#1386 - Store 2ndF devices in list2FDevices (array of json)
This commit is contained in:
parent
b813698711
commit
961aea971a
|
@ -285,8 +285,8 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location',
|
||||||
session[key] = $scope.localeDate value
|
session[key] = $scope.localeDate value
|
||||||
else if key.match /^(_startTime|_updateTime)$/
|
else if key.match /^(_startTime|_updateTime)$/
|
||||||
session[key] = _stToStr value
|
session[key] = _stToStr value
|
||||||
else if key.match /^(_u2fKeyHandle|_u2fUserKey|_totp2fSecret)$/
|
#else if key.match /^(_u2fKeyHandle|_u2fUserKey|_totp2fSecret)$/
|
||||||
session[key] = '##########'
|
# session[key] = '##########'
|
||||||
|
|
||||||
res = []
|
res = []
|
||||||
|
|
||||||
|
|
|
@ -196,8 +196,8 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location',
|
||||||
session[key] = $scope.localeDate value
|
session[key] = $scope.localeDate value
|
||||||
else if key.match /^(_startTime|_updateTime)$/
|
else if key.match /^(_startTime|_updateTime)$/
|
||||||
session[key] = _stToStr value
|
session[key] = _stToStr value
|
||||||
else if key.match /^(_u2fKeyHandle|_u2fUserKey|_totp2fSecret)$/
|
#else if key.match /^(_u2fKeyHandle|_u2fUserKey|_totp2fSecret)$/
|
||||||
session[key] = '##########'
|
# session[key] = '##########'
|
||||||
res = []
|
res = []
|
||||||
|
|
||||||
# 2. Push session keys in result, grouped by categories
|
# 2. Push session keys in result, grouped by categories
|
||||||
|
|
|
@ -320,8 +320,6 @@
|
||||||
session[key] = $scope.localeDate(value);
|
session[key] = $scope.localeDate(value);
|
||||||
} else if (key.match(/^(_startTime|_updateTime)$/)) {
|
} else if (key.match(/^(_startTime|_updateTime)$/)) {
|
||||||
session[key] = _stToStr(value);
|
session[key] = _stToStr(value);
|
||||||
} else if (key.match(/^(_u2fKeyHandle|_u2fUserKey|_totp2fSecret)$/)) {
|
|
||||||
session[key] = '##########';
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
File diff suppressed because one or more lines are too long
|
@ -227,8 +227,6 @@
|
||||||
session[key] = $scope.localeDate(value);
|
session[key] = $scope.localeDate(value);
|
||||||
} else if (key.match(/^(_startTime|_updateTime)$/)) {
|
} else if (key.match(/^(_startTime|_updateTime)$/)) {
|
||||||
session[key] = _stToStr(value);
|
session[key] = _stToStr(value);
|
||||||
} else if (key.match(/^(_u2fKeyHandle|_u2fUserKey|_totp2fSecret)$/)) {
|
|
||||||
session[key] = '##########';
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
File diff suppressed because one or more lines are too long
|
@ -3,6 +3,7 @@ package Lemonldap::NG::Portal::2F::Register::TOTP;
|
||||||
|
|
||||||
use strict;
|
use strict;
|
||||||
use Mouse;
|
use Mouse;
|
||||||
|
use JSON qw(from_json to_json);
|
||||||
|
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.0.0';
|
||||||
|
|
||||||
|
@ -89,6 +90,17 @@ sub run {
|
||||||
# Now code is verified, let's store the master key in persistent data
|
# Now code is verified, let's store the master key in persistent data
|
||||||
$self->p->updatePersistentSession( $req,
|
$self->p->updatePersistentSession( $req,
|
||||||
{ _totp2fSecret => $token->{_totp2fSecret} } );
|
{ _totp2fSecret => $token->{_totp2fSecret} } );
|
||||||
|
|
||||||
|
my $list2FDevices = eval { from_json($req->userData->{list2FDevices}, { allow_nonref => 1 } ) };
|
||||||
|
unless ($list2FDevices) {
|
||||||
|
$self->logger->debug("No 2F Device found");
|
||||||
|
$list2FDevices = [];
|
||||||
|
};
|
||||||
|
push $list2FDevices, { type => 'totp', name => 'TOTP_1', _secret => $token->{_totp2fSecret}, epoch => time() };
|
||||||
|
$self->logger->debug("Append 2F Device : { type => 'totp', name => 'TOTP1' }");
|
||||||
|
$self->p->updatePersistentSession( $req,
|
||||||
|
{ list2FDevices => to_json($list2FDevices) } );
|
||||||
|
|
||||||
$self->userLogger->notice('TOTP registration succeed');
|
$self->userLogger->notice('TOTP registration succeed');
|
||||||
return [ 200, [ 'Content-Type' => 'application/json' ],
|
