Commit cd3043c2 authored by Antoine Rosier's avatar Antoine Rosier

Merge remote-tracking branch 'upstream/v2.0' into logs

parents b0824190 af4f1239
...@@ -294,6 +294,8 @@ $(SRCPORTALDIR)/site/htdocs/static/common/js/%.js: $(SRCPORTALDIR)/site/coffee/% ...@@ -294,6 +294,8 @@ $(SRCPORTALDIR)/site/htdocs/static/common/js/%.js: $(SRCPORTALDIR)/site/coffee/%
@if which coffee >/dev/null; then \ @if which coffee >/dev/null; then \
echo "Compiling $(SRCPORTALDIR)/site/coffee/$*.coffee"; \ echo "Compiling $(SRCPORTALDIR)/site/coffee/$*.coffee"; \
coffee -c -o $(SRCPORTALDIR)/site/htdocs/static/common/js/ $(SRCPORTALDIR)/site/coffee/$*.coffee; \ coffee -c -o $(SRCPORTALDIR)/site/htdocs/static/common/js/ $(SRCPORTALDIR)/site/coffee/$*.coffee; \
else \
echo "Can't find coffee"; \
fi fi
$(SRCMANAGERDIR)/site/htdocs/static/js/%.js: $(SRCMANAGERDIR)/site/coffee/%.coffee $(SRCMANAGERDIR)/site/htdocs/static/js/%.js: $(SRCMANAGERDIR)/site/coffee/%.coffee
......
...@@ -119,13 +119,8 @@ ...@@ -119,13 +119,8 @@
"namespace" : "lemonldap-ng-sessions" "namespace" : "lemonldap-ng-sessions"
}, },
"locationRules" : { "locationRules" : {
"auth.example.com" : {
"(?#checkUser)^/checkuser": "$uid eq \"dwho\"",
"(?#errors)^/lmerror/": "accept",
"default" : "accept"
},
"manager.__DNSDOMAIN__" : { "manager.__DNSDOMAIN__" : {
"(?#Configuration)^/(manager\\.html|$)" : "$uid eq \"dwho\"", "(?#Configuration)^/(manager\\.html|conf/)" : "$uid eq \"dwho\"",
"(?#Notifications)/notifications" : "$uid eq \"dwho\" or $uid eq \"rtyler\"", "(?#Notifications)/notifications" : "$uid eq \"dwho\" or $uid eq \"rtyler\"",
"(?#Sessions)/sessions" : "$uid eq \"dwho\" or $uid eq \"rtyler\"", "(?#Sessions)/sessions" : "$uid eq \"dwho\" or $uid eq \"rtyler\"",
"default" : "$uid eq \"dwho\" or $uid eq \"rtyler\"" "default" : "$uid eq \"dwho\" or $uid eq \"rtyler\""
......
...@@ -780,7 +780,11 @@ sub postInputFilter { ...@@ -780,7 +780,11 @@ sub postInputFilter {
my %data = my %data =
$class->tsv->{inputPostData}->{$vhost}->{$uri}->( $req, $session ); $class->tsv->{inputPostData}->{$vhost}->{$uri}->( $req, $session );
foreach ( keys %data ) { foreach ( keys %data ) {
$data{$_} = uri_escape( $data{$_} ); my $post_key = uri_escape($_);
my $post_value = uri_escape( $data{$_} );
delete $data{$_};
$data{$post_key} = $post_value;
$class->logger->debug("Send key $post_key with value $post_value");
} }
$class->setPostParams( $req, \%data ); $class->setPostParams( $req, \%data );
} }
...@@ -809,7 +813,8 @@ sub postJavascript { ...@@ -809,7 +813,8 @@ sub postJavascript {
: "form.submit();\n"; : "form.submit();\n";
my $jqueryUrl = $formParams->{jqueryUrl} || ""; my $jqueryUrl = $formParams->{jqueryUrl} || "";
$jqueryUrl = &{ $class->tsv->{portal} } . "skins/common/js/jquery-1.10.2.js" $jqueryUrl =
&{ $class->tsv->{portal} } . "static/bwr/jquery/dist/jquery.min.js"
if ( $jqueryUrl eq "default" ); if ( $jqueryUrl eq "default" );
$jqueryUrl = "<script type='text/javascript' src='$jqueryUrl'></script>\n" $jqueryUrl = "<script type='text/javascript' src='$jqueryUrl'></script>\n"
if ($jqueryUrl); if ($jqueryUrl);
......
