Merge branch 'fix-2fa-timeout-2757' into 'v2.0'
Add specific 2FA timeout (#2757) See merge request lemonldap-ng/lemonldap-ng!269
This commit is contained in:
commit
cd41ba8872
|
@ -562,6 +562,7 @@ sfEngine Second factor engine
|
||||||
sfExtra Extra second factors ✔
|
sfExtra Extra second factors ✔
|
||||||
sfManagerRule Rule to display second factor Manager link ✔
|
sfManagerRule Rule to display second factor Manager link ✔
|
||||||
sfOnlyUpgrade Only trigger second factor on session upgrade ✔
|
sfOnlyUpgrade Only trigger second factor on session upgrade ✔
|
||||||
|
sfLoginTimeout Timeout for 2F login process ✔
|
||||||
sfRegisterTimeout Timeout for 2F registration process ✔
|
sfRegisterTimeout Timeout for 2F registration process ✔
|
||||||
sfRemovedMsgRule Display a message if at leat one expired SF has been removed ✔
|
sfRemovedMsgRule Display a message if at leat one expired SF has been removed ✔
|
||||||
sfRemovedNotifMsg Notification message ✔
|
sfRemovedNotifMsg Notification message ✔
|
||||||
|
|
|
@ -76,10 +76,19 @@ of doing a complete reauthentication.
|
||||||
|
|
||||||
.. |beta| image:: /documentation/beta.png
|
.. |beta| image:: /documentation/beta.png
|
||||||
|
|
||||||
|
Login timeout
|
||||||
|
-------------
|
||||||
|
|
||||||
|
Allowed time for the user to authenticate using their second factor. By default
|
||||||
|
it is set to 2 minutes, but some complex second factor types (TOTP, email...)
|
||||||
|
may require more time to be used.
|
||||||
|
|
||||||
Registration timeout
|
Registration timeout
|
||||||
--------------------
|
--------------------
|
||||||
|
|
||||||
Allowed time to register a TOTP.
|
Allowed time for the user to register their new second factor. By default it is
|
||||||
|
set to 2 minutes, but some complex second factor types (TOTP...) may require
|
||||||
|
more time to be registered.
|
||||||
|
|
||||||
Second factor expiration
|
Second factor expiration
|
||||||
------------------------
|
------------------------
|
||||||
|
|
|
@ -17,7 +17,7 @@ sub defaultValues {
|
||||||
},
|
},
|
||||||
'authChoiceParam' => 'lmAuth',
|
'authChoiceParam' => 'lmAuth',
|
||||||
'authentication' => 'Demo',
|
'authentication' => 'Demo',
|
||||||
'available2F' =>
|
'available2F' =>
|
||||||
'UTOTP,TOTP,U2F,REST,Mail2F,Ext2F,WebAuthn,Yubikey,Radius',
|
'UTOTP,TOTP,U2F,REST,Mail2F,Ext2F,WebAuthn,Yubikey,Radius',
|
||||||
'available2FSelfRegistration' => 'TOTP,U2F,WebAuthn,Yubikey',
|
'available2FSelfRegistration' => 'TOTP,U2F,WebAuthn,Yubikey',
|
||||||
'bruteForceProtectionLockTimes' => '15, 30, 60, 300, 600',
|
'bruteForceProtectionLockTimes' => '15, 30, 60, 300, 600',
|
||||||
|
@ -102,7 +102,7 @@ sub defaultValues {
|
||||||
'globalLogoutTimer' => 1,
|
'globalLogoutTimer' => 1,
|
||||||
'globalStorage' => 'Apache::Session::File',
|
'globalStorage' => 'Apache::Session::File',
|
||||||
'globalStorageOptions' => {
|
'globalStorageOptions' => {
|
||||||
'Directory' => '/var/lib/lemonldap-ng/sessions/',
|
'Directory' => '/var/lib/lemonldap-ng/sessions/',
|
||||||
'generateModule' =>
|
'generateModule' =>
|
||||||
'Lemonldap::NG::Common::Apache::Session::Generate::SHA256',
|
'Lemonldap::NG::Common::Apache::Session::Generate::SHA256',
|
||||||
'LockDirectory' => '/var/lib/lemonldap-ng/sessions/lock/'
|
'LockDirectory' => '/var/lib/lemonldap-ng/sessions/lock/'
|
||||||
|
@ -175,20 +175,20 @@ sub defaultValues {
|
||||||
'locationRules' => {
|
'locationRules' => {
|
||||||
'default' => 'deny'
|
'default' => 'deny'
|
||||||
},
|
},
|
||||||
'logoutServices' => {},
|
'logoutServices' => {},
|
||||||
'macros' => {},
|
'macros' => {},
|
||||||
'mail2fActivation' => 0,
|
'mail2fActivation' => 0,
|
||||||
'mail2fCodeRegex' => '\\d{6}',
|
'mail2fCodeRegex' => '\\d{6}',
|
||||||
'mailCharset' => 'utf-8',
|
'mailCharset' => 'utf-8',
|
||||||
'mailFrom' => 'noreply@example.com',
|
'mailFrom' => 'noreply@example.com',
|
||||||
'mailSessionKey' => 'mail',
|
'mailSessionKey' => 'mail',
|
||||||
'mailTimeout' => 0,
|
'mailTimeout' => 0,
|
||||||
'mailUrl' => 'http://auth.example.com/resetpwd',
|
'mailUrl' => 'http://auth.example.com/resetpwd',
|
||||||
'managerDn' => '',
|
'managerDn' => '',
|
||||||
'managerPassword' => '',
|
'managerPassword' => '',
|
||||||
'max2FDevices' => 10,
|
'max2FDevices' => 10,
