Update sessionInfo during auth process
This commit is contained in:
parent
0f591496b4
commit
a48daee305
|
@ -47,6 +47,7 @@ lib/Lemonldap/NG/Portal/Auth/SSL.pm
|
|||
lib/Lemonldap/NG/Portal/Auth/Twitter.pm
|
||||
lib/Lemonldap/NG/Portal/Auth/WebID.pm
|
||||
lib/Lemonldap/NG/Portal/CDC.pm
|
||||
lib/Lemonldap/NG/Portal/CertificateResetByMail/LDAP.pm
|
||||
lib/Lemonldap/NG/Portal/Issuer/CAS.pm
|
||||
lib/Lemonldap/NG/Portal/Issuer/Get.pm
|
||||
lib/Lemonldap/NG/Portal/Issuer/OpenID.pm
|
||||
|
@ -101,6 +102,7 @@ lib/Lemonldap/NG/Portal/Password/REST.pm
|
|||
lib/Lemonldap/NG/Portal/Plugins/AutoSignin.pm
|
||||
lib/Lemonldap/NG/Portal/Plugins/BruteForceProtection.pm
|
||||
lib/Lemonldap/NG/Portal/Plugins/CDA.pm
|
||||
lib/Lemonldap/NG/Portal/Plugins/CertificateResetByMail.pm
|
||||
lib/Lemonldap/NG/Portal/Plugins/CheckState.pm
|
||||
lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
|
||||
lib/Lemonldap/NG/Portal/Plugins/ContextSwitching.pm
|
||||
|
@ -370,6 +372,7 @@ site/templates/bootstrap/2fchoice.tpl
|
|||
site/templates/bootstrap/2fregisters.tpl
|
||||
site/templates/bootstrap/captcha.tpl
|
||||
site/templates/bootstrap/casBack2Url.tpl
|
||||
site/templates/bootstrap/certificateReset.tpl
|
||||
site/templates/bootstrap/checklogins.tpl
|
||||
site/templates/bootstrap/checkuser.tpl
|
||||
site/templates/bootstrap/confirm.tpl
|
||||
|
@ -439,6 +442,7 @@ site/templates/common/mail/tr.json
|
|||
site/templates/common/mail/vi.json
|
||||
site/templates/common/mail/zh_CN.json
|
||||
site/templates/common/mail_2fcode.tpl
|
||||
site/templates/common/mail_certificatReset.tpl
|
||||
site/templates/common/mail_confirm.tpl
|
||||
site/templates/common/mail_footer.tpl
|
||||
site/templates/common/mail_header.tpl
|
||||
|
@ -565,7 +569,7 @@ t/40-Notifications-XML-DBI.t
|
|||
t/40-Notifications-XML-File.t
|
||||
t/40-Notifications-XML-Server.t
|
||||
t/41-Captcha.t
|
||||
t/41-Token-Global-Storage.t
|
||||
t/41-Token-with-global-storage.t
|
||||
t/41-Token.t
|
||||
t/42-Register-Demo-with-captcha.t
|
||||
t/42-Register-Demo-with-token.t
|
||||
|
@ -579,6 +583,7 @@ t/43-MailPasswordReset-LDAP.t
|
|||
t/43-MailPasswordReset-with-captcha.t
|
||||
t/43-MailPasswordReset-with-token.t
|
||||
t/43-MailPasswordReset.t
|
||||
t/44-CertificateResetByMail-LDAP.t
|
||||
t/50-IssuerGet.t
|
||||
t/57-GlobalLogout-without-Timer.t
|
||||
t/57-GlobalLogout.t
|
||||
|
@ -618,7 +623,7 @@ t/68-Impersonation-with-History.t
|
|||
t/68-Impersonation-with-merge.t
|
||||
t/68-Impersonation-with-TOTP.t
|
||||
t/68-Impersonation.t
|
||||
t/70-2F-TOTP-8.t
|
||||
t/70-2F-TOTP-8-with-global-storage.t
|
||||
t/70-2F-TOTP-with-History.t
|
||||
t/70-2F-TOTP-with-TTL-and-JSON.t
|
||||
t/70-2F-TOTP-with-TTL-and-XML.t
|
||||
|
|
|
@ -21,7 +21,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
|
|||
PE_TOKENEXPIRED
|
||||
);
|
||||
|
||||
our $VERSION = '2.0.6';
|
||||
our $VERSION = '2.0.8';
|
||||
|
||||
extends 'Lemonldap::NG::Portal::Main::Plugin';
|
||||
with 'Lemonldap::NG::Portal::Lib::OverConf';
|
||||
|
@ -266,15 +266,7 @@ sub run {
|
|||
}
|
||||
|
||||
# Search for authorized modules for this user
|
||||
my @am;
|
||||
foreach my $m ( @{ $self->sfModules } ) {
|
||||
$self->logger->debug(
|
||||
'Looking if ' . $m->{m}->prefix . '2F is available' );
|
||||
if ( $m->{r}->( $req, $req->sessionInfo ) ) {
|
||||
$self->logger->debug(' -> OK');
|
||||
push @am, $m->{m};
|
||||
}
|
||||
}
|
||||
my @am = $self->searchForAuthorized2Fmodules($req);
|
||||
|
||||
# If no 2F module is authorized, skipping 2F
|
||||
# Note that a rule may forbid access after (GrantSession plugin)
|
||||
|
@ -546,4 +538,18 @@ sub restoreSession {
|
|||
: $self->_displayRegister( $req, @path );
|
||||
}
|
||||
|
||||
sub searchForAuthorized2Fmodules {
|
||||
my ( $self, $req ) = @_;
|
||||
my @am;
|
||||
foreach my $m ( @{ $self->sfModules } ) {
|
||||
$self->logger->debug(
|
||||
'Looking if ' . $m->{m}->prefix . '2F is available' );
|
||||
if ( $m->{r}->( $req, $req->sessionInfo ) ) {
|
||||
$self->logger->debug(' -> OK');
|
||||
push @am, $m->{m};
|
||||
}
|
||||
}
|
||||
return @am;
|
||||
}
|
||||
|
||||
1;
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
package Lemonldap::NG::Portal::Main::Process;
|
||||
|
||||
our $VERSION = '2.0.7';
|
||||
our $VERSION = '2.0.8';
|
||||
|
||||
package Lemonldap::NG::Portal::Main;
|
||||
|
||||
|
@ -483,8 +483,11 @@ sub store {
|
|||
|
||||
# Update current request
|
||||
$req->id( $session->id );
|
||||
$req->{sessionInfo}->{_session_id} = $session->{id};
|
||||
$req->{sessionInfo}->{_session_kind} = $session->{kind};
|
||||
unless ( $self->_sfEngine->searchForAuthorized2Fmodules($req) ) {
|
||||
$self->logger->debug("No 2F module authorized -> Update current request");
|
||||
$req->{sessionInfo}->{_session_id} = $session->{id};
|
||||
$req->{sessionInfo}->{_session_kind} = $session->{kind};
|
||||
}
|
||||
|
||||
# Compute unsecured cookie value if needed
|
||||
if ( $self->conf->{securedCookie} == 3 and !$req->refresh ) {
|
||||
|
|
|
@ -144,7 +144,7 @@ expectRedirection( $res, 'http://test1.example.com' );
|
|||
$id = expectCookie($res);
|
||||
|
||||
my $cookies = getCookies($res);
|
||||
ok( !defined( $cookies->{lemonldappdata} ), " Make sure no pdata is returned" );
|
||||
ok( !$cookies->{lemonldappdata}, " Make sure no pdata is returned" );
|
||||
count(1);
|
||||
|
||||
clean_sessions();
|
||||
|
|
Loading…
Reference in New Issue