Remove totp2fDisplayExistingSecret and totp2fUserCanChangeKey (#2541)
This commit is contained in:
parent
dae4293ecf
commit
c197bd95b5
|
@ -31,7 +31,7 @@ use constant DEFAULTCONFBACKENDOPTIONS => (
|
|||
);
|
||||
our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|webID)ExportedVa|exported(?:Heade|Va)|issuerDBGetParamete)r|f(?:indUser(?:Exclud|Search)ingAttribute|acebookExportedVar)|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|macro)s|o(?:idc(?:S(?:ervice(?:DynamicRegistrationEx(?:portedVar|traClaim)s|MetaDataAuthnContext)|torageOptions)|RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar|ScopeRule|Macro)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node))|penIdExportedVars)|c(?:as(?:A(?:ppMetaData(?:(?:ExportedVar|Option|Macro)s|Node)|ttributes)|S(?:rvMetaData(?:(?:ExportedVar|Option)s|Node)|torageOptions))|(?:ustom(?:Plugins|Add)Param|heckUserHiddenHeader|ombModule)s)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option|Macro)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars|fExtra)|a(?:(?:daptativeAuthenticationLevelR|ut(?:hChoiceMod|oSigninR))ules|pplicationList)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|v(?:hostOptions|irtualHost)|S(?:MTPTLSOpts|SLVarIf))$/;
|
||||
our $arrayParameters = qr/^mySessionAuthorizedRWKeys$/;
|
||||
our $boolKeys = qr/^(?:s(?:aml(?:IDP(?:MetaDataOptions(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|IsPassiv)e|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Force(?:Authn|UTF8)|StoreSAMLToken|RelayStateURL)|SSODescriptorWantAuthnRequestsSigned)|S(?:P(?:MetaDataOptions(?:(?:CheckS[LS]OMessageSignatur|OneTimeUs)e|EnableIDPInitiatedURL|ForceUTF8)|SSODescriptor(?:WantAssertion|AuthnRequest)sSigned)|erviceUseCertificateInResponse)|DiscoveryProtocol(?:Activation|IsPassive)|CommonDomainCookieActivation|UseQueryStringSpecific|MetadataForceUTF8)|f(?:RemovedUseNotif|OnlyUpgrade)|kip(?:Upgrade|Renew)Confirmation|oap(?:Session|Config)Server|t(?:ayConnecte|orePasswor)d|laveDisplayLogo|howLanguages|slByAjax)|o(?:idc(?:RPMetaDataOptions(?:A(?:llow(?:(?:ClientCredentials|Password)Grant|Offline)|ccessToken(?:Claims|JWT))|Re(?:freshToken|quirePKCE)|LogoutSessionRequired|IDTokenForceClaims|BypassConsent|Public)|ServiceAllow(?:(?:AuthorizationCode|Implicit|Hybrid)Flow|DynamicRegistration|OnlyDeclaredScopes)|OPMetaDataOptions(?:(?:CheckJWTSignatur|UseNonc)e|StoreIDToken))|ldNotifFormat)|c(?:a(?:sS(?:rvMetaDataOptions(?:Gateway|Renew)|trictMatching)|ptcha_(?:register|login|mail)_enabled)|o(?:ntextSwitching(?:Allowed2fModifications|StopWithLogout)|mpactConf|rsEnabled)|heck(?:DevOps(?:Download)?