|
||||||
'max2FDevicesNameLength' => 20,
|
'max2FDevicesNameLength' => 20,
|
||||||
'multiValuesSeparator' => '; ',
|
'multiValuesSeparator' => '; ',
|
||||||
'mySessionAuthorizedRWKeys' =>
|
'mySessionAuthorizedRWKeys' =>
|
||||||
[ '_appsListOrder', '_oidcConnectedRP', '_oidcConsents' ],
|
[ '_appsListOrder', '_oidcConnectedRP', '_oidcConsents' ],
|
||||||
'newLocationWarningLocationAttribute' => 'ipAddr',
|
'newLocationWarningLocationAttribute' => 'ipAddr',
|
||||||
|
@ -196,7 +196,7 @@ sub defaultValues {
|
||||||
'newLocationWarningMaxValues' => '0',
|
'newLocationWarningMaxValues' => '0',
|
||||||
'notificationDefaultCond' => '',
|
'notificationDefaultCond' => '',
|
||||||
'notificationServerPOST' => 1,
|
'notificationServerPOST' => 1,
|
||||||
'notificationServerSentAttributes' =>
|
'notificationServerSentAttributes' =>
|
||||||
'uid reference date title subtitle text check',
|
'uid reference date title subtitle text check',
|
||||||
'notificationsMaxRetrieve' => 3,
|
'notificationsMaxRetrieve' => 3,
|
||||||
'notificationStorage' => 'File',
|
'notificationStorage' => 'File',
|
||||||
|
@ -250,7 +250,7 @@ sub defaultValues {
|
||||||
'passwordPolicyMinUpper' => 0,
|
'passwordPolicyMinUpper' => 0,
|
||||||
'passwordPolicySpecialChar' => '__ALL__',
|
'passwordPolicySpecialChar' => '__ALL__',
|
||||||
'passwordResetAllowedRetries' => 3,
|
'passwordResetAllowedRetries' => 3,
|
||||||
'persistentSessionAttributes' =>
|
'persistentSessionAttributes' =>
|
||||||
'_loginHistory _2fDevices notification_',
|
'_loginHistory _2fDevices notification_',
|
||||||
'port' => -1,
|
'port' => -1,
|
||||||
'portal' => 'http://auth.example.com/',
|
'portal' => 'http://auth.example.com/',
|
||||||
|
@ -261,7 +261,7 @@ sub defaultValues {
|
||||||
'portalDisplayGeneratePassword' => 1,
|
'portalDisplayGeneratePassword' => 1,
|
||||||
'portalDisplayLoginHistory' => 1,
|
'portalDisplayLoginHistory' => 1,
|
||||||
'portalDisplayLogout' => 1,
|
'portalDisplayLogout' => 1,
|
||||||
'portalDisplayOidcConsents' =>
|
'portalDisplayOidcConsents' =>
|
||||||
'$_oidcConsents && $_oidcConsents =~ /\\w+/',
|
'$_oidcConsents && $_oidcConsents =~ /\\w+/',
|
||||||
'portalDisplayRefreshMyRights' => 1,
|
'portalDisplayRefreshMyRights' => 1,
|
||||||
'portalDisplayRegister' => 1,
|
'portalDisplayRegister' => 1,
|
||||||
|
@ -290,11 +290,11 @@ sub defaultValues {
|
||||||
'http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService',
|
'http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService',
|
||||||
'proxy' => 'http://auth.example.com/sessions'
|
'proxy' => 'http://auth.example.com/sessions'
|
||||||
},
|
},
|
||||||
'requireToken' => 1,
|
'requireToken' => 1,
|
||||||
'rest2fActivation' => 0,
|
'rest2fActivation' => 0,
|
||||||
'restAuthnLevel' => 2,
|
'restAuthnLevel' => 2,
|
||||||
'restClockTolerance' => 15,
|
'restClockTolerance' => 15,
|
||||||
'sameSite' => '',
|
'sameSite' => '',
|
||||||
'samlAttributeAuthorityDescriptorAttributeServiceSOAP' =>
|
'samlAttributeAuthorityDescriptorAttributeServiceSOAP' =>
|
||||||
'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;',
|
'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;',
|
||||||
'samlAuthnContextMapKerberos' => 4,
|
'samlAuthnContextMapKerberos' => 4,
|
||||||
|
@ -334,7 +334,7 @@ sub defaultValues {
|
||||||
'0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact',
|
'0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact',
|
||||||
'samlSPSSODescriptorAssertionConsumerServiceHTTPPost' =>
|
'samlSPSSODescriptorAssertionConsumerServiceHTTPPost' =>
|
||||||
'1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost',
|
'1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost',
|
||||||
'samlSPSSODescriptorAuthnRequestsSigned' => 1,
|
'samlSPSSODescriptorAuthnRequestsSigned' => 1,
|
||||||
'samlSPSSODescriptorSingleLogoutServiceHTTPPost' =>
|
'samlSPSSODescriptorSingleLogoutServiceHTTPPost' =>
|
||||||
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn',
|
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn',
|
||||||
'samlSPSSODescriptorSingleLogoutServiceHTTPRedirect' =>
|
'samlSPSSODescriptorSingleLogoutServiceHTTPRedirect' =>
|
||||||
|
@ -347,7 +347,7 @@ sub defaultValues {
|
||||||
'sfEngine' => '::2F::Engines::Default',
|