...@@ -835,6 +835,10 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.] ...@@ -835,6 +835,10 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
'k' => 'LDAP', 'k' => 'LDAP',
'v' => 'LDAP' 'v' => 'LDAP'
}, },
{
'k' => 'LinkedIn',
'v' => 'LinkedIn'
},
{ {
'k' => 'PAM', 'k' => 'PAM',
'v' => 'PAM' 'v' => 'PAM'
......
...@@ -923,9 +923,9 @@ sub attributes { ...@@ -923,9 +923,9 @@ sub attributes {
flags => 'm', flags => 'm',
}, },
viewerAllowBrowser => { viewerAllowBrowser => {
type => 'bool', type => 'bool',
default => 0, default => 0,
documentation => 'Allow configuration browser', documentation => 'Allow configuration browser',
}, },
# Notification # Notification
...@@ -3108,6 +3108,7 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: ...@@ -3108,6 +3108,7 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
{ k => 'GPG', v => 'GPG' }, { k => 'GPG', v => 'GPG' },
{ k => 'Kerberos', v => 'Kerberos' }, { k => 'Kerberos', v => 'Kerberos' },
{ k => 'LDAP', v => 'LDAP' }, { k => 'LDAP', v => 'LDAP' },
{ k => 'LinkedIn', v => 'LinkedIn' },
{ k => 'PAM', v => 'PAM' }, { k => 'PAM', v => 'PAM' },
{ k => 'Radius', v => 'Radius' }, { k => 'Radius', v => 'Radius' },
{ k => 'REST', v => 'REST' }, { k => 'REST', v => 'REST' },
......
...@@ -179,8 +179,6 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location', ...@@ -179,8 +179,6 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location',
# Session preparation # Session preparation
transformSession = (session) -> transformSession = (session) ->
_stToStr = (s) ->
s
_insert = (re, title) -> _insert = (re, title) ->
tmp = [] tmp = []
reg = new RegExp(re) reg = new RegExp(re)
...@@ -210,10 +208,7 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location', ...@@ -210,10 +208,7 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location',
else if key.match /^(_utime|_lastAuthnUTime|_lastSeen|notification)$/ else if key.match /^(_utime|_lastAuthnUTime|_lastSeen|notification)$/
session[key] = $scope.localeDate value session[key] = $scope.localeDate value
else if key.match /^(_startTime|_updateTime)$/ else if key.match /^(_startTime|_updateTime)$/
value = _stToStr value session[key] = $scope.strToLocaleDate value
pattern = /^(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})$/
arrayDate = value.match(pattern)
session[key] = "#{arrayDate[3]}/#{arrayDate[2]}/#{arrayDate[1]} à #{arrayDate[4]}:#{arrayDate[5]}:#{arrayDate[6]}"
res = [] res = []
...@@ -345,6 +340,12 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location', ...@@ -345,6 +340,12 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location',
d = new Date(s * 1000) d = new Date(s * 1000)
return d.toLocaleString() return d.toLocaleString()
$scope.strToLocaleDate = (s) ->
arrayDate = s.match /^(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})$/
return s unless arrayDate.length
d = new Date "#{arrayDate[1]}-#{arrayDate[2]}-#{arrayDate[3]}T#{arrayDate[4]}:#{arrayDate[5]}:#{arrayDate[6]}"
return d.toLocaleString()
# Function to change interface language # Function to change interface language
$scope.getLanguage = (lang) -> $scope.getLanguage = (lang) ->
$scope.lang = lang $scope.lang = lang
......
// Generated by CoffeeScript 1.12.7 // Generated by CoffeeScript 1.12.8
/* /*
* 2ndFA Session explorer * 2ndFA Session explorer
......
// Generated by CoffeeScript 1.12.7 // Generated by CoffeeScript 1.12.8
/* /*
diff.html script diff.html script
......
// Generated by CoffeeScript 1.12.7 // Generated by CoffeeScript 1.12.8
(function() { (function() {
var filterFunctions; var filterFunctions;
......
// Generated by CoffeeScript 1.12.7 // Generated by CoffeeScript 1.12.8
/* /*
* LemonLDAP::NG Notifications Explorer client * LemonLDAP::NG Notifications Explorer client
......
