diff --git a/doc/sources/admin/applications/wekan.rst b/doc/sources/admin/applications/wekan.rst index 06cbfd687..99149fd14 100644 --- a/doc/sources/admin/applications/wekan.rst +++ b/doc/sources/admin/applications/wekan.rst @@ -27,6 +27,9 @@ theses : * **OAUTH2_USERINFO_ENDPOINT**: ``oauth2/userinfo`` * **OAUTH2_TOKEN_ENDPOINT**: ``oauth2/token`` * **OAUTH2_ID_MAP**: ``sub`` +* **OAUTH2_USERNAME_MAP**: ``sub`` +* **OAUTH2_FULLNAME_MAP**: ``name`` +* **OAUTH2_EMAIL_MAP**: ``email`` .. danger:: diff --git a/doc/sources/admin/browseablesessionbackend.rst b/doc/sources/admin/browseablesessionbackend.rst index 095578466..80c670478 100644 --- a/doc/sources/admin/browseablesessionbackend.rst +++ b/doc/sources/admin/browseablesessionbackend.rst @@ -246,7 +246,8 @@ Here are some recommended configurations: _whatToTrace varchar(64), _session_kind varchar(15), user text, - _utime bigint + _utime bigint, + ipAddr varchar(64) ); CREATE INDEX uid1 ON sessions (_whatToTrace) USING BTREE; CREATE INDEX _s1 ON sessions (_session_kind); diff --git a/doc/sources/admin/checkuser.rst b/doc/sources/admin/checkuser.rst index 6dd94ebdd..980851bd6 100644 --- a/doc/sources/admin/checkuser.rst +++ b/doc/sources/admin/checkuser.rst @@ -18,7 +18,7 @@ Just enable it in the manager (section “plugins”). displayed (by example: ``!$anonymous``) - **Unrestricted users rule**: Rule to define which users can check ALL users. ``Identities use rule`` is bypassed. - - **Hidden attributes**: Attributes not displayed + - **Hidden attributes**: Session attributes not displayed - **Attributes used for searching sessions**: User's attributes used for searching sessions in backend if ``whatToTrace`` fails. Useful to look for sessions by mail or givenName. Let it blank to search @@ -31,11 +31,27 @@ Just enable it in the manager (section “plugins”). even empty ones - **Display persistent session data**: Rule to define which users can display persistent session data + - **Hidden headers**: Sent headers whose value is masked except for unrestricted users. + Key is a Virtualhost name and value represents a headers list. + A blank value obfuscates ALL relative Virtualhost sent headers. + Note that just valued hearders are masked. .. note:: - By examples : + By example: + + \* test1.example.com => ``Auth-User mail`` + Just 'Auth-User' and 'mail' headers are masked if valued. + + \* test2.example.com => '' ALL valued headers are masked. + + Unrestricted users can see the masked headers. + + +.. note:: + + By example: \* Search attributes => ``mail uid givenName`` diff --git a/doc/sources/admin/configvhost.rst b/doc/sources/admin/configvhost.rst index 6db92de1c..bf4e56468 100644 --- a/doc/sources/admin/configvhost.rst +++ b/doc/sources/admin/configvhost.rst @@ -503,6 +503,9 @@ Some options are available: - Maintenance mode: reject all requests with a maintenance message - Aliases: list of aliases for this virtual host *(avoid to rewrite rules,...)* +- Access to trace: can be used for overwriting REMOTE_CUSTOM with a custom function. + Provide a comma separated parameters list with custom function path and args. + By example: My::accessToTrace, Doctor, Who - Type: handler type (normal, :doc:`ServiceToken Handler`, :doc:`DevOps Handler`,...) @@ -515,6 +518,30 @@ Some options are available: seconds. This TTL can be customized for each virtual host. +.. attention:: + + A hash reference containing $req, $session, $vhost, $custom and an array reference + with provided parameters is passed to the custom function. + + :: + + package My; + + sub accessToTrace { + my $hash = shift; + my $custom = $hash->{custom}; + my $req = $hash->{req}; + my $vhost = $hash->{vhost}; + my $custom = $hash->{custom}; + my $params = $hash->{params}; + my $session = $hash->{session}; + + return "$custom alias $params->[0]_$params->[1]:$session->{groups}"; + } + + 1; + + .. danger:: A same virtual host can serve many locations. Each diff --git a/doc/sources/admin/exportedvars.rst b/doc/sources/admin/exportedvars.rst index 584a639ef..6ed2d824b 100644 --- a/doc/sources/admin/exportedvars.rst +++ b/doc/sources/admin/exportedvars.rst @@ -10,7 +10,7 @@ extracted from the users database by the :ref:`users module`. To create a variable, you've just to map a user attributes in LL::NG -using ``Variables`` » ``Exported variables``. For each variable, The +using ``Variables`` » ``Exported variables``. For each variable, the first field is the name which will be used in rules, macros or headers and the second field is the name of the user database field. diff --git a/doc/sources/admin/extendedfunctions.rst b/doc/sources/admin/extendedfunctions.rst index dce43d3ee..c1e09075e 100644 --- a/doc/sources/admin/extendedfunctions.rst +++ b/doc/sources/admin/extendedfunctions.rst @@ -25,19 +25,20 @@ Inside this jail, you can access to: * Information about current request * Extended functions: - * date_ - * checkLogonHours_ - * checkDate_ * basic_ - * unicode2iso_ - * iso2unicode_ - * groupMatch_ - * listMatch_ - * inGroup_ + * checkDate_ + * checkLogonHours_ + * date_ * encrypt_ - * token_ + * groupMatch_ + * has2f_ (|new| in version 2.0.10) + * inGroup_ (|new| in version 2.0.8) * isInNet6_ - * varIsInUri_ + * iso2unicode_ + * listMatch_ (|new| in version 2.0.7) + * token_ + * unicode2iso_ + * varIsInUri_ (|new| in version 2.0.7) .. |new| image:: /documentation/new.png @@ -238,6 +239,40 @@ Simple usage example: groupMatch($hGroups, 'description', 'Service 1') + +.. _has2f: + +has2f +~~~~~ + +.. versionadded:: 2.0.10 + +This function tests if the current user has registered a second factor. The following types are supported: + +* :doc:`TOTP` +* :doc:`U2F` +* :doc:`UBK` + +Example:: + + has2f() + has2f('UBK') + has2f('UBK') or has2f('TOTP') + + +.. warning:: + + Do **NOT** use this test to check if the user has **used** their second factor for logging in! + This test only checks if the user has registered a second factor. Regardless of their **current** + authentication level. It can be used to simplify second factor activation rules. + + +.. note:: + + Before version 2.0.10, you need to use the following syntax :: + + $_2fDevices =~ /"type":\s*"TOTP"/s + .. _listMatch: listMatch diff --git a/doc/sources/admin/logs.rst b/doc/sources/admin/logs.rst index a0d504ca4..ad8051ed8 100644 --- a/doc/sources/admin/logs.rst +++ b/doc/sources/admin/logs.rst @@ -57,6 +57,12 @@ logs, go into Manager, ``General Parameters`` > ``Logging`` > User log samples ---------------- +.. note:: + + The user name set in user log messages is configured with `whatToTrace` parameter, except + for messages corresponding to failed authentification, whe the user name logged is the + login used by the user. + Authentication: :: @@ -84,6 +90,12 @@ Logout: [notice] User dwho has been disconnected from LDAP (81.20.13.21) +Password change: + +:: + + [notice] Password changed for dwho (81.20.13.21) + Access to a CAS application non registered in configuration (when CAS server is open): :: diff --git a/doc/sources/admin/rules_examples.rst b/doc/sources/admin/rules_examples.rst index 8cdd44e31..a65f50310 100644 --- a/doc/sources/admin/rules_examples.rst +++ b/doc/sources/admin/rules_examples.rst @@ -27,6 +27,16 @@ attribute you see there can be used in a rule! In Perl, ``eq`` means *Equal* and must be used on strings. ``==`` should be used only on numbers +.. danger:: + + In Perl, ``@`` character means an array and ``%`` a hash! + If you want to write a macro with these characters, you have to escape them like this: + +:: + + $my_email = "$uid\@my-domain.com" + $percent = "$rate\%more" + - Restricting access to specific groups :: @@ -64,6 +74,17 @@ attribute you see there can be used in a rule! $_auth ne 'Demo' +- Checking if the user has a an **available** second factor. + +:: + + # Since 2.0.10 + has2f() + has2f('TOTP') + has2f('TOTP') or has2f('U2F') + + # Before 2.0.10 + $_2fDevices =~ /"type":\s*"TOTP"/s .. tip:: @@ -71,6 +92,7 @@ attribute you see there can be used in a rule! strings. ``\b`` means *word Boundary*. (?:) means *non capturing* parenthesis. + Using environment variables --------------------------- diff --git a/doc/sources/admin/safejail.rst b/doc/sources/admin/safejail.rst index 5d65ce098..5a3efe3d4 100644 --- a/doc/sources/admin/safejail.rst +++ b/doc/sources/admin/safejail.rst @@ -6,8 +6,8 @@ Presentation LemonLDAP::NG uses Safe jail to evaluate all expressions: -- Access rule -- Header +- Access rules +- Headers - Form replay parameters - Macros - Groups @@ -31,3 +31,19 @@ to disable it. To do this, go into Manager > General Parameters > Advanced Parameters > Security > Use Safe Jail and disable it. + + +Assignment test +=============== + +Presentation +------------ + +Perl comparaisons are done by using ``eq`` for strings or ``==`` for integers. +To avoid an unwanted assignment like ``$authLevel = 5`` (BAD EXPRESSION!), +you can enable ``Avoid assignment in expressions`` option. + +To do this, go into Manager > General Parameters > Advanced Parameters > +Security > Avoid assignment in expressions and enable it. + +DISABLE by default. \ No newline at end of file diff --git a/doc/sources/admin/selinux.rst b/doc/sources/admin/selinux.rst index 55405cdef..e1bc17a70 100644 --- a/doc/sources/admin/selinux.rst +++ b/doc/sources/admin/selinux.rst @@ -7,15 +7,12 @@ options. Disk cache (sessions an configuration) -------------------------------------- -:: - - chcon -R -t httpd_sys_rw_content_t /var/cache/lemonldap-ng - -To persist the rule: +You need to set the correct context on the cache directory :: - semanage fcontext -a -t http_sys_content_t /var/cache/lemonldap-ng + semanage fcontext --add -t httpd_cache_t -f a '/var/cache/lemonldap-ng(/.*)?' + restorecon -R /var/cache/lemonldap-ng/ LDAP ---- diff --git a/doc/sources/admin/totp2f.rst b/doc/sources/admin/totp2f.rst index b39177ce8..8baea97f5 100644 --- a/doc/sources/admin/totp2f.rst +++ b/doc/sources/admin/totp2f.rst @@ -74,6 +74,12 @@ In the manager (advanced parameters), you just have to enable it: required even if users are not registered. This is automatically done when "activation" is simply set to "on". + +.. danger:: + + Range is tested backward and forward to prevent + positive or negative clock drift. + Enrollment ---------- diff --git a/doc/sources/admin/upgrade_2_0_x.rst b/doc/sources/admin/upgrade_2_0_x.rst index 3801126e5..f41afeffe 100644 --- a/doc/sources/admin/upgrade_2_0_x.rst +++ b/doc/sources/admin/upgrade_2_0_x.rst @@ -21,6 +21,8 @@ backups and a rollback plan ready! ------ - New dependency: IO::Socket::Timeout +- TOTP check tolerates forward AND backward clock drift (totp2fRange) +- Avoid assignment in expressions option is disabled by default 2.0.9 ----- @@ -31,7 +33,7 @@ backups and a rollback plan ready! (see also `#2244 `__) - SAML SOAP calls are now using ``text/xml`` instead of ``application/xml`` as the MIME Content Type, as required by `the SOAP standard `__ - Incremental lock times values can now be set in BruteForceProtection plugin through Manager. - It must be a list of comma separated values. Default values are ``5, 15, 60, 300, 600`` + It MUST be a list of comma separated values. Default values are ``5, 15, 60, 300, 600`` Cookie issues with Chrome ~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/doc/sources/admin/writingrulesand_headers.rst b/doc/sources/admin/writingrulesand_headers.rst index 2de2c2f30..2c48f94c3 100644 --- a/doc/sources/admin/writingrulesand_headers.rst +++ b/doc/sources/admin/writingrulesand_headers.rst @@ -190,14 +190,14 @@ use macros, local macros,... .. attention:: - - - Since many HTTP servers refuse non ascii headers, it is recommended to use encode_base64() function to transmit those headers - Don't forget to add an empty string as second argument to encode_base64 function to avoid a "newline" characters insertion in result - - Header names must contain only letters and "-" character + - Header names must contain only letters and "-" character. + With Nginx, you can bypass this restriction by using + ``underscores_in_headers on;`` directive diff --git a/e2e-tests/custom.pm b/e2e-tests/custom.pm index bf9f3244f..a58794f0e 100644 --- a/e2e-tests/custom.pm +++ b/e2e-tests/custom.pm @@ -8,4 +8,16 @@ sub get_additional_arg { return $_[0]; } +sub accessToTrace { + my $hash = shift; + my $custom = $hash->{custom}; + my $req = $hash->{req}; + my $vhost = $hash->{vhost}; + my $custom = $hash->{custom}; + my $params = $hash->{params}; + my $session = $hash->{session}; + + return "$custom alias $params->[0]_$params->[1]:$session->{groups} with $session->{$params->[2]}"; +} + 1; diff --git a/e2e-tests/lemonldap-ng.ini b/e2e-tests/lemonldap-ng.ini index 17a074996..8143bc1dc 100644 --- a/e2e-tests/lemonldap-ng.ini +++ b/e2e-tests/lemonldap-ng.ini @@ -22,7 +22,7 @@ dirName=__pwd__/e2e-tests/conf checkXSS = 0 portalSkin = bootstrap staticPrefix = /static -languages = fr, en, vi, it, ar, de, zh, nl, es, pt, ro, tr +languages = fr, en, vi, it, ar, de, zh, nl, es, pt, ro, tr, zh_TW templateDir = __pwd__/lemonldap-ng-portal/site/templates portalStatus = 1 totp2fActivation = 1 @@ -49,7 +49,7 @@ viewerAllowDiff = 1 staticPrefix = /static instanceName = Demo -languages = fr, en, vi, ar, de, it, zh, tr +languages = fr, en, vi, ar, it, zh, tr, zh_TW, es templateDir = __pwd__/lemonldap-ng-manager/site/templates [node-handler] diff --git a/e2e-tests/lmConf-1.json b/e2e-tests/lmConf-1.json index 4e1dc7020..e8903556f 100644 --- a/e2e-tests/lmConf-1.json +++ b/e2e-tests/lmConf-1.json @@ -164,6 +164,16 @@ "default": "accept" } }, + "vhostOptions":{ + "manager.example.com": { + "vhostMaintenance": 0, + "vhostPort": -1, + "vhostHttps": -1, + "vhostAliases": "", + "vhostServiceTokenTTL": -1, + "vhostAccessToTrace": "My::accessToTrace, Doctor, Who","vhostType":"Main" + } + }, "loginHistoryEnabled": 1, "macros": { "UA" : "$ENV{HTTP_USER_AGENT}", diff --git a/lemonldap-ng-common/lemonldap-ng.ini b/lemonldap-ng-common/lemonldap-ng.ini index ad40b0f03..05e170e87 100644 --- a/lemonldap-ng-common/lemonldap-ng.ini +++ b/lemonldap-ng-common/lemonldap-ng.ini @@ -196,7 +196,7 @@ staticPrefix = __PORTALSTATICDIR__ templateDir = __PORTALTEMPLATESDIR__ ; languages: available languages for portal interface -languages = en, fr, vi, it, ar, de, fi, tr, pl +languages = en, fr, vi, it, ar, de, fi, tr, pl, zh_TW, es ; II - Optional parameters (overwrite configuration) @@ -383,7 +383,7 @@ staticPrefix = __MANAGERSTATICDIR__ templateDir = __MANAGERTEMPLATESDIR__ ; languages: available languages for manager interface -languages = fr, en, it, vi, ar, tr, pl +languages = en, fr, it, vi, ar, tr, pl, zh_TW, es ; Manager modules enabled ; Set here the list of modules you want to see in manager interface diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm index 618e13f36..48aa4ff23 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm @@ -29,8 +29,8 @@ use constant DEFAULTCONFBACKEND => "File"; use constant DEFAULTCONFBACKENDOPTIONS => ( dirName => '/usr/local/lemonldap-ng/data/conf', ); -our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|facebook|webID)ExportedVa|exported(?:Heade|Va)|issuerDBGetParamete)r|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|macro)s|o(?:idc(?:S(?:ervice(?:DynamicRegistrationEx(?:portedVar|traClaim)s|MetaDataAuthnContext)|torageOptions)|RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar|Macro)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node))|penIdExportedVars)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option|Macro)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars|fExtra)|c(?:as(?:A(?:ppMetaData(?:(?:ExportedVar|Option|Macro)s|Node)|ttributes)|S(?:rvMetaData(?:(?:ExportedVar|Option)s|Node)|torageOptions))|(?:ustom(?:Plugins|Add)Param|ombModule)s)|a(?:(?:daptativeAuthenticationLevelR|ut(?:hChoiceMod|oSigninR))ules|pplicationList)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|v(?:hostOptions|irtualHost)|S(?:MTPTLSOpts|SLVarIf))$/; -our $boolKeys = qr/^(?:s(?:aml(?:IDP(?:MetaDataOptions(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|IsPassiv)e|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Force(?:Authn|UTF8)|StoreSAMLToken|RelayStateURL)|SSODescriptorWantAuthnRequestsSigned)|S(?:P(?:MetaDataOptions(?:(?:CheckS[LS]OMessageSignatur|OneTimeUs)e|EnableIDPInitiatedURL|ForceUTF8)|SSODescriptor(?:WantAssertion|AuthnRequest)sSigned)|erviceUseCertificateInResponse)|DiscoveryProtocol(?:Activation|IsPassive)|CommonDomainCookieActivation|UseQueryStringSpecific|MetadataForceUTF8)|f(?:RemovedUseNotif|OnlyUpgrade)|kip(?:Upgrade|Renew)Confirmation|oap(?:Session|Config)Server|t(?:ayConnecte|orePasswor)d|laveDisplayLogo|howLanguages|slByAjax)|o(?:idc(?:RPMetaDataOptions(?:Allow(?:PasswordGrant|Offline)|Re(?:freshToken|quirePKCE)|LogoutSessionRequired|IDTokenForceClaims|BypassConsent|Public)|ServiceAllow(?:(?:AuthorizationCode|Implicit|Hybrid)Flow|DynamicRegistration)|OPMetaDataOptions(?:(?:CheckJWTSignatur|UseNonc)e|StoreIDToken))|ldNotifFormat)|p(?:ortal(?:Display(?:Re(?:freshMyRights|setPassword|gister)|CertificateResetByMail|GeneratePassword|PasswordPolicy)|ErrorOn(?:ExpiredSession|MailNotFound)|(?:CheckLogin|Statu)s|OpenLinkInNewWindow|ForceAuthn|AntiFrame)|roxyUseSoap)|c(?:o(?:ntextSwitching(?:Allowed2fModifications|StopWithLogout)|mpactConf|rsEnabled)|a(?:ptcha_(?:register|login|mail)_enabled|sSrvMetaDataOptions(?:Gateway|Renew))|heck(?:State|User|XSS)|da)|l(?:dap(?:(?:Group(?:DecodeSearchedValu|Recursiv)|UsePasswordResetAttribut)e|(?:AllowResetExpired|Set)Password|ChangePasswordAsUser|PpolicyControl|ITDS)|oginHistoryEnabled)|no(?:tif(?:ication(?:Server(?:(?:POS|GE)T|DELETE)?|sExplorer)?|y(?:Deleted|Other))|AjaxHook)|i(?:ssuerDB(?:OpenID(?:Connect)?|SAML|CAS|Get)Activation|mpersonationSkipEmptyValues)|to(?:tp2f(?:UserCan(?:Chang|Remov)eKey|DisplayExistingSecret)|kenUseGlobalStorage)|u(?:se(?:RedirectOn(?:Forbidden|Error)|SafeJail)|2fUserCanRemoveKey|pgradeSession)|re(?:st(?:(?:Password|Session|Config|Auth)Server|ExportSecretKeys)|freshSessions)|br(?:uteForceProtection(?:IncrementalTempo)?|owsersDontStorePassword)|d(?:is(?:ablePersistentStorage|playSessionId)|biDynamicHashEnabled)|(?:mai(?:lOnPasswordChang|ntenanc)|vhostMaintenanc)e|g(?:roupsBeforeMacros|lobalLogoutTimer)|h(?:ideOldPassword|ttpOnly)|yubikey2fUserCanRemoveKey|(?:activeTim|wsdlServ)er|krb(?:RemoveDomain|ByJs))$/; +our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|facebook|webID)ExportedVa|exported(?:Heade|Va)|issuerDBGetParamete)r|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|macro)s|o(?:idc(?:S(?:ervice(?:DynamicRegistrationEx(?:portedVar|traClaim)s|MetaDataAuthnContext)|torageOptions)|RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar|Macro)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node))|penIdExportedVars)|c(?:as(?:A(?:ppMetaData(?:(?:ExportedVar|Option|Macro)s|Node)|ttributes)|S(?:rvMetaData(?:(?:ExportedVar|Option)s|Node)|torageOptions))|(?:ustom(?:Plugins|Add)Param|heckUserHiddenHeader|ombModule)s)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option|Macro)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars|fExtra)|a(?:(?:daptativeAuthenticationLevelR|ut(?:hChoiceMod|oSigninR))ules|pplicationList)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|v(?:hostOptions|irtualHost)|S(?:MTPTLSOpts|SLVarIf))$/; +our $boolKeys = qr/^(?:s(?:aml(?:IDP(?:MetaDataOptions(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|IsPassiv)e|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Force(?:Authn|UTF8)|StoreSAMLToken|RelayStateURL)|SSODescriptorWantAuthnRequestsSigned)|S(?:P(?:MetaDataOptions(?:(?:CheckS[LS]OMessageSignatur|OneTimeUs)e|EnableIDPInitiatedURL|ForceUTF8)|SSODescriptor(?:WantAssertion|AuthnRequest)sSigned)|erviceUseCertificateInResponse)|DiscoveryProtocol(?:Activation|IsPassive)|CommonDomainCookieActivation|UseQueryStringSpecific|MetadataForceUTF8)|f(?:RemovedUseNotif|OnlyUpgrade)|kip(?:Upgrade|Renew)Confirmation|oap(?:Session|Config)Server|t(?:ayConnecte|orePasswor)d|laveDisplayLogo|howLanguages|slByAjax)|o(?:idc(?:RPMetaDataOptions(?:Allow(?:PasswordGrant|Offline)|Re(?:freshToken|quirePKCE)|LogoutSessionRequired|IDTokenForceClaims|BypassConsent|Public)|ServiceAllow(?:(?:AuthorizationCode|Implicit|Hybrid)Flow|DynamicRegistration)|OPMetaDataOptions(?:(?:CheckJWTSignatur|UseNonc)e|StoreIDToken))|ldNotifFormat)|p(?:ortal(?:Display(?:Re(?:freshMyRights|setPassword|gister)|CertificateResetByMail|GeneratePassword|PasswordPolicy)|ErrorOn(?:ExpiredSession|MailNotFound)|(?:CheckLogin|Statu)s|OpenLinkInNewWindow|ForceAuthn|AntiFrame)|roxyUseSoap)|c(?:o(?:ntextSwitching(?:Allowed2fModifications|StopWithLogout)|mpactConf|rsEnabled)|a(?:ptcha_(?:register|login|mail)_enabled|sSrvMetaDataOptions(?:Gateway|Renew))|heck(?:State|User|XSS)|da)|l(?:dap(?:(?:Group(?:DecodeSearchedValu|Recursiv)|UsePasswordResetAttribut)e|(?:AllowResetExpired|Set)Password|ChangePasswordAsUser|PpolicyControl|ITDS)|oginHistoryEnabled)|no(?:tif(?:ication(?:Server(?:(?:POS|GE)T|DELETE)?|sExplorer)?|y(?:Deleted|Other))|AjaxHook)|i(?:ssuerDB(?:OpenID(?:Connect)?|SAML|CAS|Get)Activation|mpersonationSkipEmptyValues)|to(?:tp2f(?:UserCan(?:Chang|Remov)eKey|DisplayExistingSecret)|kenUseGlobalStorage)|u(?:se(?:RedirectOn(?:Forbidden|Error)|SafeJail)|2fUserCanRemoveKey|pgradeSession)|re(?:st(?:(?:Password|Session|Config|Auth)Server|ExportSecretKeys)|freshSessions)|br(?:uteForceProtection(?:IncrementalTempo)?|owsersDontStorePassword)|d(?:is(?:ablePersistentStorage|playSessionId)|biDynamicHashEnabled)|(?:mai(?:lOnPasswordChang|ntenanc)|vhostMaintenanc)e|g(?:roupsBeforeMacros|lobalLogoutTimer)|a(?:voidAssignment|ctiveTimer)|h(?:ideOldPassword|ttpOnly)|yubikey2fUserCanRemoveKey|krb(?:RemoveDomain|ByJs)|wsdlServer)$/; our @sessionTypes = ( 'remoteGlobal', 'global', 'localSession', 'persistent', 'saml', 'oidc', 'cas' ); diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm index e83d5fb00..1462c2c27 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm @@ -22,7 +22,7 @@ our $specialNodeHash = { }; our $doubleHashKeys = 'issuerDBGetParameters'; -our $simpleHashKeys = '(?:(?:l(?:o(?:calSessionStorageOption|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|c(?:as(?:StorageOption|Attribute)|ustom(?:Plugins|Add)Param|ombModule)|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|(?:(?:d(?:emo|bi)|facebook|webID)E|e)xportedVar|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|p(?:ersistentStorageOption|ortalSkinRule)|macro)s|o(?:idcS(?:ervice(?:DynamicRegistrationEx(?:portedVar|traClaim)s|MetaDataAuthnContext)|torageOptions)|penIdExportedVars)|a(?:(?:daptativeAuthenticationLevelR|ut(?:hChoiceMod|oSigninR))ules|pplicationList)|s(?:(?:amlStorageOption|laveExportedVar)s|essionDataToRemember|fExtra)|S(?:MTPTLSOpts|SLVarIf))'; +our $simpleHashKeys = '(?:(?:c(?:as(?:StorageOption|Attribute)|ustom(?:Plugins|Add)Param|heckUserHiddenHeader|ombModule)|l(?:o(?:calSessionStorageOption|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|(?:(?:d(?:emo|bi)|facebook|webID)E|e)xportedVar|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|p(?:ersistentStorageOption|ortalSkinRule)|macro)s|o(?:idcS(?:ervice(?:DynamicRegistrationEx(?:portedVar|traClaim)s|MetaDataAuthnContext)|torageOptions)|penIdExportedVars)|a(?:(?:daptativeAuthenticationLevelR|ut(?:hChoiceMod|oSigninR))ules|pplicationList)|s(?:(?:amlStorageOption|laveExportedVar)s|essionDataToRemember|fExtra)|S(?:MTPTLSOpts|SLVarIf))'; our $specialNodeKeys = '(?:(?:(?:saml(?:ID|S)|oidc[OR])P|cas(?:App|Srv))MetaDataNode|virtualHost)s'; our $casAppMetaDataNodeKeys = 'casAppMetaData(?:Options(?:(?:UserAttribut|Servic|Rul)e|AuthnLevel)|(?:ExportedVar|Macro)s)'; our $casSrvMetaDataNodeKeys = 'casSrvMetaData(?:Options(?:ProxiedServices|DisplayName|SortNumber|Gateway|Renew|Icon|Url)|ExportedVars)'; @@ -30,7 +30,7 @@ our $oidcOPMetaDataNodeKeys = 'oidcOPMetaData(?:Options(?:C(?:lient(?:Secret|ID) our $oidcRPMetaDataNodeKeys = 'oidcRPMetaData(?:Options(?:A(?:uth(?:orizationCodeExpiration|nLevel)|llow(?:PasswordGrant|Offline)|ccessTokenExpiration|dditionalAudiences)|I(?:DToken(?:ForceClaims|Expiration|SignAlg)|con)|R(?:e(?:directUris|freshToken|quirePKCE)|ule)|Logout(?:SessionRequired|Type|Url)|P(?:ostLogoutRedirectUris|ublic)|OfflineSessionExpiration|Client(?:Secret|ID)|BypassConsent|DisplayName|ExtraClaims|UserIDAttr)|(?:ExportedVar|Macro)s)'; our $samlIDPMetaDataNodeKeys = 'samlIDPMetaData(?:Options(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|EncryptionMod|UserAttribut|DisplayNam)e|S(?:ign(?:S[LS]OMessage|atureMethod)|toreSAMLToken|[LS]OBinding|ortNumber)|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Re(?:questedAuthnContext|solutionRule|layStateURL)|Force(?:Authn|UTF8)|I(?:sPassive|con)|NameIDFormat)|ExportedAttributes|XML)'; our $samlSPMetaDataNodeKeys = 'samlSPMetaData(?:Options(?:S(?:ign(?:S[LS]OMessage|atureMethod)|essionNotOnOrAfterTimeout)|N(?:ameID(?:SessionKey|Format)|otOnOrAfterTimeout)|(?:CheckS[LS]OMessageSignatur|OneTimeUs|Rul)e|En(?:ableIDPInitiatedURL|cryptionMode)|AuthnLevel|ForceUTF8)|(?:ExportedAttribute|Macro)s|XML)'; -our $virtualHostKeys = '(?:vhost(?:A(?:uthnLevel|liases)|(?:Maintenanc|Typ)e|ServiceTokenTTL|Https|Port)|(?:exportedHeader|locationRule)s|post)'; +our $virtualHostKeys = '(?:vhost(?:A(?:ccessToTrace|uthnLevel|liases)|(?:Maintenanc|Typ)e|ServiceTokenTTL|Https|Port)|(?:exportedHeader|locationRule)s|post)'; our $authParameters = { adParams => [qw(ADPwdMaxAge ADPwdExpireWarning)], diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Safelib.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Safelib.pm index 22a250d7d..49116ba62 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Safelib.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Safelib.pm @@ -9,6 +9,7 @@ use strict; use Encode; use MIME::Base64; use Lemonldap::NG::Common::IPv6; +use JSON::XS; #use AutoLoader qw(AUTOLOAD); @@ -18,7 +19,7 @@ our $VERSION = '2.1.0'; # Not that only functions, not methods, can be written here our $functions = [ - qw(&checkLogonHours &date &checkDate &basic &unicode2iso &iso2unicode &groupMatch &isInNet6 &varIsInUri) + qw(&checkLogonHours &date &checkDate &basic &unicode2iso &iso2unicode &groupMatch &isInNet6 &varIsInUri &has2f) ]; ## @function boolean checkLogonHours(string logon_hours, string syntax, string time_correction, boolean default_access) @@ -64,8 +65,8 @@ sub checkLogonHours { # Use time_correction if ($time_correction) { my ( $sign, $time ) = ( $time_correction =~ /([+|-]?)(\d+)/ ); - if ( $sign =~ /-/ ) { $hourpos -= $time; } - else { $hourpos += $time; } + if ( $sign =~ /-/ ) { $hourpos -= $time; } + else { $hourpos += $time; } } # Get the corresponding byte @@ -224,4 +225,26 @@ sub varIsInUri { : $uri =~ /$wanteduri$attribute/o; } +my $json = JSON::XS->new; + +sub has2f { + my ( $session, $type ) = @_; + return 0 unless ( $session->{_2fDevices} ); + + my $_2fDevices = eval { $json->decode( $session->{_2fDevices} ); }; + return 0 if ( $@ or ref($_2fDevices) ne "ARRAY" ); + + my $length = scalar @{$_2fDevices}; + + # Empty array + return 0 unless $length; + + # Array has one value and we did not specify a type, succeed + if ($type) { + my @found = grep { lc( $_->{type} ) eq lc($type) } @{$_2fDevices}; + return ( @found ? 1 : 0 ); + } + return 1; +} + 1; diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/TOTP.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/TOTP.pm index 03bb717a8..7b6cb1caf 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/TOTP.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/TOTP.pm @@ -19,8 +19,9 @@ sub verifyCode { $self->logger->error('Bad characters in TOTP secret'); return -1; } - for ( 0 .. $range ) { + for ( -$range .. $range ) { if ( $code eq $self->_code( $s, $_, $interval, $digits ) ) { + $self->userLogger->info("Codes match at range $_"); return 1; } } diff --git a/lemonldap-ng-handler/MANIFEST b/lemonldap-ng-handler/MANIFEST index 8fc91e8e3..ad86c565f 100644 --- a/lemonldap-ng-handler/MANIFEST +++ b/lemonldap-ng-handler/MANIFEST @@ -63,6 +63,7 @@ t/69-Lemonldap-NG-Handler-PSGI-SecureToken.t t/70-Lemonldap-NG-Handler-PSGI-AuthBasic.t t/71-Lemonldap-NG-Handler-PSGI-OAuth2.t t/99-pod.t +t/custom.pm t/lmConf-1.json t/sessions/lock/.exists t/test-psgi-lib.pm diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Reload.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Reload.pm index 8ddea042d..f93745ec3 100644 --- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Reload.pm +++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Reload.pm @@ -238,6 +238,8 @@ sub defaultValuesInit { $conf->{vhostOptions}->{$vhost}->{vhostAuthnLevel}; $class->tsv->{serviceTokenTTL}->{$vhost} = $conf->{vhostOptions}->{$vhost}->{vhostServiceTokenTTL}; + $class->tsv->{accessToTrace}->{$vhost} = + $conf->{vhostOptions}->{$vhost}->{vhostAccessToTrace}; } } return 1; @@ -626,6 +628,9 @@ sub substitute { # handle inGroup $expr =~ s/\binGroup\(([^)]*)\)/listMatch(\$s->{'hGroups'},$1,1)/g; + # handle has2f + $expr =~ s/\bhas2f\(([^),]*)\)/has2f(\$s,$1)/g; + return $expr; } diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm index 60979357d..70107c840 100644 --- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm +++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm @@ -105,6 +105,7 @@ sub checkType { sub run { my ( $class, $req, $rule, $protection ) = @_; my ( $id, $session ); + my $vhost = $class->resolveAlias($req); return $class->DECLINED unless ( $class->is_initial_req($req) ); @@ -149,9 +150,41 @@ sub run { # ACCOUNTING (1. Inform web server) $class->set_user( $req, $session->{ $class->tsv->{whatToTrace} } ); - $class->set_custom( $req, $session->{ $class->tsv->{customToTrace} } ) - if $class->tsv->{customToTrace} - and $session->{ $class->tsv->{customToTrace} }; + + my $custom; + $custom = $session->{ $class->tsv->{customToTrace} } + if ( $class->tsv->{customToTrace} + and $session->{ $class->tsv->{customToTrace} } ); + if ( $class->tsv->{accessToTrace}->{$vhost} ) { + my ( $function, @params ) = split /\s*,\s*/, + $class->tsv->{accessToTrace}->{$vhost}; + if ( $function =~ qr/^(?:\w+(?:::\w+)*(?:\s+\w+(?:::\w+)*)*)?$/ ) { + my $c = eval { + no strict 'refs'; + &{$function}( { + req => $req, + vhost => $vhost, + session => $session, + custom => $custom, + params => \@params + } + ); + }; + if ($@) { + $class->logger->error( + "Failed to overwrite customToTrace: $@"); + } + else { + $class->logger->debug("Overwrite customToTrace with: $c"); + $custom = $c; + } + } + else { + $class->logger->error( + "accessToTrace: Bad custom function name"); + } + } + $class->set_custom( $req, $custom ) if $custom; # AUTHORIZATION return ( $class->forbidden( $req, $session ), $session ) @@ -794,10 +827,14 @@ sub localUnlog { if ( $id //= $class->fetchId($req) ) { # Delete local cache - if ( $class->tsv->{refLocalStorage} - and $class->tsv->{refLocalStorage}->get($id) ) - { - $class->tsv->{refLocalStorage}->remove($id); + if ( $class->tsv->{sessionCacheModule} ) { + my $module = $class->tsv->{sessionCacheModule}; + my $options = $class->tsv->{sessionCacheOptions}; + eval "use $module;"; + my $cache = $module->new($options); + if ( $cache->get($id) ) { + $cache->remove($id); + } } } } diff --git a/lemonldap-ng-handler/t/12-Lemonldap-NG-Handler-Jail.t b/lemonldap-ng-handler/t/12-Lemonldap-NG-Handler-Jail.t index cc83c5408..3f9363484 100644 --- a/lemonldap-ng-handler/t/12-Lemonldap-NG-Handler-Jail.t +++ b/lemonldap-ng-handler/t/12-Lemonldap-NG-Handler-Jail.t @@ -6,7 +6,7 @@ # change 'tests => 1' to 'tests => last_test_to_print'; use strict; -use Test::More tests => 13; +use Test::More tests => 17; require 't/test.pm'; BEGIN { use_ok('Lemonldap::NG::Handler::Main::Jail') } @@ -60,3 +60,39 @@ ok( ok( $res = &$code, "Function works" ); ok( $res == 1, 'Get good result' ); +$sub = "sub { return(has2f(\$_[0],\$_[1])) }"; +$code = $jail->jail_reval($sub); +ok( + ( defined($code) and ref($code) eq 'CODE' ), + 'checkDate extended function is defined' +); +is( + $code->( { + _2fDevices => +"[{\"name\":\"MyTOTP\",\"_secret\":\"g5fsxwf4d34biemlojsbbvhgtskrssos\",\"epoch\":1602173208,\"type\":\"TOTP\"}]" + }, + "TOTP" + ), + 1, + "Function works" +); +is( + $code->( { + _2fDevices => +"[{\"name\":\"MyTOTP\",\"_secret\":\"g5fsxwf4d34biemlojsbbvhgtskrssos\",\"epoch\":1602173208,\"type\":\"TOTP\"}]" + }, + "UBK" + ), + 0, + "Function works" +); +is( + $code->( { + _2fDevices => +"[{\"name\":\"MyTOTP\",\"_secret\":\"g5fsxwf4d34biemlojsbbvhgtskrssos\",\"epoch\":1602173208,\"type\":\"TOTP\"}]" + }, + ), + 1, + "Function works" +); + diff --git a/lemonldap-ng-handler/t/13-Lemonldap-NG-Handler-Fake-Safe.t b/lemonldap-ng-handler/t/13-Lemonldap-NG-Handler-Fake-Safe.t index 2027ac4fb..2b2efcde9 100644 --- a/lemonldap-ng-handler/t/13-Lemonldap-NG-Handler-Fake-Safe.t +++ b/lemonldap-ng-handler/t/13-Lemonldap-NG-Handler-Fake-Safe.t @@ -5,7 +5,7 @@ # change 'tests => 1' to 'tests => last_test_to_print'; -use Test::More tests => 9; +use Test::More tests => 13; require 't/test.pm'; BEGIN { use_ok('Lemonldap::NG::Handler::Main::Jail') } @@ -54,3 +54,40 @@ $listMatch = $jail->jail_reval($sub5); ok( ( defined($listMatch) and ref($listMatch) eq 'CODE' ), 'listMatch function is defined' ); ok( &$listMatch eq '0', 'Get good result' ); + +# Test has2f method +my $sub6 = "sub { return(has2f(\$_[0],\$_[1])) }"; +my $has2f = $jail->jail_reval($sub6); +ok( + ( defined($has2f) and ref($has2f) eq 'CODE' ), + 'checkDate extended function is defined' +); +is( + $has2f->( { + _2fDevices => +"[{\"name\":\"MyTOTP\",\"_secret\":\"g5fsxwf4d34biemlojsbbvhgtskrssos\",\"epoch\":1602173208,\"type\":\"TOTP\"}]" + }, + "TOTP" + ), + 1, + "Function works" +); +is( + $has2f->( { + _2fDevices => +"[{\"name\":\"MyTOTP\",\"_secret\":\"g5fsxwf4d34biemlojsbbvhgtskrssos\",\"epoch\":1602173208,\"type\":\"TOTP\"}]" + }, + ), + 1, + "Function works" +); +is( + $has2f->( { + _2fDevices => +"[{\"name\":\"MyTOTP\",\"_secret\":\"g5fsxwf4d34biemlojsbbvhgtskrssos\",\"epoch\":1602173208,\"type\":\"TOTP\"}]" + }, + "UBK" + ), + 0, + "Function works" +); diff --git a/lemonldap-ng-handler/t/62-Lemonldap-NG-Handler-Nginx.t b/lemonldap-ng-handler/t/62-Lemonldap-NG-Handler-Nginx.t index 6ca9fe484..8bc69c962 100644 --- a/lemonldap-ng-handler/t/62-Lemonldap-NG-Handler-Nginx.t +++ b/lemonldap-ng-handler/t/62-Lemonldap-NG-Handler-Nginx.t @@ -4,7 +4,10 @@ use MIME::Base64; use Data::Dumper; use URI::Escape; -require 't/test-psgi-lib.pm'; +BEGIN { + require 't/test-psgi-lib.pm'; + require 't/custom.pm'; +} init('Lemonldap::NG::Handler::Server::Nginx'); @@ -31,6 +34,28 @@ count(4); # Authentified queries # -------------------- +# Authorized query +ok( + $res = + $client->_get( '/', undef, 'test4.example.com', "lemonldap=$sessionId" ), + 'Authentified query' +); +ok( $res->[0] == 200, 'Code is 200' ) or explain( $res->[0], 200 ); +count(2); + +# Check headers +%h = @{ $res->[1] }; +ok( + $h{'Lm-Remote-Custom'} eq +'dwho@badwolf.org alias Doctor_Who:users; timelords by using Mozilla/5.0 (X11; VAX4000; rv:43.0) Gecko/20100101 Firefox/143.0 Iceweasel/143.0.1', + 'Lm-Remote-Custom is overwriten' + ) + or explain( + \%h, +'Lm-Remote-Custom => "dwho@badwolf.org alias Doctor_Who:users; timelords by using Mozilla/5.0 (X11; VAX4000; rv:43.0) Gecko/20100101 Firefox/143.0 Iceweasel/143.0.1"' + ); +count(1); + # Authorized query ok( $res = $client->_get( '/', undef, undef, "lemonldap=$sessionId" ), 'Authentified query' ); @@ -43,7 +68,11 @@ ok( $h{'Headername1'} eq 'Auth-User', 'Headername1 is set to "Auth-User"' ) or explain( \%h, 'Headername1 => "Auth-User"' ); ok( $h{'Headervalue1'} eq 'dwho', 'Headervalue1 is set to "dwho"' ) or explain( \%h, 'Headervalue1 => "dwho"' ); -count(2); +ok( + $h{'Lm-Remote-Custom'} eq 'dwho@badwolf.org', + 'Lm-Remote-Custom is set "dwho@badwolf.org"' +) or explain( \%h, 'Lm-Remote-User => "dwho@badwolf.org"' ); +count(3); # Request an URI protected by custom function -> allowed ok( diff --git a/lemonldap-ng-handler/t/66-Lemonldap-NG-Handler-PSGI-wildcard.t b/lemonldap-ng-handler/t/66-Lemonldap-NG-Handler-PSGI-wildcard.t index 2af79884a..642eb7339 100644 --- a/lemonldap-ng-handler/t/66-Lemonldap-NG-Handler-PSGI-wildcard.t +++ b/lemonldap-ng-handler/t/66-Lemonldap-NG-Handler-PSGI-wildcard.t @@ -4,6 +4,7 @@ use MIME::Base64; BEGIN { require 't/test-psgi-lib.pm'; + require 't/custom.pm'; } init('Lemonldap::NG::Handler::PSGI'); @@ -39,7 +40,6 @@ ok( 'Authentified query' ); ok( $res->[0] == 200, 'Code is 200' ) or explain( $res, 200 ); - count(2); # Denied query @@ -50,7 +50,6 @@ ok( 'Denied query' ); ok( $res->[0] == 403, 'Code is 403' ) or explain( $res->[0], 403 ); - count(2); # Bad cookie @@ -67,11 +66,9 @@ ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 ); unlink( 't/sessions/lock/Apache-Session-e5eec18ebb9bc96352595e2d8ce962e8ecf7af7c9a98cb9a43f9cd181cf4b545.lock' ); - count(2); done_testing( count() ); - clean(); sub Lemonldap::NG::Handler::PSGI::handler { diff --git a/lemonldap-ng-handler/t/custom.pm b/lemonldap-ng-handler/t/custom.pm new file mode 100644 index 000000000..2c000893a --- /dev/null +++ b/lemonldap-ng-handler/t/custom.pm @@ -0,0 +1,16 @@ +package My; + +sub accessToTrace { + my $hash = shift; + my $custom = $hash->{custom}; + my $req = $hash->{req}; + my $vhost = $hash->{vhost}; + my $custom = $hash->{custom}; + my $params = $hash->{params}; + my $session = $hash->{session}; + + return +"$custom alias $params->[0]_$params->[1]:$session->{groups} by using $session->{ $params->[2] }"; +} + +1; diff --git a/lemonldap-ng-handler/t/lmConf-1.json b/lemonldap-ng-handler/t/lmConf-1.json index 9186ea3c4..ecc4c948c 100644 --- a/lemonldap-ng-handler/t/lmConf-1.json +++ b/lemonldap-ng-handler/t/lmConf-1.json @@ -59,6 +59,9 @@ "^/logout": "logout_sso", "default": "accept" }, + "test4.example.com": { + "default": "accept" + }, "*.example.org": { "^/orgdeny": "deny", "default": "accept" @@ -74,15 +77,20 @@ } }, "macros": { - "_whatToTrace": "$_auth eq 'SAML' ? \"$_user\\@$_idpConfKey\" : \"$_user\"" + "_whatToTrace": "$_auth eq 'SAML' ? \"$_user\\@$_idpConfKey\" : \"$_user\"", + "UA": "$ENV{HTTP_USER_AGENT}" }, "portal": "http://auth.example.com/", "reloadUrls": {}, "userDB": "Demo", "vhostOptions": { "test2.example.com": { - "vhostAuthnLevel": 5 - } + "vhostAuthnLevel": 5 + }, + "test4.example.com": { + "vhostAccessToTrace": "My::accessToTrace, Doctor, Who, UA" + } }, - "whatToTrace": "_whatToTrace" + "whatToTrace": "_whatToTrace", + "customToTrace": "mail" } diff --git a/lemonldap-ng-manager/MANIFEST b/lemonldap-ng-manager/MANIFEST index 10c90d32c..fad8225e7 100644 --- a/lemonldap-ng-manager/MANIFEST +++ b/lemonldap-ng-manager/MANIFEST @@ -196,17 +196,20 @@ site/htdocs/static/js/viewer.min.js.map site/htdocs/static/languages/ar.json site/htdocs/static/languages/de.json site/htdocs/static/languages/en.json +site/htdocs/static/languages/es.json site/htdocs/static/languages/fr.json site/htdocs/static/languages/it.json site/htdocs/static/languages/pl.json site/htdocs/static/languages/tr.json site/htdocs/static/languages/vi.json site/htdocs/static/languages/zh.json +site/htdocs/static/languages/zh_TW.json site/htdocs/static/logos/ar.png site/htdocs/static/logos/bootstrap.png site/htdocs/static/logos/custom.png site/htdocs/static/logos/de.png site/htdocs/static/logos/en.png +site/htdocs/static/logos/es.png site/htdocs/static/logos/favicon.ico site/htdocs/static/logos/fr.png site/htdocs/static/logos/it.png @@ -216,6 +219,7 @@ site/htdocs/static/logos/pl.png site/htdocs/static/logos/tr.png site/htdocs/static/logos/vi.png site/htdocs/static/logos/zh.png +site/htdocs/static/logos/zh_TW.png site/htdocs/static/reverseTree.json site/htdocs/static/struct.json site/templates/2ndfa.tpl diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager.pm index 264476f63..0316e6582 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager.pm @@ -10,7 +10,7 @@ # Sessions.pm to manage sessions package Lemonldap::NG::Manager; -use 5.10.0; +use strict; use utf8; use Mouse; use JSON; diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/2ndFA.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/2ndFA.pm index 409c85b92..0e67a1039 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/2ndFA.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/2ndFA.pm @@ -1,6 +1,5 @@ package Lemonldap::NG::Manager::2ndFA; -use 5.10.0; use utf8; use strict; use Mouse; @@ -12,9 +11,11 @@ use Lemonldap::NG::Common::Conf::ReConstants; use feature 'state'; -extends 'Lemonldap::NG::Manager::Plugin', - 'Lemonldap::NG::Common::Conf::AccessLib', - 'Lemonldap::NG::Common::Session::REST'; +extends qw( + Lemonldap::NG::Manager::Plugin + Lemonldap::NG::Common::Session::REST + Lemonldap::NG::Common::Conf::AccessLib +); our $VERSION = '2.1.0'; diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api.pm index 25e2fef38..8727a091f 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api.pm @@ -1,13 +1,15 @@ # This module implements all the methods that responds to '/api/*' requests package Lemonldap::NG::Manager::Api; -use 5.10.0; +use strict; use utf8; use Mouse; -extends 'Lemonldap::NG::Manager::Plugin', - 'Lemonldap::NG::Common::Conf::RESTServer', - 'Lemonldap::NG::Common::Session::REST'; +extends qw( + Lemonldap::NG::Manager::Plugin + Lemonldap::NG::Common::Session::REST + Lemonldap::NG::Common::Conf::RESTServer +); use Lemonldap::NG::Manager::Api::2F; use Lemonldap::NG::Manager::Api::Misc; diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/2F.