WIP - Rename plugin PortalForceAuthn (#1507)
This commit is contained in:
parent
85c6ad2498
commit
a6c461f7b6
|
@ -178,9 +178,8 @@ sub defaultValues {
|
|||
'portalDisplayOidcConsents' => '$_oidcConnectedRP',
|
||||
'portalDisplayRegister' => 1,
|
||||
'portalErrorOnExpiredSession' => 1,
|
||||
'portalForceAuthn' => 1,
|
||||
'portalForceAuthnInterval' => 5,
|
||||
'portalForceReAuthn' => 1,
|
||||
'portalForceReAuthnTempo' => 300,
|
||||
'portalPingInterval' => 60000,
|
||||
'portalRequireOldPassword' => 1,
|
||||
'portalSkin' => 'bootstrap',
|
||||
|
|
|
@ -2165,16 +2165,12 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
|
|||
'default' => 0,
|
||||
'type' => 'bool'
|
||||
},
|
||||
'portalForceAuthnInterval' => {
|
||||
'default' => 5,
|
||||
'type' => 'int'
|
||||
},
|
||||
'portalForceReAuthn' => {
|
||||
'portalForceAuthn' => {
|
||||
'default' => 1,
|
||||
'type' => 'bool'
|
||||
},
|
||||
'portalForceReAuthnTempo' => {
|
||||
'default' => 300,
|
||||
'portalForceAuthnInterval' => {
|
||||
'default' => 5,
|
||||
'type' => 'int'
|
||||
},
|
||||
'portalOpenLinkInNewWindow' => {
|
||||
|
|
|
@ -556,16 +556,17 @@ sub attributes {
|
|||
type => 'bool',
|
||||
documentation => 'Check XSS',
|
||||
},
|
||||
portalForceReAuthn => {
|
||||
default => 1,
|
||||
type => 'bool',
|
||||
documentation => 'Enable force reAuthentification to access to Portal',
|
||||
portalForceAuthn => {
|
||||
default => 1,
|
||||
type => 'bool',
|
||||
documentation =>
|
||||
'Enable force to authenticate when displaying portal',
|
||||
},
|
||||
portalForceReAuthnTempo => {
|
||||
default => 300,
|
||||
portalForceAuthnInterval => {
|
||||
default => 5,
|
||||
type => 'int',
|
||||
documentation =>
|
||||
'Portal force reAuthentification -> Tempo before try again',
|
||||
'Maximun interval in seconds since last authentifcation to force reauthentication',
|
||||
},
|
||||
bruteForceProtection => {
|
||||
default => 1,
|
||||
|
@ -2121,9 +2122,7 @@ sub attributes {
|
|||
type => 'bool',
|
||||
default => 0,
|
||||
},
|
||||
samlIDPMetaDataOptionsUserAttribute => {
|
||||
type => 'text',
|
||||
},
|
||||
samlIDPMetaDataOptionsUserAttribute => { type => 'text', },
|
||||
|
||||
# SP keys
|
||||
samlSPMetaDataExportedAttributes => {
|
||||
|
|
|
@ -92,7 +92,7 @@ use constant {
|
|||
PE_UNAUTHORIZEDPARTNER => 84,
|
||||
PE_RENEWSESSION => 85,
|
||||
PE_WAIT => 86,
|
||||
PE_MUSTREAUTHN => 87,
|
||||
PE_MUSTAUTHN => 87,
|
||||
};
|
||||
|
||||
# EXPORTER PARAMETERS
|
||||
|
@ -118,7 +118,7 @@ our @EXPORT_OK = qw( PE_SENDRESPONSE PE_INFO PE_REDIRECT PE_DONE PE_OK
|
|||
PE_RADIUSCONNECTFAILED PE_MUST_SUPPLY_OLD_PASSWORD PE_FORBIDDENIP
|
||||
PE_CAPTCHAERROR PE_CAPTCHAEMPTY PE_REGISTERFIRSTACCESS PE_REGISTERFORMEMPTY
|
||||
PE_REGISTERALREADYEXISTS PE_NOTOKEN PE_TOKENEXPIRED HANDLER PE_U2FFAILED
|
||||
PE_UNAUTHORIZEDPARTNER PE_RENEWSESSION PE_IDPCHOICE PE_WAIT PE_MUSTREAUTHN
|
||||
PE_UNAUTHORIZEDPARTNER PE_RENEWSESSION PE_IDPCHOICE PE_WAIT PE_MUSTAUTHN
|
||||
);
|
||||
our %EXPORT_TAGS = ( 'all' => [ @EXPORT_OK, 'import' ], );
|
||||
|
||||
|
|
|
@ -24,7 +24,7 @@ our @pList = (
|
|||
upgradeSession => '::Plugins::Upgrade',
|
||||
autoSigninRules => '::Plugins::AutoSignin',
|
||||
checkState => '::Plugins::CheckState',
|
||||
portalForceReAuthn => '::Plugins::PortalForceReAuthn',
|
||||
portalForceAuthn => '::Plugins::PortalForceAuthn',
|
||||
);
|
||||
|
||||
##@method list enabledPlugins
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
package Lemonldap::NG::Portal::Plugins::PortalForceReAuthn;
|
||||
package Lemonldap::NG::Portal::Plugins::PortalForceAuthn;
|
||||
|
||||
use Data::Dumper;
|
||||
use strict;
|
||||
|
@ -26,7 +26,7 @@ sub run {
|
|||
if ( $req->env->{HTTP_HOST} and $portalURL =~ qr#\Q$HTTP_HOST# ) {
|
||||
my $delta = time() - $req->{sessionInfo}->{_utime};
|
||||
$self->logger->debug( "Delta with last Authn -> " . $delta );
|
||||
$delta <= $self->conf->{portalForceReAuthnTempo}
|
||||
$delta <= $self->conf->{portalForceAuthnInterval}
|
||||
? return PE_OK
|
||||
: return PE_MUSTREAUTHN;
|
||||
}
|
Loading…
Reference in New Issue
Block a user