Multi U2F - Fix errors ;-) - IT WORKS !!!
This commit is contained in:
parent
06c14f5972
commit
b1dc72452a
|
@ -58,7 +58,7 @@ sub run {
|
||||||
|
|
||||||
# Get a challenge (from first key)
|
# Get a challenge (from first key)
|
||||||
my $data = eval {
|
my $data = eval {
|
||||||
JSON::from_json(
|
from_json(
|
||||||
$req->datas->{crypter}->[0]->authenticationChallenge );
|
$req->datas->{crypter}->[0]->authenticationChallenge );
|
||||||
};
|
};
|
||||||
if ($@) {
|
if ($@) {
|
||||||
|
@ -78,7 +78,7 @@ sub run {
|
||||||
__ch => $data->{challenge} );
|
__ch => $data->{challenge} );
|
||||||
|
|
||||||
# Serialize datas
|
# Serialize datas
|
||||||
$data = JSON::to_json(
|
$data = to_json(
|
||||||
{
|
{
|
||||||
challenge => $data->{challenge},
|
challenge => $data->{challenge},
|
||||||
appId => $data->{appId},
|
appId => $data->{appId},
|
||||||
|
@ -214,23 +214,22 @@ sub loadUser {
|
||||||
$self->logger->debug("2F Device(s) found");
|
$self->logger->debug("2F Device(s) found");
|
||||||
|
|
||||||
foreach (@$_2fDevices) {
|
foreach (@$_2fDevices) {
|
||||||
$self->logger->debug("Reading U2F keys if exists ...");
|
$self->logger->debug("Looking for registered U2F key(s) ...");
|
||||||
if ( $_->{type} eq 'U2F' ) {
|
if ( $_->{type} eq 'U2F' ) {
|
||||||
unless ( $_->{_userKey} and $_->{_userKey} ) {
|
unless ( $_->{_userKey} and $_->{_userKey} ) {
|
||||||
$self->logger->error(
|
$self->logger->error(
|
||||||
"Missing required U2F attribute in storage ($session->{_2fDevices})"
|
"Missing required U2F attributes in storage ($session->{_2fDevices})"
|
||||||
);
|
);
|
||||||
next;
|
next;
|
||||||
}
|
}
|
||||||
$self->logger->debug( "_userKey = " . $_->{_userKey} );
|
$self->logger->debug( "Found U2F key -> _userKey = " . $_->{_userKey} . "/ _keyHandle = " . $_->{_keyHandle} );
|
||||||
$self->logger->debug( "_keyHandle = " . $_->{_keyHandle} );
|
|
||||||
$_->{_userKey} = $self->decode_base64url( $_->{_userKey} );
|
$_->{_userKey} = $self->decode_base64url( $_->{_userKey} );
|
||||||
push @u2fs, $_;
|
push @u2fs, $_;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#### TODO : MANAGE MULTI U2F KEYS
|
#### MANAGE MULTI U2F KEYS
|
||||||
my @crypters;
|
my @crypters;
|
||||||
if (@u2fs) {
|
if (@u2fs) {
|
||||||
$self->logger->debug("kh & uk -> OK");
|
$self->logger->debug("kh & uk -> OK");
|
||||||
|
@ -250,12 +249,11 @@ sub loadUser {
|
||||||
unless (@crypters) {
|
unless (@crypters) {
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
$req->datas->{crypter} = \@crypters;
|
$req->datas->{crypter} = \@crypters;
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$self->userLogger->info("U2F: user not registered");
|
$self->userLogger->info("U2F : user not registered");
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,8 +3,8 @@ LemonLDAP::NG U2F verify script
|
||||||
###
|
###
|
||||||
|
|
||||||
check = ->
|
check = ->
|
||||||
u2f.sign window.datas.appId, window.datas.challenge, windows.datas.registeredKeys, (data) ->
|
u2f.sign window.datas.appId, window.datas.challenge, window.datas.registeredKeys, (data) ->
|
||||||
$('#verify-data').val data
|
$('#verify-data').val JSON.stringify data
|
||||||
$('#verify-challenge').val window.datas.challenge
|
$('#verify-challenge').val window.datas.challenge
|
||||||
$('#verify-form').submit()
|
$('#verify-form').submit()
|
||||||
|
|
||||||
|
|
|
@ -8,8 +8,8 @@ LemonLDAP::NG U2F verify script
|
||||||
var check;
|
var check;
|
||||||
|
|
||||||
check = function() {
|
check = function() {
|
||||||
return u2f.sign(window.datas.appId, window.datas.challenge, windows.datas.registeredKeys, function(data) {
|
return u2f.sign(window.datas.appId, window.datas.challenge, window.datas.registeredKeys, function(data) {
|
||||||
$('#verify-data').val(data);
|
$('#verify-data').val(JSON.stringify(data));
|
||||||
$('#verify-challenge').val(window.datas.challenge);
|
$('#verify-challenge').val(window.datas.challenge);
|
||||||
return $('#verify-form').submit();
|
return $('#verify-form').submit();
|
||||||
});
|
});
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
(function(){var a;a=function(){return u2f.sign(window.datas.appId,window.datas.challenge,windows.datas.registeredKeys,function(b){$("#verify-data").val(b);$("#verify-challenge").val(window.datas.challenge);return $("#verify-form").submit()})};$(document).ready(function(){return setTimeout(a,1000)})}).call(this);
|
(function(){var a;a=function(){return u2f.sign(window.datas.appId,window.datas.challenge,window.datas.registeredKeys,function(b){$("#verify-data").val(JSON.stringify(b));$("#verify-challenge").val(window.datas.challenge);return $("#verify-form").submit()})};$(document).ready(function(){return setTimeout(a,1000)})}).call(this);
|
Loading…
Reference in New Issue
Block a user