CheckState plugin (fixes: #1400)

2018-05-15 21:20:31 +02:00 · 2018-05-15 21:20:31 +02:00 · e40d8ccc1e
commit e40d8ccc1e
parent 86283952b0
14 changed files with 106 additions and 4 deletions
--- a/fastcgi-server/man/llng-fastcgi-server.1p
+++ b/fastcgi-server/man/llng-fastcgi-server.1p
@ -129,7 +129,7 @@
 .\" ========================================================================
 .\"
 .IX Title "llng-fastcgi-server 1"
-.TH llng-fastcgi-server 1 "2018-03-22" "perl v5.26.1" "User Contributed Perl Documentation"
+.TH llng-fastcgi-server 1 "2018-05-13" "perl v5.26.2" "User Contributed Perl Documentation"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
@ -753,6 +753,12 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
        'cfgVersion' => {
            'type' => 'text'
        },
        'checkState' => {
            'type' => 'bool'
        },
        'checkStateSecret' => {
            'type' => 'text'
        },
        'checkXSS' => {
            'default' => 1,
            'type'    => 'bool'
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
@ -368,6 +368,14 @@ sub attributes {
            type          => 'bool',
            documentation => 'Enable StayConnected plugin',
        },
        checkState => {
            type => 'bool',
            documentation => 'Enable CheckState plugin',
        },
        checkStateSecret => {
            type => 'text',
            documentation => 'Secret token for CheckState plugin',
        },
        # Loggers (ini only)
        logLevel => {
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm
@ -635,6 +635,11 @@ sub tree {
                            help  => 'autoSignin.html',
                            nodes => ['autoSigninRules'],
                        },
                        {
                            title => 'stateCheck',
                            help  => 'checkstate.html',
                            nodes => [ 'checkState', 'checkStateSecret', ],
                        },
                    ]
                },
                {
--- a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json
@ -146,6 +146,8 @@
 "cfgVersion":"عملية ضبط الإصدارات",
 "checkXSS":"تحقق من هجمات XSS",
 "clickHereToForce":"انقر هنا لإجبار",
 "checkState":"Activation",
 "checkStateSecret":"Shared secret",
 "choiceParams":"اختيارالإعدادات",
 "chooseLogo":"اختيار الشعار",
 "chooseSkin":"اختيار الغلاف",
@ -704,6 +706,7 @@
 "SSLVar":"حقل الشهادة الرقمية المستخرجة",
 "SSLVarIf":"حقل الشهادة الرقمية المستخرجة الشرطية",
 "ssoSessions":"جلسات السسو",
 "stateCheck":"State Check",
 "stayConnected":"الاتصالات المستمرة",
 "successfullySaved":"تم الحفظ بنجاح",
 "storePassword":"تخزين كلمة مرور المستخدم في بيانات الجلسة",
--- a/lemonldap-ng-manager/site/htdocs/static/languages/en.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/en.json
@ -146,6 +146,8 @@
 "cfgVersion":"Configuration version",
 "checkXSS":"Check XSS attacks",
 "clickHereToForce":"Click here to force",
 "checkState":"Activation",
 "checkStateSecret":"Shared secret",
 "choiceParams":"Choice parameters",
 "chooseLogo":"Choose logo",
 "chooseSkin":"Choose skin",
@ -704,6 +706,7 @@
 "SSLVar":"Extracted certificate field",
 "SSLVarIf":"Conditional extracted certificate field",
 "ssoSessions":"SSO sessions",
 "stateCheck":"State Check",
 "stayConnected":"Persistent connections",
 "successfullySaved":"Successfully saved",
 "storePassword":"Store user password in session datas",
--- a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json
@ -146,6 +146,8 @@
 "cfgVersion":"Version de la configuration",
 "checkXSS":"Contrôler les attaques XSS",
 "clickHereToForce":"Cliquer ici pour forcer",
 "checkState":"Activation",
 "checkStateSecret":"Secret partagé",
 "choiceParams":"Paramètres des choix",
 "chooseLogo":"Choisir le logo",
 "chooseSkin":"Choisir le thème",
@ -704,6 +706,7 @@
 "SSLVar":"Champ extrait du certificat",
 "SSLVarIf":"Champ conditionnel extrait du certificat",
 "ssoSessions":"Sessions SSO",
 "stateCheck":"Vérification de l'état",
 "stayConnected":"Connexions persistantes",
 "successfullySaved":"Sauvegarde effectuée",
 "storePassword":"Stocke le mot de passe de l'utilisateur en session",
--- a/lemonldap-ng-manager/site/htdocs/static/languages/it.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/it.json
@ -146,6 +146,8 @@
 "cfgVersion":"Versione configurazione",
 "checkXSS":"Verifica attacchi XSS",
 "clickHereToForce":"Clicca qui per forzare",