|State|User|XSS)|rowdsec|da)|p(?:ortal(?:Display(?:Re(?:freshMyRights|setPassword|gister)|CertificateResetByMail|GeneratePassword|PasswordPolicy)|ErrorOn(?:ExpiredSession|MailNotFound)|(?:CheckLogin|Statu)s|OpenLinkInNewWindow|ForceAuthn|AntiFrame)|roxyUseSoap)|l(?:dap(?:(?:G(?:roup(?:DecodeSearchedValu|Recursiv)|etUserBeforePasswordChang)|UsePasswordResetAttribut)e|(?:AllowResetExpired|Set)Password|ChangePasswordAsUser|PpolicyControl|ITDS)|oginHistoryEnabled)|no(?:tif(?:ication(?:Server(?:(?:POS|GE)T|DELETE)?|sExplorer)?|y(?:Deleted|Other))|AjaxHook)|i(?:ssuerDB(?:OpenID(?:Connect)?|SAML|CAS|Get)Activation|mpersonationSkipEmptyValues)|to(?:tp2f(?:UserCan(?:Chang|Remov)eKey|DisplayExistingSecret)|kenUseGlobalStorage)|u(?:se(?:RedirectOn(?:Forbidden|Error)|SafeJail)|2fUserCanRemoveKey|pgradeSession)|re(?:st(?:(?:Password|Session|Config|Auth)Server|ExportSecretKeys)|freshSessions)|br(?:uteForceProtection(?:IncrementalTempo)?|owsersDontStorePassword)|d(?:is(?:ablePersistentStorage|playSessionId)|biDynamicHashEnabled)|(?:mai(?:lOnPasswordChang|ntenanc)|vhostMaintenanc)e|g(?:roupsBeforeMacros|lobalLogoutTimer)|a(?:voidAssignment|ctiveTimer)|h(?:ideOldPassword|ttpOnly)|yubikey2fUserCanRemoveKey|krb(?:RemoveDomain|ByJs)|(?:wsdlServ|findUs)er)$/;
|
||||
our $boolKeys = qr/^(?:s(?:aml(?:IDP(?:MetaDataOptions(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|IsPassiv)e|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Force(?:Authn|UTF8)|StoreSAMLToken|RelayStateURL)|SSODescriptorWantAuthnRequestsSigned)|S(?:P(?:MetaDataOptions(?:(?:CheckS[LS]OMessageSignatur|OneTimeUs)e|EnableIDPInitiatedURL|ForceUTF8)|SSODescriptor(?:WantAssertion|AuthnRequest)sSigned)|erviceUseCertificateInResponse)|DiscoveryProtocol(?:Activation|IsPassive)|CommonDomainCookieActivation|UseQueryStringSpecific|MetadataForceUTF8)|f(?:RemovedUseNotif|OnlyUpgrade)|kip(?:Upgrade|Renew)Confirmation|oap(?:Session|Config)Server|t(?:ayConnecte|orePasswor)d|laveDisplayLogo|howLanguages|slByAjax)|o(?:idc(?:RPMetaDataOptions(?:A(?:llow(?:(?:ClientCredentials|Password)Grant|Offline)|ccessToken(?:Claims|JWT))|Re(?:freshToken|quirePKCE)|LogoutSessionRequired|IDTokenForceClaims|BypassConsent|Public)|ServiceAllow(?:(?:AuthorizationCode|Implicit|Hybrid)Flow|DynamicRegistration|OnlyDeclaredScopes)|OPMetaDataOptions(?:(?:CheckJWTSignatur|UseNonc)e|StoreIDToken))|ldNotifFormat)|c(?:a(?:sS(?:rvMetaDataOptions(?:Gateway|Renew)|trictMatching)|ptcha_(?:register|login|mail)_enabled)|o(?:ntextSwitching(?:Allowed2fModifications|StopWithLogout)|mpactConf|rsEnabled)|heck(?:DevOps(?:Download)?