'sfEngine' => '::2F::Engines::Default',
|
||||||
'sfManagerRule' => 1,
|
'sfManagerRule' => 1,
|
||||||
'sfRemovedMsgRule' => 0,
|
'sfRemovedMsgRule' => 0,
|
||||||
'sfRemovedNotifMsg' =>
|
'sfRemovedNotifMsg' =>
|
||||||
'_removedSF_ expired second factor(s) has/have been removed (_nameSF_)!',
|
'_removedSF_ expired second factor(s) has/have been removed (_nameSF_)!',
|
||||||
'sfRemovedNotifRef' => 'RemoveSF',
|
'sfRemovedNotifRef' => 'RemoveSF',
|
||||||
'sfRemovedNotifTitle' => 'Second factor notification',
|
'sfRemovedNotifTitle' => 'Second factor notification',
|
||||||
|
|
|
@ -67,7 +67,7 @@ sub types {
|
||||||
'hostname' => {
|
'hostname' => {
|
||||||
'form' => 'text',
|
'form' => 'text',
|
||||||
'msgFail' => '__badHostname__',
|
'msgFail' => '__badHostname__',
|
||||||
'test' =>
|
'test' =>
|
||||||
qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))?$/
|
qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))?$/
|
||||||
},
|
},
|
||||||
'int' => {
|
'int' => {
|
||||||
|
@ -257,7 +257,7 @@ m[^(?:(?:\-+\s*BEGIN\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\
|
||||||
'url' => {
|
'url' => {
|
||||||
'form' => 'text',
|
'form' => 'text',
|
||||||
'msgFail' => '__badUrl__',
|
'msgFail' => '__badUrl__',
|
||||||
'test' =>
|
'test' =>
|
||||||
qr/(?:^$|(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?))/
|
qr/(?:^$|(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?))/
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
@ -806,7 +806,7 @@ sub attributes {
|
||||||
},
|
},
|
||||||
'casSrvMetaDataOptionsUrl' => {
|
'casSrvMetaDataOptionsUrl' => {
|
||||||
'msgFail' => '__badUrl__',
|
'msgFail' => '__badUrl__',
|
||||||
'test' =>
|
'test' =>
|
||||||
qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/,
|
qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/,
|
||||||
'type' => 'text'
|
'type' => 'text'
|
||||||
},
|
},
|
||||||
|
@ -1345,7 +1345,7 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
|
||||||
'domain' => {
|
'domain' => {
|
||||||
'default' => 'example.com',
|
'default' => 'example.com',
|
||||||
'msgFail' => '__badDomainName__',
|
'msgFail' => '__badDomainName__',
|
||||||
'test' =>
|
'test' =>
|
||||||
qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?))?$/,
|
qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?))?$/,
|
||||||
'type' => 'text'
|
'type' => 'text'
|
||||||
},
|
},
|
||||||
|
@ -1488,7 +1488,7 @@ qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-
|
||||||
},
|
},
|
||||||
'globalStorageOptions' => {
|
'globalStorageOptions' => {
|
||||||
'default' => {
|
'default' => {
|
||||||
'Directory' => '/var/lib/lemonldap-ng/sessions/',
|
'Directory' => '/var/lib/lemonldap-ng/sessions/',
|
||||||
'generateModule' =>
|
'generateModule' =>
|
||||||
'Lemonldap::NG::Common::Apache::Session::Generate::SHA256',
|
'Lemonldap::NG::Common::Apache::Session::Generate::SHA256',
|
||||||
'LockDirectory' => '/var/lib/lemonldap-ng/sessions/lock/'
|
'LockDirectory' => '/var/lib/lemonldap-ng/sessions/lock/'
|
||||||
|
@ -1613,7 +1613,7 @@ qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-
|
||||||
'issuerDBGetParameters' => {
|
'issuerDBGetParameters' => {
|
||||||
'default' => {},
|
'default' => {},
|
||||||
'keyMsgFail' => '__badHostname__',
|
'keyMsgFail' => '__badHostname__',
|
||||||
'keyTest' =>
|
'keyTest' =>
|
||||||
qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)$/,
|
qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)$/,
|
||||||
'test' => {
|
'test' => {
|
||||||
'keyMsgFail' => '__badKeyName__',
|
'keyMsgFail' => '__badKeyName__',
|
||||||
|
@ -2816,7 +2816,7 @@ m[^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
|
||||||
'pdataDomain' => {
|
'pdataDomain' => {
|
||||||
'default' => '',
|
'default' => '',
|
||||||
'msgFail' => '__badDomainName__',
|
'msgFail' => '__badDomainName__',
|
||||||
'test' =>
|
'test' =>
|
||||||
qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?))?$/,
|
qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?))?$/,
|
||||||
'type' => 'text'
|
'type' => 'text'
|
||||||
},
|
},
|
||||||
|
@ -2837,7 +2837,7 @@ qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-
|
||||||
'portal' => {
|
'portal' => {
|
||||||
'default' => 'http://auth.example.com/',
|
'default' => 'http://auth.example.com/',
|
