Self unregister U2F key
This commit is contained in:
Christophe Maudoux
parent
10c06332fd
commit
fe28cbe7a0
|
|
@ -54,6 +54,37 @@ sub run {
|
|||
$self->userLogger->warn("U2F Registration failed: $err");
|
||||
return $self->p->sendError( $req, $err, 200 );
|
||||
}
|
||||
|
||||
if ( $action eq 'unregister' ) {
|
||||
my $challenge = $self->crypter->registrationChallenge;
|
||||
return [ 200, [ 'Content-Type' => 'application/json' ], [$challenge] ];
|
||||
}
|
||||
if ( $action eq 'unregistration' ) {
|
||||
my $resp;
|
||||
unless ( $resp = $req->param('unregistration') ) {
|
||||
return $self->p->sendError( $req, 'Missing unregistration parameter',
|
||||
400 );
|
||||
}
|
||||
$self->logger->debug("Get unregistration data $resp");
|
||||
my ( $keyHandle, $userKey ) = $self->crypter->registrationVerify($resp);
|
||||
if ( $keyHandle and $userKey ) {
|
||||
$self->p->updatePersistentSession(
|
||||
$req,
|
||||
{
|
||||
_u2fKeyHandle => 'NULL',
|
||||
_u2fUserKey => 'NULL'
|
||||
}
|
||||
);
|
||||
return [
|
||||
200, [ 'Content-Type' => 'application/json' ],
|
||||
['{"result":1}']
|
||||
];
|
||||
}
|
||||
my $err = Crypt::U2F::Server::Simple::lastError();
|
||||
$self->userLogger->warn("U2F Unregistration failed: $err");
|
||||
return $self->p->sendError( $req, $err, 200 );
|
||||
}
|
||||
|
||||
if ( $action eq 'verify' ) {
|
||||
my ( $err, $error ) = $self->loadUser($req);
|
||||
if ( $err == -1 ) {
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ LemonLDAP::NG U2F registration script
|
|||
*/
|
||||
|
||||
(function() {
|
||||
var displayError, register, setMsg, verify;
|
||||
var displayError, register, setMsg, verify, unregister;
|
||||
|
||||
setMsg = function(msg, level) {
|
||||
$('#msg').html(window.translate(msg));
|
||||
|
|
@ -72,6 +72,50 @@ LemonLDAP::NG U2F registration script
|
|||
});
|
||||
};
|
||||
|
||||
unregister = function() {
|
||||
return $.ajax({
|
||||
type: "POST",
|
||||
url: portal + "u2fregister/unregister",
|
||||
data: {},
|
||||
dataType: 'json',
|
||||
error: displayError,
|
||||
success: function(ch) {
|
||||
var request;
|
||||
request = [
|
||||
{
|
||||
challenge: ch.challenge,
|
||||
version: ch.version
|
||||
}
|
||||
];
|
||||
setMsg('touchU2fDevice', 'positive');
|
||||
$('#u2fPermission').show();
|
||||
return u2f.register(ch.appId, request, [], function(data) {
|
||||
$('#u2fPermission').hide();
|
||||
if (data.errorCode) {
|
||||
return setMsg('unableToGetU2FKey', 'warning');
|
||||
} else {
|
||||
return $.ajax({
|
||||
type: "POST",
|
||||
url: portal + "u2fregister/unregistration",
|
||||
data: {
|
||||
registration: JSON.stringify(data)
|
||||
},
|
||||
dataType: 'json',
|
||||
success: function(resp) {
|
||||
if (resp.error) {
|
||||
return setMsg('u2fFailed', 'warning');
|
||||
} else if (resp.result) {
|
||||
return setMsg('u2fUnregistered', 'positive');
|
||||
}
|
||||
},
|
||||
error: displayError
|
||||
});
|
||||
}
|
||||
});
|
||||
}
|
||||
});
|
||||
};
|
||||
|
||||
verify = function() {
|
||||
return $.ajax({
|
||||
type: "POST",
|
||||
|
|
@ -120,6 +164,7 @@ LemonLDAP::NG U2F registration script
|
|||
$('#u2fPermission').hide();
|
||||
$('#register').on('click', register);
|
||||
$('#verify').on('click', verify);
|
||||
$('#unregister').on('click', unregister);
|
||||
return $('#goback').attr('href', portal);
|
||||
});
|
||||
|
||||
|
|
|
|||
|
|
@ -176,7 +176,8 @@
|
|||
"redirectionToIdp":"إعادة توجيهك إلى موفر الهوية الخاص بك",
|
||||
"refreshrights": "قم بتحديث حقوقي",
|
||||
"refuse":"رفض",
|
||||
"register": "Register",
|
||||
"register": "تسجيل",
|
||||
"unregister": "إلغاء",
|
||||
"registerRequestAlreadyIssued":"تم إصدار طلب تسجيل لهذا الحساب من قبل",
|
||||
"rememberChoice":"تذكر اختياري",
|
||||
"removeOtherSessions":"إزالة الجلسات الأخرى",
|
||||
|
|
|
|||
|
|
@ -176,7 +176,8 @@
|
|||
"redirectionToIdp":"Redirection to your Identity Provider",
|
||||
"refreshrights": "Refresh my rights",
|
||||
"refuse":"Refuse",
|
||||
"register": "Register",
|
||||
"register": "Registrieren",