...@@ -199,10 +199,7 @@ ...@@ -199,10 +199,7 @@
$scope.displaySession = function(scope) { $scope.displaySession = function(scope) {
var sessionId, transformSession; var sessionId, transformSession;
transformSession = function(session) { transformSession = function(session) {
var _insert, _stToStr, array, arrayDate, attr, attrs, category, cv, epoch, i, id, j, k, key, l, len, len1, len2, len3, len4, m, name, o, oidcConsent, pattern, ref, ref1, res, sfDevice, subres, time, title, tmp, value; var _insert, array, attr, attrs, category, cv, epoch, i, id, j, k, key, l, len, len1, len2, len3, len4, m, name, o, oidcConsent, ref, ref1, res, sfDevice, subres, time, title, tmp, value;
_stToStr = function(s) {
return s;
};
_insert = function(re, title) { _insert = function(re, title) {
var key, reg, tmp, value; var key, reg, tmp, value;
tmp = []; tmp = [];
...@@ -240,10 +237,7 @@ ...@@ -240,10 +237,7 @@
} else if (key.match(/^(_utime|_lastAuthnUTime|_lastSeen|notification)$/)) { } else if (key.match(/^(_utime|_lastAuthnUTime|_lastSeen|notification)$/)) {
session[key] = $scope.localeDate(value); session[key] = $scope.localeDate(value);
} else if (key.match(/^(_startTime|_updateTime)$/)) { } else if (key.match(/^(_startTime|_updateTime)$/)) {
value = _stToStr(value); session[key] = $scope.strToLocaleDate(value);
pattern = /^(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})$/;
arrayDate = value.match(pattern);
session[key] = arrayDate[3] + "/" + arrayDate[2] + "/" + arrayDate[1] + " à " + arrayDate[4] + ":" + arrayDate[5] + ":" + arrayDate[6];
} }
} }
} }
...@@ -424,6 +418,15 @@ ...@@ -424,6 +418,15 @@
d = new Date(s * 1000); d = new Date(s * 1000);
return d.toLocaleString(); return d.toLocaleString();
}; };
$scope.strToLocaleDate = function(s) {
var arrayDate, d;
arrayDate = s.match(/^(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})$/);
if (!arrayDate.length) {
return s;
}
d = new Date(arrayDate[1] + "-" + arrayDate[2] + "-" + arrayDate[3] + "T" + arrayDate[4] + ":" + arrayDate[5] + ":" + arrayDate[6]);
return d.toLocaleString();
};
$scope.getLanguage = function(lang) { $scope.getLanguage = function(lang) {
$scope.lang = lang; $scope.lang = lang;
$scope.form = 'white'; $scope.form = 'white';
......
This source diff could not be displayed because it is too large. You can view the blob instead.
...@@ -181,7 +181,7 @@ sub reloadConf { ...@@ -181,7 +181,7 @@ sub reloadConf {
# Initialize content-security-policy header # Initialize content-security-policy header
my $csp = ''; my $csp = '';
foreach (qw(default img src style font connect)) { foreach (qw(default img src style font connect script)) {
my $prm = $self->conf->{ 'csp' . ucfirst($_) }; my $prm = $self->conf->{ 'csp' . ucfirst($_) };
$csp .= "$_-src $prm;" if ($prm); $csp .= "$_-src $prm;" if ($prm);
} }
......
...@@ -359,11 +359,11 @@ sub _filterHash { ...@@ -359,11 +359,11 @@ sub _filterHash {
# If a specific rule exists, get it from cache or compile it # If a specific rule exists, get it from cache or compile it
if ( $appdisplay !~ /^auto$/i ) { if ( $appdisplay !~ /^auto$/i ) {
if ( $self->specific->{$appuri} ) { if ( $self->specific->{$key} ) {
$cond = $self->specific->{$appuri}; $cond = $self->specific->{$key};
} }
else { else {
$cond = $self->specific->{$appuri} = $cond = $self->specific->{$key} =
$self->p->HANDLER->buildSub( $self->p->HANDLER->buildSub(
$self->p->HANDLER->substitute($appdisplay) ); $self->p->HANDLER->substitute($appdisplay) );
} }
......
...@@ -159,8 +159,7 @@ sub authLogout { ...@@ -159,8 +159,7 @@ sub authLogout {
sub deleteSession { sub deleteSession {
my ( $self, $req ) = @_; my ( $self, $req ) = @_;
$req->userData( {} ); if ( my $id = $req->id || $req->userData->{_session_id} ) {
if ( my $id = $req->id ) {
my $apacheSession = $self->getApacheSession( $req->id ); my $apacheSession = $self->getApacheSession( $req->id );
unless ($apacheSession) { unless ($apacheSession) {
$self->logger->debug("Session $id already deleted"); $self->logger->debug("Session $id already deleted");
...@@ -211,6 +210,7 @@ sub deleteSession { ...@@ -211,6 +210,7 @@ sub deleteSession {
$req->urldc( $req->script_name . "?logout=1" ); $req->urldc( $req->script_name . "?logout=1" );
} }
} }
$req->userData( {} );
# Redirect or Post if asked by authLogout # Redirect or Post if asked by authLogout
if ( $req->urldc and $req->urldc ne $self->conf->{portal} ) { if ( $req->urldc and $req->urldc ne $self->conf->{portal} ) {
......
