||||
'newLocationWarningLocationAttribute' => 'ipAddr',
|
'newLocationWarningLocationDisplayAttribute' => '',
|
||||||
'newLocationWarningLocationDisplayAttribute' => '',
|
'newLocationWarningMaxValues' => '0',
|
||||||
'newLocationWarningMaxValues' => '0',
|
'notificationDefaultCond' => '',
|
||||||
'notificationDefaultCond' => '',
|
'notificationServerPOST' => 1,
|
||||||
'notificationServerPOST' => 1,
|
'notificationServerSentAttributes' => 'uid reference date title subtitle text check',
|
||||||
'notificationServerSentAttributes' =>
|
'notificationsMaxRetrieve' => 3,
|
||||||
'uid reference date title subtitle text check',
|
'notificationStorage' => 'File',
|
||||||
'notificationsMaxRetrieve' => 3,
|
'notificationStorageOptions' => {
|
||||||
'notificationStorage' => 'File',
|
'dirName' => '/var/lib/lemonldap-ng/notifications'
|
||||||
'notificationStorageOptions' => {
|
},
|
||||||
'dirName' => '/var/lib/lemonldap-ng/notifications'
|
'notificationWildcard' => 'allusers',
|
||||||
},
|
'notifyDeleted' => 1,
|
||||||
'notificationWildcard' => 'allusers',
|
'nullAuthnLevel' => 0,
|
||||||
'notifyDeleted' => 1,
|
'oidcAuthnLevel' => 1,
|
||||||
'nullAuthnLevel' => 0,
|
'oidcRPCallbackGetParam' => 'openidconnectcallback',
|
||||||
'oidcAuthnLevel' => 1,
|
'oidcRPStateTimeout' => 600,
|
||||||
'oidcRPCallbackGetParam' => 'openidconnectcallback',
|
'oidcServiceAccessTokenExpiration' => 3600,
|
||||||
'oidcRPStateTimeout' => 600,
|
'oidcServiceAllowAuthorizationCodeFlow' => 1,
|
||||||
'oidcServiceAccessTokenExpiration' => 3600,
|
'oidcServiceAuthorizationCodeExpiration' => 60,
|
||||||
'oidcServiceAllowAuthorizationCodeFlow' => 1,
|
'oidcServiceIDTokenExpiration' => 3600,
|
||||||
'oidcServiceAuthorizationCodeExpiration' => 60,
|
'oidcServiceMetaDataAuthnContext' => {
|
||||||
'oidcServiceIDTokenExpiration' => 3600,
|
'loa-1' => 1,
|
||||||
'oidcServiceMetaDataAuthnContext' => {
|
'loa-2' => 2,
|
||||||
'loa-1' => 1,
|
'loa-3' => 3,
|
||||||
'loa-2' => 2,
|
'loa-4' => 4,
|
||||||
'loa-3' => 3,
|
'loa-5' => 5
|
||||||
'loa-4' => 4,
|
},
|
||||||
'loa-5' => 5
|
'oidcServiceMetaDataAuthorizeURI' => 'authorize',
|
||||||
},
|
'oidcServiceMetaDataBackChannelURI' => 'blogout',
|
||||||
'oidcServiceMetaDataAuthorizeURI' => 'authorize',
|
'oidcServiceMetaDataCheckSessionURI' => 'checksession.html',
|
||||||
'oidcServiceMetaDataBackChannelURI' => 'blogout',
|
'oidcServiceMetaDataEndSessionURI' => 'logout',
|
||||||
'oidcServiceMetaDataCheckSessionURI' => 'checksession.html',
|
'oidcServiceMetaDataFrontChannelURI' => 'flogout',
|
||||||
'oidcServiceMetaDataEndSessionURI' => 'logout',
|
'oidcServiceMetaDataIntrospectionURI' => 'introspect',
|
||||||
'oidcServiceMetaDataFrontChannelURI' => 'flogout',
|
'oidcServiceMetaDataJWKSURI' => 'jwks',
|
||||||
'oidcServiceMetaDataIntrospectionURI' => 'introspect',
|
'oidcServiceMetaDataRegistrationURI' => 'register',
|
||||||
'oidcServiceMetaDataJWKSURI' => 'jwks',
|
'oidcServiceMetaDataTokenURI' => 'token',
|
||||||
'oidcServiceMetaDataRegistrationURI' => 'register',
|
'oidcServiceMetaDataUserInfoURI' => 'userinfo',
|
||||||
'oidcServiceMetaDataTokenURI' => 'token',
|
'oidcServiceOfflineSessionExpiration' => 2592000,
|
||||||
'oidcServiceMetaDataUserInfoURI' => 'userinfo',
|
'openIdAuthnLevel' => 1,
|
||||||
'oidcServiceOfflineSessionExpiration' => 2592000,
|
'openIdExportedVars' => {},
|
||||||
'openIdAuthnLevel' => 1,
|
'openIdIDPList' => '0;',
|
||||||
'openIdExportedVars' => {},
|
'openIdSPList' => '0;',
|
||||||
'openIdIDPList' => '0;',
|
'openIdSreg_email' => 'mail',
|
||||||
'openIdSPList' => '0;',
|
'openIdSreg_fullname' => 'cn',
|
||||||
'openIdSreg_email' => 'mail',
|
'openIdSreg_nickname' => 'uid',
|
||||||
'openIdSreg_fullname' => 'cn',
|
'openIdSreg_timezone' => '_timezone',
|
||||||
'openIdSreg_nickname' => 'uid',
|
'pamAuthnLevel' => 2,
|
||||||
'openIdSreg_timezone' => '_timezone',
|
'pamService' => 'login',
|
||||||
'pamAuthnLevel' => 2,
|
'passwordDB' => 'Demo',
|
||||||
'pamService' => 'login',
|
'passwordPolicyActivation' => 1,
|
||||||
'passwordDB' => 'Demo',
|
'passwordPolicyMinDigit' => 0,
|
||||||
'passwordPolicyActivation' => 1,
|
'passwordPolicyMinLower' => 0,
|
||||||
'passwordPolicyMinDigit' => 0,
|
'passwordPolicyMinSize' => 0,
|
||||||
'passwordPolicyMinLower' => 0,
|
'passwordPolicyMinSpeChar' => 0,
|
||||||
'passwordPolicyMinSize' => 0,
|
'passwordPolicyMinUpper' => 0,
|
||||||
'passwordPolicyMinSpeChar' => 0,
|
'passwordPolicySpecialChar' => '__ALL__',
|
||||||
'passwordPolicyMinUpper' => 0,
|
'passwordResetAllowedRetries' => 3,
|
||||||
'passwordPolicySpecialChar' => '__ALL__',
|
'persistentSessionAttributes' => '_loginHistory _2fDevices notification_',
|
||||||
'passwordResetAllowedRetries' => 3,
|
'port' => -1,
|
||||||
'persistentSessionAttributes' =>
|
'portal' => 'http://auth.example.com/',
|
||||||
'_loginHistory _2fDevices notification_',
|
'portalAntiFrame' => 1,
|
||||||
'port' => -1,
|
'portalCheckLogins' => 1,
|
||||||
'portal' => 'http://auth.example.com/',
|
'portalDisplayAppslist' => 1,
|
||||||
'portalAntiFrame' => 1,
|
'portalDisplayChangePassword' => '$_auth =~ /^(LDAP|DBI|Demo)$/',
|
||||||
'portalCheckLogins' => 1,
|
'portalDisplayGeneratePassword' => 1,
|
||||||
'portalDisplayAppslist' => 1,
|
'portalDisplayLoginHistory' => 1,
|
||||||
'portalDisplayChangePassword' => '$_auth =~ /^(LDAP|DBI|Demo)$/',
|
'portalDisplayLogout' => 1,
|
||||||
'portalDisplayGeneratePassword' => 1,
|
'portalDisplayOidcConsents' => '$_oidcConsents && $_oidcConsents =~ /\\w+/',
|
||||||
'portalDisplayLoginHistory' => 1,
|
'portalDisplayRefreshMyRights' => 1,
|
||||||
'portalDisplayLogout' => 1,
|
'portalDisplayRegister' => 1,
|
||||||
'portalDisplayOidcConsents' =>
|
'portalErrorOnExpiredSession' => 1,
|
||||||
'$_oidcConsents && $_oidcConsents =~ /\\w+/',
|
'portalForceAuthnInterval' => 5,
|
||||||
'portalDisplayRefreshMyRights' => 1,
|
'portalMainLogo' => 'common/logos/logo_llng_400px.png',
|
||||||
'portalDisplayRegister' => 1,
|
'portalPingInterval' => 60000,
|
||||||
'portalErrorOnExpiredSession' => 1,
|
'portalRequireOldPassword' => 1,
|
||||||
'portalForceAuthnInterval' => 5,
|
'portalSkin' => 'bootstrap',
|
||||||
'portalMainLogo' => 'common/logos/logo_llng_400px.png',
|
'portalUserAttr' => '_user',
|
||||||
'portalPingInterval' => 60000,
|
'proxyAuthnLevel' => 2,
|
||||||
'portalRequireOldPassword' => 1,
|
'proxyAuthServiceChoiceParam' => 'lmAuth',
|
||||||
'portalSkin' => 'bootstrap',
|
'radius2fActivation' => 0,
|
||||||
'portalUserAttr' => '_user',
|
'radius2fTimeout' => 20,
|
||||||
'proxyAuthnLevel' => 2,
|
'radiusAuthnLevel' => 3,
|
||||||
'proxyAuthServiceChoiceParam' => 'lmAuth',
|
'randomPasswordRegexp' => '[A-Z]{3}[a-z]{5}.\\d{2}',
|
||||||
'radius2fActivation' => 0,
|
'redirectFormMethod' => 'get',
|
||||||
'radius2fTimeout' => 20,
|
'registerDB' => 'Null',
|
||||||
'radiusAuthnLevel' => 3,
|
'registerTimeout' => 0,
|
||||||
'randomPasswordRegexp' => '[A-Z]{3}[a-z]{5}.\\d{2}',
|
'registerUrl' => 'http://auth.example.com/register',
|
||||||
'redirectFormMethod' => 'get',
|
'reloadTimeout' => 5,
|
||||||
'registerDB' => 'Null',
|
'rememberAuthChoiceRule' => 0,
|
||||||
'registerTimeout' => 0,
|
'rememberCookieName' => 'llngrememberauthchoice',
|
||||||
'registerUrl' => 'http://auth.example.com/register',
|
'rememberCookieTimeout' => 31536000,
|
||||||
'reloadTimeout' => 5,
|
'rememberTimer' => 5,
|
||||||
'remoteGlobalStorage' => 'Lemonldap::NG::Common::Apache::Session::SOAP',
|
'remoteGlobalStorage' => 'Lemonldap::NG::Common::Apache::Session::SOAP',
|
||||||
'remoteGlobalStorageOptions' => {
|
'remoteGlobalStorageOptions' => {
|
||||||
'ns' =>
|
'ns' => 'http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService',
|
||||||
'http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService',
|
'proxy' => 'http://auth.example.com/sessions'
|
||||||
'proxy' => 'http://auth.example.com/sessions'
|
},
|
||||||
},
|
'requireToken' => 1,
|
||||||
'requireToken' => 1,
|
'rest2fActivation' => 0,
|
||||||
'rest2fActivation' => 0,
|
'restAuthnLevel' => 2,
|
||||||
'restAuthnLevel' => 2,
|
'restClockTolerance' => 15,
|
||||||
'restClockTolerance' => 15,
|
'sameSite' => '',
|
||||||
'sameSite' => '',
|
'samlAttributeAuthorityDescriptorAttributeServiceSOAP' => 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;',
|
||||||
'samlAttributeAuthorityDescriptorAttributeServiceSOAP' =>
|
'samlAuthnContextMapKerberos' => 4,
|
||||||
'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;',
|
'samlAuthnContextMapPassword' => 2,
|
||||||
'samlAuthnContextMapKerberos' => 4,
|
'samlAuthnContextMapPasswordProtectedTransport' => 3,
|
||||||
'samlAuthnContextMapPassword' => 2,
|
'samlAuthnContextMapTLSClient' => 5,
|
||||||
'samlAuthnContextMapPasswordProtectedTransport' => 3,
|
'samlEntityID' => '#PORTAL#/saml/metadata',
|
||||||
'samlAuthnContextMapTLSClient' => 5,
|
'samlIDPSSODescriptorArtifactResolutionServiceArtifact' => '1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact',
|
||||||
'samlEntityID' => '#PORTAL#/saml/metadata',
|
'samlIDPSSODescriptorSingleLogoutServiceHTTPPost' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn',
|
||||||
'samlIDPSSODescriptorArtifactResolutionServiceArtifact' =>
|
'samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn',
|
||||||
'1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact',
|
'samlIDPSSODescriptorSingleLogoutServiceSOAP' => 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;',
|
||||||
'samlIDPSSODescriptorSingleLogoutServiceHTTPPost' =>
|
'samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;',
|
||||||
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn',
|
'samlIDPSSODescriptorSingleSignOnServiceHTTPPost' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;',
|
||||||
'samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect' =>
|
'samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;',
|
||||||
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleLogout;#PORTAL#/saml/singleLogoutReturn',
|
'samlIDPSSODescriptorWantAuthnRequestsSigned' => 1,
|
||||||
'samlIDPSSODescriptorSingleLogoutServiceSOAP' =>
|
'samlMetadataForceUTF8' => 1,
|
||||||
'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/singleLogoutSOAP;',
|
'samlNameIDFormatMapEmail' => 'mail',
|
||||||
'samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact' =>
|
'samlNameIDFormatMapKerberos' => 'uid',
|
||||||
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/singleSignOnArtifact;',
|
'samlNameIDFormatMapWindows' => 'uid',
|
||||||
'samlIDPSSODescriptorSingleSignOnServiceHTTPPost' =>
|
'samlNameIDFormatMapX509' => 'mail',
|
||||||
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/singleSignOn;',
|
'samlOrganizationDisplayName' => 'Example',
|
||||||
'samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect' =>
|
'samlOrganizationName' => 'Example',
|
||||||
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/singleSignOn;',
|
'samlOrganizationURL' => 'http://www.example.com',
|
||||||
'samlIDPSSODescriptorWantAuthnRequestsSigned' => 1,
|
'samlOverrideIDPEntityID' => '',
|
||||||
'samlMetadataForceUTF8' => 1,
|
'samlRelayStateTimeout' => 600,
|
||||||
'samlNameIDFormatMapEmail' => 'mail',
|
'samlServiceSignatureMethod' => 'RSA_SHA256',
|
||||||
'samlNameIDFormatMapKerberos' => 'uid',
|
'samlSPSSODescriptorArtifactResolutionServiceArtifact' => '1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact',
|
||||||
'samlNameIDFormatMapWindows' => 'uid',
|
'samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact' => '0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact',
|
||||||
'samlNameIDFormatMapX509' => 'mail',
|
'samlSPSSODescriptorAssertionConsumerServiceHTTPPost' => '1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost',
|
||||||
'samlOrganizationDisplayName' => 'Example',
|
'samlSPSSODescriptorAuthnRequestsSigned' => 1,
|
||||||
'samlOrganizationName' => 'Example',
|
'samlSPSSODescriptorSingleLogoutServiceHTTPPost' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn',
|
||||||
'samlOrganizationURL' => 'http://www.example.com',
|
'samlSPSSODescriptorSingleLogoutServiceHTTPRedirect' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn',
|
||||||
'samlOverrideIDPEntityID' => '',
|
'samlSPSSODescriptorSingleLogoutServiceSOAP' => 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;',
|
||||||
'samlRelayStateTimeout' => 600,
|
'samlSPSSODescriptorWantAssertionsSigned' => 1,
|
||||||
'samlServiceSignatureMethod' => 'RSA_SHA256',
|
'securedCookie' => 0,
|
||||||
'samlSPSSODescriptorArtifactResolutionServiceArtifact' =>
|
'sfEngine' => '::2F::Engines::Default',
|
||||||