|
||||
"unregister": "Abmelden",
|
||||
"registerRequestAlreadyIssued":"A register request for this account was already issued on ",
|
||||
"rememberChoice":"Remember my choice",
|
||||
"removeOtherSessions":"Remove other sessions",
|
||||
|
|
|
|||
|
|
@ -177,6 +177,7 @@
|
|||
"refreshrights": "Refresh my rights",
|
||||
"refuse":"Refuse",
|
||||
"register": "Register",
|
||||
"unregister": "Unregister",
|
||||
"registerRequestAlreadyIssued":"A register request for this account was already issued on ",
|
||||
"rememberChoice":"Remember my choice",
|
||||
"removeOtherSessions":"Remove other sessions",
|
||||
|
|
|
|||
|
|
@ -176,7 +176,8 @@
|
|||
"redirectionToIdp":"Redirection to your Identity Provider",
|
||||
"refreshrights": "Refresh my rights",
|
||||
"refuse":"Refuse",
|
||||
"register": "Register",
|
||||
"register": "Registro",
|
||||
"unregister": "No Registrado",
|
||||
"registerRequestAlreadyIssued":"A register request for this account was already issued on ",
|
||||
"rememberChoice":"Remember my choice",
|
||||
"removeOtherSessions":"Remove other sessions",
|
||||
|
|
|
|||
|
|
@ -177,6 +177,7 @@
|
|||
"refreshrights": "Rafraîchir mes droits",
|
||||
"refuse":"Refuser",
|
||||
"register": "Enregistrer",
|
||||
"unregister": "Supprimer",
|
||||
"registerRequestAlreadyIssued":"Une demande de création pour ce compte a déjà été faite le ",
|
||||
"rememberChoice":"Se souvenir de mon choix",
|
||||
"removeOtherSessions":"Fermer les autres sessions",
|
||||
|
|
|
|||
|
|
@ -177,6 +177,7 @@
|
|||
"refreshrights": "Aggiorna i miei diritti",
|
||||
"refuse":"Rifiuta",
|
||||
"register": "Registra",
|
||||
"unregister": "Non Registra",
|
||||
"registerRequestAlreadyIssued":"Una richiesta di registrazione per questo conto é già stata rilasciata il",
|
||||
"rememberChoice":"Ricordarsi della mia scelta",
|
||||
"removeOtherSessions":"Rimuovere altre sessioni",
|
||||
|
|
|
|||
|
|
@ -176,7 +176,8 @@
|
|||
"redirectionToIdp":"Redirection to your Identity Provider",
|
||||
"refreshrights": "Refresh my rights",
|
||||
"refuse":"Refuse",
|
||||
"register": "Register",
|
||||
"register": "Registeren",
|
||||
"unregister": "Uitschrijven",
|
||||
"registerRequestAlreadyIssued":"A register request for this account was already issued on ",
|
||||
"rememberChoice":"Remember my choice",
|
||||
"removeOtherSessions":"Remove other sessions",
|
||||
|
|
|
|||
|
|
@ -176,7 +176,8 @@
|
|||
"redirectionToIdp":"Redirection to your Identity Provider",
|
||||
"refreshrights": "Refresh my rights",
|
||||
"refuse":"Refuse",
|
||||
"register": "Register",
|
||||
"register": "Registo",
|
||||
"unregister": "Cancelar o Registro",
|
||||
"registerRequestAlreadyIssued":"A register request for this account was already issued on ",
|
||||
"rememberChoice":"Remember my choice",
|
||||
"removeOtherSessions":"Remove other sessions",
|
||||
|
|
|
|||
|
|
@ -177,6 +177,7 @@
|
|||
"refreshrights": "Refresh my rights",
|
||||
"refuse":"Refuse",
|
||||
"register": "Register",
|
||||
"unregister": "Unregister",
|
||||
"registerRequestAlreadyIssued":"A register request for this account was already issued on ",
|
||||
"rememberChoice":"Remember my choice",
|
||||
"removeOtherSessions":"Remove other sessions",
|
||||
|
|
|
|||
|
|
@ -177,6 +177,7 @@
|
|||
"refreshrights": "Làm mới lại quyền của tôi",
|
||||
"refuse":"Từ chối",
|
||||
"register": "Đăng ký",
|
||||
"unregister": "Hủy đăng ký",
|
||||
"registerRequestAlreadyIssued":"Yêu cầu đăng ký cho tài khoản này đã được cấp phát",
|
||||
"rememberChoice":"Hãy nhớ sự lựa chọn của tôi",
|
||||
"removeOtherSessions":"Xóa các phiên khác",
|
||||
|
|
|
|||
|
|
@ -18,6 +18,10 @@
|
|||
<span class="glyphicon glyphicon-check"></span>
|
||||
<span trspan="verify">Verify</span>
|
||||
</span>
|
||||
<span id="unregister" class="btn btn-danger" role="button">
|
||||
<span class="glyphicon glyphicon-minus-sign"></span>
|
||||
<span trspan="unregister">Unregister</span>
|
||||
</span>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user