|State|User|XSS)|rowdsec|da)|p(?:ortal(?:Display(?:Re(?:freshMyRights|setPassword|gister)|CertificateResetByMail|GeneratePassword|PasswordPolicy)|ErrorOn(?:ExpiredSession|MailNotFound)|(?:CheckLogin|Statu)s|OpenLinkInNewWindow|ForceAuthn|AntiFrame)|roxyUseSoap)|l(?:dap(?:(?:G(?:roup(?:DecodeSearchedValu|Recursiv)|etUserBeforePasswordChang)|UsePasswordResetAttribut)e|(?:AllowResetExpired|Set)Password|ChangePasswordAsUser|PpolicyControl|ITDS)|oginHistoryEnabled)|no(?:tif(?:ication(?:Server(?:(?:POS|GE)T|DELETE)?|sExplorer)?|y(?:Deleted|Other))|AjaxHook)|i(?:ssuerDB(?:OpenID(?:Connect)?|SAML|CAS|Get)Activation|mpersonationSkipEmptyValues)|u(?:se(?:RedirectOn(?:Forbidden|Error)|SafeJail)|2fUserCanRemoveKey|pgradeSession)|re(?:st(?:(?:Password|Session|Config|Auth)Server|ExportSecretKeys)|freshSessions)|br(?:uteForceProtection(?:IncrementalTempo)?|owsersDontStorePassword)|d(?:is(?:ablePersistentStorage|playSessionId)|biDynamicHashEnabled)|(?:mai(?:lOnPasswordChang|ntenanc)|vhostMaintenanc)e|to(?:tp2fUserCanRemoveKey|kenUseGlobalStorage)|g(?:roupsBeforeMacros|lobalLogoutTimer)|a(?:voidAssignment|ctiveTimer)|h(?:ideOldPassword|ttpOnly)|yubikey2fUserCanRemoveKey|krb(?:RemoveDomain|ByJs)|(?:wsdlServ|findUs)er)$/;
|
||||
|
||||
our @sessionTypes = ( 'remoteGlobal', 'global', 'localSession', 'persistent', 'saml', 'oidc', 'cas' );
|
||||
|
||||
|
|
|
@ -4121,10 +4121,6 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-
|
|||
'default' => 6,
|
||||
'type' => 'int'
|
||||
},
|
||||
'totp2fDisplayExistingSecret' => {
|
||||
'default' => 0,
|
||||
'type' => 'bool'
|
||||
},
|
||||
'totp2fInterval' => {
|
||||
'default' => 30,
|
||||
'type' => 'int'
|
||||
|
@ -4149,10 +4145,6 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-
|
|||
'totp2fTTL' => {
|
||||
'type' => 'int'
|
||||
},
|
||||
'totp2fUserCanChangeKey' => {
|
||||
'default' => 0,
|
||||
'type' => 'bool'
|
||||
},
|
||||
'totp2fUserCanRemoveKey' => {
|
||||
'default' => 1,
|
||||
'type' => 'bool'
|
||||
|
|
|
@ -1873,17 +1873,6 @@ sub attributes {
|
|||
default => 6,
|
||||
documentation => 'Number of digits for TOTP code',
|
||||
},
|
||||
totp2fDisplayExistingSecret => {
|
||||
type => 'bool',
|
||||
default => 0,
|
||||
documentation =>
|
||||
'Display existing TOTP secret in registration form',
|
||||
},
|
||||
totp2fUserCanChangeKey => {
|
||||
type => 'bool',
|
||||
default => 0,
|
||||
documentation => 'Authorize users to change existing TOTP secret',
|
||||
},
|
||||
totp2fUserCanRemoveKey => {
|
||||
type => 'bool',
|
||||
default => 1,
|
||||
|
|
|
@ -880,12 +880,10 @@ sub tree {
|
|||
'totp2fActivation',
|
||||
'totp2fSelfRegistration',
|
||||
'totp2fUserCanRemoveKey',
|
||||
'totp2fUserCanChangeKey',
|
||||
'totp2fIssuer',
|
||||
'totp2fInterval',
|
||||
'totp2fRange',
|
||||
'totp2fDigits',
|
||||
