Merge branch 'master' into manager-SFA-module
This commit is contained in:
commit
b7642823dd
|
@ -30,10 +30,20 @@ sub run {
|
|||
|
||||
if ( $action eq 'register' ) {
|
||||
my $challenge = $self->crypter->registrationChallenge;
|
||||
$self->logger->debug("Register challenge: $challenge");
|
||||
return [
|
||||
200,
|
||||
[
|
||||
'Content-Type' => 'application/json',
|
||||
'Content-Length' => length($challenge),
|
||||
],
|
||||
[$challenge]
|
||||
];
|
||||
return [ 200, [ 'Content-Type' => 'application/json' ], [$challenge] ];
|
||||
}
|
||||
if ( $action eq 'registration' ) {
|
||||
my ( $resp, $challenge );
|
||||
$self->logger->debug('Regististration response');
|
||||
unless ($resp = $req->param('registration')
|
||||
and $challenge = $req->param('challenge') )
|
||||
{
|
||||
|
@ -60,7 +70,11 @@ sub run {
|
|||
}
|
||||
);
|
||||
return [
|
||||
200, [ 'Content-Type' => 'application/json' ],
|
||||
200,
|
||||
[
|
||||
'Content-Type' => 'application/json',
|
||||
'Content-Length' => 12,
|
||||
],
|
||||
['{"result":1}']
|
||||
];
|
||||
}
|
||||
|
@ -71,6 +85,7 @@ sub run {
|
|||
}
|
||||
|
||||
elsif ( $action eq 'verify' ) {
|
||||
$self->logger->debug('Verification challenge req');
|
||||
my ( $err, $error ) = $self->loadUser($req);
|
||||
if ( $err == -1 ) {
|
||||
return $self->p->sendError( $req, "U2F error: $error", 200 );
|
||||
|
@ -79,11 +94,21 @@ sub run {
|
|||
return $self->p->sendError( $req, "noU2FKeyFound" );
|
||||
}
|
||||
my $challenge = $req->datas->{crypter}->authenticationChallenge;
|
||||
return [ 200, [ 'Content-Type' => 'application/json' ], [$challenge] ];
|
||||
return [
|
||||
200,
|
||||
[
|
||||
'Content-Type' => 'application/json',
|
||||
'Content-Length' => length($challenge),
|
||||
],
|
||||
[$challenge]
|
||||
];
|
||||
}
|
||||
elsif ( $action eq 'signature' ) {
|
||||
my $resp;
|
||||
unless ( $resp = $req->param('signature') ) {
|
||||
$self->logger->debug('Verification response');
|
||||
my ( $challenge, $resp );
|
||||
unless ($challenge = $req->param('challenge')
|
||||
and $resp = $req->param('signature') )
|
||||
{
|
||||
return $self->p->sendError( $req, 'Missing signature parameter',
|
||||
400 );
|
||||
}
|
||||
|
@ -94,12 +119,15 @@ sub run {
|
|||
elsif ( $err == 0 ) {
|
||||
return $self->p->sendError( $req, "noU2FKeyFound" );
|
||||
}
|
||||
$self->logger->debug("Get verify response $resp");
|
||||
$req->datas->{crypter}->setChallenge($challenge);
|
||||
my $res =
|
||||
( $req->datas->{crypter}->authenticationVerify($resp) ? 1 : 0 );
|
||||
|
||||
#$self->userLogger->notice("res=$res");
|
||||
return [
|
||||
200, [ 'Content-Type' => 'application/json' ],
|
||||
200,
|
||||
[ 'Content-Type' => 'application/json', 'Content-Length' => 12, ],
|
||||
[qq'{"result":$res}']
|
||||
];
|
||||
}
|
||||
|
@ -110,7 +138,14 @@ sub run {
|
|||
}
|
||||
if ( $action eq 'unregister' ) {
|
||||
my $challenge = $self->crypter->registrationChallenge;
|
||||
return [ 200, [ 'Content-Type' => 'application/json' ], [$challenge] ];
|
||||
return [
|
||||
200,
|
||||
[
|
||||
'Content-Type' => 'application/json',
|
||||
'Content-Length' => length($challenge),
|
||||
],
|
||||
[$challenge]
|
||||
];
|
||||
}
|
||||
elsif ( $action eq 'unregistration' ) {
|
||||
$self->p->updatePersistentSession(
|
||||
|
@ -121,8 +156,11 @@ sub run {
|
|||
}
|
||||
);
|
||||
$self->userLogger->notice('U2F key unregistration succeed');
|
||||
return [ 200, [ 'Content-Type' => 'application/json' ],
|
||||
['{"result":1}'] ];
|
||||
return [
|
||||
200,
|
||||
[ 'Content-Type' => 'application/json', 'Content-Length' => 12, ],
|
||||
['{"result":1}']
|
||||
];
|
||||
my $err = Crypt::U2F::Server::Simple::lastError();
|
||||
$self->userLogger->warn("U2F Unregistration failed: $err");
|
||||
return $self->p->sendError( $req, $err, 200 );
|
||||
|
|
|
@ -97,6 +97,7 @@ verify = ->
|
|||
url: "#{portal}2fregisters/u/signature"
|
||||
data:
|
||||
signature: JSON.stringify data
|
||||
challenge: ch.challenge
|
||||
dataType: 'json'
|
||||
success: (resp) ->
|
||||
if resp.error
|
||||
|
|
|
@ -115,7 +115,8 @@ LemonLDAP::NG U2F registration script
|
|||
type: "POST",
|
||||
url: portal + "2fregisters/u/signature",
|
||||
data: {
|
||||
signature: JSON.stringify(data)
|
||||
signature: JSON.stringify(data),
|
||||
challenge: ch.challenge
|
||||
},
|
||||
dataType: 'json',
|
||||
success: function(resp) {
|
||||
|
|
|
@ -1 +1 @@
