dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

#1386 - Store 2ndF devices in list2FDevices (array of json)

Browse Source
This commit is contained in:
Christophe Maudoux 2018-03-29 21:27:35 +02:00
parent b813698711
commit 961aea971a
9 changed files with 70 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lemonldap-ng-manager/site/coffee/2ndfa.coffee
View File

@ -285,8 +285,8 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location',
session[key] = $scope.localeDate value
else if key.match /^(_startTime|_updateTime)$/
session[key] = _stToStr value
else if key.match /^(_u2fKeyHandle|_u2fUserKey|_totp2fSecret)$/
session[key] = '##########'
#else if key.match /^(_u2fKeyHandle|_u2fUserKey|_totp2fSecret)$/
# session[key] = '##########'
res = []

4
lemonldap-ng-manager/site/coffee/sessions.coffee
View File

@ -196,8 +196,8 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location',
session[key] = $scope.localeDate value
else if key.match /^(_startTime|_updateTime)$/
session[key] = _stToStr value
else if key.match /^(_u2fKeyHandle|_u2fUserKey|_totp2fSecret)$/
session[key] = '##########'
#else if key.match /^(_u2fKeyHandle|_u2fUserKey|_totp2fSecret)$/
# session[key] = '##########'
res = []
# 2. Push session keys in result, grouped by categories

2
lemonldap-ng-manager/site/htdocs/static/js/2ndfa.js
View File

@ -320,8 +320,6 @@
session[key] = $scope.localeDate(value);
} else if (key.match(/^(_startTime|_updateTime)$/)) {
session[key] = _stToStr(value);
} else if (key.match(/^(_u2fKeyHandle|_u2fUserKey|_totp2fSecret)$/)) {
session[key] = '##########';
}
}
}

2
lemonldap-ng-manager/site/htdocs/static/js/2ndfa.min.js vendored
View File

File diff suppressed because one or more lines are too long

2
lemonldap-ng-manager/site/htdocs/static/js/sessions.js
View File

@ -227,8 +227,6 @@
session[key] = $scope.localeDate(value);
} else if (key.match(/^(_startTime|_updateTime)$/)) {
session[key] = _stToStr(value);
} else if (key.match(/^(_u2fKeyHandle|_u2fUserKey|_totp2fSecret)$/)) {
session[key] = '##########';
}
}
}

2
lemonldap-ng-manager/site/htdocs/static/js/sessions.min.js vendored
View File

File diff suppressed because one or more lines are too long

12
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/TOTP.pm
View File

@ -3,6 +3,7 @@ package Lemonldap::NG::Portal::2F::Register::TOTP;
use strict;
use Mouse;
use JSON qw(from_json to_json);
our $VERSION = '2.0.0';
@ -89,6 +90,17 @@ sub run {
# Now code is verified, let's store the master key in persistent data
$self->p->updatePersistentSession( $req,
{ _totp2fSecret => $token->{_totp2fSecret} } );
my $list2FDevices = eval { from_json($req->userData->{list2FDevices}, { allow_nonref => 1 } ) };
unless ($list2FDevices) {
$self->logger->debug("No 2F Device found");
$list2FDevices = [];
};
push $list2FDevices, { type => 'totp', name => 'TOTP_1', _secret => $token->{_totp2fSecret}, epoch => time() };
$self->logger->debug("Append 2F Device : { type => 'totp', name => 'TOTP1' }");
$self->p->updatePersistentSession( $req,
{ list2FDevices => to_json($list2FDevices) } );
$self->userLogger->notice('TOTP registration succeed');
return [ 200, [ 'Content-Type' => 'application/json' ],
['{"result":1}'] ];

30
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/U2F.pm
View File

@ -3,6 +3,8 @@ package Lemonldap::NG::Portal::2F::Register::U2F;
use strict;
use Mouse;
use JSON qw(from_json to_json);
our $VERSION = '2.0.0';
@ -61,6 +63,34 @@ sub run {
if ( $c->setChallenge($challenge) ) {
my ( $keyHandle, $userKey ) = $c->registrationVerify($resp);
if ( $keyHandle and $userKey ) {
my $list2FDevices = eval { from_json($req->userData->{list2FDevices}, { allow_nonref => 1 } ) };
unless ($list2FDevices) {
$self->logger->debug("No 2F Device found");
$list2FDevices = [];
};
push $list2FDevices, { type => 'U2F', name => 'U2F_1', _userKey => $self->encode_base64url($userKey, ''), _keyHandle => $keyHandle, epoch => time() };
$self->logger->debug("Append 2F Device : { type => 'U2F', name => 'U2F_1' }" );
$self->p->updatePersistentSession( $req,
{ list2FDevices => to_json($list2FDevices) } );
$self->p->updatePersistentSession(
$req,
{

24
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/Yubikey.pm
View File

@ -2,6 +2,7 @@ package Lemonldap::NG::Portal::2F::Register::Yubikey;
use strict;
use Mouse;
use JSON qw(from_json to_json);
use Lemonldap::NG::Portal::Main::Constants qw(
PE_FORMEMPTY
PE_ERROR
@ -17,7 +18,7 @@ has prefix => ( is => 'rw', default => 'yubikey' );
has template => ( is => 'ro', default => 'yubikey2fregister' );
has logo => ( is => 'rw', default => 'u2f.png' );
has logo => ( is => 'rw', default => 'yubikey.png' );
sub init {
my ($self) = @_;
@ -32,10 +33,29 @@ sub run {
my ( $self, $req, $action ) = @_;
if ( $action eq 'register' ) {
my $otp = $req->param('otp');
if ( $otp and length($otp) > 12 ) {
if ( $otp and length($otp) > $self->conf->{yubikey2fPublicIDSize} ) {
my $keys = $req->userData->{_yubikeys} || '';
$keys .= ( $keys ? ', ' : '' )
. substr( $otp, 0, $self->conf->{yubikey2fPublicIDSize} );
my $key = substr( $otp, 0, $self->conf->{yubikey2fPublicIDSize} );
my $list2FDevices = eval { from_json($req->userData->{list2FDevices}, { allow_nonref => 1 } ) };
unless ($list2FDevices) {
$self->logger->debug("No 2F Device found");
$list2FDevices = [];
};
push $list2FDevices, { type => 'UBK', name => 'UBK_1', _yubikey => $key, epoch => time() };
$self->logger->debug("Append 2F Device : { type => 'UBK', name => 'UBK_1' }" );
$self->p->updatePersistentSession( $req,
{ list2FDevices => to_json($list2FDevices) } );
$self->p->updatePersistentSession( $req, { _yubikeys => $keys } );
return $self->p->sendHtml(
$req, 'error',