'totp2fDisplayExistingSecret',
|
||||
'totp2fTTL',
|
||||
'totp2fAuthnLevel',
|
||||
'totp2fLabel',
|
||||
|
|
|
@ -1107,7 +1107,6 @@
|
|||
"totp2fActivation":"تفعيل",
|
||||
"totp2fAuthnLevel":"TOTP authentication level",
|
||||
"totp2fDigits":"Number of digits",
|
||||
"totp2fDisplayExistingSecret":"Display existing secret",
|
||||
"totp2fInterval":"Interval",
|
||||
"totp2fIssuer":"TOTP Issuer name",
|
||||
"totp2fLabel":"Label",
|
||||
|
@ -1115,7 +1114,6 @@
|
|||
"totp2fRange":"Range of attempts",
|
||||
"totp2fSelfRegistration":"التسجيل الذاتي",
|
||||
"totp2fTTL":"Lifetime",
|
||||
"totp2fUserCanChangeKey":"Change existing secret",
|
||||
"totp2fUserCanRemoveKey":"Allow user to remove TOTP",
|
||||
"trustedDomains":"النطاقات الموثوق بها",
|
||||
"trustedProxies":"عناوين الآي بي البروكسي الموثوق بها",
|
||||
|
|
|
@ -1107,7 +1107,6 @@
|
|||
"totp2fActivation":"Activation",
|
||||
"totp2fAuthnLevel":"TOTP authentication level",
|
||||
"totp2fDigits":"Number of digits",
|
||||
"totp2fDisplayExistingSecret":"Display existing secret",
|
||||
"totp2fInterval":"Interval",
|
||||
"totp2fIssuer":"TOTP Issuer name",
|
||||
"totp2fLabel":"Label",
|
||||
|
@ -1115,7 +1114,6 @@
|
|||
"totp2fRange":"Range of attempts",
|
||||
"totp2fSelfRegistration":"Self registration",
|
||||
"totp2fTTL":"Lifetime",
|
||||
"totp2fUserCanChangeKey":"Change existing secret",
|
||||
"totp2fUserCanRemoveKey":"Allow user to remove TOTP",
|
||||
"trustedDomains":"Trusted domains",
|
||||
"trustedProxies":"Trusted proxies IP",
|
||||
|
|
|
@ -1107,7 +1107,6 @@
|
|||
"totp2fActivation":"Activation",
|
||||
"totp2fAuthnLevel":"TOTP authentication level",
|
||||
"totp2fDigits":"Number of digits",
|
||||
"totp2fDisplayExistingSecret":"Display existing secret",
|
||||
"totp2fInterval":"Interval",
|
||||
"totp2fIssuer":"TOTP Issuer name",
|
||||
"totp2fLabel":"Label",
|
||||
|
@ -1115,7 +1114,6 @@
|
|||
"totp2fRange":"Range of attempts",
|
||||
"totp2fSelfRegistration":"Self registration",
|
||||
"totp2fTTL":"Lifetime",
|
||||
"totp2fUserCanChangeKey":"Change existing secret",
|
||||
"totp2fUserCanRemoveKey":"Allow user to remove TOTP",
|
||||
"trustedDomains":"Trusted domains",
|
||||
"trustedProxies":"Trusted proxies IP",
|
||||
|
|
|
@ -1107,7 +1107,6 @@
|
|||
"totp2fActivation":"Activación",
|
||||
"totp2fAuthnLevel":"Nivel de autentificación TOTP",
|
||||
"totp2fDigits":"Cantidad de dígitos",
|
||||
"totp2fDisplayExistingSecret":"Mostrar secreto existente",
|
||||
"totp2fInterval":"Intervalo",
|
||||
"totp2fIssuer":"Nombre de emisor TOTP",
|
||||
"totp2fLabel":"Etiqueta",
|
||||
|
@ -1115,7 +1114,6 @@
|
|||
"totp2fRange":"Rango de intentos",
|
||||
