Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
lemonldap-ng
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
1
Issues
1
List
Boards
Labels
Service Desk
Milestones
Merge Requests
1
Merge Requests
1
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Incidents
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Maxime Besson
lemonldap-ng
Commits
90ddec7c
Commit
90ddec7c
authored
Feb 14, 2019
by
Christophe Maudoux
🐛
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
WIP - Optionaly let Ext2F module handle code generation (#1632)
parent
60e80fe1
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
73 additions
and
29 deletions
+73
-29
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Ext2F.pm
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Ext2F.pm
+73
-29
No files found.
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Ext2F.pm
View file @
90ddec7c
...
...
@@ -2,32 +2,46 @@ package Lemonldap::NG::Portal::2F::Ext2F;
use
strict
;
use
Mouse
;
use
String::
Random
;
use
Lemonldap::NG::Portal::Main::
Constants
qw(
PE_BADCREDENTIALS
PE_ERROR
PE_FORMEMPTY
PE_OK
PE_SENDRESPONSE
PE_BADCREDENTIALS
PE_ERROR
PE_FORMEMPTY
PE_OK
PE_SENDRESPONSE
)
;
our
$VERSION
=
'
2.0.
0
';
our
$VERSION
=
'
2.0.
3
';
extends
'
Lemonldap::NG::Portal::Main::SecondFactor
';
# INITIALIZATION
has
prefix
=>
(
is
=>
'
ro
',
default
=>
'
ext
'
);
has
random
=>
(
is
=>
'
rw
'
);
sub
init
{
my
(
$self
)
=
@_
;
foreach
(
qw(ext2FSendCommand ext2FValidateCommand)
)
{
unless
(
$self
->
conf
->
{
$_
}
)
{
$self
->
error
("
Missing
$_
parameter, aborting
");
return
0
;
unless
(
$self
->
conf
->
{
ext2fCodeActivation
}
)
{
foreach
(
qw(ext2FSendCommand ext2FValidateCommand)
)
{
unless
(
$self
->
conf
->
{
$_
}
)
{
$self
->
error
("
Missing
$_
parameter, aborting
");
return
0
;
}
}
$self
->
logo
(
$self
->
conf
->
{
ext2fLogo
}
)
if
(
$self
->
conf
->
{
ext2fLogo
}
);
return
$self
->
SUPER::
init
();
}
$self
->
logo
(
$self
->
conf
->
{
ext2fLogo
}
)
if
(
$self
->
conf
->
{
ext2fLogo
}
);
return
$self
->
SUPER::
init
();
if
(
$self
->
conf
->
{
ext2fCodeActivation
}
and
$self
->
conf
->
{
ext2FSendCommand
}
)
{
$self
->
random
(
String::
Random
->
new
);
$self
->
logo
(
$self
->
conf
->
{
ext2fLogo
}
)
if
(
$self
->
conf
->
{
ext2fLogo
}
);
return
$self
->
SUPER::
init
();
}
return
0
;
}
# RUNNING METHODS
...
...
@@ -38,14 +52,23 @@ sub run {
my
$checkLogins
=
$req
->
param
('
checkLogins
');
$self
->
logger
->
debug
("
Ext2F checkLogins set
")
if
(
$checkLogins
);
# Generate OTP to send
if
(
$self
->
{
random
}
)
{
my
$code
=
$self
->
random
->
randregex
(
$self
->
conf
->
{
ext2fOTPActivation
}
);
$self
->
logger
->
debug
("
Generated ext2f code :
$code
");
$self
->
ott
->
updateToken
(
$token
,
__ext2fcode
=>
$code
);
}
# Prepare command and launch it
$self
->
logger
->
debug
(
'
Launching "Send" external 2F command ->
'
.
$self
->
conf
->
{
ext2FSendCommand
}
);
if
(
my
$c
=
$self
->
launch
(
$req
->
sessionInfo
,
$self
->
conf
->
{
ext2FSendCommand
}
)
)
.
$self
->
conf
->
{
ext2FSendCommand
}
);
if
(
my
$c
=
$self
->
launch
(
$req
->
sessionInfo
,
$self
->
conf
->
{
ext2FSendCommand
}
)
)
{
$self
->
logger
->
error
("
External send command failed (code
$c
)
");
return
$self
->
p
->
do
(
$req
,
[
sub
{
PE_ERROR
}
]
);
return
$self
->
p
->
do
(
$req
,
[
sub
{
PE_ERROR
}
]
);
}
# Prepare form
...
...
@@ -67,24 +90,44 @@ sub run {
sub
verify
{
my
(
$self
,
$req
,
$session
)
=
@_
;
my
$code
;
unless
(
$code
=
$req
->
param
('
code
')
)
{
my
$
user
code
;
unless
(
$
user
code
=
$req
->
param
('
code
')
)
{
$self
->
userLogger
->
error
('
External 2F: no code
');
return
PE_FORMEMPTY
;
}
# Prepare command and launch it
$self
->
logger
->
debug
(
'
Launching "Validate" external 2F command ->
'
.
$self
->
conf
->
{
ext2FValidateCommand
}
);
$self
->
logger
->
debug
("
code ->
$code
");
if
(
my
$c
=
$self
->
launch
(
$session
,
$self
->
conf
->
{
ext2FValidateCommand
},
$code
)
)
{
$self
->
userLogger
->
warn
(
'
Second factor failed for
'
.
$session
->
{
$self
->
conf
->
{
whatToTrace
}
}
);
return
PE_BADCREDENTIALS
;
unless
(
$self
->
conf
->
{
ext2fCodeActivation
}
)
{
# Prepare command and launch it
$self
->
logger
->
debug
(
'
Launching "Validate" external 2F command ->
'
.
$self
->
conf
->
{
ext2FValidateCommand
}
);
$self
->
logger
->
debug
("
code ->
$usercode
");
if
(
my
$c
=
$self
->
launch
(
$session
,
$self
->
conf
->
{
ext2FValidateCommand
},
$usercode
)
)
{
$self
->
userLogger
->
warn
(
'
Second factor failed for
'
.
$session
->
{
$self
->
conf
->
{
whatToTrace
}
}
);
$self
->
logger
->
error
("
External verify command failed (code
$c
)
");
return
PE_BADCREDENTIALS
;
}
return
PE_OK
;
}
my
$savedcode
=
$session
->
{
__ext2fcode
};
unless
(
$savedcode
)
{
$self
->
logger
->
error
(
'
Unable to find generated 2F code in token session
');
return
PE_ERROR
;
}
PE_OK
;
$self
->
logger
->
debug
("
Verifying Ext 2F code:
$usercode
VS
$savedcode
");
return
PE_OK
if
(
$usercode
eq
$savedcode
);
$self
->
userLogger
->
warn
(
'
Second factor failed for
'
.
$session
->
{
$self
->
conf
->
{
whatToTrace
}
}
);
return
PE_BADCREDENTIALS
;
}
# system() is used with an array to avoid shell injection
...
...
@@ -102,3 +145,4 @@ sub launch {
}
1
;
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment