dani
/
lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update sessionInfo during auth process

This commit is contained in:
Christophe Maudoux 2020-01-03 23:39:57 +01:00
parent 0f591496b4
commit a48daee305
5 changed files with 30 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lemonldap-ng-portal/MANIFEST
View File

@ -47,6 +47,7 @@ lib/Lemonldap/NG/Portal/Auth/SSL.pm
lib/Lemonldap/NG/Portal/Auth/Twitter.pm
lib/Lemonldap/NG/Portal/Auth/WebID.pm
lib/Lemonldap/NG/Portal/CDC.pm
lib/Lemonldap/NG/Portal/CertificateResetByMail/LDAP.pm
lib/Lemonldap/NG/Portal/Issuer/CAS.pm
lib/Lemonldap/NG/Portal/Issuer/Get.pm
lib/Lemonldap/NG/Portal/Issuer/OpenID.pm
@ -101,6 +102,7 @@ lib/Lemonldap/NG/Portal/Password/REST.pm
lib/Lemonldap/NG/Portal/Plugins/AutoSignin.pm
lib/Lemonldap/NG/Portal/Plugins/BruteForceProtection.pm
lib/Lemonldap/NG/Portal/Plugins/CDA.pm
lib/Lemonldap/NG/Portal/Plugins/CertificateResetByMail.pm
lib/Lemonldap/NG/Portal/Plugins/CheckState.pm
lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
lib/Lemonldap/NG/Portal/Plugins/ContextSwitching.pm
@ -370,6 +372,7 @@ site/templates/bootstrap/2fchoice.tpl
site/templates/bootstrap/2fregisters.tpl
site/templates/bootstrap/captcha.tpl
site/templates/bootstrap/casBack2Url.tpl
site/templates/bootstrap/certificateReset.tpl
site/templates/bootstrap/checklogins.tpl
site/templates/bootstrap/checkuser.tpl
site/templates/bootstrap/confirm.tpl
@ -439,6 +442,7 @@ site/templates/common/mail/tr.json
site/templates/common/mail/vi.json
site/templates/common/mail/zh_CN.json
site/templates/common/mail_2fcode.tpl
site/templates/common/mail_certificatReset.tpl
site/templates/common/mail_confirm.tpl
site/templates/common/mail_footer.tpl
site/templates/common/mail_header.tpl
@ -565,7 +569,7 @@ t/40-Notifications-XML-DBI.t
t/40-Notifications-XML-File.t
t/40-Notifications-XML-Server.t
t/41-Captcha.t
t/41-Token-Global-Storage.t
t/41-Token-with-global-storage.t
t/41-Token.t
t/42-Register-Demo-with-captcha.t
t/42-Register-Demo-with-token.t
@ -579,6 +583,7 @@ t/43-MailPasswordReset-LDAP.t
t/43-MailPasswordReset-with-captcha.t
t/43-MailPasswordReset-with-token.t
t/43-MailPasswordReset.t
t/44-CertificateResetByMail-LDAP.t
t/50-IssuerGet.t
t/57-GlobalLogout-without-Timer.t
t/57-GlobalLogout.t
@ -618,7 +623,7 @@ t/68-Impersonation-with-History.t
t/68-Impersonation-with-merge.t
t/68-Impersonation-with-TOTP.t
t/68-Impersonation.t
t/70-2F-TOTP-8.t
t/70-2F-TOTP-8-with-global-storage.t
t/70-2F-TOTP-with-History.t
t/70-2F-TOTP-with-TTL-and-JSON.t
t/70-2F-TOTP-with-TTL-and-XML.t

26
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Engines/Default.pm
View File

@ -21,7 +21,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
PE_TOKENEXPIRED
);
our $VERSION = '2.0.6';
our $VERSION = '2.0.8';
extends 'Lemonldap::NG::Portal::Main::Plugin';
with 'Lemonldap::NG::Portal::Lib::OverConf';
@ -266,15 +266,7 @@ sub run {
}
# Search for authorized modules for this user
my @am;
foreach my $m ( @{ $self->sfModules } ) {
$self->logger->debug(
'Looking if ' . $m->{m}->prefix . '2F is available' );
if ( $m->{r}->( $req, $req->sessionInfo ) ) {
$self->logger->debug(' -> OK');
push @am, $m->{m};
}
}
my @am = $self->searchForAuthorized2Fmodules($req);
# If no 2F module is authorized, skipping 2F
# Note that a rule may forbid access after (GrantSession plugin)
@ -546,4 +538,18 @@ sub restoreSession {
: $self->_displayRegister( $req, @path );
}
sub searchForAuthorized2Fmodules {
my ( $self, $req ) = @_;
my @am;
foreach my $m ( @{ $self->sfModules } ) {
$self->logger->debug(
'Looking if ' . $m->{m}->prefix . '2F is available' );
if ( $m->{r}->( $req, $req->sessionInfo ) ) {
$self->logger->debug(' -> OK');
push @am, $m->{m};
}
}
return @am;
}
1;

9
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm
View File

@ -1,6 +1,6 @@
package Lemonldap::NG::Portal::Main::Process;
our $VERSION = '2.0.7';
our $VERSION = '2.0.8';
package Lemonldap::NG::Portal::Main;
@ -483,8 +483,11 @@ sub store {
# Update current request
$req->id( $session->id );
$req->{sessionInfo}->{_session_id} = $session->{id};
$req->{sessionInfo}->{_session_kind} = $session->{kind};
unless ( $self->_sfEngine->searchForAuthorized2Fmodules($req) ) {
$self->logger->debug("No 2F module authorized -> Update current request");
$req->{sessionInfo}->{_session_id} = $session->{id};
$req->{sessionInfo}->{_session_kind} = $session->{kind};
}
# Compute unsecured cookie value if needed
if ( $self->conf->{securedCookie} == 3 and !$req->refresh ) {

0
lemonldap-ng-portal/t/41-Token-Global-Storage.t → lemonldap-ng-portal/t/41-Token-with-global-storage.t
View File

2
lemonldap-ng-portal/t/78-2F-Upgrade.t
View File

@ -144,7 +144,7 @@ expectRedirection( $res, 'http://test1.example.com' );
$id = expectCookie($res);
my $cookies = getCookies($res);
ok( !defined( $cookies->{lemonldappdata} ), " Make sure no pdata is returned" );
ok( !$cookies->{lemonldappdata}, " Make sure no pdata is returned" );
count(1);
clean_sessions();