"totp2fSelfRegistration":"Autoregistro",
|
||||
"totp2fTTL":"Tiempo de vida",
|
||||
"totp2fUserCanChangeKey":"Cambiar secreto existente",
|
||||
"totp2fUserCanRemoveKey":"Permitir al usuario eliminación de TOTP",
|
||||
"trustedDomains":"Dominios de confianza",
|
||||
"trustedProxies":"IP de proxies de confianza",
|
||||
|
|
|
@ -1107,7 +1107,6 @@
|
|||
"totp2fActivation":"Activation",
|
||||
"totp2fAuthnLevel":"Niveau d'authentification TOTP",
|
||||
"totp2fDigits":"Nombre de chiffres",
|
||||
"totp2fDisplayExistingSecret":"Afficher la clef existante",
|
||||
"totp2fInterval":"Intervalle",
|
||||
"totp2fIssuer":"Nom du fournisseur TOTP",
|
||||
"totp2fLabel":"Label",
|
||||
|
@ -1115,7 +1114,6 @@
|
|||
"totp2fRange":"Nombre d'intervalles à tester",
|
||||
"totp2fSelfRegistration":"Auto-enregistrement",
|
||||
"totp2fTTL":"Durée de vie",
|
||||
"totp2fUserCanChangeKey":"Changer une clef existante",
|
||||
"totp2fUserCanRemoveKey":"Autoriser les utilisateurs à effacer leur TOTP",
|
||||
"trustedDomains":"Domaines approuvés",
|
||||
"trustedProxies":"IP des proxys de confiance",
|
||||
|
|
|
@ -1107,7 +1107,6 @@
|
|||
"totp2fActivation":"Attivazione",
|
||||
"totp2fAuthnLevel":"Livello di autenticazione TOTP",
|
||||
"totp2fDigits":"Numero di cifre",
|
||||
"totp2fDisplayExistingSecret":"Mostra segreto esistente",
|
||||
"totp2fInterval":"Intervallo",
|
||||
"totp2fIssuer":"Nome dell'emittente TOTP",
|
||||
"totp2fLabel":"Label",
|
||||
|
@ -1115,7 +1114,6 @@
|
|||
"totp2fRange":"Gamma di tentativi",
|
||||
"totp2fSelfRegistration":"Auto-registrazione",
|
||||
"totp2fTTL":"Lifetime",
|
||||
"totp2fUserCanChangeKey":"Cambia segreto esistente",
|
||||
"totp2fUserCanRemoveKey":"Autorizza l'utente a rimuovere TOTP",
|
||||
"trustedDomains":"Domini attendibili",
|
||||
"trustedProxies":"IP proxy attendibili",
|
||||
|
|
|
@ -1107,7 +1107,6 @@
|
|||
"totp2fActivation":"Aktywacja",
|
||||
"totp2fAuthnLevel":"Poziom uwierzytelnienia TOTP",
|
||||
"totp2fDigits":"Ilość cyfr",
|
||||
"totp2fDisplayExistingSecret":"Pokaż istniejący sekret",
|
||||
"totp2fInterval":"Interwał",
|
||||
"totp2fIssuer":"TOTP Nazwa wystawcy",
|
||||
"totp2fLabel":"Etykieta",
|
||||
|
@ -1115,7 +1114,6 @@
|
|||
"totp2fRange":"Zakres prób",
|
||||
"totp2fSelfRegistration":"Samodzielna rejestracja",
|
||||
"totp2fTTL":"Dożywotni",
|
||||
"totp2fUserCanChangeKey":"Zmień istniejący sekret",
|
||||
"totp2fUserCanRemoveKey":"Pozwól użytkownikowi usunąć TOTP",
|
||||
"trustedDomains":"Zaufane domeny",
|
||||
"trustedProxies":"Zaufane proxy IP",
|
||||
|
|
|
@ -1107,7 +1107,6 @@
|
|||
"totp2fActivation":"Aktivasyon",
|
||||
"totp2fAuthnLevel":"TOTP doğrulama seviyesi",