 "checkState":"Activation",
 "checkStateSecret":"Shared secret",
 "choiceParams":"Scelta parametri",
 "chooseLogo":"Scegli logo",
 "chooseSkin":"Scegli interfaccia",
@ -704,6 +706,7 @@
 "SSLVar":"Campo certificato estratto",
 "SSLVarIf":"Campo di certificato estratto condizionale",
 "ssoSessions":"Sessioni SSO",
 "stateCheck":"State Check",
 "stayConnected":"Connessioni persistenti",
 "successfullySaved":"Salvato con successo",
 "storePassword":"Memorizzare la password dell'utente nei dati di sessione",
--- a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json
@ -146,6 +146,8 @@
 "cfgVersion":"Phiên bản cấu hình",
 "checkXSS":"Kiểm tra tấn công XSS",
 "clickHereToForce":"Nhấp vào đây để bắt buộc",
 "checkState":"Activation",
 "checkStateSecret":"Shared secret",
 "choiceParams":"Các tham số lựa chọn",
 "chooseLogo":"Chọn logo",
 "chooseSkin":"Chọn giao diện",
@ -659,8 +661,8 @@
 "save":"Lưu",
 "saveReport":"Lưu báo cáo",
 "savingConfirmation":"Lưu xác nhận",
 "secondFactors":"Second factors",
 "search":"Search ...",
 "secondFactors":"Second factors",
 "securedCookie":"Cookie bảo mật (SSL)",
 "security":"An ninh",
 "serverError":"Lỗi máy chủ",
@ -704,6 +706,7 @@
 "SSLVar":"Trích xuất trường chứng chỉ",
 "SSLVarIf":"Trích xuất trường chứng chỉ có điều kiện",
 "ssoSessions":"Phiên SSO",
 "stateCheck":"State Check",
 "stayConnected":"Duy trì kết nối",
 "successfullySaved":"Lưu thành công",
 "storePassword":"Lưu trữ mật khẩu người dùng trong các dữ liệu phiên",
--- a/lemonldap-ng-manager/site/htdocs/static/reverseTree.json
+++ b/lemonldap-ng-manager/site/htdocs/static/reverseTree.json
--- a/lemonldap-ng-manager/site/htdocs/static/struct.json
+++ b/lemonldap-ng-manager/site/htdocs/static/struct.json
--- a/lemonldap-ng-portal/MANIFEST
+++ b/lemonldap-ng-portal/MANIFEST
@ -94,6 +94,7 @@ lib/Lemonldap/NG/Portal/Password/Null.pm
 lib/Lemonldap/NG/Portal/Password/REST.pm
 lib/Lemonldap/NG/Portal/Plugins/AutoSignin.pm
 lib/Lemonldap/NG/Portal/Plugins/CDA.pm
 lib/Lemonldap/NG/Portal/Plugins/CheckState.pm
 lib/Lemonldap/NG/Portal/Plugins/GrantSession.pm
 lib/Lemonldap/NG/Portal/Plugins/History.pm
 lib/Lemonldap/NG/Portal/Plugins/MailReset.pm
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm
@ -22,6 +22,7 @@ our @pList = (
    grantSessionRule           => '::Plugins::GrantSession',
    upgradeSession             => '::Plugins::Upgrade',
    autoSigninRules            => '::Plugins::AutoSignin',
    checkState                 => '::Plugins::CheckState',
 );
 ##@method list enabledPlugins
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckState.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckState.pm
@ -0,0 +1,66 @@
 # Check state plugin
 #
 # test if portal is well loaded. If user/pasword parameters are set, it tests
 # also login process
 package Lemonldap::NG::Portal::Plugins::CheckState;
 use strict;
 use Mouse;
 our $VERSION = '2.0.0';
 extends 'Lemonldap::NG::Portal::Main::Plugin';
 # INITIALIZATION
 sub init {
    my ($self) = @_;
    unless ( $self->conf->{checkStateSecret} ) {
        $self->logger->error(
            'checkStateSecret is required for "check state" plugin');
        return 0;
    }
    $self->addUnauthRoute( checkstate => 'check', ['GET'] );
    return 1;
 }
 sub check {
    my ( $self, $req ) = @_;
    my @rep;
    unless ($req->param('secret')
        and $req->param('secret') eq $self->conf->{checkStateSecret} )
    {
        return $self->p->sendError( $req, 'Bad secret' );
    }
    $req->steps( [ 'controlUrl', @{ $self->p->beforeAuth } ] );
    my $res = $self->p->process($req);
    if ( $res > 0 ) {
        push @rep, "Bad result before auth: $res";
    }
    if ( my $user = $req->param('user') and my $pwd = $req->param('password') )
    {
        # Note that "extractFormInfo" isn't launched due to "token"
        $req->user($user);
        $req->datas->{password} = $pwd;
        $req->steps(
            [
                'getUser',                          'authenticate',
                @{ $self->p->betweenAuthAndDatas }, $self->p->sessionDatas,
                @{ $self->p->afterDatas }
            ]
        );
        if ( $res = $self->p->process( $req, ) ) {
            push @rep, "Bad result during auth: $res";
        }
        $self->p->deleteSession($req);
    }
    if (@rep) {
        return $self->p->sendError( $req, join( ",\n", @rep ), 500 );
    }
    else {
        return $self->p->sendJSONresponse( $req, { result => 1 } );
    }
 }
 1;