CheckUser with tokenGlobalStorage & Warn if SSO groups are merged
This commit is contained in:
Christophe Maudoux
parent
570513ab96
commit
e46fac82b2
|
|
@ -78,8 +78,14 @@ sub createToken {
|
|||
# Create a new session
|
||||
my $tsession =
|
||||
$self->p->getApacheSession( undef, info => $infos, kind => 'TOKEN' );
|
||||
$self->logger->debug("Token $tsession->{id} created");
|
||||
return $tsession->id;
|
||||
if ( $tsession->{id} ) {
|
||||
$self->logger->debug("Token $tsession->{id} created");
|
||||
return $tsession->id;
|
||||
}
|
||||
else {
|
||||
$self->logger->error("NO token created");
|
||||
return undef;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -66,13 +66,15 @@ sub check {
|
|||
my $token = $req->param('token');
|
||||
unless ($token) {
|
||||
$self->userLogger->warn('checkUser try without token');
|
||||
$msg = PE_NOTOKEN;
|
||||
$token = $self->ott->createToken( $req->userData );
|
||||
$msg = PE_NOTOKEN;
|
||||
$token = $self->ott->createToken( { _user => $req->{_user}, } );
|
||||
}
|
||||
unless ( $self->ott->getToken($token) ) {
|
||||
$token = $self->ott->getToken($token);
|
||||
#unless ( $token and $token->{_user} eq $req->{_user} ) {
|
||||
unless ( $token ) {
|
||||
$self->userLogger->warn('checkUser try with expired/bad token');
|
||||
$msg = PE_TOKENEXPIRED;
|
||||
$token = $self->ott->createToken( $req->userData );
|
||||
$msg = PE_TOKENEXPIRED;
|
||||
$token = $self->ott->createToken( { _user => $req->{_user}, } );
|
||||
}
|
||||
my $params = {
|
||||
PORTAL => $self->conf->{portal},
|
||||
|
|
@ -111,7 +113,7 @@ sub check {
|
|||
LOGIN => '',
|
||||
TOKEN => (
|
||||
$self->ottRule->( $req, {} )
|
||||
? $self->ott->createToken( $req->userData )
|
||||
? $self->ott->createToken( { _user => $req->{_user}, } )
|
||||
: ''
|
||||
)
|
||||
}
|
||||
|
|
@ -138,7 +140,10 @@ sub check {
|
|||
$attrs = {};
|
||||
}
|
||||
else {
|
||||
$msg = 'checkUser';
|
||||
#$msg = 'checkUser';
|
||||
|
||||
$msg = $self->{conf}->{impersonationMergeSSOgroups} ? 'checkUserMerged'
|
||||
: 'checkUser';
|
||||
|
||||
# Create an array of hashes for template loop
|
||||
$self->logger->debug("Delete hidden or empty attributes");
|
||||
|
|
@ -217,7 +222,7 @@ sub check {
|
|||
GROUPS => $array_attrs->[0],
|
||||
TOKEN => (
|
||||
$self->ottRule->( $req, {} )
|
||||
? $self->ott->createToken( $req->userData )
|
||||
? $self->ott->createToken( { _user => $req->{_user}, } )
|
||||
: ''
|
||||
)
|
||||
};
|
||||
|
|
@ -260,18 +265,24 @@ sub display {
|
|||
|
||||
# Display form
|
||||
my $params = {
|
||||
PORTAL => $self->conf->{portal},
|
||||
MAIN_LOGO => $self->conf->{portalMainLogo},
|
||||
LANGS => $self->conf->{showLanguages},
|
||||
MSG => 'checkUser',
|
||||
ALERTE => 'alert-info',
|
||||
PORTAL => $self->conf->{portal},
|
||||
MAIN_LOGO => $self->conf->{portalMainLogo},
|
||||
LANGS => $self->conf->{showLanguages},
|
||||
MSG => (
|
||||
$self->{conf}->{impersonationMergeSSOgroups} ? 'checkUserMerged'
|
||||
: 'checkUser'
|
||||
),
|
||||
ALERTE => (
|
||||
$self->{conf}->{impersonationMergeSSOgroups} ? 'alert-warning'
|
||||
: 'alert-info'
|
||||
),
|
||||
LOGIN => $req->{userData}->{uid},
|
||||
ATTRIBUTES => $array_attrs->[2],
|
||||
MACROS => $array_attrs->[1],
|
||||
GROUPS => $array_attrs->[0],
|
||||
TOKEN => (
|
||||
$self->ottRule->( $req, {} )
|
||||
? $self->ott->createToken( $req->userData )
|
||||
? $self->ott->createToken( { _user => $req->{_user}, } )