'1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact',
|
'sfManagerRule' => 1,
|
||||||
'samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact' =>
|
'sfRemovedMsgRule' => 0,
|
||||||
'0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact',
|
'sfRemovedNotifMsg' => '_removedSF_ expired second factor(s) has/have been removed (_nameSF_)!',
|
||||||
'samlSPSSODescriptorAssertionConsumerServiceHTTPPost' =>
|
'sfRemovedNotifRef' => 'RemoveSF',
|
||||||
'1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost',
|
'sfRemovedNotifTitle' => 'Second factor notification',
|
||||||
'samlSPSSODescriptorAuthnRequestsSigned' => 1,
|
'sfRequired' => 0,
|
||||||
'samlSPSSODescriptorSingleLogoutServiceHTTPPost' =>
|
'showLanguages' => 1,
|
||||||
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn',
|
'singleIP' => 0,
|
||||||
'samlSPSSODescriptorSingleLogoutServiceHTTPRedirect' =>
|
'singleSession' => 0,
|
||||||
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn',
|
'singleUserByIP' => 0,
|
||||||
'samlSPSSODescriptorSingleLogoutServiceSOAP' =>
|
'slaveAuthnLevel' => 2,
|
||||||
'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/proxySingleLogoutSOAP;',
|
'slaveExportedVars' => {},
|
||||||
'samlSPSSODescriptorWantAssertionsSigned' => 1,
|
'SMTPServer' => '',
|
||||||
'securedCookie' => 0,
|
'SMTPTLS' => '',
|
||||||
'sfEngine' => '::2F::Engines::Default',
|
'soapProxyUrn' => 'urn:Lemonldap/NG/Common/PSGI/SOAPService',
|
||||||
'sfManagerRule' => 1,
|
'SSLAuthnLevel' => 5,
|
||||||
'sfRemovedMsgRule' => 0,
|
'SSLVar' => 'SSL_CLIENT_S_DN_Email',
|
||||||
'sfRemovedNotifMsg' =>
|
'SSLVarIf' => {},
|
||||||
'_removedSF_ expired second factor(s) has/have been removed (_nameSF_)!',
|
'stayConnected' => 0,
|
||||||
'sfRemovedNotifRef' => 'RemoveSF',
|
'stayConnectedCookieName' => 'llngconnection',
|
||||||
'sfRemovedNotifTitle' => 'Second factor notification',
|
'stayConnectedTimeout' => 2592000,
|
||||||
'sfRequired' => 0,
|
'successLoginNumber' => 5,
|
||||||
'showLanguages' => 1,
|
'timeout' => 72000,
|
||||||
'singleIP' => 0,
|
'timeoutActivity' => 0,
|
||||||
'singleSession' => 0,
|
'timeoutActivityInterval' => 60,
|
||||||
'singleUserByIP' => 0,
|
'totp2fActivation' => 0,
|
||||||
'slaveAuthnLevel' => 2,
|
'totp2fDigits' => 6,
|
||||||
'slaveExportedVars' => {},
|
'totp2fInterval' => 30,
|
||||||
'SMTPServer' => '',
|
'totp2fRange' => 1,
|
||||||
'SMTPTLS' => '',
|
'totp2fSelfRegistration' => 0,
|
||||||
'soapProxyUrn' => 'urn:Lemonldap/NG/Common/PSGI/SOAPService',
|
'totp2fUserCanRemoveKey' => 1,
|
||||||
'SSLAuthnLevel' => 5,
|
'twitterAuthnLevel' => 1,
|
||||||
'SSLVar' => 'SSL_CLIENT_S_DN_Email',
|
'twitterUserField' => 'screen_name',
|
||||||
'SSLVarIf' => {},
|
'u2fActivation' => 0,
|
||||||
'stayConnected' => 0,
|
'u2fSelfRegistration' => 0,
|
||||||
'stayConnectedCookieName' => 'llngconnection',
|
'u2fUserCanRemoveKey' => 1,
|
||||||
'stayConnectedTimeout' => 2592000,
|
'upgradeSession' => 1,
|
||||||
'successLoginNumber' => 5,
|
'userControl' => '^[\\w\\.\\-@]+$',
|
||||||
'timeout' => 72000,
|
'userDB' => 'Same',
|
||||||
'timeoutActivity' => 0,
|
'useRedirectOnError' => 1,
|
||||||
'timeoutActivityInterval' => 60,
|
'useSafeJail' => 1,
|
||||||
'totp2fActivation' => 0,
|
'utotp2fActivation' => 0,
|
||||||
'totp2fDigits' => 6,
|
'viewerHiddenKeys' => 'samlIDPMetaDataNodes, samlSPMetaDataNodes',
|
||||||
'totp2fInterval' => 30,
|
'webauthn2fActivation' => 0,
|
||||||
'totp2fRange' => 1,
|
'webauthn2fSelfRegistration' => 0,
|
||||||
'totp2fSelfRegistration' => 0,
|
'webauthn2fUserCanRemoveKey' => 1,
|
||||||
'totp2fUserCanRemoveKey' => 1,
|
'webauthn2fUserVerification' => 'preferred',
|
||||||
'twitterAuthnLevel' => 1,
|
'webIDAuthnLevel' => 1,
|
||||||
'twitterUserField' => 'screen_name',
|
'webIDExportedVars' => {},
|
||||||
'u2fActivation' => 0,
|
'whatToTrace' => 'uid',
|
||||||
'u2fSelfRegistration' => 0,
|
'yubikey2fActivation' => 0,
|
||||||
'u2fUserCanRemoveKey' => 1,
|
'yubikey2fPublicIDSize' => 12,
|
||||||
'upgradeSession' => 1,
|
'yubikey2fSelfRegistration' => 0,
|
||||||
'userControl' => '^[\\w\\.\\-@]+$',
|
'yubikey2fUserCanRemoveKey' => 1
|
||||||
'userDB' => 'Same',
|
};
|
||||||
'useRedirectOnError' => 1,
|
|
||||||
'useSafeJail' => 1,
|
|
||||||
'utotp2fActivation' => 0,
|
|
||||||
'viewerHiddenKeys' => 'samlIDPMetaDataNodes, samlSPMetaDataNodes',
|
|
||||||
'webauthn2fActivation' => 0,
|
|
||||||
'webauthn2fSelfRegistration' => 0,
|
|
||||||
'webauthn2fUserCanRemoveKey' => 1,
|
|
||||||
'webauthn2fUserVerification' => 'preferred',
|
|
||||||
'webIDAuthnLevel' => 1,
|
|
||||||
'webIDExportedVars' => {},
|
|
||||||
'whatToTrace' => 'uid',
|
|
||||||
'yubikey2fActivation' => 0,
|
|
||||||
'yubikey2fPublicIDSize' => 12,
|
|
||||||
'yubikey2fSelfRegistration' => 0,
|
|
||||||
'yubikey2fUserCanRemoveKey' => 1
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|
|
@ -8,115 +8,115 @@ our $VERSION = '2.0.14';
|
||||||
|
|
||||||
sub portalConsts {
|
sub portalConsts {
|
||||||
return {
|
return {
|
||||||
'-1' => 'PE_DONE',
|
'-1' => 'PE_DONE',
|
||||||
'-2' => 'PE_REDIRECT',
|
'-2' => 'PE_REDIRECT',
|
||||||
'-3' => 'PE_INFO',
|
'-3' => 'PE_INFO',
|
||||||
'-4' => 'PE_SENDRESPONSE',
|
'-4' => 'PE_SENDRESPONSE',
|
||||||
'-5' => 'PE_IDPCHOICE',
|
'-5' => 'PE_IDPCHOICE',
|
||||||
'0' => 'PE_OK',
|
'0' => 'PE_OK',
|
||||||
'1' => 'PE_SESSIONEXPIRED',
|
'1' => 'PE_SESSIONEXPIRED',
|
||||||
'10' => 'PE_BADCERTIFICATE',
|
'10' => 'PE_BADCERTIFICATE',
|
||||||
'100' => 'PE_PP_NOT_ALLOWED_CHARACTER',
|
'100' => 'PE_PP_NOT_ALLOWED_CHARACTER',
|
||||||
'101' => 'PE_PP_NOT_ALLOWED_CHARACTERS',
|
'101' => 'PE_PP_NOT_ALLOWED_CHARACTERS',
|
||||||
'102' => 'PE_UPGRADESESSION',
|
'102' => 'PE_UPGRADESESSION',
|
||||||
'103' => 'PE_NO_SECOND_FACTORS',
|
'103' => 'PE_NO_SECOND_FACTORS',
|
||||||
'104' => 'PE_BAD_DEVOPS_FILE',
|
'104' => 'PE_BAD_DEVOPS_FILE',
|
||||||
'105' => 'PE_FILENOTFOUND',
|
'105' => 'PE_FILENOTFOUND',
|
||||||
'106' => 'PE_OIDC_AUTH_ERROR',
|
'106' => 'PE_OIDC_AUTH_ERROR',
|
||||||
'2' => 'PE_FORMEMPTY',
|
'2' => 'PE_FORMEMPTY',
|
||||||
'20' => 'PE_NO_PASSWORD_BE',
|
'20' => 'PE_NO_PASSWORD_BE',
|
||||||
'21' => 'PE_PP_ACCOUNT_LOCKED',
|
'21' => 'PE_PP_ACCOUNT_LOCKED',
|
||||||
'22' => 'PE_PP_PASSWORD_EXPIRED',
|
'22' => 'PE_PP_PASSWORD_EXPIRED',
|
||||||
'23' => 'PE_CERTIFICATEREQUIRED',
|
'23' => 'PE_CERTIFICATEREQUIRED',
|
||||||
'24' => 'PE_ERROR',
|
'24' => 'PE_ERROR',
|
||||||
'25' => 'PE_PP_CHANGE_AFTER_RESET',
|
'25' => 'PE_PP_CHANGE_AFTER_RESET',
|
||||||
'26' => 'PE_PP_PASSWORD_MOD_NOT_ALLOWED',
|
'26' => 'PE_PP_PASSWORD_MOD_NOT_ALLOWED',
|
||||||
'27' => 'PE_PP_MUST_SUPPLY_OLD_PASSWORD',
|
'27' => 'PE_PP_MUST_SUPPLY_OLD_PASSWORD',
|
||||||
'28' => 'PE_PP_INSUFFICIENT_PASSWORD_QUALITY',
|
'28' => 'PE_PP_INSUFFICIENT_PASSWORD_QUALITY',
|
||||||
'29' => 'PE_PP_PASSWORD_TOO_SHORT',
|
'29' => 'PE_PP_PASSWORD_TOO_SHORT',
|
||||||
'3' => 'PE_WRONGMANAGERACCOUNT',
|
'3' => 'PE_WRONGMANAGERACCOUNT',
|
||||||
'30' => 'PE_PP_PASSWORD_TOO_YOUNG',
|
'30' => 'PE_PP_PASSWORD_TOO_YOUNG',
|
||||||
'31' => 'PE_PP_PASSWORD_IN_HISTORY',
|
'31' => 'PE_PP_PASSWORD_IN_HISTORY',
|
||||||
'32' => 'PE_PP_GRACE',
|
'32' => 'PE_PP_GRACE',
|
||||||
'33' => 'PE_PP_EXP_WARNING',
|
'33' => 'PE_PP_EXP_WARNING',
|
||||||
'34' => 'PE_PASSWORD_MISMATCH',
|
'34' => 'PE_PASSWORD_MISMATCH',
|
||||||
'35' => 'PE_PASSWORD_OK',
|
'35' => 'PE_PASSWORD_OK',
|
||||||
'36' => 'PE_NOTIFICATION',
|
'36' => 'PE_NOTIFICATION',
|
||||||
'37' => 'PE_BADURL',
|
'37' => 'PE_BADURL',
|
||||||
'38' => 'PE_NOSCHEME',
|
'38' => 'PE_NOSCHEME',
|
||||||
'39' => 'PE_BADOLDPASSWORD',
|
'39' => 'PE_BADOLDPASSWORD',
|
||||||
'4' => 'PE_USERNOTFOUND',
|
'4' => 'PE_USERNOTFOUND',
|
||||||
'40' => 'PE_MALFORMEDUSER',
|
'40' => 'PE_MALFORMEDUSER',
|
||||||
'41' => 'PE_SESSIONNOTGRANTED',
|
'41' => 'PE_SESSIONNOTGRANTED',
|
||||||
'42' => 'PE_CONFIRM',
|
'42' => 'PE_CONFIRM',
|
||||||
'43' => 'PE_MAILFORMEMPTY',
|
'43' => 'PE_MAILFORMEMPTY',
|
||||||
'44' => 'PE_BADMAILTOKEN',
|
'44' => 'PE_BADMAILTOKEN',
|
||||||
'45' => 'PE_MAILERROR',
|
'45' => 'PE_MAILERROR',
|
||||||
'46' => 'PE_MAILOK',
|
'46' => 'PE_MAILOK',
|
||||||
'47' => 'PE_LOGOUT_OK',
|
'47' => 'PE_LOGOUT_OK',
|
||||||
'48' => 'PE_SAML_ERROR',
|
'48' => 'PE_SAML_ERROR',
|
||||||
'49' => 'PE_SAML_LOAD_SERVICE_ERROR',
|
'49' => 'PE_SAML_LOAD_SERVICE_ERROR',
|
||||||
'5' => 'PE_BADCREDENTIALS',
|
'5' => 'PE_BADCREDENTIALS',
|
||||||
'50' => 'PE_SAML_LOAD_IDP_ERROR',
|
'50' => 'PE_SAML_LOAD_IDP_ERROR',
|
||||||
'51' => 'PE_SAML_SSO_ERROR',
|
'51' => 'PE_SAML_SSO_ERROR',
|
||||||
'52' => 'PE_SAML_UNKNOWN_ENTITY',
|
'52' => 'PE_SAML_UNKNOWN_ENTITY',
|
||||||
'53' => 'PE_SAML_DESTINATION_ERROR',
|
'53' => 'PE_SAML_DESTINATION_ERROR',
|
||||||
'54' => 'PE_SAML_CONDITIONS_ERROR',
|
'54' => 'PE_SAML_CONDITIONS_ERROR',
|
||||||
'55' => 'PE_SAML_IDPSSOINITIATED_NOTALLOWED',
|
'55' => 'PE_SAML_IDPSSOINITIATED_NOTALLOWED',
|
||||||
'56' => 'PE_SAML_SLO_ERROR',
|
'56' => 'PE_SAML_SLO_ERROR',
|
||||||
'57' => 'PE_SAML_SIGNATURE_ERROR',
|
'57' => 'PE_SAML_SIGNATURE_ERROR',
|
||||||
'58' => 'PE_SAML_ART_ERROR',
|
'58' => 'PE_SAML_ART_ERROR',
|
||||||
'59' => 'PE_SAML_SESSION_ERROR',
|
'59' => 'PE_SAML_SESSION_ERROR',
|
||||||
'6' => 'PE_LDAPCONNECTFAILED',
|
'6' => 'PE_LDAPCONNECTFAILED',
|
||||||
'60' => 'PE_SAML_LOAD_SP_ERROR',
|
'60' => 'PE_SAML_LOAD_SP_ERROR',
|
||||||
'61' => 'PE_SAML_ATTR_ERROR',
|
'61' => 'PE_SAML_ATTR_ERROR',
|
||||||
'62' => 'PE_OPENID_EMPTY',
|
'62' => 'PE_OPENID_EMPTY',
|
||||||
'63' => 'PE_OPENID_BADID',
|
'63' => 'PE_OPENID_BADID',
|
||||||
'64' => 'PE_MISSINGREQATTR',
|
'64' => 'PE_MISSINGREQATTR',
|
||||||
'65' => 'PE_BADPARTNER',
|
'65' => 'PE_BADPARTNER',
|
||||||
'66' => 'PE_MAILCONFIRMATION_ALREADY_SENT',
|
'66' => 'PE_MAILCONFIRMATION_ALREADY_SENT',
|
||||||
'67' => 'PE_PASSWORDFORMEMPTY',
|
'67' => 'PE_PASSWORDFORMEMPTY',
|
||||||
'68' => 'PE_CAS_SERVICE_NOT_ALLOWED',
|
'68' => 'PE_CAS_SERVICE_NOT_ALLOWED',
|
||||||
'69' => 'PE_MAILFIRSTACCESS',
|
'69' => 'PE_MAILFIRSTACCESS',
|
||||||
'7' => 'PE_LDAPERROR',
|
'7' => 'PE_LDAPERROR',
|
||||||
'70' => 'PE_MAILNOTFOUND',
|
'70' => 'PE_MAILNOTFOUND',
|
||||||
'71' => 'PE_PASSWORDFIRSTACCESS',
|
'71' => 'PE_PASSWORDFIRSTACCESS',
|
||||||
'72' => 'PE_MAILCONFIRMOK',
|
'72' => 'PE_MAILCONFIRMOK',
|
||||||
'73' => 'PE_RADIUSCONNECTFAILED',
|
'73' => 'PE_RADIUSCONNECTFAILED',
|
||||||
'74' => 'PE_MUST_SUPPLY_OLD_PASSWORD',
|
'74' => 'PE_MUST_SUPPLY_OLD_PASSWORD',
|
||||||
'75' => 'PE_FORBIDDENIP',
|
'75' => 'PE_FORBIDDENIP',
|
||||||
'76' => 'PE_CAPTCHAERROR',
|
'76' => 'PE_CAPTCHAERROR',
|
||||||
'77' => 'PE_CAPTCHAEMPTY',
|
'77' => 'PE_CAPTCHAEMPTY',
|
||||||
'78' => 'PE_REGISTERFIRSTACCESS',
|
'78' => 'PE_REGISTERFIRSTACCESS',
|
||||||
'79' => 'PE_REGISTERFORMEMPTY',
|
'79' => 'PE_REGISTERFORMEMPTY',
|
||||||
'8' => 'PE_APACHESESSIONERROR',
|
'8' => 'PE_APACHESESSIONERROR',
|
||||||
'80' => 'PE_REGISTERALREADYEXISTS',
|
'80' => 'PE_REGISTERALREADYEXISTS',
|
||||||
'81' => 'PE_NOTOKEN',
|
'81' => 'PE_NOTOKEN',
|
||||||
'82' => 'PE_TOKENEXPIRED',
|
'82' => 'PE_TOKENEXPIRED',
|
||||||
'83' => 'PE_U2FFAILED',
|
'83' => 'PE_U2FFAILED',
|
||||||
'84' => 'PE_UNAUTHORIZEDPARTNER',
|
'84' => 'PE_UNAUTHORIZEDPARTNER',
|
||||||
'85' => 'PE_RENEWSESSION',
|
'85' => 'PE_RENEWSESSION',
|
||||||
'86' => 'PE_WAIT',
|
'86' => 'PE_WAIT',
|
||||||
'87' => 'PE_MUSTAUTHN',
|
'87' => 'PE_MUSTAUTHN',
|
||||||
'88' => 'PE_MUSTHAVEMAIL',
|
'88' => 'PE_MUSTHAVEMAIL',
|
||||||
'89' => 'PE_SAML_SERVICE_NOT_ALLOWED',
|
'89' => 'PE_SAML_SERVICE_NOT_ALLOWED',
|
||||||
'9' => 'PE_FIRSTACCESS',
|
'9' => 'PE_FIRSTACCESS',
|
||||||
'90' => 'PE_OIDC_SERVICE_NOT_ALLOWED',
|
'90' => 'PE_OIDC_SERVICE_NOT_ALLOWED',
|
||||||
'91' => 'PE_OID_SERVICE_NOT_ALLOWED',
|
'91' => 'PE_OID_SERVICE_NOT_ALLOWED',
|
||||||
'92' => 'PE_GET_SERVICE_NOT_ALLOWED',
|
'92' => 'PE_GET_SERVICE_NOT_ALLOWED',
|
||||||
'93' => 'PE_IMPERSONATION_SERVICE_NOT_ALLOWED',
|
'93' => 'PE_IMPERSONATION_SERVICE_NOT_ALLOWED',
|
||||||
'94' => 'PE_ISSUERMISSINGREQATTR',
|
'94' => 'PE_ISSUERMISSINGREQATTR',
|
||||||
'95' => 'PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED',
|
'95' => 'PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED',
|
||||||
'96' => 'PE_BADOTP',
|
'96' => 'PE_BADOTP',
|
||||||
'97' => 'PE_RESETCERTIFICATE_INVALID',
|
'97' => 'PE_RESETCERTIFICATE_INVALID',
|
||||||
'98' => 'PE_RESETCERTIFICATE_FORMEMPTY',
|
'98' => 'PE_RESETCERTIFICATE_FORMEMPTY',
|
||||||
'99' => 'PE_RESETCERTIFICATE_FIRSTACCESS'
|
'99' => 'PE_RESETCERTIFICATE_FIRSTACCESS'
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
# EXPORTER PARAMETERS
|
# EXPORTER PARAMETERS
|
||||||
our @EXPORT_OK = ('portalConsts');
|
our @EXPORT_OK = ( 'portalConsts' );
|
||||||
our %EXPORT_TAGS = ( 'all' => [ @EXPORT_OK, 'import' ], );
|
our %EXPORT_TAGS = ( 'all' => [ @EXPORT_OK, 'import' ], );
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -435,6 +435,36 @@ sub attributes {
|
||||||
documentation => 'Separator for multiple values',
|
documentation => 'Separator for multiple values',
|
||||||
flags => 'hmp',
|
flags => 'hmp',
|
||||||
},
|
},
|
||||||
|
rememberAuthChoiceRule => {
|
||||||
|
type => 'boolOrExpr',
|
||||||
|
default => 0,
|
||||||
|
documentation => 'remember auth choice activation rule',
|
||||||
|
},
|
||||||
|
rememberCookieName => {
|
||||||
|
type => 'text',
|
||||||
|
test => qr/^[a-zA-Z][a-zA-Z0-9_-]*$/,
|
||||||
|
msgFail => '__badCookieName__',
|
||||||
|
default => 'llngrememberauthchoice',
|
||||||
|
documentation => 'Name of the remember auth choice cookie',
|
||||||
|
flags => 'p',
|
||||||
|
},
|
||||||
|
rememberCookieTimeout => {
|
||||||
|
type => 'int',
|
||||||
|
default => 31536000,
|
||||||
|
documentation => 'lifetime of the remember auth choice cookie',
|
||||||
|
flags => 'm',
|
||||||
|
},
|
||||||
|
rememberDefaultChecked => {
|
||||||
|
type => 'bool',
|
||||||
|
default => 0,
|
||||||
|
documentation => 'Is remember auth choice checkbox enabled by default?',
|
||||||
|
},
|
||||||
|
rememberTimer => {
|
||||||
|
type => 'int',
|
||||||
|
default => 5,
|
||||||
|
documentation => 'timer before automatic authentication with the previous remembered authentication choice',
|
||||||
|
flags => 'm',
|
||||||
|
},
|
||||||
stayConnected => {
|
stayConnected => {
|
||||||
type => 'boolOrExpr',
|
type => 'boolOrExpr',
|
||||||
default => 0,
|
default => 0,
|
||||||
|
|
|
@ -863,6 +863,18 @@ sub tree {
|
||||||
'contextSwitchingStopWithLogout',
|
'contextSwitchingStopWithLogout',
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
title => 'rememberAuthChoice',
|
||||||
|
help => 'rememberauthchoice.html',
|
||||||
|
form => 'simpleInputContainer',
|
||||||
|
nodes => [
|
||||||
|
'rememberAuthChoiceRule',
|
||||||
|
'rememberCookieName',
|
||||||
|
'rememberCookieTimeout',
|
||||||
|
'rememberDefaultChecked',
|
||||||
|
'rememberTimer',
|
||||||
|
]
|
||||||
|
},
|
||||||
{
|
{
|
||||||
title => 'decryptValue',
|
title => 'decryptValue',
|
||||||
help => 'decryptvalue.html',
|
help => 'decryptvalue.html',
|
||||||
|
|
|
@ -873,6 +873,12 @@
|
||||||
"reloadParams":"إعادة تحميل الإعدادات",
|
"reloadParams":"إعادة تحميل الإعدادات",
|
||||||
"reloadTimeout":"Reload timeout",
|
"reloadTimeout":"Reload timeout",
|
||||||
"reloadUrls":"Reload URLs",
|
"reloadUrls":"Reload URLs",
|
||||||
|
"rememberAuthChoice":"Remember authentication choice",
|
||||||
|
"rememberAuthChoiceRule":"Activation",
|
||||||
|
"rememberCookieName":"Cookie name",
|
||||||
|
"rememberCookieTimeout":"cookie lifetime",
|
||||||
|
"rememberDefaultChecked":"Check by default",
|
||||||
|
"rememberTimer":"Timer before automatic authentication",
|
||||||
"remoteCookieName":"اسم ملف تعريف الارتباط",
|
"remoteCookieName":"اسم ملف تعريف الارتباط",
|
||||||
"remoteGlobalStorage":"وحدة الجلسات",
|
"remoteGlobalStorage":"وحدة الجلسات",
|
||||||
"remoteGlobalStorageOptions":"خيارات وحدة الجلسات",
|
"remoteGlobalStorageOptions":"خيارات وحدة الجلسات",
|
||||||
|
@ -1244,4 +1250,4 @@
|
||||||
"yubikey2fUrl":"خدمة أل يو أر ل",
|
"yubikey2fUrl":"خدمة أل يو أر ل",
|
||||||
"yubikey2fUserCanRemoveKey":"Allow user to remove Yubikey",
|
"yubikey2fUserCanRemoveKey":"Allow user to remove Yubikey",
|
||||||
"zeroConfExplanations":"لا يحتوي الخادم على إعدادات. استخدام قالب لحفظ الأول"
|
"zeroConfExplanations":"لا يحتوي الخادم على إعدادات. استخدام قالب لحفظ الأول"
|
||||||
}
|
}
|
||||||
|
|
|
@ -873,6 +873,12 @@
|
||||||
"reloadParams":"Configuration reload",
|
"reloadParams":"Configuration reload",
|
||||||
"reloadTimeout":"Reload timeout",
|
"reloadTimeout":"Reload timeout",
|
||||||
"reloadUrls":"Reload URLs",
|
"reloadUrls":"Reload URLs",
|
||||||
|
"rememberAuthChoice":"Remember authentication choice",
|
||||||
|
"rememberAuthChoiceRule":"Activation",
|
||||||
|
"rememberCookieName":"Cookie name",
|
||||||
|
"rememberCookieTimeout":"cookie lifetime",
|
||||||
|
"rememberDefaultChecked":"Check by default",
|
||||||
|
"rememberTimer":"Timer before automatic authentication",
|
||||||
"remoteCookieName":"Cookie name",
|
"remoteCookieName":"Cookie name",
|
||||||
"remoteGlobalStorage":"Sessions module",
|
"remoteGlobalStorage":"Sessions module",
|
||||||
"remoteGlobalStorageOptions":"Sessions module options",
|
"remoteGlobalStorageOptions":"Sessions module options",
|
||||||
|
|
|
@ -873,6 +873,12 @@
|
||||||
"reloadParams":"Recargar configuración",
|
"reloadParams":"Recargar configuración",
|
||||||
"reloadTimeout":"Reload timeout",
|
"reloadTimeout":"Reload timeout",
|
||||||
"reloadUrls":"Recargar las URL",
|
"reloadUrls":"Recargar las URL",
|
||||||
|
"rememberAuthChoice":"Remember authentication choice",
|
||||||
|
"rememberAuthChoiceRule":"Activation",
|
||||||
|
"rememberCookieName":"Cookie name",
|
||||||
|
"rememberCookieTimeout":"cookie lifetime",
|
||||||
|
"rememberDefaultChecked":"Check by default",
|
||||||
|
"rememberTimer":"Timer before automatic authentication",
|
||||||
"remoteCookieName":"Nombre de la cookie",
|
"remoteCookieName":"Nombre de la cookie",
|
||||||
"remoteGlobalStorage":"Módulo de sesiones",
|
"remoteGlobalStorage":"Módulo de sesiones",
|
||||||
"remoteGlobalStorageOptions":"Opciones del módulo de sesiones",
|
"remoteGlobalStorageOptions":"Opciones del módulo de sesiones",
|
||||||
|
@ -1244,4 +1250,4 @@
|
||||||
"yubikey2fUrl":"URL de servicio",
|
"yubikey2fUrl":"URL de servicio",
|
||||||
"yubikey2fUserCanRemoveKey":"Allow user to remove Yubikey",
|
"yubikey2fUserCanRemoveKey":"Allow user to remove Yubikey",
|
||||||
"zeroConfExplanations":"Server has no configuration. Use template to save the first."
|
"zeroConfExplanations":"Server has no configuration. Use template to save the first."
|
||||||
}
|
}
|
||||||
|
|
|
@ -873,6 +873,12 @@
|
||||||
"reloadParams":"Mise à jour de la configuration",
|
"reloadParams":"Mise à jour de la configuration",
|
||||||
"reloadTimeout":"Délai de mise à jour",
|
"reloadTimeout":"Délai de mise à jour",
|
||||||
"reloadUrls":"URLs de mise à jour",
|
"reloadUrls":"URLs de mise à jour",
|
||||||
|
"rememberAuthChoice":"Se souvenir du choix d'authentification",
|
||||||
|
"rememberAuthChoiceRule":"Activation",
|
||||||
|
"rememberCookieName":"Nom du cookie",
|
||||||
|
"rememberCookieTimeout":"Durée de vie du cookie",
|
||||||
|
"rememberDefaultChecked":"Cocher par défaut",
|
||||||
|
"rememberTimer":"Délai avant authentication automatique",
|
||||||
"remoteCookieName":"Nom du cookie",
|
"remoteCookieName":"Nom du cookie",
|
||||||
"remoteGlobalStorage":"Module des sessions",
|
"remoteGlobalStorage":"Module des sessions",
|
||||||
"remoteGlobalStorageOptions":"Options du module des sessions",
|
"remoteGlobalStorageOptions":"Options du module des sessions",
|
||||||
|
|
|
@ -873,6 +873,12 @@
|
||||||
"reloadParams":"Configuration reload",
|
"reloadParams":"Configuration reload",
|
||||||
"reloadTimeout":"Reload timeout",
|
"reloadTimeout":"Reload timeout",
|
||||||
"reloadUrls":"רענון כתובות",
|
"reloadUrls":"רענון כתובות",
|
||||||
|
"rememberAuthChoice":"Remember authentication choice",
|
||||||
|
"rememberAuthChoiceRule":"Activation",
|
||||||
|
"rememberCookieName":"Cookie name",
|
||||||
|
"rememberCookieTimeout":"cookie lifetime",
|
||||||
|
"rememberDefaultChecked":"Check by default",
|
||||||
|
"rememberTimer":"Timer before automatic authentication",
|
||||||
"remoteCookieName":"שם עוגיה",
|
"remoteCookieName":"שם עוגיה",
|
||||||
"remoteGlobalStorage":"מודול הפעלות",
|
"remoteGlobalStorage":"מודול הפעלות",
|
||||||
"remoteGlobalStorageOptions":"אפשרויות מודול הפעלות",
|
"remoteGlobalStorageOptions":"אפשרויות מודול הפעלות",
|
||||||
|
@ -1244,4 +1250,4 @@
|
||||||
"yubikey2fUrl":"כתובת שירות",
|
"yubikey2fUrl":"כתובת שירות",
|
||||||
"yubikey2fUserCanRemoveKey":"לאפשר למשתמש להסיר Yubikey",
|
"yubikey2fUserCanRemoveKey":"לאפשר למשתמש להסיר Yubikey",
|
||||||
"zeroConfExplanations":"Server has no configuration. Use template to save the first."
|
"zeroConfExplanations":"Server has no configuration. Use template to save the first."
|
||||||
}
|
}
|
||||||
|
|
|
@ -873,6 +873,12 @@
|
||||||
"reloadParams":"Ricarica di configurazione",
|
"reloadParams":"Ricarica di configurazione",
|
||||||
"reloadTimeout":"Ricarica il timeout",
|
"reloadTimeout":"Ricarica il timeout",
|
||||||
"reloadUrls":"Ricarica gli URL",
|
"reloadUrls":"Ricarica gli URL",
|
||||||
|
"rememberAuthChoice":"Remember authentication choice",
|
||||||
|
"rememberAuthChoiceRule":"Activation",
|
||||||
|
"rememberCookieName":"Cookie name",
|
||||||
|
"rememberCookieTimeout":"cookie lifetime",
|
||||||
|
"rememberDefaultChecked":"Check by default",
|
||||||
|
"rememberTimer":"Timer before automatic authentication",
|
||||||
"remoteCookieName":"Nome del cookie",
|
"remoteCookieName":"Nome del cookie",
|
||||||
"remoteGlobalStorage":"Modulo di sessioni",
|
"remoteGlobalStorage":"Modulo di sessioni",
|
||||||
"remoteGlobalStorageOptions":"Opzioni del modulo Sessioni",
|
"remoteGlobalStorageOptions":"Opzioni del modulo Sessioni",
|
||||||
|
@ -1244,4 +1250,4 @@
|
||||||
"yubikey2fUrl":"URL del servizio",
|
"yubikey2fUrl":"URL del servizio",
|
||||||
"yubikey2fUserCanRemoveKey":"Autorizza l'utente a rimuovere la Yubikey",
|
"yubikey2fUserCanRemoveKey":"Autorizza l'utente a rimuovere la Yubikey",
|
||||||
"zeroConfExplanations":"Il server non ha alcuna configurazione. Utilizza il modello per salvare il primo."
|
"zeroConfExplanations":"Il server non ha alcuna configurazione. Utilizza il modello per salvare il primo."
|
||||||
}
|
}
|
||||||
|
|
|
@ -873,6 +873,12 @@
|
||||||
"reloadParams":"Załaduj ponownie konfigurację",
|
"reloadParams":"Załaduj ponownie konfigurację",
|
||||||
"reloadTimeout":"Limit czasu przeładowania",
|
"reloadTimeout":"Limit czasu przeładowania",
|
||||||
"reloadUrls":"Załaduj ponownie adresy URL",
|
"reloadUrls":"Załaduj ponownie adresy URL",
|
||||||
|
"rememberAuthChoice":"Remember authentication choice",
|
||||||
|
"rememberAuthChoiceRule":"Activation",
|
||||||
|
"rememberCookieName":"Cookie name",
|
||||||
|
"rememberCookieTimeout":"cookie lifetime",
|
||||||
|
"rememberDefaultChecked":"Check by default",
|
||||||
|
"rememberTimer":"Timer before automatic authentication",
|
||||||
"remoteCookieName":"Nazwa ciasteczka",
|
"remoteCookieName":"Nazwa ciasteczka",
|
||||||
"remoteGlobalStorage":"Moduł sesji",
|
"remoteGlobalStorage":"Moduł sesji",
|
||||||
"remoteGlobalStorageOptions":"Opcje modułu sesji",
|
"remoteGlobalStorageOptions":"Opcje modułu sesji",
|
||||||
|
@ -1244,4 +1250,4 @@
|
||||||
"yubikey2fUrl":"URL usługi",
|
"yubikey2fUrl":"URL usługi",
|
||||||
"yubikey2fUserCanRemoveKey":"Pozwól użytkownikowi usunąć Yubikey",
|
"yubikey2fUserCanRemoveKey":"Pozwól użytkownikowi usunąć Yubikey",
|
||||||
"zeroConfExplanations":"Serwer nie ma konfiguracji. Użyj szablonu, aby zapisać pierwszy."
|
"zeroConfExplanations":"Serwer nie ma konfiguracji. Użyj szablonu, aby zapisać pierwszy."
|
||||||
}
|
}
|
||||||
|
|
|
@ -873,6 +873,12 @@
|
||||||
"reloadParams":"Yapılandırma yeniden yüklendi",
|
"reloadParams":"Yapılandırma yeniden yüklendi",
|
||||||
"reloadTimeout":"Yeniden yükleme zaman aşımı",
|
"reloadTimeout":"Yeniden yükleme zaman aşımı",
|
||||||
"reloadUrls":"URL'leri yeniden yükle",
|
"reloadUrls":"URL'leri yeniden yükle",
|
||||||
|
"rememberAuthChoice":"Remember authentication choice",
|
||||||
|
"rememberAuthChoiceRule":"Activation",
|
||||||
|
"rememberCookieName":"Cookie name",
|
||||||
|
"rememberCookieTimeout":"cookie lifetime",
|
||||||
|
"rememberDefaultChecked":"Check by default",
|
||||||
|
"rememberTimer":"Timer before automatic authentication",
|
||||||
"remoteCookieName":"Çerez adı",
|
"remoteCookieName":"Çerez adı",
|
||||||
"remoteGlobalStorage":"Oturumlar modülü",
|
"remoteGlobalStorage":"Oturumlar modülü",
|
||||||
"remoteGlobalStorageOptions":"Oturumlar modülü seçenekleri",
|
"remoteGlobalStorageOptions":"Oturumlar modülü seçenekleri",
|
||||||
|
@ -1244,4 +1250,4 @@
|
||||||
"yubikey2fUrl":"Servis URL'si",
|
"yubikey2fUrl":"Servis URL'si",
|
||||||
"yubikey2fUserCanRemoveKey":"Yubikey'i kaldırmak için kullanıcıya izin ver",
|
"yubikey2fUserCanRemoveKey":"Yubikey'i kaldırmak için kullanıcıya izin ver",
|
||||||
"zeroConfExplanations":"Sunucunun yapılandırması yok. Şimdi bir tane kaydetmek için şablonu kullanın."
|
"zeroConfExplanations":"Sunucunun yapılandırması yok. Şimdi bir tane kaydetmek için şablonu kullanın."
|
||||||
}
|
}
|
||||||
|
|
|
@ -873,6 +873,12 @@
|
||||||
"reloadParams":"Tải lại cấu hình",
|
"reloadParams":"Tải lại cấu hình",
|
||||||
"reloadTimeout":"Reload timeout",
|
"reloadTimeout":"Reload timeout",
|
||||||
"reloadUrls":"Reload URLs",
|
"reloadUrls":"Reload URLs",
|
||||||
|
"rememberAuthChoice":"Remember authentication choice",
|
||||||
|
"rememberAuthChoiceRule":"Activation",
|
||||||
|
"rememberCookieName":"Cookie name",
|
||||||
|
"rememberCookieTimeout":"cookie lifetime",
|
||||||
|
"rememberDefaultChecked":"Check by default",
|
||||||
|
"rememberTimer":"Timer before automatic authentication",
|
||||||
"remoteCookieName":"Tên cookie",
|
"remoteCookieName":"Tên cookie",
|
||||||
"remoteGlobalStorage":"Mô-đun phiên",
|
"remoteGlobalStorage":"Mô-đun phiên",
|
||||||
"remoteGlobalStorageOptions":"Tùy chọn mô-đun phiên",
|
"remoteGlobalStorageOptions":"Tùy chọn mô-đun phiên",
|
||||||
|
@ -1244,4 +1250,4 @@
|
||||||
"yubikey2fUrl":"Dịch vụ URL",
|
"yubikey2fUrl":"Dịch vụ URL",
|
||||||
"yubikey2fUserCanRemoveKey":"Allow user to remove Yubikey",
|
"yubikey2fUserCanRemoveKey":"Allow user to remove Yubikey",
|
||||||
"zeroConfExplanations":"Máy chủ không có cấu hình. Sử dụng mẫu để lưu đầu tiên. "
|
"zeroConfExplanations":"Máy chủ không có cấu hình. Sử dụng mẫu để lưu đầu tiên. "
|
||||||
}
|
}
|
||||||
|
|
|
@ -873,6 +873,12 @@
|
||||||
"reloadParams":"設定重新載入",
|
"reloadParams":"設定重新載入",
|
||||||
"reloadTimeout":"重新載入逾時",
|
"reloadTimeout":"重新載入逾時",
|
||||||
"reloadUrls":"重新載入 URL",
|
"reloadUrls":"重新載入 URL",
|
||||||
|
"rememberAuthChoice":"Remember authentication choice",
|
||||||
|
"rememberAuthChoiceRule":"Activation",
|
||||||
|
"rememberCookieName":"Cookie name",
|
||||||
|
"rememberCookieTimeout":"cookie lifetime",
|
||||||
|
"rememberDefaultChecked":"Check by default",
|
||||||
|
"rememberTimer":"Timer before automatic authentication",
|
||||||
"remoteCookieName":"Cookie 名称",
|
"remoteCookieName":"Cookie 名称",
|
||||||
"remoteGlobalStorage":"工作階段模組",
|
"remoteGlobalStorage":"工作階段模組",
|
||||||
"remoteGlobalStorageOptions":"工作階段模組選項",
|
"remoteGlobalStorageOptions":"工作階段模組選項",
|
||||||
|
@ -1244,4 +1250,4 @@
|
||||||
"yubikey2fUrl":"服务 URL",
|
"yubikey2fUrl":"服务 URL",
|
||||||
"yubikey2fUserCanRemoveKey":"允許使用者移除 Yubikey",
|
"yubikey2fUserCanRemoveKey":"允許使用者移除 Yubikey",
|
||||||
"zeroConfExplanations":"伺服器未設定。使用飯本來儲存第一個。"
|
"zeroConfExplanations":"伺服器未設定。使用飯本來儲存第一個。"
|
||||||
}
|
}
|
||||||
|
|
|
@ -873,6 +873,12 @@
|
||||||
"reloadParams":"設定重新載入",
|
"reloadParams":"設定重新載入",
|
||||||
"reloadTimeout":"重新載入逾時",
|
"reloadTimeout":"重新載入逾時",
|
||||||
"reloadUrls":"重新載入 URL",
|
"reloadUrls":"重新載入 URL",
|
||||||
|
"rememberAuthChoice":"Remember authentication choice",
|
||||||
|
"rememberAuthChoiceRule":"Activation",
|
||||||
|
"rememberCookieName":"Cookie name",
|
||||||
|
"rememberCookieTimeout":"cookie lifetime",
|
||||||
|
"rememberDefaultChecked":"Check by default",
|
||||||
|
"rememberTimer":"Timer before automatic authentication",
|
||||||
"remoteCookieName":"Cookie 名稱",
|
"remoteCookieName":"Cookie 名稱",
|
||||||
"remoteGlobalStorage":"工作階段模組",
|
"remoteGlobalStorage":"工作階段模組",
|
||||||
"remoteGlobalStorageOptions":"工作階段模組選項",
|
"remoteGlobalStorageOptions":"工作階段模組選項",
|
||||||
|
@ -1244,4 +1250,4 @@
|
||||||
"yubikey2fUrl":"服務 URL",
|
"yubikey2fUrl":"服務 URL",
|
||||||
"yubikey2fUserCanRemoveKey":"允許使用者移除 Yubikey",
|
"yubikey2fUserCanRemoveKey":"允許使用者移除 Yubikey",
|
||||||
"zeroConfExplanations":"伺服器未設定。使用飯本來儲存第一個。"
|
"zeroConfExplanations":"伺服器未設定。使用飯本來儲存第一個。"
|
||||||
}
|
}
|
||||||
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -7,332 +7,224 @@ use Exporter 'import';
|
||||||
our $VERSION = '2.0.14';
|
our $VERSION = '2.0.14';
|
||||||
|
|
||||||
use constant HANDLER => 'Lemonldap::NG::Handler::PSGI::Main';
|
use constant HANDLER => 'Lemonldap::NG::Handler::PSGI::Main';
|
||||||
use constant URIRE =>
|
use constant URIRE => qr{(((?^:https?))://((?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::((?:[0-9]*)))?(/(((?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?]((?:(?:[;/?:\@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)};
|
||||||
qr{(((?^:https?))://((?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::((?:[0-9]*)))?(/(((?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?]((?:(?:[;/?:\@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)};
|
|
||||||
use constant {
|
use constant {
|
||||||
PE_IDPCHOICE => -5,
|
PE_IDPCHOICE => -5,
|
||||||
PE_SENDRESPONSE => -4,
|
PE_SENDRESPONSE => -4,
|
||||||
PE_INFO => -3,
|
PE_INFO => -3,
|
||||||
PE_REDIRECT => -2,
|
PE_REDIRECT => -2,
|
||||||
PE_DONE => -1,
|
PE_DONE => -1,
|
||||||
PE_OK => 0,
|
PE_OK => 0,
|
||||||
PE_SESSIONEXPIRED => 1,
|
PE_SESSIONEXPIRED => 1,
|
||||||
PE_FORMEMPTY => 2,
|
PE_FORMEMPTY => 2,
|
||||||
PE_WRONGMANAGERACCOUNT => 3,
|
PE_WRONGMANAGERACCOUNT => 3,
|
||||||
PE_USERNOTFOUND => 4,
|
PE_USERNOTFOUND => 4,
|
||||||
PE_BADCREDENTIALS => 5,
|
PE_BADCREDENTIALS => 5,
|
||||||
PE_LDAPCONNECTFAILED => 6,
|
PE_LDAPCONNECTFAILED => 6,
|
||||||
PE_LDAPERROR => 7,
|
PE_LDAPERROR => 7,
|
||||||
PE_APACHESESSIONERROR => 8,
|
PE_APACHESESSIONERROR => 8,
|
||||||
PE_FIRSTACCESS => 9,
|
PE_FIRSTACCESS => 9,
|
||||||
PE_BADCERTIFICATE => 10,
|
PE_BADCERTIFICATE => 10,
|
||||||
PE_NO_PASSWORD_BE => 20,
|
PE_NO_PASSWORD_BE => 20,
|
||||||
PE_PP_ACCOUNT_LOCKED => 21,
|
PE_PP_ACCOUNT_LOCKED => 21,
|
||||||
PE_PP_PASSWORD_EXPIRED => 22,
|
PE_PP_PASSWORD_EXPIRED => 22,
|
||||||
PE_CERTIFICATEREQUIRED => 23,
|
PE_CERTIFICATEREQUIRED => 23,
|
||||||
PE_ERROR => 24,
|
PE_ERROR => 24,
|
||||||
PE_PP_CHANGE_AFTER_RESET => 25,
|
PE_PP_CHANGE_AFTER_RESET => 25,
|
||||||
PE_PP_PASSWORD_MOD_NOT_ALLOWED => 26,
|
PE_PP_PASSWORD_MOD_NOT_ALLOWED => 26,
|
||||||
PE_PP_MUST_SUPPLY_OLD_PASSWORD => 27,
|
PE_PP_MUST_SUPPLY_OLD_PASSWORD => 27,
|
||||||
PE_PP_INSUFFICIENT_PASSWORD_QUALITY => 28,
|
PE_PP_INSUFFICIENT_PASSWORD_QUALITY => 28,
|
||||||
PE_PP_PASSWORD_TOO_SHORT => 29,
|
PE_PP_PASSWORD_TOO_SHORT => 29,
|
||||||
PE_PP_PASSWORD_TOO_YOUNG => 30,
|
PE_PP_PASSWORD_TOO_YOUNG => 30,
|
||||||
PE_PP_PASSWORD_IN_HISTORY => 31,
|
PE_PP_PASSWORD_IN_HISTORY => 31,
|
||||||
PE_PP_GRACE => 32,
|
PE_PP_GRACE => 32,
|
||||||
PE_PP_EXP_WARNING => 33,
|
PE_PP_EXP_WARNING => 33,
|
||||||
PE_PASSWORD_MISMATCH => 34,
|
PE_PASSWORD_MISMATCH => 34,
|
||||||
PE_PASSWORD_OK => 35,
|
PE_PASSWORD_OK => 35,
|
||||||
PE_NOTIFICATION => 36,
|
PE_NOTIFICATION => 36,
|
||||||
PE_BADURL => 37,
|
PE_BADURL => 37,
|
||||||
PE_NOSCHEME => 38,
|
PE_NOSCHEME => 38,
|
||||||
PE_BADOLDPASSWORD => 39,
|
PE_BADOLDPASSWORD => 39,
|
||||||
PE_MALFORMEDUSER => 40,
|
PE_MALFORMEDUSER => 40,
|
||||||
PE_SESSIONNOTGRANTED => 41,
|
PE_SESSIONNOTGRANTED => 41,
|
||||||
PE_CONFIRM => 42,
|
PE_CONFIRM => 42,
|
||||||
PE_MAILFORMEMPTY => 43,
|
PE_MAILFORMEMPTY => 43,
|
||||||
PE_BADMAILTOKEN => 44,
|
PE_BADMAILTOKEN => 44,
|
||||||
PE_MAILERROR => 45,
|
PE_MAILERROR => 45,
|
||||||
PE_MAILOK => 46,
|
PE_MAILOK => 46,
|
||||||
PE_LOGOUT_OK => 47,
|
PE_LOGOUT_OK => 47,
|
||||||
PE_SAML_ERROR => 48,
|
PE_SAML_ERROR => 48,
|
||||||
PE_SAML_LOAD_SERVICE_ERROR => 49,
|
PE_SAML_LOAD_SERVICE_ERROR => 49,
|
||||||
PE_SAML_LOAD_IDP_ERROR => 50,
|
PE_SAML_LOAD_IDP_ERROR => 50,
|
||||||
PE_SAML_SSO_ERROR => 51,
|
PE_SAML_SSO_ERROR => 51,
|
||||||
PE_SAML_UNKNOWN_ENTITY => 52,
|
PE_SAML_UNKNOWN_ENTITY => 52,
|
||||||
PE_SAML_DESTINATION_ERROR => 53,
|
PE_SAML_DESTINATION_ERROR => 53,
|
||||||
PE_SAML_CONDITIONS_ERROR => 54,
|
PE_SAML_CONDITIONS_ERROR => 54,
|
||||||
PE_SAML_IDPSSOINITIATED_NOTALLOWED => 55,
|
PE_SAML_IDPSSOINITIATED_NOTALLOWED => 55,
|
||||||
PE_SAML_SLO_ERROR => 56,
|
PE_SAML_SLO_ERROR => 56,
|
||||||
PE_SAML_SIGNATURE_ERROR => 57,
|
PE_SAML_SIGNATURE_ERROR => 57,
|
||||||
PE_SAML_ART_ERROR => 58,
|
PE_SAML_ART_ERROR => 58,
|
||||||
PE_SAML_SESSION_ERROR => 59,
|
PE_SAML_SESSION_ERROR => 59,
|
||||||
PE_SAML_LOAD_SP_ERROR => 60,
|
PE_SAML_LOAD_SP_ERROR => 60,
|
||||||
PE_SAML_ATTR_ERROR => 61,
|
PE_SAML_ATTR_ERROR => 61,
|
||||||
PE_OPENID_EMPTY => 62,
|
PE_OPENID_EMPTY => 62,
|
||||||
PE_OPENID_BADID => 63,
|
PE_OPENID_BADID => 63,
|
||||||
PE_MISSINGREQATTR => 64,
|
PE_MISSINGREQATTR => 64,
|
||||||
PE_BADPARTNER => 65,
|
PE_BADPARTNER => 65,
|
||||||
PE_MAILCONFIRMATION_ALREADY_SENT => 66,
|
PE_MAILCONFIRMATION_ALREADY_SENT => 66,
|
||||||
PE_PASSWORDFORMEMPTY => 67,
|
PE_PASSWORDFORMEMPTY => 67,
|
||||||
PE_CAS_SERVICE_NOT_ALLOWED => 68,
|
PE_CAS_SERVICE_NOT_ALLOWED => 68,
|
||||||
PE_MAILFIRSTACCESS => 69,
|
PE_MAILFIRSTACCESS => 69,
|
||||||
PE_MAILNOTFOUND => 70,
|
PE_MAILNOTFOUND => 70,
|
||||||
PE_PASSWORDFIRSTACCESS => 71,
|
PE_PASSWORDFIRSTACCESS => 71,
|
||||||
PE_MAILCONFIRMOK => 72,
|
PE_MAILCONFIRMOK => 72,
|
||||||
PE_RADIUSCONNECTFAILED => 73,
|
PE_RADIUSCONNECTFAILED => 73,
|
||||||
PE_MUST_SUPPLY_OLD_PASSWORD => 74,
|
PE_MUST_SUPPLY_OLD_PASSWORD => 74,
|
||||||
PE_FORBIDDENIP => 75,
|
PE_FORBIDDENIP => 75,
|
||||||
PE_CAPTCHAERROR => 76,
|
PE_CAPTCHAERROR => 76,
|
||||||
PE_CAPTCHAEMPTY => 77,
|
PE_CAPTCHAEMPTY => 77,
|
||||||
PE_REGISTERFIRSTACCESS => 78,
|
PE_REGISTERFIRSTACCESS => 78,
|
||||||
PE_REGISTERFORMEMPTY => 79,
|
PE_REGISTERFORMEMPTY => 79,
|
||||||
PE_REGISTERALREADYEXISTS => 80,
|
PE_REGISTERALREADYEXISTS => 80,
|
||||||
PE_NOTOKEN => 81,
|
PE_NOTOKEN => 81,
|
||||||
PE_TOKENEXPIRED => 82,
|
PE_TOKENEXPIRED => 82,
|
||||||
PE_U2FFAILED => 83,
|
PE_U2FFAILED => 83,
|
||||||
PE_UNAUTHORIZEDPARTNER => 84,
|
PE_UNAUTHORIZEDPARTNER => 84,
|
||||||
PE_RENEWSESSION => 85,
|
PE_RENEWSESSION => 85,
|
||||||
PE_WAIT => 86,
|
PE_WAIT => 86,
|
||||||
PE_MUSTAUTHN => 87,
|
PE_MUSTAUTHN => 87,
|
||||||
PE_MUSTHAVEMAIL => 88,
|
PE_MUSTHAVEMAIL => 88,
|
||||||
PE_SAML_SERVICE_NOT_ALLOWED => 89,
|
PE_SAML_SERVICE_NOT_ALLOWED => 89,
|
||||||
PE_OIDC_SERVICE_NOT_ALLOWED => 90,
|
PE_OIDC_SERVICE_NOT_ALLOWED => 90,
|
||||||
PE_OID_SERVICE_NOT_ALLOWED => 91,
|
PE_OID_SERVICE_NOT_ALLOWED => 91,
|
||||||
PE_GET_SERVICE_NOT_ALLOWED => 92,
|
PE_GET_SERVICE_NOT_ALLOWED => 92,
|
||||||
PE_IMPERSONATION_SERVICE_NOT_ALLOWED => 93,
|
PE_IMPERSONATION_SERVICE_NOT_ALLOWED => 93,
|
||||||
PE_ISSUERMISSINGREQATTR => 94,
|
PE_ISSUERMISSINGREQATTR => 94,
|
||||||
PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED => 95,
|
PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED => 95,
|
||||||
PE_BADOTP => 96,
|
PE_BADOTP => 96,
|
||||||
PE_RESETCERTIFICATE_INVALID => 97,