||||||
'msgFail' => '__badUrl__',
|
'msgFail' => '__badUrl__',
|
||||||
'test' =>
|
'test' =>
|
||||||
qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/,
|
qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/,
|
||||||
'type' => 'url'
|
'type' => 'url'
|
||||||
},
|
},
|
||||||
|
@ -3148,7 +3148,7 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
|
||||||
'keyTest' =>
|
'keyTest' =>
|
||||||
qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+))(?::\d+)?$/,
|
qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+))(?::\d+)?$/,
|
||||||
'msgFail' => '__badUrl__',
|
'msgFail' => '__badUrl__',
|
||||||
'test' =>
|
'test' =>
|
||||||
qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/,
|
qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/,
|
||||||
'type' => 'keyTextContainer'
|
'type' => 'keyTextContainer'
|
||||||
},
|
},
|
||||||
|
@ -3300,19 +3300,19 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
|
||||||
},
|
},
|
||||||
'samlCommonDomainCookieDomain' => {
|
'samlCommonDomainCookieDomain' => {
|
||||||
'msgFail' => '__badDomainName__',
|
'msgFail' => '__badDomainName__',
|
||||||
'test' =>
|
'test' =>
|
||||||
qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)$/,
|
qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)$/,
|
||||||
'type' => 'text'
|
'type' => 'text'
|
||||||
},
|
},
|
||||||
'samlCommonDomainCookieReader' => {
|
'samlCommonDomainCookieReader' => {
|
||||||
'msgFail' => '__badUrl__',
|
'msgFail' => '__badUrl__',
|
||||||
'test' =>
|
'test' =>
|
||||||
qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/,
|
qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/,
|
||||||
'type' => 'text'
|
'type' => 'text'
|
||||||
},
|
},
|
||||||
'samlCommonDomainCookieWriter' => {
|
'samlCommonDomainCookieWriter' => {
|
||||||
'msgFail' => '__badUrl__',
|
'msgFail' => '__badUrl__',
|
||||||
'test' =>
|
'test' =>
|
||||||
qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/,
|
qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/,
|
||||||
'type' => 'text'
|
'type' => 'text'
|
||||||
},
|
},
|
||||||
|
@ -3329,7 +3329,7 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
|
||||||
},
|
},
|
||||||
'samlDiscoveryProtocolURL' => {
|
'samlDiscoveryProtocolURL' => {
|
||||||
'msgFail' => '__badUrl__',
|
'msgFail' => '__badUrl__',
|
||||||
'test' =>
|
'test' =>
|
||||||
qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/,
|
qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/,
|
||||||
'type' => 'text'
|
'type' => 'text'
|
||||||
},
|
},
|
||||||
|
@ -4026,6 +4026,9 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
|
||||||
},
|
},
|
||||||
'type' => 'sfExtraContainer'
|
'type' => 'sfExtraContainer'
|
||||||
},
|
},
|
||||||
|
'sfLoginTimeout' => {
|
||||||
|
'type' => 'int'
|
||||||
|
},
|
||||||
'sfManagerRule' => {
|
'sfManagerRule' => {
|
||||||
'default' => 1,
|
'default' => 1,
|
||||||
'type' => 'boolOrExpr'
|
'type' => 'boolOrExpr'
|
||||||
|
@ -4126,7 +4129,7 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
|
||||||
},
|
},
|
||||||
'SMTPServer' => {
|
'SMTPServer' => {
|
||||||
'default' => '',
|
'default' => '',
|
||||||
'test' =>
|
'test' =>
|
||||||
qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+))(?::\d+)?)?$/,
|
qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+))(?::\d+)?)?$/,
|
||||||
'type' => 'text'
|
'type' => 'text'
|
||||||
},
|
},
|
||||||
|
|
|
@ -3374,6 +3374,10 @@ sub attributes {
|
||||||
help => 'secondfactor.html',
|
help => 'secondfactor.html',
|
||||||
documentation => 'Notification message',
|
documentation => 'Notification message',
|
||||||
},
|
},
|
||||||
|
sfLoginTimeout => {
|
||||||
|
type => 'int',
|
||||||
|
documentation => 'Timeout for 2F login process',
|
||||||
|
},
|
||||||
sfRegisterTimeout => {
|
sfRegisterTimeout => {
|
||||||
type => 'int',
|
type => 'int',
|
||||||
documentation => 'Timeout for 2F registration process',
|
documentation => 'Timeout for 2F registration process',
|
||||||
|
|
|
@ -886,6 +886,7 @@ sub tree {
|
||||||
'sfManagerRule',
|
'sfManagerRule',
|
||||||
'sfRequired',
|
'sfRequired',
|
||||||
'sfOnlyUpgrade',
|
'sfOnlyUpgrade',
|
||||||
|
'sfLoginTimeout',
|
||||||
'sfRegisterTimeout',
|
'sfRegisterTimeout',
|
||||||
{
|
{
|
||||||
title => 'utotp2f',
|
title => 'utotp2f',