|
|||
(function(){var a,c,d,b,e;d=function(f,g){$("#msg").html(window.translate(f));$("#color").removeClass("message-positive message-warning alert-success alert-warning");$("#color").addClass("message-"+g);if(g==="positive"){g="success"}return $("#color").addClass("alert-"+g)};a=function(g,f,i){var h;console.log("Error",i);h=JSON.parse(g.responseText);if(h&&h.error){h=h.error.replace(/.* /,"");console.log("Returned error",h);return d(h,"warning")}};c=function(){return $.ajax({type:"POST",url:portal+"2fregisters/u/register",data:{},dataType:"json",error:a,success:function(f){var g;g=[{challenge:f.challenge,version:f.version}];d("touchU2fDevice","positive");$("#u2fPermission").show();return u2f.register(f.appId,g,[],function(h){$("#u2fPermission").hide();if(h.errorCode){return d("unableToGetU2FKey","warning")}else{return $.ajax({type:"POST",url:portal+"2fregisters/u/registration",data:{registration:JSON.stringify(h),challenge:JSON.stringify(f)},dataType:"json",success:function(i){if(i.error){return d("u2fFailed","warning")}else{if(i.result){return d("u2fRegistered","positive")}}},error:a})}})}})};b=function(){return $.ajax({type:"POST",url:portal+"2fregisters/u/unregistration",data:{},dataType:"json",error:a,success:function(f){if(f.error){return d("u2fFailed","warning")}else{if(f.result){return d("u2fUnregistered","positive")}}},error:a})};e=function(){return $.ajax({type:"POST",url:portal+"2fregisters/u/verify",data:{},dataType:"json",error:a,success:function(f){var g;g=[{keyHandle:f.keyHandle,version:f.version}];d("touchU2fDevice","positive");return u2f.sign(f.appId,f.challenge,g,function(h){if(h.errorCode){return d("unableToGetU2FKey","warning")}else{return $.ajax({type:"POST",url:portal+"2fregisters/u/signature",data:{signature:JSON.stringify(h)},dataType:"json",success:function(i){if(i.error){return d("u2fFailed","warning")}else{if(i.result){return d("u2fSuccess","positive")}}},error:function(k,i,l){return console.log("error",l)}})}})}})};$(document).ready(function(){$("#u2fPermission").hide();$("#register").on("click",c);$("#unregister").on("click",b);$("#verify").on("click",e);return $("#goback").attr("href",portal)})}).call(this);
|
||||
(function(){var a,c,d,b,e;d=function(f,g){$("#msg").html(window.translate(f));$("#color").removeClass("message-positive message-warning alert-success alert-warning");$("#color").addClass("message-"+g);if(g==="positive"){g="success"}return $("#color").addClass("alert-"+g)};a=function(g,f,i){var h;console.log("Error",i);h=JSON.parse(g.responseText);if(h&&h.error){h=h.error.replace(/.* /,"");console.log("Returned error",h);return d(h,"warning")}};c=function(){return $.ajax({type:"POST",url:portal+"2fregisters/u/register",data:{},dataType:"json",error:a,success:function(f){var g;g=[{challenge:f.challenge,version:f.version}];d("touchU2fDevice","positive");$("#u2fPermission").show();return u2f.register(f.appId,g,[],function(h){$("#u2fPermission").hide();if(h.errorCode){return d("unableToGetU2FKey","warning")}else{return $.ajax({type:"POST",url:portal+"2fregisters/u/registration",data:{registration:JSON.stringify(h),challenge:JSON.stringify(f)},dataType:"json",success:function(i){if(i.error){return d("u2fFailed","warning")}else{if(i.result){return d("u2fRegistered","positive")}}},error:a})}})}})};b=function(){return $.ajax({type:"POST",url:portal+"2fregisters/u/unregistration",data:{},dataType:"json",error:a,success:function(f){if(f.error){return d("u2fFailed","warning")}else{if(f.result){return d("u2fUnregistered","positive")}}},error:a})};e=function(){return $.ajax({type:"POST",url:portal+"2fregisters/u/verify",data:{},dataType:"json",error:a,success:function(f){var g;g=[{keyHandle:f.keyHandle,version:f.version}];d("touchU2fDevice","positive");return u2f.sign(f.appId,f.challenge,g,function(h){if(h.errorCode){return d("unableToGetU2FKey","warning")}else{return $.ajax({type:"POST",url:portal+"2fregisters/u/signature",data:{signature:JSON.stringify(h),challenge:f.challenge},dataType:"json",success:function(i){if(i.error){return d("u2fFailed","warning")}else{if(i.result){return d("u2fSuccess","positive")}}},error:function(k,i,l){return console.log("error",l)}})}})}})};$(document).ready(function(){$("#u2fPermission").hide();$("#register").on("click",c);$("#unregister").on("click",b);$("#verify").on("click",e);return $("#goback").attr("href",portal)})}).call(this);
|
Loading…
Reference in New Issue
Block a user