|
PE_RESETCERTIFICATE_INVALID => 97,
|
||||||
PE_RESETCERTIFICATE_FORMEMPTY => 98,
|
PE_RESETCERTIFICATE_FORMEMPTY => 98,
|
||||||
PE_RESETCERTIFICATE_FIRSTACCESS => 99,
|
PE_RESETCERTIFICATE_FIRSTACCESS => 99,
|
||||||
PE_PP_NOT_ALLOWED_CHARACTER => 100,
|
PE_PP_NOT_ALLOWED_CHARACTER => 100,
|
||||||
PE_PP_NOT_ALLOWED_CHARACTERS => 101,
|
PE_PP_NOT_ALLOWED_CHARACTERS => 101,
|
||||||
PE_UPGRADESESSION => 102,
|
PE_UPGRADESESSION => 102,
|
||||||
PE_NO_SECOND_FACTORS => 103,
|
PE_NO_SECOND_FACTORS => 103,
|
||||||
PE_BAD_DEVOPS_FILE => 104,
|
PE_BAD_DEVOPS_FILE => 104,
|
||||||
PE_FILENOTFOUND => 105,
|
PE_FILENOTFOUND => 105,
|
||||||
PE_OIDC_AUTH_ERROR => 106,
|
PE_OIDC_AUTH_ERROR => 106,
|
||||||
};
|
};
|
||||||
|
|
||||||
sub portalConsts {
|
sub portalConsts {
|
||||||
return {
|
return {
|
||||||
'-1' => 'PE_DONE',
|
'-1' => 'PE_DONE',
|
||||||
'-2' => 'PE_REDIRECT',
|
'-2' => 'PE_REDIRECT',
|
||||||
'-3' => 'PE_INFO',
|
'-3' => 'PE_INFO',
|
||||||
'-4' => 'PE_SENDRESPONSE',
|
'-4' => 'PE_SENDRESPONSE',
|
||||||
'-5' => 'PE_IDPCHOICE',
|
'-5' => 'PE_IDPCHOICE',
|
||||||
'0' => 'PE_OK',
|
'0' => 'PE_OK',
|
||||||
'1' => 'PE_SESSIONEXPIRED',
|
'1' => 'PE_SESSIONEXPIRED',
|
||||||
'10' => 'PE_BADCERTIFICATE',
|
'10' => 'PE_BADCERTIFICATE',
|
||||||
'100' => 'PE_PP_NOT_ALLOWED_CHARACTER',
|
'100' => 'PE_PP_NOT_ALLOWED_CHARACTER',
|
||||||
'101' => 'PE_PP_NOT_ALLOWED_CHARACTERS',
|
'101' => 'PE_PP_NOT_ALLOWED_CHARACTERS',
|
||||||
'102' => 'PE_UPGRADESESSION',
|
'102' => 'PE_UPGRADESESSION',
|
||||||
'103' => 'PE_NO_SECOND_FACTORS',
|
'103' => 'PE_NO_SECOND_FACTORS',
|
||||||
'104' => 'PE_BAD_DEVOPS_FILE',
|
'104' => 'PE_BAD_DEVOPS_FILE',
|
||||||
'105' => 'PE_FILENOTFOUND',
|
'105' => 'PE_FILENOTFOUND',
|
||||||
'106' => 'PE_OIDC_AUTH_ERROR',
|
'106' => 'PE_OIDC_AUTH_ERROR',
|
||||||
'2' => 'PE_FORMEMPTY',
|
'2' => 'PE_FORMEMPTY',
|
||||||
'20' => 'PE_NO_PASSWORD_BE',
|
'20' => 'PE_NO_PASSWORD_BE',
|
||||||
'21' => 'PE_PP_ACCOUNT_LOCKED',
|
'21' => 'PE_PP_ACCOUNT_LOCKED',
|
||||||
'22' => 'PE_PP_PASSWORD_EXPIRED',
|
'22' => 'PE_PP_PASSWORD_EXPIRED',
|
||||||
'23' => 'PE_CERTIFICATEREQUIRED',
|
'23' => 'PE_CERTIFICATEREQUIRED',
|
||||||
'24' => 'PE_ERROR',
|
'24' => 'PE_ERROR',
|
||||||
'25' => 'PE_PP_CHANGE_AFTER_RESET',
|
'25' => 'PE_PP_CHANGE_AFTER_RESET',
|
||||||
'26' => 'PE_PP_PASSWORD_MOD_NOT_ALLOWED',
|
'26' => 'PE_PP_PASSWORD_MOD_NOT_ALLOWED',
|
||||||
'27' => 'PE_PP_MUST_SUPPLY_OLD_PASSWORD',
|
'27' => 'PE_PP_MUST_SUPPLY_OLD_PASSWORD',
|
||||||
'28' => 'PE_PP_INSUFFICIENT_PASSWORD_QUALITY',
|
'28' => 'PE_PP_INSUFFICIENT_PASSWORD_QUALITY',
|
||||||
'29' => 'PE_PP_PASSWORD_TOO_SHORT',
|
'29' => 'PE_PP_PASSWORD_TOO_SHORT',
|
||||||
'3' => 'PE_WRONGMANAGERACCOUNT',
|
'3' => 'PE_WRONGMANAGERACCOUNT',
|
||||||
'30' => 'PE_PP_PASSWORD_TOO_YOUNG',
|
'30' => 'PE_PP_PASSWORD_TOO_YOUNG',
|
||||||
'31' => 'PE_PP_PASSWORD_IN_HISTORY',
|
'31' => 'PE_PP_PASSWORD_IN_HISTORY',
|
||||||
'32' => 'PE_PP_GRACE',
|
'32' => 'PE_PP_GRACE',
|
||||||
'33' => 'PE_PP_EXP_WARNING',
|
'33' => 'PE_PP_EXP_WARNING',
|
||||||
'34' => 'PE_PASSWORD_MISMATCH',
|
'34' => 'PE_PASSWORD_MISMATCH',
|
||||||
'35' => 'PE_PASSWORD_OK',
|
'35' => 'PE_PASSWORD_OK',
|
||||||
'36' => 'PE_NOTIFICATION',
|
'36' => 'PE_NOTIFICATION',
|
||||||
'37' => 'PE_BADURL',
|
'37' => 'PE_BADURL',
|
||||||
'38' => 'PE_NOSCHEME',
|
'38' => 'PE_NOSCHEME',
|
||||||
'39' => 'PE_BADOLDPASSWORD',
|
'39' => 'PE_BADOLDPASSWORD',
|
||||||
'4' => 'PE_USERNOTFOUND',
|
'4' => 'PE_USERNOTFOUND',
|
||||||
'40' => 'PE_MALFORMEDUSER',
|
'40' => 'PE_MALFORMEDUSER',
|
||||||
'41' => 'PE_SESSIONNOTGRANTED',
|
'41' => 'PE_SESSIONNOTGRANTED',
|
||||||
'42' => 'PE_CONFIRM',
|
'42' => 'PE_CONFIRM',
|
||||||
'43' => 'PE_MAILFORMEMPTY',
|
'43' => 'PE_MAILFORMEMPTY',
|
||||||
'44' => 'PE_BADMAILTOKEN',
|
'44' => 'PE_BADMAILTOKEN',
|
||||||
'45' => 'PE_MAILERROR',
|
'45' => 'PE_MAILERROR',
|
||||||
'46' => 'PE_MAILOK',
|
'46' => 'PE_MAILOK',
|
||||||
'47' => 'PE_LOGOUT_OK',
|
'47' => 'PE_LOGOUT_OK',
|
||||||
'48' => 'PE_SAML_ERROR',
|
'48' => 'PE_SAML_ERROR',
|
||||||
'49' => 'PE_SAML_LOAD_SERVICE_ERROR',
|
'49' => 'PE_SAML_LOAD_SERVICE_ERROR',
|
||||||
'5' => 'PE_BADCREDENTIALS',
|
'5' => 'PE_BADCREDENTIALS',
|
||||||
'50' => 'PE_SAML_LOAD_IDP_ERROR',
|
'50' => 'PE_SAML_LOAD_IDP_ERROR',
|
||||||
'51' => 'PE_SAML_SSO_ERROR',
|
'51' => 'PE_SAML_SSO_ERROR',
|
||||||
'52' => 'PE_SAML_UNKNOWN_ENTITY',
|
'52' => 'PE_SAML_UNKNOWN_ENTITY',
|
||||||
'53' => 'PE_SAML_DESTINATION_ERROR',
|
'53' => 'PE_SAML_DESTINATION_ERROR',
|
||||||
'54' => 'PE_SAML_CONDITIONS_ERROR',
|
'54' => 'PE_SAML_CONDITIONS_ERROR',
|
||||||
'55' => 'PE_SAML_IDPSSOINITIATED_NOTALLOWED',
|
'55' => 'PE_SAML_IDPSSOINITIATED_NOTALLOWED',
|
||||||
'56' => 'PE_SAML_SLO_ERROR',
|
'56' => 'PE_SAML_SLO_ERROR',
|
||||||
'57' => 'PE_SAML_SIGNATURE_ERROR',
|
'57' => 'PE_SAML_SIGNATURE_ERROR',
|
||||||
'58' => 'PE_SAML_ART_ERROR',
|
'58' => 'PE_SAML_ART_ERROR',
|
||||||
'59' => 'PE_SAML_SESSION_ERROR',
|
'59' => 'PE_SAML_SESSION_ERROR',
|
||||||
'6' => 'PE_LDAPCONNECTFAILED',
|
'6' => 'PE_LDAPCONNECTFAILED',
|
||||||
'60' => 'PE_SAML_LOAD_SP_ERROR',
|
'60' => 'PE_SAML_LOAD_SP_ERROR',
|
||||||
'61' => 'PE_SAML_ATTR_ERROR',
|
'61' => 'PE_SAML_ATTR_ERROR',
|
||||||
'62' => 'PE_OPENID_EMPTY',
|
'62' => 'PE_OPENID_EMPTY',
|
||||||
'63' => 'PE_OPENID_BADID',
|
'63' => 'PE_OPENID_BADID',
|
||||||
'64' => 'PE_MISSINGREQATTR',
|
'64' => 'PE_MISSINGREQATTR',
|
||||||
'65' => 'PE_BADPARTNER',
|
'65' => 'PE_BADPARTNER',
|
||||||
'66' => 'PE_MAILCONFIRMATION_ALREADY_SENT',
|
'66' => 'PE_MAILCONFIRMATION_ALREADY_SENT',
|
||||||
'67' => 'PE_PASSWORDFORMEMPTY',
|
'67' => 'PE_PASSWORDFORMEMPTY',
|
||||||
'68' => 'PE_CAS_SERVICE_NOT_ALLOWED',
|
'68' => 'PE_CAS_SERVICE_NOT_ALLOWED',
|
||||||
'69' => 'PE_MAILFIRSTACCESS',
|
'69' => 'PE_MAILFIRSTACCESS',
|
||||||
'7' => 'PE_LDAPERROR',
|
'7' => 'PE_LDAPERROR',
|
||||||
'70' => 'PE_MAILNOTFOUND',
|
'70' => 'PE_MAILNOTFOUND',
|
||||||
'71' => 'PE_PASSWORDFIRSTACCESS',
|
'71' => 'PE_PASSWORDFIRSTACCESS',
|
||||||
'72' => 'PE_MAILCONFIRMOK',
|
'72' => 'PE_MAILCONFIRMOK',
|
||||||
'73' => 'PE_RADIUSCONNECTFAILED',
|
'73' => 'PE_RADIUSCONNECTFAILED',
|
||||||
'74' => 'PE_MUST_SUPPLY_OLD_PASSWORD',
|
'74' => 'PE_MUST_SUPPLY_OLD_PASSWORD',
|
||||||
'75' => 'PE_FORBIDDENIP',
|
'75' => 'PE_FORBIDDENIP',
|
||||||
'76' => 'PE_CAPTCHAERROR',
|
'76' => 'PE_CAPTCHAERROR',
|
||||||
'77' => 'PE_CAPTCHAEMPTY',
|
'77' => 'PE_CAPTCHAEMPTY',
|
||||||
'78' => 'PE_REGISTERFIRSTACCESS',
|
'78' => 'PE_REGISTERFIRSTACCESS',
|
||||||
'79' => 'PE_REGISTERFORMEMPTY',
|
'79' => 'PE_REGISTERFORMEMPTY',
|
||||||
'8' => 'PE_APACHESESSIONERROR',
|
'8' => 'PE_APACHESESSIONERROR',
|
||||||
'80' => 'PE_REGISTERALREADYEXISTS',
|
'80' => 'PE_REGISTERALREADYEXISTS',
|
||||||
'81' => 'PE_NOTOKEN',
|
'81' => 'PE_NOTOKEN',
|
||||||
'82' => 'PE_TOKENEXPIRED',
|
'82' => 'PE_TOKENEXPIRED',
|
||||||
'83' => 'PE_U2FFAILED',
|
'83' => 'PE_U2FFAILED',
|
||||||
'84' => 'PE_UNAUTHORIZEDPARTNER',
|
'84' => 'PE_UNAUTHORIZEDPARTNER',
|
||||||
'85' => 'PE_RENEWSESSION',
|
'85' => 'PE_RENEWSESSION',
|
||||||
'86' => 'PE_WAIT',
|
'86' => 'PE_WAIT',
|
||||||
'87' => 'PE_MUSTAUTHN',
|
'87' => 'PE_MUSTAUTHN',
|
||||||
'88' => 'PE_MUSTHAVEMAIL',
|
'88' => 'PE_MUSTHAVEMAIL',
|
||||||
'89' => 'PE_SAML_SERVICE_NOT_ALLOWED',
|
'89' => 'PE_SAML_SERVICE_NOT_ALLOWED',
|
||||||
'9' => 'PE_FIRSTACCESS',
|
'9' => 'PE_FIRSTACCESS',
|
||||||
'90' => 'PE_OIDC_SERVICE_NOT_ALLOWED',
|
'90' => 'PE_OIDC_SERVICE_NOT_ALLOWED',
|
||||||
'91' => 'PE_OID_SERVICE_NOT_ALLOWED',
|
'91' => 'PE_OID_SERVICE_NOT_ALLOWED',
|
||||||
'92' => 'PE_GET_SERVICE_NOT_ALLOWED',
|
'92' => 'PE_GET_SERVICE_NOT_ALLOWED',
|
||||||
'93' => 'PE_IMPERSONATION_SERVICE_NOT_ALLOWED',
|
'93' => 'PE_IMPERSONATION_SERVICE_NOT_ALLOWED',
|
||||||
'94' => 'PE_ISSUERMISSINGREQATTR',
|
'94' => 'PE_ISSUERMISSINGREQATTR',
|
||||||
'95' => 'PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED',
|
'95' => 'PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED',
|
||||||
'96' => 'PE_BADOTP',
|
'96' => 'PE_BADOTP',
|
||||||
'97' => 'PE_RESETCERTIFICATE_INVALID',
|
'97' => 'PE_RESETCERTIFICATE_INVALID',
|
||||||
'98' => 'PE_RESETCERTIFICATE_FORMEMPTY',
|
'98' => 'PE_RESETCERTIFICATE_FORMEMPTY',
|
||||||
'99' => 'PE_RESETCERTIFICATE_FIRSTACCESS'
|
'99' => 'PE_RESETCERTIFICATE_FIRSTACCESS'
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
# EXPORTER PARAMETERS
|
# EXPORTER PARAMETERS
|
||||||
our @EXPORT_OK = (
|
our @EXPORT_OK = ( 'portalConsts', 'HANDLER', 'URIRE', 'PE_IDPCHOICE', 'PE_SENDRESPONSE', 'PE_INFO', 'PE_REDIRECT', 'PE_DONE', 'PE_OK', 'PE_SESSIONEXPIRED', 'PE_FORMEMPTY', 'PE_WRONGMANAGERACCOUNT', 'PE_USERNOTFOUND', 'PE_BADCREDENTIALS', 'PE_LDAPCONNECTFAILED', 'PE_LDAPERROR', 'PE_APACHESESSIONERROR', 'PE_FIRSTACCESS', 'PE_BADCERTIFICATE', 'PE_NO_PASSWORD_BE', 'PE_PP_ACCOUNT_LOCKED', 'PE_PP_PASSWORD_EXPIRED', 'PE_CERTIFICATEREQUIRED', 'PE_ERROR', 'PE_PP_CHANGE_AFTER_RESET', 'PE_PP_PASSWORD_MOD_NOT_ALLOWED', 'PE_PP_MUST_SUPPLY_OLD_PASSWORD', 'PE_PP_INSUFFICIENT_PASSWORD_QUALITY', 'PE_PP_PASSWORD_TOO_SHORT', 'PE_PP_PASSWORD_TOO_YOUNG', 'PE_PP_PASSWORD_IN_HISTORY', 'PE_PP_GRACE', 'PE_PP_EXP_WARNING', 'PE_PASSWORD_MISMATCH', 'PE_PASSWORD_OK', 'PE_NOTIFICATION', 'PE_BADURL', 'PE_NOSCHEME', 'PE_BADOLDPASSWORD', 'PE_MALFORMEDUSER', 'PE_SESSIONNOTGRANTED', 'PE_CONFIRM', 'PE_MAILFORMEMPTY', 'PE_BADMAILTOKEN', 'PE_MAILERROR', 'PE_MAILOK', 'PE_LOGOUT_OK', 'PE_SAML_ERROR', 'PE_SAML_LOAD_SERVICE_ERROR', 'PE_SAML_LOAD_IDP_ERROR', 'PE_SAML_SSO_ERROR', 'PE_SAML_UNKNOWN_ENTITY', 'PE_SAML_DESTINATION_ERROR', 'PE_SAML_CONDITIONS_ERROR', 'PE_SAML_IDPSSOINITIATED_NOTALLOWED', 'PE_SAML_SLO_ERROR', 'PE_SAML_SIGNATURE_ERROR', 'PE_SAML_ART_ERROR', 'PE_SAML_SESSION_ERROR', 'PE_SAML_LOAD_SP_ERROR', 'PE_SAML_ATTR_ERROR', 'PE_OPENID_EMPTY', 'PE_OPENID_BADID', 'PE_MISSINGREQATTR', 'PE_BADPARTNER', 'PE_MAILCONFIRMATION_ALREADY_SENT', 'PE_PASSWORDFORMEMPTY', 'PE_CAS_SERVICE_NOT_ALLOWED', 'PE_MAILFIRSTACCESS', 'PE_MAILNOTFOUND', 'PE_PASSWORDFIRSTACCESS', 'PE_MAILCONFIRMOK', 'PE_RADIUSCONNECTFAILED', 'PE_MUST_SUPPLY_OLD_PASSWORD', 'PE_FORBIDDENIP', 'PE_CAPTCHAERROR', 'PE_CAPTCHAEMPTY', 'PE_REGISTERFIRSTACCESS', 'PE_REGISTERFORMEMPTY', 'PE_REGISTERALREADYEXISTS', 'PE_NOTOKEN', 'PE_TOKENEXPIRED', 'PE_U2FFAILED', 'PE_UNAUTHORIZEDPARTNER', 'PE_RENEWSESSION', 'PE_WAIT', 'PE_MUSTAUTHN', 'PE_MUSTHAVEMAIL', 'PE_SAML_SERVICE_NOT_ALLOWED', 'PE_OIDC_SERVICE_NOT_ALLOWED', 'PE_OID_SERVICE_NOT_ALLOWED', 'PE_GET_SERVICE_NOT_ALLOWED', 'PE_IMPERSONATION_SERVICE_NOT_ALLOWED', 'PE_ISSUERMISSINGREQATTR', 'PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED', 'PE_BADOTP', 'PE_RESETCERTIFICATE_INVALID', 'PE_RESETCERTIFICATE_FORMEMPTY', 'PE_RESETCERTIFICATE_FIRSTACCESS', 'PE_PP_NOT_ALLOWED_CHARACTER', 'PE_PP_NOT_ALLOWED_CHARACTERS', 'PE_UPGRADESESSION', 'PE_NO_SECOND_FACTORS', 'PE_BAD_DEVOPS_FILE', 'PE_FILENOTFOUND', 'PE_OIDC_AUTH_ERROR' );