|
||||||
|
|
|
@ -1076,6 +1076,7 @@
|
||||||
"session_s":"جلسة( أو جلسات )",
|
"session_s":"جلسة( أو جلسات )",
|
||||||
"sessions":"الجلسات",
|
"sessions":"الجلسات",
|
||||||
"sfExtra":"Additional second factors",
|
"sfExtra":"Additional second factors",
|
||||||
|
"sfLoginTimeout":"Login timeout",
|
||||||
"sfManagerRule":"Display Manager link",
|
"sfManagerRule":"Display Manager link",
|
||||||
"sfOnlyUpgrade":"Use 2FA for session upgrade",
|
"sfOnlyUpgrade":"Use 2FA for session upgrade",
|
||||||
"sfRegisterTimeout":"Registration timeout",
|
"sfRegisterTimeout":"Registration timeout",
|
||||||
|
@ -1248,4 +1249,4 @@
|
||||||
"yubikey2fUrl":"خدمة أل يو أر ل",
|
"yubikey2fUrl":"خدمة أل يو أر ل",
|
||||||
"yubikey2fUserCanRemoveKey":"Allow user to remove Yubikey",
|
"yubikey2fUserCanRemoveKey":"Allow user to remove Yubikey",
|
||||||
"zeroConfExplanations":"لا يحتوي الخادم على إعدادات. استخدام قالب لحفظ الأول"
|
"zeroConfExplanations":"لا يحتوي الخادم على إعدادات. استخدام قالب لحفظ الأول"
|
||||||
}
|
}
|
||||||
|
|
|
@ -1076,6 +1076,7 @@
|
||||||
"session_s":"session(s)",
|
"session_s":"session(s)",
|
||||||
"sessions":"Sessions",
|
"sessions":"Sessions",
|
||||||
"sfExtra":"Additional second factors",
|
"sfExtra":"Additional second factors",
|
||||||
|
"sfLoginTimeout":"Login timeout",
|
||||||
"sfManagerRule":"Display Manager link",
|
"sfManagerRule":"Display Manager link",
|
||||||
"sfOnlyUpgrade":"Use 2FA for session upgrade",
|
"sfOnlyUpgrade":"Use 2FA for session upgrade",
|
||||||
"sfRegisterTimeout":"Registration timeout",
|
"sfRegisterTimeout":"Registration timeout",
|
||||||
|
|
|
@ -1076,6 +1076,7 @@
|
||||||
"session_s":"sesión(es)",
|
"session_s":"sesión(es)",
|
||||||
"sessions":"Sesiones",
|
"sessions":"Sesiones",
|
||||||
"sfExtra":"Segundos factores adicionales",
|
"sfExtra":"Segundos factores adicionales",
|
||||||
|
"sfLoginTimeout":"Login timeout",
|
||||||
"sfManagerRule":"Display Manager link",
|
"sfManagerRule":"Display Manager link",
|
||||||
"sfOnlyUpgrade":"Use 2FA for session upgrade",
|
"sfOnlyUpgrade":"Use 2FA for session upgrade",
|
||||||
"sfRegisterTimeout":"Registration timeout",
|
"sfRegisterTimeout":"Registration timeout",
|
||||||
|
@ -1248,4 +1249,4 @@
|
||||||
"yubikey2fUrl":"URL de servicio",
|
"yubikey2fUrl":"URL de servicio",
|
||||||
"yubikey2fUserCanRemoveKey":"Allow user to remove Yubikey",
|
"yubikey2fUserCanRemoveKey":"Allow user to remove Yubikey",
|
||||||
"zeroConfExplanations":"Server has no configuration. Use template to save the first."
|
"zeroConfExplanations":"Server has no configuration. Use template to save the first."
|
||||||
}
|
}
|
||||||
|
|
|
@ -1076,6 +1076,7 @@
|
||||||
"session_s":"session(s)",
|
"session_s":"session(s)",
|
||||||
"sessions":"Sessions",
|
"sessions":"Sessions",
|
||||||
"sfExtra":"Seconds facteurs additionnels",
|
"sfExtra":"Seconds facteurs additionnels",
|
||||||
|
"sfLoginTimeout":"Délai maximum d'authentification",
|
||||||
"sfManagerRule":"Afficher le lien du Gestionnaire",
|
"sfManagerRule":"Afficher le lien du Gestionnaire",
|
||||||
"sfOnlyUpgrade":"Utiliser le SF pour augmenter le niveau d'authentification",
|
"sfOnlyUpgrade":"Utiliser le SF pour augmenter le niveau d'authentification",
|
||||||
"sfRegisterTimeout":"Délai d'expiration de l'enregistrement",
|
"sfRegisterTimeout":"Délai d'expiration de l'enregistrement",
|
||||||
|
|
|
@ -1076,6 +1076,7 @@
|
||||||
"session_s":"session(s)",
|
"session_s":"session(s)",
|
||||||
"sessions":"הפעלות",
|
"sessions":"הפעלות",
|
||||||
"sfExtra":"Additional second factors",
|
"sfExtra":"Additional second factors",
|
||||||
|
"sfLoginTimeout":"Login timeout",
|
||||||
"sfManagerRule":"Display Manager link",
|
"sfManagerRule":"Display Manager link",
|
||||||
"sfOnlyUpgrade":"Use 2FA for session upgrade",
|
"sfOnlyUpgrade":"Use 2FA for session upgrade",
|
||||||
"sfRegisterTimeout":"Registration timeout",
|
"sfRegisterTimeout":"Registration timeout",
|
||||||
|
@ -1248,4 +1249,4 @@
|
||||||
"yubikey2fUrl":"כתובת שירות",
|
"yubikey2fUrl":"כתובת שירות",
|
||||||
"yubikey2fUserCanRemoveKey":"לאפשר למשתמש להסיר Yubikey",
|
"yubikey2fUserCanRemoveKey":"לאפשר למשתמש להסיר Yubikey",
|
||||||
"zeroConfExplanations":"Server has no configuration. Use template to save the first."
