Append options to use Notifications plugin & set notification reference (#1796)
This commit is contained in:
Christophe Maudoux
parent
8b488e4d51
commit
9fa11709e6
|
|
@ -24,7 +24,7 @@ use constant MANAGERSECTION => "manager";
|
|||
use constant SESSIONSEXPLORERSECTION => "sessionsExplorer";
|
||||
use constant APPLYSECTION => "apply";
|
||||
our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|facebook|webID)ExportedVa|exported(?:Heade|Va)|issuerDBGetParamete)r|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|macro)s|o(?:idc(?:RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node)|S(?:erviceMetaDataAuthnContext|torageOptions))|penIdExportedVars)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars)|c(?:as(?:S(?:rvMetaData(?:(?:ExportedVar|Option)s|Node)|torageOptions)|A(?:ppMetaData(?:(?:ExportedVar|Option)s|Node)|ttributes))|(?:ustomAddParam|ombModule)s)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|a(?:ut(?:hChoiceMod|oSigninR)ules|pplicationList)|v(?:hostOptions|irtualHost)|S(?:MTPTLSOpts|SLVarIf))$/;
|
||||
our $boolKeys = qr/^(?:s(?:aml(?:IDP(?:MetaDataOptions(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|IsPassiv)e|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Force(?:Authn|UTF8)|StoreSAMLToken|RelayStateURL)|SSODescriptorWantAuthnRequestsSigned)|S(?:P(?:MetaDataOptions(?:(?:CheckS[LS]OMessageSignatur|OneTimeUs)e|EnableIDPInitiatedURL|ForceUTF8)|SSODescriptor(?:WantAssertion|AuthnRequest)sSigned)|erviceUseCertificateInResponse)|DiscoveryProtocol(?:Activation|IsPassive)|CommonDomainCookieActivation|UseQueryStringSpecific|MetadataForceUTF8)|ingle(?:Session(?:UserByIP)?|(?:UserBy)?IP)|oap(?:Session|Config)Server|t(?:ayConnecte|orePasswor)d|kipRenewConfirmation|howLanguages|slByAjax)|o(?:idc(?:ServiceAllow(?:(?:AuthorizationCode|Implicit|Hybrid)Flow|DynamicRegistration)|RPMetaDataOptions(?:LogoutSessionRequired|BypassConsent|RequirePKCE|Public)|OPMetaDataOptions(?:(?:CheckJWTSignatur|UseNonc)e|StoreIDToken))|ldNotifFormat)|p(?:ortal(?:ErrorOn(?:ExpiredSession|MailNotFound)|DisplayRe(?:setPassword|gister)|(?:CheckLogin|Statu)s|OpenLinkInNewWindow|RequireOldPassword|ForceAuthn|AntiFrame)|roxyUseSoap)|l(?:dap(?:(?:Group(?:DecodeSearchedValu|Recursiv)|UsePasswordResetAttribut)e|(?:AllowResetExpired|Set)Password|ChangePasswordAsUser|PpolicyControl)|oginHistoryEnabled)|c(?:a(?:ptcha_(?:register|login|mail)_enabled|sSrvMetaDataOptions(?:Gateway|Renew))|heck(?:User(?:Display(?:PersistentInfo|EmptyValues))?|State|XSS)|orsEnabled|da)|i(?:ssuerDB(?:OpenID(?:Connect)?|SAML|CAS|Get)Activation|mpersonationSkipEmptyValues)|to(?:tp2f(?:UserCan(?:Chang|Remov)eKey|DisplayExistingSecret)|kenUseGlobalStorage)|u(?:se(?:RedirectOn(?:Forbidden|Error)|SafeJail)|2fUserCanRemoveKey|pgradeSession)|no(?:tif(?:ication(?:Server)?|y(?:Deleted|Other))|AjaxHook)|(?:mai(?:lOnPasswordChang|ntenanc)|vhostMaintenanc)e|rest(?:(?:Session|Config)Server|ExportSecretKeys)|h(?:ideOldPassword|ttpOnly)|yubikey2fUserCanRemoveKey|(?:activeTim|wsdlServ)er|krb(?:RemoveDomain|ByJs)|dbiDynamicHashEnabled|bruteForceProtection)$/;
|
||||
