Update sessionInfo during auth process
This commit is contained in:
parent
0f591496b4
commit
a48daee305
|
@ -47,6 +47,7 @@ lib/Lemonldap/NG/Portal/Auth/SSL.pm
|
||||||
lib/Lemonldap/NG/Portal/Auth/Twitter.pm
|
lib/Lemonldap/NG/Portal/Auth/Twitter.pm
|
||||||
lib/Lemonldap/NG/Portal/Auth/WebID.pm
|
lib/Lemonldap/NG/Portal/Auth/WebID.pm
|
||||||
lib/Lemonldap/NG/Portal/CDC.pm
|
lib/Lemonldap/NG/Portal/CDC.pm
|
||||||
|
lib/Lemonldap/NG/Portal/CertificateResetByMail/LDAP.pm
|
||||||
lib/Lemonldap/NG/Portal/Issuer/CAS.pm
|
lib/Lemonldap/NG/Portal/Issuer/CAS.pm
|
||||||
lib/Lemonldap/NG/Portal/Issuer/Get.pm
|
lib/Lemonldap/NG/Portal/Issuer/Get.pm
|
||||||
lib/Lemonldap/NG/Portal/Issuer/OpenID.pm
|
lib/Lemonldap/NG/Portal/Issuer/OpenID.pm
|
||||||
|
@ -101,6 +102,7 @@ lib/Lemonldap/NG/Portal/Password/REST.pm
|
||||||
lib/Lemonldap/NG/Portal/Plugins/AutoSignin.pm
|
lib/Lemonldap/NG/Portal/Plugins/AutoSignin.pm
|
||||||
lib/Lemonldap/NG/Portal/Plugins/BruteForceProtection.pm
|
lib/Lemonldap/NG/Portal/Plugins/BruteForceProtection.pm
|
||||||
lib/Lemonldap/NG/Portal/Plugins/CDA.pm
|
lib/Lemonldap/NG/Portal/Plugins/CDA.pm
|
||||||
|
lib/Lemonldap/NG/Portal/Plugins/CertificateResetByMail.pm
|
||||||
lib/Lemonldap/NG/Portal/Plugins/CheckState.pm
|
lib/Lemonldap/NG/Portal/Plugins/CheckState.pm
|
||||||
lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
|
lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
|
||||||
lib/Lemonldap/NG/Portal/Plugins/ContextSwitching.pm
|
lib/Lemonldap/NG/Portal/Plugins/ContextSwitching.pm
|
||||||
|
@ -370,6 +372,7 @@ site/templates/bootstrap/2fchoice.tpl
|
||||||
site/templates/bootstrap/2fregisters.tpl
|
site/templates/bootstrap/2fregisters.tpl
|
||||||
site/templates/bootstrap/captcha.tpl
|
site/templates/bootstrap/captcha.tpl
|
||||||
site/templates/bootstrap/casBack2Url.tpl
|
site/templates/bootstrap/casBack2Url.tpl
|
||||||
|
site/templates/bootstrap/certificateReset.tpl
|
||||||
site/templates/bootstrap/checklogins.tpl
|
site/templates/bootstrap/checklogins.tpl
|
||||||
site/templates/bootstrap/checkuser.tpl
|
site/templates/bootstrap/checkuser.tpl
|
||||||
site/templates/bootstrap/confirm.tpl
|
site/templates/bootstrap/confirm.tpl
|
||||||
|
@ -439,6 +442,7 @@ site/templates/common/mail/tr.json
|
||||||
site/templates/common/mail/vi.json
|
site/templates/common/mail/vi.json
|
||||||
site/templates/common/mail/zh_CN.json
|
site/templates/common/mail/zh_CN.json
|
||||||
site/templates/common/mail_2fcode.tpl
|
site/templates/common/mail_2fcode.tpl
|
||||||
|
site/templates/common/mail_certificatReset.tpl
|
||||||
site/templates/common/mail_confirm.tpl
|
site/templates/common/mail_confirm.tpl
|
||||||
site/templates/common/mail_footer.tpl
|
site/templates/common/mail_footer.tpl
|
||||||
site/templates/common/mail_header.tpl
|
site/templates/common/mail_header.tpl
|
||||||
|
@ -565,7 +569,7 @@ t/40-Notifications-XML-DBI.t
|
||||||
t/40-Notifications-XML-File.t
|
t/40-Notifications-XML-File.t
|
||||||
t/40-Notifications-XML-Server.t
|
t/40-Notifications-XML-Server.t
|
||||||
t/41-Captcha.t
|
t/41-Captcha.t
|
||||||
t/41-Token-Global-Storage.t
|
t/41-Token-with-global-storage.t
|
||||||
t/41-Token.t
|
t/41-Token.t
|
||||||
t/42-Register-Demo-with-captcha.t
|
t/42-Register-Demo-with-captcha.t
|
||||||
t/42-Register-Demo-with-token.t
|
t/42-Register-Demo-with-token.t
|
||||||
|
@ -579,6 +583,7 @@ t/43-MailPasswordReset-LDAP.t
|
||||||
t/43-MailPasswordReset-with-captcha.t
|
t/43-MailPasswordReset-with-captcha.t
|
||||||
t/43-MailPasswordReset-with-token.t
|
t/43-MailPasswordReset-with-token.t
|
||||||
t/43-MailPasswordReset.t
|
t/43-MailPasswordReset.t
|
||||||
|
t/44-CertificateResetByMail-LDAP.t
|
||||||
t/50-IssuerGet.t
|
t/50-IssuerGet.t
|
||||||
t/57-GlobalLogout-without-Timer.t
|
t/57-GlobalLogout-without-Timer.t
|
||||||
t/57-GlobalLogout.t
|
t/57-GlobalLogout.t
|
||||||
|
@ -618,7 +623,7 @@ t/68-Impersonation-with-History.t
|
||||||
t/68-Impersonation-with-merge.t
|
t/68-Impersonation-with-merge.t
|
||||||
t/68-Impersonation-with-TOTP.t
|
t/68-Impersonation-with-TOTP.t
|
||||||
t/68-Impersonation.t
|
t/68-Impersonation.t
|
||||||
t/70-2F-TOTP-8.t
|
t/70-2F-TOTP-8-with-global-storage.t
|
||||||
t/70-2F-TOTP-with-History.t
|
t/70-2F-TOTP-with-History.t
|
||||||
t/70-2F-TOTP-with-TTL-and-JSON.t
|
t/70-2F-TOTP-with-TTL-and-JSON.t
|
||||||
t/70-2F-TOTP-with-TTL-and-XML.t
|
t/70-2F-TOTP-with-TTL-and-XML.t
|
||||||
|
|
|
@ -21,7 +21,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
|
||||||
PE_TOKENEXPIRED
|
PE_TOKENEXPIRED
|
||||||
);
|
);
|
||||||
|
|
||||||
our $VERSION = '2.0.6';
|
our $VERSION = '2.0.8';
|
||||||
|
|
||||||
extends 'Lemonldap::NG::Portal::Main::Plugin';
|
extends 'Lemonldap::NG::Portal::Main::Plugin';
|
||||||
with 'Lemonldap::NG::Portal::Lib::OverConf';
|
with 'Lemonldap::NG::Portal::Lib::OverConf';
|
||||||
|
@ -266,15 +266,7 @@ sub run {
|
||||||
}
|
}
|
||||||
|
|
||||||
# Search for authorized modules for this user
|
# Search for authorized modules for this user
|
||||||
my @am;
|
my @am = $self->searchForAuthorized2Fmodules($req);
|
||||||
foreach my $m ( @{ $self->sfModules } ) {
|
|
||||||
$self->logger->debug(
|
|
||||||
'Looking if ' . $m->{m}->prefix . '2F is available' );
|
|
||||||
if ( $m->{r}->( $req, $req->sessionInfo ) ) {
|
|
||||||
$self->logger->debug(' -> OK');
|
|
||||||
push @am, $m->{m};
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
# If no 2F module is authorized, skipping 2F
|
# If no 2F module is authorized, skipping 2F
|
||||||
# Note that a rule may forbid access after (GrantSession plugin)
|
# Note that a rule may forbid access after (GrantSession plugin)
|
||||||
|
@ -546,4 +538,18 @@ sub restoreSession {
|
||||||
: $self->_displayRegister( $req, @path );
|
: $self->_displayRegister( $req, @path );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
sub searchForAuthorized2Fmodules {
|
||||||
|
my ( $self, $req ) = @_;
|
||||||
|
my @am;
|
||||||
|
foreach my $m ( @{ $self->sfModules } ) {
|
||||||
|
$self->logger->debug(
|
||||||
|
'Looking if ' . $m->{m}->prefix . '2F is available' );
|
||||||
|
if ( $m->{r}->( $req, $req->sessionInfo ) ) {
|
||||||
|
$self->logger->debug(' -> OK');
|
||||||
|
push @am, $m->{m};
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return @am;
|
||||||
|
}
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
package Lemonldap::NG::Portal::Main::Process;
|
package Lemonldap::NG::Portal::Main::Process;
|
||||||
|
|
||||||
our $VERSION = '2.0.7';
|
our $VERSION = '2.0.8';
|
||||||
|
|
||||||
package Lemonldap::NG::Portal::Main;
|
package Lemonldap::NG::Portal::Main;
|
||||||
|
|
||||||
|
@ -483,8 +483,11 @@ sub store {
|
||||||
|
|
||||||
# Update current request
|
# Update current request
|
||||||
$req->id( $session->id );
|
$req->id( $session->id );
|
||||||
$req->{sessionInfo}->{_session_id} = $session->{id};
|
unless ( $self->_sfEngine->searchForAuthorized2Fmodules($req) ) {
|
||||||
$req->{sessionInfo}->{_session_kind} = $session->{kind};
|
$self->logger->debug("No 2F module authorized -> Update current request");
|
||||||
|
$req->{sessionInfo}->{_session_id} = $session->{id};
|
||||||
|
$req->{sessionInfo}->{_session_kind} = $session->{kind};
|
||||||
|
}
|
||||||
|
|
||||||
# Compute unsecured cookie value if needed
|
# Compute unsecured cookie value if needed
|
||||||
if ( $self->conf->{securedCookie} == 3 and !$req->refresh ) {
|
if ( $self->conf->{securedCookie} == 3 and !$req->refresh ) {
|
||||||
|
|
|
@ -144,7 +144,7 @@ expectRedirection( $res, 'http://test1.example.com' );
|
||||||
$id = expectCookie($res);
|
$id = expectCookie($res);
|
||||||
|
|
||||||
my $cookies = getCookies($res);
|
my $cookies = getCookies($res);
|
||||||
ok( !defined( $cookies->{lemonldappdata} ), " Make sure no pdata is returned" );
|
ok( !$cookies->{lemonldappdata}, " Make sure no pdata is returned" );
|
||||||
count(1);
|
count(1);
|
||||||
|
|
||||||
clean_sessions();
|
clean_sessions();
|
||||||
|
|
Loading…
Reference in New Issue
Block a user