|
"zeroConfExplanations":"Server has no configuration. Use template to save the first."
|
||||||
}
|
}
|
||||||
|
|
|
@ -1076,6 +1076,7 @@
|
||||||
"session_s":"sessione(i)",
|
"session_s":"sessione(i)",
|
||||||
"sessions":"Sessioni",
|
"sessions":"Sessioni",
|
||||||
"sfExtra":"Additional second factors",
|
"sfExtra":"Additional second factors",
|
||||||
|
"sfLoginTimeout":"Login timeout",
|
||||||
"sfManagerRule":"Display Manager link",
|
"sfManagerRule":"Display Manager link",
|
||||||
"sfOnlyUpgrade":"Use 2FA for session upgrade",
|
"sfOnlyUpgrade":"Use 2FA for session upgrade",
|
||||||
"sfRegisterTimeout":"Registration timeout",
|
"sfRegisterTimeout":"Registration timeout",
|
||||||
|
@ -1248,4 +1249,4 @@
|
||||||
"yubikey2fUrl":"URL del servizio",
|
"yubikey2fUrl":"URL del servizio",
|
||||||
"yubikey2fUserCanRemoveKey":"Autorizza l'utente a rimuovere la Yubikey",
|
"yubikey2fUserCanRemoveKey":"Autorizza l'utente a rimuovere la Yubikey",
|
||||||
"zeroConfExplanations":"Il server non ha alcuna configurazione. Utilizza il modello per salvare il primo."
|
"zeroConfExplanations":"Il server non ha alcuna configurazione. Utilizza il modello per salvare il primo."
|
||||||
}
|
}
|
||||||
|
|
|
@ -1076,6 +1076,7 @@
|
||||||
"session_s":"sesja/e",
|
"session_s":"sesja/e",
|
||||||
"sessions":"Sesje",
|
"sessions":"Sesje",
|
||||||
"sfExtra":"Dodatkowe drugie czynniki",
|
"sfExtra":"Dodatkowe drugie czynniki",
|
||||||
|
"sfLoginTimeout":"Login timeout",
|
||||||
"sfManagerRule":"Link do Menedżera wyświetlania",
|
"sfManagerRule":"Link do Menedżera wyświetlania",
|
||||||
"sfOnlyUpgrade":"Użyj 2FA do aktualizacji sesji",
|
"sfOnlyUpgrade":"Użyj 2FA do aktualizacji sesji",
|
||||||
"sfRegisterTimeout":"Registration timeout",
|
"sfRegisterTimeout":"Registration timeout",
|
||||||
|
@ -1248,4 +1249,4 @@
|
||||||
"yubikey2fUrl":"URL usługi",
|
"yubikey2fUrl":"URL usługi",
|
||||||
"yubikey2fUserCanRemoveKey":"Pozwól użytkownikowi usunąć Yubikey",
|
"yubikey2fUserCanRemoveKey":"Pozwól użytkownikowi usunąć Yubikey",
|
||||||
"zeroConfExplanations":"Serwer nie ma konfiguracji. Użyj szablonu, aby zapisać pierwszy."
|
"zeroConfExplanations":"Serwer nie ma konfiguracji. Użyj szablonu, aby zapisać pierwszy."
|
||||||
}
|
}
|
||||||
|
|
|
@ -1076,6 +1076,7 @@
|
||||||
"session_s":"oturum(lar)",
|
"session_s":"oturum(lar)",
|
||||||
"sessions":"Oturumlar",
|
"sessions":"Oturumlar",
|
||||||
"sfExtra":"Ek ikinci faktörler",
|
"sfExtra":"Ek ikinci faktörler",
|
||||||
|
"sfLoginTimeout":"Login timeout",
|
||||||
"sfManagerRule":"Yönetici bağlantısını görüntüle",
|
"sfManagerRule":"Yönetici bağlantısını görüntüle",
|
||||||
"sfOnlyUpgrade":"Oturum yükseltme için 2FA kullan",
|
"sfOnlyUpgrade":"Oturum yükseltme için 2FA kullan",
|
||||||
"sfRegisterTimeout":"Kayıtlanma zaman aşımı",
|
"sfRegisterTimeout":"Kayıtlanma zaman aşımı",
|
||||||
|
@ -1248,4 +1249,4 @@
|
||||||
"yubikey2fUrl":"Servis URL'si",
|
"yubikey2fUrl":"Servis URL'si",
|
||||||
"yubikey2fUserCanRemoveKey":"Yubikey'i kaldırmak için kullanıcıya izin ver",
|
"yubikey2fUserCanRemoveKey":"Yubikey'i kaldırmak için kullanıcıya izin ver",
|
||||||
"zeroConfExplanations":"Sunucunun yapılandırması yok. Şimdi bir tane kaydetmek için şablonu kullanın."