|
||||
"totp2fDigits":"Rakam sayısı",
|
||||
"totp2fDisplayExistingSecret":"Mevcut sırı görüntüle",
|
||||
"totp2fInterval":"Süre aralığı",
|
||||
"totp2fIssuer":"TOTP Düzenleyici adı",
|
||||
"totp2fLabel":"Etiket",
|
||||
|
@ -1115,7 +1114,6 @@
|
|||
"totp2fRange":"Deneme sayısı",
|
||||
"totp2fSelfRegistration":"Kendi kendine kayıt",
|
||||
"totp2fTTL":"Ömür boyu",
|
||||
"totp2fUserCanChangeKey":"Mevcut sırı değiştir",
|
||||
"totp2fUserCanRemoveKey":"Kullanıcının TOTP'yi kaldırmasına izin ver",
|
||||
"trustedDomains":"Güvenilir etki alanları",
|
||||
"trustedProxies":"Güvenilir tünel IP'si",
|
||||
|
|
|
@ -1107,7 +1107,6 @@
|
|||
"totp2fActivation":"Kích hoạt",
|
||||
"totp2fAuthnLevel":"TOTP authentication level",
|
||||
"totp2fDigits":"Number of digits",
|
||||
"totp2fDisplayExistingSecret":"Display existing secret",
|
||||
"totp2fInterval":"Interval",
|
||||
"totp2fIssuer":"TOTP Issuer name",
|
||||
"totp2fLabel":"Label",
|
||||
|
@ -1115,7 +1114,6 @@
|
|||
"totp2fRange":"Range of attempts",
|
||||
"totp2fSelfRegistration":"Tự đăng ký",
|
||||
"totp2fTTL":"Lifetime",
|
||||
"totp2fUserCanChangeKey":"Change existing secret",
|
||||
"totp2fUserCanRemoveKey":"Allow user to remove TOTP",
|
||||
"trustedDomains":"Miền tin cậy",
|
||||
"trustedProxies":"proxies IP tin cậy",
|
||||
|
|
|
@ -1107,7 +1107,6 @@
|
|||
"totp2fActivation":"激活",
|
||||
"totp2fAuthnLevel":"TOTP authentication level",
|
||||
"totp2fDigits":"Number of digits",
|
||||
"totp2fDisplayExistingSecret":"Display existing secret",
|
||||
"totp2fInterval":"Interval",
|
||||
"totp2fIssuer":"TOTP Issuer name",
|
||||
"totp2fLabel":"Label",
|
||||
|
@ -1115,7 +1114,6 @@
|
|||
"totp2fRange":"Range of attempts",
|
||||
"totp2fSelfRegistration":"Self registration",
|
||||
"totp2fTTL":"Lifetime",
|
||||
"totp2fUserCanChangeKey":"Change existing secret",
|
||||
"totp2fUserCanRemoveKey":"Allow user to remove TOTP",
|
||||
"trustedDomains":"Trusted domains",
|
||||
"trustedProxies":"Trusted proxies IP",
|
||||
|
|
|
@ -1107,7 +1107,6 @@
|
|||
"totp2fActivation":"啟用",
|
||||
"totp2fAuthnLevel":"TOTP 驗證等級",
|
||||
"totp2fDigits":"位數",
|
||||
"totp2fDisplayExistingSecret":"顯示既有的祕密",
|
||||
"totp2fInterval":"間隔",
|
||||
"totp2fIssuer":"TOTP 發行者名稱",
|
||||
"totp2fLabel":"標籤",
|
||||
|
@ -1115,7 +1114,6 @@
|
|||
"totp2fRange":"嘗試範圍",
|
||||
"totp2fSelfRegistration":"自行註冊",
|
||||
"totp2fTTL":"終生",
|
||||
"totp2fUserCanChangeKey":"變更既有的祕密",
|
||||
"totp2fUserCanRemoveKey":"允許使用者移除 TOTP",
|
||||
"trustedDomains":"受信任的網域",
|
||||
"trustedProxies":"受信任的代理伺服器 IP",
|
||||
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
Loading…
Reference in New Issue
Block a user