return [ 200, [ 'Content-Type' => 'application/json' ],
|
||||||
['{"result":1}'] ];
|
['{"result":1}'] ];
|
||||||
|
|
|
@ -3,6 +3,8 @@ package Lemonldap::NG::Portal::2F::Register::U2F;
|
||||||
|
|
||||||
use strict;
|
use strict;
|
||||||
use Mouse;
|
use Mouse;
|
||||||
|
use JSON qw(from_json to_json);
|
||||||
|
|
||||||
|
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.0.0';
|
||||||
|
|
||||||
|
@ -61,6 +63,34 @@ sub run {
|
||||||
if ( $c->setChallenge($challenge) ) {
|
if ( $c->setChallenge($challenge) ) {
|
||||||
my ( $keyHandle, $userKey ) = $c->registrationVerify($resp);
|
my ( $keyHandle, $userKey ) = $c->registrationVerify($resp);
|
||||||
if ( $keyHandle and $userKey ) {
|
if ( $keyHandle and $userKey ) {
|
||||||
|
|
||||||
|
my $list2FDevices = eval { from_json($req->userData->{list2FDevices}, { allow_nonref => 1 } ) };
|
||||||
|
unless ($list2FDevices) {
|
||||||
|
$self->logger->debug("No 2F Device found");
|
||||||
|
$list2FDevices = [];
|
||||||
|
};
|
||||||
|
push $list2FDevices, { type => 'U2F', name => 'U2F_1', _userKey => $self->encode_base64url($userKey, ''), _keyHandle => $keyHandle, epoch => time() };
|
||||||
|
$self->logger->debug("Append 2F Device : { type => 'U2F', name => 'U2F_1' }" );
|
||||||
|
$self->p->updatePersistentSession( $req,
|
||||||
|
{ list2FDevices => to_json($list2FDevices) } );
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
$self->p->updatePersistentSession(
|
$self->p->updatePersistentSession(
|
||||||
$req,
|
$req,
|
||||||
{
|
{
|
||||||
|
|
|
@ -2,6 +2,7 @@ package Lemonldap::NG::Portal::2F::Register::Yubikey;
|
||||||
|
|
||||||
use strict;
|
use strict;
|
||||||
use Mouse;
|
use Mouse;
|
||||||
|
use JSON qw(from_json to_json);
|
||||||
use Lemonldap::NG::Portal::Main::Constants qw(
|
use Lemonldap::NG::Portal::Main::Constants qw(
|
||||||
PE_FORMEMPTY
|
PE_FORMEMPTY
|
||||||
PE_ERROR
|
PE_ERROR
|
||||||
|
@ -17,7 +18,7 @@ has prefix => ( is => 'rw', default => 'yubikey' );
|
||||||
|
|
||||||
has template => ( is => 'ro', default => 'yubikey2fregister' );
|
has template => ( is => 'ro', default => 'yubikey2fregister' );
|
||||||
|
|
||||||
has logo => ( is => 'rw', default => 'u2f.png' );
|
has logo => ( is => 'rw', default => 'yubikey.png' );
|
||||||
|
|
||||||
sub init {
|
sub init {
|
||||||
my ($self) = @_;
|
my ($self) = @_;
|
||||||
|
@ -32,10 +33,29 @@ sub run {
|
||||||
my ( $self, $req, $action ) = @_;
|
my ( $self, $req, $action ) = @_;
|
||||||
if ( $action eq 'register' ) {
|
if ( $action eq 'register' ) {
|
||||||
my $otp = $req->param('otp');
|
my $otp = $req->param('otp');
|
||||||
if ( $otp and length($otp) > 12 ) {
|
if ( $otp and length($otp) > $self->conf->{yubikey2fPublicIDSize} ) {
|
||||||
my $keys = $req->userData->{_yubikeys} || '';
|
my $keys = $req->userData->{_yubikeys} || '';
|
||||||
$keys .= ( $keys ? ', ' : '' )
|
$keys .= ( $keys ? ', ' : '' )
|
||||||
. substr( $otp, 0, $self->conf->{yubikey2fPublicIDSize} );
|
. substr( $otp, 0, $self->conf->{yubikey2fPublicIDSize} );
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
my $key = substr( $otp, 0, $self->conf->{yubikey2fPublicIDSize} );
|
||||||
|
my $list2FDevices = eval { from_json($req->userData->{list2FDevices}, { allow_nonref => 1 } ) };
|
||||||
|
unless ($list2FDevices) {
|
||||||
|
$self->logger->debug("No 2F Device found");
|
||||||
|
$list2FDevices = [];
|
||||||
|
};
|
||||||
|
push $list2FDevices, { type => 'UBK', name => 'UBK_1', _yubikey => $key, epoch => time() };
|
||||||
|
$self->logger->debug("Append 2F Device : { type => 'UBK', name => 'UBK_1' }" );
|
||||||
|
$self->p->updatePersistentSession( $req,
|
||||||
|
{ list2FDevices => to_json($list2FDevices) } );
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
$self->p->updatePersistentSession( $req, { _yubikeys => $keys } );
|
$self->p->updatePersistentSession( $req, { _yubikeys => $keys } );
|
||||||
return $self->p->sendHtml(
|
return $self->p->sendHtml(
|
||||||
$req, 'error',
|
$req, 'error',
|
||||||
|
|
Loading…
Reference in New Issue
Block a user