|
"zeroConfExplanations":"Sunucunun yapılandırması yok. Şimdi bir tane kaydetmek için şablonu kullanın."
|
||||||
}
|
}
|
||||||
|
|
|
@ -1076,6 +1076,7 @@
|
||||||
"session_s":"session (s)",
|
"session_s":"session (s)",
|
||||||
"sessions":"Phiên",
|
"sessions":"Phiên",
|
||||||
"sfExtra":"Additional second factors",
|
"sfExtra":"Additional second factors",
|
||||||
|
"sfLoginTimeout":"Login timeout",
|
||||||
"sfManagerRule":"Display Manager link",
|
"sfManagerRule":"Display Manager link",
|
||||||
"sfOnlyUpgrade":"Use 2FA for session upgrade",
|
"sfOnlyUpgrade":"Use 2FA for session upgrade",
|
||||||
"sfRegisterTimeout":"Registration timeout",
|
"sfRegisterTimeout":"Registration timeout",
|
||||||
|
@ -1248,4 +1249,4 @@
|
||||||
"yubikey2fUrl":"Dịch vụ URL",
|
"yubikey2fUrl":"Dịch vụ URL",
|
||||||
"yubikey2fUserCanRemoveKey":"Allow user to remove Yubikey",
|
"yubikey2fUserCanRemoveKey":"Allow user to remove Yubikey",
|
||||||
"zeroConfExplanations":"Máy chủ không có cấu hình. Sử dụng mẫu để lưu đầu tiên. "
|
"zeroConfExplanations":"Máy chủ không có cấu hình. Sử dụng mẫu để lưu đầu tiên. "
|
||||||
}
|
}
|
||||||
|
|
|
@ -1076,6 +1076,7 @@
|
||||||
"session_s":"工作階段",
|
"session_s":"工作階段",
|
||||||
"sessions":"工作階段",
|
"sessions":"工作階段",
|
||||||
"sfExtra":"額外的第二因素",
|
"sfExtra":"額外的第二因素",
|
||||||
|
"sfLoginTimeout":"Login timeout",
|
||||||
"sfManagerRule":"顯示管理程式連結",
|
"sfManagerRule":"顯示管理程式連結",
|
||||||
"sfOnlyUpgrade":"使用 2FA 進行工作階段升級",
|
"sfOnlyUpgrade":"使用 2FA 進行工作階段升級",
|
||||||
"sfRegisterTimeout":"Registration timeout",
|
"sfRegisterTimeout":"Registration timeout",
|
||||||
|
@ -1248,4 +1249,4 @@
|
||||||
"yubikey2fUrl":"服务 URL",
|
"yubikey2fUrl":"服务 URL",
|
||||||
"yubikey2fUserCanRemoveKey":"允許使用者移除 Yubikey",
|
"yubikey2fUserCanRemoveKey":"允許使用者移除 Yubikey",
|
||||||
"zeroConfExplanations":"伺服器未設定。使用飯本來儲存第一個。"
|
"zeroConfExplanations":"伺服器未設定。使用飯本來儲存第一個。"
|
||||||
}
|
}
|
||||||
|
|
|
@ -1076,6 +1076,7 @@
|
||||||
"session_s":"工作階段",
|
"session_s":"工作階段",
|
||||||
"sessions":"工作階段",
|
"sessions":"工作階段",
|
||||||
"sfExtra":"額外的第二因素",
|
"sfExtra":"額外的第二因素",
|
||||||
|
"sfLoginTimeout":"Login timeout",
|
||||||
"sfManagerRule":"顯示管理程式連結",
|
"sfManagerRule":"顯示管理程式連結",
|
||||||
"sfOnlyUpgrade":"使用 2FA 進行工作階段升級",
|
"sfOnlyUpgrade":"使用 2FA 進行工作階段升級",
|
||||||
"sfRegisterTimeout":"Registration timeout",
|
"sfRegisterTimeout":"Registration timeout",
|
||||||
|
@ -1248,4 +1249,4 @@
|
||||||
"yubikey2fUrl":"服務 URL",
|
"yubikey2fUrl":"服務 URL",
|
||||||
"yubikey2fUserCanRemoveKey":"允許使用者移除 Yubikey",
|
"yubikey2fUserCanRemoveKey":"允許使用者移除 Yubikey",
|
||||||
"zeroConfExplanations":"伺服器未設定。使用飯本來儲存第一個。"
|
"zeroConfExplanations":"伺服器未設定。使用飯本來儲存第一個。"
|
||||||
}
|
}
|
||||||
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -41,7 +41,8 @@ has ott => (
|
||||||
default => sub {
|
default => sub {
|
||||||
my $ott =
|
my $ott =
|
||||||
$_[0]->{p}->loadModule('Lemonldap::NG::Portal::Lib::OneTimeToken');
|
$_[0]->{p}->loadModule('Lemonldap::NG::Portal::Lib::OneTimeToken');
|
||||||
$ott->timeout( $_[0]->{conf}->{formTimeout} );
|
$ott->timeout( $_[0]->{conf}->{sfLoginTimeout}
|
||||||
|
|| $_[0]->{conf}->{formTimeout} );
|
||||||
return $ott;
|
return $ott;
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
|
|