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/2F.pm index a14c26b1d..bdaf923c4 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/2F.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/2F.pm @@ -4,7 +4,7 @@ our $VERSION = '2.1.0'; package Lemonldap::NG::Manager::Api; -use 5.10.0; +use strict; use utf8; use Mouse; use JSON; diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Common.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Common.pm index b49429838..08b2c6cb7 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Common.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Common.pm @@ -4,6 +4,7 @@ our $VERSION = '2.1.0'; package Lemonldap::NG::Manager::Api; +use strict; use Lemonldap::NG::Manager::Build::Attributes; use Lemonldap::NG::Manager::Build::CTrees; @@ -26,7 +27,7 @@ sub _getDefaultValues { my $defaultAttrs = Lemonldap::NG::Manager::Build::Attributes::attributes(); my $attrs = {}; - foreach $attr (@allAttrs) { + foreach my $attr (@allAttrs) { $attrs->{$attr} = $defaultAttrs->{$attr}->{default} if ( defined $defaultAttrs->{$attr} && defined $defaultAttrs->{$attr}->{default} ); @@ -39,7 +40,7 @@ sub _hasAllowedAttributes { my ( $self, $attributes, $rootNode ) = @_; my @allowedAttributes = $self->_listAttributes($rootNode); - foreach $attribute ( keys %{$attributes} ) { + foreach my $attribute ( keys %{$attributes} ) { if ( length( ref($attribute) ) ) { return { res => "ko", diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Menu/App.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Menu/App.pm index d1c653b50..4ad550527 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Menu/App.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Menu/App.pm @@ -4,11 +4,10 @@ our $VERSION = '2.1.0'; package Lemonldap::NG::Manager::Api; -use 5.10.0; +use strict; use utf8; use Mouse; use Lemonldap::NG::Manager::Conf::Parser; -use Data::Dumper; extends 'Lemonldap::NG::Manager::Api::Common'; diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Menu/Cat.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Menu/Cat.pm index 27e1c2128..6206d1ee6 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Menu/Cat.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Menu/Cat.pm @@ -4,7 +4,7 @@ our $VERSION = '2.1.0'; package Lemonldap::NG::Manager::Api; -use 5.10.0; +use strict; use utf8; use Mouse; use Lemonldap::NG::Manager::Conf::Parser; diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Misc.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Misc.pm index 2904738bb..950bce353 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Misc.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Misc.pm @@ -5,6 +5,7 @@ our $VERSION = '2.1.0'; package Lemonldap::NG::Manager::Api; +use strict; use Mouse; extends 'Lemonldap::NG::Manager::Api::Common'; diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/CasApp.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/CasApp.pm index 785578fe3..1f9f86691 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/CasApp.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/CasApp.pm @@ -4,7 +4,7 @@ our $VERSION = '2.1.0'; package Lemonldap::NG::Manager::Api; -use 5.10.0; +use strict; use utf8; use Mouse; use Lemonldap::NG::Manager::Conf::Parser; diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/OidcRp.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/OidcRp.pm index c88d05476..b982aefea 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/OidcRp.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/OidcRp.pm @@ -4,7 +4,7 @@ our $VERSION = '2.1.0'; package Lemonldap::NG::Manager::Api; -use 5.10.0; +use strict; use utf8; use Mouse; use Lemonldap::NG::Manager::Conf::Parser; diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/SamlSp.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/SamlSp.pm index 40084a578..80bc3363a 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/SamlSp.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/SamlSp.pm @@ -4,7 +4,7 @@ our $VERSION = '2.1.0'; package Lemonldap::NG::Manager::Api; -use 5.10.0; +use strict; use utf8; use Mouse; diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm index fff19a497..ee6abfee6 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm @@ -22,10 +22,9 @@ sub perlExpr { grep( { $_ =~ /(?:Undefined subroutine|Devel::StackTrace)/ ? () : $_; } split( /\n/, $@, 0 ) ) ); - return -1, "__badExpression__: $err" if $err; + return -1, "__badExpression__: $err" if $err and $conf->{'useSafeJail'}; return $val =~ qr/(?<=[^=\|\?])=(?![=~])/ - ? ( -1, '__badExpressionAssignment__' ) - : 1; + && $conf->{'avoidAssignment'} ? ( 1, '__badExpressionAssignment__' ) : 1; } sub types { @@ -642,6 +641,10 @@ sub attributes { 'default' => 'TOTP,U2F,Yubikey', 'type' => 'text' }, + 'avoidAssignment' => { + 'default' => 0, + 'type' => 'bool' + }, 'browsersDontStorePassword' => { 'default' => 0, 'type' => 'bool' @@ -891,6 +894,18 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.] 'default' => '_loginHistory _session_id hGroups', 'type' => 'text' }, + 'checkUserHiddenHeaders' => { + 'keyMsgFail' => '__badHostname__', + 'keyTest' => qr/^\S+$/, + 'test' => { + 'keyMsgFail' => '__badHeaderName__', + 'keyTest' => qr/^(?=[^\-])[\w\-\s]+(?<=[^-])$/, + 'test' => sub { + return perlExpr(@_); + } + }, + 'type' => 'keyTextContainer' + }, 'checkUserIdRule' => { 'default' => 1, 'test' => sub { @@ -1906,6 +1921,9 @@ m[^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: 'mail2fLogo' => { 'type' => 'text' }, + 'mail2fSessionKey' => { + 'type' => 'text' + }, 'mail2fSubject' => { 'type' => 'text' }, @@ -4144,6 +4162,10 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a- 'utotp2fLogo' => { 'type' => 'text' }, + 'vhostAccessToTrace' => { + 'default' => '', + 'type' => 'text' + }, 'vhostAliases' => { 'default' => '', 'type' => 'text' diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm index 8a553114a..0a4a292ef 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm @@ -27,9 +27,10 @@ sub perlExpr { my $err = join( '', grep { $_ =~ /(?:Undefined subroutine|Devel::StackTrace)/ ? () : $_ } split( /\n/, $@ ) ); - return ( -1, "__badExpression__: $err" ) if $err; - return $val =~ qr/(?<=[^=\|\?])=(?![=~])/ - ? ( -1, "__badExpressionAssignment__" ) + return ( -1, "__badExpression__: $err" ) + if ( $err && $conf->{useSafeJail} ); + return ( $val =~ qr/(?<=[^=\|\?])=(?![=~])/ && $conf->{avoidAssignment} ) + ? ( 1, "__badExpressionAssignment__" ) : 1; } @@ -516,6 +517,17 @@ sub attributes { documentation => 'Display empty headers rule', flags => 'p', }, + checkUserHiddenHeaders => { + type => 'keyTextContainer', + keyTest => qr/^\S+$/, + keyMsgFail => '__badHostname__', + test => { + keyTest => qr/^(?=[^\-])[\w\-\s]+(?<=[^-])$/, + keyMsgFail => '__badHeaderName__', + test => sub { return perlExpr(@_) }, + }, + documentation => 'Header values to hide if not empty', + }, globalLogoutRule => { type => 'boolOrExpr', default => 0, @@ -1062,6 +1074,13 @@ sub attributes { documentation => 'Activate Safe jail', flags => 'hp', }, + avoidAssignment => { + default => 0, + type => 'bool', + help => 'safejail.html', + documentation => 'Avoid assignment in expressions', + flags => 'hp', + }, whatToTrace => { type => 'lmAttrOrMacro', default => 'uid', @@ -1878,6 +1897,10 @@ sub attributes { type => 'text', documentation => 'Custom logo for Mail 2F', }, + mail2fSessionKey => { + type => 'text', + documentation => 'Session parameter where mail is stored', + }, # External second factor ext2fActivation => { @@ -2239,8 +2262,9 @@ sub attributes { type => 'int', default => -1, }, - vhostAliases => { type => 'text', default => '' }, - vhostType => { + vhostAccessToTrace => { type => 'text', default => '' }, + vhostAliases => { type => 'text', default => '' }, + vhostType => { type => 'select', select => [ { k => 'AuthBasic', v => 'AuthBasic' }, diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm index 0023f9a6b..dab515100 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm @@ -27,10 +27,10 @@ sub cTrees { help => 'configvhost.html#options', form => 'simpleInputContainer', nodes => [ - 'vhostPort', 'vhostHttps', - 'vhostMaintenance', 'vhostAliases', - 'vhostType', 'vhostAuthnLevel', - 'vhostServiceTokenTTL' + 'vhostPort', 'vhostHttps', + 'vhostMaintenance', 'vhostAliases', + 'vhostAccessToTrace', 'vhostType', + 'vhostAuthnLevel', 'vhostServiceTokenTTL' ], }, ], diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm index 9cab44a9b..e2d585d8a 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm @@ -271,7 +271,7 @@ sub tree { 'managerDn', 'managerPassword', 'ldapTimeout', 'ldapIOTimeout', 'ldapVersion', 'ldapRaw', - 'ldapCAFile', 'ldapCAPath', + 'ldapCAFile', 'ldapCAPath', ] }, { @@ -553,10 +553,8 @@ sub tree { title => 'logParams', help => 'logs.html', form => 'simpleInputContainer', - nodes => [ - 'whatToTrace', 'customToTrace', - 'hiddenAttributes' - ] + nodes => + [ 'whatToTrace', 'customToTrace', 'hiddenAttributes' ] }, { title => 'cookieParams', @@ -772,7 +770,6 @@ sub tree { { title => 'checkUsers', help => 'checkuser.html', - form => 'simpleInputContainer', nodes => [ 'checkUser', 'checkUserIdRule', @@ -783,6 +780,7 @@ sub tree { 'checkUserDisplayEmptyHeaders', 'checkUserDisplayEmptyValues', 'checkUserDisplayPersistentInfo', + 'checkUserHiddenHeaders' ] }, { @@ -900,6 +898,7 @@ sub tree { 'mail2fTimeout', 'mail2fSubject', 'mail2fBody', 'mail2fAuthnLevel', 'mail2fLabel', 'mail2fLogo', + 'mail2fSessionKey', ] }, { @@ -991,6 +990,7 @@ sub tree { 'key', 'trustedDomains', 'useSafeJail', + 'avoidAssignment', 'checkXSS', 'requireToken', 'formTimeout', diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf.pm index 1702fc6a8..6b20e3364 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf.pm @@ -6,7 +6,7 @@ # Read methods are inherited from Lemonldap::NG::Common::Conf::RESTServer package Lemonldap::NG::Manager::Conf; -use 5.10.0; +use strict; use utf8; use Mouse; use Lemonldap::NG::Common::Conf::Constants; diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm index f1987ab50..163432a7f 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Tests.pm @@ -1,5 +1,6 @@ package Lemonldap::NG::Manager::Conf::Tests; +use strict; use utf8; use Lemonldap::NG::Common::Regexp; use Lemonldap::NG::Handler::Main; @@ -449,7 +450,7 @@ sub tests { "RSA_SHA1" ) { undef $allsha1; - break; + last; } } } @@ -461,7 +462,7 @@ sub tests { ->{samlSPMetaDataOptionsSignatureMethod} ne "RSA_SHA1" ) { undef $allsha1; - break; + last; } } } @@ -865,8 +866,7 @@ sub tests { $appUrl =~ m#^(https?://[^/]+)(/.*)?$#; my $appHost = $1; unless ($appHost) { - push @msg, - "$clientConfKey CAS Application has no Service URL"; + push @msg, "$casConfKey CAS Application has no Service URL"; $res = 0; next; } diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Notifications.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Notifications.pm index 08a465465..e6d6d9360 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Notifications.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Notifications.pm @@ -1,6 +1,6 @@ package Lemonldap::NG::Manager::Notifications; -use 5.10.0; +use strict; use utf8; use Mouse; use JSON qw(from_json to_json); diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Sessions.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Sessions.pm index 1d039b5b5..e2f1e8fc4 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Sessions.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Sessions.pm @@ -1,6 +1,5 @@ package Lemonldap::NG::Manager::Sessions; -use 5.10.0; use utf8; use strict; use Mouse; diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Viewer.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Viewer.pm index 1398d2ecf..c25e7ae6d 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Viewer.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Viewer.pm @@ -1,6 +1,6 @@ package Lemonldap::NG::Manager::Viewer; -use 5.10.0; +use strict; use utf8; use Mouse; use Lemonldap::NG::Common::Conf::Constants; diff --git a/lemonldap-ng-manager/site/coffee/manager.coffee b/lemonldap-ng-manager/site/coffee/manager.coffee index 399e26482..570c148c9 100644 --- a/lemonldap-ng-manager/site/coffee/manager.coffee +++ b/lemonldap-ng-manager/site/coffee/manager.coffee @@ -577,7 +577,9 @@ llapp.controller 'TreeCtrl', [ d = $q.defer() d.notify 'Trying to get datas' $scope.waiting = true - $http.get("#{window.confPrefix}#{$scope.currentCfg.cfgNum}/#{node.cnodes}").then (response) -> + console.log "Trying to get key #{node.cnodes}" + uri = encodeURI node.cnodes + $http.get("#{window.confPrefix}#{$scope.currentCfg.cfgNum}/#{uri}").then (response) -> data = response.data # Manage datas errors if not data @@ -759,7 +761,13 @@ llapp.controller 'TreeCtrl', [ d.reject response.statusLine $scope.waiting = false else - $http.get("#{window.confPrefix}#{$scope.currentCfg.cfgNum}/#{if node.get then node.get else node.title}").then (response) -> + uri = '' + if node.get + console.log "Trying to get key #{node.get}" + uri = encodeURI node.get + else + console.log "Trying to get title #{node.title}" + $http.get("#{window.confPrefix}#{$scope.currentCfg.cfgNum}/#{if node.get then uri else node.title}").then (response) -> # Set default value if response is null or if asked by server data = response.data if (data.value == null or (data.error and data.error.match /setDefault$/ ) ) and node['default'] != null diff --git a/lemonldap-ng-manager/site/coffee/viewer.coffee b/lemonldap-ng-manager/site/coffee/viewer.coffee index c31458949..e623eb253 100644 --- a/lemonldap-ng-manager/site/coffee/viewer.coffee +++ b/lemonldap-ng-manager/site/coffee/viewer.coffee @@ -258,7 +258,9 @@ llapp.controller 'TreeCtrl', [ d = $q.defer() d.notify 'Trying to get datas' $scope.waiting = true - $http.get("#{window.viewPrefix}#{$scope.currentCfg.cfgNum}/#{node.cnodes}").then (response) -> + console.log "Trying to get key #{node.cnodes}" + uri = encodeURI node.cnodes + $http.get("#{window.confPrefix}#{$scope.currentCfg.cfgNum}/#{uri}").then (response) -> data = response.data # Manage datas errors if not data @@ -360,7 +362,13 @@ llapp.controller 'TreeCtrl', [ d.reject response.statusLine $scope.waiting = false else - $http.get("#{window.viewPrefix}#{$scope.currentCfg.cfgNum}/#{if node.get then node.get else node.title}").then (response) -> + uri = '' + if node.get + console.log "Trying to get key #{node.get}" + uri = encodeURI node.get + else + console.log "Trying to get title #{node.title}" + $http.get("#{window.confPrefix}#{$scope.currentCfg.cfgNum}/#{if node.get then uri else node.title}").then (response) -> # Set default value if response is null or if asked by server data = response.data if (data.value == null or (data.error and data.error.match /setDefault$/ ) ) and node['default'] != null diff --git a/lemonldap-ng-manager/site/htdocs/static/js/2ndfa.min.js b/lemonldap-ng-manager/site/htdocs/static/js/2ndfa.min.js index af6c514bf..45d17ec3a 100644 --- a/lemonldap-ng-manager/site/htdocs/static/js/2ndfa.min.js +++ b/lemonldap-ng-manager/site/htdocs/static/js/2ndfa.min.js @@ -1 +1,5 @@ -(function(){var r={_whatToTrace:[function(e,t){return"groupBy=substr("+e+",1)"},function(e,t){return e+"="+t+"*"}]},d={_whatToTrace:function(e,t,n,a){return console.log("overSchema => level",n,"over",a),1===n&&t.length>a?e+"="+t+"*&groupBy=substr("+e+","+(n+a+1)+")":null}},v={dateTitle:["_utime","_startTime","_updateTime"],sfaTitle:["_2fDevices"]},i={home:[]};angular.module("llngSessionsExplorer",["ui.tree","ui.bootstrap","llApp"]).controller("SessionsExplorerCtrl",["$scope","$translator","$location","$q","$http",function(_,t,e,n,h){var p,a,f;return _.links=links,_.menulinks=menulinks,_.staticPrefix=staticPrefix,_.scriptname=scriptname,_.formPrefix=formPrefix,_.availableLanguages=availableLanguages,_.waiting=!0,_.showM=!1,_.showT=!0,_.data=[],_.currentScope=null,_.currentSession=null,_.menu=i,_.searchString="",_.U2FCheck="1",_.TOTPCheck="1",_.UBKCheck="1",_.translateP=t.translateP,_.translate=t.translate,_.translateTitle=function(e){return t.translateField(e,"title")},f="persistent",_.menuClick=function(e){if(e.popup)window.open(e.popup);else switch(e.action||(e.action=e.title),typeof e.action){case"function":e.action(_.currentNode,_),_[e.action]();break;case"string":_[e.action]();break;default:console.log(typeof e.action)}return _.showM=!1},_.search2FA=function(e){return e&&(_.searchString=""),_.currentSession=null,_.data=[],_.updateTree2("",_.data,0,0)},_.delete2FA=function(e,t){for(var n=document.querySelectorAll(".data-"+t),a=0,r=n.length;a level",n,"over",a),1===n&&t.length>a?e+"="+t+"*&groupBy=substr("+e+","+(n+a+1)+")":null}},v={dateTitle:["_utime","_startTime","_updateTime"],sfaTitle:["_2fDevices"]},i={home:[]};angular.module("llngSessionsExplorer",["ui.tree","ui.bootstrap","llApp"]).controller("SessionsExplorerCtrl",["$scope","$translator","$location","$q","$http",function(_,t,e,n,h){var p,a,f;return _.links=links,_.menulinks=menulinks,_.staticPrefix=staticPrefix,_.scriptname=scriptname,_.formPrefix=formPrefix,_.availableLanguages=availableLanguages,_.waiting=!0,_.showM=!1,_.showT=!0,_.data=[],_.currentScope=null,_.currentSession=null,_.menu=i,_.searchString="",_.U2FCheck="1",_.TOTPCheck="1",_.UBKCheck="1",_.translateP=t.translateP,_.translate=t.translate,_.translateTitle=function(e){return t.translateField(e,"title")},f="persistent",_.menuClick=function(e){if(e.popup)window.open(e.popup);else switch(e.action||(e.action=e.title),typeof e.action){case"function":e.action(_.currentNode,_),_[e.action]();break;case"string":_[e.action]();break;default:console.log(typeof e.action)}return _.showM=!1},_.search2FA=function(e){return e&&(_.searchString=""),_.currentSession=null,_.data=[],_.updateTree2("",_.data,0,0)},_.delete2FA=function(e,t){for(var n=document.querySelectorAll(".data-"+t),a=0,r=n.length;a level",n,"over",a),1===n&&t.length>a?e+"="+t+"*&groupBy=substr("+e+","+(n+a+1)+")":null}},S={dateTitle:["_utime","_startTime","_updateTime"],sfaTitle:["_2fDevices"]},o={home:[]},angular.module("llngSessionsExplorer",["ui.tree","ui.bootstrap","llApp"]).controller("SessionsExplorerCtrl",["$scope","$translator","$location","$q","$http",function(k,t,e,n,i){var p,a,r,d;return k.links=links,k.menulinks=menulinks,k.staticPrefix=staticPrefix,k.scriptname=scriptname,k.formPrefix=formPrefix,k.availableLanguages=availableLanguages,k.waiting=!0,k.showM=!1,k.showT=!0,k.data=[],k.currentScope=null,k.currentSession=null,k.menu=o,k.searchString="",k.U2FCheck="1",k.TOTPCheck="1",k.UBKCheck="1",k.translateP=t.translateP,k.translate=t.translate,k.translateTitle=function(e){return t.translateField(e,"title")},d="persistent",k.menuClick=function(e){if(e.popup)window.open(e.popup);else switch(e.action||(e.action=e.title),typeof e.action){case"function":e.action(k.currentNode,k),k[e.action]();break;case"string":k[e.action]();break;default:console.log(typeof e.action)}return k.showM=!1},k.search2FA=function(e){return e&&(k.searchString=""),k.currentSession=null,k.data=[],k.updateTree2("",k.data,0,0)},k.delete2FA=function(e,t){var n,a,r;for(n=0,r=(a=document.querySelectorAll(".data-"+t)).length;n>>>>>> v2.0 diff --git a/lemonldap-ng-manager/site/htdocs/static/js/2ndfa.min.js.map b/lemonldap-ng-manager/site/htdocs/static/js/2ndfa.min.js.map index 6ba84be39..cf3189f23 100644 --- a/lemonldap-ng-manager/site/htdocs/static/js/2ndfa.min.js.map +++ b/lemonldap-ng-manager/site/htdocs/static/js/2ndfa.min.js.map @@ -1 +1,5 @@ -{"version":3,"sources":["2ndfa.js"],"names":["schemes","_whatToTrace","t","v","overScheme","level","over","console","log","length","categories","dateTitle","sfaTitle","menu","home","angular","module","controller","$scope","$translator","$location","$q","$http","autoId","pathEvent","sessionType","links","menulinks","staticPrefix","scriptname","formPrefix","availableLanguages","waiting","showM","showT","data","currentScope","currentSession","searchString","U2FCheck","TOTPCheck","UBKCheck","translateP","translate","translateTitle","node","translateField","menuClick","button","popup","window","open","action","title","currentNode","search2FA","clear","updateTree2","delete2FA","type","epoch","items","document","querySelectorAll","i","len","remove","id","then","response","resp","stoggle","scope","$modelValue","nodes","updateTree","value","query","count","toggle","displaySession","transformSession","session","array","attr","attrs","category","k","key","len1","name","pattern","res","sfDevice","subres","time","_utime","_session_id","match","split","RegExp","localeDate","arrayDate","toString","push","JSON","parse","sessionId","get","s","Date","toLocaleString","getLanguage","lang","form","init","event","next","current","n","$on","currentQuery","scheme","tmp","ref","result","values","total","_startTime","all","activeModule","myStyle","color","c","path","call","this"],"mappings":"CAMA,WACE,IAyBAA,EAAU,CACRC,aAAc,CACZ,SAASC,EAAGC,GACV,MAAO,kBAAoBD,EAAI,OAC9B,SAASA,EAAGC,GACb,OAAOD,EAAI,IAAMC,EAAI,OAK3BC,EAAa,CACXH,aAAc,SAASC,EAAGC,EAAGE,EAAOC,GAElC,OADAC,QAAQC,IAAI,sBAAuBH,EAAO,OAAQC,GACpC,IAAVD,GAAeF,EAAEM,OAASH,EACrBJ,EAAI,IAAMC,EAAI,oBAAsBD,EAAI,KAAOG,EAAQC,EAAO,GAAK,IAEnE,OAObI,EAAa,CACXC,UAAW,CAAC,SAAU,aAAc,eACpCC,SAAU,CAAC,eAGbC,EAAO,CACLC,KAAM,IAQAC,QAAQC,OAAO,uBAAwB,CAAC,UAAW,eAAgB,UAErEC,WAAW,uBAAwB,CACvC,SAAU,cAAe,YAAa,KAAM,QAAS,SAASC,EAAQC,EAAaC,EAAWC,EAAIC,GAChG,IAAIC,EAAWC,EAAWC,EA2T1B,OA1TAP,EAAOQ,MAAQA,MACfR,EAAOS,UAAYA,UACnBT,EAAOU,aAAeA,aACtBV,EAAOW,WAAaA,WACpBX,EAAOY,WAAaA,WACpBZ,EAAOa,mBAAqBA,mBAC5Bb,EAAOc,SAAU,EACjBd,EAAOe,OAAQ,EACff,EAAOgB,OAAQ,EACfhB,EAAOiB,KAAO,GACdjB,EAAOkB,aAAe,KACtBlB,EAAOmB,eAAiB,KACxBnB,EAAOL,KAAOA,EACdK,EAAOoB,aAAe,GACtBpB,EAAOqB,SAAW,IAClBrB,EAAOsB,UAAY,IACnBtB,EAAOuB,SAAW,IAClBvB,EAAOwB,WAAavB,EAAYuB,WAChCxB,EAAOyB,UAAYxB,EAAYwB,UAC/BzB,EAAO0B,eAAiB,SAASC,GAC/B,OAAO1B,EAAY2B,eAAeD,EAAM,UAE1CpB,EAAc,aACdP,EAAO6B,UAAY,SAASC,GAC1B,GAAIA,EAAOC,MACTC,OAAOC,KAAKH,EAAOC,YAKnB,OAHKD,EAAOI,SACVJ,EAAOI,OAASJ,EAAOK,cAEVL,EAAOI,QACpB,IAAK,WACHJ,EAAOI,OAAOlC,EAAOoC,YAAapC,GAClCA,EAAO8B,EAAOI,UACd,MACF,IAAK,SACHlC,EAAO8B,EAAOI,UACd,MACF,QACE7C,QAAQC,WAAWwC,EAAOI,QAGhC,OAAOlC,EAAOe,OAAQ,GAExBf,EAAOqC,UAAY,SAASC,GAM1B,OALIA,IACFtC,EAAOoB,aAAe,IAExBpB,EAAOmB,eAAiB,KACxBnB,EAAOiB,KAAO,GACPjB,EAAOuC,YAAY,GAAIvC,EAAOiB,KAAM,EAAG,IAEhDjB,EAAOwC,UAAY,SAASC,EAAMC,GAGhC,IAFA,IACAC,EAAQC,SAASC,iBAAiB,SAAWH,GACxCI,EAAI,EAAGC,EAAMJ,EAAMpD,OAAQuD,EAAIC,EAAKD,IACnCH,EAAMG,GACRE,SAQJ,OANAhD,EAAOc,SAAU,EACjBV,EAAc,OAAEO,WAAa,OAASJ,EAAc,IAAMP,EAAOmB,eAAe8B,GAAK,SAAWR,EAAO,UAAYC,GAAOQ,KAAK,SAASC,GACtI,OAAOnD,EAAOc,SAAU,GACvB,SAASsC,GACV,OAAOpD,EAAOc,SAAU,IAEnBd,EAAOgB,OAAQ,GAExBhB,EAAOqD,QAAU,SAASC,GACxB,IACA3B,EAAO2B,EAAMC,YAIb,OAH0B,IAAtB5B,EAAK6B,MAAMjE,QACbS,EAAOyD,WAAW9B,EAAK+B,MAAO/B,EAAK6B,MAAO7B,EAAKxC,MAAOwC,EAAKvC,KAAMuC,EAAKgC,MAAOhC,EAAKiC,OAE7EN,EAAMO,UAEf7D,EAAO8D,eAAiB,SAASR,GAC/B,IACAS,EAAmB,SAASC,GAC1B,IAAuBC,EAAkBC,EAAMC,EAAOC,EAAU1B,EAAOI,EAAOuB,EAAGC,EAAKvB,EAAKwB,EAAMC,EAAMC,EAASC,EAAKC,EAAUC,EAAczC,EAAOuB,EAyBpJmB,EAAOb,EAAQc,OACf7B,EAAKe,EAAQe,YACb,IAAKT,KAAON,GACVN,EAAQM,EAAQM,KAIS,iBAAZN,GAAwBN,EAAMsB,MAAM,QAC7ChB,EAAQM,GAAOZ,EAAMuB,MAAM,OAED,iBAAjBjB,EAAQM,KAtIZ,YAuIgBU,MAAM,IAAIE,OAAO,KAAOZ,EAAM,OACjDN,EAAQM,GAAO,WACNA,EAAIU,MAAM,qDACnBhB,EAAQM,GAAOtE,EAAOmF,WAAWzB,GACxBY,EAAIU,MAAM,gCAEnBP,EAAU,+CACVW,EAAY1B,EAAMsB,MAAMP,GACxBT,EAAQM,GAAOc,EAAU,GAAK,IAAMA,EAAU,GAAK,IAAMA,EAAU,GAAK,MAAQA,EAAU,GAAK,IAAMA,EAAU,GAAK,IAAMA,EAAU,aAdjIpB,EAAQM,GAoBnB,IAAKF,KADLM,EAAM,GACWlF,EAAY,CAG3B,IADAoF,EAAS,GACJ9B,EAAI,EAAGC,GAFZoB,EAAQ3E,EAAW4E,IAEK7E,OAAQuD,EAAIC,EAAKD,IAEvC,GADAoB,EAAOC,EAAMrB,GACTkB,EAAQE,GACV,GAAIF,EAAQE,GAAMmB,WAAWL,MAAM,gCAAiC,CAOlE,IANAJ,EAAOU,KAAK,CACVnD,MAAO,OACPuB,MAAO,OACPhB,MAAO,SAGJ2B,EAAI,EAAGE,GADZN,EAAQsB,KAAKC,MAAMxB,EAAQE,KACF3E,OAAQ8E,EAAIE,EAAMF,IAAK,CAE9C,IAAKC,KADLK,EAAWV,EAAMI,GAEfX,EAAQiB,EAASL,GACL,SAARA,IACFnC,EAAQuB,GAEE,SAARY,IACFE,EAAOd,GAEG,UAARY,IACF5B,EAAQgB,GAGZkB,EAAOU,KAAK,CACVnD,MAAOA,EACPuB,MAAOc,EACP9B,MAAOA,WAGJsB,EAAQE,QACNF,EAAQE,GAAMmB,WAAWL,MAAM,QACxCJ,EAAOU,KAAK,CACVnD,MAAO+B,EACPR,MAAOM,EAAQE,YAEVF,EAAQE,eAKVF,EAAQE,GAGC,EAAhBU,EAAOrF,QACTmF,EAAIY,KAAK,CACPnD,MAAO,KAAOiC,EAAW,KACzBZ,MAAOoB,IAIb,MAAO,CACLE,OAAQD,EACR5B,GAAIA,EACJO,MAAOkB,IAIXe,GADAzF,EAAOkB,aAAeoC,GACJC,YAAYS,QAI9B,OAHA5D,EAAMsF,IAAI/E,WAAa,OAASJ,EAAc,IAAMkF,GAAWvC,KAAK,SAASC,GAC3E,OAAOnD,EAAOmB,eAAiB4C,EAAiBZ,EAASlC,QAEpDjB,EAAOgB,OAAQ,GAExBhB,EAAOmF,WAAa,SAASQ,GAG3B,OADI,IAAIC,KAAS,IAAJD,GACJE,kBAEX7F,EAAO8F,YAAc,SAASC,GAI5B,OAHA/F,EAAO+F,KAAOA,EACd/F,EAAOgG,KAAO,QACdhG,EAAOiG,OACAjG,EAAOe,OAAQ,GAExBT,EAAY,SAAS4F,EAAOC,EAAMC,GAEhCC,EAAIF,EAAKnB,MAAM,cAIf,OAHU,OAANqB,IAAcA,EAAE,GAAGrB,MAAM,oBAC3BhF,EAAOyC,KAAO,gBAETzC,EAAOiG,QAEhBjG,EAAOsG,IAAI,yBAA0BhG,GACrCD,EAAS,EACTL,EAAOyD,WAAa,SAASC,EAAO/B,EAAMxC,EAAOC,EAAMmH,EAAc3C,GACnE,IAAID,EAAO6C,EAAQC,EAenB,OAdAzG,EAAOc,SAAU,EACjB0F,EAAS1H,EAAQkB,EAAOyC,OAA+B3D,EAAQC,aAC/D4E,EAAQ6C,EAAOrH,GAAOa,EAAOyC,KAAMiB,EAAO6C,GAxQ1C,GAyQI3C,GAAe1E,EAAWc,EAAOyC,QAC/BgE,EAAMvH,EAAWc,EAAOyC,MAAMzC,EAAOyC,KAAMiB,EAAOvE,EAAOC,EAAMmH,KACjEnH,IACAuE,EAAQ8C,IACRtH,GAKFC,EAAO,EAEFgB,EAAMsF,IAAI/E,WAAa,OAASJ,EAAc,IAAMoD,EAAQ,aAAe3D,EAAOqB,SAAW,cAAgBrB,EAAOsB,UAAY,aAAetB,EAAOuB,UAAU2B,KAAK,SAASC,GACnL,IAAUL,EAAGC,EAAKsD,EAAGK,EACrBzF,EAAOkC,EAASlC,KAChB,GAAIA,EAAK0F,OAAQ,CAEf,IAAK7D,EAAI,EAAGC,GADZ2D,EAAMzF,EAAK2F,QACWrH,OAAQuD,EAAIC,EAAKD,IACrCuD,EAAIK,EAAI5D,GACRzC,IACAgG,EAAEpD,GAAK,OAAS5C,EACZlB,EAAQqH,EAAOjH,OAAS,IAC1B8G,EAAE7C,MAAQ,GACV6C,EAAElH,MAAQA,EAAQ,EAClBkH,EAAE1C,MAAQA,EACV0C,EAAEjH,KAAOA,GAEXuC,EAAK2D,KAAKe,GAEE,KAAV3C,IACF1D,EAAO6G,MAAQ5F,EAAK4F,OAGxB,OAAO7G,EAAOc,SAAU,GACvB,SAASsC,GACV,OAAOpD,EAAOc,SAAU,KAG5Bd,EAAOuC,YAAc,SAASmB,EAAO/B,EAAMxC,EAAOC,EAAMmH,EAAc3C,GACpE,IAAID,EAAO6C,EAAQC,EAenB,OAdAzG,EAAOc,SAAU,EACjB0F,EAAS1H,EAAQkB,EAAOyC,QAA+C,gBAAhBzC,EAAOyC,KAAyB3D,EAAQgI,WAAahI,EAAQC,cACpH4E,EAAQ6C,EAAOrH,GAAOa,EAAOyC,KAAMiB,EAAO6C,GAlT1C,GAmTI3C,GAAe1E,EAAWc,EAAOyC,QAC/BgE,EAAMvH,EAAWc,EAAOyC,MAAMzC,EAAOyC,KAAMiB,EAAOvE,EAAOC,EAAMmH,KACjEnH,IACAuE,EAAQ8C,IACRtH,GAKFC,EAAO,EAEFgB,EAAMsF,IAAI/E,WAAa,OAASJ,EAAc,iBAAmBP,EAAOoB,aAAe,iCAAmCpB,EAAOoB,aAAa7B,OAAS,cAAgBS,EAAOqB,SAAW,cAAgBrB,EAAOsB,UAAY,aAAetB,EAAOuB,UAAU2B,KAAK,SAASC,GAC/Q,IAAUL,EAAGC,EAAKsD,EAAGK,EACrBzF,EAAOkC,EAASlC,KAChB,GAAIA,EAAK0F,OAAQ,CAEf,IAAK7D,EAAI,EAAGC,GADZ2D,EAAMzF,EAAK2F,QACWrH,OAAQuD,EAAIC,EAAKD,IACrCuD,EAAIK,EAAI5D,GACRzC,IACAgG,EAAEpD,GAAK,OAAS5C,EACZlB,EAAQqH,EAAOjH,OAAS,IAC1B8G,EAAE7C,MAAQ,GACV6C,EAAElH,MAAQA,EAAQ,EAClBkH,EAAE1C,MAAQA,EACV0C,EAAEjH,KAAOA,GAEXuC,EAAK2D,KAAKe,GAEE,KAAV3C,IACF1D,EAAO6G,MAAQ5F,EAAK4F,OAGxB,OAAO7G,EAAOc,SAAU,GACvB,SAASsC,GACV,OAAOpD,EAAOc,SAAU,KAG5Bd,EAAOiG,KAAO,WASZ,OARAjG,EAAOc,SAAU,EACjBd,EAAOiB,KAAO,GACdd,EAAG4G,IAAI,CAAC9G,EAAYgG,KAAKjG,EAAO+F,MAAO/F,EAAOyD,WAAW,GAAIzD,EAAOiB,KAAM,EAAG,KAAKiC,KAAK,WACrF,OAAOlD,EAAOc,SAAU,GACvB,SAASsC,GACV,OAAOpD,EAAOc,SAAU,IAE1Bd,EAAOgH,aAAe,QACfhH,EAAOiH,QAAU,CACtBC,MAAO,YAGXC,EAAIjH,EAAUkH,OAAOpC,MAAM,YACpBhF,EAAOyC,KAAO0E,EAAIA,EAAE,GAAK,oBAInCE,KAAKC"} \ No newline at end of file +<<<<<<< HEAD +{"version":3,"sources":["2ndfa.js"],"names":["schemes","_whatToTrace","t","v","overScheme","level","over","console","log","length","categories","dateTitle","sfaTitle","menu","home","angular","module","controller","$scope","$translator","$location","$q","$http","autoId","pathEvent","sessionType","links","menulinks","staticPrefix","scriptname","formPrefix","availableLanguages","waiting","showM","showT","data","currentScope","currentSession","searchString","U2FCheck","TOTPCheck","UBKCheck","translateP","translate","translateTitle","node","translateField","menuClick","button","popup","window","open","action","title","currentNode","search2FA","clear","updateTree2","delete2FA","type","epoch","items","document","querySelectorAll","i","len","remove","id","then","response","resp","stoggle","scope","$modelValue","nodes","updateTree","value","query","count","toggle","displaySession","transformSession","session","array","attr","attrs","category","k","key","len1","name","pattern","res","sfDevice","subres","time","_utime","_session_id","match","split","RegExp","localeDate","arrayDate","toString","push","JSON","parse","sessionId","get","s","Date","toLocaleString","getLanguage","lang","form","init","event","next","current","n","$on","currentQuery","scheme","tmp","ref","result","values","total","_startTime","all","activeModule","myStyle","color","c","path","call","this"],"mappings":"CAMA,WACE,IAyBAA,EAAU,CACRC,aAAc,CACZ,SAASC,EAAGC,GACV,MAAO,kBAAoBD,EAAI,OAC9B,SAASA,EAAGC,GACb,OAAOD,EAAI,IAAMC,EAAI,OAK3BC,EAAa,CACXH,aAAc,SAASC,EAAGC,EAAGE,EAAOC,GAElC,OADAC,QAAQC,IAAI,sBAAuBH,EAAO,OAAQC,GACpC,IAAVD,GAAeF,EAAEM,OAASH,EACrBJ,EAAI,IAAMC,EAAI,oBAAsBD,EAAI,KAAOG,EAAQC,EAAO,GAAK,IAEnE,OAObI,EAAa,CACXC,UAAW,CAAC,SAAU,aAAc,eACpCC,SAAU,CAAC,eAGbC,EAAO,CACLC,KAAM,IAQAC,QAAQC,OAAO,uBAAwB,CAAC,UAAW,eAAgB,UAErEC,WAAW,uBAAwB,CACvC,SAAU,cAAe,YAAa,KAAM,QAAS,SAASC,EAAQC,EAAaC,EAAWC,EAAIC,GAChG,IAAIC,EAAWC,EAAWC,EA2T1B,OA1TAP,EAAOQ,MAAQA,MACfR,EAAOS,UAAYA,UACnBT,EAAOU,aAAeA,aACtBV,EAAOW,WAAaA,WACpBX,EAAOY,WAAaA,WACpBZ,EAAOa,mBAAqBA,mBAC5Bb,EAAOc,SAAU,EACjBd,EAAOe,OAAQ,EACff,EAAOgB,OAAQ,EACfhB,EAAOiB,KAAO,GACdjB,EAAOkB,aAAe,KACtBlB,EAAOmB,eAAiB,KACxBnB,EAAOL,KAAOA,EACdK,EAAOoB,aAAe,GACtBpB,EAAOqB,SAAW,IAClBrB,EAAOsB,UAAY,IACnBtB,EAAOuB,SAAW,IAClBvB,EAAOwB,WAAavB,EAAYuB,WAChCxB,EAAOyB,UAAYxB,EAAYwB,UAC/BzB,EAAO0B,eAAiB,SAASC,GAC/B,OAAO1B,EAAY2B,eAAeD,EAAM,UAE1CpB,EAAc,aACdP,EAAO6B,UAAY,SAASC,GAC1B,GAAIA,EAAOC,MACTC,OAAOC,KAAKH,EAAOC,YAKnB,OAHKD,EAAOI,SACVJ,EAAOI,OAASJ,EAAOK,cAEVL,EAAOI,QACpB,IAAK,WACHJ,EAAOI,OAAOlC,EAAOoC,YAAapC,GAClCA,EAAO8B,EAAOI,UACd,MACF,IAAK,SACHlC,EAAO8B,EAAOI,UACd,MACF,QACE7C,QAAQC,WAAWwC,EAAOI,QAGhC,OAAOlC,EAAOe,OAAQ,GAExBf,EAAOqC,UAAY,SAASC,GAM1B,OALIA,IACFtC,EAAOoB,aAAe,IAExBpB,EAAOmB,eAAiB,KACxBnB,EAAOiB,KAAO,GACPjB,EAAOuC,YAAY,GAAIvC,EAAOiB,KAAM,EAAG,IAEhDjB,EAAOwC,UAAY,SAASC,EAAMC,GAGhC,IAFA,IACAC,EAAQC,SAASC,iBAAiB,SAAWH,GACxCI,EAAI,EAAGC,EAAMJ,EAAMpD,OAAQuD,EAAIC,EAAKD,IACnCH,EAAMG,GACRE,SAQJ,OANAhD,EAAOc,SAAU,EACjBV,EAAc,OAAEO,WAAa,OAASJ,EAAc,IAAMP,EAAOmB,eAAe8B,GAAK,SAAWR,EAAO,UAAYC,GAAOQ,KAAK,SAASC,GACtI,OAAOnD,EAAOc,SAAU,GACvB,SAASsC,GACV,OAAOpD,EAAOc,SAAU,IAEnBd,EAAOgB,OAAQ,GAExBhB,EAAOqD,QAAU,SAASC,GACxB,IACA3B,EAAO2B,EAAMC,YAIb,OAH0B,IAAtB5B,EAAK6B,MAAMjE,QACbS,EAAOyD,WAAW9B,EAAK+B,MAAO/B,EAAK6B,MAAO7B,EAAKxC,MAAOwC,EAAKvC,KAAMuC,EAAKgC,MAAOhC,EAAKiC,OAE7EN,EAAMO,UAEf7D,EAAO8D,eAAiB,SAASR,GAC/B,IACAS,EAAmB,SAASC,GAC1B,IAAuBC,EAAkBC,EAAMC,EAAOC,EAAU1B,EAAOI,EAAOuB,EAAGC,EAAKvB,EAAKwB,EAAMC,EAAMC,EAASC,EAAKC,EAAUC,EAAczC,EAAOuB,EAyBpJmB,EAAOb,EAAQc,OACf7B,EAAKe,EAAQe,YACb,IAAKT,KAAON,GACVN,EAAQM,EAAQM,KAIS,iBAAZN,GAAwBN,EAAMsB,MAAM,QAC7ChB,EAAQM,GAAOZ,EAAMuB,MAAM,OAED,iBAAjBjB,EAAQM,KAtIZ,YAuIgBU,MAAM,IAAIE,OAAO,KAAOZ,EAAM,OACjDN,EAAQM,GAAO,WACNA,EAAIU,MAAM,qDACnBhB,EAAQM,GAAOtE,EAAOmF,WAAWzB,GACxBY,EAAIU,MAAM,gCAEnBP,EAAU,+CACVW,EAAY1B,EAAMsB,MAAMP,GACxBT,EAAQM,GAAOc,EAAU,GAAK,IAAMA,EAAU,GAAK,IAAMA,EAAU,GAAK,MAAQA,EAAU,GAAK,IAAMA,EAAU,GAAK,IAAMA,EAAU,aAdjIpB,EAAQM,GAoBnB,IAAKF,KADLM,EAAM,GACWlF,EAAY,CAG3B,IADAoF,EAAS,GACJ9B,EAAI,EAAGC,GAFZoB,EAAQ3E,EAAW4E,IAEK7E,OAAQuD,EAAIC,EAAKD,IAEvC,GADAoB,EAAOC,EAAMrB,GACTkB,EAAQE,GACV,GAAIF,EAAQE,GAAMmB,WAAWL,MAAM,gCAAiC,CAOlE,IANAJ,EAAOU,KAAK,CACVnD,MAAO,OACPuB,MAAO,OACPhB,MAAO,SAGJ2B,EAAI,EAAGE,GADZN,EAAQsB,KAAKC,MAAMxB,EAAQE,KACF3E,OAAQ8E,EAAIE,EAAMF,IAAK,CAE9C,IAAKC,KADLK,EAAWV,EAAMI,GAEfX,EAAQiB,EAASL,GACL,SAARA,IACFnC,EAAQuB,GAEE,SAARY,IACFE,EAAOd,GAEG,UAARY,IACF5B,EAAQgB,GAGZkB,EAAOU,KAAK,CACVnD,MAAOA,EACPuB,MAAOc,EACP9B,MAAOA,WAGJsB,EAAQE,QACNF,EAAQE,GAAMmB,WAAWL,MAAM,QACxCJ,EAAOU,KAAK,CACVnD,MAAO+B,EACPR,MAAOM,EAAQE,YAEVF,EAAQE,eAKVF,EAAQE,GAGC,EAAhBU,EAAOrF,QACTmF,EAAIY,KAAK,CACPnD,MAAO,KAAOiC,EAAW,KACzBZ,MAAOoB,IAIb,MAAO,CACLE,OAAQD,EACR5B,GAAIA,EACJO,MAAOkB,IAIXe,GADAzF,EAAOkB,aAAeoC,GACJC,YAAYS,QAI9B,OAHA5D,EAAMsF,IAAI/E,WAAa,OAASJ,EAAc,IAAMkF,GAAWvC,KAAK,SAASC,GAC3E,OAAOnD,EAAOmB,eAAiB4C,EAAiBZ,EAASlC,QAEpDjB,EAAOgB,OAAQ,GAExBhB,EAAOmF,WAAa,SAASQ,GAG3B,OADI,IAAIC,KAAS,IAAJD,GACJE,kBAEX7F,EAAO8F,YAAc,SAASC,GAI5B,OAHA/F,EAAO+F,KAAOA,EACd/F,EAAOgG,KAAO,QACdhG,EAAOiG,OACAjG,EAAOe,OAAQ,GAExBT,EAAY,SAAS4F,EAAOC,EAAMC,GAEhCC,EAAIF,EAAKnB,MAAM,cAIf,OAHU,OAANqB,IAAcA,EAAE,GAAGrB,MAAM,oBAC3BhF,EAAOyC,KAAO,gBAETzC,EAAOiG,QAEhBjG,EAAOsG,IAAI,yBAA0BhG,GACrCD,EAAS,EACTL,EAAOyD,WAAa,SAASC,EAAO/B,EAAMxC,EAAOC,EAAMmH,EAAc3C,GACnE,IAAID,EAAO6C,EAAQC,EAenB,OAdAzG,EAAOc,SAAU,EACjB0F,EAAS1H,EAAQkB,EAAOyC,OAA+B3D,EAAQC,aAC/D4E,EAAQ6C,EAAOrH,GAAOa,EAAOyC,KAAMiB,EAAO6C,GAxQ1C,GAyQI3C,GAAe1E,EAAWc,EAAOyC,QAC/BgE,EAAMvH,EAAWc,EAAOyC,MAAMzC,EAAOyC,KAAMiB,EAAOvE,EAAOC,EAAMmH,KACjEnH,IACAuE,EAAQ8C,IACRtH,GAKFC,EAAO,EAEFgB,EAAMsF,IAAI/E,WAAa,OAASJ,EAAc,IAAMoD,EAAQ,aAAe3D,EAAOqB,SAAW,cAAgBrB,EAAOsB,UAAY,aAAetB,EAAOuB,UAAU2B,KAAK,SAASC,GACnL,IAAUL,EAAGC,EAAKsD,EAAGK,EACrBzF,EAAOkC,EAASlC,KAChB,GAAIA,EAAK0F,OAAQ,CAEf,IAAK7D,EAAI,EAAGC,GADZ2D,EAAMzF,EAAK2F,QACWrH,OAAQuD,EAAIC,EAAKD,IACrCuD,EAAIK,EAAI5D,GACRzC,IACAgG,EAAEpD,GAAK,OAAS5C,EACZlB,EAAQqH,EAAOjH,OAAS,IAC1B8G,EAAE7C,MAAQ,GACV6C,EAAElH,MAAQA,EAAQ,EAClBkH,EAAE1C,MAAQA,EACV0C,EAAEjH,KAAOA,GAEXuC,EAAK2D,KAAKe,GAEE,KAAV3C,IACF1D,EAAO6G,MAAQ5F,EAAK4F,OAGxB,OAAO7G,EAAOc,SAAU,GACvB,SAASsC,GACV,OAAOpD,EAAOc,SAAU,KAG5Bd,EAAOuC,YAAc,SAASmB,EAAO/B,EAAMxC,EAAOC,EAAMmH,EAAc3C,GACpE,IAAID,EAAO6C,EAAQC,EAenB,OAdAzG,EAAOc,SAAU,EACjB0F,EAAS1H,EAAQkB,EAAOyC,QAA+C,gBAAhBzC,EAAOyC,KAAyB3D,EAAQgI,WAAahI,EAAQC,cACpH4E,EAAQ6C,EAAOrH,GAAOa,EAAOyC,KAAMiB,EAAO6C,GAlT1C,GAmTI3C,GAAe1E,EAAWc,EAAOyC,QAC/BgE,EAAMvH,EAAWc,EAAOyC,MAAMzC,EAAOyC,KAAMiB,EAAOvE,EAAOC,EAAMmH,KACjEnH,IACAuE,EAAQ8C,IACRtH,GAKFC,EAAO,EAEFgB,EAAMsF,IAAI/E,WAAa,OAASJ,EAAc,iBAAmBP,EAAOoB,aAAe,iCAAmCpB,EAAOoB,aAAa7B,OAAS,cAAgBS,EAAOqB,SAAW,cAAgBrB,EAAOsB,UAAY,aAAetB,EAAOuB,UAAU2B,KAAK,SAASC,GAC/Q,IAAUL,EAAGC,EAAKsD,EAAGK,EACrBzF,EAAOkC,EAASlC,KAChB,GAAIA,EAAK0F,OAAQ,CAEf,IAAK7D,EAAI,EAAGC,GADZ2D,EAAMzF,EAAK2F,QACWrH,OAAQuD,EAAIC,EAAKD,IACrCuD,EAAIK,EAAI5D,GACRzC,IACAgG,EAAEpD,GAAK,OAAS5C,EACZlB,EAAQqH,EAAOjH,OAAS,IAC1B8G,EAAE7C,MAAQ,GACV6C,EAAElH,MAAQA,EAAQ,EAClBkH,EAAE1C,MAAQA,EACV0C,EAAEjH,KAAOA,GAEXuC,EAAK2D,KAAKe,GAEE,KAAV3C,IACF1D,EAAO6G,MAAQ5F,EAAK4F,OAGxB,OAAO7G,EAAOc,SAAU,GACvB,SAASsC,GACV,OAAOpD,EAAOc,SAAU,KAG5Bd,EAAOiG,KAAO,WASZ,OARAjG,EAAOc,SAAU,EACjBd,EAAOiB,KAAO,GACdd,EAAG4G,IAAI,CAAC9G,EAAYgG,KAAKjG,EAAO+F,MAAO/F,EAAOyD,WAAW,GAAIzD,EAAOiB,KAAM,EAAG,KAAKiC,KAAK,WACrF,OAAOlD,EAAOc,SAAU,GACvB,SAASsC,GACV,OAAOpD,EAAOc,SAAU,IAE1Bd,EAAOgH,aAAe,QACfhH,EAAOiH,QAAU,CACtBC,MAAO,YAGXC,EAAIjH,EAAUkH,OAAOpC,MAAM,YACpBhF,EAAOyC,KAAO0E,EAAIA,EAAE,GAAK,oBAInCE,KAAKC"} +======= +{"version":3,"sources":["2ndfa.js"],"names":["categories","menu","overScheme","schemes","setMsg","msg","level","$","html","window","translate","removeClass","addClass","_whatToTrace","t","v","over","console","log","length","dateTitle","sfaTitle","home","angular","module","controller","$scope","$translator","$location","$q","$http","autoId","c","pathEvent","sessionType","links","menulinks","staticPrefix","scriptname","formPrefix","availableLanguages","waiting","showM","showT","data","currentScope","currentSession","searchString","U2FCheck","TOTPCheck","UBKCheck","translateP","translateTitle","node","translateField","menuClick","button","popup","open","action","title","currentNode","search2FA","clear","updateTree2","delete2FA","type","epoch","i","items","len","document","querySelectorAll","remove","id","then","response","resp","stoggle","scope","$modelValue","nodes","updateTree","value","query","count","toggle","displaySession","sessionId","transformSession","session","_stToStr","array","arrayDate","attr","attrs","category","k","key","len1","name","pattern","res","sfDevice","subres","time","s","re","reg","tmp","RegExp","match","push","_utime","_session_id","split","localeDate","toString","JSON","parse","get","Date","toLocaleString","getLanguage","lang","form","init","event","next","current","n","$on","currentQuery","scheme","ref","result","values","total","_startTime","all","activeModule","myStyle","color","path","call","this"],"mappings":"CAMA,WACE,IAAIA,EAAwDC,EAAMC,EAAYC,EAASC,EAEvFA,EAAS,SAASC,EAAKC,GAOrB,OANAC,EAAE,QAAQC,KAAKC,OAAOC,UAAUL,IAChCE,EAAE,UAAUI,YAAY,gEACxBJ,EAAE,UAAUK,SAAS,WAAaN,GACpB,aAAVA,IACFA,EAAQ,WAEHC,EAAE,UAAUK,SAAS,SAAWN,IAgBzCH,EAAU,CACRU,aAAc,CACZ,SAASC,EAAGC,GACV,MAAO,kBAAoBD,EAAI,OAC9B,SAASA,EAAGC,GACb,OAAOD,EAAI,IAAMC,EAAI,OAK3Bb,EAAa,CACXW,aAAc,SAASC,EAAGC,EAAGT,EAAOU,GAElC,OADAC,QAAQC,IAAI,sBAAuBZ,EAAO,OAAQU,GACpC,IAAVV,GAAeS,EAAEI,OAASH,EACrBF,EAAI,IAAMC,EAAI,oBAAsBD,EAAI,KAAOR,EAAQU,EAAO,GAAK,IAEnE,OAObhB,EAAa,CACXoB,UAAW,CAAC,SAAU,aAAc,eACpCC,SAAU,CAAC,eAGbpB,EAAO,CACLqB,KAAM,IAQAC,QAAQC,OAAO,uBAAwB,CAAC,UAAW,eAAgB,UAErEC,WAAW,uBAAwB,CACvC,SAAU,cAAe,YAAa,KAAM,QAAS,SAASC,EAAQC,EAAaC,EAAWC,EAAIC,GAChG,IAAIC,EAAQC,EAAGC,EAAWC,EA2T1B,OA1TAR,EAAOS,MAAQA,MACfT,EAAOU,UAAYA,UACnBV,EAAOW,aAAeA,aACtBX,EAAOY,WAAaA,WACpBZ,EAAOa,WAAaA,WACpBb,EAAOc,mBAAqBA,mBAC5Bd,EAAOe,SAAU,EACjBf,EAAOgB,OAAQ,EACfhB,EAAOiB,OAAQ,EACfjB,EAAOkB,KAAO,GACdlB,EAAOmB,aAAe,KACtBnB,EAAOoB,eAAiB,KACxBpB,EAAOzB,KAAOA,EACdyB,EAAOqB,aAAe,GACtBrB,EAAOsB,SAAW,IAClBtB,EAAOuB,UAAY,IACnBvB,EAAOwB,SAAW,IAClBxB,EAAOyB,WAAaxB,EAAYwB,WAChCzB,EAAOhB,UAAYiB,EAAYjB,UAC/BgB,EAAO0B,eAAiB,SAASC,GAC/B,OAAO1B,EAAY2B,eAAeD,EAAM,UAE1CnB,EAAc,aACdR,EAAO6B,UAAY,SAASC,GAC1B,GAAIA,EAAOC,MACThD,OAAOiD,KAAKF,EAAOC,YAKnB,OAHKD,EAAOG,SACVH,EAAOG,OAASH,EAAOI,cAEVJ,EAAOG,QACpB,IAAK,WACHH,EAAOG,OAAOjC,EAAOmC,YAAanC,GAClCA,EAAO8B,EAAOG,UACd,MACF,IAAK,SACHjC,EAAO8B,EAAOG,UACd,MACF,QACE1C,QAAQC,WAAWsC,EAAOG,QAGhC,OAAOjC,EAAOgB,OAAQ,GAExBhB,EAAOoC,UAAY,SAASC,GAM1B,OALIA,IACFrC,EAAOqB,aAAe,IAExBrB,EAAOoB,eAAiB,KACxBpB,EAAOkB,KAAO,GACPlB,EAAOsC,YAAY,GAAItC,EAAOkB,KAAM,EAAG,IAEhDlB,EAAOuC,UAAY,SAASC,EAAMC,GAChC,IAAOC,EAAGC,EAAOC,EAEjB,IAAKF,EAAI,EAAGE,GADZD,EAAQE,SAASC,iBAAiB,SAAWL,IACrBhD,OAAQiD,EAAIE,EAAKF,IACnCC,EAAMD,GACRK,SAQJ,OANA/C,EAAOe,SAAU,EACjBX,EAAc,OAAEQ,WAAa,OAASJ,EAAc,IAAMR,EAAOoB,eAAe4B,GAAK,SAAWR,EAAO,UAAYC,GAAOQ,KAAK,SAASC,GACtI,OAAOlD,EAAOe,SAAU,GACvB,SAASoC,GACV,OAAOnD,EAAOe,SAAU,IAEnBf,EAAOiB,OAAQ,GAExBjB,EAAOoD,QAAU,SAASC,GACxB,IAAI1B,EAKJ,OAH0B,KAD1BA,EAAO0B,EAAMC,aACJC,MAAM9D,QACbO,EAAOwD,WAAW7B,EAAK8B,MAAO9B,EAAK4B,MAAO5B,EAAK/C,MAAO+C,EAAKrC,KAAMqC,EAAK+B,MAAO/B,EAAKgC,OAE7EN,EAAMO,UAEf5D,EAAO6D,eAAiB,SAASR,GAC/B,IAAIS,EAAWC,EAqHf,OApHAA,EAAmB,SAASC,GAC1B,IAAaC,EAAUC,EAAOC,EAAWC,EAAMC,EAAOC,EAAU7B,EAAOC,EAAGM,EAAIuB,EAAGC,EAAK5B,EAAK6B,EAAMC,EAAMC,EAASC,EAAKC,EAAUC,EAAQC,EAAM7C,EAAOuB,EA2BpJ,IAAKe,KA1BLP,EAAW,SAASe,GAClB,OAAOA,GAEC,SAASC,EAAI/C,GACrB,IAAIsC,EAAKU,EAAKC,EAAK1B,EAGnB,IAAKe,KAFLW,EAAM,GACND,EAAM,IAAIE,OAAOH,GACLjB,EACVP,EAAQO,EAAQQ,GACZA,EAAIa,MAAMH,IAAQzB,IACpB0B,EAAIG,KAAK,CACPpD,MAAOsC,EACPf,MAAOA,WAEFO,EAAQQ,IAGnB,GAAiB,EAAbW,EAAI1F,OACN,OAAOmF,EAAIU,KAAK,CACdpD,MAAOA,EACPqB,MAAO4B,KAIbJ,EAAOf,EAAQuB,OACfvC,EAAKgB,EAAQwB,YACDxB,GACVP,EAAQO,EAAQQ,KAIS,iBAAZR,GAAwBP,EAAM4B,MAAM,QAC7CrB,EAAQQ,GAAOf,EAAMgC,MAAM,OAED,iBAAjBzB,EAAQQ,KAtIZ,YAuIgBa,MAAM,IAAID,OAAO,KAAOZ,EAAM,OACjDR,EAAQQ,GAAO,WACNA,EAAIa,MAAM,qDACnBrB,EAAQQ,GAAOxE,EAAO0F,WAAWjC,GACxBe,EAAIa,MAAM,gCAEnBV,EAAU,+CACVR,GAFAV,EAAQQ,EAASR,IAEC4B,MAAMV,GACxBX,EAAQQ,GAAOL,EAAU,GAAK,IAAMA,EAAU,GAAK,IAAMA,EAAU,GAAK,MAAQA,EAAU,GAAK,IAAMA,EAAU,GAAK,IAAMA,EAAU,aAdjIH,EAAQQ,GAoBnB,IAAKF,KADLM,EAAM,GACWtG,EAAY,CAG3B,IADAwG,EAAS,GACJpC,EAAI,EAAGE,GAFZyB,EAAQ/F,EAAWgG,IAEK7E,OAAQiD,EAAIE,EAAKF,IAEvC,GADA0B,EAAOC,EAAM3B,GACTsB,EAAQI,GACV,GAAIJ,EAAQI,GAAMuB,WAAWN,MAAM,gCAAiC,CAOlE,IANAP,EAAOQ,KAAK,CACVpD,MAAO,OACPuB,MAAO,OACPhB,MAAO,SAGJ8B,EAAI,EAAGE,GADZP,EAAQ0B,KAAKC,MAAM7B,EAAQI,KACF3E,OAAQ8E,EAAIE,EAAMF,IAAK,CAE9C,IAAKC,KADLK,EAAWX,EAAMK,GAEfd,EAAQoB,EAASL,GACL,SAARA,IACFtC,EAAQuB,GAEE,SAARe,IACFE,EAAOjB,GAEG,UAARe,IACF/B,EAAQgB,GAGZqB,EAAOQ,KAAK,CACVpD,MAAOA,EACPuB,MAAOiB,EACPjC,MAAOA,WAGJuB,EAAQI,QACNJ,EAAQI,GAAMuB,WAAWN,MAAM,QACxCP,EAAOQ,KAAK,CACVpD,MAAOkC,EACPX,MAAOO,EAAQI,YAEVJ,EAAQI,eAKVJ,EAAQI,GAGC,EAAhBU,EAAOrF,QACTmF,EAAIU,KAAK,CACPpD,MAAO,KAAOoC,EAAW,KACzBf,MAAOuB,IAIb,MAAO,CACLS,OAAQR,EACR/B,GAAIA,EACJO,MAAOqB,IAIXd,GADA9D,EAAOmB,aAAekC,GACJC,YAAYU,QAC9B5D,EAAM0F,IAAIlF,WAAa,OAASJ,EAAc,IAAMsD,GAAWb,KAAK,SAASC,GAC3E,OAAOlD,EAAOoB,eAAiB2C,EAAiBb,EAAShC,QAEpDlB,EAAOiB,OAAQ,GAExBjB,EAAO0F,WAAa,SAASV,GAG3B,OADI,IAAIe,KAAS,IAAJf,GACJgB,kBAEXhG,EAAOiG,YAAc,SAASC,GAI5B,OAHAlG,EAAOkG,KAAOA,EACdlG,EAAOmG,KAAO,QACdnG,EAAOoG,OACApG,EAAOgB,OAAQ,GAExBT,EAAY,SAAS8F,EAAOC,EAAMC,GAChC,IAAIC,EAKJ,OAHU,QADVA,EAAIF,EAAKjB,MAAM,iBACGmB,EAAE,GAAGnB,MAAM,oBAC3BrF,EAAOwC,KAAO,gBAETxC,EAAOoG,QAEhBpG,EAAOyG,IAAI,yBAA0BlG,GACrCF,EAAS,EACTL,EAAOwD,WAAa,SAASC,EAAO9B,EAAM/C,EAAOU,EAAMoH,EAAc/C,GACnE,IAAID,EAAOiD,EAAQxB,EAenB,OAdAnF,EAAOe,SAAU,EACjB4F,EAASlI,EAAQuB,EAAOwC,MAAQ/D,EAAQuB,EAAOwC,MAAQ/D,EAAQU,aAC/DuE,EAAQiD,EAAO/H,GAAOoB,EAAOwC,KAAMiB,EAAOiD,GAxQ1C,GAyQI/C,GAAenF,EAAWwB,EAAOwC,QAC/B2C,EAAM3G,EAAWwB,EAAOwC,MAAMxC,EAAOwC,KAAMiB,EAAO7E,EAAOU,EAAMoH,KACjEpH,IACAoE,EAAQyB,EACRvG,GAAgB,GAKlBU,EAAO,EAEFc,EAAM0F,IAAIlF,WAAa,OAASJ,EAAc,IAAMkD,EAAQ,aAAe1D,EAAOsB,SAAW,cAAgBtB,EAAOuB,UAAY,aAAevB,EAAOwB,UAAUyB,KAAK,SAASC,GACnL,IAAIhC,EAAMwB,EAAGE,EAAK4D,EAAGI,EAErB,IADA1F,EAAOgC,EAAShC,MACP2F,OAAQ,CAEf,IAAKnE,EAAI,EAAGE,GADZgE,EAAM1F,EAAK4F,QACWrH,OAAQiD,EAAIE,EAAKF,IACrC8D,EAAII,EAAIlE,GACRrC,IACAmG,EAAExD,GAAK,OAAS3C,EACZzB,EAAQ+H,EAAOlH,OAAS,IAC1B+G,EAAEjD,MAAQ,GACViD,EAAE5H,MAAQA,EAAQ,EAClB4H,EAAE9C,MAAQA,EACV8C,EAAElH,KAAOA,GAEXqC,EAAK2D,KAAKkB,GAEE,KAAV/C,IACFzD,EAAO+G,MAAQ7F,EAAK6F,OAGxB,OAAO/G,EAAOe,SAAU,GACvB,SAASoC,GACV,OAAOnD,EAAOe,SAAU,KAG5Bf,EAAOsC,YAAc,SAASmB,EAAO9B,EAAM/C,EAAOU,EAAMoH,EAAc/C,GACpE,IAAID,EAAOiD,EAAQxB,EAenB,OAdAnF,EAAOe,SAAU,EACjB4F,EAASlI,EAAQuB,EAAOwC,MAAQ/D,EAAQuB,EAAOwC,MAAwB,gBAAhBxC,EAAOwC,KAAyB/D,EAAQuI,WAAavI,EAAQU,aACpHuE,EAAQiD,EAAO/H,GAAOoB,EAAOwC,KAAMiB,EAAOiD,GAlT1C,GAmTI/C,GAAenF,EAAWwB,EAAOwC,QAC/B2C,EAAM3G,EAAWwB,EAAOwC,MAAMxC,EAAOwC,KAAMiB,EAAO7E,EAAOU,EAAMoH,KACjEpH,IACAoE,EAAQyB,EACRvG,GAAgB,GAKlBU,EAAO,EAEFc,EAAM0F,IAAIlF,WAAa,OAASJ,EAAc,iBAAmBR,EAAOqB,aAAe,iCAAmCrB,EAAOqB,aAAa5B,OAAS,cAAgBO,EAAOsB,SAAW,cAAgBtB,EAAOuB,UAAY,aAAevB,EAAOwB,UAAUyB,KAAK,SAASC,GAC/Q,IAAIhC,EAAMwB,EAAGE,EAAK4D,EAAGI,EAErB,IADA1F,EAAOgC,EAAShC,MACP2F,OAAQ,CAEf,IAAKnE,EAAI,EAAGE,GADZgE,EAAM1F,EAAK4F,QACWrH,OAAQiD,EAAIE,EAAKF,IACrC8D,EAAII,EAAIlE,GACRrC,IACAmG,EAAExD,GAAK,OAAS3C,EACZzB,EAAQ+H,EAAOlH,OAAS,IAC1B+G,EAAEjD,MAAQ,GACViD,EAAE5H,MAAQA,EAAQ,EAClB4H,EAAE9C,MAAQA,EACV8C,EAAElH,KAAOA,GAEXqC,EAAK2D,KAAKkB,GAEE,KAAV/C,IACFzD,EAAO+G,MAAQ7F,EAAK6F,OAGxB,OAAO/G,EAAOe,SAAU,GACvB,SAASoC,GACV,OAAOnD,EAAOe,SAAU,KAG5Bf,EAAOoG,KAAO,WASZ,OARApG,EAAOe,SAAU,EACjBf,EAAOkB,KAAO,GACdf,EAAG8G,IAAI,CAAChH,EAAYmG,KAAKpG,EAAOkG,MAAOlG,EAAOwD,WAAW,GAAIxD,EAAOkB,KAAM,EAAG,KAAK+B,KAAK,WACrF,OAAOjD,EAAOe,SAAU,GACvB,SAASoC,GACV,OAAOnD,EAAOe,SAAU,IAE1Bf,EAAOkH,aAAe,QACflH,EAAOmH,QAAU,CACtBC,MAAO,YAGX9G,EAAIJ,EAAUmH,OAAOhC,MAAM,YACpBrF,EAAOwC,KAAOlC,EAAIA,EAAE,GAAK,oBAInCgH,KAAKC"} +>>>>>>> v2.0 