|
||||
: ''
|
||||
)
|
||||
};
|
||||
|
|
|
|||
|
|
@ -108,6 +108,7 @@
|
|||
"changePwd":"غير كلمة المرور الخاصة بك",
|
||||
"checkLastLogins":"تحقق من آخر تسجيلات دخول الخاصة بي",
|
||||
"checkUser":"Check user SSO profile",
|
||||
"checkUserMerged":"Check user SSO profile. Real and Spoofed SSO groups are merged!!!",
|
||||
"choose2f":"Choose your second factor",
|
||||
"chooseApp":"اختر أحد التطبيقات المسموح لك بالدخول إليها",
|
||||
"clickHere":"الرجاء الضغط هنا",
|
||||
|
|
|
|||
|
|
@ -108,6 +108,7 @@
|
|||
"changePwd":"Ändere dein Passwort",
|
||||
"checkLastLogins":"Überprüfe meine letzten Logins",
|
||||
"checkUser":"Check user SSO profile",
|
||||
"checkUserMerged":"Check user SSO profile. Real and Spoofed SSO groups are merged!!!",
|
||||
"choose2f":"Wählen deinen Ihren zweiten Faktor",
|
||||
"chooseApp":"Wählen Sie eine Anwendung aus, auf die du zugreifen darfst",
|
||||
"clickHere":"Bitte hier klicken",
|
||||
|
|
|
|||
|
|
@ -108,6 +108,7 @@
|
|||
"changePwd":"Change your password",
|
||||
"checkLastLogins":"Check my last logins",
|
||||
"checkUser":"Check user SSO profile",
|
||||
"checkUserMerged":"Check user SSO profile. Real and Spoofed SSO groups are merged!!!",
|
||||
"choose2f":"Choose your second factor",
|
||||
"chooseApp":"Choose an application your are allowed to access to",
|
||||
"clickHere":"Please click here",
|
||||
|
|
|
|||
|
|
@ -108,6 +108,7 @@
|
|||
"changePwd":"Change your password",
|
||||
"checkLastLogins":"Check my last logins",
|
||||
"checkUser":"Check user SSO profile",
|
||||
"checkUserMerged":"Check user SSO profile. Real and Spoofed SSO groups are merged!!!",
|
||||
"choose2f":"Choose your second factor",
|
||||
"chooseApp":"Choose an application your are allowed to access to",
|
||||
"clickHere":"Please click here",
|
||||
|
|
|
|||
|
|
@ -108,6 +108,7 @@
|
|||
"changePwd":"Vaihda salasanasi",
|
||||
"checkLastLogins":"Tarkista viimeiset kirjautumiseni",
|
||||
"checkUser":"Check user SSO profile",
|
||||
"checkUserMerged":"Check user SSO profile. Real and Spoofed SSO groups are merged!!!",
|
||||
"choose2f":"Choose your second factor",
|
||||
"chooseApp":"Choose an application your are allowed to access to",
|
||||
"clickHere":"Please click here",
|
||||
|
|
|
|||
|
|
@ -108,6 +108,7 @@
|
|||
"changePwd":"Changez votre mot de passe",
|
||||
"checkLastLogins":"Voir mes dernières connexions",
|
||||
"checkUser":"Vérifier le profil SSO d'un utilisateur",
|
||||
"checkUserMerged":"Vérifier le profil SSO d'un utilisateur. Les groupes SSO réels et usurpés sont fusionnés !!!",
|
||||
"choose2f":"Choisissez votre second facteur",
|
||||
"chooseApp":"Choisissez une application à laquelle vous êtes autorisé à accéder",
|
||||
"clickHere":"Cliquez ici",
|
||||
|
|
|
|||
|
|
@ -108,6 +108,7 @@
|
|||
"changePwd":"Cambia la tua password",
|
||||
"checkLastLogins":"Controllare i miei ultimi accessi",
|
||||
"checkUser":"Controlla il profilo SSO dell'utente",
|
||||
"checkUserMerged":"Check user SSO profile. Real and Spoofed SSO groups are merged!!!",
|
||||
"choose2f":"Scegli il tuo secondo fattore",
|
||||
"chooseApp":"Scegli un'applicazione alla quale ti è consentito l'accesso",
|
||||
"clickHere":"Per favore clicka qui",
|
||||
|
|
|
|||
|
|
@ -108,6 +108,7 @@
|
|||
"changePwd":"Change your password",
|
||||
"checkLastLogins":"Check my last logins",
|
||||
"checkUser":"Check user SSO profile",
|
||||
"checkUserMerged":"Check user SSO profile. Real and Spoofed SSO groups are merged!!!",
|
||||
"choose2f":"Choose your second factor",
|
||||
"chooseApp":"Choose an application your are allowed to access to",
|
||||
"clickHere":"Please click here",
|
||||
|
|
|
|||
|
|
@ -108,6 +108,7 @@
|
|||
"changePwd":"Change your password",
|
||||
"checkLastLogins":"Check my last logins",
|
||||
"checkUser":"Check user SSO profile",
|
||||
"checkUserMerged":"Check user SSO profile. Real and Spoofed SSO groups are merged!!!",
|
||||
"choose2f":"Choose your second factor",
|
||||
"chooseApp":"Choose an application your are allowed to access to",
|
||||
"clickHere":"Please click here",
|
||||
|
|
|
|||
|
|
@ -108,6 +108,7 @@
|
|||
"changePwd":"Change your password",
|
||||
"checkLastLogins":"Check my last logins",
|
||||
"checkUser":"Check user SSO profile",
|
||||
"checkUserMerged":"Check user SSO profile. Real and Spoofed SSO groups are merged!!!",
|
||||
"choose2f":"Choose your second factor",
|
||||
"chooseApp":"Choose an application your are allowed to access to",
|
||||
"clickHere":"Please click here",
|
||||
|
|
|
|||
|
|
@ -108,6 +108,7 @@
|
|||
"changePwd":"Thay đổi mật khẩu của bạn",
|
||||
"checkLastLogins":"Kiểm tra lần đăng nhập cuối cùng của bạn",
|
||||
"checkUser":"Check user SSO profile",
|
||||
"checkUserMerged":"Check user SSO profile. Real and Spoofed SSO groups are merged!!!",
|
||||
"choose2f":"Choose your second factor",
|
||||
"chooseApp":"Chọn một ứng dụng bạn được phép truy cập vào",
|
||||
"clickHere":"Vui lòng nhấp vào đây",
|
||||
|
|
|
|||
|
|
@ -108,6 +108,7 @@
|
|||
"changePwd":"修改您的密码",
|
||||
"checkLastLogins":"Check my last logins",
|
||||
"checkUser":"Check user SSO profile",
|
||||
"checkUserMerged":"Check user SSO profile. Real and Spoofed SSO groups are merged!!!",
|
||||
"choose2f":"Choose your second factor",
|
||||
"chooseApp":"Choose an application your are allowed to access to",
|
||||
"clickHere":"请点击这里",
|
||||
|
|
|
|||
|
|
@ -18,6 +18,7 @@ my $client = LLNG::Manager::Test->new( {
|
|||
portalMainLogo => 'common/logos/logo_llng_old.png',
|
||||
checkUser => 1,
|
||||
requireToken => 1,
|
||||
tokenUseGlobalStorage => 0,
|
||||
formTimeout => 2,
|
||||
checkUserDisplayPersistentInfo => 1,
|
||||
checkUserDisplayEmptyValues => 1,
|
||||
|
|
|
|||
|
|
@ -62,8 +62,8 @@ ok(
|
|||
count(1);
|
||||
( $host, $url, $query ) =
|
||||
expectForm( $res, undef, '/checkuser', 'user', 'url' );
|
||||
ok( $res->[2]->[0] =~ m%<span trspan="checkUser">%, 'Found trspan="checkUser"' )
|
||||
or explain( $res->[2]->[0], 'trspan="checkUser"' );
|
||||
ok( $res->[2]->[0] =~ m%<span trspan="checkUserMerged">%, 'Found trspan="checkUserMerged"' )
|
||||
or explain( $res->[2]->[0], 'trspan="checkUserMerged"' );
|
||||
count(1);
|
||||
|
||||
$query =~ s/url=/url=test1.example.com/;
|
||||
|
|
@ -82,8 +82,8 @@ count(1);
|
|||
|
||||
( $host, $url, $query ) =
|
||||
expectForm( $res, undef, '/checkuser', 'user', 'url' );
|
||||
ok( $res->[2]->[0] =~ m%<span trspan="checkUser">%, 'Found trspan="checkUser"' )
|
||||
or explain( $res->[2]->[0], 'trspan="checkUser"' );
|
||||
ok( $res->[2]->[0] =~ m%<span trspan="checkUserMerged">%, 'Found trspan="checkUserMerged"' )
|
||||
or explain( $res->[2]->[0], 'trspan="checkUserMerged"' );
|
||||
ok(
|
||||
$res->[2]->[0] =~
|
||||
m%<div class="alert alert-success"><b><span trspan="allowed"></span></b></div>%,
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user