dani
/
lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Force reAuth from 2fManager (#2714)

This commit is contained in:
Christophe Maudoux 2022-03-04 23:14:32 +01:00
parent 50c312acc3
commit f6f9fe29cf
4 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Engines/Default.pm
View File

@ -207,9 +207,11 @@ sub init {
sub run {
my ( $self, $req ) = @_;
my $checkLogins = $req->param('checkLogins');
my $forceUpgrade = $req->param('forceUpgrade');
my $stayconnected = $req->param('stayconnected');
my $spoofId = $req->param('spoofId') || '';
$self->logger->debug("2F checkLogins set") if ($checkLogins);
$self->logger->debug("2F checkLogins set") if $checkLogins;
$self->logger->debug("2F forceUgrade set") if $forceUpgrade;
# Skip 2F unless a module has been registered
unless ( @{ $self->sfModules } ) {
@ -226,7 +228,7 @@ sub run {
# Skip 2F if authnLevel is already high enough
if (
$self->conf->{sfOnlyUpgrade}
$self->conf->{sfOnlyUpgrade} && !$forceUpgrade
and ( ( $req->pdata->{targetAuthnLevel} || 0 ) <=
( $req->sessionInfo->{authenticationLevel} || 0 ) )
)
@ -502,7 +504,8 @@ sub _displayRegister {
return [ 302, [ Location => $self->conf->{portal} . $am[0]->{URL} ], [] ]
if (
@am == 1
and not( $req->userData->{_2fDevices} && $req->userData->{_2fDevices} =~ /\w+/
and not( $req->userData->{_2fDevices}
&& $req->userData->{_2fDevices} =~ /\w+/
or $req->data->{sfRegRequired} )
);

2
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Upgrade.pm
View File

@ -73,6 +73,7 @@ sub ask {
if ( $req->param('upgrading') or $req->param('kerberos') );
my $url = $req->param('url') || '';
my $forceUpgrade = $req->param('forceUpgrade') || '';
my $action = ( $message =~ /^askTo(\w+)$/ )[0];
$self->logger->debug(" -> $action required");
$self->logger->debug(" -> Skip confirmation is enabled")
@ -91,6 +92,7 @@ sub ask {
BUTTON => $buttonlabel,
CONFIRMKEY => $self->p->stamp,
PORTAL => $self->conf->{portal},
FORCEUPGRADE => $forceUpgrade,
URL => $url,
(
$self->conf->{"skip${action}Confirmation"}

2
lemonldap-ng-portal/site/templates/bootstrap/2fregisters.tpl
View File

@ -90,7 +90,7 @@
<div class="buttons">
<TMPL_IF NAME="DISPLAY_UPG">
<a href="<TMPL_VAR NAME="PORTAL_URL">upgradesession?url=<TMPL_VAR NAME="SFREGISTERS_URL">" class="btn btn-success" role="button">
<a href="<TMPL_VAR NAME="PORTAL_URL">upgradesession?forceUpgrade=1&url=<TMPL_VAR NAME="SFREGISTERS_URL">" class="btn btn-success" role="button">
<span class="fa fa-sign-in"></span>
<span trspan="upgradeSession">Upgrade session</span>
</a>

1
lemonldap-ng-portal/site/templates/bootstrap/upgradesession.tpl
View File

@ -6,6 +6,7 @@
<form id="upgrd" action="<TMPL_VAR NAME="FORMACTION">" method="post" class="password" role="form">
<input type="hidden" name="confirm" value="<TMPL_VAR NAME="CONFIRMKEY">">
<input type="hidden" id="forceUpgrade" name="forceUpgrade" value="<TMPL_VAR NAME="FORCEUPGRADE">" />
<input type="hidden" name="url" value="<TMPL_VAR NAME="URL">">
<div class="buttons">
<button type="submit" class="btn btn-success">