diff --git a/lemonldap-ng-manager/site/htdocs/static/js/conftree.js b/lemonldap-ng-manager/site/htdocs/static/js/conftree.js index cd486fef0..bb21f9d02 100644 --- a/lemonldap-ng-manager/site/htdocs/static/js/conftree.js +++ b/lemonldap-ng-manager/site/htdocs/static/js/conftree.js @@ -1327,6 +1327,12 @@ function templates(tpl,key) { "id" : tpl+"s/"+key+"/"+"vhostAliases", "title" : "vhostAliases" }, + { + "default" : "", + "get" : tpl+"s/"+key+"/"+"vhostAccessToTrace", + "id" : tpl+"s/"+key+"/"+"vhostAccessToTrace", + "title" : "vhostAccessToTrace" + }, { "default" : "Main", "get" : tpl+"s/"+key+"/"+"vhostType", diff --git a/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js b/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js index 5a36c5914..8e4584cee 100644 --- a/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js +++ b/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js @@ -1 +1 @@ -function templates(t,a){switch(t){case"casAppMetaDataNode":return[{cnodes:t+"s/"+a+"/casAppMetaDataExportedVars",default:[{data:"cn",id:t+"s/"+a+"/casAppMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:t+"s/"+a+"/casAppMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:t+"s/"+a+"/casAppMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:t+"s/"+a+"/casAppMetaDataExportedVars",title:"casAppMetaDataExportedVars",type:"keyTextContainer"},{_nodes:[{get:t+"s/"+a+"/casAppMetaDataOptionsService",id:t+"s/"+a+"/casAppMetaDataOptionsService",title:"casAppMetaDataOptionsService"},{get:t+"s/"+a+"/casAppMetaDataOptionsUserAttribute",id:t+"s/"+a+"/casAppMetaDataOptionsUserAttribute",title:"casAppMetaDataOptionsUserAttribute"},{get:t+"s/"+a+"/casAppMetaDataOptionsAuthnLevel",id:t+"s/"+a+"/casAppMetaDataOptionsAuthnLevel",title:"casAppMetaDataOptionsAuthnLevel",type:"int"},{get:t+"s/"+a+"/casAppMetaDataOptionsRule",id:t+"s/"+a+"/casAppMetaDataOptionsRule",title:"casAppMetaDataOptionsRule"}],id:"casAppMetaDataOptions",title:"casAppMetaDataOptions",type:"simpleInputContainer"},{cnodes:t+"s/"+a+"/casAppMetaDataMacros",default:[],help:"exportedvars.html#extend-variables-using-macros-and-groups",id:t+"s/"+a+"/casAppMetaDataMacros",title:"casAppMetaDataMacros",type:"keyTextContainer"}];case"casSrvMetaDataNode":return[{cnodes:t+"s/"+a+"/casSrvMetaDataExportedVars",default:[{data:"cn",id:t+"s/"+a+"/casSrvMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:t+"s/"+a+"/casSrvMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:t+"s/"+a+"/casSrvMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:t+"s/"+a+"/casSrvMetaDataExportedVars",title:"casSrvMetaDataExportedVars",type:"keyTextContainer"},{cnodes:t+"s/"+a+"/casSrvMetaDataOptionsProxiedServices",id:t+"s/"+a+"/casSrvMetaDataOptionsProxiedServices",title:"casSrvMetaDataOptionsProxiedServices",type:"keyTextContainer"},{_nodes:[{get:t+"s/"+a+"/casSrvMetaDataOptionsUrl",id:t+"s/"+a+"/casSrvMetaDataOptionsUrl",title:"casSrvMetaDataOptionsUrl"},{default:0,get:t+"s/"+a+"/casSrvMetaDataOptionsRenew",id:t+"s/"+a+"/casSrvMetaDataOptionsRenew",title:"casSrvMetaDataOptionsRenew",type:"bool"},{default:0,get:t+"s/"+a+"/casSrvMetaDataOptionsGateway",id:t+"s/"+a+"/casSrvMetaDataOptionsGateway",title:"casSrvMetaDataOptionsGateway",type:"bool"}],id:"casSrvMetaDataOptions",title:"casSrvMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+a+"/casSrvMetaDataOptionsDisplayName",id:t+"s/"+a+"/casSrvMetaDataOptionsDisplayName",title:"casSrvMetaDataOptionsDisplayName"},{get:t+"s/"+a+"/casSrvMetaDataOptionsIcon",id:t+"s/"+a+"/casSrvMetaDataOptionsIcon",title:"casSrvMetaDataOptionsIcon"},{get:t+"s/"+a+"/casSrvMetaDataOptionsSortNumber",id:t+"s/"+a+"/casSrvMetaDataOptionsSortNumber",title:"casSrvMetaDataOptionsSortNumber",type:"int"}],id:"casSrvMetaDataOptionsDisplay",title:"casSrvMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"oidcOPMetaDataNode":return[{get:t+"s/"+a+"/oidcOPMetaDataJSON",id:t+"s/"+a+"/oidcOPMetaDataJSON",title:"oidcOPMetaDataJSON",type:"file"},{get:t+"s/"+a+"/oidcOPMetaDataJWKS",id:t+"s/"+a+"/oidcOPMetaDataJWKS",title:"oidcOPMetaDataJWKS",type:"file"},{cnodes:t+"s/"+a+"/oidcOPMetaDataExportedVars",default:[{data:"name",id:t+"s/"+a+"/oidcOPMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"email",id:t+"s/"+a+"/oidcOPMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"family_name",id:t+"s/"+a+"/oidcOPMetaDataExportedVars/sn",title:"sn",type:"keyText"},{data:"sub",id:t+"s/"+a+"/oidcOPMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:t+"s/"+a+"/oidcOPMetaDataExportedVars",title:"oidcOPMetaDataExportedVars",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:t+"s/"+a+"/oidcOPMetaDataOptionsConfigurationURI",id:t+"s/"+a+"/oidcOPMetaDataOptionsConfigurationURI",title:"oidcOPMetaDataOptionsConfigurationURI"},{default:0,get:t+"s/"+a+"/oidcOPMetaDataOptionsJWKSTimeout",id:t+"s/"+a+"/oidcOPMetaDataOptionsJWKSTimeout",title:"oidcOPMetaDataOptionsJWKSTimeout",type:"int"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsClientID",id:t+"s/"+a+"/oidcOPMetaDataOptionsClientID",title:"oidcOPMetaDataOptionsClientID"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsClientSecret",id:t+"s/"+a+"/oidcOPMetaDataOptionsClientSecret",title:"oidcOPMetaDataOptionsClientSecret",type:"password"},{default:0,get:t+"s/"+a+"/oidcOPMetaDataOptionsStoreIDToken",id:t+"s/"+a+"/oidcOPMetaDataOptionsStoreIDToken",title:"oidcOPMetaDataOptionsStoreIDToken",type:"bool"}],id:"oidcOPMetaDataOptionsConfiguration",title:"oidcOPMetaDataOptionsConfiguration",type:"simpleInputContainer"},{_nodes:[{default:"openid profile",get:t+"s/"+a+"/oidcOPMetaDataOptionsScope",id:t+"s/"+a+"/oidcOPMetaDataOptionsScope",title:"oidcOPMetaDataOptionsScope"},{default:"",get:t+"s/"+a+"/oidcOPMetaDataOptionsDisplay",id:t+"s/"+a+"/oidcOPMetaDataOptionsDisplay",select:[{k:"",v:""},{k:"page",v:"page"},{k:"popup",v:"popup"},{k:"touch",v:"touch"},{k:"wap",v:"wap"}],title:"oidcOPMetaDataOptionsDisplay",type:"select"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsPrompt",id:t+"s/"+a+"/oidcOPMetaDataOptionsPrompt",title:"oidcOPMetaDataOptionsPrompt"},{default:0,get:t+"s/"+a+"/oidcOPMetaDataOptionsMaxAge",id:t+"s/"+a+"/oidcOPMetaDataOptionsMaxAge",title:"oidcOPMetaDataOptionsMaxAge",type:"int"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsUiLocales",id:t+"s/"+a+"/oidcOPMetaDataOptionsUiLocales",title:"oidcOPMetaDataOptionsUiLocales"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsAcrValues",id:t+"s/"+a+"/oidcOPMetaDataOptionsAcrValues",title:"oidcOPMetaDataOptionsAcrValues"},{default:"client_secret_post",get:t+"s/"+a+"/oidcOPMetaDataOptionsTokenEndpointAuthMethod",id:t+"s/"+a+"/oidcOPMetaDataOptionsTokenEndpointAuthMethod",select:[{k:"client_secret_post",v:"client_secret_post"},{k:"client_secret_basic",v:"client_secret_basic"}],title:"oidcOPMetaDataOptionsTokenEndpointAuthMethod",type:"select"},{default:1,get:t+"s/"+a+"/oidcOPMetaDataOptionsCheckJWTSignature",id:t+"s/"+a+"/oidcOPMetaDataOptionsCheckJWTSignature",title:"oidcOPMetaDataOptionsCheckJWTSignature",type:"bool"},{default:30,get:t+"s/"+a+"/oidcOPMetaDataOptionsIDTokenMaxAge",id:t+"s/"+a+"/oidcOPMetaDataOptionsIDTokenMaxAge",title:"oidcOPMetaDataOptionsIDTokenMaxAge",type:"int"},{default:1,get:t+"s/"+a+"/oidcOPMetaDataOptionsUseNonce",id:t+"s/"+a+"/oidcOPMetaDataOptionsUseNonce",title:"oidcOPMetaDataOptionsUseNonce",type:"bool"}],id:"oidcOPMetaDataOptionsProtocol",title:"oidcOPMetaDataOptionsProtocol",type:"simpleInputContainer"}],id:"oidcOPMetaDataOptions",title:"oidcOPMetaDataOptions"},{_nodes:[{get:t+"s/"+a+"/oidcOPMetaDataOptionsDisplayName",id:t+"s/"+a+"/oidcOPMetaDataOptionsDisplayName",title:"oidcOPMetaDataOptionsDisplayName"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsIcon",id:t+"s/"+a+"/oidcOPMetaDataOptionsIcon",title:"oidcOPMetaDataOptionsIcon"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsSortNumber",id:t+"s/"+a+"/oidcOPMetaDataOptionsSortNumber",title:"oidcOPMetaDataOptionsSortNumber",type:"int"}],id:"oidcOPMetaDataOptionsDisplayParams",title:"oidcOPMetaDataOptionsDisplayParams",type:"simpleInputContainer"}];case"oidcRPMetaDataNode":return[{cnodes:t+"s/"+a+"/oidcRPMetaDataExportedVars",default:[{data:["mail","string","auto"],id:t+"s/"+a+"/oidcRPMetaDataExportedVars/email",title:"email",type:"oidcAttribute"},{data:["sn","string","auto"],id:t+"s/"+a+"/oidcRPMetaDataExportedVars/family_name",title:"family_name",type:"oidcAttribute"},{data:["cn","string","auto"],id:t+"s/"+a+"/oidcRPMetaDataExportedVars/name",title:"name",type:"oidcAttribute"}],id:t+"s/"+a+"/oidcRPMetaDataExportedVars",title:"oidcRPMetaDataExportedVars",type:"oidcAttributeContainer"},{cnodes:t+"s/"+a+"/oidcRPMetaDataOptionsExtraClaims",default:[],id:t+"s/"+a+"/oidcRPMetaDataOptionsExtraClaims",title:"oidcRPMetaDataOptionsExtraClaims",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:t+"s/"+a+"/oidcRPMetaDataOptionsClientID",id:t+"s/"+a+"/oidcRPMetaDataOptionsClientID",title:"oidcRPMetaDataOptionsClientID"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsClientSecret",id:t+"s/"+a+"/oidcRPMetaDataOptionsClientSecret",title:"oidcRPMetaDataOptionsClientSecret",type:"password"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsPublic",id:t+"s/"+a+"/oidcRPMetaDataOptionsPublic",title:"oidcRPMetaDataOptionsPublic",type:"bool"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsRedirectUris",id:t+"s/"+a+"/oidcRPMetaDataOptionsRedirectUris",title:"oidcRPMetaDataOptionsRedirectUris"}],id:"oidcRPMetaDataOptionsBasic",title:"oidcRPMetaDataOptionsBasic",type:"simpleInputContainer"},{_nodes:[{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsBypassConsent",help:"openidconnectclaims.html",id:t+"s/"+a+"/oidcRPMetaDataOptionsBypassConsent",title:"oidcRPMetaDataOptionsBypassConsent",type:"bool"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsUserIDAttr",id:t+"s/"+a+"/oidcRPMetaDataOptionsUserIDAttr",title:"oidcRPMetaDataOptionsUserIDAttr"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenForceClaims",id:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenForceClaims",title:"oidcRPMetaDataOptionsIDTokenForceClaims",type:"bool"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsAdditionalAudiences",id:t+"s/"+a+"/oidcRPMetaDataOptionsAdditionalAudiences",title:"oidcRPMetaDataOptionsAdditionalAudiences"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsRefreshToken",id:t+"s/"+a+"/oidcRPMetaDataOptionsRefreshToken",title:"oidcRPMetaDataOptionsRefreshToken",type:"bool"}],id:"oidcRPMetaDataOptionsAdvanced",title:"oidcRPMetaDataOptionsAdvanced",type:"simpleInputContainer"},{_nodes:[{default:"HS512",get:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenSignAlg",id:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenSignAlg",select:[{k:"none",v:"None"},{k:"HS256",v:"HS256"},{k:"HS384",v:"HS384"},{k:"HS512",v:"HS512"},{k:"RS256",v:"RS256"},{k:"RS384",v:"RS384"},{k:"RS512",v:"RS512"}],title:"oidcRPMetaDataOptionsIDTokenSignAlg",type:"select"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsRequirePKCE",id:t+"s/"+a+"/oidcRPMetaDataOptionsRequirePKCE",title:"oidcRPMetaDataOptionsRequirePKCE",type:"bool"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsAllowOffline",id:t+"s/"+a+"/oidcRPMetaDataOptionsAllowOffline",title:"oidcRPMetaDataOptionsAllowOffline",type:"bool"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsAllowPasswordGrant",id:t+"s/"+a+"/oidcRPMetaDataOptionsAllowPasswordGrant",title:"oidcRPMetaDataOptionsAllowPasswordGrant",type:"bool"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsAuthnLevel",id:t+"s/"+a+"/oidcRPMetaDataOptionsAuthnLevel",title:"oidcRPMetaDataOptionsAuthnLevel",type:"int"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsRule",id:t+"s/"+a+"/oidcRPMetaDataOptionsRule",title:"oidcRPMetaDataOptionsRule"}],id:"security",title:"security",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+a+"/oidcRPMetaDataOptionsAuthorizationCodeExpiration",id:t+"s/"+a+"/oidcRPMetaDataOptionsAuthorizationCodeExpiration",title:"oidcRPMetaDataOptionsAuthorizationCodeExpiration",type:"int"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenExpiration",id:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenExpiration",title:"oidcRPMetaDataOptionsIDTokenExpiration",type:"int"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsAccessTokenExpiration",id:t+"s/"+a+"/oidcRPMetaDataOptionsAccessTokenExpiration",title:"oidcRPMetaDataOptionsAccessTokenExpiration",type:"int"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsOfflineSessionExpiration",id:t+"s/"+a+"/oidcRPMetaDataOptionsOfflineSessionExpiration",title:"oidcRPMetaDataOptionsOfflineSessionExpiration",type:"int"}],id:"oidcRPMetaDataOptionsTimeouts",title:"oidcRPMetaDataOptionsTimeouts",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+a+"/oidcRPMetaDataOptionsPostLogoutRedirectUris",id:t+"s/"+a+"/oidcRPMetaDataOptionsPostLogoutRedirectUris",title:"oidcRPMetaDataOptionsPostLogoutRedirectUris"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutUrl",id:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutUrl",title:"oidcRPMetaDataOptionsLogoutUrl"},{default:"front",get:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutType",id:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutType",select:[{k:"front",v:"Front Channel"}],title:"oidcRPMetaDataOptionsLogoutType",type:"select"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutSessionRequired",id:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutSessionRequired",title:"oidcRPMetaDataOptionsLogoutSessionRequired",type:"bool"}],id:"logout",title:"logout",type:"simpleInputContainer"}],help:"idpopenidconnect.html#options",id:"oidcRPMetaDataOptions",title:"oidcRPMetaDataOptions"},{cnodes:t+"s/"+a+"/oidcRPMetaDataMacros",default:[],help:"exportedvars.html#extend-variables-using-macros-and-groups",id:t+"s/"+a+"/oidcRPMetaDataMacros",title:"oidcRPMetaDataMacros",type:"keyTextContainer"},{_nodes:[{get:t+"s/"+a+"/oidcRPMetaDataOptionsDisplayName",id:t+"s/"+a+"/oidcRPMetaDataOptionsDisplayName",title:"oidcRPMetaDataOptionsDisplayName"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsIcon",id:t+"s/"+a+"/oidcRPMetaDataOptionsIcon",title:"oidcRPMetaDataOptionsIcon"}],id:"oidcRPMetaDataOptionsDisplay",title:"oidcRPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlIDPMetaDataNode":return[{get:t+"s/"+a+"/samlIDPMetaDataXML",id:t+"s/"+a+"/samlIDPMetaDataXML",title:"samlIDPMetaDataXML",type:"file"},{cnodes:t+"s/"+a+"/samlIDPMetaDataExportedAttributes",default:[],help:"authsaml.html#exported-attributes",id:t+"s/"+a+"/samlIDPMetaDataExportedAttributes",title:"samlIDPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsAdaptSessionUtime",id:t+"s/"+a+"/samlIDPMetaDataOptionsAdaptSessionUtime",title:"samlIDPMetaDataOptionsAdaptSessionUtime",type:"bool"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsForceUTF8",id:t+"s/"+a+"/samlIDPMetaDataOptionsForceUTF8",title:"samlIDPMetaDataOptionsForceUTF8",type:"bool"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsStoreSAMLToken",id:t+"s/"+a+"/samlIDPMetaDataOptionsStoreSAMLToken",title:"samlIDPMetaDataOptionsStoreSAMLToken",type:"bool"},{get:t+"s/"+a+"/samlIDPMetaDataOptionsUserAttribute",id:t+"s/"+a+"/samlIDPMetaDataOptionsUserAttribute",title:"samlIDPMetaDataOptionsUserAttribute"}],id:"samlIDPMetaDataOptionsSession",title:"samlIDPMetaDataOptionsSession",type:"simpleInputContainer"},{_nodes:[{default:"",get:t+"s/"+a+"/samlIDPMetaDataOptionsSignatureMethod",id:t+"s/"+a+"/samlIDPMetaDataOptionsSignatureMethod",select:[{k:"",v:"default"},{k:"RSA_SHA1",v:"RSA SHA1"},{k:"RSA_SHA256",v:"RSA SHA256"},{k:"RSA_SHA384",v:"RSA SHA384"},{k:"RSA_SHA512",v:"RSA SHA512"}],title:"samlIDPMetaDataOptionsSignatureMethod",type:"select"},{default:-1,get:t+"s/"+a+"/samlIDPMetaDataOptionsSignSSOMessage",id:t+"s/"+a+"/samlIDPMetaDataOptionsSignSSOMessage",title:"samlIDPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:t+"s/"+a+"/samlIDPMetaDataOptionsCheckSSOMessageSignature",id:t+"s/"+a+"/samlIDPMetaDataOptionsCheckSSOMessageSignature",title:"samlIDPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:t+"s/"+a+"/samlIDPMetaDataOptionsSignSLOMessage",id:t+"s/"+a+"/samlIDPMetaDataOptionsSignSLOMessage",title:"samlIDPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:t+"s/"+a+"/samlIDPMetaDataOptionsCheckSLOMessageSignature",id:t+"s/"+a+"/samlIDPMetaDataOptionsCheckSLOMessageSignature",title:"samlIDPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlIDPMetaDataOptionsSignature",title:"samlIDPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"",get:t+"s/"+a+"/samlIDPMetaDataOptionsSSOBinding",id:t+"s/"+a+"/samlIDPMetaDataOptionsSSOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"artifact-get",v:"Artifact GET"}],title:"samlIDPMetaDataOptionsSSOBinding",type:"select"},{default:"",get:t+"s/"+a+"/samlIDPMetaDataOptionsSLOBinding",id:t+"s/"+a+"/samlIDPMetaDataOptionsSLOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"http-soap",v:"SOAP"}],title:"samlIDPMetaDataOptionsSLOBinding",type:"select"}],id:"samlIDPMetaDataOptionsBinding",title:"samlIDPMetaDataOptionsBinding",type:"simpleInputContainer"},{_nodes:[{default:"none",get:t+"s/"+a+"/samlIDPMetaDataOptionsEncryptionMode",id:t+"s/"+a+"/samlIDPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlIDPMetaDataOptionsEncryptionMode",type:"select"},{default:1,get:t+"s/"+a+"/samlIDPMetaDataOptionsCheckTime",id:t+"s/"+a+"/samlIDPMetaDataOptionsCheckTime",title:"samlIDPMetaDataOptionsCheckTime",type:"bool"},{default:1,get:t+"s/"+a+"/samlIDPMetaDataOptionsCheckAudience",id:t+"s/"+a+"/samlIDPMetaDataOptionsCheckAudience",title:"samlIDPMetaDataOptionsCheckAudience",type:"bool"}],id:"samlIDPMetaDataOptionsSecurity",title:"samlIDPMetaDataOptionsSecurity",type:"simpleInputContainer"},{_nodes:[{default:"",get:t+"s/"+a+"/samlIDPMetaDataOptionsResolutionRule",id:t+"s/"+a+"/samlIDPMetaDataOptionsResolutionRule",title:"samlIDPMetaDataOptionsResolutionRule",type:"longtext"},{default:"",get:t+"s/"+a+"/samlIDPMetaDataOptionsNameIDFormat",id:t+"s/"+a+"/samlIDPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlIDPMetaDataOptionsNameIDFormat",type:"select"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsForceAuthn",id:t+"s/"+a+"/samlIDPMetaDataOptionsForceAuthn",title:"samlIDPMetaDataOptionsForceAuthn",type:"bool"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsIsPassive",id:t+"s/"+a+"/samlIDPMetaDataOptionsIsPassive",title:"samlIDPMetaDataOptionsIsPassive",type:"bool"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsAllowProxiedAuthn",id:t+"s/"+a+"/samlIDPMetaDataOptionsAllowProxiedAuthn",title:"samlIDPMetaDataOptionsAllowProxiedAuthn",type:"bool"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsAllowLoginFromIDP",id:t+"s/"+a+"/samlIDPMetaDataOptionsAllowLoginFromIDP",title:"samlIDPMetaDataOptionsAllowLoginFromIDP",type:"bool"},{default:"",get:t+"s/"+a+"/samlIDPMetaDataOptionsRequestedAuthnContext",id:t+"s/"+a+"/samlIDPMetaDataOptionsRequestedAuthnContext",select:[{k:"",v:""},{k:"kerberos",v:"Kerberos"},{k:"password-protected-transport",v:"Password protected transport"},{k:"password",v:"Password"},{k:"tls-client",v:"TLS client certificate"}],title:"samlIDPMetaDataOptionsRequestedAuthnContext",type:"select"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsRelayStateURL",id:t+"s/"+a+"/samlIDPMetaDataOptionsRelayStateURL",title:"samlIDPMetaDataOptionsRelayStateURL",type:"bool"}],help:"authsaml.html#options",id:"samlIDPMetaDataOptions",title:"samlIDPMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+a+"/samlIDPMetaDataOptionsDisplayName",id:t+"s/"+a+"/samlIDPMetaDataOptionsDisplayName",title:"samlIDPMetaDataOptionsDisplayName"},{get:t+"s/"+a+"/samlIDPMetaDataOptionsIcon",id:t+"s/"+a+"/samlIDPMetaDataOptionsIcon",title:"samlIDPMetaDataOptionsIcon"},{get:t+"s/"+a+"/samlIDPMetaDataOptionsSortNumber",id:t+"s/"+a+"/samlIDPMetaDataOptionsSortNumber",title:"samlIDPMetaDataOptionsSortNumber",type:"int"}],id:"samlIDPMetaDataOptionsDisplay",title:"samlIDPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlSPMetaDataNode":return[{get:t+"s/"+a+"/samlSPMetaDataXML",id:t+"s/"+a+"/samlSPMetaDataXML",title:"samlSPMetaDataXML",type:"file"},{cnodes:t+"s/"+a+"/samlSPMetaDataExportedAttributes",default:[],help:"idpsaml.html#exported-attributes",id:t+"s/"+a+"/samlSPMetaDataExportedAttributes",title:"samlSPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{_nodes:[{default:"",get:t+"s/"+a+"/samlSPMetaDataOptionsNameIDFormat",id:t+"s/"+a+"/samlSPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlSPMetaDataOptionsNameIDFormat",type:"select"},{get:t+"s/"+a+"/samlSPMetaDataOptionsNameIDSessionKey",id:t+"s/"+a+"/samlSPMetaDataOptionsNameIDSessionKey",title:"samlSPMetaDataOptionsNameIDSessionKey"},{default:0,get:t+"s/"+a+"/samlSPMetaDataOptionsOneTimeUse",id:t+"s/"+a+"/samlSPMetaDataOptionsOneTimeUse",title:"samlSPMetaDataOptionsOneTimeUse",type:"bool"},{default:72e3,get:t+"s/"+a+"/samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",id:t+"s/"+a+"/samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",type:"int"},{default:72e3,get:t+"s/"+a+"/samlSPMetaDataOptionsNotOnOrAfterTimeout",id:t+"s/"+a+"/samlSPMetaDataOptionsNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsNotOnOrAfterTimeout",type:"int"},{default:1,get:t+"s/"+a+"/samlSPMetaDataOptionsForceUTF8",id:t+"s/"+a+"/samlSPMetaDataOptionsForceUTF8",title:"samlSPMetaDataOptionsForceUTF8",type:"bool"}],id:"samlSPMetaDataOptionsAuthnResponse",title:"samlSPMetaDataOptionsAuthnResponse",type:"simpleInputContainer"},{_nodes:[{default:"",get:t+"s/"+a+"/samlSPMetaDataOptionsSignatureMethod",id:t+"s/"+a+"/samlSPMetaDataOptionsSignatureMethod",select:[{k:"",v:"default"},{k:"RSA_SHA1",v:"RSA SHA1"},{k:"RSA_SHA256",v:"RSA SHA256"},{k:"RSA_SHA384",v:"RSA SHA384"},{k:"RSA_SHA512",v:"RSA SHA512"}],title:"samlSPMetaDataOptionsSignatureMethod",type:"select"},{default:-1,get:t+"s/"+a+"/samlSPMetaDataOptionsSignSSOMessage",id:t+"s/"+a+"/samlSPMetaDataOptionsSignSSOMessage",title:"samlSPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:t+"s/"+a+"/samlSPMetaDataOptionsCheckSSOMessageSignature",id:t+"s/"+a+"/samlSPMetaDataOptionsCheckSSOMessageSignature",title:"samlSPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:t+"s/"+a+"/samlSPMetaDataOptionsSignSLOMessage",id:t+"s/"+a+"/samlSPMetaDataOptionsSignSLOMessage",title:"samlSPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:t+"s/"+a+"/samlSPMetaDataOptionsCheckSLOMessageSignature",id:t+"s/"+a+"/samlSPMetaDataOptionsCheckSLOMessageSignature",title:"samlSPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlSPMetaDataOptionsSignature",title:"samlSPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"none",get:t+"s/"+a+"/samlSPMetaDataOptionsEncryptionMode",id:t+"s/"+a+"/samlSPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlSPMetaDataOptionsEncryptionMode",type:"select"},{default:0,get:t+"s/"+a+"/samlSPMetaDataOptionsEnableIDPInitiatedURL",id:t+"s/"+a+"/samlSPMetaDataOptionsEnableIDPInitiatedURL",title:"samlSPMetaDataOptionsEnableIDPInitiatedURL",type:"bool"},{get:t+"s/"+a+"/samlSPMetaDataOptionsAuthnLevel",id:t+"s/"+a+"/samlSPMetaDataOptionsAuthnLevel",title:"samlSPMetaDataOptionsAuthnLevel",type:"int"},{get:t+"s/"+a+"/samlSPMetaDataOptionsRule",id:t+"s/"+a+"/samlSPMetaDataOptionsRule",title:"samlSPMetaDataOptionsRule"}],id:"samlSPMetaDataOptionsSecurity",title:"samlSPMetaDataOptionsSecurity",type:"simpleInputContainer"}],help:"idpsaml.html#options",id:"samlSPMetaDataOptions",title:"samlSPMetaDataOptions"},{cnodes:t+"s/"+a+"/samlSPMetaDataMacros",default:[],help:"exportedvars.html#extend-variables-using-macros-and-groups",id:t+"s/"+a+"/samlSPMetaDataMacros",title:"samlSPMetaDataMacros",type:"keyTextContainer"}];case"virtualHost":return[{cnodes:t+"s/"+a+"/locationRules",default:[{data:"deny",id:t+"s/"+a+"/locationRules/default",re:"default",title:"default",type:"rule"}],help:"writingrulesand_headers.html#rules",id:t+"s/"+a+"/locationRules",title:"locationRules",type:"ruleContainer"},{cnodes:t+"s/"+a+"/exportedHeaders",help:"writingrulesand_headers.html#headers",id:t+"s/"+a+"/exportedHeaders",title:"exportedHeaders",type:"keyTextContainer"},{cnodes:t+"s/"+a+"/post",help:"formreplay.html",id:t+"s/"+a+"/post",title:"post",type:"postContainer"},{_nodes:[{default:-1,get:t+"s/"+a+"/vhostPort",id:t+"s/"+a+"/vhostPort",title:"vhostPort",type:"int"},{default:-1,get:t+"s/"+a+"/vhostHttps",id:t+"s/"+a+"/vhostHttps",title:"vhostHttps",type:"trool"},{default:0,get:t+"s/"+a+"/vhostMaintenance",id:t+"s/"+a+"/vhostMaintenance",title:"vhostMaintenance",type:"bool"},{default:"",get:t+"s/"+a+"/vhostAliases",id:t+"s/"+a+"/vhostAliases",title:"vhostAliases"},{default:"Main",get:t+"s/"+a+"/vhostType",id:t+"s/"+a+"/vhostType",select:[{k:"AuthBasic",v:"AuthBasic"},{k:"CDA",v:"CDA"},{k:"DevOps",v:"DevOps"},{k:"DevOpsST",v:"DevOpsST"},{k:"Main",v:"Main"},{k:"OAuth2",v:"OAuth2"},{k:"SecureToken",v:"SecureToken"},{k:"ServiceToken",v:"ServiceToken"},{k:"ZimbraPreAuth",v:"ZimbraPreAuth"}],title:"vhostType",type:"select"},{get:t+"s/"+a+"/vhostAuthnLevel",id:t+"s/"+a+"/vhostAuthnLevel",title:"vhostAuthnLevel",type:"int"},{default:-1,get:t+"s/"+a+"/vhostServiceTokenTTL",id:t+"s/"+a+"/vhostServiceTokenTTL",title:"vhostServiceTokenTTL",type:"int"}],help:"configvhost.html#options",id:"vhostOptions",title:"vhostOptions",type:"simpleInputContainer"}];default:return[]}}function setScopeVars(t){t.portal=t.data[0]._nodes[0]._nodes[0],t.getKey(t.portal),t.domain=t.data[0]._nodes[4]._nodes[1],t.getKey(t.domain)} \ No newline at end of file +function templates(t,a){switch(t){case"casAppMetaDataNode":return[{cnodes:t+"s/"+a+"/casAppMetaDataExportedVars",default:[{data:"cn",id:t+"s/"+a+"/casAppMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:t+"s/"+a+"/casAppMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:t+"s/"+a+"/casAppMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:t+"s/"+a+"/casAppMetaDataExportedVars",title:"casAppMetaDataExportedVars",type:"keyTextContainer"},{_nodes:[{get:t+"s/"+a+"/casAppMetaDataOptionsService",id:t+"s/"+a+"/casAppMetaDataOptionsService",title:"casAppMetaDataOptionsService"},{get:t+"s/"+a+"/casAppMetaDataOptionsUserAttribute",id:t+"s/"+a+"/casAppMetaDataOptionsUserAttribute",title:"casAppMetaDataOptionsUserAttribute"},{get:t+"s/"+a+"/casAppMetaDataOptionsAuthnLevel",id:t+"s/"+a+"/casAppMetaDataOptionsAuthnLevel",title:"casAppMetaDataOptionsAuthnLevel",type:"int"},{get:t+"s/"+a+"/casAppMetaDataOptionsRule",id:t+"s/"+a+"/casAppMetaDataOptionsRule",title:"casAppMetaDataOptionsRule"}],id:"casAppMetaDataOptions",title:"casAppMetaDataOptions",type:"simpleInputContainer"},{cnodes:t+"s/"+a+"/casAppMetaDataMacros",default:[],help:"exportedvars.html#extend-variables-using-macros-and-groups",id:t+"s/"+a+"/casAppMetaDataMacros",title:"casAppMetaDataMacros",type:"keyTextContainer"}];case"casSrvMetaDataNode":return[{cnodes:t+"s/"+a+"/casSrvMetaDataExportedVars",default:[{data:"cn",id:t+"s/"+a+"/casSrvMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:t+"s/"+a+"/casSrvMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:t+"s/"+a+"/casSrvMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:t+"s/"+a+"/casSrvMetaDataExportedVars",title:"casSrvMetaDataExportedVars",type:"keyTextContainer"},{cnodes:t+"s/"+a+"/casSrvMetaDataOptionsProxiedServices",id:t+"s/"+a+"/casSrvMetaDataOptionsProxiedServices",title:"casSrvMetaDataOptionsProxiedServices",type:"keyTextContainer"},{_nodes:[{get:t+"s/"+a+"/casSrvMetaDataOptionsUrl",id:t+"s/"+a+"/casSrvMetaDataOptionsUrl",title:"casSrvMetaDataOptionsUrl"},{default:0,get:t+"s/"+a+"/casSrvMetaDataOptionsRenew",id:t+"s/"+a+"/casSrvMetaDataOptionsRenew",title:"casSrvMetaDataOptionsRenew",type:"bool"},{default:0,get:t+"s/"+a+"/casSrvMetaDataOptionsGateway",id:t+"s/"+a+"/casSrvMetaDataOptionsGateway",title:"casSrvMetaDataOptionsGateway",type:"bool"}],id:"casSrvMetaDataOptions",title:"casSrvMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+a+"/casSrvMetaDataOptionsDisplayName",id:t+"s/"+a+"/casSrvMetaDataOptionsDisplayName",title:"casSrvMetaDataOptionsDisplayName"},{get:t+"s/"+a+"/casSrvMetaDataOptionsIcon",id:t+"s/"+a+"/casSrvMetaDataOptionsIcon",title:"casSrvMetaDataOptionsIcon"},{get:t+"s/"+a+"/casSrvMetaDataOptionsSortNumber",id:t+"s/"+a+"/casSrvMetaDataOptionsSortNumber",title:"casSrvMetaDataOptionsSortNumber",type:"int"}],id:"casSrvMetaDataOptionsDisplay",title:"casSrvMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"oidcOPMetaDataNode":return[{get:t+"s/"+a+"/oidcOPMetaDataJSON",id:t+"s/"+a+"/oidcOPMetaDataJSON",title:"oidcOPMetaDataJSON",type:"file"},{get:t+"s/"+a+"/oidcOPMetaDataJWKS",id:t+"s/"+a+"/oidcOPMetaDataJWKS",title:"oidcOPMetaDataJWKS",type:"file"},{cnodes:t+"s/"+a+"/oidcOPMetaDataExportedVars",default:[{data:"name",id:t+"s/"+a+"/oidcOPMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"email",id:t+"s/"+a+"/oidcOPMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"family_name",id:t+"s/"+a+"/oidcOPMetaDataExportedVars/sn",title:"sn",type:"keyText"},{data:"sub",id:t+"s/"+a+"/oidcOPMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:t+"s/"+a+"/oidcOPMetaDataExportedVars",title:"oidcOPMetaDataExportedVars",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:t+"s/"+a+"/oidcOPMetaDataOptionsConfigurationURI",id:t+"s/"+a+"/oidcOPMetaDataOptionsConfigurationURI",title:"oidcOPMetaDataOptionsConfigurationURI"},{default:0,get:t+"s/"+a+"/oidcOPMetaDataOptionsJWKSTimeout",id:t+"s/"+a+"/oidcOPMetaDataOptionsJWKSTimeout",title:"oidcOPMetaDataOptionsJWKSTimeout",type:"int"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsClientID",id:t+"s/"+a+"/oidcOPMetaDataOptionsClientID",title:"oidcOPMetaDataOptionsClientID"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsClientSecret",id:t+"s/"+a+"/oidcOPMetaDataOptionsClientSecret",title:"oidcOPMetaDataOptionsClientSecret",type:"password"},{default:0,get:t+"s/"+a+"/oidcOPMetaDataOptionsStoreIDToken",id:t+"s/"+a+"/oidcOPMetaDataOptionsStoreIDToken",title:"oidcOPMetaDataOptionsStoreIDToken",type:"bool"}],id:"oidcOPMetaDataOptionsConfiguration",title:"oidcOPMetaDataOptionsConfiguration",type:"simpleInputContainer"},{_nodes:[{default:"openid profile",get:t+"s/"+a+"/oidcOPMetaDataOptionsScope",id:t+"s/"+a+"/oidcOPMetaDataOptionsScope",title:"oidcOPMetaDataOptionsScope"},{default:"",get:t+"s/"+a+"/oidcOPMetaDataOptionsDisplay",id:t+"s/"+a+"/oidcOPMetaDataOptionsDisplay",select:[{k:"",v:""},{k:"page",v:"page"},{k:"popup",v:"popup"},{k:"touch",v:"touch"},{k:"wap",v:"wap"}],title:"oidcOPMetaDataOptionsDisplay",type:"select"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsPrompt",id:t+"s/"+a+"/oidcOPMetaDataOptionsPrompt",title:"oidcOPMetaDataOptionsPrompt"},{default:0,get:t+"s/"+a+"/oidcOPMetaDataOptionsMaxAge",id:t+"s/"+a+"/oidcOPMetaDataOptionsMaxAge",title:"oidcOPMetaDataOptionsMaxAge",type:"int"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsUiLocales",id:t+"s/"+a+"/oidcOPMetaDataOptionsUiLocales",title:"oidcOPMetaDataOptionsUiLocales"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsAcrValues",id:t+"s/"+a+"/oidcOPMetaDataOptionsAcrValues",title:"oidcOPMetaDataOptionsAcrValues"},{default:"client_secret_post",get:t+"s/"+a+"/oidcOPMetaDataOptionsTokenEndpointAuthMethod",id:t+"s/"+a+"/oidcOPMetaDataOptionsTokenEndpointAuthMethod",select:[{k:"client_secret_post",v:"client_secret_post"},{k:"client_secret_basic",v:"client_secret_basic"}],title:"oidcOPMetaDataOptionsTokenEndpointAuthMethod",type:"select"},{default:1,get:t+"s/"+a+"/oidcOPMetaDataOptionsCheckJWTSignature",id:t+"s/"+a+"/oidcOPMetaDataOptionsCheckJWTSignature",title:"oidcOPMetaDataOptionsCheckJWTSignature",type:"bool"},{default:30,get:t+"s/"+a+"/oidcOPMetaDataOptionsIDTokenMaxAge",id:t+"s/"+a+"/oidcOPMetaDataOptionsIDTokenMaxAge",title:"oidcOPMetaDataOptionsIDTokenMaxAge",type:"int"},{default:1,get:t+"s/"+a+"/oidcOPMetaDataOptionsUseNonce",id:t+"s/"+a+"/oidcOPMetaDataOptionsUseNonce",title:"oidcOPMetaDataOptionsUseNonce",type:"bool"}],id:"oidcOPMetaDataOptionsProtocol",title:"oidcOPMetaDataOptionsProtocol",type:"simpleInputContainer"}],id:"oidcOPMetaDataOptions",title:"oidcOPMetaDataOptions"},{_nodes:[{get:t+"s/"+a+"/oidcOPMetaDataOptionsDisplayName",id:t+"s/"+a+"/oidcOPMetaDataOptionsDisplayName",title:"oidcOPMetaDataOptionsDisplayName"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsIcon",id:t+"s/"+a+"/oidcOPMetaDataOptionsIcon",title:"oidcOPMetaDataOptionsIcon"},{get:t+"s/"+a+"/oidcOPMetaDataOptionsSortNumber",id:t+"s/"+a+"/oidcOPMetaDataOptionsSortNumber",title:"oidcOPMetaDataOptionsSortNumber",type:"int"}],id:"oidcOPMetaDataOptionsDisplayParams",title:"oidcOPMetaDataOptionsDisplayParams",type:"simpleInputContainer"}];case"oidcRPMetaDataNode":return[{cnodes:t+"s/"+a+"/oidcRPMetaDataExportedVars",default:[{data:["mail","string","auto"],id:t+"s/"+a+"/oidcRPMetaDataExportedVars/email",title:"email",type:"oidcAttribute"},{data:["sn","string","auto"],id:t+"s/"+a+"/oidcRPMetaDataExportedVars/family_name",title:"family_name",type:"oidcAttribute"},{data:["cn","string","auto"],id:t+"s/"+a+"/oidcRPMetaDataExportedVars/name",title:"name",type:"oidcAttribute"}],id:t+"s/"+a+"/oidcRPMetaDataExportedVars",title:"oidcRPMetaDataExportedVars",type:"oidcAttributeContainer"},{cnodes:t+"s/"+a+"/oidcRPMetaDataOptionsExtraClaims",default:[],id:t+"s/"+a+"/oidcRPMetaDataOptionsExtraClaims",title:"oidcRPMetaDataOptionsExtraClaims",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:t+"s/"+a+"/oidcRPMetaDataOptionsClientID",id:t+"s/"+a+"/oidcRPMetaDataOptionsClientID",title:"oidcRPMetaDataOptionsClientID"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsClientSecret",id:t+"s/"+a+"/oidcRPMetaDataOptionsClientSecret",title:"oidcRPMetaDataOptionsClientSecret",type:"password"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsPublic",id:t+"s/"+a+"/oidcRPMetaDataOptionsPublic",title:"oidcRPMetaDataOptionsPublic",type:"bool"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsRedirectUris",id:t+"s/"+a+"/oidcRPMetaDataOptionsRedirectUris",title:"oidcRPMetaDataOptionsRedirectUris"}],id:"oidcRPMetaDataOptionsBasic",title:"oidcRPMetaDataOptionsBasic",type:"simpleInputContainer"},{_nodes:[{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsBypassConsent",help:"openidconnectclaims.html",id:t+"s/"+a+"/oidcRPMetaDataOptionsBypassConsent",title:"oidcRPMetaDataOptionsBypassConsent",type:"bool"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsUserIDAttr",id:t+"s/"+a+"/oidcRPMetaDataOptionsUserIDAttr",title:"oidcRPMetaDataOptionsUserIDAttr"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenForceClaims",id:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenForceClaims",title:"oidcRPMetaDataOptionsIDTokenForceClaims",type:"bool"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsAdditionalAudiences",id:t+"s/"+a+"/oidcRPMetaDataOptionsAdditionalAudiences",title:"oidcRPMetaDataOptionsAdditionalAudiences"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsRefreshToken",id:t+"s/"+a+"/oidcRPMetaDataOptionsRefreshToken",title:"oidcRPMetaDataOptionsRefreshToken",type:"bool"}],id:"oidcRPMetaDataOptionsAdvanced",title:"oidcRPMetaDataOptionsAdvanced",type:"simpleInputContainer"},{_nodes:[{default:"HS512",get:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenSignAlg",id:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenSignAlg",select:[{k:"none",v:"None"},{k:"HS256",v:"HS256"},{k:"HS384",v:"HS384"},{k:"HS512",v:"HS512"},{k:"RS256",v:"RS256"},{k:"RS384",v:"RS384"},{k:"RS512",v:"RS512"}],title:"oidcRPMetaDataOptionsIDTokenSignAlg",type:"select"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsRequirePKCE",id:t+"s/"+a+"/oidcRPMetaDataOptionsRequirePKCE",title:"oidcRPMetaDataOptionsRequirePKCE",type:"bool"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsAllowOffline",id:t+"s/"+a+"/oidcRPMetaDataOptionsAllowOffline",title:"oidcRPMetaDataOptionsAllowOffline",type:"bool"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsAllowPasswordGrant",id:t+"s/"+a+"/oidcRPMetaDataOptionsAllowPasswordGrant",title:"oidcRPMetaDataOptionsAllowPasswordGrant",type:"bool"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsAuthnLevel",id:t+"s/"+a+"/oidcRPMetaDataOptionsAuthnLevel",title:"oidcRPMetaDataOptionsAuthnLevel",type:"int"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsRule",id:t+"s/"+a+"/oidcRPMetaDataOptionsRule",title:"oidcRPMetaDataOptionsRule"}],id:"security",title:"security",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+a+"/oidcRPMetaDataOptionsAuthorizationCodeExpiration",id:t+"s/"+a+"/oidcRPMetaDataOptionsAuthorizationCodeExpiration",title:"oidcRPMetaDataOptionsAuthorizationCodeExpiration",type:"int"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenExpiration",id:t+"s/"+a+"/oidcRPMetaDataOptionsIDTokenExpiration",title:"oidcRPMetaDataOptionsIDTokenExpiration",type:"int"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsAccessTokenExpiration",id:t+"s/"+a+"/oidcRPMetaDataOptionsAccessTokenExpiration",title:"oidcRPMetaDataOptionsAccessTokenExpiration",type:"int"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsOfflineSessionExpiration",id:t+"s/"+a+"/oidcRPMetaDataOptionsOfflineSessionExpiration",title:"oidcRPMetaDataOptionsOfflineSessionExpiration",type:"int"}],id:"oidcRPMetaDataOptionsTimeouts",title:"oidcRPMetaDataOptionsTimeouts",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+a+"/oidcRPMetaDataOptionsPostLogoutRedirectUris",id:t+"s/"+a+"/oidcRPMetaDataOptionsPostLogoutRedirectUris",title:"oidcRPMetaDataOptionsPostLogoutRedirectUris"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutUrl",id:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutUrl",title:"oidcRPMetaDataOptionsLogoutUrl"},{default:"front",get:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutType",id:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutType",select:[{k:"front",v:"Front Channel"}],title:"oidcRPMetaDataOptionsLogoutType",type:"select"},{default:0,get:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutSessionRequired",id:t+"s/"+a+"/oidcRPMetaDataOptionsLogoutSessionRequired",title:"oidcRPMetaDataOptionsLogoutSessionRequired",type:"bool"}],id:"logout",title:"logout",type:"simpleInputContainer"}],help:"idpopenidconnect.html#options",id:"oidcRPMetaDataOptions",title:"oidcRPMetaDataOptions"},{cnodes:t+"s/"+a+"/oidcRPMetaDataMacros",default:[],help:"exportedvars.html#extend-variables-using-macros-and-groups",id:t+"s/"+a+"/oidcRPMetaDataMacros",title:"oidcRPMetaDataMacros",type:"keyTextContainer"},{_nodes:[{get:t+"s/"+a+"/oidcRPMetaDataOptionsDisplayName",id:t+"s/"+a+"/oidcRPMetaDataOptionsDisplayName",title:"oidcRPMetaDataOptionsDisplayName"},{get:t+"s/"+a+"/oidcRPMetaDataOptionsIcon",id:t+"s/"+a+"/oidcRPMetaDataOptionsIcon",title:"oidcRPMetaDataOptionsIcon"}],id:"oidcRPMetaDataOptionsDisplay",title:"oidcRPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlIDPMetaDataNode":return[{get:t+"s/"+a+"/samlIDPMetaDataXML",id:t+"s/"+a+"/samlIDPMetaDataXML",title:"samlIDPMetaDataXML",type:"file"},{cnodes:t+"s/"+a+"/samlIDPMetaDataExportedAttributes",default:[],help:"authsaml.html#exported-attributes",id:t+"s/"+a+"/samlIDPMetaDataExportedAttributes",title:"samlIDPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsAdaptSessionUtime",id:t+"s/"+a+"/samlIDPMetaDataOptionsAdaptSessionUtime",title:"samlIDPMetaDataOptionsAdaptSessionUtime",type:"bool"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsForceUTF8",id:t+"s/"+a+"/samlIDPMetaDataOptionsForceUTF8",title:"samlIDPMetaDataOptionsForceUTF8",type:"bool"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsStoreSAMLToken",id:t+"s/"+a+"/samlIDPMetaDataOptionsStoreSAMLToken",title:"samlIDPMetaDataOptionsStoreSAMLToken",type:"bool"},{get:t+"s/"+a+"/samlIDPMetaDataOptionsUserAttribute",id:t+"s/"+a+"/samlIDPMetaDataOptionsUserAttribute",title:"samlIDPMetaDataOptionsUserAttribute"}],id:"samlIDPMetaDataOptionsSession",title:"samlIDPMetaDataOptionsSession",type:"simpleInputContainer"},{_nodes:[{default:"",get:t+"s/"+a+"/samlIDPMetaDataOptionsSignatureMethod",id:t+"s/"+a+"/samlIDPMetaDataOptionsSignatureMethod",select:[{k:"",v:"default"},{k:"RSA_SHA1",v:"RSA SHA1"},{k:"RSA_SHA256",v:"RSA SHA256"},{k:"RSA_SHA384",v:"RSA SHA384"},{k:"RSA_SHA512",v:"RSA