Commit 79eaa9cb authored by Christophe Maudoux's avatar Christophe Maudoux 🐛
Browse files

Merge branch 'marekwojtowicz-v2.0-patch-80762' into 'v2.0'

Support for multiple yubikeys.

See merge request !201
parents c9bf13aa 80a36483
Pipeline #14394 passed with stage
in 9 minutes and 17 seconds
...@@ -86,7 +86,7 @@ sub init { ...@@ -86,7 +86,7 @@ sub init {
sub _findYubikey { sub _findYubikey {
my ( $self, $req, $sessionInfo ) = @_; my ( $self, $req, $sessionInfo ) = @_;
my ( $yubikey, $_2fDevices ); my ( $yubikey, $_2fDevices, $code );
# First, lookup from session attribute # First, lookup from session attribute
if ( $self->conf->{yubikey2fFromSessionAttribute} ) { if ( $self->conf->{yubikey2fFromSessionAttribute} ) {
...@@ -109,8 +109,14 @@ sub _findYubikey { ...@@ -109,8 +109,14 @@ sub _findYubikey {
$self->logger->debug("2F Device(s) found"); $self->logger->debug("2F Device(s) found");
$self->logger->debug("Reading Yubikey ..."); $self->logger->debug("Reading Yubikey ...");
$yubikey = $_->{_yubikey} if ( $code = $req->param('code') ) {
foreach grep { $_->{type} eq 'UBK' } @$_2fDevices; $yubikey = $_->{_yubikey}
foreach grep { ($_->{type} eq 'UBK') and ( $_->{_yubikey} eq
substr( $code, 0, $self->conf->{yubikey2fPublicIDSize} ) ) } @$_2fDevices;
} else {
$yubikey = $_->{_yubikey}
foreach grep { $_->{type} eq 'UBK' } @$_2fDevices;
}
} }
return $yubikey; return $yubikey;
...@@ -171,7 +177,7 @@ sub verify { ...@@ -171,7 +177,7 @@ sub verify {
if ( if (
index( $yubikey, index( $yubikey,
substr( $code, 0, $self->conf->{yubikey2fPublicIDSize} ) ) == -1 substr( $code, 0, $self->conf->{yubikey2fPublicIDSize} ) ) == -1
) )
{ {
$self->userLogger->warn('Yubikey not registered'); $self->userLogger->warn('Yubikey not registered');
return PE_BADOTP; return PE_BADOTP;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment