dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

WIP - Rename plugin PortalForceAuthn (#1507)

Browse Source
This commit is contained in:
Christophe Maudoux 2018-10-03 21:27:09 +02:00
parent 85c6ad2498
commit a6c461f7b6
6 changed files with 18 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
View File

@ -178,9 +178,8 @@ sub defaultValues {
'portalDisplayOidcConsents' => '$_oidcConnectedRP', 'portalDisplayOidcConsents' => '$_oidcConnectedRP',
'portalDisplayRegister' => 1, 'portalDisplayRegister' => 1,
'portalErrorOnExpiredSession' => 1, 'portalErrorOnExpiredSession' => 1,
'portalForceAuthn' => 1,
'portalForceAuthnInterval' => 5, 'portalForceAuthnInterval' => 5,
'portalForceReAuthn' => 1,
'portalForceReAuthnTempo' => 300,
'portalPingInterval' => 60000, 'portalPingInterval' => 60000,
'portalRequireOldPassword' => 1, 'portalRequireOldPassword' => 1,
'portalSkin' => 'bootstrap', 'portalSkin' => 'bootstrap',

10
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
View File

@ -2165,16 +2165,12 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
'default' => 0, 'default' => 0,
'type' => 'bool' 'type' => 'bool'
}, },
'portalForceAuthnInterval' => { 'portalForceAuthn' => {
'default' => 5,
'type' => 'int'
},
'portalForceReAuthn' => {
'default' => 1, 'default' => 1,
'type' => 'bool' 'type' => 'bool'
}, },
'portalForceReAuthnTempo' => { 'portalForceAuthnInterval' => {
'default' => 300, 'default' => 5,
'type' => 'int' 'type' => 'int'
}, },
'portalOpenLinkInNewWindow' => { 'portalOpenLinkInNewWindow' => {

19
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
View File

@ -556,16 +556,17 @@ sub attributes {
type => 'bool', type => 'bool',
documentation => 'Check XSS', documentation => 'Check XSS',
}, },
portalForceReAuthn => { portalForceAuthn => {
default => 1, default => 1,
type => 'bool', type => 'bool',
documentation => 'Enable force reAuthentification to access to Portal', documentation =>
'Enable force to authenticate when displaying portal',
}, },
portalForceReAuthnTempo => { portalForceAuthnInterval => {
default => 300, default => 5,
type => 'int', type => 'int',
documentation => documentation =>
'Portal force reAuthentification -> Tempo before try again', 'Maximun interval in seconds since last authentifcation to force reauthentication',
}, },
bruteForceProtection => { bruteForceProtection => {
default => 1, default => 1,
@ -2121,9 +2122,7 @@ sub attributes {
type => 'bool', type => 'bool',
default => 0, default => 0,
}, },
samlIDPMetaDataOptionsUserAttribute => { samlIDPMetaDataOptionsUserAttribute => { type => 'text', },
type => 'text',
},
# SP keys # SP keys
samlSPMetaDataExportedAttributes => { samlSPMetaDataExportedAttributes => {

4
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Constants.pm
View File

@ -92,7 +92,7 @@ use constant {
PE_UNAUTHORIZEDPARTNER => 84, PE_UNAUTHORIZEDPARTNER => 84,
PE_RENEWSESSION => 85, PE_RENEWSESSION => 85,
PE_WAIT => 86, PE_WAIT => 86,
PE_MUSTREAUTHN => 87, PE_MUSTAUTHN => 87,
}; };
# EXPORTER PARAMETERS # EXPORTER PARAMETERS
@ -118,7 +118,7 @@ our @EXPORT_OK = qw( PE_SENDRESPONSE PE_INFO PE_REDIRECT PE_DONE PE_OK
PE_RADIUSCONNECTFAILED PE_MUST_SUPPLY_OLD_PASSWORD PE_FORBIDDENIP PE_RADIUSCONNECTFAILED PE_MUST_SUPPLY_OLD_PASSWORD PE_FORBIDDENIP
PE_CAPTCHAERROR PE_CAPTCHAEMPTY PE_REGISTERFIRSTACCESS PE_REGISTERFORMEMPTY PE_CAPTCHAERROR PE_CAPTCHAEMPTY PE_REGISTERFIRSTACCESS PE_REGISTERFORMEMPTY
PE_REGISTERALREADYEXISTS PE_NOTOKEN PE_TOKENEXPIRED HANDLER PE_U2FFAILED PE_REGISTERALREADYEXISTS PE_NOTOKEN PE_TOKENEXPIRED HANDLER PE_U2FFAILED
PE_UNAUTHORIZEDPARTNER PE_RENEWSESSION PE_IDPCHOICE PE_WAIT PE_MUSTREAUTHN PE_UNAUTHORIZEDPARTNER PE_RENEWSESSION PE_IDPCHOICE PE_WAIT PE_MUSTAUTHN
); );
our %EXPORT_TAGS = ( 'all' => [ @EXPORT_OK, 'import' ], ); our %EXPORT_TAGS = ( 'all' => [ @EXPORT_OK, 'import' ], );

2
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm
View File

@ -24,7 +24,7 @@ our @pList = (
upgradeSession => '::Plugins::Upgrade', upgradeSession => '::Plugins::Upgrade',
autoSigninRules => '::Plugins::AutoSignin', autoSigninRules => '::Plugins::AutoSignin',
checkState => '::Plugins::CheckState', checkState => '::Plugins::CheckState',
portalForceReAuthn => '::Plugins::PortalForceReAuthn', portalForceAuthn => '::Plugins::PortalForceAuthn',
); );
##@method list enabledPlugins ##@method list enabledPlugins

4
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/PortalForceReAuthn.pm → lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/PortalForceAuthn.pm
View File

@ -1,4 +1,4 @@
package Lemonldap::NG::Portal::Plugins::PortalForceReAuthn; package Lemonldap::NG::Portal::Plugins::PortalForceAuthn;
use Data::Dumper; use Data::Dumper;
use strict; use strict;
@ -26,7 +26,7 @@ sub run {
if ( $req->env->{HTTP_HOST} and $portalURL =~ qr#\Q$HTTP_HOST# ) { if ( $req->env->{HTTP_HOST} and $portalURL =~ qr#\Q$HTTP_HOST# ) {
my $delta = time() - $req->{sessionInfo}->{_utime}; my $delta = time() - $req->{sessionInfo}->{_utime};
$self->logger->debug( "Delta with last Authn -> " . $delta ); $self->logger->debug( "Delta with last Authn -> " . $delta );
$delta <= $self->conf->{portalForceReAuthnTempo} $delta <= $self->conf->{portalForceAuthnInterval}
? return PE_OK ? return PE_OK
: return PE_MUSTREAUTHN; : return PE_MUSTREAUTHN;
} }