@ -35,6 +35,7 @@ has ott => (
|
||||||
my $ott =
|
my $ott =
|
||||||
$_[0]->{p}->loadModule('Lemonldap::NG::Portal::Lib::OneTimeToken');
|
$_[0]->{p}->loadModule('Lemonldap::NG::Portal::Lib::OneTimeToken');
|
||||||
$ott->timeout( $_[0]->{conf}->{mail2fTimeout}
|
$ott->timeout( $_[0]->{conf}->{mail2fTimeout}
|
||||||
|
|| $_[0]->{conf}->{sfLoginTimeout}
|
||||||
|| $_[0]->{conf}->{formTimeout} );
|
|| $_[0]->{conf}->{formTimeout} );
|
||||||
return $ott;
|
return $ott;
|
||||||
}
|
}
|
||||||
|
|
|
@ -7,7 +7,7 @@ use Exporter 'import';
|
||||||
our $VERSION = '2.0.14';
|
our $VERSION = '2.0.14';
|
||||||
|
|
||||||
use constant HANDLER => 'Lemonldap::NG::Handler::PSGI::Main';
|
use constant HANDLER => 'Lemonldap::NG::Handler::PSGI::Main';
|
||||||
use constant URIRE =>
|
use constant URIRE =>
|
||||||
qr{(((?^:https?))://((?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::((?:[0-9]*)))?(/(((?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?]((?:(?:[;/?:\@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)};
|
qr{(((?^:https?))://((?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::((?:[0-9]*)))?(/(((?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?]((?:(?:[;/?:\@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)};
|
||||||
use constant {
|
use constant {
|
||||||
PE_IDPCHOICE => -5,
|
PE_IDPCHOICE => -5,
|
||||||
|
|
|
@ -25,7 +25,8 @@ has ott => (
|
||||||
default => sub {
|
default => sub {
|
||||||
my $ott =
|
my $ott =
|
||||||
$_[0]->{p}->loadModule('Lemonldap::NG::Portal::Lib::OneTimeToken');
|
$_[0]->{p}->loadModule('Lemonldap::NG::Portal::Lib::OneTimeToken');
|
||||||
$ott->timeout( $_[0]->{conf}->{formTimeout} );
|
$ott->timeout( $_[0]->{conf}->{sfLoginTimeout}
|
||||||
|
|| $_[0]->{conf}->{formTimeout} );
|
||||||
return $ott;
|
return $ott;
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
|
|
@ -19,9 +19,10 @@ SKIP: {
|
||||||
totp2fActivation => 1,
|
totp2fActivation => 1,
|
||||||
sfRequired => 1,
|
sfRequired => 1,
|
||||||
sfRegisterTimeout => 600,
|
sfRegisterTimeout => 600,
|
||||||
|
sfLoginTimeout => 600,
|
||||||
tokenUseGlobalStorage => 1,
|
tokenUseGlobalStorage => 1,
|
||||||
issuerDBCASActivation => 1,
|
issuerDBCASActivation => 1,
|
||||||
issuersTimeout => 600,
|
issuersTimeout => 1200,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
@ -128,9 +129,14 @@ SKIP: {
|
||||||
$pdata = 'lemonldappdata=' . expectCookie( $res, 'lemonldappdata' );
|
$pdata = 'lemonldappdata=' . expectCookie( $res, 'lemonldappdata' );
|
||||||
my ( $host, $url, $query ) =
|
my ( $host, $url, $query ) =
|
||||||
expectForm( $res, undef, '/totp2fcheck', 'token' );
|
expectForm( $res, undef, '/totp2fcheck', 'token' );
|
||||||
|
|
||||||
|
# Test Login timeout
|
||||||
|
Time::Fake->offset("+10m");
|
||||||
|
|
||||||
ok( $code = Lemonldap::NG::Common::TOTP::_code( undef, $key, 0, 30, 6 ),
|
ok( $code = Lemonldap::NG::Common::TOTP::_code( undef, $key, 0, 30, 6 ),
|
||||||
'Code' );
|
'Code' );
|
||||||
$query =~ s/code=/code=$code/;
|
$query =~ s/code=/code=$code/;
|
||||||
|
|
||||||
ok(
|
ok(
|
||||||
$res = $client->_post(
|
$res = $client->_post(
|
||||||
'/totp2fcheck', IO::String->new($query),
|
'/totp2fcheck', IO::String->new($query),
|
||||||
|
|
Loading…
Reference in New Issue