|
||||||
'portalConsts',
|
|
||||||
'HANDLER',
|
|
||||||
'URIRE',
|
|
||||||
'PE_IDPCHOICE',
|
|
||||||
'PE_SENDRESPONSE',
|
|
||||||
'PE_INFO',
|
|
||||||
'PE_REDIRECT',
|
|
||||||
'PE_DONE',
|
|
||||||
'PE_OK',
|
|
||||||
'PE_SESSIONEXPIRED',
|
|
||||||
'PE_FORMEMPTY',
|
|
||||||
'PE_WRONGMANAGERACCOUNT',
|
|
||||||
'PE_USERNOTFOUND',
|
|
||||||
'PE_BADCREDENTIALS',
|
|
||||||
'PE_LDAPCONNECTFAILED',
|
|
||||||
'PE_LDAPERROR',
|
|
||||||
'PE_APACHESESSIONERROR',
|
|
||||||
'PE_FIRSTACCESS',
|
|
||||||
'PE_BADCERTIFICATE',
|
|
||||||
'PE_NO_PASSWORD_BE',
|
|
||||||
'PE_PP_ACCOUNT_LOCKED',
|
|
||||||
'PE_PP_PASSWORD_EXPIRED',
|
|
||||||
'PE_CERTIFICATEREQUIRED',
|
|
||||||
'PE_ERROR',
|
|
||||||
'PE_PP_CHANGE_AFTER_RESET',
|
|
||||||
'PE_PP_PASSWORD_MOD_NOT_ALLOWED',
|
|
||||||
'PE_PP_MUST_SUPPLY_OLD_PASSWORD',
|
|
||||||
'PE_PP_INSUFFICIENT_PASSWORD_QUALITY',
|
|
||||||
'PE_PP_PASSWORD_TOO_SHORT',
|
|
||||||
'PE_PP_PASSWORD_TOO_YOUNG',
|
|
||||||
'PE_PP_PASSWORD_IN_HISTORY',
|
|
||||||
'PE_PP_GRACE',
|
|
||||||
'PE_PP_EXP_WARNING',
|
|
||||||
'PE_PASSWORD_MISMATCH',
|
|
||||||
'PE_PASSWORD_OK',
|
|
||||||
'PE_NOTIFICATION',
|
|
||||||
'PE_BADURL',
|
|
||||||
'PE_NOSCHEME',
|
|
||||||
'PE_BADOLDPASSWORD',
|
|
||||||
'PE_MALFORMEDUSER',
|
|
||||||
'PE_SESSIONNOTGRANTED',
|
|
||||||
'PE_CONFIRM',
|
|
||||||
'PE_MAILFORMEMPTY',
|
|
||||||
'PE_BADMAILTOKEN',
|
|
||||||
'PE_MAILERROR',
|
|
||||||
'PE_MAILOK',
|
|
||||||
'PE_LOGOUT_OK',
|
|
||||||
'PE_SAML_ERROR',
|
|
||||||
'PE_SAML_LOAD_SERVICE_ERROR',
|
|
||||||
'PE_SAML_LOAD_IDP_ERROR',
|
|
||||||
'PE_SAML_SSO_ERROR',
|
|
||||||
'PE_SAML_UNKNOWN_ENTITY',
|
|
||||||
'PE_SAML_DESTINATION_ERROR',
|
|
||||||
'PE_SAML_CONDITIONS_ERROR',
|
|
||||||
'PE_SAML_IDPSSOINITIATED_NOTALLOWED',
|
|
||||||
'PE_SAML_SLO_ERROR',
|
|
||||||
'PE_SAML_SIGNATURE_ERROR',
|
|
||||||
'PE_SAML_ART_ERROR',
|
|
||||||
'PE_SAML_SESSION_ERROR',
|
|
||||||
'PE_SAML_LOAD_SP_ERROR',
|
|
||||||
'PE_SAML_ATTR_ERROR',
|
|
||||||
'PE_OPENID_EMPTY',
|
|
||||||
'PE_OPENID_BADID',
|
|
||||||
'PE_MISSINGREQATTR',
|
|
||||||
'PE_BADPARTNER',
|
|
||||||
'PE_MAILCONFIRMATION_ALREADY_SENT',
|
|
||||||
'PE_PASSWORDFORMEMPTY',
|
|
||||||
'PE_CAS_SERVICE_NOT_ALLOWED',
|
|
||||||
'PE_MAILFIRSTACCESS',
|
|
||||||
'PE_MAILNOTFOUND',
|
|
||||||
'PE_PASSWORDFIRSTACCESS',
|
|
||||||
'PE_MAILCONFIRMOK',
|
|
||||||
'PE_RADIUSCONNECTFAILED',
|
|
||||||
'PE_MUST_SUPPLY_OLD_PASSWORD',
|
|
||||||
'PE_FORBIDDENIP',
|
|
||||||
'PE_CAPTCHAERROR',
|
|
||||||
'PE_CAPTCHAEMPTY',
|
|
||||||
'PE_REGISTERFIRSTACCESS',
|
|
||||||
'PE_REGISTERFORMEMPTY',
|
|
||||||
'PE_REGISTERALREADYEXISTS',
|
|
||||||
'PE_NOTOKEN',
|
|
||||||
'PE_TOKENEXPIRED',
|
|
||||||
'PE_U2FFAILED',
|
|
||||||
'PE_UNAUTHORIZEDPARTNER',
|
|
||||||
'PE_RENEWSESSION',
|
|
||||||
'PE_WAIT',
|
|
||||||
'PE_MUSTAUTHN',
|
|
||||||
'PE_MUSTHAVEMAIL',
|
|
||||||
'PE_SAML_SERVICE_NOT_ALLOWED',
|
|
||||||
'PE_OIDC_SERVICE_NOT_ALLOWED',
|
|
||||||
'PE_OID_SERVICE_NOT_ALLOWED',
|
|
||||||
'PE_GET_SERVICE_NOT_ALLOWED',
|
|
||||||
'PE_IMPERSONATION_SERVICE_NOT_ALLOWED',
|
|
||||||
'PE_ISSUERMISSINGREQATTR',
|
|
||||||
'PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED',
|
|
||||||
'PE_BADOTP',
|
|
||||||
'PE_RESETCERTIFICATE_INVALID',
|
|
||||||
'PE_RESETCERTIFICATE_FORMEMPTY',
|
|
||||||
'PE_RESETCERTIFICATE_FIRSTACCESS',
|
|
||||||
'PE_PP_NOT_ALLOWED_CHARACTER',
|
|
||||||
'PE_PP_NOT_ALLOWED_CHARACTERS',
|
|
||||||
'PE_UPGRADESESSION',
|
|
||||||
'PE_NO_SECOND_FACTORS',
|
|
||||||
'PE_BAD_DEVOPS_FILE',
|
|
||||||
'PE_FILENOTFOUND',
|
|
||||||
'PE_OIDC_AUTH_ERROR'
|
|
||||||
);
|
|
||||||
our %EXPORT_TAGS = ( 'all' => [ @EXPORT_OK, 'import' ], );
|
our %EXPORT_TAGS = ( 'all' => [ @EXPORT_OK, 'import' ], );
|
||||||
|
|
||||||
our @EXPORT = qw(import PE_OK);
|
our @EXPORT = qw(import PE_OK);
|
||||||
|
|
|
@ -15,6 +15,7 @@ has speChars => ( is => 'rw' );
|
||||||
has skinRules => ( is => 'rw' );
|
has skinRules => ( is => 'rw' );
|
||||||
has stayConnected => ( is => 'rw', default => sub { 0 } );
|
has stayConnected => ( is => 'rw', default => sub { 0 } );
|
||||||
has requireOldPwd => ( is => 'rw', default => sub { 1 } );
|
has requireOldPwd => ( is => 'rw', default => sub { 1 } );
|
||||||
|
has rememberAuthChoice => ( is => 'rw', default => sub { 0 } );
|
||||||
|
|
||||||
sub displayInit {
|
sub displayInit {
|
||||||
my ($self) = @_;
|
my ($self) = @_;
|
||||||
|
@ -49,6 +50,14 @@ sub displayInit {
|
||||||
}
|
}
|
||||||
$self->stayConnected($rule);
|
$self->stayConnected($rule);
|
||||||
|
|
||||||
|
$rule =
|
||||||
|
HANDLER->buildSub( HANDLER->substitute( $self->conf->{rememberAuthChoiceRule} ) );
|
||||||
|
unless ($rule) {
|
||||||
|
my $error = HANDLER->tsv->{jail}->error || 'Unable to compile rule';
|
||||||
|
$self->logger->error("Bad rememberAuthChoiceRule rule: $error");
|
||||||
|
}
|
||||||
|
$self->rememberAuthChoice($rule);
|
||||||
|
|
||||||
my $speChars =
|
my $speChars =
|
||||||
$self->conf->{passwordPolicySpecialChar} eq '__ALL__'
|
$self->conf->{passwordPolicySpecialChar} eq '__ALL__'
|
||||||
? ''
|
? ''
|
||||||
|
@ -412,6 +421,14 @@ sub display {
|
||||||
? ( STAYCONNECTED => 1 )
|
? ( STAYCONNECTED => 1 )
|
||||||
: ()
|
: ()
|
||||||
),
|
),
|
||||||
|
(
|
||||||
|
$self->rememberAuthChoice->( $req, $req->sessionInfo )
|
||||||
|
? ( REMEMBERAUTHCHOICE => 1 )
|
||||||
|
: ()
|
||||||
|
),
|
||||||
|
REMEMBERAUTHCHOICEDEFAULTCHECKED => $self->conf->{rememberDefaultChecked} || 0,
|
||||||
|
REMEMBERAUTHCHOICECOOKIENAME => $self->conf->{rememberCookieName} || 'llngrememberauthchoice',
|
||||||
|
REMEMBERAUTHCHOICETIMER => $self->conf->{rememberTimer} || 5,
|
||||||
(
|
(
|
||||||
$req->data->{customScript}
|
$req->data->{customScript}
|
||||||
? ( CUSTOM_SCRIPT => $req->data->{customScript} )
|
? ( CUSTOM_SCRIPT => $req->data->{customScript} )
|
||||||
|
|
|
@ -19,6 +19,7 @@ our @pList = (
|
||||||
portalStatus => '::Plugins::Status',
|
portalStatus => '::Plugins::Status',
|
||||||
cda => '::Plugins::CDA',
|
cda => '::Plugins::CDA',
|
||||||
notification => '::Plugins::Notifications',
|
notification => '::Plugins::Notifications',
|
||||||
|
rememberAuthChoiceRule => '::Plugins::RememberAuthChoice',
|
||||||
stayConnected => '::Plugins::StayConnected',
|
stayConnected => '::Plugins::StayConnected',
|
||||||
portalCheckLogins => '::Plugins::History',
|
portalCheckLogins => '::Plugins::History',
|
||||||
bruteForceProtection => '::Plugins::BruteForceProtection',
|
bruteForceProtection => '::Plugins::BruteForceProtection',
|
||||||
|
|
|
@ -0,0 +1,146 @@
|
||||||
|
# Plugin to remember which authentication method has been chosen,
|
||||||
|
# and laun it automatically
|
||||||
|
|
||||||
|
package Lemonldap::NG::Portal::Plugins::RememberAuthChoice;
|
||||||
|
|
||||||
|
use strict;
|
||||||
|
use Mouse;
|
||||||
|
use Lemonldap::NG::Portal::Main::Constants qw(
|
||||||
|
PE_OK
|
||||||
|
PE_SENDRESPONSE
|
||||||
|
);
|
||||||
|
|
||||||
|
our $VERSION = '2.0.15';
|
||||||
|
|
||||||
|
extends 'Lemonldap::NG::Portal::Main::Plugin';
|
||||||
|
|
||||||
|
# INTERFACE
|
||||||
|
|
||||||
|
use constant endAuth => 'storeRememberedAuthChoice';
|
||||||
|
use constant beforeAuth => 'checkRememberedAuthChoice';
|
||||||
|
|
||||||
|
has rule => ( is => 'rw', default => sub { 0 } );
|
||||||
|
|
||||||
|
has rememberDefaultChecked => (
|
||||||
|
is => 'rw',
|
||||||
|
lazy => 1,
|
||||||
|
default => sub {
|
||||||
|
$_[0]->conf->{rememberDefaultChecked} || 0;
|
||||||
|
}
|
||||||
|
);
|
||||||
|
|
||||||
|
has rememberTimer => (
|
||||||
|
is => 'rw',
|
||||||
|
lazy => 1,
|
||||||
|
default => sub {
|
||||||
|
$_[0]->conf->{rememberTimer} || 5;
|
||||||
|
}
|
||||||
|
);
|
||||||
|
|
||||||
|
has rememberCookieName => (
|
||||||
|
is => 'rw',
|
||||||
|
lazy => 1,
|
||||||
|
default => sub {
|
||||||
|
$_[0]->conf->{rememberCookieName} || 'llngrememberauthchoice';
|
||||||
|
}
|
||||||
|
);
|
||||||
|
|
||||||
|
# Default timeout: 1 year
|
||||||
|
has rememberCookieTimeout => (
|
||||||
|
is => 'rw',
|
||||||
|
lazy => 1,
|
||||||
|
default => sub {
|
||||||
|
$_[0]->conf->{rememberCookieTimeout} || 31536000;
|
||||||
|
}
|
||||||
|
);
|
||||||
|
|
||||||
|
|
||||||
|
sub init
|
||||||
|
{
|
||||||
|
my ($self) = @_;
|
||||||
|
|
||||||
|
# Parse activation rule
|
||||||
|
$self->rule(
|
||||||
|
$self->p->buildRule( $self->conf->{rememberAuthChoiceRule}, 'rememberAuthChoiceRule' ) );
|
||||||
|
return 0 unless $self->rule;
|
||||||
|
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
sub storeRememberedAuthChoice
|
||||||
|
{
|
||||||
|
my ( $self, $req ) = @_;
|
||||||
|
|
||||||
|
# Get directly authentication choice from sessionInfo
|
||||||
|
my $lmAuth = $req->sessionInfo->{_choice};
|
||||||
|
# Get rememberauthchoice tick from corresponding hash
|
||||||
|
# * req->pdata for Issuer auth modules (SAML, OIDC,...)
|
||||||
|
# * req->data for direct auth modules (LDAP)
|
||||||
|
my $rememberauthchoice = $req->pdata->{rememberauthchoice} ||
|
||||||
|
$req->data->{rememberauthchoice} ||
|
||||||
|
"";
|
||||||
|
|
||||||
|
if( $lmAuth )
|
||||||
|
{
|
||||||
|
|
||||||
|
# Store cookie to remember the authentication choice
|
||||||
|
if( $rememberauthchoice eq "true" )
|
||||||
|
{
|
||||||
|
$self->logger->warn("RememberAuthChoice: set cookie " .
|
||||||
|
$self->rememberCookieName .
|
||||||
|
" with authentication choice lmAuth=" .
|
||||||
|
$lmAuth
|
||||||
|
);
|
||||||
|
$req->addCookie(
|
||||||
|
$self->p->cookie(
|
||||||
|
name => $self->rememberCookieName,
|
||||||
|
value => $lmAuth,
|
||||||
|
max_age => $self->rememberCookieTimeout,
|
||||||
|
secure => $self->conf->{securedCookie},
|
||||||
|
HttpOnly => 0, # required for cookie to be read by js
|
||||||
|
)
|
||||||
|
);
|
||||||
|
}
|
||||||
|
# Remove cookie to forget previous authentication choice
|
||||||
|
else
|
||||||
|
{
|
||||||
|
|
||||||
|
$self->logger->warn("RememberAuthChoice: Remove cookie " .