our $boolKeys = qr/^(?:s(?:aml(?:IDP(?:MetaDataOptions(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|IsPassiv)e|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Force(?:Authn|UTF8)|StoreSAMLToken|RelayStateURL)|SSODescriptorWantAuthnRequestsSigned)|S(?:P(?:MetaDataOptions(?:(?:CheckS[LS]OMessageSignatur|OneTimeUs)e|EnableIDPInitiatedURL|ForceUTF8)|SSODescriptor(?:WantAssertion|AuthnRequest)sSigned)|erviceUseCertificateInResponse)|DiscoveryProtocol(?:Activation|IsPassive)|CommonDomainCookieActivation|UseQueryStringSpecific|MetadataForceUTF8)|ingle(?:Session(?:UserByIP)?|(?:UserBy)?IP)|oap(?:Session|Config)Server|t(?:ayConnecte|orePasswor)d|kipRenewConfirmation|fRemovedUseNotif|howLanguages|slByAjax)|o(?:idc(?:ServiceAllow(?:(?:AuthorizationCode|Implicit|Hybrid)Flow|DynamicRegistration)|RPMetaDataOptions(?:LogoutSessionRequired|BypassConsent|RequirePKCE|Public)|OPMetaDataOptions(?:(?:CheckJWTSignatur|UseNonc)e|StoreIDToken))|ldNotifFormat)|p(?:ortal(?:ErrorOn(?:ExpiredSession|MailNotFound)|DisplayRe(?:setPassword|gister)|(?:CheckLogin|Statu)s|OpenLinkInNewWindow|RequireOldPassword|ForceAuthn|AntiFrame)|roxyUseSoap)|l(?:dap(?:(?:Group(?:DecodeSearchedValu|Recursiv)|UsePasswordResetAttribut)e|(?:AllowResetExpired|Set)Password|ChangePasswordAsUser|PpolicyControl)|oginHistoryEnabled)|c(?:a(?:ptcha_(?:register|login|mail)_enabled|sSrvMetaDataOptions(?:Gateway|Renew))|heck(?:User(?:Display(?:PersistentInfo|EmptyValues))?|State|XSS)|orsEnabled|da)|i(?:ssuerDB(?:OpenID(?:Connect)?|SAML|CAS|Get)Activation|mpersonationSkipEmptyValues)|to(?:tp2f(?:UserCan(?:Chang|Remov)eKey|DisplayExistingSecret)|kenUseGlobalStorage)|u(?:se(?:RedirectOn(?:Forbidden|Error)|SafeJail)|2fUserCanRemoveKey|pgradeSession)|no(?:tif(?:ication(?:Server)?|y(?:Deleted|Other))|AjaxHook)|(?:mai(?:lOnPasswordChang|ntenanc)|vhostMaintenanc)e|rest(?:(?:Session|Config)Server|ExportSecretKeys)|h(?:ideOldPassword|ttpOnly)|yubikey2fUserCanRemoveKey|(?:activeTim|wsdlServ)er|krb(?:RemoveDomain|ByJs)|dbiDynamicHashEnabled|bruteForceProtection)$/;
|
||||
|
||||
our @sessionTypes = ( 'remoteGlobal', 'global', 'localSession', 'persistent', 'saml', 'oidc', 'cas' );
|
||||
|
||||
|
|
|
|||
|
|
@ -277,9 +277,10 @@ sub defaultValues {
|
|||
'samlSPSSODescriptorWantAssertionsSigned' => 1,
|
||||
'securedCookie' => 0,
|
||||
'sfEngine' => '::2F::Engines::Default',
|
||||
'sfRemovedMsgRule' => 0,
|
||||
'sfRemovedNotifMsg' =>
|
||||
'_removedSF_ expired second factor(s) has/have been removed!',
|
||||
'sfRemovedNotifRule' => 0,
|
||||
'sfRemovedNotifRef' => 'RemoveSF',
|
||||
'sfRemovedNotifTitle' => 'Second factor notification',
|
||||
'sfRequired' => 0,
|
||||
'showLanguages' => 1,
|
||||
|
|
|
|||
|
|
@ -3186,19 +3186,27 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
|
|||
'default' => '::2F::Engines::Default',
|
||||
'type' => 'text'
|
||||
},
|
||||
'sfRemovedMsgRule' => {
|
||||
'default' => 0,
|
||||
'type' => 'boolOrExpr'
|
||||
},
|
||||
'sfRemovedNotifMsg' => {
|
||||
'default' =>
|
||||
'_removedSF_ expired second factor(s) has/have been removed!',
|
||||
'type' => 'text'
|
||||
},
|
||||
'sfRemovedNotifRule' => {
|
||||
'default' => 0,
|
||||
'type' => 'boolOrExpr'
|
||||
'sfRemovedNotifRef' => {
|
||||
'default' => 'RemoveSF',
|
||||
'type' => 'text'
|
||||
},
|
||||
'sfRemovedNotifTitle' => {
|
||||
'default' => 'Second factor notification',
|
||||
'type' => 'text'
|
||||
},
|
||||
'sfRemovedUseNotif' => {
|
||||
'default' => 0,
|
||||
'type' => 'bool'
|
||||
},
|
||||
'sfRequired' => {
|
||||
'default' => 0,
|
||||
'type' => 'boolOrExpr'
|
||||
|
|
|
|||
|
|
@ -2575,21 +2575,34 @@ sub attributes {
|
|||
help => 'secondfactor.html',
|
||||
documentation => 'Second factor required',
|
||||
},
|
||||
sfRemovedNotifRule => {
|
||||
type => 'boolOrExpr',
|
||||
default => 0,
|
||||
help => 'secondfactor.html',
|
||||
documentation => 'Display a message if at leat one expired SF has been removed',
|
||||
sfRemovedMsgRule => {
|
||||
type => 'boolOrExpr',
|
||||
default => 0,
|
||||
help => 'secondfactor.html',
|
||||
documentation =>
|
||||
'Display a message if at leat one expired SF has been removed',
|
||||
},
|
||||
sfRemovedUseNotif => {
|
||||
default => 0,
|
||||
type => 'bool',
|
||||
documentation => 'Use Notifications plugin to display message',
|
||||
},
|
||||
sfRemovedNotifRef => {
|
||||
type => 'text',
|
||||
default => 'RemoveSF',
|
||||
help => 'secondfactor.html',
|
||||
documentation => 'Notification reference',
|
||||
},
|
||||
sfRemovedNotifTitle => {
|
||||
type => 'text',
|
||||
default => 'Second factor notification',
|
||||
help => 'secondfactor.html',
|
||||
documentation => 'Notification title',
|
||||
type => 'text',
|
||||
default => 'Second factor notification',
|
||||
help => 'secondfactor.html',
|
||||
documentation => 'Notification title',
|
||||
},
|
||||
sfRemovedNotifMsg => {
|
||||
type => 'text',
|
||||
default => '_removedSF_ expired second factor(s) has/have been removed!',
|
||||
type => 'text',
|
||||
default =>
|
||||
'_removedSF_ expired second factor(s) has/have been removed!',
|
||||
help => 'secondfactor.html',
|
||||
documentation => 'Notification message',
|
||||
},
|
||||
|
|
|
|||
|
|
@ -756,7 +756,8 @@ sub tree {
|
|||
help => 'secondfactor.html',
|
||||
form => 'simpleInputContainer',
|
||||
nodes => [
|
||||
'sfRemovedNotifRule', 'sfRemovedNotifTitle',
|
||||
'sfRemovedMsgRule', 'sfRemovedUseNotif',
|
||||
'sfRemovedNotifRef', 'sfRemovedNotifTitle',
|
||||
'sfRemovedNotifMsg',
|
||||
],
|
||||
},
|
||||
|
|
|
|||
|
|
@ -730,8 +730,10 @@
|
|||
"sfaTitle":"Second Factors Authentication",
|
||||
"sfRequired":"Require 2FA",
|
||||
"sfRemovedNotification":"Display a message if an expired SF is removed",
|
||||
"sfRemovedNotifRule":"تفعيل",
|
||||
"sfRemovedMsgRule":"تفعيل",
|
||||
"sfRemovedUseNotif":"Use Notifications plugin",
|
||||
"sfRemovedNotifMsg":"Notification message",
|
||||
"sfRemovedNotifRef":"Notification reference",
|
||||
"sfRemovedNotifTitle":"Notification title",
|
||||
"sfRemovedMsg":"Display a message if an expired SF is removed",
|
||||
"show":"عرض",
|
||||
|
|
|
|||
|
|
@ -730,8 +730,10 @@
|
|||
"sfaTitle":"Second Factors Authentication",
|
||||
"sfRequired":"Require 2FA",
|
||||
"sfRemovedNotification":"Display a message if an expired SF is removed",
|
||||
"sfRemovedNotifRule":"Activation",
|
||||
"sfRemovedMsgRule":"Activation",
|
||||
"sfRemovedUseNotif":"Use Notifications plugin",
|
||||
"sfRemovedNotifMsg":"Notification message",
|
||||
"sfRemovedNotifRef":"Notification reference",
|
||||
"sfRemovedNotifTitle":"Notification title",
|
||||
"sfRemovedMsg":"Display a message if an expired SF is removed",
|
||||
"show":"Show",
|
||||
|
|
|
|||
|
|
@ -730,8 +730,10 @@
|
|||
"sfaTitle":"Second Factors Authentication",
|
||||
"sfRequired":"Require 2FA",
|
||||
"sfRemovedNotification":"Display a message if an expired SF is removed",
|
||||
"sfRemovedNotifRule":"Activation",
|
||||
"sfRemovedMsgRule":"Activation",