SHA512"}],title:"samlIDPMetaDataOptionsSignatureMethod",type:"select"},{default:-1,get:t+"s/"+a+"/samlIDPMetaDataOptionsSignSSOMessage",id:t+"s/"+a+"/samlIDPMetaDataOptionsSignSSOMessage",title:"samlIDPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:t+"s/"+a+"/samlIDPMetaDataOptionsCheckSSOMessageSignature",id:t+"s/"+a+"/samlIDPMetaDataOptionsCheckSSOMessageSignature",title:"samlIDPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:t+"s/"+a+"/samlIDPMetaDataOptionsSignSLOMessage",id:t+"s/"+a+"/samlIDPMetaDataOptionsSignSLOMessage",title:"samlIDPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:t+"s/"+a+"/samlIDPMetaDataOptionsCheckSLOMessageSignature",id:t+"s/"+a+"/samlIDPMetaDataOptionsCheckSLOMessageSignature",title:"samlIDPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlIDPMetaDataOptionsSignature",title:"samlIDPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"",get:t+"s/"+a+"/samlIDPMetaDataOptionsSSOBinding",id:t+"s/"+a+"/samlIDPMetaDataOptionsSSOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"artifact-get",v:"Artifact GET"}],title:"samlIDPMetaDataOptionsSSOBinding",type:"select"},{default:"",get:t+"s/"+a+"/samlIDPMetaDataOptionsSLOBinding",id:t+"s/"+a+"/samlIDPMetaDataOptionsSLOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"http-soap",v:"SOAP"}],title:"samlIDPMetaDataOptionsSLOBinding",type:"select"}],id:"samlIDPMetaDataOptionsBinding",title:"samlIDPMetaDataOptionsBinding",type:"simpleInputContainer"},{_nodes:[{default:"none",get:t+"s/"+a+"/samlIDPMetaDataOptionsEncryptionMode",id:t+"s/"+a+"/samlIDPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlIDPMetaDataOptionsEncryptionMode",type:"select"},{default:1,get:t+"s/"+a+"/samlIDPMetaDataOptionsCheckTime",id:t+"s/"+a+"/samlIDPMetaDataOptionsCheckTime",title:"samlIDPMetaDataOptionsCheckTime",type:"bool"},{default:1,get:t+"s/"+a+"/samlIDPMetaDataOptionsCheckAudience",id:t+"s/"+a+"/samlIDPMetaDataOptionsCheckAudience",title:"samlIDPMetaDataOptionsCheckAudience",type:"bool"}],id:"samlIDPMetaDataOptionsSecurity",title:"samlIDPMetaDataOptionsSecurity",type:"simpleInputContainer"},{_nodes:[{default:"",get:t+"s/"+a+"/samlIDPMetaDataOptionsResolutionRule",id:t+"s/"+a+"/samlIDPMetaDataOptionsResolutionRule",title:"samlIDPMetaDataOptionsResolutionRule",type:"longtext"},{default:"",get:t+"s/"+a+"/samlIDPMetaDataOptionsNameIDFormat",id:t+"s/"+a+"/samlIDPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlIDPMetaDataOptionsNameIDFormat",type:"select"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsForceAuthn",id:t+"s/"+a+"/samlIDPMetaDataOptionsForceAuthn",title:"samlIDPMetaDataOptionsForceAuthn",type:"bool"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsIsPassive",id:t+"s/"+a+"/samlIDPMetaDataOptionsIsPassive",title:"samlIDPMetaDataOptionsIsPassive",type:"bool"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsAllowProxiedAuthn",id:t+"s/"+a+"/samlIDPMetaDataOptionsAllowProxiedAuthn",title:"samlIDPMetaDataOptionsAllowProxiedAuthn",type:"bool"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsAllowLoginFromIDP",id:t+"s/"+a+"/samlIDPMetaDataOptionsAllowLoginFromIDP",title:"samlIDPMetaDataOptionsAllowLoginFromIDP",type:"bool"},{default:"",get:t+"s/"+a+"/samlIDPMetaDataOptionsRequestedAuthnContext",id:t+"s/"+a+"/samlIDPMetaDataOptionsRequestedAuthnContext",select:[{k:"",v:""},{k:"kerberos",v:"Kerberos"},{k:"password-protected-transport",v:"Password protected transport"},{k:"password",v:"Password"},{k:"tls-client",v:"TLS client certificate"}],title:"samlIDPMetaDataOptionsRequestedAuthnContext",type:"select"},{default:0,get:t+"s/"+a+"/samlIDPMetaDataOptionsRelayStateURL",id:t+"s/"+a+"/samlIDPMetaDataOptionsRelayStateURL",title:"samlIDPMetaDataOptionsRelayStateURL",type:"bool"}],help:"authsaml.html#options",id:"samlIDPMetaDataOptions",title:"samlIDPMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:t+"s/"+a+"/samlIDPMetaDataOptionsDisplayName",id:t+"s/"+a+"/samlIDPMetaDataOptionsDisplayName",title:"samlIDPMetaDataOptionsDisplayName"},{get:t+"s/"+a+"/samlIDPMetaDataOptionsIcon",id:t+"s/"+a+"/samlIDPMetaDataOptionsIcon",title:"samlIDPMetaDataOptionsIcon"},{get:t+"s/"+a+"/samlIDPMetaDataOptionsSortNumber",id:t+"s/"+a+"/samlIDPMetaDataOptionsSortNumber",title:"samlIDPMetaDataOptionsSortNumber",type:"int"}],id:"samlIDPMetaDataOptionsDisplay",title:"samlIDPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlSPMetaDataNode":return[{get:t+"s/"+a+"/samlSPMetaDataXML",id:t+"s/"+a+"/samlSPMetaDataXML",title:"samlSPMetaDataXML",type:"file"},{cnodes:t+"s/"+a+"/samlSPMetaDataExportedAttributes",default:[],help:"idpsaml.html#exported-attributes",id:t+"s/"+a+"/samlSPMetaDataExportedAttributes",title:"samlSPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{_nodes:[{default:"",get:t+"s/"+a+"/samlSPMetaDataOptionsNameIDFormat",id:t+"s/"+a+"/samlSPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlSPMetaDataOptionsNameIDFormat",type:"select"},{get:t+"s/"+a+"/samlSPMetaDataOptionsNameIDSessionKey",id:t+"s/"+a+"/samlSPMetaDataOptionsNameIDSessionKey",title:"samlSPMetaDataOptionsNameIDSessionKey"},{default:0,get:t+"s/"+a+"/samlSPMetaDataOptionsOneTimeUse",id:t+"s/"+a+"/samlSPMetaDataOptionsOneTimeUse",title:"samlSPMetaDataOptionsOneTimeUse",type:"bool"},{default:72e3,get:t+"s/"+a+"/samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",id:t+"s/"+a+"/samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",type:"int"},{default:72e3,get:t+"s/"+a+"/samlSPMetaDataOptionsNotOnOrAfterTimeout",id:t+"s/"+a+"/samlSPMetaDataOptionsNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsNotOnOrAfterTimeout",type:"int"},{default:1,get:t+"s/"+a+"/samlSPMetaDataOptionsForceUTF8",id:t+"s/"+a+"/samlSPMetaDataOptionsForceUTF8",title:"samlSPMetaDataOptionsForceUTF8",type:"bool"}],id:"samlSPMetaDataOptionsAuthnResponse",title:"samlSPMetaDataOptionsAuthnResponse",type:"simpleInputContainer"},{_nodes:[{default:"",get:t+"s/"+a+"/samlSPMetaDataOptionsSignatureMethod",id:t+"s/"+a+"/samlSPMetaDataOptionsSignatureMethod",select:[{k:"",v:"default"},{k:"RSA_SHA1",v:"RSA SHA1"},{k:"RSA_SHA256",v:"RSA SHA256"},{k:"RSA_SHA384",v:"RSA SHA384"},{k:"RSA_SHA512",v:"RSA SHA512"}],title:"samlSPMetaDataOptionsSignatureMethod",type:"select"},{default:-1,get:t+"s/"+a+"/samlSPMetaDataOptionsSignSSOMessage",id:t+"s/"+a+"/samlSPMetaDataOptionsSignSSOMessage",title:"samlSPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:t+"s/"+a+"/samlSPMetaDataOptionsCheckSSOMessageSignature",id:t+"s/"+a+"/samlSPMetaDataOptionsCheckSSOMessageSignature",title:"samlSPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:t+"s/"+a+"/samlSPMetaDataOptionsSignSLOMessage",id:t+"s/"+a+"/samlSPMetaDataOptionsSignSLOMessage",title:"samlSPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:t+"s/"+a+"/samlSPMetaDataOptionsCheckSLOMessageSignature",id:t+"s/"+a+"/samlSPMetaDataOptionsCheckSLOMessageSignature",title:"samlSPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlSPMetaDataOptionsSignature",title:"samlSPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"none",get:t+"s/"+a+"/samlSPMetaDataOptionsEncryptionMode",id:t+"s/"+a+"/samlSPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlSPMetaDataOptionsEncryptionMode",type:"select"},{default:0,get:t+"s/"+a+"/samlSPMetaDataOptionsEnableIDPInitiatedURL",id:t+"s/"+a+"/samlSPMetaDataOptionsEnableIDPInitiatedURL",title:"samlSPMetaDataOptionsEnableIDPInitiatedURL",type:"bool"},{get:t+"s/"+a+"/samlSPMetaDataOptionsAuthnLevel",id:t+"s/"+a+"/samlSPMetaDataOptionsAuthnLevel",title:"samlSPMetaDataOptionsAuthnLevel",type:"int"},{get:t+"s/"+a+"/samlSPMetaDataOptionsRule",id:t+"s/"+a+"/samlSPMetaDataOptionsRule",title:"samlSPMetaDataOptionsRule"}],id:"samlSPMetaDataOptionsSecurity",title:"samlSPMetaDataOptionsSecurity",type:"simpleInputContainer"}],help:"idpsaml.html#options",id:"samlSPMetaDataOptions",title:"samlSPMetaDataOptions"},{cnodes:t+"s/"+a+"/samlSPMetaDataMacros",default:[],help:"exportedvars.html#extend-variables-using-macros-and-groups",id:t+"s/"+a+"/samlSPMetaDataMacros",title:"samlSPMetaDataMacros",type:"keyTextContainer"}];case"virtualHost":return[{cnodes:t+"s/"+a+"/locationRules",default:[{data:"deny",id:t+"s/"+a+"/locationRules/default",re:"default",title:"default",type:"rule"}],help:"writingrulesand_headers.html#rules",id:t+"s/"+a+"/locationRules",title:"locationRules",type:"ruleContainer"},{cnodes:t+"s/"+a+"/exportedHeaders",help:"writingrulesand_headers.html#headers",id:t+"s/"+a+"/exportedHeaders",title:"exportedHeaders",type:"keyTextContainer"},{cnodes:t+"s/"+a+"/post",help:"formreplay.html",id:t+"s/"+a+"/post",title:"post",type:"postContainer"},{_nodes:[{default:-1,get:t+"s/"+a+"/vhostPort",id:t+"s/"+a+"/vhostPort",title:"vhostPort",type:"int"},{default:-1,get:t+"s/"+a+"/vhostHttps",id:t+"s/"+a+"/vhostHttps",title:"vhostHttps",type:"trool"},{default:0,get:t+"s/"+a+"/vhostMaintenance",id:t+"s/"+a+"/vhostMaintenance",title:"vhostMaintenance",type:"bool"},{default:"",get:t+"s/"+a+"/vhostAliases",id:t+"s/"+a+"/vhostAliases",title:"vhostAliases"},{default:"",get:t+"s/"+a+"/vhostAccessToTrace",id:t+"s/"+a+"/vhostAccessToTrace",title:"vhostAccessToTrace"},{default:"Main",get:t+"s/"+a+"/vhostType",id:t+"s/"+a+"/vhostType",select:[{k:"AuthBasic",v:"AuthBasic"},{k:"CDA",v:"CDA"},{k:"DevOps",v:"DevOps"},{k:"DevOpsST",v:"DevOpsST"},{k:"Main",v:"Main"},{k:"OAuth2",v:"OAuth2"},{k:"SecureToken",v:"SecureToken"},{k:"ServiceToken",v:"ServiceToken"},{k:"ZimbraPreAuth",v:"ZimbraPreAuth"}],title:"vhostType",type:"select"},{get:t+"s/"+a+"/vhostAuthnLevel",id:t+"s/"+a+"/vhostAuthnLevel",title:"vhostAuthnLevel",type:"int"},{default:-1,get:t+"s/"+a+"/vhostServiceTokenTTL",id:t+"s/"+a+"/vhostServiceTokenTTL",title:"vhostServiceTokenTTL",type:"int"}],help:"configvhost.html#options",id:"vhostOptions",title:"vhostOptions",type:"simpleInputContainer"}];default:return[]}}function setScopeVars(t){t.portal=t.data[0]._nodes[0]._nodes[0],t.getKey(t.portal),t.domain=t.data[0]._nodes[4]._nodes[1],t.getKey(t.domain)} \ No newline at end of file diff --git a/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js.map b/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js.map index fbae7d13c..0c15c0eb3 100644 --- a/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js.map +++ b/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js.map @@ -1 +1 @@ -{"version":3,"sources":["conftree.js"],"names":["templates","tpl","key","cnodes","default","data","id","title","type","_nodes","get","help","select","k","v","re","setScopeVars","scope","portal","getKey","domain"],"mappings":"AAAA,SAASA,UAAUC,EAAIC,GASrB,OAAOD,GACP,IAAK,qBACH,MAAO,CACR,CACGE,OAAWF,EAAI,KAAKC,EAAI,8BACxBE,QAAY,CACT,CACGC,KAAS,KACTC,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,KACVC,KAAS,WAEZ,CACGH,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,OACVC,KAAS,WAEZ,CACGH,KAAS,MACTC,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,MACVC,KAAS,YAGfF,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,gCACrBI,GAAOL,EAAI,KAAKC,EAAI,gCACpBK,MAAU,gCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,sCACrBI,GAAOL,EAAI,KAAKC,EAAI,sCACpBK,MAAU,sCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,8BAGhBD,GAAO,wBACPC,MAAU,wBACVC,KAAS,wBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,wBACxBE,QAAY,GACZO,KAAS,6DACTL,GAAOL,EAAI,KAAKC,EAAI,wBACpBK,MAAU,uBACVC,KAAS,qBAIb,IAAK,qBACH,MAAO,CACR,CACGL,OAAWF,EAAI,KAAKC,EAAI,8BACxBE,QAAY,CACT,CACGC,KAAS,KACTC,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,KACVC,KAAS,WAEZ,CACGH,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,OACVC,KAAS,WAEZ,CACGH,KAAS,MACTC,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,MACVC,KAAS,YAGfF,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,oBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,wCACxBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,4BACrBI,GAAOL,EAAI,KAAKC,EAAI,4BACpBK,MAAU,4BAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,8BACrBI,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,gCACrBI,GAAOL,EAAI,KAAKC,EAAI,gCACpBK,MAAU,+BACVC,KAAS,SAGfF,GAAO,wBACPC,MAAU,wBACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,oCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,6BAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAGfF,GAAO,+BACPC,MAAU,+BACVC,KAAS,yBAIb,IAAK,qBACH,MAAO,CACR,CACGE,IAAQT,EAAI,KAAKC,EAAI,sBACrBI,GAAOL,EAAI,KAAKC,EAAI,sBACpBK,MAAU,qBACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,sBACrBI,GAAOL,EAAI,KAAKC,EAAI,sBACpBK,MAAU,qBACVC,KAAS,QAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,8BACxBE,QAAY,CACT,CACGC,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,KACVC,KAAS,WAEZ,CACGH,KAAS,QACTC,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,OACVC,KAAS,WAEZ,CACGH,KAAS,cACTC,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,KACVC,KAAS,WAEZ,CACGH,KAAS,MACTC,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,MACVC,KAAS,YAGfF,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGA,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,yCACrBI,GAAOL,EAAI,KAAKC,EAAI,yCACpBK,MAAU,yCAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,iCACrBI,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,iCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,YAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,SAGfF,GAAO,qCACPC,MAAU,qCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,iBACZM,IAAQT,EAAI,KAAKC,EAAI,8BACrBI,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,8BAEb,CACGH,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,gCACrBI,GAAOL,EAAI,KAAKC,EAAI,gCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,MACNC,EAAM,QAGZP,MAAU,+BACVC,KAAS,UAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,+BACrBI,GAAOL,EAAI,KAAKC,EAAI,+BACpBK,MAAU,+BAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,+BACrBI,GAAOL,EAAI,KAAKC,EAAI,+BACpBK,MAAU,8BACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,kCACrBI,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,kCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,kCACrBI,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,kCAEb,CACGH,QAAY,qBACZM,IAAQT,EAAI,KAAKC,EAAI,gDACrBI,GAAOL,EAAI,KAAKC,EAAI,gDACpBU,OAAW,CACR,CACGC,EAAM,qBACNC,EAAM,sBAET,CACGD,EAAM,sBACNC,EAAM,wBAGZP,MAAU,+CACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,0CACrBI,GAAOL,EAAI,KAAKC,EAAI,0CACpBK,MAAU,yCACVC,KAAS,QAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,sCACrBI,GAAOL,EAAI,KAAKC,EAAI,sCACpBK,MAAU,qCACVC,KAAS,OAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,iCACrBI,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,gCACVC,KAAS,SAGfF,GAAO,gCACPC,MAAU,gCACVC,KAAS,yBAGfF,GAAO,wBACPC,MAAU,yBAEb,CACGE,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,oCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,6BAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAGfF,GAAO,qCACPC,MAAU,qCACVC,KAAS,yBAIb,IAAK,qBACH,MAAO,CACR,CACGL,OAAWF,EAAI,KAAKC,EAAI,8BACxBE,QAAY,CACT,CACGC,KAAS,CACN,OACA,SACA,QAEHC,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,QACVC,KAAS,iBAEZ,CACGH,KAAS,CACN,KACA,SACA,QAEHC,GAAOL,EAAI,KAAKC,EAAI,0CACpBK,MAAU,cACVC,KAAS,iBAEZ,CACGH,KAAS,CACN,KACA,SACA,QAEHC,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,OACVC,KAAS,kBAGfF,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,0BAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,oCACxBE,QAAY,GACZE,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGA,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,iCACrBI,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,iCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,YAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,+BACrBI,GAAOL,EAAI,KAAKC,EAAI,+BACpBK,MAAU,8BACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,sCAGhBD,GAAO,6BACPC,MAAU,6BACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,sCACrBS,KAAS,2BACTL,GAAOL,EAAI,KAAKC,EAAI,sCACpBK,MAAU,qCACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,mCAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,4CACrBI,GAAOL,EAAI,KAAKC,EAAI,4CACpBK,MAAU,4CAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,SAGfF,GAAO,gCACPC,MAAU,gCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,QACZM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBU,OAAW,CACR,CACGC,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,UAGZP,MAAU,sCACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,8BAGhBD,GAAO,WACPC,MAAU,WACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,oDACrBI,GAAOL,EAAI,KAAKC,EAAI,oDACpBK,MAAU,mDACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,0CACrBI,GAAOL,EAAI,KAAKC,EAAI,0CACpBK,MAAU,yCACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,8CACrBI,GAAOL,EAAI,KAAKC,EAAI,8CACpBK,MAAU,6CACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,iDACrBI,GAAOL,EAAI,KAAKC,EAAI,iDACpBK,MAAU,gDACVC,KAAS,QAGfF,GAAO,gCACPC,MAAU,gCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,+CACrBI,GAAOL,EAAI,KAAKC,EAAI,+CACpBK,MAAU,+CAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,kCACrBI,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,kCAEb,CACGH,QAAY,QACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBU,OAAW,CACR,CACGC,EAAM,QACNC,EAAM,kBAGZP,MAAU,kCACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,8CACrBI,GAAOL,EAAI,KAAKC,EAAI,8CACpBK,MAAU,6CACVC,KAAS,SAGfF,GAAO,SACPC,MAAU,SACVC,KAAS,yBAGfG,KAAS,gCACTL,GAAO,wBACPC,MAAU,yBAEb,CACGJ,OAAWF,EAAI,KAAKC,EAAI,wBACxBE,QAAY,GACZO,KAAS,6DACTL,GAAOL,EAAI,KAAKC,EAAI,wBACpBK,MAAU,uBACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,oCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,8BAGhBD,GAAO,+BACPC,MAAU,+BACVC,KAAS,yBAIb,IAAK,sBACH,MAAO,CACR,CACGE,IAAQT,EAAI,KAAKC,EAAI,sBACrBI,GAAOL,EAAI,KAAKC,EAAI,sBACpBK,MAAU,qBACVC,KAAS,QAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,qCACxBE,QAAY,GACZO,KAAS,oCACTL,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,0BAEZ,CACGC,OAAW,CACR,CACGL,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,wCAGhBD,GAAO,gCACPC,MAAU,gCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,yCACrBI,GAAOL,EAAI,KAAKC,EAAI,yCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,WAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,aACNC,EAAM,eAGZP,MAAU,wCACVC,KAAS,UAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,kDACrBI,GAAOL,EAAI,KAAKC,EAAI,kDACpBK,MAAU,iDACVC,KAAS,QAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,kDACrBI,GAAOL,EAAI,KAAKC,EAAI,kDACpBK,MAAU,iDACVC,KAAS,SAGfF,GAAO,kCACPC,MAAU,kCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,YACNC,EAAM,QAET,CACGD,EAAM,gBACNC,EAAM,YAET,CACGD,EAAM,eACNC,EAAM,iBAGZP,MAAU,mCACVC,KAAS,UAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,YACNC,EAAM,QAET,CACGD,EAAM,gBACNC,EAAM,YAET,CACGD,EAAM,YACNC,EAAM,SAGZP,MAAU,mCACVC,KAAS,WAGfF,GAAO,gCACPC,MAAU,gCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,OACZM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBU,OAAW,CACR,CACGC,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,SACNC,EAAM,WAET,CACGD,EAAM,YACNC,EAAM,cAGZP,MAAU,uCACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,sCACVC,KAAS,SAGfF,GAAO,iCACPC,MAAU,iCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,YAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,sCACrBI,GAAOL,EAAI,KAAKC,EAAI,sCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,cACNC,EAAM,eAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,OACNC,EAAM,oBAET,CACGD,EAAM,UACNC,EAAM,WAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,YACNC,EAAM,aAET,CACGD,EAAM,YACNC,EAAM,cAGZP,MAAU,qCACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,+CACrBI,GAAOL,EAAI,KAAKC,EAAI,+CACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,+BACNC,EAAM,gCAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,aACNC,EAAM,2BAGZP,MAAU,8CACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,sCACVC,KAAS,SAGfG,KAAS,wBACTL,GAAO,yBACPC,MAAU,yBACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,qCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,8BACrBI,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,8BAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,QAGfF,GAAO,gCACPC,MAAU,gCACVC,KAAS,yBAIb,IAAK,qBACH,MAAO,CACR,CACGE,IAAQT,EAAI,KAAKC,EAAI,qBACrBI,GAAOL,EAAI,KAAKC,EAAI,qBACpBK,MAAU,oBACVC,KAAS,QAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,oCACxBE,QAAY,GACZO,KAAS,mCACTL,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,0BAEZ,CACGC,OAAW,CACR,CACGA,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,cACNC,EAAM,eAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,OACNC,EAAM,oBAET,CACGD,EAAM,UACNC,EAAM,WAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,YACNC,EAAM,aAET,CACGD,EAAM,YACNC,EAAM,cAGZP,MAAU,oCACVC,KAAS,UAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,yCACrBI,GAAOL,EAAI,KAAKC,EAAI,yCACpBK,MAAU,yCAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAEZ,CACGJ,QAAY,KACZM,IAAQT,EAAI,KAAKC,EAAI,mDACrBI,GAAOL,EAAI,KAAKC,EAAI,mDACpBK,MAAU,kDACVC,KAAS,OAEZ,CACGJ,QAAY,KACZM,IAAQT,EAAI,KAAKC,EAAI,4CACrBI,GAAOL,EAAI,KAAKC,EAAI,4CACpBK,MAAU,2CACVC,KAAS,OAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,kCACrBI,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,iCACVC,KAAS,SAGfF,GAAO,qCACPC,MAAU,qCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,WAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,aACNC,EAAM,eAGZP,MAAU,uCACVC,KAAS,UAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,sCACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,iDACrBI,GAAOL,EAAI,KAAKC,EAAI,iDACpBK,MAAU,gDACVC,KAAS,QAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,sCACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,iDACrBI,GAAOL,EAAI,KAAKC,EAAI,iDACpBK,MAAU,gDACVC,KAAS,SAGfF,GAAO,iCACPC,MAAU,iCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,OACZM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBU,OAAW,CACR,CACGC,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,SACNC,EAAM,WAET,CACGD,EAAM,YACNC,EAAM,cAGZP,MAAU,sCACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,8CACrBI,GAAOL,EAAI,KAAKC,EAAI,8CACpBK,MAAU,6CACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,8BAGhBD,GAAO,gCACPC,MAAU,gCACVC,KAAS,yBAGfG,KAAS,uBACTL,GAAO,wBACPC,MAAU,yBAEb,CACGJ,OAAWF,EAAI,KAAKC,EAAI,wBACxBE,QAAY,GACZO,KAAS,6DACTL,GAAOL,EAAI,KAAKC,EAAI,wBACpBK,MAAU,uBACVC,KAAS,qBAIb,IAAK,cACH,MAAO,CACR,CACGL,OAAWF,EAAI,KAAKC,EAAI,iBACxBE,QAAY,CACT,CACGC,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAI,yBACpBa,GAAO,UACPR,MAAU,UACVC,KAAS,SAGfG,KAAS,qCACTL,GAAOL,EAAI,KAAKC,EAAI,iBACpBK,MAAU,gBACVC,KAAS,iBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,mBACxBS,KAAS,uCACTL,GAAOL,EAAI,KAAKC,EAAI,mBACpBK,MAAU,kBACVC,KAAS,oBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,QACxBS,KAAS,kBACTL,GAAOL,EAAI,KAAKC,EAAI,QACpBK,MAAU,OACVC,KAAS,iBAEZ,CACGC,OAAW,CACR,CACGL,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,aACrBI,GAAOL,EAAI,KAAKC,EAAI,aACpBK,MAAU,YACVC,KAAS,OAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,cACrBI,GAAOL,EAAI,KAAKC,EAAI,cACpBK,MAAU,aACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,oBACrBI,GAAOL,EAAI,KAAKC,EAAI,oBACpBK,MAAU,mBACVC,KAAS,QAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,gBACrBI,GAAOL,EAAI,KAAKC,EAAI,gBACpBK,MAAU,gBAEb,CACGH,QAAY,OACZM,IAAQT,EAAI,KAAKC,EAAI,aACrBI,GAAOL,EAAI,KAAKC,EAAI,aACpBU,OAAW,CACR,CACGC,EAAM,YACNC,EAAM,aAET,CACGD,EAAM,MACNC,EAAM,OAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,cACNC,EAAM,eAET,CACGD,EAAM,eACNC,EAAM,gBAET,CACGD,EAAM,gBACNC,EAAM,kBAGZP,MAAU,YACVC,KAAS,UAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,mBACrBI,GAAOL,EAAI,KAAKC,EAAI,mBACpBK,MAAU,kBACVC,KAAS,OAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,wBACrBI,GAAOL,EAAI,KAAKC,EAAI,wBACpBK,MAAU,uBACVC,KAAS,QAGfG,KAAS,2BACTL,GAAO,eACPC,MAAU,eACVC,KAAS,yBAIb,QACE,MAAO,IAIX,SAASQ,aAAaC,GACpBA,EAAMC,OAASD,EAAMZ,KAAK,GAAGI,OAAO,GAAGA,OAAO,GAC9CQ,EAAME,OAAOF,EAAMC,QACnBD,EAAMG,OAASH,EAAMZ,KAAK,GAAGI,OAAO,GAAGA,OAAO,GAC9CQ,EAAME,OAAOF,EAAMG"} \ No newline at end of file +{"version":3,"sources":["conftree.js"],"names":["templates","tpl","key","cnodes","default","data","id","title","type","_nodes","get","help","select","k","v","re","setScopeVars","scope","portal","getKey","domain"],"mappings":"AAAA,SAASA,UAAUC,EAAIC,GASrB,OAAOD,GACP,IAAK,qBACH,MAAO,CACR,CACGE,OAAWF,EAAI,KAAKC,EAAI,8BACxBE,QAAY,CACT,CACGC,KAAS,KACTC,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,KACVC,KAAS,WAEZ,CACGH,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,OACVC,KAAS,WAEZ,CACGH,KAAS,MACTC,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,MACVC,KAAS,YAGfF,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,gCACrBI,GAAOL,EAAI,KAAKC,EAAI,gCACpBK,MAAU,gCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,sCACrBI,GAAOL,EAAI,KAAKC,EAAI,sCACpBK,MAAU,sCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,8BAGhBD,GAAO,wBACPC,MAAU,wBACVC,KAAS,wBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,wBACxBE,QAAY,GACZO,KAAS,6DACTL,GAAOL,EAAI,KAAKC,EAAI,wBACpBK,MAAU,uBACVC,KAAS,qBAIb,IAAK,qBACH,MAAO,CACR,CACGL,OAAWF,EAAI,KAAKC,EAAI,8BACxBE,QAAY,CACT,CACGC,KAAS,KACTC,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,KACVC,KAAS,WAEZ,CACGH,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,OACVC,KAAS,WAEZ,CACGH,KAAS,MACTC,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,MACVC,KAAS,YAGfF,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,oBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,wCACxBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,4BACrBI,GAAOL,EAAI,KAAKC,EAAI,4BACpBK,MAAU,4BAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,8BACrBI,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,gCACrBI,GAAOL,EAAI,KAAKC,EAAI,gCACpBK,MAAU,+BACVC,KAAS,SAGfF,GAAO,wBACPC,MAAU,wBACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,oCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,6BAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAGfF,GAAO,+BACPC,MAAU,+BACVC,KAAS,yBAIb,IAAK,qBACH,MAAO,CACR,CACGE,IAAQT,EAAI,KAAKC,EAAI,sBACrBI,GAAOL,EAAI,KAAKC,EAAI,sBACpBK,MAAU,qBACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,sBACrBI,GAAOL,EAAI,KAAKC,EAAI,sBACpBK,MAAU,qBACVC,KAAS,QAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,8BACxBE,QAAY,CACT,CACGC,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,KACVC,KAAS,WAEZ,CACGH,KAAS,QACTC,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,OACVC,KAAS,WAEZ,CACGH,KAAS,cACTC,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,KACVC,KAAS,WAEZ,CACGH,KAAS,MACTC,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,MACVC,KAAS,YAGfF,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGA,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,yCACrBI,GAAOL,EAAI,KAAKC,EAAI,yCACpBK,MAAU,yCAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,iCACrBI,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,iCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,YAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,SAGfF,GAAO,qCACPC,MAAU,qCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,iBACZM,IAAQT,EAAI,KAAKC,EAAI,8BACrBI,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,8BAEb,CACGH,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,gCACrBI,GAAOL,EAAI,KAAKC,EAAI,gCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,MACNC,EAAM,QAGZP,MAAU,+BACVC,KAAS,UAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,+BACrBI,GAAOL,EAAI,KAAKC,EAAI,+BACpBK,MAAU,+BAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,+BACrBI,GAAOL,EAAI,KAAKC,EAAI,+BACpBK,MAAU,8BACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,kCACrBI,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,kCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,kCACrBI,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,kCAEb,CACGH,QAAY,qBACZM,IAAQT,EAAI,KAAKC,EAAI,gDACrBI,GAAOL,EAAI,KAAKC,EAAI,gDACpBU,OAAW,CACR,CACGC,EAAM,qBACNC,EAAM,sBAET,CACGD,EAAM,sBACNC,EAAM,wBAGZP,MAAU,+CACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,0CACrBI,GAAOL,EAAI,KAAKC,EAAI,0CACpBK,MAAU,yCACVC,KAAS,QAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,sCACrBI,GAAOL,EAAI,KAAKC,EAAI,sCACpBK,MAAU,qCACVC,KAAS,OAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,iCACrBI,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,gCACVC,KAAS,SAGfF,GAAO,gCACPC,MAAU,gCACVC,KAAS,yBAGfF,GAAO,wBACPC,MAAU,yBAEb,CACGE,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,oCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,6BAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAGfF,GAAO,qCACPC,MAAU,qCACVC,KAAS,yBAIb,IAAK,qBACH,MAAO,CACR,CACGL,OAAWF,EAAI,KAAKC,EAAI,8BACxBE,QAAY,CACT,CACGC,KAAS,CACN,OACA,SACA,QAEHC,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,QACVC,KAAS,iBAEZ,CACGH,KAAS,CACN,KACA,SACA,QAEHC,GAAOL,EAAI,KAAKC,EAAI,0CACpBK,MAAU,cACVC,KAAS,iBAEZ,CACGH,KAAS,CACN,KACA,SACA,QAEHC,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,OACVC,KAAS,kBAGfF,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,6BACVC,KAAS,0BAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,oCACxBE,QAAY,GACZE,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGA,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,iCACrBI,GAAOL,EAAI,KAAKC,EAAI,iCACpBK,MAAU,iCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,YAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,+BACrBI,GAAOL,EAAI,KAAKC,EAAI,+BACpBK,MAAU,8BACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,sCAGhBD,GAAO,6BACPC,MAAU,6BACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,sCACrBS,KAAS,2BACTL,GAAOL,EAAI,KAAKC,EAAI,sCACpBK,MAAU,qCACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,mCAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,4CACrBI,GAAOL,EAAI,KAAKC,EAAI,4CACpBK,MAAU,4CAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,SAGfF,GAAO,gCACPC,MAAU,gCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,QACZM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBU,OAAW,CACR,CACGC,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,QACNC,EAAM,UAGZP,MAAU,sCACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,8BAGhBD,GAAO,WACPC,MAAU,WACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,oDACrBI,GAAOL,EAAI,KAAKC,EAAI,oDACpBK,MAAU,mDACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,0CACrBI,GAAOL,EAAI,KAAKC,EAAI,0CACpBK,MAAU,yCACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,8CACrBI,GAAOL,EAAI,KAAKC,EAAI,8CACpBK,MAAU,6CACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,iDACrBI,GAAOL,EAAI,KAAKC,EAAI,iDACpBK,MAAU,gDACVC,KAAS,QAGfF,GAAO,gCACPC,MAAU,gCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,+CACrBI,GAAOL,EAAI,KAAKC,EAAI,+CACpBK,MAAU,+CAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,kCACrBI,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,kCAEb,CACGH,QAAY,QACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBU,OAAW,CACR,CACGC,EAAM,QACNC,EAAM,kBAGZP,MAAU,kCACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,8CACrBI,GAAOL,EAAI,KAAKC,EAAI,8CACpBK,MAAU,6CACVC,KAAS,SAGfF,GAAO,SACPC,MAAU,SACVC,KAAS,yBAGfG,KAAS,gCACTL,GAAO,wBACPC,MAAU,yBAEb,CACGJ,OAAWF,EAAI,KAAKC,EAAI,wBACxBE,QAAY,GACZO,KAAS,6DACTL,GAAOL,EAAI,KAAKC,EAAI,wBACpBK,MAAU,uBACVC,KAAS,oBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,oCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,8BAGhBD,GAAO,+BACPC,MAAU,+BACVC,KAAS,yBAIb,IAAK,sBACH,MAAO,CACR,CACGE,IAAQT,EAAI,KAAKC,EAAI,sBACrBI,GAAOL,EAAI,KAAKC,EAAI,sBACpBK,MAAU,qBACVC,KAAS,QAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,qCACxBE,QAAY,GACZO,KAAS,oCACTL,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,oCACVC,KAAS,0BAEZ,CACGC,OAAW,CACR,CACGL,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,wCAGhBD,GAAO,gCACPC,MAAU,gCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,yCACrBI,GAAOL,EAAI,KAAKC,EAAI,yCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,WAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,aACNC,EAAM,eAGZP,MAAU,wCACVC,KAAS,UAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,kDACrBI,GAAOL,EAAI,KAAKC,EAAI,kDACpBK,MAAU,iDACVC,KAAS,QAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,kDACrBI,GAAOL,EAAI,KAAKC,EAAI,kDACpBK,MAAU,iDACVC,KAAS,SAGfF,GAAO,kCACPC,MAAU,kCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,YACNC,EAAM,QAET,CACGD,EAAM,gBACNC,EAAM,YAET,CACGD,EAAM,eACNC,EAAM,iBAGZP,MAAU,mCACVC,KAAS,UAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,YACNC,EAAM,QAET,CACGD,EAAM,gBACNC,EAAM,YAET,CACGD,EAAM,YACNC,EAAM,SAGZP,MAAU,mCACVC,KAAS,WAGfF,GAAO,gCACPC,MAAU,gCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,OACZM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBU,OAAW,CACR,CACGC,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,SACNC,EAAM,WAET,CACGD,EAAM,YACNC,EAAM,cAGZP,MAAU,uCACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,sCACVC,KAAS,SAGfF,GAAO,iCACPC,MAAU,iCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBK,MAAU,uCACVC,KAAS,YAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,sCACrBI,GAAOL,EAAI,KAAKC,EAAI,sCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,cACNC,EAAM,eAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,OACNC,EAAM,oBAET,CACGD,EAAM,UACNC,EAAM,WAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,YACNC,EAAM,aAET,CACGD,EAAM,YACNC,EAAM,cAGZP,MAAU,qCACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,2CACrBI,GAAOL,EAAI,KAAKC,EAAI,2CACpBK,MAAU,0CACVC,KAAS,QAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,+CACrBI,GAAOL,EAAI,KAAKC,EAAI,+CACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,+BACNC,EAAM,gCAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,aACNC,EAAM,2BAGZP,MAAU,8CACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,sCACVC,KAAS,SAGfG,KAAS,wBACTL,GAAO,yBACPC,MAAU,yBACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGC,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBK,MAAU,qCAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,8BACrBI,GAAOL,EAAI,KAAKC,EAAI,8BACpBK,MAAU,8BAEb,CACGG,IAAQT,EAAI,KAAKC,EAAI,oCACrBI,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,QAGfF,GAAO,gCACPC,MAAU,gCACVC,KAAS,yBAIb,IAAK,qBACH,MAAO,CACR,CACGE,IAAQT,EAAI,KAAKC,EAAI,qBACrBI,GAAOL,EAAI,KAAKC,EAAI,qBACpBK,MAAU,oBACVC,KAAS,QAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,oCACxBE,QAAY,GACZO,KAAS,mCACTL,GAAOL,EAAI,KAAKC,EAAI,oCACpBK,MAAU,mCACVC,KAAS,0BAEZ,CACGC,OAAW,CACR,CACGA,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,qCACrBI,GAAOL,EAAI,KAAKC,EAAI,qCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,IAET,CACGD,EAAM,cACNC,EAAM,eAET,CACGD,EAAM,QACNC,EAAM,SAET,CACGD,EAAM,OACNC,EAAM,oBAET,CACGD,EAAM,UACNC,EAAM,WAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,YACNC,EAAM,aAET,CACGD,EAAM,YACNC,EAAM,cAGZP,MAAU,oCACVC,KAAS,UAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,yCACrBI,GAAOL,EAAI,KAAKC,EAAI,yCACpBK,MAAU,yCAEb,CACGH,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,QAEZ,CACGJ,QAAY,KACZM,IAAQT,EAAI,KAAKC,EAAI,mDACrBI,GAAOL,EAAI,KAAKC,EAAI,mDACpBK,MAAU,kDACVC,KAAS,OAEZ,CACGJ,QAAY,KACZM,IAAQT,EAAI,KAAKC,EAAI,4CACrBI,GAAOL,EAAI,KAAKC,EAAI,4CACpBK,MAAU,2CACVC,KAAS,OAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,kCACrBI,GAAOL,EAAI,KAAKC,EAAI,kCACpBK,MAAU,iCACVC,KAAS,SAGfF,GAAO,qCACPC,MAAU,qCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,wCACrBI,GAAOL,EAAI,KAAKC,EAAI,wCACpBU,OAAW,CACR,CACGC,EAAM,GACNC,EAAM,WAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,aACNC,EAAM,cAET,CACGD,EAAM,aACNC,EAAM,eAGZP,MAAU,uCACVC,KAAS,UAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,sCACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,iDACrBI,GAAOL,EAAI,KAAKC,EAAI,iDACpBK,MAAU,gDACVC,KAAS,QAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBK,MAAU,sCACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,iDACrBI,GAAOL,EAAI,KAAKC,EAAI,iDACpBK,MAAU,gDACVC,KAAS,SAGfF,GAAO,iCACPC,MAAU,iCACVC,KAAS,wBAEZ,CACGC,OAAW,CACR,CACGL,QAAY,OACZM,IAAQT,EAAI,KAAKC,EAAI,uCACrBI,GAAOL,EAAI,KAAKC,EAAI,uCACpBU,OAAW,CACR,CACGC,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,SACNC,EAAM,WAET,CACGD,EAAM,YACNC,EAAM,cAGZP,MAAU,sCACVC,KAAS,UAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,8CACrBI,GAAOL,EAAI,KAAKC,EAAI,8CACpBK,MAAU,6CACVC,KAAS,QAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,mCACrBI,GAAOL,EAAI,KAAKC,EAAI,mCACpBK,MAAU,kCACVC,KAAS,OAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,6BACrBI,GAAOL,EAAI,KAAKC,EAAI,6BACpBK,MAAU,8BAGhBD,GAAO,gCACPC,MAAU,gCACVC,KAAS,yBAGfG,KAAS,uBACTL,GAAO,wBACPC,MAAU,yBAEb,CACGJ,OAAWF,EAAI,KAAKC,EAAI,wBACxBE,QAAY,GACZO,KAAS,6DACTL,GAAOL,EAAI,KAAKC,EAAI,wBACpBK,MAAU,uBACVC,KAAS,qBAIb,IAAK,cACH,MAAO,CACR,CACGL,OAAWF,EAAI,KAAKC,EAAI,iBACxBE,QAAY,CACT,CACGC,KAAS,OACTC,GAAOL,EAAI,KAAKC,EAAI,yBACpBa,GAAO,UACPR,MAAU,UACVC,KAAS,SAGfG,KAAS,qCACTL,GAAOL,EAAI,KAAKC,EAAI,iBACpBK,MAAU,gBACVC,KAAS,iBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,mBACxBS,KAAS,uCACTL,GAAOL,EAAI,KAAKC,EAAI,mBACpBK,MAAU,kBACVC,KAAS,oBAEZ,CACGL,OAAWF,EAAI,KAAKC,EAAI,QACxBS,KAAS,kBACTL,GAAOL,EAAI,KAAKC,EAAI,QACpBK,MAAU,OACVC,KAAS,iBAEZ,CACGC,OAAW,CACR,CACGL,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,aACrBI,GAAOL,EAAI,KAAKC,EAAI,aACpBK,MAAU,YACVC,KAAS,OAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,cACrBI,GAAOL,EAAI,KAAKC,EAAI,cACpBK,MAAU,aACVC,KAAS,SAEZ,CACGJ,QAAY,EACZM,IAAQT,EAAI,KAAKC,EAAI,oBACrBI,GAAOL,EAAI,KAAKC,EAAI,oBACpBK,MAAU,mBACVC,KAAS,QAEZ,CACGJ,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,gBACrBI,GAAOL,EAAI,KAAKC,EAAI,gBACpBK,MAAU,gBAEb,CACGH,QAAY,GACZM,IAAQT,EAAI,KAAKC,EAAI,sBACrBI,GAAOL,EAAI,KAAKC,EAAI,sBACpBK,MAAU,sBAEb,CACGH,QAAY,OACZM,IAAQT,EAAI,KAAKC,EAAI,aACrBI,GAAOL,EAAI,KAAKC,EAAI,aACpBU,OAAW,CACR,CACGC,EAAM,YACNC,EAAM,aAET,CACGD,EAAM,MACNC,EAAM,OAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,WACNC,EAAM,YAET,CACGD,EAAM,OACNC,EAAM,QAET,CACGD,EAAM,SACNC,EAAM,UAET,CACGD,EAAM,cACNC,EAAM,eAET,CACGD,EAAM,eACNC,EAAM,gBAET,CACGD,EAAM,gBACNC,EAAM,kBAGZP,MAAU,YACVC,KAAS,UAEZ,CACGE,IAAQT,EAAI,KAAKC,EAAI,mBACrBI,GAAOL,EAAI,KAAKC,EAAI,mBACpBK,MAAU,kBACVC,KAAS,OAEZ,CACGJ,SAAa,EACbM,IAAQT,EAAI,KAAKC,EAAI,wBACrBI,GAAOL,EAAI,KAAKC,EAAI,wBACpBK,MAAU,uBACVC,KAAS,QAGfG,KAAS,2BACTL,GAAO,eACPC,MAAU,eACVC,KAAS,yBAIb,QACE,MAAO,IAIX,SAASQ,aAAaC,GACpBA,EAAMC,OAASD,EAAMZ,KAAK,GAAGI,OAAO,GAAGA,OAAO,GAC9CQ,EAAME,OAAOF,EAAMC,QACnBD,EAAMG,OAASH,EAAMZ,KAAK,GAAGI,OAAO,GAAGA,OAAO,GAC9CQ,EAAME,OAAOF,EAAMG"} \ No newline at end of file diff --git a/lemonldap-ng-manager/site/htdocs/static/js/manager.js b/lemonldap-ng-manager/site/htdocs/static/js/manager.js index 7be0b7e3e..9caea7f49 100644 --- a/lemonldap-ng-manager/site/htdocs/static/js/manager.js +++ b/lemonldap-ng-manager/site/htdocs/static/js/manager.js @@ -718,11 +718,13 @@ This file contains: return _download(node); }; _download = function(node) { - var d; + var d, uri; d = $q.defer(); d.notify('Trying to get datas'); $scope.waiting = true; - $http.get("" + window.confPrefix + $scope.currentCfg.cfgNum + "/" + node.cnodes).then(function(response) { + console.log("Trying to get key " + node.cnodes); + uri = encodeURI(node.cnodes); + $http.get("" + window.confPrefix + $scope.currentCfg.cfgNum + "/" + uri).then(function(response) { var a, data, len, o; data = response.data; if (!data) { @@ -900,7 +902,7 @@ This file contains: }, readError); }; $scope.getKey = function(node) { - var d, i, len, n, o, ref, tmp; + var d, i, len, n, o, ref, tmp, uri; d = $q.defer(); if (!node.data) { $scope.waiting = true; @@ -923,7 +925,14 @@ This file contains: return $scope.waiting = false; }); } else { - $http.get("" + window.confPrefix + $scope.currentCfg.cfgNum + "/" + (node.get ? node.get : node.title)).then(function(response) { + uri = ''; + if (node.get) { + console.log("Trying to get key " + node.get); + uri = encodeURI(node.get); + } else { + console.log("Trying to get title " + node.title); + } + $http.get("" + window.confPrefix + $scope.currentCfg.cfgNum + "/" + (node.get ? uri : node.title)).then(function(response) { var data; data = response.data; if ((data.value === null || (data.error && data.error.match(/setDefault$/))) && node['default'] !== null) { diff --git a/lemonldap-ng-manager/site/htdocs/static/js/manager.min.js b/lemonldap-ng-manager/site/htdocs/static/js/manager.min.js index 2665977c0..84c2bdd68 100644 --- a/lemonldap-ng-manager/site/htdocs/static/js/manager.min.js +++ b/lemonldap-ng-manager/site/htdocs/static/js/manager.min.js @@ -1 +1 @@ -(function(){angular.module("llngManager",["ui.tree","ui.bootstrap","llApp","ngCookies"]).controller("TreeCtrl",["$scope","$http","$location","$q","$uibModal","$translator","$cookies","$htmlParams",function(f,u,a,l,o,n,r,e){var t,s,d,c,i,p,m,g,w;return f.links=window.links,f.menu=e.menu,f.menulinks=window.menulinks,f.staticPrefix=window.staticPrefix,f.formPrefix=window.formPrefix,f.availableLanguages=window.availableLanguages,f.waiting=!0,f.showM=!1,f.showT=!1,f.form="home",f.currentCfg={},f.confPrefix=window.confPrefix,f.message={},f.result="",f.translateTitle=function(e){return n.translateField(e,"title")},f.translateP=n.translateP,f.translate=n.translate,f.helpUrl="start.html#configuration",f.setShowHelp=function(e){var t;return null==e&&(e=!f.showH),f.showH=e,(t=new Date(Date.now())).setFullYear(t.getFullYear()+1),r.put("showhelp",e?"true":"false",{expires:t})},f.showH="false"!==r.get("showhelp"),null==f.showH&&f.setShowHelp(!0),m=function(e){var t,n;return t=e.status,n=e.statusLine,f.waiting=!1,f.message=403===t?{title:"forbidden",message:"",items:[]}:401===t?(console.log("Authentication needed"),{title:"authenticationNeeded",message:"__waitOrF5__",items:[]}):400===t?{title:"badRequest",message:n,items:[]}:0[2]->[0] ), "Result body contains JSON text" ); ok( $resBody->{result} == 0, "JSON response contains \"result:0\"" ) or print STDERR Dumper($resBody); - ok( $resBody->{needConfirm} == 1, "JSON response contains \"needConfirm:1\"" ) or print STDERR Dumper($resBody); - ok( - @{ $resBody->{details}->{__warnings__} } == 3, - 'JSON response contains 3 warnings' + @{ $resBody->{details}->{__warnings__} } == 4, + 'JSON response contains 4 warnings' ) or print STDERR Dumper($resBody); +count(6); -foreach my $i ( 0 .. 2 ) { +foreach my $i ( 0 .. 3 ) { ok( $resBody->{details}->{__warnings__}->[$i]->{message} =~ - /\b(unprotected|cross-domain-authentication|retries)\b/, - "Warning with 'unprotect', 'CDA' or 'retries' found" + /\b(unprotected|cross-domain-authentication|retries|__badExpressionAssignment__)\b/, + "Warning with 'unprotect', 'CDA', 'assignment' or 'retries' found" ) or print STDERR Dumper($resBody); + count(1); } -count(4); ok( - @{ $resBody->{details}->{__needConfirmation__} } == 2, - 'JSON response contains 2 needConfirmation' + @{ $resBody->{details}->{__needConfirmation__} } == 1, + 'JSON response contains 1 needConfirmation' ) or print STDERR Dumper($resBody); ok( - @{ $resBody->{details}->{__changes__} } == 23, - 'JSON response contains 23 changes' + @{ $resBody->{details}->{__changes__} } == 24, + 'JSON response contains 24 changes' ) or print STDERR Dumper($resBody); #print STDERR Dumper($resBody); @@ -89,7 +88,7 @@ while ( my $c = shift @{ $resBody->{details}->{__changes__} } ) { } } ok( !@changes, 'All changes detected' ) or $bug = 1; - +count(1); if ($bug) { print STDERR 'Expected not found: ' . Dumper( \@changes ) @@ -99,8 +98,6 @@ if ($bug) { #print STDERR Dumper(\@changes,\@cmsg); -count(6); - # TODO: check result of this ok( $res = &client->jsonResponse('/diff/1/2'), 'Diff called' ); my ( @c1, @c2 ); @@ -108,8 +105,8 @@ ok( ( @c1 = sort keys %{ $res->[0] } ), 'diff() detects changes in conf 1' ); ok( ( @c2 = sort keys %{ $res->[1] } ), 'diff() detects changes in conf 2' ); ok( @c1 == 12, '12 keys changed in conf 1' ) or print STDERR "Expect: 12 keys, get: " . join( ', ', @c1 ) . "\n"; -ok( @c2 == 16, '16 keys changed or created in conf 2' ) - or print STDERR "Expect: 16 keys, get: " . join( ',', @c2 ) . "\n"; +ok( @c2 == 17, '17 keys changed or created in conf 2' ) + or print STDERR "Expect: 17 keys, get: " . join( ',', @c2 ) . "\n"; count(5); unlink $confFiles->[1]; @@ -242,6 +239,11 @@ sub changes { { 'confCompacted' => '1', 'removedKeys' => 'some; keys' + }, + { + 'new' => 1, + 'key' => 'avoidAssignment', + 'old' => '0' } ]; } diff --git a/lemonldap-ng-manager/t/jsonfiles/11-modified-with-confirmation.json b/lemonldap-ng-manager/t/jsonfiles/11-modified-with-confirmation.json index a29aa12ae..7a612ae60 100644 --- a/lemonldap-ng-manager/t/jsonfiles/11-modified-with-confirmation.json +++ b/lemonldap-ng-manager/t/jsonfiles/11-modified-with-confirmation.json @@ -1597,6 +1597,12 @@ "title": "useSafeJail", "type": "bool", "data": 1 + }, { + "default": 0, + "id": "avoidAssignment", + "title": "avoidAssignment", + "type": "bool", + "data": 1 }, { "default": 1, "id": "checkXSS", diff --git a/lemonldap-ng-portal/MANIFEST b/lemonldap-ng-portal/MANIFEST index 78e4ac511..8cc540223 100644 --- a/lemonldap-ng-portal/MANIFEST +++ b/lemonldap-ng-portal/MANIFEST @@ -373,6 +373,7 @@ site/htdocs/static/common/ro.png site/htdocs/static/common/tr.png site/htdocs/static/common/vi.png site/htdocs/static/common/zh.png +site/htdocs/static/common/zh_TW.png site/htdocs/static/languages/ar.json site/htdocs/static/languages/de.json site/htdocs/static/languages/en.json @@ -387,6 +388,7 @@ site/htdocs/static/languages/ro.json site/htdocs/static/languages/tr.json site/htdocs/static/languages/vi.json site/htdocs/static/languages/zh.json +site/htdocs/static/languages/zh_TW.json site/templates/bootstrap/2fchoice.tpl site/templates/bootstrap/2fregisters.tpl site/templates/bootstrap/captcha.tpl @@ -456,6 +458,7 @@ site/templates/common/bullet_go.png site/templates/common/key.png site/templates/common/mail/ar.json site/templates/common/mail/en.json +site/templates/common/mail/es.json site/templates/common/mail/fi.json site/templates/common/mail/fr.json site/templates/common/mail/it.json @@ -463,6 +466,7 @@ site/templates/common/mail/ms.json site/templates/common/mail/tr.json site/templates/common/mail/vi.json site/templates/common/mail/zh_CN.json +site/templates/common/mail/zh_TW.json site/templates/common/mail_2fcode.tpl site/templates/common/mail_certificateConfirm.tpl site/templates/common/mail_certificateReset.tpl @@ -481,6 +485,7 @@ t/01-AuthDemo.t t/01-CSP-and-CORS-headers.t t/01-Handler-redirection-and-URL-check-by-portal.t t/01-pdata.t +t/01-Unauth-Logout.t t/02-Password-Demo-Local-noPpolicy.t t/02-Password-Demo-Local-Ppolicy.t t/02-Password-Demo.t @@ -657,6 +662,7 @@ t/64-StayConnected-with-History.t t/65-AutoSignin.t t/66-CDA-already-auth.t t/66-CDA-PSGI-Try.t +t/66-CDA-with-doubleCookies.t t/66-CDA-with-REST.t t/66-CDA-with-SOAP.t t/66-CDA.t @@ -686,6 +692,7 @@ t/69-FavApps.t t/70-2F-TOTP-8-with-global-storage.t t/70-2F-TOTP-and-U2F-with-TTL-and-JSON.t t/70-2F-TOTP-with-History-and-Refresh.t +t/70-2F-TOTP-with-Range.t t/70-2F-TOTP-with-TTL-and-JSON.t t/70-2F-TOTP-with-TTL-and-XML.t t/70-2F-TOTP-with-TTL.t @@ -705,6 +712,7 @@ t/76-2F-Ext-with-CodeActivation.t t/76-2F-Ext-with-GrantSession.t t/76-2F-Ext-with-History.t t/77-2F-Extra.t +t/77-2F-Mail-SessionKey.t t/77-2F-Mail-with-global-storage.t t/77-2F-Mail.t t/78-2F-Upgrade-Many.t diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Mail2F.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Mail2F.pm index 094058ebf..fe0f28f4e 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Mail2F.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Mail2F.pm @@ -40,11 +40,20 @@ has ott => ( } ); +has sessionKey => ( + is => 'rw', + lazy => 1, + default => sub { + return $_[0]->{conf}->{mail2fSessionKey} + || $_[0]->{conf}->{mailSessionKey}; + } +); + sub init { my ($self) = @_; $self->{conf}->{mail2fCodeRegex} ||= '\d{6}'; - unless ( $self->conf->{mailSessionKey} ) { - $self->error("Missing 'mailSessionKey' parameter, aborting"); + unless ( $self->sessionKey ) { + $self->error("Missing session key parameter, aborting"); return 0; } $self->prefix( $self->conf->{sfPrefix} ) @@ -65,7 +74,7 @@ sub run { $self->logger->debug("Generated two-factor code: $code"); $self->ott->updateToken( $token, __mail2fcode => $code ); - my $dest = $req->{sessionInfo}->{ $self->conf->{mailSessionKey} }; + my $dest = $req->{sessionInfo}->{ $self->sessionKey }; unless ($dest) { $self->logger->error( "Could not find mail attribute for login " . $req->{sessionInfo}->{_user} ); diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/Slave.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/Slave.pm index 61ba4f300..c3c2cc329 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/Slave.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/Slave.pm @@ -4,13 +4,18 @@ use strict; use Mouse; # Add constants used by this module -use Lemonldap::NG::Portal::Main::Constants - qw(PE_OK PE_FORBIDDENIP PE_USERNOTFOUND); -use Lemonldap::NG::Portal::Lib::Slave; +use Lemonldap::NG::Portal::Main::Constants qw( + PE_OK + PE_FORBIDDENIP + PE_USERNOTFOUND +); our $VERSION = '2.1.0'; -extends 'Lemonldap::NG::Portal::Main::Auth'; +extends qw( + Lemonldap::NG::Portal::Main::Auth + Lemonldap::NG::Portal::Lib::Slave +); # INITIALIZATION diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Net/LDAP.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Net/LDAP.pm index 13abff0c7..e507f947c 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Net/LDAP.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Net/LDAP.pm @@ -455,7 +455,7 @@ sub userModifyPassword { return PE_LDAPERROR; } - $self->{portal}->userLogger->notice("Password changed for $dn"); + $self->{portal}->logger->notice("Password changed for $dn"); # Rebind as manager for next LDAP operations if we were bound as user $self->bind() if $asUser; @@ -588,8 +588,7 @@ sub userModifyPassword { return PE_WRONGMANAGERACCOUNT if ( $mesg->code == 50 || $mesg->code == 8 ); if ( $mesg->code == 0 ) { - $self->{portal} - ->userLogger->notice("Password changed $self->{portal}->{user}"); + $self->{portal}->logger->notice("Password changed for $dn"); # Rebind as manager for next LDAP operations if we were bound as user $self->bind() if $asUser; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Slave.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Slave.pm index 93cb64b90..5a8074f4b 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Slave.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Slave.pm @@ -5,11 +5,9 @@ # Slave common functions package Lemonldap::NG::Portal::Lib::Slave; -use Exporter; -use base qw(Exporter); use strict; +use Mouse; -our @EXPORT = qw(checkIP checkHeader); our $VERSION = '2.1.0'; # RUNNING METHODS @@ -49,4 +47,4 @@ sub checkHeader { return 0; } -1; \ No newline at end of file +1; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm index 467e4fca7..aac998af1 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm @@ -161,28 +161,29 @@ sub setPortalRoutes { # psgi.js ->addUnauthRoute( 'psgi.js' => 'sendJs', ['GET'] ) - ->addAuthRoute( 'psgi.js' => 'sendJs', ['GET'] ) + ->addAuthRoute( 'psgi.js' => 'sendJs', ['GET'] ) # portal.css ->addUnauthRoute( 'portal.css' => 'sendCss', ['GET'] ) - ->addAuthRoute( 'portal.css' => 'sendCss', ['GET'] ) + ->addAuthRoute( 'portal.css' => 'sendCss', ['GET'] ) # lmerror ->addUnauthRoute( lmerror => { ':code' => 'lmError' }, ['GET'] ) - ->addAuthRoute( lmerror => { ':code' => 'lmError' }, ['GET'] ) + ->addAuthRoute( lmerror => { ':code' => 'lmError' }, ['GET'] ) # Core REST API - ->addUnauthRoute( ping => 'pleaseAuth', ['GET'] ) + ->addUnauthRoute( ping => 'pleaseAuth', ['GET'] ) ->addAuthRoute( ping => 'authenticated', ['GET'] ) # Refresh session ->addAuthRoute( refresh => 'refresh', ['GET'] ) - ->addAuthRoute( '*' => 'corsPreflight', ['OPTIONS'] ) + ->addAuthRoute( '*' => 'corsPreflight', ['OPTIONS'] ) ->addUnauthRoute( '*' => 'corsPreflight', ['OPTIONS'] ) # Logout - ->addAuthRoute( logout => 'logout', ['GET'] ); + ->addAuthRoute( logout => 'logout', ['GET'] ) + ->addUnauthRoute( logout => 'unauthLogout', ['GET'] ); # Default routes must point to routines declared above $self->defaultAuthRoute(''); @@ -239,9 +240,11 @@ sub reloadConf { # Initialize templateDir $self->{templateDir} = - $self->conf->{templateDir} . '/' . $self->conf->{portalSkin}; + $self->conf->{templateDir} . '/' . $self->conf->{portalSkin} + if ( $self->conf->{templateDir} and $self->conf->{portalSkin} ); unless ( -d $self->{templateDir} ) { - $self->error("Template dir $self->{templateDir} doesn't exist"); + $self->error("Template dir $self->{templateDir} doesn't exist") + if ref( $self->{templateDir} ) eq 'SCALAR'; return $self->fail; } $self->templateDir( @@ -526,7 +529,11 @@ sub loadModule { $self->error("Unable to build $module object: $@"); return 0; } - ( $obj and $obj->init ) or return 0; + unless ( $obj and $obj->init ) { + $self->error("$module init failed"); + return 0; + } + $self->loadedModules->{$module} = $obj; return $obj; } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm index 97856147d..e26ccba81 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm @@ -179,6 +179,27 @@ sub checkLogout { PE_OK; } +sub checkUnauthLogout { + my ( $self, $req ) = @_; + if ( defined $req->param('logout') ) { + $self->userLogger->info('Unauthenticated logout request'); + $self->logger->debug('Cleaning pdata'); + $self->logger->debug("Removing $self->{conf}->{cookieName} cookie"); + $req->pdata({}); + $req->addCookie( + $self->cookie( + name => $self->conf->{cookieName}, + domain => $self->conf->{domain}, + secure => $self->conf->{securedCookie}, + expires => 'Wed, 21 Oct 2015 00:00:00 GMT', + value => 0 + ) + ); + $req->steps( [ sub { PE_LOGOUT_OK } ] ); + } + PE_OK; +} + sub authLogout { my ( $self, $req ) = @_; my $res = $self->_authentication->authLogout($req); @@ -349,7 +370,7 @@ sub authenticate { $req->steps( [ 'setSessionInfo', 'setMacros', 'setPersistentSessionInfo', 'storeHistory', - @{ $self->afterData }, sub { PE_BADCREDENTIALS } + @{ $self->afterData }, sub { PE_BADCREDENTIALS } ] ); diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm index ad338e24b..07e9b5564 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm @@ -133,10 +133,11 @@ sub login { return $self->do( $req, [ - 'controlUrl', @{ $self->beforeAuth }, - $self->authProcess, @{ $self->betweenAuthAndData }, - $self->sessionData, @{ $self->afterData }, - $self->validSession, @{ $self->endAuth }, + 'checkUnauthLogout', 'controlUrl', # Fix 2342 + @{ $self->beforeAuth }, $self->authProcess, + @{ $self->betweenAuthAndData }, $self->sessionData, + @{ $self->afterData }, $self->validSession, + @{ $self->endAuth } ] ); } @@ -146,11 +147,11 @@ sub postLogin { return $self->do( $req, [ - 'restoreArgs', 'controlUrl', - @{ $self->beforeAuth }, $self->authProcess, - @{ $self->betweenAuthAndData }, $self->sessionData, - @{ $self->afterData }, $self->validSession, - @{ $self->endAuth }, + 'checkUnauthLogout', 'restoreArgs', # Fix 2342 + 'controlUrl', @{ $self->beforeAuth }, + $self->authProcess, @{ $self->betweenAuthAndData }, + $self->sessionData, @{ $self->afterData }, + $self->validSession, @{ $self->endAuth } ] ); } @@ -232,6 +233,24 @@ sub logout { ); } +sub unauthLogout { + my ( $self, $req ) = @_; + $self->userLogger->info('Unauthenticated logout request'); + $self->logger->debug('Cleaning pdata'); + $self->logger->debug("Removing $self->{conf}->{cookieName} cookie"); + $req->pdata( {} ); + $req->addCookie( + $self->cookie( + name => $self->conf->{cookieName}, + domain => $self->conf->{domain}, + secure => $self->conf->{securedCookie}, + expires => 'Wed, 21 Oct 2015 00:00:00 GMT', + value => 0 + ) + ); + return $self->do( $req, [ sub { PE_LOGOUT_OK } ] ); +} + # RUNNING METHODS # --------------- @@ -1051,7 +1070,7 @@ sub registerLogin { } my $history = $req->sessionInfo->{_loginHistory} ||= {}; - my $type = ( $req->authResult > 0 ? 'failed' : 'success' ) . 'Login'; + my $type = ( $req->authResult > 0 ? 'failed' : 'success' ) . 'Login'; $history->{$type} ||= []; $self->logger->debug("Current login saved into $type"); diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Password/Base.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Password/Base.pm index 1e32b2c65..c97908e6c 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Password/Base.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Password/Base.pm @@ -84,6 +84,10 @@ sub _modifyPassword { my $res = $self->modifyPassword( $req, $req->data->{newpassword} ); if ( $res == PE_PASSWORD_OK ) { $self->logger->debug( 'Update password in session for ' . $req->user ); + my $userlog = $req->sessionInfo->{ $self->conf->{whatToTrace} }; + my $iplog = $req->sessionInfo->{ipAddr}; + $self->userLogger->notice("Password changed for $userlog ($iplog)") + if ( defined $userlog and $iplog ); my $infos; # Store new password if asked diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Password/LDAP.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Password/LDAP.pm index ebf320633..5de1d7728 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Password/LDAP.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Password/LDAP.pm @@ -18,9 +18,8 @@ our $VERSION = '2.1.0'; sub init { my ($self) = @_; - $self->ldap - and $self->filter - and $self->Lemonldap::NG::Portal::Password::Base::init; + return ( $self->Lemonldap::NG::Portal::Password::Base::init + and $self->Lemonldap::NG::Portal::Lib::LDAP::init ); } # Confirmation is done by Lib::Net::LDAP::userModifyPassword diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CDA.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CDA.pm index 5eac10746..9392e871b 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CDA.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CDA.pm @@ -4,6 +4,7 @@ use strict; use Mouse; use Lemonldap::NG::Portal::Main::Constants qw( PE_APACHESESSIONERROR + PE_ERROR PE_OK ); @@ -37,9 +38,18 @@ sub changeUrldc { $cdaInfos->{cookie_name} = $self->{conf}->{cookieName}; } else { - $cdaInfos->{cookie_value} = - $req->{sessionInfo}->{_httpSession}; - $cdaInfos->{cookie_name} = $self->{conf}->{cookieName} . "http"; + if ( $req->{sessionInfo}->{_httpSession} ) { + $cdaInfos->{cookie_value} = + $req->{sessionInfo}->{_httpSession}; + $cdaInfos->{cookie_name} = $self->{conf}->{cookieName} . "http"; + } + else { + $self->logger->error( + "Session does not contain _httpSession field. " + . "Portal must be accessed over HTTPS when using CDA with double cookie" + ); + return PE_ERROR; + } } my $cdaSession = diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckState.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckState.pm index ec423103d..bee630f8a 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckState.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckState.pm @@ -23,7 +23,7 @@ sub init { } $self->addUnauthRoute( checkstate => 'check', ['GET'] ) ->addAuthRoute( checkstate => 'check', ['GET'] ); - + return 1; } @@ -49,7 +49,7 @@ sub check { # - "buildCookie" useless here $req->steps( [ 'getUser', 'authenticate', - @{ $self->p->betweenAuthAndData }, $self->sessionData, + @{ $self->p->betweenAuthAndData }, $self->p->sessionData, @{ $self->p->afterData }, 'storeHistory', @{ $self->p->endAuth } ] diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm index c40570b84..aa3927bbf 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm @@ -115,7 +115,9 @@ sub display { $self->userLogger->info("Using spoofed SSO groups if exist") if ( $self->conf->{impersonationRule} ); - $attrs = $self->_removePersistentAttributes($attrs) + $attrs = + $self->_removeKeys( $attrs, $self->persistentAttrs, + 'Remove persistent session attributes...' ) unless $self->displayPersistentInfoRule->( $req, $req->userData ); # Create an array of hashes and dispatch attributes for template loop @@ -180,8 +182,7 @@ sub check { LOGIN => '', TOKEN => $token, }; - return $self->p->sendJSONresponse( $req, $params ) - if ( $req->wantJSON ); + return $self->p->sendJSONresponse( $req, $params ) if $req->wantJSON; return $self->p->sendHtml( $req, 'checkuser', params => $params ) if $msg; } @@ -195,7 +196,7 @@ sub check { $user = ''; $attrs = {}; return $self->p->sendError( $req, 'Malformed user', 400 ) - if ( $req->wantJSON ); + if $req->wantJSON; return $self->p->sendHtml( $req, 'checkuser', @@ -219,7 +220,7 @@ sub check { if ( !$user or $user eq $req->{user} ) { $self->userLogger->info("checkUser requested for himself"); $self->userLogger->info("Using spoofed SSO groups if exist") - if ( $self->conf->{impersonationRule} ); + if $self->conf->{impersonationRule}; $attrs = $req->userData; $user = $req->{user}; } @@ -262,7 +263,10 @@ sub check { } # Check identities rule - $self->logger->info("\"$user\" is an unrestricted user!") if $unUser; + $self->logger->info( '"' + . $savedUserData->{ $self->conf->{whatToTrace} } + . '" is an unrestricted user!' ) + if $unUser; unless ( $unUser || $self->idRule->( $req, $attrs ) ) { $self->userLogger->warn( "checkUser requested for an invalid user ($user)"); @@ -279,8 +283,10 @@ sub check { $attrs = {}; } else { - $msg = 'checkUser' . $self->merged; - $attrs = $self->_removePersistentAttributes($attrs) + $msg = 'checkUser' . $self->merged; + $attrs = + $self->_removeKeys( $attrs, $self->persistentAttrs, + 'Remove persistent session attributes...' ) unless $self->displayPersistentInfoRule->( $req, $savedUserData ); if ($computed) { @@ -320,17 +326,23 @@ sub check { $self->_createArray( $req, $attrs, $savedUserData ) ); } + if ( $self->p->checkXSSAttack( 'CheckUser URL', $url ) ) { + $url = ''; + $auth = 'VHnotFound'; + } + # Check if user is allowed to access submitted URL and compute headers if ( $url and %$attrs ) { # Check url format - $url = $self->_urlFormat($url); + my $originalUrl; + ( $url, $originalUrl ) = $self->_resolveURL( $req, $url ); # User is allowed ? $self->logger->debug( -"checkUser requested for user: $attrs->{ $self->{conf}->{whatToTrace} } and URL: $url" +"checkUser requested for user: $attrs->{ $self->{conf}->{whatToTrace} } and URL: $url | alias: $originalUrl" ); - $auth = $self->_authorization( $req, $url, $attrs ); + $auth = $self->_authorization( $req, $originalUrl, $attrs ); if ( $auth >= 0 ) { $auth = $auth ? "allowed" : "forbidden"; $self->logger->debug( @@ -338,7 +350,8 @@ sub check { . "$auth to access to $url" ); # Return VirtualHost headers - $array_hdrs = $self->_headers( $req, $url, $attrs, $savedUserData ); + $array_hdrs = + $self->_headers( $req, $originalUrl, $attrs, $savedUserData ); } else { $auth = 'VHnotFound'; @@ -352,17 +365,14 @@ sub check { # TODO: my $params = { - PORTAL => $self->conf->{portal}, - MAIN_LOGO => $self->conf->{portalMainLogo}, - SKIN => $self->p->getSkin($req), - LANGS => $self->conf->{showLanguages}, - MSG => $msg, - ALERTE => ( $msg eq 'checkUser' ? 'alert-info' : 'alert-warning' ), - LOGIN => $user, - URL => ( - $self->p->checkXSSAttack( 'URL', $url ) ? "" - : $url - ), + PORTAL => $self->conf->{portal}, + MAIN_LOGO => $self->conf->{portalMainLogo}, + SKIN => $self->p->getSkin($req), + LANGS => $self->conf->{showLanguages}, + MSG => $msg, + ALERTE => ( $msg eq 'checkUser' ? 'alert-info' : 'alert-warning' ), + LOGIN => $user, + URL => $url, ALLOWED => $auth, ALERTE_AUTH => $alert_auth, HEADERS => $array_hdrs, @@ -370,7 +380,8 @@ sub check { MACROS => $array_attrs->[1], GROUPS => $array_attrs->[0], TOKEN => ( - $self->ottRule->( $req, {} ) ? $self->ott->createToken() + $self->ottRule->( $req, {} ) + ? $self->ott->createToken() : '' ) }; @@ -380,17 +391,24 @@ sub check { return $self->p->sendHtml( $req, 'checkuser', params => $params ); } -sub _urlFormat { - my ( $self, $url ) = @_; - $url = 'http://' . $url unless ( $url =~ m#^https?://[^/]*.*#i ); - my ( $proto, $vhost, $appuri ) = $url =~ m#^(https?://)([^/]*)(.*)#i; +sub _resolveURL { + my ( $self, $req, $url ) = @_; + my ($proto) = $url =~ m#^(https?://).*#i; + my ( $vhost, $appuri ) = $url =~ m#^(?:https?://)?([^/]*)(.*)#i; my ($port) = $vhost =~ m#^.+(:\d+)$#; - $port ||= ''; $vhost =~ s/:\d+$//; $vhost .= $self->conf->{domain} unless ( $vhost =~ /\./ ); + $proto = + $self->p->HANDLER->_isHttps( $req, $vhost ) ? 'https://' : 'http://' + unless $proto; + $self->logger->debug( 'VHost is ' . uc( ( split( /:/, $proto ) )[0] ) ); + my $originalVhost = $self->p->HANDLER->resolveAlias($vhost); - return lc("$proto$vhost$port") . "$appuri"; + return ( + lc("$proto$vhost$port") . $appuri, + lc("$proto$originalVhost$port") . $appuri + ); } sub _userData { @@ -407,12 +425,9 @@ sub _userData { : push @$steps, 'setLocalGroups'; $req->steps($steps); if ( my $error = $self->p->process($req) ) { - if ( $error == PE_BADCREDENTIALS ) { - $self->userLogger->warn( - 'checkUser requested for an invalid user (' - . $req->{user} - . ")" ); - } + $self->userLogger->warn( + 'checkUser requested for an invalid user (' . $req->{user} . ")" ) + if ( $error == PE_BADCREDENTIALS ); $self->logger->debug("Process returned error: $error"); return $req->error(PE_BADCREDENTIALS); } @@ -468,16 +483,48 @@ sub _headers { $vhost =~ s/:\d+$//; $req->{env}->{HTTP_HOST} = $vhost; $self->p->HANDLER->headersInit( $self->{conf} ); + my $headers = $self->p->HANDLER->checkHeaders( $req, $attrs ); + + # Remove hidden headers relative to VHost if required + unless ( $self->unrestrictedUsersRule->( $req, $savedUserData ) ) { + my $keysToRemove = ''; + $keysToRemove = '__all__' + if exists $self->conf->{checkUserHiddenHeaders}->{$vhost}; + $keysToRemove = $self->conf->{checkUserHiddenHeaders}->{$vhost} + if ( $keysToRemove + && $self->conf->{checkUserHiddenHeaders}->{$vhost} =~ /\w+/ ); + + if ( $keysToRemove eq '__all__' ) { + $self->logger->debug( + "Overwrite for VirtualHost: $vhost ALL valued header(s)..."); + @$headers = map { + $_->{value} =~ /\w+/ + ? { key => $_->{key}, value => '******' } + : $_ + } @$headers; + } + else { + $self->logger->debug( + "Mask hidden header(s) for VirtualHost: $vhost"); + my $hash = { map { $_->{key} => $_->{value} } @$headers }; + $hash = $self->_removeKeys( $hash, $keysToRemove, + "Overwrite valued \"$keysToRemove\" header(s)...", 1 ); + @$headers = ( + map { { key => $_, value => $hash->{$_} } } + sort keys %$hash + ); + } + } + + # Remove empty headers if required + unless ( $self->displayEmptyHeadersRule->( $req, $savedUserData ) ) { + $self->logger->debug("Remove empty headers..."); + @$headers = grep $_->{value} =~ /.+/, @$headers; + } $self->logger->debug( "Return \"$attrs->{ $self->{conf}->{whatToTrace} }\" headers"); - return $self->p->HANDLER->checkHeaders( $req, $attrs ) - if ( $self->displayEmptyHeadersRule->( $req, $savedUserData ) ); - $self->logger->debug("Remove empty headers"); - my @headers = grep $_->{value} =~ /.+/, - @{ $self->p->HANDLER->checkHeaders( $req, $attrs ) }; - - return \@headers; + return $headers; } sub _createArray { @@ -511,7 +558,7 @@ sub _dispatchAttributes { my ( $grps, $mcrs, $others ) = ( [], [], [] ); my $macros = $self->{conf}->{macros}; - $self->logger->debug("Dispatching attributes..."); + $self->logger->debug("Dispatch attributes..."); while (@$attrs) { my $element = shift @$attrs; $self->logger->debug( "Processing element: $element->{key} => " @@ -539,9 +586,9 @@ sub _dispatchAttributes { # Sort real and spoofed attributes if required if ( $self->sorted ) { - $self->logger->debug('Dispatching real and spoofed attributes...'); + $self->logger->debug('Sort real and spoofed attributes...'); my ( $realAttrs, $spoofedAttrs ) = ( [], [] ); - my $prefix = "$self->{conf}->{impersonationPrefix}"; + my $prefix = $self->{conf}->{impersonationPrefix}; while (@$others) { my $element = shift @$others; $self->logger->debug( "Processing attribute $element->{key} => " @@ -560,12 +607,22 @@ sub _dispatchAttributes { return [ $grps, $mcrs, $others ]; } -sub _removePersistentAttributes { - my ( $self, $attrs ) = @_; - my $regex = join '|', split /\s+/, $self->persistentAttrs; +sub _removeKeys { + my ( $self, $attrs, $hidden, $msg, $mask ) = @_; + my $regex = join '|', split /\s+/, $hidden; my @keys = grep /$regex/, keys %$attrs; - $self->logger->debug("Remove persistent session attributes"); - delete @$attrs{@keys}; + + $self->logger->debug($msg); + if ($mask) { + $self->userLogger->info('Hide some headers'); + foreach (@keys) { + $attrs->{$_} = '******' if $attrs->{$_} =~ /\w+/; + } + } + else { + $self->userLogger->info('Remove some headers'); + delete @$attrs{@keys}; + } return $attrs; } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/ContextSwitching.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/ContextSwitching.pm index 360242314..feb92913b 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/ContextSwitching.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/ContextSwitching.pm @@ -140,7 +140,7 @@ sub display { sub run { my ( $self, $req ) = @_; my $statut = PE_OK; - my $realId = $req->{user}; + my $realId = $req->userData->{ $self->conf->{whatToTrace} }; my $spoofId = $req->param('spoofId') || ''; # ContextSwitching required ? my $unUser = $self->unrestrictedUsersRule->( $req, $req->userData ) || 0; @@ -202,7 +202,7 @@ sub _switchContext { my ( $self, $req, $spoofId, $unUser ) = @_; my $realSessionId = $req->userData->{_session_id}; my $realAuthLevel = $req->userData->{authenticationLevel}; - my $realId = $req->{user}; + my $realId = $req->userData->{ $self->conf->{whatToTrace} }; my $raz = 0; $req->{user} = $spoofId; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/GlobalLogout.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/GlobalLogout.pm index eddf8ae7e..1f3852367 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/GlobalLogout.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/GlobalLogout.pm @@ -54,9 +54,9 @@ sub run { my ( $self, $req ) = @_; my $user = $req->{userData}->{ $self->conf->{whatToTrace} }; - # Check activation rules + # Check activation rule unless ( $self->rule->( $req, $req->userData ) ) { - $self->userLogger->info("Global logout not required for $user"); + $self->userLogger->info("GlobaLogout not allowed for $user"); return PE_OK; } @@ -116,20 +116,22 @@ sub globalLogout { # Read active sessions from token my $sessions = eval { from_json( $token->{sessions} ) }; if ($@) { - $self->logger->error("Bad encoding in OTT: $@"); + $self->logger->error( + "GlobalLogout: bad encoding in OTT ($@)"); $res = PE_ERROR; } my $as; - foreach (@$sessions) { - unless ( $as = $self->p->getApacheSession( $_->{id} ) ) { - $self->userLogger->info( - "GlobalLogout: session $_->{id} expired"); - next; - } - my $user = $token->{user}; - if ( $req->{userData}->{ $self->{conf}->{whatToTrace} } eq - $user ) - { + my $user = $token->{user}; + my $req_user = + $req->{userData}->{ $self->{conf}->{whatToTrace} }; + if ( $req_user eq $user ) { + foreach (@$sessions) { + unless ( $as = $self->p->getApacheSession( $_->{id} ) ) + { + $self->userLogger->info( + "GlobalLogout: session $_->{id} expired"); + next; + } unless ( $req->{userData}->{_session_id} eq $_->{id} ) { $self->userLogger->info( "Remove \"$user\" session: $_->{id}"); @@ -137,11 +139,12 @@ sub globalLogout { $count++; } } - else { - $self->userLogger->warn( - "GlobalLogout called with an invalid token"); - $res = PE_TOKENEXPIRED; - } + } + else { + $self->userLogger->warn( +"GlobalLogout called with an invalid token: $req_user is NOT $user" + ); + $res = PE_TOKENEXPIRED; } } else { @@ -157,7 +160,7 @@ sub globalLogout { } return $self->p->do( $req, [ sub { $res } ] ) if $res; - $self->userLogger->info("$count remaining session(s) have been removed"); + $self->userLogger->info("$count remaining session(s) removed"); return $self->p->do( $req, [ 'authLogout', 'deleteSession' ] ); } @@ -177,16 +180,16 @@ sub activeSessions { $self->module->searchOn( $moduleOptions, $self->conf->{whatToTrace}, $user ); - $self->logger->debug('Remove corrupted sessions...'); - my $corrupted = 0; + $self->logger->debug('Remove non-SSO session(s)...'); + my $other = 0; foreach ( keys %$sessions ) { unless ( $sessions->{$_}->{_session_kind} eq 'SSO' ) { delete $sessions->{$_}; - $corrupted++; + $other++; } } - $self->logger->info("$corrupted corrupted session(s) removed") - if $corrupted; + $self->logger->info("$other non-SSO session(s) removed") + if $other; $self->logger->debug('Build an array ref with sessions info...'); @$activeSessions = diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/GrantSession.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/GrantSession.pm index b6d295b16..75b7e6ffa 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/GrantSession.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/GrantSession.pm @@ -72,16 +72,17 @@ sub run { $req, 'simpleInfo', params => { trspan => $msg } ) ); - $self->userLogger->error( 'User ' - . $req->sessionInfo->{uid} - . " was not granted to open session (rule -> $rule)" ); + $self->userLogger->error( 'User "' + . $req->{sessionInfo}->{ $self->conf->{whatToTrace} } + . '" was not granted to open session (rule ->' + . "$rule)" ); $req->urldc( $self->conf->{portal} ); return $req->authResult(PE_SESSIONNOTGRANTED); } else { - $self->userLogger->error( 'User ' - . $req->sessionInfo->{uid} - . " was not granted to open session (rule -> " + $self->userLogger->error( 'User "' + . $req->{sessionInfo}->{ $self->conf->{whatToTrace} } + . '" was not granted to open session (rule -> ' . $self->conf->{grantSessionRules}->{$_} . ")" ); $req->urldc( $self->conf->{portal} ); diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/MailPasswordReset.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/MailPasswordReset.pm index 2cfbba15c..2bca65fa5 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/MailPasswordReset.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/MailPasswordReset.pm @@ -490,6 +490,11 @@ sub changePwd { return $result; } + my $userlog = $req->sessionInfo->{ $self->conf->{whatToTrace} }; + my $iplog = $req->sessionInfo->{ipAddr}; + $self->userLogger->notice("Password changed for $userlog ($iplog)") + if ( defined $userlog and $iplog ); + # Send mail containing the new password $req->data->{mailAddress} ||= $self->p->getFirstValue( diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/SingleSession.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/SingleSession.pm index 9fde990bb..fddc6448a 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/SingleSession.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/SingleSession.pm @@ -182,7 +182,7 @@ sub removeOther { } return $self->p->do( $req, [ sub { $res } ] ) if $res; - $self->userLogger->info("$count remaining session(s) have been removed"); + $self->userLogger->info("$count remaining session(s) removed"); $req->mustRedirect(1); return $self->p->autoRedirect($req); } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/LDAP.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/LDAP.pm index d91126a22..28e276f5e 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/LDAP.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/LDAP.pm @@ -40,12 +40,16 @@ sub setSessionInfo { %{ $self->conf->{ldapExportedVars} } ); while ( my ( $k, $v ) = each %vars ) { + my $value = $self->ldap->getLdapValue( $req->data->{ldapentry}, $v ); + # getLdapValue returns an empty string for missing attribute # but we really want to return undef so they don't get stored in session - $req->sessionInfo->{$k} = - $self->ldap->getLdapValue( $req->data->{ldapentry}, $v ) || undef; - } + # This has to be a string comparison because "0" is a valid attribute + # value. See #2403 + $value = undef if ( $value eq "" ); + $req->sessionInfo->{$k} = $value; + } PE_OK; } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Slave.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Slave.pm index a547b2421..8518921f6 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Slave.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Slave.pm @@ -7,12 +7,18 @@ package Lemonldap::NG::Portal::UserDB::Slave; use strict; use Mouse; -use Lemonldap::NG::Portal::Lib::Slave; -use Lemonldap::NG::Portal::Main::Constants qw(PE_FORBIDDENIP PE_OK); + +use Lemonldap::NG::Portal::Main::Constants qw( + PE_OK + PE_FORBIDDENIP +); our $VERSION = '2.1.0'; -extends 'Lemonldap::NG::Common::Module'; +extends qw( + Lemonldap::NG::Common::Module + Lemonldap::NG::Portal::Lib::Slave +); # INITIALIZATION diff --git a/lemonldap-ng-portal/site/coffee/portal.coffee b/lemonldap-ng-portal/site/coffee/portal.coffee index 25329208b..88d257170 100644 --- a/lemonldap-ng-portal/site/coffee/portal.coffee +++ b/lemonldap-ng-portal/site/coffee/portal.coffee @@ -482,7 +482,7 @@ $(window).on 'load', () -> $('#newpassword')[0].setCustomValidity(translate('PE28')) return - if window.datas.ppolicy? + if window.datas.ppolicy? and $('#newpassword').length # Initialize display checkpassword '' diff --git a/lemonldap-ng-portal/site/htdocs/static/bootstrap/css/styles.css b/lemonldap-ng-portal/site/htdocs/static/bootstrap/css/styles.css index 68ce354f1..21cffb5e5 100644 --- a/lemonldap-ng-portal/site/htdocs/static/bootstrap/css/styles.css +++ b/lemonldap-ng-portal/site/htdocs/static/bootstrap/css/styles.css @@ -152,7 +152,7 @@ div.oidc_consent_message > ul { cursor: pointer; } -.nodecor:hover, .nodecor:active.nodecor:focus { +.nodecor:hover, .nodecor:active, .nodecor:focus { text-decoration: none; } @@ -181,3 +181,13 @@ input.key { text-align: center; caption-side: bottom; } + +/* Allow full height for check box label */ +div.input-group > p.form-control { + height: auto; +} +div.input-group > p.form-control > label { + display: revert; + user-select: none; + cursor: pointer; +} diff --git a/lemonldap-ng-portal/site/htdocs/static/bootstrap/css/styles.min.css b/lemonldap-ng-portal/site/htdocs/static/bootstrap/css/styles.min.css index 83cd9b657..860b78b71 100644 --- a/lemonldap-ng-portal/site/htdocs/static/bootstrap/css/styles.min.css +++ b/lemonldap-ng-portal/site/htdocs/static/bootstrap/css/styles.min.css @@ -1 +1 @@ -html,body{height:100%;background:radial-gradient(circle at 50% 0,#fff 0,#ddd 100%) no-repeat scroll 0 0 #ddd}#wrap{min-height:100%;height:auto;margin:0 auto -80px;padding:20px 0 80px}#footer{height:80px;background-color:#fff;background-color:rgba(255,255,255,0.9);text-align:center;padding-top:10px;overflow:hidden}#header img{background-color:#fff;background-color:rgba(255,255,255,0.8);margin-bottom:20px}.card,.navbar-light{background-color:#fff;background-color:rgba(255,255,255,0.9);background-image:none}.login,.password{text-align:center;padding:20px}div.form{margin:0 auto;max-width:330px}div.actions{margin:10px 0 0 0}div.actions a{margin-top:10px}.buttons{text-align:center;margin:10px 0 0 0;cursor:pointer}.btn{white-space:normal}.btn span.fa{padding-right:8px}li.ui-state-active{background-color:#fafafa;background-color:rgba(250,250,250,0.9)}#appslist,#password,#loginHistory,#logout,#oidcConsents{margin-top:20px}div.category{margin:10px 0;cursor:grab}div.application{margin:5px 0;overflow:hidden}div.application a,div.application a:hover{text-decoration:none}p.notifCheck label{margin-left:5px;margin-top:3px;display:inline-block}img.langicon{cursor:pointer}button.idploop{max-width:300px}button.idploop img{max-height:30px}div.oidc_consent_message>ul{text-align:left;list-style:circle}@media(min-width:768px){div.application{height:80px}div.application h4.appname{margin:0}#wrap{margin:0 auto -60px}#footer{height:60px}}.hiddenFrame{border:0;display:hidden;margin:0}.noborder{border:0}.max{width:100%}.link{cursor:pointer}.nodecor:hover,.nodecor:active.nodecor:focus{text-decoration:none}.fa.icon-blue{color:blue}.progress-bar-animated{width:100%}input.key{font-family:'password';width:100px}@font-face{font-family:'password';src:url(/static/common/fonts/password.ttf)}.info.table caption{color:black;text-align:center;caption-side:bottom} \ No newline at end of file +html,body{height:100%;background:radial-gradient(circle at 50% 0,#fff 0,#ddd 100%) no-repeat scroll 0 0 #ddd}#wrap{min-height:100%;height:auto;margin:0 auto -80px;padding:20px 0 80px}#footer{height:80px;background-color:#fff;background-color:rgba(255,255,255,0.9);text-align:center;padding-top:10px;overflow:hidden}#header img{background-color:#fff;background-color:rgba(255,255,255,0.8);margin-bottom:20px}.card,.navbar-light{background-color:#fff;background-color:rgba(255,255,255,0.9);background-image:none}.login,.password{text-align:center;padding:20px}div.form{margin:0 auto;max-width:330px}div.actions{margin:10px 0 0 0}div.actions a{margin-top:10px}.buttons{text-align:center;margin:10px 0 0 0;cursor:pointer}.btn{white-space:normal}.btn span.fa{padding-right:8px}li.ui-state-active{background-color:#fafafa;background-color:rgba(250,250,250,0.9)}#appslist,#password,#loginHistory,#logout,#oidcConsents{margin-top:20px}div.category{margin:10px 0;cursor:grab}div.application{margin:5px 0;overflow:hidden}div.application a,div.application a:hover{text-decoration:none}p.notifCheck label{margin-left:5px;margin-top:3px;display:inline-block}img.langicon{cursor:pointer}button.idploop{max-width:300px}button.idploop img{max-height:30px}div.oidc_consent_message>ul{text-align:left;list-style:circle}@media(min-width:768px){div.application{height:80px}div.application h4.appname{margin:0}#wrap{margin:0 auto -60px}#footer{height:60px}}.hiddenFrame{border:0;display:hidden;margin:0}.noborder{border:0}.max{width:100%}.link{cursor:pointer}.nodecor:hover,.nodecor:active,.nodecor:focus{text-decoration:none}.fa.icon-blue{color:blue}.progress-bar-animated{width:100%}input.key{font-family:'password';width:100px}@font-face{font-family:'password';src:url(/static/common/fonts/password.ttf)}.info.table caption{color:black;text-align:center;caption-side:bottom}div.input-group>p.form-control{height:auto}div.input-group>p.form-control>label{display:revert;user-select:none;cursor:pointer} \ No newline at end of file diff --git a/lemonldap-ng-portal/site/htdocs/static/common/js/portal.js b/lemonldap-ng-portal/site/htdocs/static/common/js/portal.js index 0bd13a977..f8da288b0 100644 --- a/lemonldap-ng-portal/site/htdocs/static/common/js/portal.js +++ b/lemonldap-ng-portal/site/htdocs/static/common/js/portal.js @@ -520,7 +520,7 @@ LemonLDAP::NG Portal jQuery scripts $('#newpassword')[0].setCustomValidity(translate('PE28')); } }; - if (window.datas.ppolicy != null) { + if ((window.datas.ppolicy != null) && $('#newpassword').length) { checkpassword(''); $('#newpassword').keyup(function(e) { checkpassword(e.target.value); diff --git a/lemonldap-ng-portal/site/htdocs/static/common/js/portal.min.js b/lemonldap-ng-portal/site/htdocs/static/common/js/portal.min.js index e93a9bfd2..0dac18183 100644 --- a/lemonldap-ng-portal/site/htdocs/static/common/js/portal.min.js +++ b/lemonldap-ng-portal/site/htdocs/static/common/js/portal.min.js @@ -1,5 +1,6 @@ <<<<<<< HEAD <<<<<<< HEAD +<<<<<<< HEAD (function(){var D,e,I,_,M,N,R,U,t,A,p,i,J,s,z=[].indexOf||function(t){for(var e=0,n=this.length;e div.category",update:function(){return A()}}),R(),$("div.message").fadeIn("slow"),$("input[name=timezone]").val(-(new Date).getTimezoneOffset()/60),b=$("#menu").tabs({active:0}),(v=$('#menu a[href="#'+D.displaytab+'"]').parent().index())<0&&(v=0),b.tabs("option","active",v),a=$("#authMenu").tabs({active:0}),(n=$('#authMenu a[href="#'+D.displaytab+'"]').parent().index())<0&&(n=0),a.tabs("option","active",n),D.choicetab&&a.tabs("option","active",$('#authMenu a[href="#'+D.choicetab+'"]').parent().index()),D.login?$("input[type=password]:first").focus():0===$("input[autofocus]").length&&$("input[type!=hidden]:first").focus(),D.newwindow&&$("#appslist a").attr("target","_blank"),$("p.removeOther").length&&(t=$("#form").attr("action"),y=$("#form").attr("method"),console.log("method=",y),r="",$("#form input[type=hidden]")&&(console.log("Parse hidden values"),$("#form input[type=hidden]").each(function(t){return console.log(" ->",$(this).attr("name"),$(this).val()),r+="&"+$(this).attr("name")+"="+$(this).val()})),o="",t&&(console.log("action=",t),-1!==t.indexOf("?")?t.substring(0,t.indexOf("?")):o=t+"?",o+=r,r=""),w=$("p.removeOther a").attr("href")+"&method="+y+r,o&&(w+="&url="+btoa(o)),$("p.removeOther a").attr("href",w)),(O=window.location.search)&&(console.log("Parsed queryString:",O),G=new URLSearchParams(O)),G&&((T=G.get("llnglanguage"))&&console.log("Get lang from parameter"),1===(E=G.get("setCookieLang"))&&console.log("Set lang cookie")),l||(l=I("llnglanguage"))&&!T&&console.log("Get lang from cookie"),l)z.call(window.availableLanguages,l)<0&&(l=window.availableLanguages[0],T||console.log("Lang not available -> Get default lang"));else if(navigator){for(u=[],g=[],k=[navigator.language],navigator.languages&&(k=navigator.languages),i=0,d=(j=window.availableLanguages).length;i ';for(s=0,p=k.length;s Get default lang"),T=window.availableLanguages[0]),console.log("Selected lang ->",T),E&&(console.log("Set cookie lang ->",T),U("llnglanguage",T)),J(T)):(console.log("Selected lang ->",l),U("llnglanguage",l),J(l)),c="",x=0,f=(C=window.availableLanguages).length;x ';return $("#languages").html(c),$(".langicon").on("click",function(){return l=$(this).attr("title"),U("llnglanguage",l),J(l)}),D.pingInterval&&0 div.category",update:function(){return V()}}),N(),$("div.message").fadeIn("slow"),$("input[name=timezone]").val(-(new Date).getTimezoneOffset()/60),k=$("#menu").tabs({active:0}),(b=$('#menu a[href="#'+G.displaytab+'"]').parent().index())<0&&(b=0),k.tabs("option","active",b),n=$("#authMenu").tabs({active:0}),(t=$('#authMenu a[href="#'+G.displaytab+'"]').parent().index())<0&&(t=0),n.tabs("option","active",t),G.choicetab&&n.tabs("option","active",$('#authMenu a[href="#'+G.choicetab+'"]').parent().index()),G.login?$("input[type=password]:first").focus():0===$("input[autofocus]").length&&$("input[type!=hidden]:first").focus(),G.newwindow&&$("#appslist a").attr("target","_blank"),$("p.removeOther").length&&(e=$("#form").attr("action"),x=$("#form").attr("method"),console.log("method=",x),r="",$("#form input[type=hidden]")&&(console.log("Parse hidden values"),$("#form input[type=hidden]").each(function(e){return console.log(" ->",$(this).attr("name"),$(this).val()),r+="&"+$(this).attr("name")+"="+$(this).val()})),o="",e&&(console.log("action=",e),-1!==e.indexOf("?")?e.substring(0,e.indexOf("?")):o=e+"?",o+=r,r=""),y=$("p.removeOther a").attr("href")+"&method="+x+r,o&&(y+="&url="+btoa(o)),$("p.removeOther a").attr("href",y)),window.location.search&&((j=D("llnglanguage"))&&console.log("Get lang from parameter"),1===(A=D("setCookieLang"))&&console.log("Set lang cookie")),c||(c=I("llnglanguage"))&&!j&&console.log("Get lang from cookie"),c)Z.call(window.availableLanguages,c)<0&&(c=window.availableLanguages[0],j||console.log("Lang not available -> Get default lang"));else if(navigator){for(u=[],g=[],L=[navigator.language],navigator.languages&&(L=navigator.languages),l=0,f=(S=window.availableLanguages).length;l ';for(v=0,h=L.length;v Get default lang"),j=window.availableLanguages[0]),console.log("Selected lang ->",j),A&&(console.log("Set cookie lang ->",j),U("llnglanguage",j)),H(j)):(console.log("Selected lang ->",c),U("llnglanguage",c),H(c)),p="",T=0,m=(z=window.availableLanguages).length;T ';return $("#languages").html(p),$(".langicon").on("click",function(){return c=$(this).attr("title"),U("llnglanguage",c),H(c)}),d=function(e){var a;return 47<(a=e.charCodeAt(0))&&a<58||64=window.datas.ppolicy.minsize?($("#ppolicy-minsize-feedback").addClass("fa-check text-success"),$("#ppolicy-minsize-feedback").removeClass("fa-times text-danger")):($("#ppolicy-minsize-feedback").removeClass("fa-check text-success"),$("#ppolicy-minsize-feedback").addClass("fa-times text-danger"),l=!1)),0=window.datas.ppolicy.minupper?($("#ppolicy-minupper-feedback").addClass("fa-check text-success"),$("#ppolicy-minupper-feedback").removeClass("fa-times text-danger")):($("#ppolicy-minupper-feedback").removeClass("fa-check text-success"),$("#ppolicy-minupper-feedback").addClass("fa-times text-danger"),l=!1)),0=window.datas.ppolicy.minlower?($("#ppolicy-minlower-feedback").addClass("fa-check text-success"),$("#ppolicy-minlower-feedback").removeClass("fa-times text-danger")):($("#ppolicy-minlower-feedback").removeClass("fa-check text-success"),$("#ppolicy-minlower-feedback").addClass("fa-times text-danger"),l=!1)),0=window.datas.ppolicy.mindigit?($("#ppolicy-mindigit-feedback").addClass("fa-check text-success"),$("#ppolicy-mindigit-feedback").removeClass("fa-times text-danger")):($("#ppolicy-mindigit-feedback").removeClass("fa-check text-success"),$("#ppolicy-mindigit-feedback").addClass("fa-times text-danger"),l=!1)),window.datas.ppolicy.allowedspechar){for(i=window.datas.ppolicy.allowedspechar.replace(/\s/g,""),t=!1,n=0,o=e.length;n=window.datas.ppolicy.minspechar?($("#ppolicy-minspechar-feedback").addClass("fa-check text-success"),$("#ppolicy-minspechar-feedback").removeClass("fa-times text-danger")):($("#ppolicy-minspechar-feedback").removeClass("fa-check text-success"),$("#ppolicy-minspechar-feedback").addClass("fa-times text-danger"),l=!1)}l?($(".ppolicy").removeClass("border-danger").addClass("border-success"),$("#newpassword")[0].setCustomValidity("")):($(".ppolicy").removeClass("border-success").addClass("border-danger"),$("#newpassword")[0].setCustomValidity(J("PE28")))},null!=window.datas.ppolicy&&(s(""),$("#newpassword").keyup(function(e){s(e.target.value)})),i=function(){return $("#confirmpassword")[0].value===$("#newpassword")[0].value?($("#confirmpassword")[0].setCustomValidity(""),!0):($("#confirmpassword")[0].setCustomValidity(J("PE34")),!1)},$("#newpassword").change(i),$("#confirmpassword").change(i),G.pingInterval&&0 div.category",update:function(){return V()}}),N(),$("div.message").fadeIn("slow"),$("input[name=timezone]").val(-(new Date).getTimezoneOffset()/60),k=$("#menu").tabs({active:0}),(b=$('#menu a[href="#'+G.displaytab+'"]').parent().index())<0&&(b=0),k.tabs("option","active",b),n=$("#authMenu").tabs({active:0}),(t=$('#authMenu a[href="#'+G.displaytab+'"]').parent().index())<0&&(t=0),n.tabs("option","active",t),G.choicetab&&n.tabs("option","active",$('#authMenu a[href="#'+G.choicetab+'"]').parent().index()),G.login?$("input[type=password]:first").focus():0===$("input[autofocus]").length&&$("input[type!=hidden]:first").focus(),G.newwindow&&$("#appslist a").attr("target","_blank"),$("p.removeOther").length&&(e=$("#form").attr("action"),x=$("#form").attr("method"),console.log("method=",x),r="",$("#form input[type=hidden]")&&(console.log("Parse hidden values"),$("#form input[type=hidden]").each(function(e){return console.log(" ->",$(this).attr("name"),$(this).val()),r+="&"+$(this).attr("name")+"="+$(this).val()})),o="",e&&(console.log("action=",e),-1!==e.indexOf("?")?e.substring(0,e.indexOf("?")):o=e+"?",o+=r,r=""),y=$("p.removeOther a").attr("href")+"&method="+x+r,o&&(y+="&url="+btoa(o)),$("p.removeOther a").attr("href",y)),window.location.search&&((j=D("llnglanguage"))&&console.log("Get lang from parameter"),1===(A=D("setCookieLang"))&&console.log("Set lang cookie")),l||(l=I("llnglanguage"))&&!j&&console.log("Get lang from cookie"),l)Z.call(window.availableLanguages,l)<0&&(l=window.availableLanguages[0],j||console.log("Lang not available -> Get default lang"));else if(navigator){for(u=[],g=[],L=[navigator.language],navigator.languages&&(L=navigator.languages),c=0,f=(S=window.availableLanguages).length;c ';for(v=0,h=L.length;v Get default lang"),j=window.availableLanguages[0]),console.log("Selected lang ->",j),A&&(console.log("Set cookie lang ->",j),U("llnglanguage",j)),H(j)):(console.log("Selected lang ->",l),U("llnglanguage",l),H(l)),p="",T=0,m=(z=window.availableLanguages).length;T ';return $("#languages").html(p),$(".langicon").on("click",function(){return l=$(this).attr("title"),U("llnglanguage",l),H(l)}),d=function(e){var a;return 47<(a=e.charCodeAt(0))&&a<58||64=window.datas.ppolicy.minsize?($("#ppolicy-minsize-feedback").addClass("fa-check text-success"),$("#ppolicy-minsize-feedback").removeClass("fa-times text-danger")):($("#ppolicy-minsize-feedback").removeClass("fa-check text-success"),$("#ppolicy-minsize-feedback").addClass("fa-times text-danger"),c=!1)),0=window.datas.ppolicy.minupper?($("#ppolicy-minupper-feedback").addClass("fa-check text-success"),$("#ppolicy-minupper-feedback").removeClass("fa-times text-danger")):($("#ppolicy-minupper-feedback").removeClass("fa-check text-success"),$("#ppolicy-minupper-feedback").addClass("fa-times text-danger"),c=!1)),0=window.datas.ppolicy.minlower?($("#ppolicy-minlower-feedback").addClass("fa-check text-success"),$("#ppolicy-minlower-feedback").removeClass("fa-times text-danger")):($("#ppolicy-minlower-feedback").removeClass("fa-check text-success"),$("#ppolicy-minlower-feedback").addClass("fa-times text-danger"),c=!1)),0=window.datas.ppolicy.mindigit?($("#ppolicy-mindigit-feedback").addClass("fa-check text-success"),$("#ppolicy-mindigit-feedback").removeClass("fa-times text-danger")):($("#ppolicy-mindigit-feedback").removeClass("fa-check text-success"),$("#ppolicy-mindigit-feedback").addClass("fa-times text-danger"),c=!1)),window.datas.ppolicy.allowedspechar){for(i=window.datas.ppolicy.allowedspechar.replace(/\s/g,""),t=!1,n=0,o=e.length;n=window.datas.ppolicy.minspechar?($("#ppolicy-minspechar-feedback").addClass("fa-check text-success"),$("#ppolicy-minspechar-feedback").removeClass("fa-times text-danger")):($("#ppolicy-minspechar-feedback").removeClass("fa-check text-success"),$("#ppolicy-minspechar-feedback").addClass("fa-times text-danger"),c=!1)}if(0=window.datas.ppolicy.minspechar?($("#ppolicy-minspechar-feedback").addClass("fa-check text-success"),$("#ppolicy-minspechar-feedback").removeClass("fa-times text-danger")):($("#ppolicy-minspechar-feedback").removeClass("fa-check text-success"),$("#ppolicy-minspechar-feedback").addClass("fa-times text-danger"),c=!1)}c?($(".ppolicy").removeClass("border-danger").addClass("border-success"),$("#newpassword")[0].setCustomValidity("")):($(".ppolicy").removeClass("border-success").addClass("border-danger"),$("#newpassword")[0].setCustomValidity(J("PE28")))},null!=window.datas.ppolicy&&(s(""),$("#newpassword").keyup(function(e){s(e.target.value)})),i=function(){return $("#confirmpassword")[0].value===$("#newpassword")[0].value?($("#confirmpassword")[0].setCustomValidity(""),!0):($("#confirmpassword")[0].setCustomValidity(J("PE34")),!1)},$("#newpassword").change(i),$("#confirmpassword").change(i),G.pingInterval&&0>>>>>> origin/v2.0 +======= +(function(){var e,a,t,n,o,s,i,r,c,l,d,p,u,g,f,h=[].indexOf||function(e){for(var a=0,t=this.length;a div.category",update:function(){return d()}}),r(),$("div.message").fadeIn("slow"),$("input[name=timezone]").val(-(new Date).getTimezoneOffset()/60),G=$("#menu").tabs({active:0}),A=$('#menu a[href="#'+e.displaytab+'"]').parent().index(),A<0&&(A=0),G.tabs("option","active",A),f=$("#authMenu").tabs({active:0}),p=$('#authMenu a[href="#'+e.displaytab+'"]').parent().index(),p<0&&(p=0),f.tabs("option","active",p),e.choicetab&&f.tabs("option","active",$('#authMenu a[href="#'+e.choicetab+'"]').parent().index()),e.login?$("input[type=password]:first").focus():0===$("input[autofocus]").length&&$("input[type!=hidden]:first").focus(),e.newwindow&&$("#appslist a").attr("target","_blank"),$("p.removeOther").length&&(a=$("#form").attr("action"),I=$("#form").attr("method"),console.log("method=",I),v="",$("#form input[type=hidden]")&&(console.log("Parse hidden values"),$("#form input[type=hidden]").each(function(e){return console.log(" ->",$(this).attr("name"),$(this).val()),v+="&"+$(this).attr("name")+"="+$(this).val()})),w="",a&&(console.log("action=",a),-1!==a.indexOf("?")?a.substring(0,a.indexOf("?")):w=a+"?",w+=v,v=""),P=$("p.removeOther a").attr("href")+"&method="+I+v,w&&(P+="&url="+btoa(w)),$("p.removeOther a").attr("href",P)),window.location.search&&(N=n("llnglanguage"),N&&console.log("Get lang from parameter"),1===(Z=n("setCookieLang"))&&console.log("Set lang cookie")),x||(x=t("llnglanguage"))&&!N&&console.log("Get lang from cookie"),x)h.call(window.availableLanguages,x)<0&&(x=window.availableLanguages[0],N||console.log("Lang not available -> Get default lang"));else if(navigator){for(O=[],L=[],_=[navigator.language],navigator.languages&&(_=navigator.languages),V=window.availableLanguages,k=0,T=V.length;k ';for(z=0,j=_.length;z Get default lang"),N=window.availableLanguages[0]),console.log("Selected lang ->",N),Z&&(console.log("Set cookie lang ->",N),c("llnglanguage",N)),g(N)):(console.log("Selected lang ->",x),c("llnglanguage",x),g(x)),C="",H=window.availableLanguages,M=0,S=H.length;M ';return $("#languages").html(C),$(".langicon").on("click",function(){return x=$(this).attr("title"),c("llnglanguage",x),g(x)}),b=function(e){var a;return(a=e.charCodeAt(0))>47&&a<58||a>64&&a<91||a>96&&a<123},m=function(e){var a,t,n,o,s,i,r,c,l;if(c=!0,window.datas.ppolicy.minsize>0&&(e.length>=window.datas.ppolicy.minsize?($("#ppolicy-minsize-feedback").addClass("fa-check text-success"),$("#ppolicy-minsize-feedback").removeClass("fa-times text-danger")):($("#ppolicy-minsize-feedback").removeClass("fa-check text-success"),$("#ppolicy-minsize-feedback").addClass("fa-times text-danger"),c=!1)),window.datas.ppolicy.minupper>0&&(l=e.match(/[A-Z]/g),l&&l.length>=window.datas.ppolicy.minupper?($("#ppolicy-minupper-feedback").addClass("fa-check text-success"),$("#ppolicy-minupper-feedback").removeClass("fa-times text-danger")):($("#ppolicy-minupper-feedback").removeClass("fa-check text-success"),$("#ppolicy-minupper-feedback").addClass("fa-times text-danger"),c=!1)),window.datas.ppolicy.minlower>0&&(s=e.match(/[a-z]/g),s&&s.length>=window.datas.ppolicy.minlower?($("#ppolicy-minlower-feedback").addClass("fa-check text-success"),$("#ppolicy-minlower-feedback").removeClass("fa-times text-danger")):($("#ppolicy-minlower-feedback").removeClass("fa-check text-success"),$("#ppolicy-minlower-feedback").addClass("fa-times text-danger"),c=!1)),window.datas.ppolicy.mindigit>0&&(a=e.match(/[0-9]/g),a&&a.length>=window.datas.ppolicy.mindigit?($("#ppolicy-mindigit-feedback").addClass("fa-check text-success"),$("#ppolicy-mindigit-feedback").removeClass("fa-times text-danger")):($("#ppolicy-mindigit-feedback").removeClass("fa-check text-success"),$("#ppolicy-mindigit-feedback").addClass("fa-times text-danger"),c=!1)),window.datas.ppolicy.allowedspechar){for(i=window.datas.ppolicy.allowedspechar.replace(/\s/g,""),t=!1,n=0,o=e.length;n0&&window.datas.ppolicy.allowedspechar){for(r=0,i=window.datas.ppolicy.allowedspechar.replace(/\s/g,""),n=0;n=0&&r++,n++;r>=window.datas.ppolicy.minspechar?($("#ppolicy-minspechar-feedback").addClass("fa-check text-success"),$("#ppolicy-minspechar-feedback").removeClass("fa-times text-danger")):($("#ppolicy-minspechar-feedback").removeClass("fa-check text-success"),$("#ppolicy-minspechar-feedback").addClass("fa-times text-danger"),c=!1)}if(window.datas.ppolicy.minspechar>0&&!window.datas.ppolicy.allowedspechar){for(r=0,n=0;n=window.datas.ppolicy.minspechar?($("#ppolicy-minspechar-feedback").addClass("fa-check text-success"),$("#ppolicy-minspechar-feedback").removeClass("fa-times text-danger")):($("#ppolicy-minspechar-feedback").removeClass("fa-check text-success"),$("#ppolicy-minspechar-feedback").addClass("fa-times text-danger"),c=!1)}c?($(".ppolicy").removeClass("border-danger").addClass("border-success"),$("#newpassword")[0].setCustomValidity("")):($(".ppolicy").removeClass("border-success").addClass("border-danger"),$("#newpassword")[0].setCustomValidity(u("PE28")))},null!=window.datas.ppolicy&&$("#newpassword").length&&(m(""),$("#newpassword").keyup(function(e){m(e.target.value)})),y=function(){return $("#confirmpassword")[0].value===$("#newpassword")[0].value?($("#confirmpassword")[0].setCustomValidity(""),!0):($("#confirmpassword")[0].setCustomValidity(u("PE34")),!1)},$("#newpassword").change(y),$("#confirmpassword").change(y),e.pingInterval&&e.pingInterval>0&&window.setTimeout(s,e.pingInterval),$(".localeDate").each(function(){var e;return e=new Date(1e3*$(this).attr("val")),$(this).text(e.toLocaleString())}),$(".oidcConsent").on("click",function(){return i($(this).attr("partner"))}),$("#show-hide-button").on("click",function(){return"password"===$("#newpassword").attr("type")?(console.log("Show passwords"),$("#newpassword").attr("type","input"),$("#confirmpassword").attr("type","input"),$("#show-hide-icon-button").removeClass("fa-eye"),$("#show-hide-icon-button").addClass("fa-eye-slash")):(console.log("Hide passwords"),$("#newpassword").attr("type","password"),$("#confirmpassword").attr("type","password"),$("#show-hide-icon-button").removeClass("fa-eye-slash"),$("#show-hide-icon-button").addClass("fa-eye"))})})}).call(this); +//# sourceMappingURL=portal.min.js.map +>>>>>>> v2.0 diff --git a/lemonldap-ng-portal/site/htdocs/static/common/js/portal.min.js.map b/lemonldap-ng-portal/site/htdocs/static/common/js/portal.min.js.map index 58c880b77..7e3bf831f 100644 --- a/lemonldap-ng-portal/site/htdocs/static/common/js/portal.min.js.map +++ b/lemonldap-ng-portal/site/htdocs/static/common/js/portal.min.js.map @@ -1,5 +1,6 @@ <<<<<<< HEAD <<<<<<< HEAD +<<<<<<< HEAD {"version":3,"sources":["portal.js"],"names":["datas","delKey","getCookie","getValues","ping","removeOidcConsent","restoreOrder","setCookie","setKey","setOrder","setSelector","translate","translatePage","translationFields","indexOf","item","i","l","this","length","lang","$","getJSON","window","staticPrefix","data","k","ref","ref1","v","trOver","all","each","args","len","txt","attr","split","shift","replace","html","match","parent","hide","d","Date","text","toLocaleString","str","values","e","results","tmp","JSON","parse","push","error1","console","log","sortable","join","partner","j","s","alert","key","val","success","error","ajax","type","url","dataType","token","sub","IDs","child","itemID","items","len1","list","rebuild","savedOrd","children","remove","filter","append","result","setTimeout","location","reload","t","cname","c","ca","re","decodeURIComponent","document","cookie","RegExp","name","value","exdays","setTime","getTime","toUTCString","on","action","al","authMenuIndex","authMenuTabs","back_url","hiddenParams","langdiv","langs","langs2","len2","len3","link","m","menuIndex","menuTabs","method","n","nl","nlangs","queryLang","queryString","ref2","setCookieLang","urlParams","choicetab","axis","cursor","opacity","revert","update","fadeIn","getTimezoneOffset","tabs","active","index","focus","substring","btoa","search","URLSearchParams","get","call","availableLanguages","navigator","language","languages","removeClass","addClass"],"mappings":"CAMA,WACE,IAAIA,EAAOC,EAAQC,EAAWC,EAAiCC,EAAMC,EAAmBC,EAAcC,EAAWC,EAAQC,EAAUC,EAAaC,EAAWC,EAAeC,EACxKC,EAAU,GAAGA,SAAW,SAASC,GAAQ,IAAK,IAAIC,EAAI,EAAGC,EAAIC,KAAKC,OAAQH,EAAIC,EAAGD,IAAO,GAAIA,KAAKE,MAAQA,KAAKF,KAAOD,EAAM,OAAOC,EAAK,OAAQ,GAEjJH,EAAoB,GAEpBD,EAAgB,SAASQ,GACvB,OAAOC,EAAEC,QAAQC,OAAOC,aAAe,aAAeJ,EAAO,QAAS,SAASK,GAC7E,IAAIC,EAAGC,EAAKC,EAAMC,EAGlB,IAAKH,KAFLb,EAAoBY,EACpBE,EAAMJ,OAAOvB,MAAM8B,OAAOC,IAExBF,EAAIF,EAAID,GACRb,EAAkBa,GAAKG,EAEzB,GAAIN,OAAOvB,MAAM8B,OAAOV,GAEtB,IAAKM,KADLE,EAAOL,OAAOvB,MAAM8B,OAAOV,GAEzBS,EAAID,EAAKF,GACTb,EAAkBa,GAAKG,EAwB3B,OArBAR,EAAE,YAAYW,KAAK,WACjB,IAAIC,EAAMjB,EAAGkB,EAAKC,EAGlB,IAFAF,EAAOZ,EAAEH,MAAMkB,KAAK,UAAUC,MAAM,KACpCF,EAAMxB,EAAUsB,EAAKK,SAChBtB,EAAI,EAAGkB,EAAMD,EAAKd,OAAQH,EAAIkB,EAAKlB,IACtCa,EAAII,EAAKjB,GACTmB,EAAMA,EAAII,QAAQ,QAASV,GAE7B,OAAOR,EAAEH,MAAMsB,KAAKL,KAEtBd,EAAE,WAAWW,KAAK,WAIhB,GAFAX,EAAEH,MAAMsB,KAAK7B,EAAU,KAAQU,EAAEH,MAAMkB,KAAK,WACtCzB,EAAU,KAAQU,EAAEH,MAAMkB,KAAK,UAC7BK,MAAM,UACZ,OAAOpB,EAAEH,MAAMwB,SAASC,SAG5BtB,EAAE,mBAAmBW,KAAK,WACxB,OAAOX,EAAEH,MAAMkB,KAAK,cAAezB,EAAUU,EAAEH,MAAMkB,KAAK,qBAErDf,EAAE,eAAeW,KAAK,WAC3B,IAAIY,EAEJ,OADAA,EAAI,IAAIC,KAAiC,IAA5BxB,EAAEH,MAAMkB,KAAK,cACnBf,EAAEH,MAAM4B,KAAKF,EAAEG,uBAK5BpC,EAAY,SAASqC,GACnB,OAAInC,EAAkBmC,GACbnC,EAAkBmC,GAElBA,GAIXzB,OAAOZ,UAAYA,EAEnBR,EAAY,WACV,IAAI8C,EAkBJ,OAjBAA,EAAS,GACT5B,EAAE,mCAAmCW,KAAK,WACxC,IAAIkB,EAAGxB,EAAGyB,EAASC,EACnB,IAGE,IAAK1B,KAFL0B,EAAMC,KAAKC,MAAMjC,EAAEH,MAAM4B,QACzBK,EAAU,GACAC,EACRD,EAAQI,KAAKN,EAAOvB,GAAK0B,EAAI1B,IAE/B,OAAOyB,EACP,MAAOK,GAGP,OAFAN,EAAIM,EACJC,QAAQC,IAAI,gBAAiBR,GACtBO,QAAQC,IAAI,OAAQrC,EAAEH,MAAM4B,WAGvCW,QAAQC,IAAIT,GACLA,GAGTvC,EAAc,YAEdD,EAAW,WACT,OAAOD,EAAO,iBAAkBa,EAAEX,GAAaiD,SAAS,WAAWC,SAGrEvD,EAAoB,SAASwD,GAK3B,OAAO5D,EAAO,gBAAiB4D,EAAS,WACtC,OAAOxC,EAAE,aAAewC,EAAU,MAAMlB,QAJtC,SAASmB,EAAGC,EAAGb,GACjB,OAAOc,MAAMD,EAAI,IAAMb,MAO3B1C,EAAS,SAASyD,EAAKC,EAAKC,EAASC,GACnC,OAAO/C,EAAEgD,KAAK,CACZC,KAAM,MACNC,IAAKvE,EAAkB,WAAI,uBAC3BwE,SAAU,OACVJ,MAAOA,EACPD,QAAS,SAAS1C,GAChB,IAAImB,EAKJ,OAJAA,EAAI,CACF6B,MAAOhD,EAAKgD,QAEZR,GAAOC,EACF7C,EAAEgD,KAAK,CACZC,KAAM,MACNC,IAAKvE,EAAkB,WAAI,wBAC3BwE,SAAU,OACV/C,KAAMmB,EACNuB,QAASA,EACTC,MAAOA,QAMfnE,EAAS,SAASgE,EAAKS,EAAKP,EAASC,GACnC,OAAO/C,EAAEgD,KAAK,CACZC,KAAM,MACNC,IAAKvE,EAAkB,WAAI,uBAC3BwE,SAAU,OACVJ,MAAOA,EACPD,QAAS,SAAS1C,GAChB,OAAOJ,EAAEgD,KAAK,CACZC,KAAM,SACNC,IAAKvE,EAAkB,WAAI,yBAA2BiE,EAAM,QAAUS,EAAM,UAAYjD,EAAKgD,MAC7FD,SAAU,OACVL,QAASA,EACTC,MAAOA,QAMf9D,EAAe,WACb,IAAIqE,EAAKC,EAAO5D,EAAGD,EAAM8D,EAAQC,EAAO7D,EAAGiB,EAAK6C,EAAMC,EAAMC,EAASC,EAAUrD,EAE/E,GAAe,OADfmD,EAAO3D,EAAEX,MACeV,EAAqB,cAC3C,OAAO,KAKT,IAHA2E,EAAM3E,EAAqB,cAAEqC,MAAM,KAEnC4C,EAAU,GACLjE,EAAI,EAAGkB,GAFZ4C,EAAQE,EAAKrB,SAAS,YAEExC,OAAQH,EAAIkB,EAAKlB,IAEvCiE,EADApD,EAAIiD,EAAM9D,IACGa,EAEf,IAAKZ,EAAI,EAAG8D,EAAOJ,EAAIxD,OAAQF,EAAI8D,EAAM9D,IAEnCgE,EADJJ,EAASF,EAAI1D,MAEXF,EAAOkE,EAAQJ,GACfD,EAAQvD,EAAEX,EAAc,gBAAgByE,SAAS,IAAMpE,GACvDmE,EAAW7D,EAAEX,EAAc,gBAAgByE,SAAS,IAAMN,GAC1DD,EAAMQ,SACN/D,EAAEX,EAAc,gBAAgB2E,OAAO,UAAUC,OAAOJ,IAG5D,OAAO,GAOT9E,EAAO,WACL,OAAOiB,EAAEgD,KAAK,CACZC,KAAM,OACNC,IAAKvE,EAAkB,WACvByB,KAAM,CACJrB,KAAM,GAERoE,SAAU,OACVL,QAAS,SAAS1C,GAChB,OAAoB,MAAfA,EAAK8D,QAAmC,IAAhB9D,EAAK8D,OACzBC,WAAWpF,EAAMJ,EAAoB,cAErCyF,SAASC,QAAO,IAG3BtB,MAAO,SAASN,EAAG6B,EAAGzC,GACpB,OAAOuC,SAASC,QAAO,OAK7BnE,OAAOnB,KAAOA,EAEdF,EAAY,SAAS0F,GACnB,IAAIC,EAAGC,EAAI9E,EAAGkB,EAAW6D,EAIzB,IAHOH,EAAQ,IACfE,EAAKE,mBAAmBC,SAASC,QAAQ7D,MAAM,KAC/C0D,EAAK,IAAII,OAAO,MAAQP,EAAQ,KAC3B5E,EAAI,EAAGkB,EAAM4D,EAAG3E,OAAQH,EAAIkB,EAAKlB,IAEpC,IADA6E,EAAIC,EAAG9E,IACDyB,MAAMsD,GAEV,OADAF,EAAIA,EAAEtD,QAAQwD,EAAI,IAItB,MAAO,IAGTxF,EAAY,SAAS6F,EAAMC,EAAOC,GAChC,IAAI1D,EAGJ,OAFAA,EAAI,IAAIC,MACN0D,QAAQ3D,EAAE4D,UAAqB,MAATF,GACjBL,SAASC,OAASE,EAAO,IAAMC,EAAQ,aAAgBzD,EAAE6D,cAAiB,YAGnFzG,EAAQ,GAERqB,EAAEE,QAAQmF,GAAG,OAAQ,WACnB,IAAIC,EAAQC,EAAIC,EAAeC,EAAcC,EAAUC,EAAchG,EAAGC,EAAGG,EAAM6F,EAASC,EAAOC,EAAQjF,EAAK6C,EAAMqC,EAAMC,EAAMC,EAAMC,EAAGC,EAAWC,EAAUC,EAAQC,EAAGC,EAAIC,EAAQC,EAAWC,EAAahC,EAAIpE,EAAKC,EAAMoG,EAAMC,EAAeC,EAkGjP,GAjGAlI,EAAQG,IACJ,UAAWoB,QAAU,cAAeA,OAAOvB,QAC7CA,EAAMmI,UAAY5G,OAAOvB,MAAMmI,WAEjC5G,OAAOvB,MAAQA,EACfqB,EAAE,aAAasC,SAAS,CACtByE,KAAM,IACNC,OAAQ,OACRC,QAAS,GACTC,QAAQ,EACRzD,MAAO,iBACP0D,OAAQ,WACN,OAAO/H,OAGXH,IACAe,EAAE,eAAeoH,OAAO,QACxBpH,EAAE,wBAAwB6C,MAAM,IAAIrB,MAAO6F,oBAAsB,IACjEjB,EAAWpG,EAAE,SAASsH,KAAK,CACzBC,OAAQ,KAEVpB,EAAYnG,EAAE,kBAAoBrB,EAAkB,WAAI,MAAM0C,SAASmG,SACvD,IACdrB,EAAY,GAEdC,EAASkB,KAAK,SAAU,SAAUnB,GAClCV,EAAezF,EAAE,aAAasH,KAAK,CACjCC,OAAQ,KAEV/B,EAAgBxF,EAAE,sBAAwBrB,EAAkB,WAAI,MAAM0C,SAASmG,SAC3D,IAClBhC,EAAgB,GAElBC,EAAa6B,KAAK,SAAU,SAAU9B,GAClC7G,EAAiB,WACnB8G,EAAa6B,KAAK,SAAU,SAAUtH,EAAE,sBAAwBrB,EAAiB,UAAI,MAAM0C,SAASmG,SAElG7I,EAAa,MACfqB,EAAE,8BAA8ByH,QAEK,IAAjCzH,EAAE,oBAAoBF,QACxBE,EAAE,6BAA6ByH,QAG/B9I,EAAiB,WACnBqB,EAAE,eAAee,KAAK,SAAU,UAE9Bf,EAAE,iBAAiBF,SACrBwF,EAAStF,EAAE,SAASe,KAAK,UACzBsF,EAASrG,EAAE,SAASe,KAAK,UACzBqB,QAAQC,IAAI,UAAWgE,GACvBV,EAAe,GACX3F,EAAE,8BACJoC,QAAQC,IAAI,uBACZrC,EAAE,4BAA4BW,KAAK,SAAS6G,GAE1C,OADApF,QAAQC,IAAI,MAAOrC,EAAEH,MAAMkB,KAAK,QAASf,EAAEH,MAAMgD,OAC1C8C,GAAgB,IAAM3F,EAAEH,MAAMkB,KAAK,QAAU,IAAMf,EAAEH,MAAMgD,SAGtE6C,EAAW,GACPJ,IACFlD,QAAQC,IAAI,UAAWiD,IACM,IAAzBA,EAAO7F,QAAQ,KACjB6F,EAAOoC,UAAU,EAAGpC,EAAO7F,QAAQ,MAEnCiG,EAAWJ,EAAS,IAEtBI,GAAYC,EACZA,EAAe,IAEjBM,EAAOjG,EAAE,mBAAmBe,KAAK,QAAU,WAAasF,EAASV,EAC7DD,IACFO,GAAQ,QAAU0B,KAAKjC,IAEzB1F,EAAE,mBAAmBe,KAAK,OAAQkF,KAEpCS,EAAcxG,OAAOkE,SAASwD,UAE5BxF,QAAQC,IAAI,sBAAuBqE,GACnCG,EAAY,IAAIgB,gBAAgBnB,IAE9BG,KACFJ,EAAYI,EAAUiB,IAAI,kBAExB1F,QAAQC,IAAI,2BAGQ,KADtBuE,EAAgBC,EAAUiB,IAAI,mBAE5B1F,QAAQC,IAAI,oBAGXtC,IACHA,EAAOlB,EAAU,mBACJ4H,GACXrE,QAAQC,IAAI,wBAGXtC,EAuCMN,EAAQsI,KAAK7H,OAAO8H,mBAAoBjI,GAAQ,IACzDA,EAAOG,OAAO8H,mBAAmB,GAC5BvB,GACHrE,QAAQC,IAAI,gDAzCd,GAAI4F,UAAW,CAQb,IAPApC,EAAQ,GACRC,EAAS,GACTU,EAAS,CAACyB,UAAUC,UAChBD,UAAUE,YACZ3B,EAASyB,UAAUE,WAGhBxI,EAAI,EAAGkB,GADZP,EAAMJ,OAAO8H,oBACSlI,OAAQH,EAAIkB,EAAKlB,IACrC4F,EAAKjF,EAAIX,GACTiG,GAAW,8BAAmC1F,OAAOC,aAAe,UAAYoF,EAAK,gBAAoBA,EAAK,WAAeA,EAAK,OAEpI,IAAK3F,EAAI,EAAG8D,EAAO8C,EAAO1G,OAAQF,EAAI8D,EAAM9D,IAI1C,IAHA2G,EAAKC,EAAO5G,GACZwC,QAAQC,IAAI,iBAAkBkE,GAEzBL,EAAI,EAAGH,GADZxF,EAAOL,OAAO8H,oBACUlI,OAAQoG,EAAIH,EAAMG,IACxCX,EAAKhF,EAAK2F,GACV9D,QAAQC,IAAI,kBAAmBkD,GAC/Bb,EAAK,IAAII,OAAO,IAAMS,EAAK,MACvBgB,EAAGnF,MAAMsD,IACXtC,QAAQC,IAAI,oBAAqBkD,GACjCM,EAAM3D,KAAKqD,IACFA,EAAGmC,UAAU,EAAG,KAAOnB,EAAGmB,UAAU,EAAG,IAChD5B,EAAO5D,KAAKqD,IAIlBxF,EAAO8F,EAAM,GAAKA,EAAM,GAAKC,EAAO,GAAKA,EAAO,GAAK5F,OAAO8H,mBAAmB,MAClEvB,GACXrE,QAAQC,IAAI,gCAGdtC,EAAOG,OAAO8H,mBAAmB,MACpBvB,GACXrE,QAAQC,IAAI,wBA2BlB,IAlBIoE,GACEhH,EAAQsI,KAAK7H,OAAO8H,mBAAoBvB,GAAa,IACvDrE,QAAQC,IAAI,0CACZoE,EAAYvG,OAAO8H,mBAAmB,IAExC5F,QAAQC,IAAI,mBAAoBoE,GAC5BG,IACFxE,QAAQC,IAAI,qBAAsBoE,GAClCvH,EAAU,eAAgBuH,IAE5BlH,EAAckH,KAEdrE,QAAQC,IAAI,mBAAoBtC,GAChCb,EAAU,eAAgBa,GAC1BR,EAAcQ,IAEhB6F,EAAU,GAELU,EAAI,EAAGN,GADZW,EAAOzG,OAAO8H,oBACUlI,OAAQwG,EAAIN,EAAMM,IACxCf,EAAKoB,EAAKL,GACVV,GAAW,8BAAmC1F,OAAOC,aAAe,UAAYoF,EAAK,gBAAoBA,EAAK,WAAeA,EAAK,OAmBpI,OAjBAvF,EAAE,cAAcmB,KAAKyE,GACrB5F,EAAE,aAAaqF,GAAG,QAAS,WAGzB,OAFAtF,EAAOC,EAAEH,MAAMkB,KAAK,SACpB7B,EAAU,eAAgBa,GACnBR,EAAcQ,KAEnBpB,EAAoB,cAA6B,EAAxBA,EAAoB,cAC/CuB,OAAOiE,WAAWpF,EAAMJ,EAAoB,cAE9CqB,EAAE,eAAeW,KAAK,WACpB,IAAI+B,EAEJ,OADAA,EAAI,IAAIlB,KAA2B,IAAtBxB,EAAEH,MAAMkB,KAAK,QACnBf,EAAEH,MAAM4B,KAAKiB,EAAEhB,oBAExB1B,EAAE,gBAAgBqF,GAAG,QAAS,WAC5B,OAAOrG,EAAkBgB,EAAEH,MAAMkB,KAAK,cAEjCf,EAAE,qBAAqBqF,GAAG,QAAS,WACxC,MAAuC,aAAnCrF,EAAE,gBAAgBe,KAAK,SACzBqB,QAAQC,IAAI,kBACZrC,EAAE,gBAAgBe,KAAK,OAAQ,SAC/Bf,EAAE,oBAAoBe,KAAK,OAAQ,SACnCf,EAAE,0BAA0BoI,YAAY,UACjCpI,EAAE,0BAA0BqI,SAAS,kBAE5CjG,QAAQC,IAAI,kBACZrC,EAAE,gBAAgBe,KAAK,OAAQ,YAC/Bf,EAAE,oBAAoBe,KAAK,OAAQ,YACnCf,EAAE,0BAA0BoI,YAAY,gBACjCpI,EAAE,0BAA0BqI,SAAS,iBAKjDN,KAAKlI"} ======= {"version":3,"sources":["portal.js"],"names":["datas","delKey","getCookie","getQueryParam","getValues","ping","removeOidcConsent","restoreOrder","setCookie","setKey","setOrder","setSelector","translate","translatePage","translationFields","indexOf","item","i","l","this","length","lang","$","getJSON","window","staticPrefix","data","k","ref","ref1","v","trOver","all","each","args","len1","txt","attr","split","shift","replace","html","match","parent","hide","d","Date","text","toLocaleString","str","values","e","results","tmp","JSON","parse","push","error1","console","log","name","RegExp","exec","location","search","decodeURIComponent","sortable","join","partner","j","s","alert","key","val","success","error","ajax","type","url","dataType","token","sub","IDs","child","itemID","items","len2","list","m","rebuild","savedOrd","children","remove","filter","append","result","setTimeout","reload","t","cname","c","ca","re","document","cookie","value","exdays","setTime","getTime","toUTCString","on","action","al","authMenuIndex","authMenuTabs","back_url","checkpassword","checksamepass","hiddenParams","isAlphaNumeric","langdiv","langs","langs2","len3","len4","link","menuIndex","menuTabs","method","n","nl","nlangs","o","queryLang","ref2","setCookieLang","choicetab","axis","cursor","opacity","revert","update","fadeIn","getTimezoneOffset","tabs","active","index","focus","substring","btoa","call","availableLanguages","navigator","language","languages","chr","code","charCodeAt","password","digit","hasforbidden","len","lower","nonwhitespechar","numspechar","upper","ppolicy","minsize","addClass","removeClass","minupper","minlower","mindigit","allowedspechar","charAt","minspechar","setCustomValidity","keyup","target","change"],"mappings":"CAMA,WACE,IAAIA,EAAOC,EAAQC,EAAWC,EAAeC,EAAiCC,EAAMC,EAAmBC,EAAcC,EAAWC,EAAQC,EAAUC,EAAaC,EAAWC,EAAeC,EACvLC,EAAU,GAAGA,SAAW,SAASC,GAAQ,IAAK,IAAIC,EAAI,EAAGC,EAAIC,KAAKC,OAAQH,EAAIC,EAAGD,IAAO,GAAIA,KAAKE,MAAQA,KAAKF,KAAOD,EAAM,OAAOC,EAAK,OAAQ,GAEjJH,EAAoB,GAEpBD,EAAgB,SAASQ,GACvB,OAAOC,EAAEC,QAAQC,OAAOC,aAAe,aAAeJ,EAAO,QAAS,SAASK,GAC7E,IAAIC,EAAGC,EAAKC,EAAMC,EAGlB,IAAKH,KAFLb,EAAoBY,EACpBE,EAAMJ,OAAOxB,MAAM+B,OAAOC,IAExBF,EAAIF,EAAID,GACRb,EAAkBa,GAAKG,EAEzB,GAAIN,OAAOxB,MAAM+B,OAAOV,GAEtB,IAAKM,KADLE,EAAOL,OAAOxB,MAAM+B,OAAOV,GAEzBS,EAAID,EAAKF,GACTb,EAAkBa,GAAKG,EAwB3B,OArBAR,EAAE,YAAYW,KAAK,WACjB,IAAIC,EAAMhB,EAAGiB,EAAMC,EAGnB,IAFAF,EAAOZ,EAAEH,MAAMkB,KAAK,UAAUC,MAAM,KACpCF,EAAMxB,EAAUsB,EAAKK,SAChBrB,EAAI,EAAGiB,EAAOD,EAAKd,OAAQF,EAAIiB,EAAMjB,IACxCY,EAAII,EAAKhB,GACTkB,EAAMA,EAAII,QAAQ,QAASV,GAE7B,OAAOR,EAAEH,MAAMsB,KAAKL,KAEtBd,EAAE,WAAWW,KAAK,WAIhB,GAFAX,EAAEH,MAAMsB,KAAK7B,EAAU,KAAQU,EAAEH,MAAMkB,KAAK,WACtCzB,EAAU,KAAQU,EAAEH,MAAMkB,KAAK,UAC7BK,MAAM,UACZ,OAAOpB,EAAEH,MAAMwB,SAASC,SAG5BtB,EAAE,mBAAmBW,KAAK,WACxB,OAAOX,EAAEH,MAAMkB,KAAK,cAAezB,EAAUU,EAAEH,MAAMkB,KAAK,qBAErDf,EAAE,eAAeW,KAAK,WAC3B,IAAIY,EAEJ,OADAA,EAAI,IAAIC,KAAiC,IAA5BxB,EAAEH,MAAMkB,KAAK,cACnBf,EAAEH,MAAM4B,KAAKF,EAAEG,uBAK5BpC,EAAY,SAASqC,GACnB,OAAInC,EAAkBmC,GACbnC,EAAkBmC,GAElBA,GAIXzB,OAAOZ,UAAYA,EAEnBR,EAAY,WACV,IAAI8C,EAkBJ,OAjBAA,EAAS,GACT5B,EAAE,mCAAmCW,KAAK,WACxC,IAAIkB,EAAGxB,EAAGyB,EAASC,EACnB,IAGE,IAAK1B,KAFL0B,EAAMC,KAAKC,MAAMjC,EAAEH,MAAM4B,QACzBK,EAAU,GACAC,EACRD,EAAQI,KAAKN,EAAOvB,GAAK0B,EAAI1B,IAE/B,OAAOyB,EACP,MAAOK,GAGP,OAFAN,EAAIM,EACJC,QAAQC,IAAI,gBAAiBR,GACtBO,QAAQC,IAAI,OAAQrC,EAAEH,MAAM4B,WAGvCW,QAAQC,IAAIT,GACLA,GAGT/C,EAAgB,SAASyD,GACvB,IAAIlB,EAEJ,OADAA,EAAQmB,OAAO,OAASD,EAAO,YAAYE,KAAKtC,OAAOuC,SAASC,SAEvDC,mBAAmBvB,EAAM,GAAGF,QAAQ,MAAO,MAE3C,MAIX7B,EAAc,YAEdD,EAAW,WACT,OAAOD,EAAO,iBAAkBa,EAAEX,GAAauD,SAAS,WAAWC,SAGrE7D,EAAoB,SAAS8D,GAK3B,OAAOnE,EAAO,gBAAiBmE,EAAS,WACtC,OAAO9C,EAAE,aAAe8C,EAAU,MAAMxB,QAJtC,SAASyB,EAAGC,EAAGnB,GACjB,OAAOoB,MAAMD,EAAI,IAAMnB,MAO3B1C,EAAS,SAAS+D,EAAKC,EAAKC,EAASC,GACnC,OAAOrD,EAAEsD,KAAK,CACZC,KAAM,MACNC,IAAK9E,EAAkB,WAAI,uBAC3B+E,SAAU,OACVJ,MAAOA,EACPD,QAAS,SAAShD,GAChB,IAAImB,EAKJ,OAJAA,EAAI,CACFmC,MAAOtD,EAAKsD,QAEZR,GAAOC,EACFnD,EAAEsD,KAAK,CACZC,KAAM,MACNC,IAAK9E,EAAkB,WAAI,wBAC3B+E,SAAU,OACVrD,KAAMmB,EACN6B,QAASA,EACTC,MAAOA,QAMf1E,EAAS,SAASuE,EAAKS,EAAKP,EAASC,GACnC,OAAOrD,EAAEsD,KAAK,CACZC,KAAM,MACNC,IAAK9E,EAAkB,WAAI,uBAC3B+E,SAAU,OACVJ,MAAOA,EACPD,QAAS,SAAShD,GAChB,OAAOJ,EAAEsD,KAAK,CACZC,KAAM,SACNC,IAAK9E,EAAkB,WAAI,yBAA2BwE,EAAM,QAAUS,EAAM,UAAYvD,EAAKsD,MAC7FD,SAAU,OACVL,QAASA,EACTC,MAAOA,QAMfpE,EAAe,WACb,IAAI2E,EAAKC,EAAOnE,EAAMoE,EAAQC,EAAOnE,EAAGiB,EAAMmD,EAAMC,EAAMC,EAAGC,EAASC,EAAU5D,EAEhF,GAAe,OADfyD,EAAOjE,EAAEX,MACeX,EAAqB,cAC3C,OAAO,KAKT,IAHAkF,EAAMlF,EAAqB,cAAEsC,MAAM,KAEnCmD,EAAU,GACLvE,EAAI,EAAGiB,GAFZkD,EAAQE,EAAKrB,SAAS,YAEG9C,OAAQF,EAAIiB,EAAMjB,IAEzCuE,EADA3D,EAAIuD,EAAMnE,IACGY,EAEf,IAAK0D,EAAI,EAAGF,EAAOJ,EAAI9D,OAAQoE,EAAIF,EAAME,IAEnCC,EADJL,EAASF,EAAIM,MAEXxE,EAAOyE,EAAQL,GACfD,EAAQ7D,EAAEX,EAAc,gBAAgBgF,SAAS,IAAM3E,GACvD0E,EAAWpE,EAAEX,EAAc,gBAAgBgF,SAAS,IAAMP,GAC1DD,EAAMS,SACNtE,EAAEX,EAAc,gBAAgBkF,OAAO,UAAUC,OAAOJ,IAG5D,OAAO,GAOTrF,EAAO,WACL,OAAOiB,EAAEsD,KAAK,CACZC,KAAM,OACNC,IAAK9E,EAAkB,WACvB0B,KAAM,CACJrB,KAAM,GAER0E,SAAU,OACVL,QAAS,SAAShD,GAChB,OAAoB,MAAfA,EAAKqE,QAAmC,IAAhBrE,EAAKqE,OACzBC,WAAW3F,EAAML,EAAoB,cAErC+D,SAASkC,QAAO,IAG3BtB,MAAO,SAASN,EAAG6B,EAAG/C,GACpB,OAAOY,SAASkC,QAAO,OAK7BzE,OAAOnB,KAAOA,EAEdH,EAAY,SAASiG,GACnB,IAAIC,EAAGC,EAAInF,EAAGiB,EAAYmE,EAI1B,IAHOH,EAAQ,IACfE,EAAKpC,mBAAmBsC,SAASC,QAAQlE,MAAM,KAC/CgE,EAAK,IAAIzC,OAAO,MAAQsC,EAAQ,KAC3BjF,EAAI,EAAGiB,EAAOkE,EAAGjF,OAAQF,EAAIiB,EAAMjB,IAEtC,IADAkF,EAAIC,EAAGnF,IACDwB,MAAM4D,GAEV,OADAF,EAAIA,EAAE5D,QAAQ8D,EAAI,IAItB,MAAO,IAGT9F,EAAY,SAASoD,EAAM6C,EAAOC,GAChC,IAAI7D,EAGJ,OAFAA,EAAI,IAAIC,MACN6D,QAAQ9D,EAAE+D,UAAqB,MAATF,GACjBH,SAASC,OAAS5C,EAAO,IAAM6C,EAAQ,aAAgB5D,EAAEgE,cAAiB,YAGnF7G,EAAQ,GAERsB,EAAEE,QAAQsF,GAAG,OAAQ,WACnB,IAAIC,EAAQC,EAAIC,EAAeC,EAAcC,EAAUC,EAAeC,EAAeC,EAAcC,EAAgBrG,EAAGG,EAAMmG,EAASC,EAAOC,EAAQvF,EAAMmD,EAAMqC,EAAMC,EAAMC,EAAMrC,EAAGsC,EAAWC,EAAUC,EAAQC,EAAGC,EAAIC,EAAQC,EAAGC,EAAW/B,EAAI1E,EAAKC,EAAMyG,EAAMC,EA6FpQ,GA5FAvI,EAAQI,IACJ,UAAWoB,QAAU,cAAeA,OAAOxB,QAC7CA,EAAMwI,UAAYhH,OAAOxB,MAAMwI,WAEjChH,OAAOxB,MAAQA,EACfsB,EAAE,aAAa4C,SAAS,CACtBuE,KAAM,IACNC,OAAQ,OACRC,QAAS,GACTC,QAAQ,EACRvD,MAAO,iBACPwD,OAAQ,WACN,OAAOnI,OAGXH,IACAe,EAAE,eAAewH,OAAO,QACxBxH,EAAE,wBAAwBmD,MAAM,IAAI3B,MAAOiG,oBAAsB,IACjEhB,EAAWzG,EAAE,SAAS0H,KAAK,CACzBC,OAAQ,KAEVnB,EAAYxG,EAAE,kBAAoBtB,EAAkB,WAAI,MAAM2C,SAASuG,SACvD,IACdpB,EAAY,GAEdC,EAASiB,KAAK,SAAU,SAAUlB,GAClCZ,EAAe5F,EAAE,aAAa0H,KAAK,CACjCC,OAAQ,KAEVhC,EAAgB3F,EAAE,sBAAwBtB,EAAkB,WAAI,MAAM2C,SAASuG,SAC3D,IAClBjC,EAAgB,GAElBC,EAAa8B,KAAK,SAAU,SAAU/B,GAClCjH,EAAiB,WACnBkH,EAAa8B,KAAK,SAAU,SAAU1H,EAAE,sBAAwBtB,EAAiB,UAAI,MAAM2C,SAASuG,SAElGlJ,EAAa,MACfsB,EAAE,8BAA8B6H,QAEK,IAAjC7H,EAAE,oBAAoBF,QACxBE,EAAE,6BAA6B6H,QAG/BnJ,EAAiB,WACnBsB,EAAE,eAAee,KAAK,SAAU,UAE9Bf,EAAE,iBAAiBF,SACrB2F,EAASzF,EAAE,SAASe,KAAK,UACzB2F,EAAS1G,EAAE,SAASe,KAAK,UACzBqB,QAAQC,IAAI,UAAWqE,GACvBV,EAAe,GACXhG,EAAE,8BACJoC,QAAQC,IAAI,uBACZrC,EAAE,4BAA4BW,KAAK,SAASiH,GAE1C,OADAxF,QAAQC,IAAI,MAAOrC,EAAEH,MAAMkB,KAAK,QAASf,EAAEH,MAAMsD,OAC1C6C,GAAgB,IAAMhG,EAAEH,MAAMkB,KAAK,QAAU,IAAMf,EAAEH,MAAMsD,SAGtE0C,EAAW,GACPJ,IACFrD,QAAQC,IAAI,UAAWoD,IACM,IAAzBA,EAAOhG,QAAQ,KACjBgG,EAAOqC,UAAU,EAAGrC,EAAOhG,QAAQ,MAEnCoG,EAAWJ,EAAS,IAEtBI,GAAYG,EACZA,EAAe,IAEjBO,EAAOvG,EAAE,mBAAmBe,KAAK,QAAU,WAAa2F,EAASV,EAC7DH,IACFU,GAAQ,QAAUwB,KAAKlC,IAEzB7F,EAAE,mBAAmBe,KAAK,OAAQwF,IAEhCrG,OAAOuC,SAASC,UAClBqE,EAAYlI,EAAc,kBAExBuD,QAAQC,IAAI,2BAGQ,KADtB4E,EAAgBpI,EAAc,mBAE5BuD,QAAQC,IAAI,oBAGXtC,IACHA,EAAOnB,EAAU,mBACJmI,GACX3E,QAAQC,IAAI,wBAGXtC,EAuCMN,EAAQuI,KAAK9H,OAAO+H,mBAAoBlI,GAAQ,IACzDA,EAAOG,OAAO+H,mBAAmB,GAC5BlB,GACH3E,QAAQC,IAAI,gDAzCd,GAAI6F,UAAW,CAQb,IAPA/B,EAAQ,GACRC,EAAS,GACTS,EAAS,CAACqB,UAAUC,UAChBD,UAAUE,YACZvB,EAASqB,UAAUE,WAGhBxI,EAAI,EAAGiB,GADZP,EAAMJ,OAAO+H,oBACUnI,OAAQF,EAAIiB,EAAMjB,IACvC8F,EAAKpF,EAAIV,GACTsG,GAAW,8BAAmChG,OAAOC,aAAe,UAAYuF,EAAK,gBAAoBA,EAAK,WAAeA,EAAK,OAEpI,IAAKxB,EAAI,EAAGF,EAAO6C,EAAO/G,OAAQoE,EAAIF,EAAME,IAI1C,IAHA0C,EAAKC,EAAO3C,GACZ9B,QAAQC,IAAI,iBAAkBuE,GAEzBD,EAAI,EAAGN,GADZ9F,EAAOL,OAAO+H,oBACUnI,OAAQ6G,EAAIN,EAAMM,IACxCjB,EAAKnF,EAAKoG,GACVvE,QAAQC,IAAI,kBAAmBqD,GAC/BV,EAAK,IAAIzC,OAAO,IAAMmD,EAAK,MACvBkB,EAAGxF,MAAM4D,IACX5C,QAAQC,IAAI,oBAAqBqD,GACjCS,EAAMjE,KAAKwD,IACFA,EAAGoC,UAAU,EAAG,KAAOlB,EAAGkB,UAAU,EAAG,IAChD1B,EAAOlE,KAAKwD,IAIlB3F,EAAOoG,EAAM,GAAKA,EAAM,GAAKC,EAAO,GAAKA,EAAO,GAAKlG,OAAO+H,mBAAmB,MAClElB,GACX3E,QAAQC,IAAI,gCAGdtC,EAAOG,OAAO+H,mBAAmB,MACpBlB,GACX3E,QAAQC,IAAI,wBA2BlB,IAlBI0E,GACEtH,EAAQuI,KAAK9H,OAAO+H,mBAAoBlB,GAAa,IACvD3E,QAAQC,IAAI,0CACZ0E,EAAY7G,OAAO+H,mBAAmB,IAExC7F,QAAQC,IAAI,mBAAoB0E,GAC5BE,IACF7E,QAAQC,IAAI,qBAAsB0E,GAClC7H,EAAU,eAAgB6H,IAE5BxH,EAAcwH,KAEd3E,QAAQC,IAAI,mBAAoBtC,GAChCb,EAAU,eAAgBa,GAC1BR,EAAcQ,IAEhBmG,EAAU,GAELY,EAAI,EAAGR,GADZU,EAAO9G,OAAO+H,oBACUnI,OAAQgH,EAAIR,EAAMQ,IACxCpB,EAAKsB,EAAKF,GACVZ,GAAW,8BAAmChG,OAAOC,aAAe,UAAYuF,EAAK,gBAAoBA,EAAK,WAAeA,EAAK,OA2IpI,OAzIA1F,EAAE,cAAcmB,KAAK+E,GACrBlG,EAAE,aAAawF,GAAG,QAAS,WAGzB,OAFAzF,EAAOC,EAAEH,MAAMkB,KAAK,SACpB7B,EAAU,eAAgBa,GACnBR,EAAcQ,KAEvBkG,EAAiB,SAASoC,GACxB,IAAIC,EAEJ,OAAW,IADXA,EAAOD,EAAIE,WAAW,KACLD,EAAO,IAAa,GAAPA,GAAaA,EAAO,IAAa,GAAPA,GAAaA,EAAO,KAK9ExC,EAAgB,SAAS0C,GACvB,IAAIC,EAAOC,EAAc/I,EAAGgJ,EAAKC,EAAOC,EAAiBC,EAAYrE,EAAQsE,EA6C7E,GA5CAtE,GAAS,EAC0B,EAA/BvE,OAAOxB,MAAMsK,QAAQC,UACnBT,EAAS1I,QAAUI,OAAOxB,MAAMsK,QAAQC,SAC1CjJ,EAAE,6BAA6BkJ,SAAS,yBACxClJ,EAAE,6BAA6BmJ,YAAY,0BAE3CnJ,EAAE,6BAA6BmJ,YAAY,yBAC3CnJ,EAAE,6BAA6BkJ,SAAS,wBACxCzE,GAAS,IAGuB,EAAhCvE,OAAOxB,MAAMsK,QAAQI,YACvBL,EAAQP,EAASpH,MAAM,YACV2H,EAAMjJ,QAAUI,OAAOxB,MAAMsK,QAAQI,UAChDpJ,EAAE,8BAA8BkJ,SAAS,yBACzClJ,EAAE,8BAA8BmJ,YAAY,0BAE5CnJ,EAAE,8BAA8BmJ,YAAY,yBAC5CnJ,EAAE,8BAA8BkJ,SAAS,wBACzCzE,GAAS,IAGuB,EAAhCvE,OAAOxB,MAAMsK,QAAQK,YACvBT,EAAQJ,EAASpH,MAAM,YACVwH,EAAM9I,QAAUI,OAAOxB,MAAMsK,QAAQK,UAChDrJ,EAAE,8BAA8BkJ,SAAS,yBACzClJ,EAAE,8BAA8BmJ,YAAY,0BAE5CnJ,EAAE,8BAA8BmJ,YAAY,yBAC5CnJ,EAAE,8BAA8BkJ,SAAS,wBACzCzE,GAAS,IAGuB,EAAhCvE,OAAOxB,MAAMsK,QAAQM,YACvBb,EAAQD,EAASpH,MAAM,YACVqH,EAAM3I,QAAUI,OAAOxB,MAAMsK,QAAQM,UAChDtJ,EAAE,8BAA8BkJ,SAAS,yBACzClJ,EAAE,8BAA8BmJ,YAAY,0BAE5CnJ,EAAE,8BAA8BmJ,YAAY,yBAC5CnJ,EAAE,8BAA8BkJ,SAAS,wBACzCzE,GAAS,IAGTvE,OAAOxB,MAAMsK,QAAQO,eAAgB,CAKvC,IAJAV,EAAkB3I,OAAOxB,MAAMsK,QAAQO,eAAerI,QAAQ,MAAO,IACrEwH,GAAe,EACf/I,EAAI,EACJgJ,EAAMH,EAAS1I,OACRH,EAAIgJ,GACJ1C,EAAeuC,EAASgB,OAAO7J,KAC9BkJ,EAAgBpJ,QAAQ+I,EAASgB,OAAO7J,IAAM,IAChD+I,GAAe,GAGnB/I,KAEmB,IAAjB+I,GACF1I,EAAE,oCAAoCkJ,SAAS,yBAC/ClJ,EAAE,oCAAoCmJ,YAAY,0BAElDnJ,EAAE,oCAAoCmJ,YAAY,yBAClDnJ,EAAE,oCAAoCkJ,SAAS,wBAC/CzE,GAAS,GAGb,GAAsC,EAAlCvE,OAAOxB,MAAMsK,QAAQS,YAAkBvJ,OAAOxB,MAAMsK,QAAQO,eAAgB,CAI9E,IAHAT,EAAa,EACbD,EAAkB3I,OAAOxB,MAAMsK,QAAQO,eAAerI,QAAQ,MAAO,IACrEvB,EAAI,EACGA,EAAI6I,EAAS1I,QACiC,GAA/C+I,EAAgBpJ,QAAQ+I,EAASgB,OAAO7J,KAC1CmJ,IAEFnJ,IAEEmJ,GAAc5I,OAAOxB,MAAMsK,QAAQS,YACrCzJ,EAAE,gCAAgCkJ,SAAS,yBAC3ClJ,EAAE,gCAAgCmJ,YAAY,0BAE9CnJ,EAAE,gCAAgCmJ,YAAY,yBAC9CnJ,EAAE,gCAAgCkJ,SAAS,wBAC3CzE,GAAS,GAGTA,GACFzE,EAAE,YAAYmJ,YAAY,iBAAiBD,SAAS,kBACpDlJ,EAAE,gBAAgB,GAAG0J,kBAAkB,MAEvC1J,EAAE,YAAYmJ,YAAY,kBAAkBD,SAAS,iBACrDlJ,EAAE,gBAAgB,GAAG0J,kBAAkBpK,EAAU,WAGzB,MAAxBY,OAAOxB,MAAMsK,UACflD,EAAc,IACd9F,EAAE,gBAAgB2J,MAAM,SAAS9H,GAC/BiE,EAAcjE,EAAE+H,OAAOzE,UAG3BY,EAAgB,WACd,OAAI/F,EAAE,oBAAoB,GAAGmF,QAAUnF,EAAE,gBAAgB,GAAGmF,OAC1DnF,EAAE,oBAAoB,GAAG0J,kBAAkB,KACpC,IAEP1J,EAAE,oBAAoB,GAAG0J,kBAAkBpK,EAAU,UAC9C,IAGXU,EAAE,gBAAgB6J,OAAO9D,GACzB/F,EAAE,oBAAoB6J,OAAO9D,GACzBrH,EAAoB,cAA6B,EAAxBA,EAAoB,cAC/CwB,OAAOwE,WAAW3F,EAAML,EAAoB,cAE9CsB,EAAE,eAAeW,KAAK,WACpB,IAAIqC,EAEJ,OADAA,EAAI,IAAIxB,KAA2B,IAAtBxB,EAAEH,MAAMkB,KAAK,QACnBf,EAAEH,MAAM4B,KAAKuB,EAAEtB,oBAExB1B,EAAE,gBAAgBwF,GAAG,QAAS,WAC5B,OAAOxG,EAAkBgB,EAAEH,MAAMkB,KAAK,cAEjCf,EAAE,qBAAqBwF,GAAG,QAAS,WACxC,MAAuC,aAAnCxF,EAAE,gBAAgBe,KAAK,SACzBqB,QAAQC,IAAI,kBACZrC,EAAE,gBAAgBe,KAAK,OAAQ,SAC/Bf,EAAE,oBAAoBe,KAAK,OAAQ,SACnCf,EAAE,0BAA0BmJ,YAAY,UACjCnJ,EAAE,0BAA0BkJ,SAAS,kBAE5C9G,QAAQC,IAAI,kBACZrC,EAAE,gBAAgBe,KAAK,OAAQ,YAC/Bf,EAAE,oBAAoBe,KAAK,OAAQ,YACnCf,EAAE,0BAA0BmJ,YAAY,gBACjCnJ,EAAE,0BAA0BkJ,SAAS,iBAKjDlB,KAAKnI"} @@ -7,3 +8,6 @@ ======= {"version":3,"sources":["portal.js"],"names":["datas","delKey","getCookie","getQueryParam","getValues","ping","removeOidcConsent","restoreOrder","setCookie","setKey","setOrder","setSelector","translate","translatePage","translationFields","indexOf","item","i","l","this","length","lang","$","getJSON","window","staticPrefix","data","k","ref","ref1","v","trOver","all","each","args","len1","txt","attr","split","shift","replace","html","match","parent","hide","d","Date","text","toLocaleString","str","values","e","results","tmp","JSON","parse","push","error1","console","log","name","RegExp","exec","location","search","decodeURIComponent","sortable","join","partner","j","s","alert","key","val","success","error","ajax","type","url","dataType","token","sub","IDs","child","itemID","items","len2","list","m","rebuild","savedOrd","children","remove","filter","append","result","setTimeout","reload","t","cname","c","ca","re","document","cookie","value","exdays","setTime","getTime","toUTCString","on","action","al","authMenuIndex","authMenuTabs","back_url","checkpassword","checksamepass","hiddenParams","isAlphaNumeric","langdiv","langs","langs2","len3","len4","link","menuIndex","menuTabs","method","n","nl","nlangs","o","queryLang","ref2","setCookieLang","choicetab","axis","cursor","opacity","revert","update","fadeIn","getTimezoneOffset","tabs","active","index","focus","substring","btoa","call","availableLanguages","navigator","language","languages","chr","code","charCodeAt","password","digit","hasforbidden","len","lower","nonwhitespechar","numspechar","upper","ppolicy","minsize","addClass","removeClass","minupper","minlower","mindigit","allowedspechar","charAt","minspechar","setCustomValidity","keyup","target","change"],"mappings":"CAMA,WACE,IAAIA,EAAOC,EAAQC,EAAWC,EAAeC,EAAiCC,EAAMC,EAAmBC,EAAcC,EAAWC,EAAQC,EAAUC,EAAaC,EAAWC,EAAeC,EACvLC,EAAU,GAAGA,SAAW,SAASC,GAAQ,IAAK,IAAIC,EAAI,EAAGC,EAAIC,KAAKC,OAAQH,EAAIC,EAAGD,IAAO,GAAIA,KAAKE,MAAQA,KAAKF,KAAOD,EAAM,OAAOC,EAAK,OAAQ,GAEjJH,EAAoB,GAEpBD,EAAgB,SAASQ,GACvB,OAAOC,EAAEC,QAAQC,OAAOC,aAAe,aAAeJ,EAAO,QAAS,SAASK,GAC7E,IAAIC,EAAGC,EAAKC,EAAMC,EAGlB,IAAKH,KAFLb,EAAoBY,EACpBE,EAAMJ,OAAOxB,MAAM+B,OAAOC,IAExBF,EAAIF,EAAID,GACRb,EAAkBa,GAAKG,EAEzB,GAAIN,OAAOxB,MAAM+B,OAAOV,GAEtB,IAAKM,KADLE,EAAOL,OAAOxB,MAAM+B,OAAOV,GAEzBS,EAAID,EAAKF,GACTb,EAAkBa,GAAKG,EAwB3B,OArBAR,EAAE,YAAYW,KAAK,WACjB,IAAIC,EAAMhB,EAAGiB,EAAMC,EAGnB,IAFAF,EAAOZ,EAAEH,MAAMkB,KAAK,UAAUC,MAAM,KACpCF,EAAMxB,EAAUsB,EAAKK,SAChBrB,EAAI,EAAGiB,EAAOD,EAAKd,OAAQF,EAAIiB,EAAMjB,IACxCY,EAAII,EAAKhB,GACTkB,EAAMA,EAAII,QAAQ,QAASV,GAE7B,OAAOR,EAAEH,MAAMsB,KAAKL,KAEtBd,EAAE,WAAWW,KAAK,WAIhB,GAFAX,EAAEH,MAAMsB,KAAK7B,EAAU,KAAQU,EAAEH,MAAMkB,KAAK,WACtCzB,EAAU,KAAQU,EAAEH,MAAMkB,KAAK,UAC7BK,MAAM,UACZ,OAAOpB,EAAEH,MAAMwB,SAASC,SAG5BtB,EAAE,mBAAmBW,KAAK,WACxB,OAAOX,EAAEH,MAAMkB,KAAK,cAAezB,EAAUU,EAAEH,MAAMkB,KAAK,qBAErDf,EAAE,eAAeW,KAAK,WAC3B,IAAIY,EAEJ,OADAA,EAAI,IAAIC,KAAiC,IAA5BxB,EAAEH,MAAMkB,KAAK,cACnBf,EAAEH,MAAM4B,KAAKF,EAAEG,uBAK5BpC,EAAY,SAASqC,GACnB,OAAInC,EAAkBmC,GACbnC,EAAkBmC,GAElBA,GAIXzB,OAAOZ,UAAYA,EAEnBR,EAAY,WACV,IAAI8C,EAkBJ,OAjBAA,EAAS,GACT5B,EAAE,mCAAmCW,KAAK,WACxC,IAAIkB,EAAGxB,EAAGyB,EAASC,EACnB,IAGE,IAAK1B,KAFL0B,EAAMC,KAAKC,MAAMjC,EAAEH,MAAM4B,QACzBK,EAAU,GACAC,EACRD,EAAQI,KAAKN,EAAOvB,GAAK0B,EAAI1B,IAE/B,OAAOyB,EACP,MAAOK,GAGP,OAFAN,EAAIM,EACJC,QAAQC,IAAI,gBAAiBR,GACtBO,QAAQC,IAAI,OAAQrC,EAAEH,MAAM4B,WAGvCW,QAAQC,IAAIT,GACLA,GAGT/C,EAAgB,SAASyD,GACvB,IAAIlB,EAEJ,OADAA,EAAQmB,OAAO,OAASD,EAAO,YAAYE,KAAKtC,OAAOuC,SAASC,SAEvDC,mBAAmBvB,EAAM,GAAGF,QAAQ,MAAO,MAE3C,MAIX7B,EAAc,YAEdD,EAAW,WACT,OAAOD,EAAO,iBAAkBa,EAAEX,GAAauD,SAAS,WAAWC,SAGrE7D,EAAoB,SAAS8D,GAK3B,OAAOnE,EAAO,gBAAiBmE,EAAS,WACtC,OAAO9C,EAAE,aAAe8C,EAAU,MAAMxB,QAJtC,SAASyB,EAAGC,EAAGnB,GACjB,OAAOoB,MAAMD,EAAI,IAAMnB,MAO3B1C,EAAS,SAAS+D,EAAKC,EAAKC,EAASC,GACnC,OAAOrD,EAAEsD,KAAK,CACZC,KAAM,MACNC,IAAK9E,EAAkB,WAAI,uBAC3B+E,SAAU,OACVJ,MAAOA,EACPD,QAAS,SAAShD,GAChB,IAAImB,EAKJ,OAJAA,EAAI,CACFmC,MAAOtD,EAAKsD,QAEZR,GAAOC,EACFnD,EAAEsD,KAAK,CACZC,KAAM,MACNC,IAAK9E,EAAkB,WAAI,wBAC3B+E,SAAU,OACVrD,KAAMmB,EACN6B,QAASA,EACTC,MAAOA,QAMf1E,EAAS,SAASuE,EAAKS,EAAKP,EAASC,GACnC,OAAOrD,EAAEsD,KAAK,CACZC,KAAM,MACNC,IAAK9E,EAAkB,WAAI,uBAC3B+E,SAAU,OACVJ,MAAOA,EACPD,QAAS,SAAShD,GAChB,OAAOJ,EAAEsD,KAAK,CACZC,KAAM,SACNC,IAAK9E,EAAkB,WAAI,yBAA2BwE,EAAM,QAAUS,EAAM,UAAYvD,EAAKsD,MAC7FD,SAAU,OACVL,QAASA,EACTC,MAAOA,QAMfpE,EAAe,WACb,IAAI2E,EAAKC,EAAOnE,EAAMoE,EAAQC,EAAOnE,EAAGiB,EAAMmD,EAAMC,EAAMC,EAAGC,EAASC,EAAU5D,EAEhF,GAAe,OADfyD,EAAOjE,EAAEX,MACeX,EAAqB,cAC3C,OAAO,KAKT,IAHAkF,EAAMlF,EAAqB,cAAEsC,MAAM,KAEnCmD,EAAU,GACLvE,EAAI,EAAGiB,GAFZkD,EAAQE,EAAKrB,SAAS,YAEG9C,OAAQF,EAAIiB,EAAMjB,IAEzCuE,EADA3D,EAAIuD,EAAMnE,IACGY,EAEf,IAAK0D,EAAI,EAAGF,EAAOJ,EAAI9D,OAAQoE,EAAIF,EAAME,IAEnCC,EADJL,EAASF,EAAIM,MAEXxE,EAAOyE,EAAQL,GACfD,EAAQ7D,EAAEX,EAAc,gBAAgBgF,SAAS,IAAM3E,GACvD0E,EAAWpE,EAAEX,EAAc,gBAAgBgF,SAAS,IAAMP,GAC1DD,EAAMS,SACNtE,EAAEX,EAAc,gBAAgBkF,OAAO,UAAUC,OAAOJ,IAG5D,OAAO,GAOTrF,EAAO,WACL,OAAOiB,EAAEsD,KAAK,CACZC,KAAM,OACNC,IAAK9E,EAAkB,WACvB0B,KAAM,CACJrB,KAAM,GAER0E,SAAU,OACVL,QAAS,SAAShD,GAChB,OAAoB,MAAfA,EAAKqE,QAAmC,IAAhBrE,EAAKqE,OACzBC,WAAW3F,EAAML,EAAoB,cAErC+D,SAASkC,QAAO,IAG3BtB,MAAO,SAASN,EAAG6B,EAAG/C,GACpB,OAAOY,SAASkC,QAAO,OAK7BzE,OAAOnB,KAAOA,EAEdH,EAAY,SAASiG,GACnB,IAAIC,EAAGC,EAAInF,EAAGiB,EAAYmE,EAI1B,IAHOH,EAAQ,IACfE,EAAKpC,mBAAmBsC,SAASC,QAAQlE,MAAM,KAC/CgE,EAAK,IAAIzC,OAAO,MAAQsC,EAAQ,KAC3BjF,EAAI,EAAGiB,EAAOkE,EAAGjF,OAAQF,EAAIiB,EAAMjB,IAEtC,IADAkF,EAAIC,EAAGnF,IACDwB,MAAM4D,GAEV,OADAF,EAAIA,EAAE5D,QAAQ8D,EAAI,IAItB,MAAO,IAGT9F,EAAY,SAASoD,EAAM6C,EAAOC,GAChC,IAAI7D,EAGJ,OAFAA,EAAI,IAAIC,MACN6D,QAAQ9D,EAAE+D,UAAqB,MAATF,GACjBH,SAASC,OAAS5C,EAAO,IAAM6C,EAAQ,aAAgB5D,EAAEgE,cAAiB,YAGnF7G,EAAQ,GAERsB,EAAEE,QAAQsF,GAAG,OAAQ,WACnB,IAAIC,EAAQC,EAAIC,EAAeC,EAAcC,EAAUC,EAAeC,EAAeC,EAAcC,EAAgBrG,EAAGG,EAAMmG,EAASC,EAAOC,EAAQvF,EAAMmD,EAAMqC,EAAMC,EAAMC,EAAMrC,EAAGsC,EAAWC,EAAUC,EAAQC,EAAGC,EAAIC,EAAQC,EAAGC,EAAW/B,EAAI1E,EAAKC,EAAMyG,EAAMC,EA6FpQ,GA5FAvI,EAAQI,IACJ,UAAWoB,QAAU,cAAeA,OAAOxB,QAC7CA,EAAMwI,UAAYhH,OAAOxB,MAAMwI,WAEjChH,OAAOxB,MAAQA,EACfsB,EAAE,aAAa4C,SAAS,CACtBuE,KAAM,IACNC,OAAQ,OACRC,QAAS,GACTC,QAAQ,EACRvD,MAAO,iBACPwD,OAAQ,WACN,OAAOnI,OAGXH,IACAe,EAAE,eAAewH,OAAO,QACxBxH,EAAE,wBAAwBmD,MAAM,IAAI3B,MAAOiG,oBAAsB,IACjEhB,EAAWzG,EAAE,SAAS0H,KAAK,CACzBC,OAAQ,KAEVnB,EAAYxG,EAAE,kBAAoBtB,EAAkB,WAAI,MAAM2C,SAASuG,SACvD,IACdpB,EAAY,GAEdC,EAASiB,KAAK,SAAU,SAAUlB,GAClCZ,EAAe5F,EAAE,aAAa0H,KAAK,CACjCC,OAAQ,KAEVhC,EAAgB3F,EAAE,sBAAwBtB,EAAkB,WAAI,MAAM2C,SAASuG,SAC3D,IAClBjC,EAAgB,GAElBC,EAAa8B,KAAK,SAAU,SAAU/B,GAClCjH,EAAiB,WACnBkH,EAAa8B,KAAK,SAAU,SAAU1H,EAAE,sBAAwBtB,EAAiB,UAAI,MAAM2C,SAASuG,SAElGlJ,EAAa,MACfsB,EAAE,8BAA8B6H,QAEK,IAAjC7H,EAAE,oBAAoBF,QACxBE,EAAE,6BAA6B6H,QAG/BnJ,EAAiB,WACnBsB,EAAE,eAAee,KAAK,SAAU,UAE9Bf,EAAE,iBAAiBF,SACrB2F,EAASzF,EAAE,SAASe,KAAK,UACzB2F,EAAS1G,EAAE,SAASe,KAAK,UACzBqB,QAAQC,IAAI,UAAWqE,GACvBV,EAAe,GACXhG,EAAE,8BACJoC,QAAQC,IAAI,uBACZrC,EAAE,4BAA4BW,KAAK,SAASiH,GAE1C,OADAxF,QAAQC,IAAI,MAAOrC,EAAEH,MAAMkB,KAAK,QAASf,EAAEH,MAAMsD,OAC1C6C,GAAgB,IAAMhG,EAAEH,MAAMkB,KAAK,QAAU,IAAMf,EAAEH,MAAMsD,SAGtE0C,EAAW,GACPJ,IACFrD,QAAQC,IAAI,UAAWoD,IACM,IAAzBA,EAAOhG,QAAQ,KACjBgG,EAAOqC,UAAU,EAAGrC,EAAOhG,QAAQ,MAEnCoG,EAAWJ,EAAS,IAEtBI,GAAYG,EACZA,EAAe,IAEjBO,EAAOvG,EAAE,mBAAmBe,KAAK,QAAU,WAAa2F,EAASV,EAC7DH,IACFU,GAAQ,QAAUwB,KAAKlC,IAEzB7F,EAAE,mBAAmBe,KAAK,OAAQwF,IAEhCrG,OAAOuC,SAASC,UAClBqE,EAAYlI,EAAc,kBAExBuD,QAAQC,IAAI,2BAGQ,KADtB4E,EAAgBpI,EAAc,mBAE5BuD,QAAQC,IAAI,oBAGXtC,IACHA,EAAOnB,EAAU,mBACJmI,GACX3E,QAAQC,IAAI,wBAGXtC,EAuCMN,EAAQuI,KAAK9H,OAAO+H,mBAAoBlI,GAAQ,IACzDA,EAAOG,OAAO+H,mBAAmB,GAC5BlB,GACH3E,QAAQC,IAAI,gDAzCd,GAAI6F,UAAW,CAQb,IAPA/B,EAAQ,GACRC,EAAS,GACTS,EAAS,CAACqB,UAAUC,UAChBD,UAAUE,YACZvB,EAASqB,UAAUE,WAGhBxI,EAAI,EAAGiB,GADZP,EAAMJ,OAAO+H,oBACUnI,OAAQF,EAAIiB,EAAMjB,IACvC8F,EAAKpF,EAAIV,GACTsG,GAAW,8BAAmChG,OAAOC,aAAe,UAAYuF,EAAK,gBAAoBA,EAAK,WAAeA,EAAK,OAEpI,IAAKxB,EAAI,EAAGF,EAAO6C,EAAO/G,OAAQoE,EAAIF,EAAME,IAI1C,IAHA0C,EAAKC,EAAO3C,GACZ9B,QAAQC,IAAI,iBAAkBuE,GAEzBD,EAAI,EAAGN,GADZ9F,EAAOL,OAAO+H,oBACUnI,OAAQ6G,EAAIN,EAAMM,IACxCjB,EAAKnF,EAAKoG,GACVvE,QAAQC,IAAI,kBAAmBqD,GAC/BV,EAAK,IAAIzC,OAAO,IAAMmD,EAAK,MACvBkB,EAAGxF,MAAM4D,IACX5C,QAAQC,IAAI,oBAAqBqD,GACjCS,EAAMjE,KAAKwD,IACFA,EAAGoC,UAAU,EAAG,KAAOlB,EAAGkB,UAAU,EAAG,IAChD1B,EAAOlE,KAAKwD,IAIlB3F,EAAOoG,EAAM,GAAKA,EAAM,GAAKC,EAAO,GAAKA,EAAO,GAAKlG,OAAO+H,mBAAmB,MAClElB,GACX3E,QAAQC,IAAI,gCAGdtC,EAAOG,OAAO+H,mBAAmB,MACpBlB,GACX3E,QAAQC,IAAI,wBA2BlB,IAlBI0E,GACEtH,EAAQuI,KAAK9H,OAAO+H,mBAAoBlB,GAAa,IACvD3E,QAAQC,IAAI,0CACZ0E,EAAY7G,OAAO+H,mBAAmB,IAExC7F,QAAQC,IAAI,mBAAoB0E,GAC5BE,IACF7E,QAAQC,IAAI,qBAAsB0E,GAClC7H,EAAU,eAAgB6H,IAE5BxH,EAAcwH,KAEd3E,QAAQC,IAAI,mBAAoBtC,GAChCb,EAAU,eAAgBa,GAC1BR,EAAcQ,IAEhBmG,EAAU,GAELY,EAAI,EAAGR,GADZU,EAAO9G,OAAO+H,oBACUnI,OAAQgH,EAAIR,EAAMQ,IACxCpB,EAAKsB,EAAKF,GACVZ,GAAW,8BAAmChG,OAAOC,aAAe,UAAYuF,EAAK,gBAAoBA,EAAK,WAAeA,EAAK,OA6JpI,OA3JA1F,EAAE,cAAcmB,KAAK+E,GACrBlG,EAAE,aAAawF,GAAG,QAAS,WAGzB,OAFAzF,EAAOC,EAAEH,MAAMkB,KAAK,SACpB7B,EAAU,eAAgBa,GACnBR,EAAcQ,KAEvBkG,EAAiB,SAASoC,GACxB,IAAIC,EAEJ,OAAW,IADXA,EAAOD,EAAIE,WAAW,KACLD,EAAO,IAAa,GAAPA,GAAaA,EAAO,IAAa,GAAPA,GAAaA,EAAO,KAK9ExC,EAAgB,SAAS0C,GACvB,IAAIC,EAAOC,EAAc/I,EAAGgJ,EAAKC,EAAOC,EAAiBC,EAAYrE,EAAQsE,EA6C7E,GA5CAtE,GAAS,EAC0B,EAA/BvE,OAAOxB,MAAMsK,QAAQC,UACnBT,EAAS1I,QAAUI,OAAOxB,MAAMsK,QAAQC,SAC1CjJ,EAAE,6BAA6BkJ,SAAS,yBACxClJ,EAAE,6BAA6BmJ,YAAY,0BAE3CnJ,EAAE,6BAA6BmJ,YAAY,yBAC3CnJ,EAAE,6BAA6BkJ,SAAS,wBACxCzE,GAAS,IAGuB,EAAhCvE,OAAOxB,MAAMsK,QAAQI,YACvBL,EAAQP,EAASpH,MAAM,YACV2H,EAAMjJ,QAAUI,OAAOxB,MAAMsK,QAAQI,UAChDpJ,EAAE,8BAA8BkJ,SAAS,yBACzClJ,EAAE,8BAA8BmJ,YAAY,0BAE5CnJ,EAAE,8BAA8BmJ,YAAY,yBAC5CnJ,EAAE,8BAA8BkJ,SAAS,wBACzCzE,GAAS,IAGuB,EAAhCvE,OAAOxB,MAAMsK,QAAQK,YACvBT,EAAQJ,EAASpH,MAAM,YACVwH,EAAM9I,QAAUI,OAAOxB,MAAMsK,QAAQK,UAChDrJ,EAAE,8BAA8BkJ,SAAS,yBACzClJ,EAAE,8BAA8BmJ,YAAY,0BAE5CnJ,EAAE,8BAA8BmJ,YAAY,yBAC5CnJ,EAAE,8BAA8BkJ,SAAS,wBACzCzE,GAAS,IAGuB,EAAhCvE,OAAOxB,MAAMsK,QAAQM,YACvBb,EAAQD,EAASpH,MAAM,YACVqH,EAAM3I,QAAUI,OAAOxB,MAAMsK,QAAQM,UAChDtJ,EAAE,8BAA8BkJ,SAAS,yBACzClJ,EAAE,8BAA8BmJ,YAAY,0BAE5CnJ,EAAE,8BAA8BmJ,YAAY,yBAC5CnJ,EAAE,8BAA8BkJ,SAAS,wBACzCzE,GAAS,IAGTvE,OAAOxB,MAAMsK,QAAQO,eAAgB,CAKvC,IAJAV,EAAkB3I,OAAOxB,MAAMsK,QAAQO,eAAerI,QAAQ,MAAO,IACrEwH,GAAe,EACf/I,EAAI,EACJgJ,EAAMH,EAAS1I,OACRH,EAAIgJ,GACJ1C,EAAeuC,EAASgB,OAAO7J,KAC9BkJ,EAAgBpJ,QAAQ+I,EAASgB,OAAO7J,IAAM,IAChD+I,GAAe,GAGnB/I,KAEmB,IAAjB+I,GACF1I,EAAE,oCAAoCkJ,SAAS,yBAC/ClJ,EAAE,oCAAoCmJ,YAAY,0BAElDnJ,EAAE,oCAAoCmJ,YAAY,yBAClDnJ,EAAE,oCAAoCkJ,SAAS,wBAC/CzE,GAAS,GAGb,GAAsC,EAAlCvE,OAAOxB,MAAMsK,QAAQS,YAAkBvJ,OAAOxB,MAAMsK,QAAQO,eAAgB,CAI9E,IAHAT,EAAa,EACbD,EAAkB3I,OAAOxB,MAAMsK,QAAQO,eAAerI,QAAQ,MAAO,IACrEvB,EAAI,EACGA,EAAI6I,EAAS1I,QACiC,GAA/C+I,EAAgBpJ,QAAQ+I,EAASgB,OAAO7J,KAC1CmJ,IAEFnJ,IAEEmJ,GAAc5I,OAAOxB,MAAMsK,QAAQS,YACrCzJ,EAAE,gCAAgCkJ,SAAS,yBAC3ClJ,EAAE,gCAAgCmJ,YAAY,0BAE9CnJ,EAAE,gCAAgCmJ,YAAY,yBAC9CnJ,EAAE,gCAAgCkJ,SAAS,wBAC3CzE,GAAS,GAGb,GAAsC,EAAlCvE,OAAOxB,MAAMsK,QAAQS,aAAmBvJ,OAAOxB,MAAMsK,QAAQO,eAAgB,CAG/E,IADA5J,EADAmJ,EAAa,EAENnJ,EAAI6I,EAAS1I,QACbmG,EAAeuC,EAASgB,OAAO7J,KAClCmJ,IAEFnJ,IAEEmJ,GAAc5I,OAAOxB,MAAMsK,QAAQS,YACrCzJ,EAAE,gCAAgCkJ,SAAS,yBAC3ClJ,EAAE,gCAAgCmJ,YAAY,0BAE9CnJ,EAAE,gCAAgCmJ,YAAY,yBAC9CnJ,EAAE,gCAAgCkJ,SAAS,wBAC3CzE,GAAS,GAGTA,GACFzE,EAAE,YAAYmJ,YAAY,iBAAiBD,SAAS,kBACpDlJ,EAAE,gBAAgB,GAAG0J,kBAAkB,MAEvC1J,EAAE,YAAYmJ,YAAY,kBAAkBD,SAAS,iBACrDlJ,EAAE,gBAAgB,GAAG0J,kBAAkBpK,EAAU,WAGzB,MAAxBY,OAAOxB,MAAMsK,UACflD,EAAc,IACd9F,EAAE,gBAAgB2J,MAAM,SAAS9H,GAC/BiE,EAAcjE,EAAE+H,OAAOzE,UAG3BY,EAAgB,WACd,OAAI/F,EAAE,oBAAoB,GAAGmF,QAAUnF,EAAE,gBAAgB,GAAGmF,OAC1DnF,EAAE,oBAAoB,GAAG0J,kBAAkB,KACpC,IAEP1J,EAAE,oBAAoB,GAAG0J,kBAAkBpK,EAAU,UAC9C,IAGXU,EAAE,gBAAgB6J,OAAO9D,GACzB/F,EAAE,oBAAoB6J,OAAO9D,GACzBrH,EAAoB,cAA6B,EAAxBA,EAAoB,cAC/CwB,OAAOwE,WAAW3F,EAAML,EAAoB,cAE9CsB,EAAE,eAAeW,KAAK,WACpB,IAAIqC,EAEJ,OADAA,EAAI,IAAIxB,KAA2B,IAAtBxB,EAAEH,MAAMkB,KAAK,QACnBf,EAAEH,MAAM4B,KAAKuB,EAAEtB,oBAExB1B,EAAE,gBAAgBwF,GAAG,QAAS,WAC5B,OAAOxG,EAAkBgB,EAAEH,MAAMkB,KAAK,cAEjCf,EAAE,qBAAqBwF,GAAG,QAAS,WACxC,MAAuC,aAAnCxF,EAAE,gBAAgBe,KAAK,SACzBqB,QAAQC,IAAI,kBACZrC,EAAE,gBAAgBe,KAAK,OAAQ,SAC/Bf,EAAE,oBAAoBe,KAAK,OAAQ,SACnCf,EAAE,0BAA0BmJ,YAAY,UACjCnJ,EAAE,0BAA0BkJ,SAAS,kBAE5C9G,QAAQC,IAAI,kBACZrC,EAAE,gBAAgBe,KAAK,OAAQ,YAC/Bf,EAAE,oBAAoBe,KAAK,OAAQ,YACnCf,EAAE,0BAA0BmJ,YAAY,gBACjCnJ,EAAE,0BAA0BkJ,SAAS,iBAKjDlB,KAAKnI"} >>>>>>> origin/v2.0 +======= +{"version":3,"sources":["portal.js"],"names":["datas","delKey","getCookie","getQueryParam","getValues","ping","removeOidcConsent","restoreOrder","setCookie","setKey","setOrder","setSelector","translate","translatePage","translationFields","indexOf","item","i","l","this","length","lang","$","getJSON","window","staticPrefix","data","k","ref","ref1","v","trOver","all","each","args","len1","txt","attr","split","shift","replace","html","msg","match","parent","hide","d","Date","text","toLocaleString","str","values","e","results","tmp","JSON","parse","push","error1","console","log","name","RegExp","exec","location","search","decodeURIComponent","sortable","join","partner","j","s","alert","key","val","success","error","ajax","type","url","dataType","token","sub","IDs","child","itemID","items","len2","list","m","rebuild","savedOrd","children","remove","filter","append","result","setTimeout","reload","t","cname","c","ca","re","document","cookie","value","exdays","setTime","getTime","toUTCString","on","action","al","authMenuIndex","authMenuTabs","back_url","checkpassword","checksamepass","hiddenParams","isAlphaNumeric","langdiv","langs","langs2","len3","len4","link","menuIndex","menuTabs","method","n","nl","nlangs","o","queryLang","ref2","setCookieLang","choicetab","axis","cursor","opacity","revert","update","fadeIn","getTimezoneOffset","tabs","active","index","focus","substring","btoa","call","availableLanguages","navigator","language","languages","chr","code","charCodeAt","password","digit","hasforbidden","len","lower","nonwhitespechar","numspechar","upper","ppolicy","minsize","addClass","removeClass","minupper","minlower","mindigit","allowedspechar","charAt","minspechar","setCustomValidity","keyup","target","change"],"mappings":"CAMA,WACE,GAAIA,GAAOC,EAAQC,EAAWC,EAAeC,EAAiCC,EAAMC,EAAmBC,EAAcC,EAAWC,EAAQC,EAAUC,EAAaC,EAAWC,EAAeC,EACvLC,KAAaA,SAAW,SAASC,GAAQ,IAAK,GAAIC,GAAI,EAAGC,EAAIC,KAAKC,OAAQH,EAAIC,EAAGD,IAAO,GAAIA,IAAKE,OAAQA,KAAKF,KAAOD,EAAM,MAAOC,EAAK,QAAQ,EAEjJH,MAEAD,EAAgB,SAASQ,GACvB,MAAOC,GAAEC,QAAQC,OAAOC,aAAe,aAAeJ,EAAO,QAAS,SAASK,GAC7E,GAAIC,GAAGC,EAAKC,EAAMC,CAClBhB,GAAoBY,EACpBE,EAAMJ,OAAOxB,MAAM+B,OAAOC,GAC1B,KAAKL,IAAKC,GACRE,EAAIF,EAAID,GACRb,EAAkBa,GAAKG,CAEzB,IAAIN,OAAOxB,MAAM+B,OAAOV,GAAO,CAC7BQ,EAAOL,OAAOxB,MAAM+B,OAAOV,EAC3B,KAAKM,IAAKE,GACRC,EAAID,EAAKF,GACTb,EAAkBa,GAAKG,EAwB3B,MArBAR,GAAE,YAAYW,KAAK,WACjB,GAAIC,GAAMhB,EAAGiB,EAAMC,CAGnB,KAFAF,EAAOZ,EAAEH,MAAMkB,KAAK,UAAUC,MAAM,KACpCF,EAAMxB,EAAUsB,EAAKK,SAChBrB,EAAI,EAAGiB,EAAOD,EAAKd,OAAQF,EAAIiB,EAAMjB,IACxCY,EAAII,EAAKhB,GACTkB,EAAMA,EAAII,QAAQ,QAASV,EAE7B,OAAOR,GAAEH,MAAMsB,KAAKL,KAEtBd,EAAE,WAAWW,KAAK,WAChB,GAAIS,EAGJ,IAFApB,EAAEH,MAAMsB,KAAK7B,EAAU,KAAQU,EAAEH,MAAMkB,KAAK,WAC5CK,EAAM9B,EAAU,KAAQU,EAAEH,MAAMkB,KAAK,UACjCK,EAAIC,MAAM,UACZ,MAAOrB,GAAEH,MAAMyB,SAASC,SAG5BvB,EAAE,mBAAmBW,KAAK,WACxB,MAAOX,GAAEH,MAAMkB,KAAK,cAAezB,EAAUU,EAAEH,MAAMkB,KAAK,qBAErDf,EAAE,eAAeW,KAAK,WAC3B,GAAIa,EAEJ,OADAA,GAAI,GAAIC,MAAiC,IAA5BzB,EAAEH,MAAMkB,KAAK,cACnBf,EAAEH,MAAM6B,KAAKF,EAAEG,uBAK5BrC,EAAY,SAASsC,GACnB,MAAIpC,GAAkBoC,GACbpC,EAAkBoC,GAElBA,GAIX1B,OAAOZ,UAAYA,EAEnBR,EAAY,WACV,GAAI+C,EAkBJ,OAjBAA,MACA7B,EAAE,mCAAmCW,KAAK,WACxC,GAAImB,GAAGzB,EAAG0B,EAASC,CACnB,KACEA,EAAMC,KAAKC,MAAMlC,EAAEH,MAAM6B,QACzBK,IACA,KAAK1B,IAAK2B,GACRD,EAAQI,KAAKN,EAAOxB,GAAK2B,EAAI3B,GAE/B,OAAO0B,GACP,MAAOK,GAGP,MAFAN,GAAIM,EACJC,QAAQC,IAAI,gBAAiBR,GACtBO,QAAQC,IAAI,OAAQtC,EAAEH,MAAM6B,WAGvCW,QAAQC,IAAIT,GACLA,GAGThD,EAAgB,SAAS0D,GACvB,GAAIlB,EAEJ,OADAA,GAAQmB,OAAO,OAASD,EAAO,YAAYE,KAAKvC,OAAOwC,SAASC,QAC5DtB,EACKuB,mBAAmBvB,EAAM,GAAGH,QAAQ,MAAO,MAE3C,MAIX7B,EAAc,YAEdD,EAAW,WACT,MAAOD,GAAO,iBAAkBa,EAAEX,GAAawD,SAAS,WAAWC,SAGrE9D,EAAoB,SAAS+D,GAC3B,GAAIjB,EAIJ,OAHAA,GAAI,SAASkB,EAAGC,EAAGnB,GACjB,MAAOoB,OAAMD,EAAI,IAAMnB,IAElBnD,EAAO,gBAAiBoE,EAAS,WACtC,MAAO/C,GAAE,aAAe+C,EAAU,MAAMxB,QACvCO,IAGL3C,EAAS,SAASgE,EAAKC,EAAKC,EAASC,GACnC,MAAOtD,GAAEuD,MACPC,KAAM,MACNC,IAAK/E,EAAkB,WAAI,uBAC3BgF,SAAU,OACVJ,MAAOA,EACPD,QAAS,SAASjD,GAChB,GAAIoB,EAKJ,OAJAA,IACEmC,MAAOvD,EAAKuD,OAEdnC,EAAE2B,GAAOC,EACFpD,EAAEuD,MACPC,KAAM,MACNC,IAAK/E,EAAkB,WAAI,wBAC3BgF,SAAU,OACVtD,KAAMoB,EACN6B,QAASA,EACTC,MAAOA,QAMf3E,EAAS,SAASwE,EAAKS,EAAKP,EAASC,GACnC,MAAOtD,GAAEuD,MACPC,KAAM,MACNC,IAAK/E,EAAkB,WAAI,uBAC3BgF,SAAU,OACVJ,MAAOA,EACPD,QAAS,SAASjD,GAChB,MAAOJ,GAAEuD,MACPC,KAAM,SACNC,IAAK/E,EAAkB,WAAI,yBAA2ByE,EAAM,QAAUS,EAAM,UAAYxD,EAAKuD,MAC7FD,SAAU,OACVL,QAASA,EACTC,MAAOA,QAMfrE,EAAe,WACb,GAAI4E,GAAKC,EAAOpE,EAAMqE,EAAQC,EAAOpE,EAAGiB,EAAMoD,EAAMC,EAAMC,EAAGC,EAASC,EAAU7D,CAEhF,IAAe,OADf0D,EAAOlE,EAAEX,MACeX,EAAqB,cAC3C,MAAO,KAKT,KAHAmF,EAAMnF,EAAqB,cAAEsC,MAAM,KACnCgD,EAAQE,EAAKrB,SAAS,WACtBuB,KACKxE,EAAI,EAAGiB,EAAOmD,EAAMlE,OAAQF,EAAIiB,EAAMjB,IACzCY,EAAIwD,EAAMpE,GACVwE,EAAQ5D,GAAKA,CAEf,KAAK2D,EAAI,EAAGF,EAAOJ,EAAI/D,OAAQqE,EAAIF,EAAME,IACvCJ,EAASF,EAAIM,GACTC,EAAQL,KACVrE,EAAO0E,EAAQL,GACfD,EAAQ9D,EAAEX,EAAc,gBAAgBiF,SAAS,IAAM5E,GACvD2E,EAAWrE,EAAEX,EAAc,gBAAgBiF,SAAS,IAAMP,GAC1DD,EAAMS,SACNvE,EAAEX,EAAc,gBAAgBmF,OAAO,UAAUC,OAAOJ,GAG5D,OAAO,IAOTtF,EAAO,WACL,MAAOiB,GAAEuD,MACPC,KAAM,OACNC,IAAK/E,EAAkB,WACvB0B,MACErB,KAAM,GAER2E,SAAU,OACVL,QAAS,SAASjD,GAChB,MAAoB,OAAfA,EAAKsE,QAAmC,IAAhBtE,EAAKsE,OACzBC,WAAW5F,EAAML,EAAoB,cAErCgE,SAASkC,QAAO,IAG3BtB,MAAO,SAASN,EAAG6B,EAAG/C,GACpB,MAAOY,UAASkC,QAAO,OAK7B1E,OAAOnB,KAAOA,EAEdH,EAAY,SAASkG,GACnB,GAAIC,GAAGC,EAAIpF,EAAGiB,EAAYoE,CAI1B,KAHOH,EAAQ,IACfE,EAAKpC,mBAAmBsC,SAASC,QAAQnE,MAAM,KAC/CiE,EAAK,GAAIzC,QAAO,MAAQsC,EAAQ,KAC3BlF,EAAI,EAAGiB,EAAOmE,EAAGlF,OAAQF,EAAIiB,EAAMjB,IAEtC,GADAmF,EAAIC,EAAGpF,GACHmF,EAAE1D,MAAM4D,GAEV,MADAF,GAAIA,EAAE7D,QAAQ+D,EAAI,GAItB,OAAO,IAGT/F,EAAY,SAASqD,EAAM6C,EAAOC,GAChC,GAAI7D,EAGJ,OAFAA,GAAI,GAAIC,MACRD,EAAE8D,QAAQ9D,EAAE+D,UAAqB,MAATF,GACjBH,SAASC,OAAS5C,EAAO,IAAM6C,EAAQ,aAAgB5D,EAAEgE,cAAiB,YAGnF9G,KAEAsB,EAAEE,QAAQuF,GAAG,OAAQ,WACnB,GAAIC,GAAQC,EAAIC,EAAeC,EAAcC,EAAUC,EAAeC,EAAeC,EAAcC,EAAgBtG,EAAGG,EAAMoG,EAASC,EAAOC,EAAQxF,EAAMoD,EAAMqC,EAAMC,EAAMC,EAAMrC,EAAGsC,EAAWC,EAAUC,EAAQC,EAAGC,EAAIC,EAAQC,EAAGC,EAAW/B,EAAI3E,EAAKC,EAAM0G,EAAMC,CA6FpQ,IA5FAxI,EAAQI,IACJ,SAAWoB,SAAU,aAAeA,QAAOxB,QAC7CA,EAAMyI,UAAYjH,OAAOxB,MAAMyI,WAEjCjH,OAAOxB,MAAQA,EACfsB,EAAE,aAAa6C,UACbuE,KAAM,IACNC,OAAQ,OACRC,QAAS,GACTC,QAAQ,EACRvD,MAAO,iBACPwD,OAAQ,WACN,MAAOpI,QAGXH,IACAe,EAAE,eAAeyH,OAAO,QACxBzH,EAAE,wBAAwBoD,MAAM,GAAI3B,OAAOiG,oBAAsB,IACjEhB,EAAW1G,EAAE,SAAS2H,MACpBC,OAAQ,IAEVnB,EAAYzG,EAAE,kBAAoBtB,EAAkB,WAAI,MAAM4C,SAASuG,QACnEpB,EAAY,IACdA,EAAY,GAEdC,EAASiB,KAAK,SAAU,SAAUlB,GAClCZ,EAAe7F,EAAE,aAAa2H,MAC5BC,OAAQ,IAEVhC,EAAgB5F,EAAE,sBAAwBtB,EAAkB,WAAI,MAAM4C,SAASuG,QAC3EjC,EAAgB,IAClBA,EAAgB,GAElBC,EAAa8B,KAAK,SAAU,SAAU/B,GAClClH,EAAiB,WACnBmH,EAAa8B,KAAK,SAAU,SAAU3H,EAAE,sBAAwBtB,EAAiB,UAAI,MAAM4C,SAASuG,SAElGnJ,EAAa,MACfsB,EAAE,8BAA8B8H,QAEK,IAAjC9H,EAAE,oBAAoBF,QACxBE,EAAE,6BAA6B8H,QAG/BpJ,EAAiB,WACnBsB,EAAE,eAAee,KAAK,SAAU,UAE9Bf,EAAE,iBAAiBF,SACrB4F,EAAS1F,EAAE,SAASe,KAAK,UACzB4F,EAAS3G,EAAE,SAASe,KAAK,UACzBsB,QAAQC,IAAI,UAAWqE,GACvBV,EAAe,GACXjG,EAAE,8BACJqC,QAAQC,IAAI,uBACZtC,EAAE,4BAA4BW,KAAK,SAASkH,GAE1C,MADAxF,SAAQC,IAAI,MAAOtC,EAAEH,MAAMkB,KAAK,QAASf,EAAEH,MAAMuD,OAC1C6C,GAAgB,IAAMjG,EAAEH,MAAMkB,KAAK,QAAU,IAAMf,EAAEH,MAAMuD,SAGtE0C,EAAW,GACPJ,IACFrD,QAAQC,IAAI,UAAWoD,IACM,IAAzBA,EAAOjG,QAAQ,KACjBiG,EAAOqC,UAAU,EAAGrC,EAAOjG,QAAQ,MAEnCqG,EAAWJ,EAAS,IAEtBI,GAAYG,EACZA,EAAe,IAEjBO,EAAOxG,EAAE,mBAAmBe,KAAK,QAAU,WAAa4F,EAASV,EAC7DH,IACFU,GAAQ,QAAUwB,KAAKlC,IAEzB9F,EAAE,mBAAmBe,KAAK,OAAQyF,IAEhCtG,OAAOwC,SAASC,SAClBqE,EAAYnI,EAAc,gBACtBmI,GACF3E,QAAQC,IAAI,2BAGQ,KADtB4E,EAAgBrI,EAAc,mBAE5BwD,QAAQC,IAAI,oBAGXvC,IACHA,EAAOnB,EAAU,mBACJoI,GACX3E,QAAQC,IAAI,wBAGXvC,EAuCMN,EAAQwI,KAAK/H,OAAOgI,mBAAoBnI,GAAQ,IACzDA,EAAOG,OAAOgI,mBAAmB,GAC5BlB,GACH3E,QAAQC,IAAI,+CAzCd,IAAI6F,UAAW,CAQb,IAPA/B,KACAC,KACAS,GAAUqB,UAAUC,UAChBD,UAAUE,YACZvB,EAASqB,UAAUE,WAErB/H,EAAMJ,OAAOgI,mBACRtI,EAAI,EAAGiB,EAAOP,EAAIR,OAAQF,EAAIiB,EAAMjB,IACvC+F,EAAKrF,EAAIV,GACTuG,GAAW,8BAAmCjG,OAAOC,aAAe,UAAYwF,EAAK,gBAAoBA,EAAK,WAAeA,EAAK,MAEpI,KAAKxB,EAAI,EAAGF,EAAO6C,EAAOhH,OAAQqE,EAAIF,EAAME,IAI1C,IAHA0C,EAAKC,EAAO3C,GACZ9B,QAAQC,IAAI,iBAAkBuE,GAC9BtG,EAAOL,OAAOgI,mBACTtB,EAAI,EAAGN,EAAO/F,EAAKT,OAAQ8G,EAAIN,EAAMM,IACxCjB,EAAKpF,EAAKqG,GACVvE,QAAQC,IAAI,kBAAmBqD,GAC/BV,EAAK,GAAIzC,QAAO,IAAMmD,EAAK,MACvBkB,EAAGxF,MAAM4D,IACX5C,QAAQC,IAAI,oBAAqBqD,GACjCS,EAAMjE,KAAKwD,IACFA,EAAGoC,UAAU,EAAG,KAAOlB,EAAGkB,UAAU,EAAG,IAChD1B,EAAOlE,KAAKwD,EAIlB5F,GAAOqG,EAAM,GAAKA,EAAM,GAAKC,EAAO,GAAKA,EAAO,GAAKnG,OAAOgI,mBAAmB,GAC3EnI,IAASiH,GACX3E,QAAQC,IAAI,gCAGdvC,EAAOG,OAAOgI,mBAAmB,MACpBlB,GACX3E,QAAQC,IAAI,uBA2BlB,KAlBI0E,GACEvH,EAAQwI,KAAK/H,OAAOgI,mBAAoBlB,GAAa,IACvD3E,QAAQC,IAAI,0CACZ0E,EAAY9G,OAAOgI,mBAAmB,IAExC7F,QAAQC,IAAI,mBAAoB0E,GAC5BE,IACF7E,QAAQC,IAAI,qBAAsB0E,GAClC9H,EAAU,eAAgB8H,IAE5BzH,EAAcyH,KAEd3E,QAAQC,IAAI,mBAAoBvC,GAChCb,EAAU,eAAgBa,GAC1BR,EAAcQ,IAEhBoG,EAAU,GACVc,EAAO/G,OAAOgI,mBACTnB,EAAI,EAAGR,EAAOU,EAAKnH,OAAQiH,EAAIR,EAAMQ,IACxCpB,EAAKsB,EAAKF,GACVZ,GAAW,8BAAmCjG,OAAOC,aAAe,UAAYwF,EAAK,gBAAoBA,EAAK,WAAeA,EAAK,MA6JpI,OA3JA3F,GAAE,cAAcmB,KAAKgF,GACrBnG,EAAE,aAAayF,GAAG,QAAS,WAGzB,MAFA1F,GAAOC,EAAEH,MAAMkB,KAAK,SACpB7B,EAAU,eAAgBa,GACnBR,EAAcQ,KAEvBmG,EAAiB,SAASoC,GACxB,GAAIC,EAEJ,QADAA,EAAOD,EAAIE,WAAW,IACX,IAAMD,EAAO,IAAMA,EAAO,IAAMA,EAAO,IAAMA,EAAO,IAAMA,EAAO,KAK9ExC,EAAgB,SAAS0C,GACvB,GAAIC,GAAOC,EAAchJ,EAAGiJ,EAAKC,EAAOC,EAAiBC,EAAYrE,EAAQsE,CA6C7E,IA5CAtE,GAAS,EACLxE,OAAOxB,MAAMuK,QAAQC,QAAU,IAC7BT,EAAS3I,QAAUI,OAAOxB,MAAMuK,QAAQC,SAC1ClJ,EAAE,6BAA6BmJ,SAAS,yBACxCnJ,EAAE,6BAA6BoJ,YAAY,0BAE3CpJ,EAAE,6BAA6BoJ,YAAY,yBAC3CpJ,EAAE,6BAA6BmJ,SAAS,wBACxCzE,GAAS,IAGTxE,OAAOxB,MAAMuK,QAAQI,SAAW,IAClCL,EAAQP,EAASpH,MAAM,UACnB2H,GAASA,EAAMlJ,QAAUI,OAAOxB,MAAMuK,QAAQI,UAChDrJ,EAAE,8BAA8BmJ,SAAS,yBACzCnJ,EAAE,8BAA8BoJ,YAAY,0BAE5CpJ,EAAE,8BAA8BoJ,YAAY,yBAC5CpJ,EAAE,8BAA8BmJ,SAAS,wBACzCzE,GAAS,IAGTxE,OAAOxB,MAAMuK,QAAQK,SAAW,IAClCT,EAAQJ,EAASpH,MAAM,UACnBwH,GAASA,EAAM/I,QAAUI,OAAOxB,MAAMuK,QAAQK,UAChDtJ,EAAE,8BAA8BmJ,SAAS,yBACzCnJ,EAAE,8BAA8BoJ,YAAY,0BAE5CpJ,EAAE,8BAA8BoJ,YAAY,yBAC5CpJ,EAAE,8BAA8BmJ,SAAS,wBACzCzE,GAAS,IAGTxE,OAAOxB,MAAMuK,QAAQM,SAAW,IAClCb,EAAQD,EAASpH,MAAM,UACnBqH,GAASA,EAAM5I,QAAUI,OAAOxB,MAAMuK,QAAQM,UAChDvJ,EAAE,8BAA8BmJ,SAAS,yBACzCnJ,EAAE,8BAA8BoJ,YAAY,0BAE5CpJ,EAAE,8BAA8BoJ,YAAY,yBAC5CpJ,EAAE,8BAA8BmJ,SAAS,wBACzCzE,GAAS,IAGTxE,OAAOxB,MAAMuK,QAAQO,eAAgB,CAKvC,IAJAV,EAAkB5I,OAAOxB,MAAMuK,QAAQO,eAAetI,QAAQ,MAAO,IACrEyH,GAAe,EACfhJ,EAAI,EACJiJ,EAAMH,EAAS3I,OACRH,EAAIiJ,GACJ1C,EAAeuC,EAASgB,OAAO9J,KAC9BmJ,EAAgBrJ,QAAQgJ,EAASgB,OAAO9J,IAAM,IAChDgJ,GAAe,GAGnBhJ,KAEmB,IAAjBgJ,GACF3I,EAAE,oCAAoCmJ,SAAS,yBAC/CnJ,EAAE,oCAAoCoJ,YAAY,0BAElDpJ,EAAE,oCAAoCoJ,YAAY,yBAClDpJ,EAAE,oCAAoCmJ,SAAS,wBAC/CzE,GAAS,GAGb,GAAIxE,OAAOxB,MAAMuK,QAAQS,WAAa,GAAKxJ,OAAOxB,MAAMuK,QAAQO,eAAgB,CAI9E,IAHAT,EAAa,EACbD,EAAkB5I,OAAOxB,MAAMuK,QAAQO,eAAetI,QAAQ,MAAO,IACrEvB,EAAI,EACGA,EAAI8I,EAAS3I,QACdgJ,EAAgBrJ,QAAQgJ,EAASgB,OAAO9J,KAAO,GACjDoJ,IAEFpJ,GAEEoJ,IAAc7I,OAAOxB,MAAMuK,QAAQS,YACrC1J,EAAE,gCAAgCmJ,SAAS,yBAC3CnJ,EAAE,gCAAgCoJ,YAAY,0BAE9CpJ,EAAE,gCAAgCoJ,YAAY,yBAC9CpJ,EAAE,gCAAgCmJ,SAAS,wBAC3CzE,GAAS,GAGb,GAAIxE,OAAOxB,MAAMuK,QAAQS,WAAa,IAAMxJ,OAAOxB,MAAMuK,QAAQO,eAAgB,CAG/E,IAFAT,EAAa,EACbpJ,EAAI,EACGA,EAAI8I,EAAS3I,QACboG,EAAeuC,EAASgB,OAAO9J,KAClCoJ,IAEFpJ,GAEEoJ,IAAc7I,OAAOxB,MAAMuK,QAAQS,YACrC1J,EAAE,gCAAgCmJ,SAAS,yBAC3CnJ,EAAE,gCAAgCoJ,YAAY,0BAE9CpJ,EAAE,gCAAgCoJ,YAAY,yBAC9CpJ,EAAE,gCAAgCmJ,SAAS,wBAC3CzE,GAAS,GAGTA,GACF1E,EAAE,YAAYoJ,YAAY,iBAAiBD,SAAS,kBACpDnJ,EAAE,gBAAgB,GAAG2J,kBAAkB,MAEvC3J,EAAE,YAAYoJ,YAAY,kBAAkBD,SAAS,iBACrDnJ,EAAE,gBAAgB,GAAG2J,kBAAkBrK,EAAU,WAGxB,MAAxBY,OAAOxB,MAAMuK,SAAoBjJ,EAAE,gBAAgBF,SACtDiG,EAAc,IACd/F,EAAE,gBAAgB4J,MAAM,SAAS9H,GAC/BiE,EAAcjE,EAAE+H,OAAOzE,UAG3BY,EAAgB,WACd,MAAIhG,GAAE,oBAAoB,GAAGoF,QAAUpF,EAAE,gBAAgB,GAAGoF,OAC1DpF,EAAE,oBAAoB,GAAG2J,kBAAkB,KACpC,IAEP3J,EAAE,oBAAoB,GAAG2J,kBAAkBrK,EAAU,UAC9C,IAGXU,EAAE,gBAAgB8J,OAAO9D,GACzBhG,EAAE,oBAAoB8J,OAAO9D,GACzBtH,EAAoB,cAAKA,EAAoB,aAAI,GACnDwB,OAAOyE,WAAW5F,EAAML,EAAoB,cAE9CsB,EAAE,eAAeW,KAAK,WACpB,GAAIsC,EAEJ,OADAA,GAAI,GAAIxB,MAA2B,IAAtBzB,EAAEH,MAAMkB,KAAK,QACnBf,EAAEH,MAAM6B,KAAKuB,EAAEtB,oBAExB3B,EAAE,gBAAgByF,GAAG,QAAS,WAC5B,MAAOzG,GAAkBgB,EAAEH,MAAMkB,KAAK,cAEjCf,EAAE,qBAAqByF,GAAG,QAAS,WACxC,MAAuC,aAAnCzF,EAAE,gBAAgBe,KAAK,SACzBsB,QAAQC,IAAI,kBACZtC,EAAE,gBAAgBe,KAAK,OAAQ,SAC/Bf,EAAE,oBAAoBe,KAAK,OAAQ,SACnCf,EAAE,0BAA0BoJ,YAAY,UACjCpJ,EAAE,0BAA0BmJ,SAAS,kBAE5C9G,QAAQC,IAAI,kBACZtC,EAAE,gBAAgBe,KAAK,OAAQ,YAC/Bf,EAAE,oBAAoBe,KAAK,OAAQ,YACnCf,EAAE,0BAA0BoJ,YAAY,gBACjCpJ,EAAE,0BAA0BmJ,SAAS,iBAKjDlB,KAAKpI","file":"portal.min.js"} +>>>>>>> v2.0 diff --git a/lemonldap-ng-portal/site/htdocs/static/common/js/totpregistration.min.js b/lemonldap-ng-portal/site/htdocs/static/common/js/totpregistration.min.js index eb1bb65b1..3089b99f6 100644 --- a/lemonldap-ng-portal/site/htdocs/static/common/js/totpregistration.min.js +++ b/lemonldap-ng-portal/site/htdocs/static/common/js/totpregistration.min.js @@ -1 +1 @@ -(function(){var o=function(e,r){return $("#msg").html(window.translate(e)),$("#color").removeClass("message-positive message-warning message-danger alert-success alert-warning alert-danger"),$("#color").addClass("message-"+r),"positive"===r&&(r="success"),$("#color").addClass("alert-"+r)},r=function(e,r,t){if(console.log("Error",t),(e=JSON.parse(e.responseText))&&e.error)return e=e.error.replace(/.* /,""),console.log("Returned error",e),o(e,"warning")},t="",e=function(e){return o("yourTotpKey","warning"),$.ajax({type:"POST",url:portal+"/2fregisters/totp/getkey",dataType:"json",data:{newkey:e},error:r,success:function(e){var r;return e.error?(e.error.match(/totpExistingKey/)&&$("#divToHide").hide(),o(e.error,"warning")):e.portal&&e.user&&e.secret?($("#divToHide").show(),r="otpauth://totp/"+escape(e.portal)+":"+escape(e.user)+"?secret="+e.secret+"&issuer="+escape(e.portal),6!==e.digits&&(r+="&digits="+e.digits),30!==e.interval&&(r+="&period="+e.interval),new QRious({element:document.getElementById("qr"),value:r,size:150}),$("#serialized").text(r),e.newkey?o("yourNewTotpKey","warning"):o("yourTotpKey","success"),t=e.token):o("PE24","danger")}})},n=function(){var e=$("#code").val();return e?$.ajax({type:"POST",url:portal+"/2fregisters/totp/verify",dataType:"json",data:{token:t,code:e,TOTPName:$("#TOTPName").val()},error:r,success:function(e){return e.error?e.error.match(/bad(Code|Name)/)?o(e.error,"warning"):o(e.error,"danger"):o("yourKeyIsRegistered","success")}}):o("fillTheForm","warning")};$(document).ready(function(){return e(0),$("#changekey").on("click",function(){return e(1)}),$("#verify").on("click",n)})}).call(this); \ No newline at end of file +(function(){var r,e,n,t,o;n=function(e,r){return $("#msg").html(window.translate(e)),$("#color").removeClass("message-positive message-warning message-danger alert-success alert-warning alert-danger"),$("#color").addClass("message-"+r),"positive"===r&&(r="success"),$("#color").addClass("alert-"+r)},r=function(e,r,t){var o;if(console.log("Error",t),(o=JSON.parse(e.responseText))&&o.error)return o=o.error.replace(/.* /,""),console.log("Returned error",o),n(o,"warning")},t="",e=function(e){return n("yourTotpKey","warning"),$.ajax({type:"POST",url:portal+"/2fregisters/totp/getkey",dataType:"json",data:{newkey:e},error:r,success:function(e){var r;return e.error?(e.error.match(/totpExistingKey/)&&$("#divToHide").hide(),n(e.error,"warning")):e.portal&&e.user&&e.secret?($("#divToHide").show(),r="otpauth://totp/"+escape(e.portal)+":"+escape(e.user)+"?secret="+e.secret+"&issuer="+escape(e.portal),6!==e.digits&&(r+="&digits="+e.digits),30!==e.interval&&(r+="&period="+e.interval),new QRious({element:document.getElementById("qr"),value:r,size:150}),$("#serialized").text(r),e.newkey?n("yourNewTotpKey","warning"):n("yourTotpKey","success"),t=e.token):n("PE24","danger")}})},o=function(){var e;return(e=$("#code").val())?$.ajax({type:"POST",url:portal+"/2fregisters/totp/verify",dataType:"json",data:{token:t,code:e,TOTPName:$("#TOTPName").val()},error:r,success:function(e){return e.error?e.error.match(/bad(Code|Name)/)?n(e.error,"warning"):n(e.error,"danger"):n("yourKeyIsRegistered","success")}}):n("fillTheForm","warning")},$(document).ready(function(){return e(0),$("#changekey").on("click",function(){return e(1)}),$("#verify").on("click",function(){return o()})})}).call(this); \ No newline at end of file diff --git a/lemonldap-ng-portal/site/htdocs/static/common/js/totpregistration.min.js.map b/lemonldap-ng-portal/site/htdocs/static/common/js/totpregistration.min.js.map index d43c5db05..faf728c05 100644 --- a/lemonldap-ng-portal/site/htdocs/static/common/js/totpregistration.min.js.map +++ b/lemonldap-ng-portal/site/htdocs/static/common/js/totpregistration.min.js.map @@ -1 +1 @@ -{"version":3,"sources":["totpregistration.js"],"names":["setMsg","msg","level","$","html","window","translate","removeClass","addClass","displayError","j","status","err","console","log","res","JSON","parse","responseText","error","replace","token","getKey","reset","ajax","type","url","portal","dataType","data","newkey","success","s","match","hide","user","secret","show","escape","digits","interval","QRious","element","document","getElementById","value","size","text","verify","val","code","TOTPName","ready","on","call","this"],"mappings":"CAMA,WACE,IAEAA,EAAS,SAASC,EAAKC,GAOrB,OANAC,EAAE,QAAQC,KAAKC,OAAOC,UAAUL,IAChCE,EAAE,UAAUI,YAAY,4FACxBJ,EAAE,UAAUK,SAAS,WAAaN,GACpB,aAAVA,IACFA,EAAQ,WAEHC,EAAE,UAAUK,SAAS,SAAWN,IAGzCO,EAAe,SAASC,EAAGC,EAAQC,GAIjC,GAFAC,QAAQC,IAAI,QAASF,IACrBG,EAAMC,KAAKC,MAAMP,EAAEQ,gBACRH,EAAII,MAGb,OAFAJ,EAAMA,EAAII,MAAMC,QAAQ,MAAO,IAC/BP,QAAQC,IAAI,iBAAkBC,GACvBf,EAAOe,EAAK,YAIvBM,EAAQ,GAERC,EAAS,SAASC,GAEhB,OADAvB,EAAO,cAAe,WACfG,EAAEqB,KAAK,CACZC,KAAM,OACNC,IAAKC,OAAS,2BACdC,SAAU,OACVC,KAAM,CACJC,OAAQP,GAEVJ,MAAOV,EACPsB,QAAS,SAASF,GAChB,IAAQG,EACR,OAAIH,EAAKV,OACHU,EAAKV,MAAMc,MAAM,oBACnB9B,EAAE,cAAc+B,OAEXlC,EAAO6B,EAAKV,MAAO,YAEtBU,EAAKF,QAAUE,EAAKM,MAAQN,EAAKO,QAGvCjC,EAAE,cAAckC,OAChBL,EAAI,kBAAqBM,OAAOT,EAAKF,QAAW,IAAOW,OAAOT,EAAKM,MAAS,WAAaN,EAAKO,OAAS,WAAcE,OAAOT,EAAKF,QAC7G,IAAhBE,EAAKU,SACPP,GAAK,WAAaH,EAAKU,QAEH,KAAlBV,EAAKW,WACPR,GAAK,WAAaH,EAAKW,UAEpB,IAAIC,OAAO,CACdC,QAASC,SAASC,eAAe,MACjCC,MAAOb,EACPc,KAAM,MAER3C,EAAE,eAAe4C,KAAKf,GAClBH,EAAKC,OACP9B,EAAO,iBAAkB,WAEzBA,EAAO,cAAe,WAEjBqB,EAAQQ,EAAKR,OArBXrB,EAAO,OAAQ,cA0B9BgD,EAAS,WACP,IACAC,EAAM9C,EAAE,SAAS8C,MACjB,OAAKA,EAGI9C,EAAEqB,KAAK,CACZC,KAAM,OACNC,IAAKC,OAAS,2BACdC,SAAU,OACVC,KAAM,CACJR,MAAOA,EACP6B,KAAMD,EACNE,SAAUhD,EAAE,aAAa8C,OAE3B9B,MAAOV,EACPsB,QAAS,SAASF,GAChB,OAAIA,EAAKV,MACHU,EAAKV,MAAMc,MAAM,kBACZjC,EAAO6B,EAAKV,MAAO,WAEnBnB,EAAO6B,EAAKV,MAAO,UAGrBnB,EAAO,sBAAuB,cApBpCA,EAAO,cAAe,YA2BjCG,EAAEwC,UAAUS,MAAM,WAKhB,OAJA9B,EAAO,GACPnB,EAAE,cAAckD,GAAG,QAAS,WAC1B,OAAO/B,EAAO,KAETnB,EAAE,WAAWkD,GAAG,QACdL,OAIVM,KAAKC"} \ No newline at end of file +{"version":3,"sources":["totpregistration.js"],"names":["displayError","getKey","setMsg","token","verify","msg","level","$","html","window","translate","removeClass","addClass","j","status","err","res","console","log","JSON","parse","responseText","error","replace","reset","ajax","type","url","portal","dataType","data","newkey","success","s","match","hide","user","secret","show","escape","digits","interval","QRious","element","document","getElementById","value","size","text","val","code","TOTPName","ready","on","call","this"],"mappings":"CAMA,WACE,IAAIA,EAAcC,EAAQC,EAAQC,EAAOC,EAEzCF,EAAS,SAASG,EAAKC,GAOrB,OANAC,EAAE,QAAQC,KAAKC,OAAOC,UAAUL,IAChCE,EAAE,UAAUI,YAAY,4FACxBJ,EAAE,UAAUK,SAAS,WAAaN,GACpB,aAAVA,IACFA,EAAQ,WAEHC,EAAE,UAAUK,SAAS,SAAWN,IAGzCN,EAAe,SAASa,EAAGC,EAAQC,GACjC,IAAIC,EAGJ,GAFAC,QAAQC,IAAI,QAASH,IACrBC,EAAMG,KAAKC,MAAMP,EAAEQ,gBACRL,EAAIM,MAGb,OAFAN,EAAMA,EAAIM,MAAMC,QAAQ,MAAO,IAC/BN,QAAQC,IAAI,iBAAkBF,GACvBd,EAAOc,EAAK,YAIvBb,EAAQ,GAERF,EAAS,SAASuB,GAEhB,OADAtB,EAAO,cAAe,WACfK,EAAEkB,KAAK,CACZC,KAAM,OACNC,IAAKC,OAAS,2BACdC,SAAU,OACVC,KAAM,CACJC,OAAQP,GAEVF,MAAOtB,EACPgC,QAAS,SAASF,GAChB,IAAQG,EACR,OAAIH,EAAKR,OACHQ,EAAKR,MAAMY,MAAM,oBACnB3B,EAAE,cAAc4B,OAEXjC,EAAO4B,EAAKR,MAAO,YAEtBQ,EAAKF,QAAUE,EAAKM,MAAQN,EAAKO,QAGvC9B,EAAE,cAAc+B,OAChBL,EAAI,kBAAqBM,OAAOT,EAAKF,QAAW,IAAOW,OAAOT,EAAKM,MAAS,WAAaN,EAAKO,OAAS,WAAcE,OAAOT,EAAKF,QAC7G,IAAhBE,EAAKU,SACPP,GAAK,WAAaH,EAAKU,QAEH,KAAlBV,EAAKW,WACPR,GAAK,WAAaH,EAAKW,UAEpB,IAAIC,OAAO,CACdC,QAASC,SAASC,eAAe,MACjCC,MAAOb,EACPc,KAAM,MAERxC,EAAE,eAAeyC,KAAKf,GAClBH,EAAKC,OACP7B,EAAO,iBAAkB,WAEzBA,EAAO,cAAe,WAEjBC,EAAQ2B,EAAK3B,OArBXD,EAAO,OAAQ,cA0B9BE,EAAS,WACP,IAAI6C,EAEJ,OADAA,EAAM1C,EAAE,SAAS0C,OAIR1C,EAAEkB,KAAK,CACZC,KAAM,OACNC,IAAKC,OAAS,2BACdC,SAAU,OACVC,KAAM,CACJ3B,MAAOA,EACP+C,KAAMD,EACNE,SAAU5C,EAAE,aAAa0C,OAE3B3B,MAAOtB,EACPgC,QAAS,SAASF,GAChB,OAAIA,EAAKR,MACHQ,EAAKR,MAAMY,MAAM,kBACZhC,EAAO4B,EAAKR,MAAO,WAEnBpB,EAAO4B,EAAKR,MAAO,UAGrBpB,EAAO,sBAAuB,cApBpCA,EAAO,cAAe,YA2BjCK,EAAEqC,UAAUQ,MAAM,WAKhB,OAJAnD,EAAO,GACPM,EAAE,cAAc8C,GAAG,QAAS,WAC1B,OAAOpD,EAAO,KAETM,EAAE,WAAW8C,GAAG,QAAS,WAC9B,OAAOjD,UAIVkD,KAAKC"} \ No newline at end of file diff --git a/lemonldap-ng-portal/site/htdocs/static/common/modules/CustomAuth.png b/lemonldap-ng-portal/site/htdocs/static/common/modules/CustomAuth.png index c5fccb958..bb7f5f931 100644 Binary files a/lemonldap-ng-portal/site/htdocs/static/common/modules/CustomAuth.png and b/lemonldap-ng-portal/site/htdocs/static/common/modules/CustomAuth.png differ diff --git a/lemonldap-ng-portal/site/htdocs/static/common/modules/GitHub.png b/lemonldap-ng-portal/site/htdocs/static/common/modules/GitHub.png index 2a1ac53eb..ccc585756 100644 Binary files a/lemonldap-ng-portal/site/htdocs/static/common/modules/GitHub.png and b/lemonldap-ng-portal/site/htdocs/static/common/modules/GitHub.png differ diff --git a/lemonldap-ng-portal/site/htdocs/static/common/modules/Google.png b/lemonldap-ng-portal/site/htdocs/static/common/modules/Google.png index 741008365..389c1f605 100644 Binary files a/lemonldap-ng-portal/site/htdocs/static/common/modules/Google.png and b/lemonldap-ng-portal/site/htdocs/static/common/modules/Google.png differ diff --git a/lemonldap-ng-portal/site/htdocs/static/common/zh_TW.png b/lemonldap-ng-portal/site/htdocs/static/common/zh_TW.png new file mode 100644 index 000000000..1ea6706ef Binary files /dev/null and b/lemonldap-ng-portal/site/htdocs/static/common/zh_TW.png differ diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/es.json b/lemonldap-ng-portal/site/htdocs/static/languages/es.json deleted file mode 100644 index 8a77d491f..000000000 --- a/lemonldap-ng-portal/site/htdocs/static/languages/es.json +++ /dev/null @@ -1,328 +0,0 @@ -{ -"PE-7":"La sesión se ha desconectado", -"PE-6":"La contraseña se ha modificado", -"PE0":"Usuario autentificado", -"PE1":"Su sesión ha caducado. Debe autentificarse de nuevo", -"PE2":"Los campos \"usuario\" y \"password\" deben tener contenido", -"PE3":"Error en la cuenta o contraseña LDAP de la aplicación", -"PE4":"Usuario no reconocido", -"PE5":"Contraseña o identificador incorrecto", -"PE6":"Conexión fallida al servidor LDAP", -"PE7":"Error anómalo del servidor LDAP", -"PE8":"Error del módulo Apache::Session seleccionado", -"PE9":"Se necesita autentificación", -"PE10":"Certificado inválido", -"PE21":"Su cuenta está bloqueada", -"PE22":"Su contraseña ha caducado", -"PE23":"Certificado requerido", -"PE24":"Error", -"PE25":"La contraseña se ha reiniciado y se debe cambiar", -"PE26":"Modificación de contraseña no autorizada", -"PE27":"Para modificarla, introduzca la antigua contraseña", -"PE28":"Calidad de contraseña insuficiente", -"PE29":"Contraseña muy corta", -"PE30":"Contraseña muy reciente", -"PE31":"Contraseña utilizada muy recientemente", -"PE32":" autenticaciones restantes, cambie de contraseña", -"PE33":"Faltan %d días, %d horas, %d minutos y %d segundos para que su contraseña caduque.", -"PE34":"Las contraseñas no coinciden", -"PE36":"Tiene un mensaje nuevo", -"PE37":"URL incorrecta", -"PE38":"Ningún esquema disponible", -"PE39":"Antigua contraseña inválida", -"PE40":"Nombre de usuario incorrecto", -"PE41":"Inicio de sesión no autorizada", -"PE42":"Confirmación requerida", -"PE43":"Dirección e-mail obligatoria", -"PE44":"Llave de confirmación inválida o demasiado antigua", -"PE45":"El envío de e-mail ha fracasado", -"PE46":"Ha recibido un e-mail", -"PE48":"Error SAML no definido", -"PE49":"No se puede cargar el servicio SAML", -"PE50":"Problema al cargar un proveedor de identidad", -"PE51":"Error de autenticación SAML", -"PE52":"Colaborador SAML desconocido", -"PE53":"Dirección de destino SAML incorrecta", -"PE54":"Las condiciones del mensaje SAML no se respetan", -"PE55":"La autenticación iniciada por el proveedor de identidad no está autorizada", -"PE56":"Error de desconexión SAML", -"PE57":"Error de gestión de la firma del mensaje SAML", -"PE58":"Error de utilización de un artefacto SAML", -"PE59":"Error de comunicación con las sesiones SAML", -"PE60":"Problema al cargar un proveedor de servicios", -"PE61":"Error de intercambio de atributos SAML", -"PE62":"Página destinada a los servidores OpenID", -"PE63":"La identidad OpenID que quiere utilizar no le pertenece", -"PE64":"Un atributo exigido no está disponible", -"PE65":"Agrupación prohibida por la política de seguridad", -"PE66":"E-mail de confirmación ya enviado", -"PE67":"Contraseña no ingresada", -"PE68":"Acceso no autorizado al servicio CAS", -"PE69":"Introduzca su dirección e-mail", -"PE70":"Ningún usuario coincide", -"PE71":"Introduzca su nueva contraseña", -"PE72":"Ha recibido un e-mail de confirmación", -"PE73":"La conexión al servidor Radius ha fracasado", -"PE74":"La contraseña antigua es obligatoria", -"PE75":"Usted vino de una dirección IP no acreditada", -"PE76":"Error al registrar el captcha", -"PE77":"Introduzca el captcha", -"PE78":"Introduzca sus datos", -"PE79":"Faltan datos", -"PE80":"Esta dirección ya está siendo utilizada", -"PE81":"Intento de autenticación inválido", -"PE82":"Tiempo de espera de autenticación exedido", -"PE83":"La verificación U2F ha fallado. Reintente o póngase en contacto con su administrador", -"PE84":"Usted no está autorizado a acceder a este servidor", -"PE85":"El sitio remoto pide una nueva sesión (y el plugin UpgradeSession no está cargado). Desconéctese y reintente", -"PE86":"Your account is locked. You have to wait", -"PE87":"Debe autenticarse de nuevo para acceder al Portal", -"PE88":"Su cuenta debe contar con una dirección de e-mail para poder utilizar la autenticación de dos factores", -"PE89":"Acceso no autorizado al servicio SAML", -"PE90":"Acceso no autorizado al servicio OIDC", -"PE91":"Acceso no autorizado al servicio OID", -"PE92":"Acceso no autorizado al servicio GET", -"PE93":"Acceso no concedido al servicio de SUPLANTACIÓN", -"PE94":"Un atributo obligatorio no está presente", -"PE95":"Acceso no autorizado al servicio DECRYPT", -"PE96":"Código de verificación no válido", -"PE97":"Su certificado no es válido o expira próximamente", -"PE98":"Por favor, seleccione su nuevo certificado", -"PE99":"Por favor, seleccione su nuevo certificado", -"PE100":"Password contains not allowed character", -"PE101":"Password contains not allowed characters", -"PE102":"Session must be upgraded", -"PE103":"No second factors available for your account", -"2FDeviceNotFound":"2F device not found", -"2fRegRequired":"Este servicio necesita la autenticación de dos factores. Registre un dispositivo ahora, luego reingrese al portal.", -"accept":"Aceptar", -"accessDenied":"No está autorizado a acceder a esta aplicación", -"accountCreated":"Su cuenta ha sido creada, su contraseña temporal ha sido enviada a su dirección de e-mail.", -"accountCreationSuccess":"Su cuenta fue creada con éxito.", -"action":"Acción", -"activeSessions":"Sesiones SSO activas", -"all":"Todo", -"allowed":"Acceso PERMITIDO", -"anotherInformation":"Otra información:", -"areYouSure":"¿Está seguro?", -"askToRenew":"Esta aplicación necesita una autenticación más reciente. ¿Desea reautenticar?", -"askToUpgrade":"Esta aplicación requiere de un nivel de autenticación más alto. ¿Desea reautenticar?", -"attributes":"ATRIBUTOS", -"authLevel":"Nivel de autentificación", -"authPortal":"Portal de autenticación", -"authRemaining":"%s autenticaciones restantes, ¡cambie su contraseña!", -"autoAccept":"Aceptar automáticamente en 30 segundos ", -"autoGlobalLogout":"Desconexión global automática en 30 segundos", -"back2CasUrl":"La aplicación de la cual se acaba de desconectar le ha enviado un enlace y le gustaría que lo siguiese", -"back2Portal":"Volver al portal", -"badCode":"Código incorrecto", -"badName":"Nombre incorrecto", -"cancel":"Cancelar", -"captcha":"Captcha", -"certificateReset":"Reiniciar mi certificado", -"changeKey":"Generar nueva llave", -"changePwd":"Cambie su contraseña", -"checkLastLogins":"Verificar mis últimos accesos", -"checkUser":"Verificar el perfil SSO del usuario ", -"checkUserComputedSession":"No SSO session found. Computed data!", -"checkUserMerged":"Verifique el perfil SSO del usuario. ¡Algunos grupos SSO (reales y suplantados) están fusionados!", -"checkUserComputeSession":"Computed session data!", -"choose2f":"Seleccione su segundo factor", -"chooseApp":"Elija una aplicación a la cual se le está permitido acceder", -"cipheredValue":"Valor cifrado", -"click2Reset":"Pulse aquí para restaurar el password", -"click2ResetCertificate":"Pulse aquí para reiniciar su certificado", -"clickHere":"Por favor haga clic aquí", -"clickOnYubikey":"Haga clic en su Yubikey", -"closeSSO":"Cierre su sesión SSO", -"code":"Código", -"confirmation":"Confirmación", -"confirmLinkSent":"Un enlace de confirmación ha sido enviado. Este enlace es válido hasta", -"confirmPwd":"Confirmar contraseña", -"connect":"Conectar", -"connectedAs":"Conectado como ", -"contextSwitching_ON":"Suplantar otro usuario", -"contextSwitching_OFF":"Parar suplantación", -"continue":"Continuar", -"createAccount":"Crear una cuenta", -"current":"Actual", -"currentPwd":"Contraseña actual", -"date":"Fecha", -"decryptCipheredValue":"Desencriptar un valor cifrado", -"enterCred":"Por favor ingrese sus credenciales", -"enterExt2fCode":"Un código le ha sido enviado. Por favor ingréselo ", -"enterMail2fCode":"Un código le ha sido enviado a dirección de e-mail. Por favor ingréselo", -"enterOpenIDLogin":"Por favor ingrese su usuario OpenID", -"enterRadius2fCode":"Por favor ingrese su código OTP", -"enterRest2fCode":"Por favor ingrese su código OTP", -"enterTotpCode":"Ingrese el código TOTP", -"enterYubikey":"Por favor utilice su Yubikey", -"errorMsg":"Mensaje de Error", -"expired2Fremoved":"¡%s dispositivos 2F caducados han sido suprimidos!", -"explorer":"Explorer", -"ext2f":"Código de verificación", -"fillTheForm":"Llene el formulario", -"firstName":"Nombre", -"forbidden":"Acceso DENEGADO", -"forgotPwd":"Contraseña olvidada?", -"generatePwd":"Generar la contraseña automáticamente", -"globalLogout":"Desconexión global", -"gotNewMessages":"Tiene mensajes nuevos", -"goToPortal":"Ir al portal", -"gplSoft":"Software libre cubierto bajo licencia GPL", -"groups_sso":"GRUPOS SSO", -"headers":"ENCABEZADOS", -"hello":"Hola", -"hide":"Hide", -"id":"Id", -"imSure":"Estoy seguro", -"info":"Información", -"ipAddr":"Dirección IP", -"key":"Llave", -"lastFailedLogins":"Últimas conexiones fallidas", -"lastFailedLoginsCaptionLabel":"Last failed logins", -"lastLogins":"Últimas conexiones", -"lastLoginsCaptionLabel":"Last logins", -"lastName":"Apellido(s)", -"linkValidUntil":"Este mensaje contiene un enlace para reiniciar su contraseña, este enlace es válido hasta", -"linkValidUntilCertif":"Este mensaje contiene un link para reiniciar su certificado. Este link is válido hasta", -"loginHistory":"Historial de conexión", -"login":"Usuario", -"logout":"Desconexión ", -"logoutConfirm":"¿Desea desconectarse?", -"logoutFromOtherApp":"Desconectarse de otras aplicaciones...", -"logoutFromSP":"Desconectando proveedor de servicios...", -"macros":"MACROS", -"mail":"E-mail", -"mail2f":"Código de e-mail", -"mailSent2":"Un mensaje ha sido enviado a su dirección de e-mail", -"maintenanceMode":"Aplicación en mantenimiento, por favor intente conectarse luego", -"maxNumberof2FDevicesReached":"¡El límite de dispositivos 2F ha sido alcanzado!", -"missingCode":"Código faltante", -"myNotification":"My accepted notification", -"myNotifications":"My accepted notifications", -"name":"Nombre", -"newMessages":"Nuevo(s) mensaje(s)", -"newPassword":"Contraseña nueva", -"newPwdSentTo":"Una confirmación ha sido enviada a su dirección de e-mail.", -"noHistory":"Esta es su primera conexión, bienvenido.", -"noNotification":"None accepted notification found", -"notAnEncryptedValue":"No es un valor encriptado", -"notAuthorized":"Usted no está autorizado a hacer esto", -"notAuthorizedAuthLevel":"This action requires a higher authentication level", -"notFound":"No encontrado: página no disponible", -"noTOTPFound":"TOTP no encontrado", -"noU2FKeyFound":"Llave U2F no encontrada", -"notificationNotFound":"Notification not found in DataBase", -"notificationRetrieveFailed":"Unable to retrieve notification", -"notificationsExplorer":"Notifications explorer", -"oidcConsent":"La aplicación %s quisiera:", -"oidcConsents":"Permisos OIDC", -"oidcConsentsFull":"Permisos OpenID Connect", -"oneExpired2Fremoved":"¡Un dispositivo 2F caducado ha sido suprimido!", -"openidAp":"¿Está de acuerdo en proporcionar los siguientes parámetros?", -"openIdExample":"por ejemplo:http://myopenid.org/juan", -"openidExchange":"¿Desea autenticarse en %s?", -"openidPA":"La política de uso de datos está disponible en", -"openidRpns":"El parámetro %s solicitado por la agrupación no está disponible", -"openSessionSpace":"Este espacio le permite abrir una sesión SSO. Esto le ayudará a acceder de manera segura a todas las aplicaciones autorizadas por su perfil.", -"openSSOSession":"Abra su sesión SSO", -"otherSessions":"Otras sesiones activas", -"password":"Contraseña", -"passwordPolicy":"Por favor respete la siguiente política de seguridad:", -"passwordPolicyMinSize":"Tamaño mínimo:", -"passwordPolicyMinLower":"Minúsculas, como mínimo:", -"passwordPolicyMinUpper":"Mayúsculas, como mínimo:", -"passwordPolicyMinDigit":"Dígitos, como mínimo:", -"passwordPolicyMinSpeChar":"Minimal special characters:", -"passwordPolicyNone":"You are free to choose your password!", -"passwordPolicySpecialChar":"Allowed special characters:", -"ppGrace":"autenticaciones restantes, ¡cambie su contraseña!.", -"proxyError":"Puerta de enlace no válida: servidor remoto inalcanzable", -"pwd":"Contraseña", -"pwdChange":"Cambio de contraseña", -"pwdChanged":"Se ha cambiado con éxito la palabra de paso", -"pwdResetAlreadyIssued":"Ya fue expedida una solicitud de reinicio de contraseña", -"pwdWillExpire":"Faltan %s días, %s horas, %s minutos y %s segundos para que su contraseña caduque.", -"radius2f":"Radius", -"redirectedFrom":"Ha sido redirigido desde", -"redirectedIn":"Usted será redirigido en 30 segundos", -"redirectionInProgress":"Redirigiendo...", -"redirectionToIdp":"Redirigiendo hacia su proveedor de identidad", -"reference":"Reference", -"refreshrights":"Actualizar mis derechos", -"refuse":"Rechazar", -"register":"Registrar", -"registerRequestAlreadyIssued":"Ya fue expedida una solicitud de registro para esta cuenta", -"rememberChoice":"Recordar mi elección", -"removeOtherSessions":"Suprimir las otras sesiones", -"renewSession":"Renew session", -"resendConfirmMail":"¿Reenviar e-mail de confirmación?", -"resentConfirm":"¿Desea que el e-mail de confirmación sea reenviado?", -"resetFavApps":"Reset my favorite Apps.", -"resetCertificateOK":"Su certificado ha sido reiniciado con éxito", -"resetPwd":"Reiniciar mi contraseña", -"rest2f":"Código de verificación", -"rightsReloadNeedsLogout":"La recarga de derechos necesita desconectarse y conectarse de nuevo", -"scope":"Alcance", -"search":"Buscar", -"seconds":"seconds", -"selectIdP":"Seleccione su proveedor de identidad", -"service":"Servicio", -"sendPwd":"Enviarme un enlace", -"serverError":"Ocurrió un error en el servidor", -"serviceProvidedBy":"Servicio proveído por", -"sessionsDeleted":"Las siguientes sesiones han sido cerradas", -"sfaManager":"Administrador 2ndFA", -"showhidePasswords":"Show/Hide passwords", -"spoofId":"Identificador suplantado", -"SSOSessionInactive":"Sesión SSO inactiva", -"startTime":"Fecha de creación", -"stayConnected":"Seguir conectado en este dispositivo", -"submit":"Enviar", -"switchContext":"Cambiar contexto", -"totp2f":"Aplicación OTP", -"totpExistingKey":"Un secreto TOTP ya existe", -"touchU2fDevice":"Por favor toque el dispositivo U2F centelleante ahora.", -"touchU2fDeviceOrEnterTotp":"Por favor toque el dispositivo U2F centelleante o ingrese el código TOTP.", -"type":"Tipo", -"UA":"User agent", -"u2f":"Llave U2F", -"u2fFailed":"La verificación U2F ha fallado. Reintente o póngase en contacto con su administrador", -"u2fPermission":"Es posible que se le pida su autorización para acceder a sus llaves de seguridad. Después de autorizar el acceso, el dispositivo comenzará a centellear.", -"u2fWelcome":"Administración de dispositivos U2F", -"unableToGetKey":"Imposible acceder a su llave. Reintente o póngase en contacto con su administrador", -"unknownAction":"Acción desconocida", -"unregister":"Suprimir", -"updateCdc":"Actualizar el cookie de dominio común", -"updateTime":"Fecha de actualización", -"upgradeSession":"Actualizar la sesión", -"user":"Usuario", -"useYubikey":"utilice su Yubikey", -"utotp2f":"TOTP-o-U2F", -"value":"Valor", -"validationDate":"Validation date", -"verify":"Verificar", -"VHnotFound":"Virtual Host no encontrado", -"wait":"Esperar", -"waitingmessage":"Autenticación en progreso, espere por favor", -"warning":"Precaución", -"welcomeOnPortal":"Bienvenido a su portal de autenticación.", -"yesResendMail":"Sí, reenviar el e-mail", -"yourAddress":"Conozca su dirección", -"yourApps":"Sus aplicaciones", -"yourFavApps":"Favorite applications", -"yourEmail":"Conozca su correo", -"yourIdentity":"Conozca su identidad", -"yourIdentityIs":"Su identidad es", -"yourKeyIsRegistered":"Su llave está registrada", -"yourKeyIsAlreadyRegistered":"¡Su llave YA FUE registrada!", -"yourKeyIsUnregistered":"Su llave ha sido suprimida", -"yourKeyIsVerified":"Su llave está verificada", -"yourNewTotpKey":"Su nueva llave TOTP, por favor pruébela e ingrese el código", -"yourOffline":"Acceda a su cuenta mientras está offline", -"yourPhone":"Conozca su número de teléfono", -"yourProfile":"Conozca su perfil", -"yourTotpKey":"Su llave TOTP", -"yubikey2f":"Yubikey" -} diff --git a/lemonldap-ng-portal/site/templates/bootstrap/sslformChoice.tpl b/lemonldap-ng-portal/site/templates/bootstrap/sslformChoice.tpl new file mode 100644 index 000000000..a3f3c98fb --- /dev/null +++ b/lemonldap-ng-portal/site/templates/bootstrap/sslformChoice.tpl @@ -0,0 +1,25 @@ + + + + +
+ +
+ + common/modules/" alt="" class="img-thumbnail mb-3" /> + + common/modules/SSL.png" alt="" class="img-thumbnail mb-3" /> + + +
+ + + + + +
diff --git a/lemonldap-ng-portal/site/templates/common/mail/es.json b/lemonldap-ng-portal/site/templates/common/mail/es.json new file mode 100644 index 000000000..b450bc92c --- /dev/null +++ b/lemonldap-ng-portal/site/templates/common/mail/es.json @@ -0,0 +1,20 @@ +{ +"resetCertificat":"Su certificado fue reiniciado", +"accountCreated":"Su cuenta ha sido creada, su contraseña temporal ha sido enviada a su dirección de e-mail.", +"autoMail":"Este e-mail ha sido enviado automáticamente", +"click2Register":"Haga clic para confirmar el registro de su cuenta", +"click2Reset":"Haga clic para reiniciar su contraseña", +"goToPortal":"Ir al portal", +"hello":"Hola", +"mail2fSubject":"[LemonLDAP::NG] Su código de acceso", +"mailConfirmSubject":"[LemonLDAP::NG] Confirmación de reinicio de contraseña", +"mailSubject":"[LemonLDAP::NG] Su nueva contraseña", +"newPwdIs":"Su nueva contraseña es", +"pwdChanged":"Su contraseña ha sido cambiada.", +"pwdIs":"Su contraseña es", +"registerConfirmSubject":"[LemonLDAP::NG] Confirmación de creación de cuenta", +"registerDoneSubject":"[LemonLDAP::NG] Su nueva cuenta", +"requestIssuedFromIP":"El pedido fue emitido desde la IP", +"yourLoginCodeIs":"Su código de acceso es ", +"yourLoginIs":"Su nombre de usuario es" +} \ No newline at end of file diff --git a/lemonldap-ng-portal/site/templates/common/mail/zh_TW.json b/lemonldap-ng-portal/site/templates/common/mail/zh_TW.json new file mode 100644 index 000000000..96270d7e5 --- /dev/null +++ b/lemonldap-ng-portal/site/templates/common/mail/zh_TW.json @@ -0,0 +1,20 @@ +{ +"resetCertificat":"您的憑證已被重設", +"accountCreated":"已建立您的帳號,您的臨時密碼已寄送至您的電子郵件地址。", +"autoMail":"該郵件已自動寄送", +"click2Register":"點擊此處以確認您的帳號註冊", +"click2Reset":"點擊此處以重設您的密碼", +"goToPortal":"回到首頁", +"hello":"您好", +"mail2fSubject":"[LemonLDAP::NG] 您的登入代碼", +"mailConfirmSubject":"[LemonLDAP::NG] 確認重設密碼", +"mailSubject":"[LemonLDAP::NG] 您的新密碼", +"newPwdIs":"您的新密碼為", +"pwdChanged":"您的密碼已變更", +"pwdIs":"您的密碼為", +"registerConfirmSubject":"[LemonLDAP::NG] 確認帳號註冊", +"registerDoneSubject":"[LemonLDAP::NG] 您的新帳號", +"requestIssuedFromIP":"請求發出從 IP", +"yourLoginCodeIs":"您的登入代碼為", +"yourLoginIs":"您的登入為" +} \ No newline at end of file diff --git a/lemonldap-ng-portal/t/01-Unauth-Logout.t b/lemonldap-ng-portal/t/01-Unauth-Logout.t new file mode 100644 index 000000000..2e9467382 --- /dev/null +++ b/lemonldap-ng-portal/t/01-Unauth-Logout.t @@ -0,0 +1,45 @@ +use Test::More; +use strict; + +require 't/test-lib.pm'; + +my $res; +my $client = LLNG::Manager::Test->new( + { ini => { logLevel => 'error', useSafeJail => 1 } } ); + +# Test unauthenticated logout request with param +ok( + $res = $client->_get( + '/', + query => 'logout', + accept => 'text/html' + ), + 'Get logout page' +); +ok( $res->[2]->[0] =~ m%%, ' Language icons found' ) + or print STDERR Dumper( $res->[2]->[0] ); +ok( $res->[2]->[0] =~ m%
%, ' PE_LOGOUT_OK' ) + or print STDERR Dumper( $res->[2]->[0] ); +expectCookie($res); +count(3); + +# Test unauthenticated logout request access with route +ok( + $res = $client->_get( + '/logout', + accept => 'text/html' + ), + 'Get logout page' +); +ok( $res->[2]->[0] =~ m%%, ' Language icons found' ) + or print STDERR Dumper( $res->[2]->[0] ); +ok( $res->[2]->[0] =~ m%
%, ' PE_LOGOUT_OK' ) + or print STDERR Dumper( $res->[2]->[0] ); +expectCookie($res); +count(3); + +#print STDERR Dumper($res); + +clean_sessions(); + +done_testing( count() ); diff --git a/lemonldap-ng-portal/t/21-Auth-LDAP-utf8.t b/lemonldap-ng-portal/t/21-Auth-LDAP-attributes.t similarity index 86% rename from lemonldap-ng-portal/t/21-Auth-LDAP-utf8.t rename to lemonldap-ng-portal/t/21-Auth-LDAP-attributes.t index 3c460caf0..b23fd0f59 100644 --- a/lemonldap-ng-portal/t/21-Auth-LDAP-utf8.t +++ b/lemonldap-ng-portal/t/21-Auth-LDAP-attributes.t @@ -5,7 +5,7 @@ use IO::String; require 't/test-lib.pm'; my $res; -my $maintests = 8; +my $maintests = 11; SKIP: { skip 'LLNGTESTLDAP is not set', $maintests unless ( $ENV{LLNGTESTLDAP} ); @@ -26,7 +26,9 @@ SKIP: { managerPassword => 'admin', restSessionServer => 1, ldapExportedVars => { - cn => 'cn', + cn => 'cn', + displayName => 'displayName', + roomNumber => 'roomNumber', }, } } @@ -56,6 +58,7 @@ SKIP: { or print STDERR $@; ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' ) or explain( $res, 'cn => Frédéric Accents' ); + ok( exists $res->{displayName}, 'displayName is present' ); # 2- Characters UTF-8 only ok( @@ -74,6 +77,8 @@ SKIP: { or print STDERR $@; ok( $res->{cn} eq 'Русский', 'UTF-8 values' ) or explain( $res, 'cn => Русский' ); + is( $res->{roomNumber}, 0, 'attribute with value of 0 present' ); + ok( !exists $res->{displayName}, 'missing LDAP attribute is not stored' ); clean_sessions(); } diff --git a/lemonldap-ng-portal/t/24-AuthKerberos.t b/lemonldap-ng-portal/t/24-AuthKerberos.t index 95d59398e..86b6bd375 100644 --- a/lemonldap-ng-portal/t/24-AuthKerberos.t +++ b/lemonldap-ng-portal/t/24-AuthKerberos.t @@ -154,7 +154,7 @@ SKIP: { ), 'Push fake kerberos in an allowed domain' ); - my $id = expectCookie($res); + $id = expectCookie($res); } count($maintests); diff --git a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST.t b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST.t index 93d0ac04a..74ba5fcf0 100644 --- a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST.t +++ b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST.t @@ -141,7 +141,7 @@ SKIP: { # Verify authentication on SP expectRedirection( $res, 'http://auth.sp.com' ); my $spId = expectCookie($res); - my $rawCookie = getHeader( $res, 'Set-Cookie' ); + $rawCookie = getHeader( $res, 'Set-Cookie' ); ok( $rawCookie =~ /;\s*SameSite=None/, 'Found SameSite=None' ); ok( $res = $sp->_get( '/', cookie => "lemonldap=$spId" ), 'Get / on SP' ); diff --git a/lemonldap-ng-portal/t/30-SAML-POST-with-2F-UpgradeOnly.t b/lemonldap-ng-portal/t/30-SAML-POST-with-2F-UpgradeOnly.t index fe2b9ef5b..1ad7d3a94 100644 --- a/lemonldap-ng-portal/t/30-SAML-POST-with-2F-UpgradeOnly.t +++ b/lemonldap-ng-portal/t/30-SAML-POST-with-2F-UpgradeOnly.t @@ -170,7 +170,7 @@ qr%(\d{4})%, 'Found 2F code in mail' ) or print STDERR Dumper( mail() ); - my $code = $1; + $code = $1; $s =~ s/code=/code=${code}/; ok( @@ -265,7 +265,7 @@ qr%_get( '/', cookie => "lemonldap=$spId" ), 'Get / on SP' ); expectOK($res); diff --git a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-info.t b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-info.t index 14d9c66ca..0dea07b46 100644 --- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-info.t +++ b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-info.t @@ -12,7 +12,7 @@ BEGIN { } my $debug = 'error'; -my ( $op, $rp, $res ); +my ( $op, $rp, $res, $url ); my $access_token; @@ -89,7 +89,7 @@ count(3); # Do a user login to have an existing session -my $res; +$res; my $query = "user=french&password=french"; ok( $res = $op->_post( @@ -112,7 +112,7 @@ count(1); # Query RP for auth ok( $res = $rp->_get( '/', accept => 'text/html' ), 'Unauth SP request' ); count(1); -my ( $url, $query ) = +( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP diff --git a/lemonldap-ng-portal/t/64-StayConnected-with-2F-and-History.t b/lemonldap-ng-portal/t/64-StayConnected-with-2F-and-History.t index 74d709f2f..7be28c4a3 100644 --- a/lemonldap-ng-portal/t/64-StayConnected-with-2F-and-History.t +++ b/lemonldap-ng-portal/t/64-StayConnected-with-2F-and-History.t @@ -367,7 +367,7 @@ JjTJecOOS+88fK8qL1TrYv5rapIdqUI7aQ== ) or print STDERR Dumper( $res->[2]->[0] ); ok( $res->[2]->[0] =~ /trspan="lastLogins"/, 'History found' ) or explain( $res->[2]->[0], 'trspan="lastLogins"' ); - my @c = ( $res->[2]->[0] =~ /127.0.0.1/gs ); + @c = ( $res->[2]->[0] =~ /127.0.0.1/gs ); # History with 3 successLogins ok( @c == 3, " -> Three entries found" ) diff --git a/lemonldap-ng-portal/t/65-CheckState.t b/lemonldap-ng-portal/t/65-CheckState.t new file mode 100644 index 000000000..e1dd93dc1 --- /dev/null +++ b/lemonldap-ng-portal/t/65-CheckState.t @@ -0,0 +1,86 @@ +use Test::More; +use strict; + +require 't/test-lib.pm'; + +my $res; + +my $client = LLNG::Manager::Test->new( { + ini => { + logLevel => 'error', + authentication => 'Demo', + checkStateSecret => 'x', + checkState => 1, + userDB => 'Same', + } + } +); + +ok( $res = $client->_get( '/checkstate', accept => 'application/json' ), + 'Test no secret' ); +expectReject( $res, 500, "Bad secret" ); + +ok( + $res = $client->_get( + '/checkstate', + accept => 'application/json', + query => 'secret=xx' + ), + 'Test bad secret, no user auth' +); +expectReject( $res, 500, "Bad secret" ); + +ok( + $res = $client->_get( + '/checkstate', + accept => 'application/json', + query => 'secret=x' + ), + 'Test correct secret, no user auth' +); +my $j = expectJSON($res); +is( $j->{result}, 1, "response has a result key with value 1" ); + +ok( + $res = $client->_get( + '/checkstate', + accept => 'application/json', + query => 'user=dwho&password=dwho' + ), + 'Test no secret with user auth' +); +expectReject( $res, 500, "Bad secret" ); + +ok( + $res = $client->_get( + '/checkstate', + accept => 'application/json', + query => 'secret=xx&user=dwho&password=dwho' + ), + 'Test incorrect secret with user auth' +); +expectReject( $res, 500, "Bad secret" ); + +ok( + $res = $client->_get( + '/checkstate', + accept => 'application/json', + query => 'secret=x&user=dwho&password=davros' + ), + 'Test correct secret with bad user auth' +); +expectReject( $res, 500, "Bad result during auth: 5" ); + +is( $j->{result}, 1, "response has a result key with value 1" ); +ok( + $res = $client->_get( + '/checkstate', + accept => 'application/json', + query => 'secret=x&user=dwho&password=dwho' + ), + 'Test correct secret with good user auth' +); +my $j = expectJSON($res); +is( $j->{result}, 1, "response has a result key with value 1" ); + +done_testing(); diff --git a/lemonldap-ng-portal/t/66-CDA-with-doubleCookies.t b/lemonldap-ng-portal/t/66-CDA-with-doubleCookies.t new file mode 100644 index 000000000..9529474cf --- /dev/null +++ b/lemonldap-ng-portal/t/66-CDA-with-doubleCookies.t @@ -0,0 +1,164 @@ +use Test::More; +use strict; +use IO::String; + +use Lemonldap::NG::Portal::Main::Constants qw( + PE_FIRSTACCESS +); + +require 't/test-lib.pm'; + +my $res; + +# Portal +my $client = LLNG::Manager::Test->new( { + ini => { + logLevel => 'error', + useSafeJail => 1, + cda => 1, + logger => 'Lemonldap::NG::Common::Logger::Std', + https => -1, + securedCookie => 2, + } + } +); + +# Handler +use_ok('Lemonldap::NG::Handler::Server'); +use_ok('Lemonldap::NG::Handler::Main'); +use_ok('Lemonldap::NG::Common::PSGI::Cli::Lib'); +my $app; +ok( $app = Lemonldap::NG::Handler::Server->run( $client->ini ), 'App' ); +count(4); + +# Authentification +my $query = 'user=dwho&password=dwho'; +ok( + $res = $client->_post( + '/' => IO::String->new($query), + length => length($query), + accept => 'text/html', + secure => 1, + ), + 'Post credentials' +); +count(1); +my $id = expectCookie($res); +my $httpid = expectCookie( $res, 'lemonldaphttp' ); + +# CDA to http +ok( + $res = $client->_get( + '/', + query => 'url=' . encodeUrl('http://test.example.org/'), + accept => 'text/html', + cookie => "lemonldap=$id, lemonldaphttp=$httpid", + secure => 1, + ), + 'CDA request to http vhost' +); +count(1); + +($query) = + expectRedirection( $res, qr#^http://test.example.org/\?(lemonldapcda=.*)$# ); + +validateCda( $query, 'http' ); + +# CDA to https +ok( + $res = $client->_get( + '/', + query => 'url=' . encodeUrl('https://test.example.org/'), + accept => 'text/html', + cookie => "lemonldap=$id, lemonldaphttp=$httpid", + secure => 1, + ), + 'CDA request to https vhost' +); +count(1); + +($query) = + expectRedirection( $res, qr#^https://test.example.org/\?(lemonldapcda=.*)$# ); + +validateCda( $query, 'https' ); + +# Try to CDA to http when accessing the portal over http (#2382) +ok( + $res = $client->_get( + '/', + query => 'url=' . encodeUrl('http://test.example.org/'), + accept => 'text/html', + cookie => "lemonldap=$id, lemonldaphttp=$httpid", + secure => 0, + ), + 'CDA request to https vhost' +); +count(1); + +expectPortalError( $res, 24 ); + +clean_sessions(); + +done_testing( count() ); + +sub validateCda { + my ( $query, $scheme ) = @_; + my $cookiename = ( $scheme eq 'https' ? 'lemonldap' : 'lemonldaphttp' ); + my $port = ( $scheme eq 'https' ? 443 : 80 ); + my $res; + ok( + $res = $app->( { + 'HTTP_ACCEPT' => 'text/html', + 'SCRIPT_NAME' => '/', + 'SERVER_NAME' => '127.0.0.1', + 'QUERY_STRING' => $query, + 'HTTP_CACHE_CONTROL' => 'max-age=0', + 'HTTP_ACCEPT_LANGUAGE' => 'fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3', + 'PATH_INFO' => '/', + 'REQUEST_METHOD' => 'GET', + 'REQUEST_URI' => "/?$query", + 'X_ORIGINAL_URI' => "/?$query", + 'SERVER_PORT' => $port, + 'SERVER_PROTOCOL' => 'HTTP/1.1', + 'HTTP_USER_AGENT' => + 'Mozilla/5.0 (VAX-4000; rv:36.0) Gecko/20350101 Firefox', + 'REMOTE_ADDR' => '127.0.0.1', + 'HTTP_HOST' => 'test.example.org', + 'VHOSTTYPE' => 'CDA', + 'psgi.url_scheme' => $scheme, + } + ), + 'Push cda cookie' + ); + count(1); + expectRedirection( $res, $scheme . '://test.example.org/' ); + my $cid = expectCookie( $res, $cookiename ); + + ok( + $res = $app->( { + 'HTTP_ACCEPT' => 'text/html', + 'SCRIPT_NAME' => '/', + 'SERVER_NAME' => '127.0.0.1', + 'HTTP_COOKIE' => "$cookiename=$cid", + 'HTTP_CACHE_CONTROL' => 'max-age=0', + 'HTTP_ACCEPT_LANGUAGE' => 'fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3', + 'PATH_INFO' => '/', + 'REQUEST_METHOD' => 'GET', + 'REQUEST_URI' => "/", + 'X_ORIGINAL_URI' => "/", + 'SERVER_PORT' => $port, + 'SERVER_PROTOCOL' => 'HTTP/1.1', + 'HTTP_USER_AGENT' => + 'Mozilla/5.0 (VAX-4000; rv:36.0) Gecko/20350101 Firefox', + 'REMOTE_ADDR' => '127.0.0.1', + 'HTTP_HOST' => 'test.example.org', + 'VHOSTTYPE' => 'CDA', + 'psgi.url_scheme' => $scheme, + } + ), + 'Authenticated query' + ); + count(1); + expectOK($res); + expectAuthenticatedAs( $res, 'dwho' ); +} diff --git a/lemonldap-ng-portal/t/67-CheckUser-with-Global-token.t b/lemonldap-ng-portal/t/67-CheckUser-with-Global-token.t index f71348fb6..13b82edd9 100644 --- a/lemonldap-ng-portal/t/67-CheckUser-with-Global-token.t +++ b/lemonldap-ng-portal/t/67-CheckUser-with-Global-token.t @@ -70,12 +70,47 @@ ok( $res->[2]->[0] =~ m%%, 'Found trspan="checkUser"' ) or explain( $res->[2]->[0], 'trspan="checkUser"' ); count(1); +# Wildcarded VHost +$query =~ s/url=/url=http%3A%2F%2Fappli.example.llng/; + +ok( + $res = $client->_post( + '/checkuser', + IO::String->new($query), + cookie => "lemonldap=$id", + length => length($query), + accept => 'text/html', + ), + 'POST checkuser' +); +ok( $res->[2]->[0] =~ m%%, 'Found allowed' ) + or explain( $res->[2]->[0], 'trspan="allowed"' ); +count(2); +( $host, $url, $query ) = + expectForm( $res, undef, '/checkuser', 'user', 'url', 'token' ); + +# Bad VHost (checkXSS) +$query =~ s/url=http%3A%2F%2Fappli.example.llng/url=http%3A%2F%2Fappli'.example.llng/; + +ok( + $res = $client->_post( + '/checkuser', + IO::String->new($query), + cookie => "lemonldap=$id", + length => length($query), + accept => 'text/html', + ), + 'POST checkuser' +); +ok( $res->[2]->[0] =~ m%%, 'Found VHnotFound' ) + or explain( $res->[2]->[0], 'trspan="VHnotFound"' ); +count(2); +( $host, $url, $query ) = + expectForm( $res, undef, '/checkuser', 'user', 'url', 'token' ); + # Skipping time until the form token has expired Time::Fake->offset("+5m"); -$query =~ s/user=/user=rtyler/; -$query =~ s/url=/url=http%3A%2F%2Ftest1.example.com/; - ok( $res = $client->_post( '/checkuser', @@ -143,7 +178,6 @@ ok( $res->[2]->[0] =~ m%uid%, 'Found uid' ) or explain( $res->[2]->[0], 'Attribute Value uid' ); count(12); -$query =~ s/user=dwho/user=msmith/; $query =~ s/url=http%3A%2F%2Ftest1.example.com/url=http%3A%2F%2Fmanager.example.com%2Fmanager.html/; diff --git a/lemonldap-ng-portal/t/67-CheckUser-with-Impersonation-and-Macros.t b/lemonldap-ng-portal/t/67-CheckUser-with-Impersonation-and-Macros.t index 6b8babaa4..3c90176b9 100644 --- a/lemonldap-ng-portal/t/67-CheckUser-with-Impersonation-and-Macros.t +++ b/lemonldap-ng-portal/t/67-CheckUser-with-Impersonation-and-Macros.t @@ -36,6 +36,11 @@ my $client = LLNG::Manager::Test->new( { authGroup => '$authenticationLevel == 1', realAuthGroup => '$real_authenticationLevel == 1', }, + vhostOptions => { + 'test2.example.com' => { + vhostHttps => 1 + } + }, } } ); @@ -117,6 +122,11 @@ count(1); ( $host, $url, $query ) = expectForm( $res, undef, '/checkuser', 'user', 'url' ); +ok( + $res->[2]->[0] =~ +m%[2]->[0], 'HTTP url' ); ok( $res->[2]->[0] =~ m%
%, @@ -142,7 +152,7 @@ ok( $res->[2]->[0] =~ m%Macro_1%, 'Found uid' ) ok( my $nbr = ( $res->[2]->[0] =~ s%Macro_1%%g ), 'Found two macros' ) or explain( $res->[2]->[0], 'Macros not well computed' ); -count(10); +count(11); ok( $res = $client->_get( @@ -186,6 +196,39 @@ ok( $res->[2]->[0] =~ m%
realAuthGroup
%, or explain( $res->[2]->[0], 'Found group "realAuthGroup"' ); count(7); +ok( + $res = $client->_get( + '/checkuser', + cookie => "lemonldap=$id", + accept => 'text/html' + ), + 'CheckUser form', +); +count(1); +( $host, $url, $query ) = + expectForm( $res, undef, '/checkuser', 'user', 'url' ); + +$query =~ s/url=/url=test2.example.com/; + +ok( + $res = $client->_post( + '/checkuser', + IO::String->new($query), + cookie => "lemonldap=$id", + length => length($query), + accept => 'text/html', + ), + 'POST checkuser' +); +( $host, $url, $query ) = + expectForm( $res, undef, '/checkuser', 'user', 'url' ); +ok( + $res->[2]->[0] =~ +m%[2]->[0], 'HTTP url' ); +count(2); + $client->logout($id); clean_sessions(); diff --git a/lemonldap-ng-portal/t/67-CheckUser-with-UnrestrictedUser.t b/lemonldap-ng-portal/t/67-CheckUser-with-UnrestrictedUser.t index 5dcd2eb38..6ca20413b 100644 --- a/lemonldap-ng-portal/t/67-CheckUser-with-UnrestrictedUser.t +++ b/lemonldap-ng-portal/t/67-CheckUser-with-UnrestrictedUser.t @@ -23,7 +23,13 @@ my $client = LLNG::Manager::Test->new( { checkUserDisplayPersistentInfo => 0, checkUserDisplayComputedSession => 1, checkUserDisplayEmptyValues => 0, + checkUserDisplayEmptyHeaders => 1, impersonationMergeSSOgroups => 0, + checkUserHiddenHeaders => { + 'test1.example.com' => 'Auth-User emptyHeader', + 'test2.example.com' => '', + '*.example.llng' => '', + } } } ); @@ -117,7 +123,7 @@ count(1); expectOK($res); my $id2 = expectCookie($res); -# Try chckUser with a forbidden identity existing in DB +# Try checkUser with a forbidden identity existing in DB $query =~ s/user=msmith/user=rtyler/; ok( $res = $client->_post( @@ -208,6 +214,7 @@ $client->logout($id2); # Try checkUser with a forbidden identity $query =~ s/user=dwho/user=rtyler/; +$query =~ s/url=/url=test1/; ok( $res = $client->_post( '/checkuser', @@ -225,6 +232,122 @@ ok( $res->{MSG} eq 'checkUserComputedSession', 'Computed session' ) or print STDERR Dumper($res); count(2); +# Headers are not masked +my @auth_user = map { $_->{key} eq 'Auth-User' ? $_ : () } @{ $res->{HEADERS} }; +my @empty = map { $_->{key} eq 'emptyHeader' ? $_ : () } @{ $res->{HEADERS} }; +ok( $auth_user[0]->{value} eq 'rtyler', 'Auth-User is not masked' ) + or explain( $res->{HEADERS}, 'Auth-User header value' ); +ok( $empty[0]->{value} eq '', 'emptyHeader is not masked' ) + or explain( $res->{HEADERS}, 'emptyHeader header value' ); +count(2); + +## Try to authenticate +ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu', ); +count(1); +( $host, $url, $query ) = expectForm( $res, '#', undef, 'user', 'password' ); + +$query =~ s/user=/user=dwho/; +$query =~ s/password=/password=dwho/; +ok( + $res = $client->_post( + '/', + IO::String->new($query), + length => length($query), + accept => 'text/html', + ), + 'Auth query' +); +count(1); + +$id = expectCookie($res); +expectRedirection( $res, 'http://auth.example.com/' ); + +# CheckUser form +ok( + $res = $client->_get( + '/checkuser', + cookie => "lemonldap=$id", + accept => 'text/html' + ), + 'CheckUser form', +); +count(1); +( $host, $url, $query ) = + expectForm( $res, undef, '/checkuser', 'user', 'url' ); +ok( $res->[2]->[0] =~ m%%, 'Found trspan="checkUser"' ) + or explain( $res->[2]->[0], 'trspan="checkUser"' ); +count(1); + +# Headers are masked +$query =~ s/url=/url=test1/; +ok( + $res = $client->_post( + '/checkuser', + IO::String->new($query), + cookie => "lemonldap=$id", + length => length($query), + ), + 'POST checkuser' +); +count(1); + +ok( $res = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' ) + or print STDERR "$@\n" . Dumper($res); + +@auth_user = map { $_->{key} eq 'Auth-User' ? $_ : () } @{ $res->{HEADERS} }; +@empty = map { $_->{key} eq 'emptyHeader' ? $_ : () } @{ $res->{HEADERS} }; +my @test = map { $_->{key} eq 'testHeader1' ? $_ : () } @{ $res->{HEADERS} }; +ok( $auth_user[0]->{value} eq '******', 'Auth-User is masked' ) + or explain( $res->{HEADERS}, 'Auth-User header value' ); +ok( $empty[0]->{value} eq '', 'emptyHeader is not masked' ) + or explain( $res->{HEADERS}, 'emptyHeader header value' ); +ok( $test[0]->{value} eq 'testHeader_value', 'testHeader1 is not masked' ) + or explain( $res->{HEADERS}, 'testHeader1 header value' ); +count(4); + +$query =~ s/url=test1/url=test2/; +ok( + $res = $client->_post( + '/checkuser', + IO::String->new($query), + cookie => "lemonldap=$id", + length => length($query), + ), + 'POST checkuser' +); +count(1); +ok( $res = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' ) + or print STDERR "$@\n" . Dumper($res); + +@auth_user = map { $_->{key} eq 'Auth-User' ? $_ : () } @{ $res->{HEADERS} }; +@empty = map { $_->{key} eq 'emptyHeader' ? $_ : () } @{ $res->{HEADERS} }; +ok( $auth_user[0]->{value} eq '******', 'Auth-User is masked' ) + or explain( $res->{HEADERS}, 'Auth-User header value' ); +count(2); + +$query =~ s/url=test2/url=*.example.llng/; +ok( + $res = $client->_post( + '/checkuser', + IO::String->new($query), + cookie => "lemonldap=$id", + length => length($query), + ), + 'POST checkuser' +); +count(1); +ok( $res = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' ) + or print STDERR "$@\n" . Dumper($res); + +@auth_user = map { $_->{key} eq 'Auth-User' ? $_ : () } @{ $res->{HEADERS} }; +@test = map { $_->{key} eq 'testHeader1' ? $_ : () } @{ $res->{HEADERS} }; +ok( $auth_user[0]->{value} eq '******', 'Auth-User is masked' ) + or explain( $res->{HEADERS}, 'Auth-User header value' ); +ok( $test[0]->{value} eq '******', 'testHeader1 is masked' ) + or explain( $res->{HEADERS}, 'testHeader1 header value' ); +count(3); + $client->logout($id); + clean_sessions(); done_testing( count() ); diff --git a/lemonldap-ng-portal/t/70-2F-TOTP-with-Range.t b/lemonldap-ng-portal/t/70-2F-TOTP-with-Range.t new file mode 100644 index 000000000..a60e70865 --- /dev/null +++ b/lemonldap-ng-portal/t/70-2F-TOTP-with-Range.t @@ -0,0 +1,239 @@ +use Test::More; +use strict; +use IO::String; + +require 't/test-lib.pm'; +my $maintests = 28; + +SKIP: { + eval { require Convert::Base32 }; + if ($@) { + skip 'Convert::Base32 is missing', $maintests; + } + eval { require Authen::OATH }; + if ($@) { + skip 'Authen::OATH is missing', $maintests; + } + require Lemonldap::NG::Common::TOTP; + + my $client = LLNG::Manager::Test->new( { + ini => { + logLevel => 'error', + totp2fSelfRegistration => 1, + totp2fActivation => 1, + totp2fRange => 2 + } + } + ); + my $res; + + # Try to authenticate + # ------------------- + ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu', ); + my ( $host, $url, $query ) = + expectForm( $res, '#', undef, 'user', 'password' ); + + $query =~ s/user=/user=dwho/; + $query =~ s/password=/password=dwho/; + ok( + $res = $client->_post( + '/', + IO::String->new($query), + length => length($query), + accept => 'text/html', + ), + 'Auth query' + ); + my $id = expectCookie($res); + expectRedirection( $res, 'http://auth.example.com/' ); + + # TOTP form + ok( + $res = $client->_get( + '/2fregisters', + cookie => "lemonldap=$id", + accept => 'text/html', + ), + 'Form registration' + ); + expectRedirection( $res, qr#/2fregisters/totp$# ); + ok( + $res = $client->_get( + '/2fregisters/totp', + cookie => "lemonldap=$id", + accept => 'text/html', + ), + 'Form registration' + ); + ok( $res->[2]->[0] =~ /totpregistration\.(?:min\.)?js/, 'Found TOTP js' ); + + # JS query + ok( + $res = $client->_post( + '/2fregisters/totp/getkey', IO::String->new(''), + cookie => "lemonldap=$id", + length => 0, + ), + 'Get new key' + ); + eval { $res = JSON::from_json( $res->[2]->[0] ) }; + ok( not($@), 'Content is JSON' ) + or explain( $res->[2]->[0], 'JSON content' ); + my ( $key, $token ); + ok( $key = $res->{secret}, 'Found secret' ); + ok( $token = $res->{token}, 'Found token' ); + $key = Convert::Base32::decode_base32($key); + + # Post code + my $code; + ok( $code = Lemonldap::NG::Common::TOTP::_code( undef, $key, 0, 30, 6 ), + 'Code' ); + ok( $code =~ /^\d{6}$/, 'Code contains 6 digits' ); + + my $s = "code=$code&token=$token"; + ok( + $res = $client->_post( + '/2fregisters/totp/verify', + IO::String->new($s), + length => length($s), + cookie => "lemonldap=$id", + ), + 'Post code' + ); + eval { $res = JSON::from_json( $res->[2]->[0] ) }; + ok( not($@), 'Content is JSON' ) + or explain( $res->[2]->[0], 'JSON content' ); + ok( $res->{result} == 1, 'Key is registered' ); + $client->logout($id); + + # Try to sign-in with a backward clock drift + ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu', ); + ( $host, $url, $query ) = + expectForm( $res, '#', undef, 'user', 'password' ); + + $query =~ s/user=/user=dwho/; + $query =~ s/password=/password=dwho/; + Time::Fake->offset("+55"); + ok( + $res = $client->_post( + '/', + IO::String->new($query), + length => length($query), + accept => 'text/html', + ), + 'Auth query' + ); + ( $host, $url, $query ) = expectForm( $res, undef, '/totp2fcheck' ); + + $query =~ s/code=/code=$code/; + ok( + $res = $client->_post( + '/totp2fcheck', IO::String->new($query), + length => length($query), + ), + 'Post code' + ); + $id = expectCookie($res); + $client->logout($id); + Time::Fake->reset; + + # Try to sign-in with a forward clock drift + ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu', ); + ( $host, $url, $query ) = + expectForm( $res, '#', undef, 'user', 'password' ); + + $query =~ s/user=/user=dwho/; + $query =~ s/password=/password=dwho/; + Time::Fake->offset("-55"); + ok( + $res = $client->_post( + '/', + IO::String->new($query), + length => length($query), + accept => 'text/html', + ), + 'Auth query' + ); + ( $host, $url, $query ) = expectForm( $res, undef, '/totp2fcheck' ); + + $query =~ s/code=/code=$code/; + ok( + $res = $client->_post( + '/totp2fcheck', IO::String->new($query), + length => length($query), + ), + 'Post code' + ); + $id = expectCookie($res); + $client->logout($id); + Time::Fake->reset; + + # Try to sign-in with an outrange backward clock drift + ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu', ); + ( $host, $url, $query ) = + expectForm( $res, '#', undef, 'user', 'password' ); + + $query =~ s/user=/user=dwho/; + $query =~ s/password=/password=dwho/; + Time::Fake->offset("+95"); + ok( + $res = $client->_post( + '/', + IO::String->new($query), + length => length($query), + accept => 'text/html', + ), + 'Auth query' + ); + ( $host, $url, $query ) = expectForm( $res, undef, '/totp2fcheck' ); + + $query =~ s/code=/code=$code/; + ok( + $res = $client->_post( + '/totp2fcheck', IO::String->new($query), + length => length($query), + accept => 'text/html', + ), + 'Post code' + ); + ok( $res->[2]->[0] =~ /<\/span>/, 'Bad TOTP' ) + or print STDERR Dumper( $res->[2]->[0] ); + Time::Fake->reset; + + # Try to sign-in with an outrange forward clock drift + ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu', ); + ( $host, $url, $query ) = + expectForm( $res, '#', undef, 'user', 'password' ); + + $query =~ s/user=/user=dwho/; + $query =~ s/password=/password=dwho/; + Time::Fake->offset("-90"); + ok( + $res = $client->_post( + '/', + IO::String->new($query), + length => length($query), + accept => 'text/html', + ), + 'Auth query' + ); + ( $host, $url, $query ) = expectForm( $res, undef, '/totp2fcheck' ); + + $query =~ s/code=/code=$code/; + ok( + $res = $client->_post( + '/totp2fcheck', IO::String->new($query), + length => length($query), + accept => 'text/html', + ), + 'Post code' + ); + ok( $res->[2]->[0] =~ /<\/span>/, 'Bad TOTP' ) + or print STDERR Dumper( $res->[2]->[0] ); +} +count($maintests); + +clean_sessions(); + +done_testing( count() ); + diff --git a/lemonldap-ng-portal/t/73-2F-UTOTP-TOTP-and-U2F.t b/lemonldap-ng-portal/t/73-2F-UTOTP-TOTP-and-U2F.t index 4c5f32841..3502c0e8d 100644 --- a/lemonldap-ng-portal/t/73-2F-UTOTP-TOTP-and-U2F.t +++ b/lemonldap-ng-portal/t/73-2F-UTOTP-TOTP-and-U2F.t @@ -24,8 +24,7 @@ SKIP: { totp2fSelfRegistration => 1, u2fSelfRegistration => 1, portalMainLogo => 'common/logos/logo_llng_old.png', - u2fSelfRegistration => - '$_2fDevices =~ /"type":\s*"(?:TOTP|U2F)"/s', + u2fSelfRegistration => 'has2f("TOTP") or has2f("U2F")', } } ); diff --git a/lemonldap-ng-portal/t/75-2F-Registers.t b/lemonldap-ng-portal/t/75-2F-Registers.t index 9fda503a0..6bb3d5644 100644 --- a/lemonldap-ng-portal/t/75-2F-Registers.t +++ b/lemonldap-ng-portal/t/75-2F-Registers.t @@ -490,7 +490,7 @@ JjTJecOOS+88fK8qL1TrYv5rapIdqUI7aQ== or print STDERR Dumper($res); # No 2F device left - my @sf = map m%[2]->[0]; ok( scalar @sf == 0, 'No 2F device found' ) or print STDERR Dumper($res); diff --git a/lemonldap-ng-portal/t/77-2F-Mail-SessionKey.t b/lemonldap-ng-portal/t/77-2F-Mail-SessionKey.t new file mode 100644 index 000000000..7810ab087 --- /dev/null +++ b/lemonldap-ng-portal/t/77-2F-Mail-SessionKey.t @@ -0,0 +1,76 @@ +use Test::More; +use strict; +use IO::String; +use Data::Dumper; + +require 't/test-lib.pm'; +require 't/smtp.pm'; + +use_ok('Lemonldap::NG::Common::FormEncode'); +count(1); + +my $client = LLNG::Manager::Test->new( + { + ini => { + logLevel => 'error', + mail2fActivation => 1, + mail2fCodeRegex => '\d{4}', + authentication => 'Demo', + userDB => 'Same', + mailSessionKey => 'mail', + macros => { 'mail2f' => '"test\@example.com"', }, + mail2fSessionKey => 'mail2f', + } + } +); + +# Try to authenticate +# ------------------- +ok( + my $res = $client->_post( + '/', + IO::String->new('user=dwho&password=dwho'), + length => 23, + accept => 'text/html', + ), + 'Auth query' +); +count(1); + +my ( $host, $url, $query ) = + expectForm( $res, undef, '/mail2fcheck?skin=bootstrap', 'token', 'code' ); + +ok( + $res->[2]->[0] =~ +qr%%, + 'Found EXTCODE input' +) or print STDERR Dumper( $res->[2]->[0] ); +count(1); + +ok( envelope()->{to}->[0] eq 'test@example.com', 'Use 2F mail sessionkey' ) + or print STDERR Dumper( envelope() ); +count(1); + +ok( mail() =~ m%(\d{4})%, 'Found 2F code in mail' ) + or print STDERR Dumper( mail() ); +my $code = $1; +count(1); + +$query =~ s/code=/code=${code}/; +ok( + $res = $client->_post( + '/mail2fcheck', + IO::String->new($query), + length => length($query), + accept => 'text/html', + ), + 'Post code' +); +count(1); +my $id = expectCookie($res); +$client->logout($id); + +clean_sessions(); + +done_testing( count() ); + diff --git a/lemonldap-ng-portal/t/78-2F-UpgradeOnly.t b/lemonldap-ng-portal/t/78-2F-UpgradeOnly.t index 95e56b559..563b27b35 100644 --- a/lemonldap-ng-portal/t/78-2F-UpgradeOnly.t +++ b/lemonldap-ng-portal/t/78-2F-UpgradeOnly.t @@ -113,7 +113,7 @@ ok( ); count(1); -( my $host, my $url, $query ) = +( $host, $url, $query ) = expectForm( $res, undef, '/upgradesession', 'confirm', 'url' ); # Accept session upgrade @@ -131,7 +131,7 @@ ok( ); count(1); -my $pdata = expectCookie( $res, 'lemonldappdata' ); +$pdata = expectCookie( $res, 'lemonldappdata' ); ( $host, $url, $query ) = expectForm( $res, undef, '/mail2fcheck?skin=bootstrap', 'token', 'code' ); diff --git a/lemonldap-ng-portal/t/79-2F-Yubikey.t b/lemonldap-ng-portal/t/79-2F-Yubikey.t index d65f28272..c6ea879ae 100644 --- a/lemonldap-ng-portal/t/79-2F-Yubikey.t +++ b/lemonldap-ng-portal/t/79-2F-Yubikey.t @@ -90,7 +90,7 @@ SKIP: { ); count(1); - my ( $host, $url, $query ) = + ( $host, $url, $query ) = expectForm( $res, undef, '/yubikey2fcheck?skin=bootstrap', 'token', 'code' ); @@ -121,7 +121,7 @@ SKIP: { ); count(1); - my ( $host, $url, $query ) = + ( $host, $url, $query ) = expectForm( $res, undef, '/yubikey2fcheck?skin=bootstrap', 'token', 'code' ); diff --git a/lemonldap-ng-portal/t/lmConf-1.json b/lemonldap-ng-portal/t/lmConf-1.json index 4897b626c..f645aee68 100644 --- a/lemonldap-ng-portal/t/lmConf-1.json +++ b/lemonldap-ng-portal/t/lmConf-1.json @@ -63,6 +63,10 @@ }, "test2.example.com": { "Auth-User": "$uid" + }, + "*.example.llng": { + "Auth-User": "$uid", + "testHeader1": "'testHeader_value'" } }, "exportedVars": { diff --git a/lemonldap-ng-portal/t/smtp.pm b/lemonldap-ng-portal/t/smtp.pm index 6cc772f18..81dc2bffa 100644 --- a/lemonldap-ng-portal/t/smtp.pm +++ b/lemonldap-ng-portal/t/smtp.pm @@ -1,12 +1,16 @@ package main; my $mail; -my $envelope; +my $mail_envelope; sub mail { return $mail; } +sub envelope { + return $mail_envelope; +} + package Email::Sender::Transport::LLNG::Test; use Mouse; @@ -17,8 +21,8 @@ extends 'Email::Sender::Transport'; sub send_email { my ( $self, $email, $envelope ) = @_; - $mail = $email->get_body; - $envelope = $envelope; + $mail = $email->get_body; + $mail_envelope = $envelope; return $self->success; } diff --git a/lemonldap-ng-portal/t/test-lib.pm b/lemonldap-ng-portal/t/test-lib.pm index 60bb161cd..f4a378e51 100644 --- a/lemonldap-ng-portal/t/test-lib.pm +++ b/lemonldap-ng-portal/t/test-lib.pm @@ -59,6 +59,7 @@ use File::Find; use LWP::UserAgent; use Time::Fake; use URI::Escape; +use MIME::Base64; use Lemonldap::NG::Common::FormEncode; #use 5.10.0; @@ -569,6 +570,17 @@ sub switch { }; } +=head4 encodeUrl( $url ); + +Encode URL like the handler would, see ::Handler::Main + +=cut + +sub encodeUrl { + my ($url) = @_; + return uri_escape( encode_base64( $url, '' ) ); +} + =head2 LLNG::Manager::Test Class =cut @@ -813,6 +825,7 @@ sub _get { 'SERVER_NAME' => 'auth.example.com', 'SERVER_PORT' => '80', 'SERVER_PROTOCOL' => 'HTTP/1.1', + 'psgi.url_scheme' => ( $args{secure} ? 'https' : 'http' ), ( $args{custom} ? %{ $args{custom} } : () ), } ); @@ -865,6 +878,7 @@ sub _post { 'SERVER_NAME' => 'auth.example.com', 'SERVER_PORT' => '80', 'SERVER_PROTOCOL' => 'HTTP/1.1', + 'psgi.url_scheme' => ( $args{secure} ? 'https' : 'http' ), ( $args{custom} ? %{ $args{custom} } : () ), 'psgix.input.buffered' => 0, 'psgi.input' => $body, diff --git a/lemonldap-ng-portal/t/testslapd/users.ldif b/lemonldap-ng-portal/t/testslapd/users.ldif index d5544fff8..8c811ac29 100644 --- a/lemonldap-ng-portal/t/testslapd/users.ldif +++ b/lemonldap-ng-portal/t/testslapd/users.ldif @@ -37,6 +37,7 @@ cn:: RnLDqWTDqXJpYyBBY2NlbnRz sn: Accents mail: french@badwolf.org userPassword: french +displayName:: RnLDqWTDqXJpYyBBY2NlbnRz dn: uid=russian,ou=users,dc=example,dc=com objectClass: inetOrgPerson @@ -45,6 +46,7 @@ cn:: 0KDRg9GB0YHQutC40Lk= sn:: 0KDRg9GB0YHQutC40Lk= mail: russian@badwolf.org userPassword: russian +roomNumber: 0 dn: uid=reset,ou=users,dc=example,dc=com objectClass: inetOrgPerson