|
||||||
|
$self->rememberCookieName );
|
||||||
|
|
||||||
|
$req->addCookie(
|
||||||
|
$self->p->cookie(
|
||||||
|
name => $self->rememberCookieName,
|
||||||
|
value => 0,
|
||||||
|
expires => 'Wed, 21 Oct 2015 00:00:00 GMT',
|
||||||
|
secure => $self->conf->{securedCookie},
|
||||||
|
)
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return PE_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
sub checkRememberedAuthChoice
|
||||||
|
{
|
||||||
|
my ( $self, $req ) = @_;
|
||||||
|
|
||||||
|
# Check if form has been sent with a rememberauthchoice tick
|
||||||
|
my $lmAuth = $req->param('lmAuth') || "" ;
|
||||||
|
my $rememberauthchoice = $req->param('rememberauthchoice') || "" ;
|
||||||
|
|
||||||
|
# If so, store rememberauthchoice tick for the endAuth endpoint
|
||||||
|
if( $lmAuth )
|
||||||
|
{
|
||||||
|
# For authentication method occurring in the same request
|
||||||
|
$req->data->{rememberauthchoice} = $rememberauthchoice;
|
||||||
|
# For authentication method occurring in a different request
|
||||||
|
$req->pdata->{rememberauthchoice} = $rememberauthchoice;
|
||||||
|
}
|
||||||
|
|
||||||
|
return PE_OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
1;
|
|
@ -216,3 +216,9 @@ div.input-group > p.form-control > label {
|
||||||
user-select: none;
|
user-select: none;
|
||||||
cursor: pointer;
|
cursor: pointer;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Hide "remember my authentication choice" timer */
|
||||||
|
div#remembertimer {
|
||||||
|
display: none;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
html,body{height:100%;background:radial-gradient(circle at 50% 0,#fff 0,#ddd 100%) no-repeat scroll 0 0 #ddd}#wrap{min-height:100%;height:auto;margin:0 auto -80px;padding:20px 0 80px}#footer{height:80px;background-color:#fff;background-color:rgba(255,255,255,0.9);text-align:center;padding-top:10px;overflow:hidden}#header img{background-color:#fff;background-color:rgba(255,255,255,0.8);margin-bottom:20px}.card,.navbar-light{background-color:#fff;background-color:rgba(255,255,255,0.9);background-image:none}.login,.password{text-align:center;padding:20px}div.form{margin:0 auto;max-width:330px}div.actions{margin:10px 0 0 0}div.actions a{margin-top:10px}div.actions button{margin-top:10px}.buttons{text-align:center;margin:10px 0 0 0;cursor:pointer}.btn{white-space:normal}.btn span.fa{padding-right:8px}li.ui-state-active{background-color:#fafafa;background-color:rgba(250,250,250,0.9)}#appslist,#password,#loginHistory,#logout,#oidcConsents{margin-top:20px}div.category{margin:10px 0;cursor:grab}div.application{margin:5px 0;overflow:hidden}div.application a,div.application a:hover{text-decoration:none}p.notifCheck label{margin-left:5px;margin-top:3px;display:inline-block}.notif div.form{margin 0 auto;max-width:1024px}.notif .h2,h2{font-size:1.6rem;font-weght:bold;text-align:center}.notif .h3,h3{margin-top:30px;margin-bottom:30px;font-size:1.2rem}.notif .card-title{font-size:1.7rem}img.langicon{cursor:pointer}button.idploop{max-width:300px}button.idploop img{max-height:30px}div.oidc_consent_message>ul{text-align:left;list-style:circle}@media(min-width:768px){div.application{height:80px}div.application h4.appname{margin:0}#wrap{margin:0 auto -60px}#footer{height:60px}}.hiddenFrame{border:0;display:hidden;margin:0}.noborder{border:0}.max{width:100%}.link{cursor:pointer}.nodecor:hover,.nodecor:active,.nodecor:focus{text-decoration:none}.fa.icon-blue{color:blue}.progress-bar-animated{width:100%}input.key{font-family:'password';width:100px}@font-face{font-family:'password';src:url(/static/common/fonts/password.ttf)}.info.table caption{color:black;text-align:center;caption-side:bottom}div.input-group>p.form-control{height:auto}div.input-group>p.form-control>label{display:revert;user-select:none;cursor:pointer}
|
html,body{height:100%;background:radial-gradient(circle at 50% 0,#fff 0,#ddd 100%) no-repeat scroll 0 0 #ddd}#wrap{min-height:100%;height:auto;margin:0 auto -80px;padding:20px 0 80px}#footer{height:80px;background-color:#fff;background-color:rgba(255,255,255,0.9);text-align:center;padding-top:10px;overflow:hidden}#header img{background-color:#fff;background-color:rgba(255,255,255,0.8);margin-bottom:20px}.card,.navbar-light{background-color:#fff;background-color:rgba(255,255,255,0.9);background-image:none}.login,.password{text-align:center;padding:20px}div.form{margin:0 auto;max-width:330px}div.actions{margin:10px 0 0 0}div.actions a{margin-top:10px}div.actions button{margin-top:10px}.buttons{text-align:center;margin:10px 0 0 0;cursor:pointer}.btn{white-space:normal}.btn span.fa{padding-right:8px}li.ui-state-active{background-color:#fafafa;background-color:rgba(250,250,250,0.9)}#appslist,#password,#loginHistory,#logout,#oidcConsents{margin-top:20px}div.category{margin:10px 0;cursor:grab}div.application{margin:5px 0;overflow:hidden}div.application a,div.application a:hover{text-decoration:none}p.notifCheck label{margin-left:5px;margin-top:3px;display:inline-block}.notif div.form{margin 0 auto;max-width:1024px}.notif .h2,h2{font-size:1.6rem;font-weght:bold;text-align:center}.notif .h3,h3{margin-top:30px;margin-bottom:30px;font-size:1.2rem}.notif .card-title{font-size:1.7rem}img.langicon{cursor:pointer}button.idploop{max-width:300px}button.idploop img{max-height:30px}div.oidc_consent_message>ul{text-align:left;list-style:circle}@media(min-width:768px){div.application{height:80px}div.application h4.appname{margin:0}#wrap{margin:0 auto -60px}#footer{height:60px}}.hiddenFrame{border:0;display:hidden;margin:0}.noborder{border:0}.max{width:100%}.link{cursor:pointer}.nodecor:hover,.nodecor:active,.nodecor:focus{text-decoration:none}.fa.icon-blue{color:blue}.progress-bar-animated{width:100%}input.key{font-family:'password';width:100px}@font-face{font-family:'password';src:url(/static/common/fonts/password.ttf)}.info.table caption{color:black;text-align:center;caption-side:bottom}div.input-group>p.form-control{height:auto}div.input-group>p.form-control>label{display:revert;user-select:none;cursor:pointer}div#remembertimer{display: none;}
|
||||||
|
|
|
@ -47,5 +47,78 @@ $(window).on("load", function() {
|
||||||
$('.nav-item').attr( "tabIndex", 0 );
|
$('.nav-item').attr( "tabIndex", 0 );
|
||||||
});
|
});
|
||||||
|
|
||||||
|
// tick all checkboxes remembering the authentication choice
|
||||||
|
// when global checkbox is clicked
|
||||||
|
$("#globalrememberauthchoice").change(function() {
|
||||||
|
var checked = this.checked;
|
||||||
|
$( 'input[name="rememberauthchoice"]' ).each(function() {
|
||||||
|
$( this ).val(checked);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
// if rememberStopped button has been clicked, stop the timer
|
||||||
|
// from lauching the previously remembered authentication
|
||||||
|
$("#buttonRememberStopped").click(function() {
|
||||||
|
var curval = $( "input#rememberStopped" ).val();
|
||||||
|
var newval;
|
||||||
|
if( curval != "stopped" )
|
||||||
|
{
|
||||||
|
newval = "stopped";
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
newval = "running";
|
||||||
|
window.setTimeout( launchAuthenticationChoice, 1000 );
|
||||||
|
}
|
||||||
|
// store the new value
|
||||||
|
$( "input#rememberStopped" ).val(newval);
|
||||||
|
});
|
||||||
|
|
||||||
|
// function running the previously remembered authentication choice
|
||||||
|
// when the timer is over
|
||||||
|
function launchAuthenticationChoice()
|
||||||
|
{
|
||||||
|
|
||||||
|
var timer = $( "div#remembertimer p span" ).text();
|
||||||
|
var isStopped = $( "input#rememberStopped" ).val();
|
||||||
|
|
||||||
|
if ( isStopped != "stopped" )
|
||||||
|
{
|
||||||
|
if ( timer > 0 )
|
||||||
|
{
|
||||||
|
timer--;
|
||||||
|
// display decremented timer in the appropriate html element
|
||||||
|
$( "div#remembertimer p span" ).text(timer);
|
||||||
|
// wait for another 1s
|
||||||
|
window.setTimeout( launchAuthenticationChoice, 1000 );
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
// launch authentication choice defined in cookie
|
||||||
|
var choiceform = "#" + $.cookie(rememberCookieName) + " form";
|
||||||
|
$( choiceform ).submit();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
// Check rememberauthchoice cookie
|
||||||
|
var rememberCookieName = $( "#rememberCookieName" ).val();
|
||||||
|
var errorCode = $( "#errormsg div span" ).attr("trmsg");
|
||||||
|
// if this is first access
|
||||||
|
if( errorCode == 9 )
|
||||||
|
{
|
||||||
|
// if there is a rememberauthchoice cookie
|
||||||
|
if ( ! ( typeof rememberCookieName === 'undefined' ) &&
|
||||||
|
! ( typeof $.cookie(rememberCookieName) === 'undefined' )
|
||||||
|
)
|
||||||
|
{
|
||||||
|
// show timer
|
||||||
|
$( "div#remembertimer" ).show();
|
||||||
|
// launch remembered authentication choice when timer reaches 0
|
||||||
|
window.setTimeout( launchAuthenticationChoice, 1000 );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
$(window).on("load",function(){$("div.message-positive").addClass("alert-success"),$("div.message-warning").addClass("alert-warning"),$("div.message-negative").addClass("alert-danger"),$("table.info").addClass("table"),$(".notifCheck").addClass("checkbox"),$('.collapse li[class!="dropdown"]').on("click",function(){$(".navbar-toggler").hasClass("collapsed")||$(".navbar-toggler").trigger("click")}),$("#authMenu .nav-link").on("click",function(a){window.datas.choicetab=a.target.hash.substr(1)}),$("#remove2fModal").on("show.bs.modal",function(a){var t=$(a.relatedTarget),e=t.attr("device"),n=t.attr("epoch"),i=$(this);i.find(".remove2f").attr("device",e),i.find(".remove2f").attr("epoch",n)}),$(".nav-item").click(function(){$(".nav-item").attr("tabIndex",0)}),$(".nav-item").focusin(function(){$(".nav-item").attr("tabIndex",0)}),$(".nav-item").focusout(function(){$(".nav-item").attr("tabIndex",0)})});
|
$(window).on("load",function(){function t(){var e=$("div#remembertimer p span").text();"stopped"!=$("input#rememberStopped").val()&&(0<e?(e--,$("div#remembertimer p span").text(e),window.setTimeout(t,1e3)):(e="#"+$.cookie(a)+" form",$(e).submit()))}$("div.message-positive").addClass("alert-success"),$("div.message-warning").addClass("alert-warning"),$("div.message-negative").addClass("alert-danger"),$("table.info").addClass("table"),$(".notifCheck").addClass("checkbox"),$('.collapse li[class!="dropdown"]').on("click",function(){$(".navbar-toggler").hasClass("collapsed")||$(".navbar-toggler").trigger("click")}),$("#authMenu .nav-link").on("click",function(e){window.datas.choicetab=e.target.hash.substr(1)}),$("#remove2fModal").on("show.bs.modal",function(e){var t=$(e.relatedTarget),a=t.attr("device"),e=t.attr("epoch"),t=$(this);t.find(".remove2f").attr("device",a),t.find(".remove2f").attr("epoch",e)}),$(".nav-item").click(function(){$(".nav-item").attr("tabIndex",0)}),$(".nav-item").focusin(function(){$(".nav-item").attr("tabIndex",0)}),$(".nav-item").focusout(function(){$(".nav-item").attr("tabIndex",0)}),$("#globalrememberauthchoice").change(function(){var e=this.checked;$('input[name="rememberauthchoice"]').each(function(){$(this).val(e)})}),$("#buttonRememberStopped").click(function(){var e;"stopped"!=$("input#rememberStopped").val()?e="stopped":(e="running",window.setTimeout(t,1e3)),$("input#rememberStopped").val(e)});var a=$("#rememberCookieName").val();9==$("#errormsg div span").attr("trmsg")&&void 0!==a&&void 0!==$.cookie(a)&&($("div#remembertimer").show(),window.setTimeout(t,1e3))});
|
|
@ -1 +1 @@
|
||||||
{"version":3,"sources":["skin.js"],"names":["$","window","on","addClass","hasClass","trigger","e","datas","choicetab","target","hash","substr","event","button","relatedTarget","device","attr","epoch","modal","this","find","click","focusin","focusout"],"mappings":"AAAAA,EAAEC,QAAQC,GAAG,OAAQ,WAGnBF,EAAE,wBAAwBG,SAAS,iBACnCH,EAAE,uBAAuBG,SAAS,iBAClCH,EAAE,wBAAwBG,SAAS,gBAEnCH,EAAE,cAAcG,SAAS,SAEzBH,EAAE,eAAeG,SAAS,YAG1BH,EAAE,mCAAmCE,GAAG,QAAS,WAC1CF,EAAE,mBAAmBI,SAAS,cACjCJ,EAAE,mBAAmBK,QAAQ,WAKjCL,EAAE,uBAAuBE,GAAG,QAAS,SAAUI,GAC3CL,OAAOM,MAAMC,UAAYF,EAAEG,OAAOC,KAAKC,OAAO,KAIlDX,EAAE,kBAAkBE,GAAG,gBAAiB,SAAUU,GAClD,IAAIC,EAASb,EAAEY,EAAME,eACjBC,EAASF,EAAOG,KAAK,UACrBC,EAAQJ,EAAOG,KAAK,SACpBE,EAAQlB,EAAEmB,MAGdD,EAAME,KAAK,aAAaJ,KAAK,SAAUD,GACvCG,EAAME,KAAK,aAAaJ,KAAK,QAASC,KAOtCjB,EAAE,aAAaqB,MAAM,WACnBrB,EAAE,aAAagB,KAAM,WAAY,KAEnChB,EAAE,aAAasB,QAAQ,WACrBtB,EAAE,aAAagB,KAAM,WAAY,KAEnChB,EAAE,aAAauB,SAAS,WACtBvB,EAAE,aAAagB,KAAM,WAAY"}
|
{"version":3,"sources":["skin.js"],"names":["$","window","on","launchAuthenticationChoice","timer","text","val","setTimeout","choiceform","cookie","rememberCookieName","submit","addClass","hasClass","trigger","e","datas","choicetab","target","hash","substr","event","button","relatedTarget","device","attr","epoch","modal","this","find","click","focusin","focusout","change","checked","each","newval","show"],"mappings":"AAAAA,EAAEC,QAAQC,GAAG,OAAQ,WA8EnB,SAASC,IAGL,IAAIC,EAAQJ,EAAG,4BAA6BK,OAG1B,WAFFL,EAAG,yBAA0BM,QAI5B,EAARF,GAEDA,IAEAJ,EAAG,4BAA6BK,KAAKD,GAErCH,OAAOM,WAAYJ,EAA4B,OAK3CK,EAAa,IAAMR,EAAES,OAAOC,GAAsB,QACtDV,EAAGQ,GAAaG,WA/F5BX,EAAE,wBAAwBY,SAAS,iBACnCZ,EAAE,uBAAuBY,SAAS,iBAClCZ,EAAE,wBAAwBY,SAAS,gBAEnCZ,EAAE,cAAcY,SAAS,SAEzBZ,EAAE,eAAeY,SAAS,YAG1BZ,EAAE,mCAAmCE,GAAG,QAAS,WAC1CF,EAAE,mBAAmBa,SAAS,cACjCb,EAAE,mBAAmBc,QAAQ,WAKjCd,EAAE,uBAAuBE,GAAG,QAAS,SAAUa,GAC3Cd,OAAOe,MAAMC,UAAYF,EAAEG,OAAOC,KAAKC,OAAO,KAIlDpB,EAAE,kBAAkBE,GAAG,gBAAiB,SAAUmB,GAClD,IAAIC,EAAStB,EAAEqB,EAAME,eACjBC,EAASF,EAAOG,KAAK,UACrBC,EAAQJ,EAAOG,KAAK,SACpBE,EAAQ3B,EAAE4B,MAGdD,EAAME,KAAK,aAAaJ,KAAK,SAAUD,GACvCG,EAAME,KAAK,aAAaJ,KAAK,QAASC,KAOtC1B,EAAE,aAAa8B,MAAM,WACnB9B,EAAE,aAAayB,KAAM,WAAY,KAEnCzB,EAAE,aAAa+B,QAAQ,WACrB/B,EAAE,aAAayB,KAAM,WAAY,KAEnCzB,EAAE,aAAagC,SAAS,WACtBhC,EAAE,aAAayB,KAAM,WAAY,KAKnCzB,EAAE,6BAA6BiC,OAAO,WAClC,IAAIC,EAAUN,KAAKM,QACnBlC,EAAG,oCAAqCmC,KAAK,WACzCnC,EAAG4B,MAAOtB,IAAI4B,OAMtBlC,EAAE,0BAA0B8B,MAAM,WAC9B,IACIM,EACU,WAFDpC,EAAG,yBAA0BM,MAItC8B,EAAS,WAITA,EAAS,UACTnC,OAAOM,WAAYJ,EAA4B,MAGnDH,EAAG,yBAA0BM,IAAI8B,KAiCrC,IAAI1B,EAAqBV,EAAG,uBAAwBM,MAGnC,GAFDN,EAAG,sBAAuByB,KAAK,eAKH,IAAvBf,QACiC,IAAjCV,EAAES,OAAOC,KAItBV,EAAG,qBAAsBqC,OAEzBpC,OAAOM,WAAYJ,EAA4B"}
|
|
@ -263,6 +263,7 @@
|
||||||
"register":"Register",
|
"register":"Register",
|
||||||
"registerRequestAlreadyIssued":"تم إصدار طلب تسجيل لهذا الحساب من قبل",
|
"registerRequestAlreadyIssued":"تم إصدار طلب تسجيل لهذا الحساب من قبل",
|
||||||
"rememberChoice":"تذكر اختياري",
|
"rememberChoice":"تذكر اختياري",
|
||||||
|
"rememberTimerLabel":"s before automatic authentication",
|
||||||
"remove2fWarning":"This operation cannot be undone",
|
"remove2fWarning":"This operation cannot be undone",
|
||||||
"removeOtherSessions":"إزالة الجلسات الأخرى",
|
"removeOtherSessions":"إزالة الجلسات الأخرى",
|
||||||
"renewSession":"Renew session",
|
"renewSession":"Renew session",
|
||||||
|
|
|
@ -263,6 +263,7 @@
|
||||||
"register":"Registrieren",
|
"register":"Registrieren",
|
||||||
"registerRequestAlreadyIssued":"Eine Registrierungsanforderung für dieses Konto wurde bereits gestellt am",
|
"registerRequestAlreadyIssued":"Eine Registrierungsanforderung für dieses Konto wurde bereits gestellt am",
|
||||||
"rememberChoice":"Meine Auswahl merken",
|
"rememberChoice":"Meine Auswahl merken",
|
||||||
|
"rememberTimerLabel":"s before automatic authentication",
|
||||||
"remove2fWarning":"This operation cannot be undone",
|
"remove2fWarning":"This operation cannot be undone",
|
||||||
"removeOtherSessions":"Andere Sitzungen löschen",
|
"removeOtherSessions":"Andere Sitzungen löschen",
|
||||||
"renewSession":"Renew session",
|
"renewSession":"Renew session",
|
||||||
|
|
|
@ -263,6 +263,7 @@
|
||||||
"register":"Register",
|
"register":"Register",
|
||||||
"registerRequestAlreadyIssued":"A register request for this account was already issued on ",
|
"registerRequestAlreadyIssued":"A register request for this account was already issued on ",
|
||||||
"rememberChoice":"Remember my choice",
|
"rememberChoice":"Remember my choice",
|
||||||
|
"rememberTimerLabel":"s before automatic authentication",
|
||||||
"remove2fWarning":"This operation cannot be undone",
|
"remove2fWarning":"This operation cannot be undone",
|
||||||
"removeOtherSessions":"Remove other sessions",
|
"removeOtherSessions":"Remove other sessions",
|
||||||
"renewSession":"Renew session",
|
"renewSession":"Renew session",
|
||||||
|
|
|
@ -263,6 +263,7 @@
|
||||||
"register":"Registrar",
|
"register":"Registrar",
|
||||||
"registerRequestAlreadyIssued":"Ya fue expedida una solicitud de registro para esta cuenta",
|
"registerRequestAlreadyIssued":"Ya fue expedida una solicitud de registro para esta cuenta",
|
||||||
"rememberChoice":"Recordar mi elección",
|
"rememberChoice":"Recordar mi elección",
|
||||||
|
"rememberTimerLabel":"s before automatic authentication",
|
||||||
"remove2fWarning":"This operation cannot be undone",
|
"remove2fWarning":"This operation cannot be undone",
|
||||||
"removeOtherSessions":"Suprimir las otras sesiones",
|
"removeOtherSessions":"Suprimir las otras sesiones",
|
||||||
"renewSession":"Renew session",
|
"renewSession":"Renew session",
|
||||||
|
|
|
@ -263,6 +263,7 @@
|
||||||
"register":"Rekisteröidy",
|
"register":"Rekisteröidy",
|
||||||
"registerRequestAlreadyIssued":"Tämän käyttäjätilin rekisteröintipyyntö lähetettiin jo laitteelta ",
|
"registerRequestAlreadyIssued":"Tämän käyttäjätilin rekisteröintipyyntö lähetettiin jo laitteelta ",
|
||||||
"rememberChoice":"Muista valintani",
|
"rememberChoice":"Muista valintani",
|
||||||
|
"rememberTimerLabel":"s before automatic authentication",
|
||||||
"remove2fWarning":"Tätä toimenpidettä ei voi perua",
|
"remove2fWarning":"Tätä toimenpidettä ei voi perua",
|
||||||
"removeOtherSessions":"Poista muut istunnot",
|
"removeOtherSessions":"Poista muut istunnot",
|
||||||
"renewSession":"Uudista istunto",
|
"renewSession":"Uudista istunto",
|
||||||
|
|
|
@ -263,6 +263,7 @@
|
||||||
"register":"Enregistrer",
|
"register":"Enregistrer",
|
||||||
"registerRequestAlreadyIssued":"Une demande de création pour ce compte a déjà été faite le ",
|
"registerRequestAlreadyIssued":"Une demande de création pour ce compte a déjà été faite le ",
|
||||||
"rememberChoice":"Se souvenir de mon choix",
|
"rememberChoice":"Se souvenir de mon choix",
|
||||||
|
"rememberTimerLabel":"s avant authentification automatique",
|
||||||
"remove2fWarning":"Cette action est définitive",
|
"remove2fWarning":"Cette action est définitive",
|
||||||
"removeOtherSessions":"Fermer les autres sessions",
|
"removeOtherSessions":"Fermer les autres sessions",
|
||||||
"renewSession":"Renouveller la session",
|
"renewSession":"Renouveller la session",
|
||||||
|
|
|
@ -263,6 +263,7 @@
|
||||||
"register":"הרשמה",
|
"register":"הרשמה",
|
||||||
"registerRequestAlreadyIssued":"כבר הוגשה בקשה לרישום החשבון הזה ב־",
|
"registerRequestAlreadyIssued":"כבר הוגשה בקשה לרישום החשבון הזה ב־",
|
||||||
"rememberChoice":"שמירת הבחירה שלי",
|
"rememberChoice":"שמירת הבחירה שלי",
|
||||||
|
"rememberTimerLabel":"s before automatic authentication",
|
||||||
"remove2fWarning":"פעולה זו אינה הפיכה",
|
"remove2fWarning":"פעולה זו אינה הפיכה",
|
||||||
"removeOtherSessions":"הסרת הפעלות אחרות",
|
"removeOtherSessions":"הסרת הפעלות אחרות",
|
||||||
"renewSession":"חידוש הפעלה",
|
"renewSession":"חידוש הפעלה",
|
||||||
|
|
|
@ -263,6 +263,7 @@
|
||||||
"register":"Registra",
|
"register":"Registra",
|
||||||
"registerRequestAlreadyIssued":"Una richiesta di registrazione per questo conto é già stata rilasciata il",
|
"registerRequestAlreadyIssued":"Una richiesta di registrazione per questo conto é già stata rilasciata il",
|
||||||
"rememberChoice":"Ricordarsi della mia scelta",
|
"rememberChoice":"Ricordarsi della mia scelta",
|
||||||
|
"rememberTimerLabel":"s before automatic authentication",
|
||||||
"remove2fWarning":"This operation cannot be undone",
|
"remove2fWarning":"This operation cannot be undone",
|
||||||
"removeOtherSessions":"Rimuovere altre sessioni",
|
"removeOtherSessions":"Rimuovere altre sessioni",
|
||||||
"renewSession":"Renew session",
|
"renewSession":"Renew session",
|
||||||
|
|
|
@ -263,6 +263,7 @@
|
||||||
"register":"Zarejestruj",
|
"register":"Zarejestruj",
|
||||||
"registerRequestAlreadyIssued":"Wniosek o rejestrację tego konta został już złożony w dniu ",
|
"registerRequestAlreadyIssued":"Wniosek o rejestrację tego konta został już złożony w dniu ",
|
||||||
"rememberChoice":"Zapamiętaj mój wybór",
|
"rememberChoice":"Zapamiętaj mój wybór",
|
||||||
|
"rememberTimerLabel":"s before automatic authentication",
|
||||||
"remove2fWarning":"Tej operacji nie można cofnąć",
|
"remove2fWarning":"Tej operacji nie można cofnąć",
|
||||||
"removeOtherSessions":"Usuń inne sesje",
|
"removeOtherSessions":"Usuń inne sesje",
|
||||||
"renewSession":"Odnów sesję",
|
"renewSession":"Odnów sesję",
|
||||||
|
|
|
@ -263,6 +263,7 @@
|
||||||
"register":"Registrar",
|
"register":"Registrar",
|
||||||
"registerRequestAlreadyIssued":"Um pedido de registro para esta conta já foi emitido em",
|
"registerRequestAlreadyIssued":"Um pedido de registro para esta conta já foi emitido em",
|
||||||
"rememberChoice":"Lembre-se da minha escolha",
|
"rememberChoice":"Lembre-se da minha escolha",
|
||||||
|
"rememberTimerLabel":"s before automatic authentication",
|
||||||
"remove2fWarning":"Esta operação não pode ser desfeita",
|
"remove2fWarning":"Esta operação não pode ser desfeita",
|
||||||
"removeOtherSessions":"Remover outras sessões",
|
"removeOtherSessions":"Remover outras sessões",
|
||||||
"renewSession":"Renovar sessão",
|
"renewSession":"Renovar sessão",
|
||||||
|
|
|
@ -263,6 +263,7 @@
|
||||||
"register":"Registrar",
|
"register":"Registrar",
|
||||||
"registerRequestAlreadyIssued":"Um pedido de registro para esta conta já foi emitido em",
|
"registerRequestAlreadyIssued":"Um pedido de registro para esta conta já foi emitido em",
|
||||||
"rememberChoice":"Lembre-se da minha escolha",
|
"rememberChoice":"Lembre-se da minha escolha",
|
||||||
|
"rememberTimerLabel":"s before automatic authentication",
|
||||||
"remove2fWarning":"Esta operação não pode ser desfeita",
|
"remove2fWarning":"Esta operação não pode ser desfeita",
|
||||||
"removeOtherSessions":"Remover outras sessões",
|
"removeOtherSessions":"Remover outras sessões",
|
||||||
"renewSession":"Renovar sessão",
|
"renewSession":"Renovar sessão",
|
||||||
|
|
|
@ -263,6 +263,7 @@
|
||||||
"register":"Kaydol",
|
"register":"Kaydol",
|
||||||
"registerRequestAlreadyIssued":"Bu hesap için kayıt olma isteği zaten şu tarihte alındı:",
|
"registerRequestAlreadyIssued":"Bu hesap için kayıt olma isteği zaten şu tarihte alındı:",
|
||||||
"rememberChoice":"Seçimimi hatırla",
|
"rememberChoice":"Seçimimi hatırla",
|
||||||
|
"rememberTimerLabel":"s before automatic authentication",
|
||||||
"remove2fWarning":"Bu işlem geri alınamaz",
|
"remove2fWarning":"Bu işlem geri alınamaz",
|
||||||
"removeOtherSessions":"Diğer oturumları sil",
|
"removeOtherSessions":"Diğer oturumları sil",
|
||||||
"renewSession":"Oturumu yenile",
|
"renewSession":"Oturumu yenile",
|
||||||
|
|
|
@ -263,6 +263,7 @@
|
||||||
"register":"Đăng ký",
|
"register":"Đăng ký",
|
||||||
"registerRequestAlreadyIssued":"Yêu cầu đăng ký cho tài khoản này đã được cấp phát",
|
"registerRequestAlreadyIssued":"Yêu cầu đăng ký cho tài khoản này đã được cấp phát",
|
||||||
"rememberChoice":"Hãy nhớ sự lựa chọn của tôi",
|
"rememberChoice":"Hãy nhớ sự lựa chọn của tôi",
|
||||||
|
"rememberTimerLabel":"s before automatic authentication",
|
||||||
"remove2fWarning":"This operation cannot be undone",
|
"remove2fWarning":"This operation cannot be undone",
|
||||||
"removeOtherSessions":"Xóa các phiên khác",
|
"removeOtherSessions":"Xóa các phiên khác",
|
||||||
"renewSession":"Renew session",
|
"renewSession":"Renew session",
|
||||||
|
|
|
@ -263,6 +263,7 @@
|
||||||
"register":"注册",
|
"register":"注册",
|
||||||
"registerRequestAlreadyIssued":"此账户已存在一个注册请求",
|
"registerRequestAlreadyIssued":"此账户已存在一个注册请求",
|
||||||
"rememberChoice":"记住我的选择",
|
"rememberChoice":"记住我的选择",
|
||||||
|
"rememberTimerLabel":"s before automatic authentication",
|
||||||
"remove2fWarning":"This operation cannot be undone",
|
"remove2fWarning":"This operation cannot be undone",
|
||||||
"removeOtherSessions":"移除其他会话",
|
"removeOtherSessions":"移除其他会话",
|
||||||
"renewSession":"更新工作階段",
|
"renewSession":"更新工作階段",
|
||||||
|
|
|
@ -263,6 +263,7 @@
|
||||||
"register":"註冊",
|
"register":"註冊",
|
||||||
"registerRequestAlreadyIssued":"此帳號的註冊請求已發出",
|
"registerRequestAlreadyIssued":"此帳號的註冊請求已發出",
|
||||||
"rememberChoice":"記住我的選擇",
|
"rememberChoice":"記住我的選擇",
|
||||||
|
"rememberTimerLabel":"s before automatic authentication",
|
||||||
"remove2fWarning":"This operation cannot be undone",
|
"remove2fWarning":"This operation cannot be undone",
|
||||||
"removeOtherSessions":"移除其他工作階段",
|
"removeOtherSessions":"移除其他工作階段",
|
||||||
"renewSession":"更新工作階段",
|
"renewSession":"更新工作階段",
|
||||||
|
|
|
@ -66,6 +66,12 @@
|
||||||
|
|
||||||
<TMPL_IF NAME="sslform">
|
<TMPL_IF NAME="sslform">
|
||||||
<TMPL_INCLUDE NAME="sslformChoice.tpl">
|
<TMPL_INCLUDE NAME="sslformChoice.tpl">
|
||||||
|
|
||||||
|
<!-- Remember my authentication choice for this module -->
|
||||||
|
<TMPL_IF NAME="REMEMBERAUTHCHOICE">
|
||||||
|
<input type="hidden" id="rememberauthchoice" name="rememberauthchoice" value="<TMPL_IF NAME="REMEMBERAUTHCHOICEDEFAULTCHECKED">true</TMPL_IF>" />
|
||||||
|
</TMPL_IF>
|
||||||
|
|
||||||
</TMPL_IF>
|
</TMPL_IF>
|
||||||
|
|
||||||
<TMPL_IF NAME="gpgform">
|
<TMPL_IF NAME="gpgform">
|
||||||
|
@ -92,6 +98,11 @@
|
||||||
|
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
<!-- Remember my authentication choice for this module -->
|
||||||
|
<TMPL_IF NAME="REMEMBERAUTHCHOICE">
|
||||||
|
<input type="hidden" id="rememberauthchoice" name="rememberauthchoice" value="<TMPL_IF NAME="REMEMBERAUTHCHOICEDEFAULTCHECKED">true</TMPL_IF>" />
|
||||||
|
</TMPL_IF>
|
||||||
|
|
||||||
</TMPL_IF>
|
</TMPL_IF>
|
||||||
|
|
||||||
</form>
|
</form>
|
||||||
|
@ -104,6 +115,30 @@
|
||||||
|
|
||||||
</div> <!-- end authMenu -->
|
</div> <!-- end authMenu -->
|
||||||
|
|
||||||
|
<TMPL_IF NAME="REMEMBERAUTHCHOICE">
|
||||||
|
<!-- Timer + stop button for triggering the remembered authentication choice -->
|
||||||
|
<div id="remembertimer" class="col-md-6 offset-md-3">
|
||||||
|
<p class="form-control">
|
||||||
|
<span><TMPL_VAR NAME="REMEMBERAUTHCHOICETIMER"></span>
|
||||||
|
<label id="rememberTimerLabel" trspan="rememberTimerLabel">s before automatic authentication</label>
|
||||||
|
<button id="buttonRememberStopped" class="btn"><i class="fa fa-stop-circle-o"></i> Stop</button>
|
||||||
|
<input id="rememberStopped" name="rememberStopped" type="hidden" value="">
|
||||||
|
</p>
|
||||||
|
</div>
|
||||||
|
<!-- Global checkbox for remembering the authentication choice for all modules -->
|
||||||
|
<div class="input-group col-md-6 offset-md-3">
|
||||||
|
<div class="input-group-prepend">
|
||||||
|
<div class="input-group-text">
|
||||||
|
<input type="checkbox" id="globalrememberauthchoice" name="globalrememberauthchoice" aria-describedby="globalrememberauthchoiceLabel" <TMPL_IF NAME="REMEMBERAUTHCHOICEDEFAULTCHECKED">checked</TMPL_IF> />
|
||||||
|
<input id="rememberCookieName" name="rememberCookieName" type="hidden" value="<TMPL_VAR NAME="REMEMBERAUTHCHOICECOOKIENAME">">
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<p class="form-control">
|
||||||
|
<label id="globalrememberauthchoiceLabel" for="globalrememberauthchoice" trspan="rememberChoice">Remember my choice</label>
|
||||||
|
</p>
|
||||||
|
</div>
|
||||||
|
</TMPL_IF>
|
||||||
|
|
||||||
</TMPL_IF>
|
</TMPL_IF>
|
||||||
|
|
||||||
<TMPL_IF NAME="DISPLAY_FORM">
|
<TMPL_IF NAME="DISPLAY_FORM">
|
||||||
|
|
|
@ -0,0 +1,74 @@
|
||||||
|
use Test::More;
|
||||||
|
use strict;
|
||||||
|
use IO::String;
|
||||||
|
|
||||||
|
require 't/test-lib.pm';
|
||||||
|
|
||||||
|
my $res;
|
||||||
|
my $maintests = 7;
|
||||||
|
|
||||||
|
my $client = LLNG::Manager::Test->new( {
|
||||||
|
ini => {
|
||||||
|
logLevel => 'error',
|
||||||
|
authentication => 'Choice',
|
||||||
|
userDB => 'Same',
|
||||||
|
passwordDB => 'Choice',
|
||||||
|
|
||||||
|
authChoiceParam => 'lmAuth',
|
||||||
|
authChoiceModules => {
|
||||||
|
slavechoice => 'Slave;Demo;Demo',
|
||||||
|
},
|
||||||
|
|
||||||
|
slaveUserHeader => 'userid',
|
||||||
|
slaveDisplayLogo => 1,
|
||||||
|
|
||||||
|
rememberAuthChoiceRule => 1,
|
||||||
|
rememberCookieName => "llngrememberauthchoice",
|
||||||
|
rememberCookieTimeout => 31536000,
|
||||||
|
rememberDefaultChecked => 0,
|
||||||
|
rememberTimer => 10,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
);
|
||||||
|
|
||||||
|
|
||||||
|
# Check web form
|
||||||
|
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get authentication portal' );
|
||||||
|
my @form = ( $res->[2]->[0] =~ m#<form.*?</form>#sg );
|
||||||
|
ok( @form == 1, 'Display 1 choice' ) or explain( scalar(@form), 1 );
|
||||||
|
expectForm( [ $res->[0], $res->[1], [ $form[0] ] ], undef, undef, 'lmAuth' );
|
||||||
|
ok( $form[0] =~ /input type="hidden" id="rememberauthchoice"/ );
|
||||||
|
|
||||||
|
# authentication with rememberauthchoice enabled
|
||||||
|
ok(
|
||||||
|
$res = $client->_get( '/',
|
||||||
|
'accept' => 'text/html',
|
||||||
|
'query' => 'lmAuth=slavechoice&rememberauthchoice=true',
|
||||||
|
'custom' => { 'HTTP_USERID' => 'dwho' }
|
||||||
|
),
|
||||||
|
'Auth query with rememberauthchoice enabled'
|
||||||
|
);
|
||||||
|
my $id = expectCookie( $res );
|
||||||
|
my $remember = expectCookie( $res, "llngrememberauthchoice" );
|
||||||
|
ok( $remember eq "slavechoice", 'Get cookie with authentication' );
|
||||||
|
|
||||||
|
$client->logout($id);
|
||||||
|
|
||||||
|
# authentication with rememberauthchoice disabled
|
||||||
|
ok(
|
||||||
|
$res = $client->_get( '/',
|
||||||
|
'accept' => 'text/html',
|
||||||
|
'query' => 'lmAuth=slavechoice&rememberauthchoice=false',
|
||||||
|
'custom' => { 'HTTP_USERID' => 'dwho' }
|
||||||
|
),
|
||||||
|
'Auth query with rememberauthchoice disabled'
|
||||||
|
);
|
||||||
|
$id = expectCookie( $res );
|
||||||
|
$remember = expectCookie( $res, "llngrememberauthchoice" );
|
||||||
|
ok( $remember eq "0", 'Get cookie removal' );
|
||||||
|
|
||||||
|
$client->logout($id);
|
||||||
|
|
||||||
|
count($maintests);
|
||||||
|
clean_sessions();
|
||||||
|
done_testing( count() );
|
Loading…
Reference in New Issue
Block a user