|
||||
"sfRemovedUseNotif":"Use Notifications plugin",
|
||||
"sfRemovedNotifMsg":"Notification message",
|
||||
"sfRemovedNotifRef":"Notification reference",
|
||||
"sfRemovedNotifTitle":"Notification title",
|
||||
"sfRemovedMsg":"Display a message if an expired SF is removed",
|
||||
"show":"Show",
|
||||
|
|
|
|||
|
|
@ -730,8 +730,10 @@
|
|||
"sfaTitle":"Seconds Facteurs d'Authentification",
|
||||
"sfRequired":"Exiger 2FA",
|
||||
"sfRemovedNotification":"Afficher un message si un SF expiré a été supprimé",
|
||||
"sfRemovedNotifRule":"Activation",
|
||||
"sfRemovedMsgRule":"Activation",
|
||||
"sfRemovedUseNotif":"Utiliser les notifications",
|
||||
"sfRemovedNotifMsg":"Message de la notification",
|
||||
"sfRemovedNotifRef":"Référence de la notification",
|
||||
"sfRemovedNotifTitle":"Titre de la notification",
|
||||
"sfRemovedMsg":"Afficher un message si un SF expiré est supprimé",
|
||||
"show":"Montrer",
|
||||
|
|
|
|||
|
|
@ -730,8 +730,10 @@
|
|||
"sfaTitle":"Autenticazione a due fattori",
|
||||
"sfRequired":"Richiedi 2FA",
|
||||
"sfRemovedNotification":"Display a message if an expired SF is removed",
|
||||
"sfRemovedNotifRule":"Attivazione",
|
||||
"sfRemovedMsgRule":"Attivazione",
|
||||
"sfRemovedUseNotif":"Use Notifications plugin",
|
||||
"sfRemovedNotifMsg":"Notification message",
|
||||
"sfRemovedNotifRef":"Notification reference",
|
||||
"sfRemovedNotifTitle":"Notification title",
|
||||
"sfRemovedMsg":"Display a message if an expired SF is removed",
|
||||
"show":"Mostra",
|
||||
|
|
|
|||
|
|
@ -730,8 +730,10 @@
|
|||
"sfaTitle":"Second Factors Authentication",
|
||||
"sfRequired":"Require 2FA",
|
||||
"sfRemovedNotification":"Display a message if an expired SF is removed",
|
||||
"sfRemovedNotifRule":"Kích hoạt",
|
||||
"sfRemovedMsgRule":"Kích hoạt",
|
||||
"sfRemovedUseNotif":"Use Notifications plugin",
|
||||
"sfRemovedNotifMsg":"Notification message",
|
||||
"sfRemovedNotifRef":"Notification reference",
|
||||
"sfRemovedNotifTitle":"Notification title",
|
||||
"sfRemovedMsg":"Display a message if an expired SF is removed",
|
||||
"show":"Hiển thị",
|
||||
|
|
|
|||
|
|
@ -730,8 +730,10 @@
|
|||
"sfaTitle":"Second Factors Authentication",
|
||||
"sfRequired":"Require 2FA",
|
||||
"sfRemovedNotification":"Display a message if an expired SF is removed",
|
||||
"sfRemovedNotifRule":"Activation",
|
||||
"sfRemovedMsgRule":"Activation",
|
||||
"sfRemovedUseNotif":"Use Notifications plugin",
|
||||
"sfRemovedNotifMsg":"Notification message",
|
||||
"sfRemovedNotifRef":"Notification reference",
|
||||
"sfRemovedNotifTitle":"Notification title",
|
||||
"sfRemovedMsg":"Display a message if an expired SF is removed",
|
||||
"show":"Show",
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
|
@ -31,7 +31,7 @@ extends 'Lemonldap::NG::Portal::Main::Plugin';
|
|||
has sfModules => ( is => 'rw', default => sub { [] } );
|
||||
has sfRModules => ( is => 'rw', default => sub { [] } );
|
||||
has sfReq => ( is => 'rw' );
|
||||
has sfRule => ( is => 'rw' );
|
||||
has sfRule => ( is => 'rw' );
|
||||
|
||||
has ott => (
|
||||
is => 'rw',
|
||||
|
|
@ -111,7 +111,7 @@ sub init {
|
|||
$self->sfRule(
|
||||
$self->p->HANDLER->buildSub(
|
||||
$self->p->HANDLER->substitute(
|
||||
$self->conf->{sfRemovedNotifRule}
|
||||
$self->conf->{sfRemovedMsgRule}
|
||||
)
|
||||
)
|
||||
)
|
||||
|
|
@ -205,10 +205,9 @@ sub run {
|
|||
# Display notification or message if required
|
||||
my $res = 0;
|
||||
if ( $self->sfRule->( $req, $req->sessionInfo ) ) {
|
||||
if ( my $notifEngine =
|
||||
$self->p->loadedModules->{
|
||||
'Lemonldap::NG::Portal::Plugins::Notifications'} )
|
||||
{
|
||||
my $notifEngine = $self->p->loadedModules->{
|
||||
'Lemonldap::NG::Portal::Plugins::Notifications'};
|
||||
if ( $notifEngine && $self->conf->{sfRemovedUseNotif} ) {
|
||||
$self->logger->debug("Notifications plugin enabled");
|
||||
$res =
|
||||
$self->_sendNotification( $req, $notifEngine, $removed );
|
||||
|
|
@ -517,18 +516,22 @@ sub _sendInfo {
|
|||
|
||||
sub _sendNotification {
|
||||
my ( $self, $req, $notifEngine, $removed ) = @_;
|
||||
my $uid = $req->user;
|
||||
my $date = strftime "%Y-%m-%d", localtime;
|
||||
my $title = $self->conf->{sfRemovedNotifTitle} || 'Second factor notification';
|
||||
my $msg = $self->conf->{sfRemovedNotifMsg} || "$removed expired second factor(s) has/have been removed!";
|
||||
my $uid = $req->user;
|
||||
my $date = strftime "%Y-%m-%d", localtime;
|
||||
my $ref = $self->conf->{sfRemovedNotifRef} || 'RemoveSF';
|
||||
my $title =
|
||||
$self->conf->{sfRemovedNotifTitle} || 'Second factor notification';
|
||||
my $msg = $self->conf->{sfRemovedNotifMsg}
|
||||
|| "$removed expired second factor(s) has/have been removed!";
|
||||
$msg =~ s/_removedSF_/$removed/;
|
||||
|
||||
# Prepare notification
|
||||
my $content =
|
||||
$self->conf->{oldNotifFormat}
|
||||
? '<?xml version="1.0" encoding="UTF-8"?><root><notification uid="_uid_" date="_date_" reference="RemoveSF"><title>_title_</title><text>_msg_</text></notification></root>'
|
||||
: '[{"uid":"_uid_","date":"_date_","title":"_title_","reference":"RemoveSF","text":"_msg_"}]';
|
||||
? '<?xml version="1.0" encoding="UTF-8"?><root><notification uid="_uid_" date="_date_" reference="_ref_"><title>_title_</title><text>_msg_</text></notification></root>'
|
||||
: '[{"uid":"_uid_","date":"_date_","title":"_title_","reference":"_ref_","text":"_msg_"}]';
|
||||
$content =~ s/_uid_/$uid/;
|
||||
$content =~ s/_ref_/$ref/;
|
||||
$content =~ s/_date_/$date/;
|
||||
$content =~ s/_title_/$title/;
|
||||
$content =~ s/_msg_/$msg/;
|
||||
|
|
|
|||
|
|
@ -19,7 +19,8 @@ SKIP: {
|
|||
totp2fSelfRegistration => 1,
|
||||
totp2fActivation => 1,
|
||||
totp2fTTL => 2,
|
||||
sfRemovedNotifRule => '$uid eq "dwho"',
|
||||
sfRemovedMsgRule => '$uid eq "dwho"',
|
||||
sfRemovedUseNotif => 1,
|
||||
portalMainLogo => 'common/logos/logo_llng_old.png',
|
||||
notification => 1,
|
||||
templatesDir => 'site/templates/',
|
||||
|
|
|
|||
|
|
@ -19,7 +19,8 @@ SKIP: {
|
|||
totp2fSelfRegistration => 1,
|
||||
totp2fActivation => 1,
|
||||
totp2fTTL => 2,
|
||||
sfRemovedNotifRule => '$uid eq "dwho"',
|
||||
sfRemovedMsgRule => '$uid eq "dwho"',
|
||||
sfRemovedUseNotif => 1,
|
||||
portalMainLogo => 'common/logos/logo_llng_old.png',
|
||||
notification => 1,
|
||||
templatesDir => 'site/templates/',
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ SKIP: {
|
|||
portalMainLogo => 'common/logos/logo_llng_old.png',
|
||||
totp2fTTL => 2,
|
||||
u2fTTL => 2,
|
||||
sfRemovedNotifRule => 1,
|
||||
sfRemovedMsgRule => 1,
|
||||
}
|
||||
}
|
||||
);
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user