...@@ -17,6 +17,8 @@ use strict; ...@@ -17,6 +17,8 @@ use strict;
use URI::Escape; use URI::Escape;
use JSON; use JSON;
has trOverCache => ( is => 'rw', default => sub { {} } );
# List constants # List constants
sub authProcess { qw(extractFormInfo getUser authenticate) } sub authProcess { qw(extractFormInfo getUser authenticate) }
...@@ -184,8 +186,9 @@ sub logout { ...@@ -184,8 +186,9 @@ sub logout {
return $self->do( return $self->do(
$req, $req,
[ [
'controlUrl', @{ $self->beforeLogout }, 'importHandlerData', 'controlUrl',
'authLogout', 'deleteSession' @{ $self->beforeLogout }, 'authLogout',
'deleteSession'
] ]
); );
} }
...@@ -749,23 +752,26 @@ sub sendHtml { ...@@ -749,23 +752,26 @@ sub sendHtml {
# Override messages # Override messages
my $trOverMessages = JSON::from_json( $self->trOver ); my $trOverMessages = JSON::from_json( $self->trOver );
opendir( DIR, $templateDir ); unless ( $self->trOverCache->{$templateDir} ) {
my @langfiles = grep( /\.json$/, readdir(DIR) ); opendir( DIR, $templateDir );
close(DIR); my @langfiles = grep( /\.json$/, readdir(DIR) );
close(DIR);
foreach my $file (@langfiles) {
my ($lang) = ( $file =~ /^(\w+)\.json/ ); foreach my $file (@langfiles) {
$self->logger->debug("Use $file to override messages"); my ($lang) = ( $file =~ /^(\w+)\.json/ );
if ( open my $json, "<", $templateDir . "/" . $file ) { $self->logger->debug("Use $file to override messages");
local $/ = undef; if ( open my $json, "<", $templateDir . "/" . $file ) {
$trOverMessages->{$lang} = JSON::from_json(<$json>); local $/ = undef;
} $trOverMessages->{$lang} = JSON::from_json(<$json>);
else { }
$self->logger->error("Unable to read $file"); else {
$self->logger->error("Unable to read $file");
}
} }
}
$args{params}->{TROVER} = JSON::to_json($trOverMessages); $self->trOverCache->{$templateDir} = JSON::to_json($trOverMessages);
}
$args{params}->{TROVER} = $self->trOverCache->{$templateDir};
my $res = $self->SUPER::sendHtml( $req, $template, %args ); my $res = $self->SUPER::sendHtml( $req, $template, %args );
push @{ $res->[1] }, push @{ $res->[1] },
......
// Generated by CoffeeScript 1.12.7 // Generated by CoffeeScript 1.12.8
/* /*
LemonLDAP::NG 2F registration script LemonLDAP::NG 2F registration script
......
// Generated by CoffeeScript 1.12.7 // Generated by CoffeeScript 1.12.8
(function() { (function() {
$(document).ready(function() { $(document).ready(function() {
return $('#upgrd').submit(); return $('#upgrd').submit();
......
(function(){$(document).ready(function(){return $("#upgrd").submit()})}).call(this); (function(){$(document).ready(function(){return $("#upgrd").submit()})}).call(this);
\ No newline at end of file
// Generated by CoffeeScript 1.10.0 // Generated by CoffeeScript 1.12.8
(function() { (function() {
var go, i, timer, timerIsEnabled; var go, i, timer, timerIsEnabled;
......
// Generated by CoffeeScript 1.10.0 // Generated by CoffeeScript 1.12.8
(function() { (function() {
$(document).ready(function() { $(document).ready(function() {
return $(".idploop").on('click', function() { return $(".idploop").on('click', function() {
......
// Generated by CoffeeScript 1.9.3 // Generated by CoffeeScript 1.12.8
(function() { (function() {
var _go, go, i, stop, timer; var _go, go, i, stop, timer;
......
(function(){var _go,go,i,stop,timer;i=30;_go=1;stop=function(){_go=0;return $("#divToHide").hide()};go=function(){if(_go){return $("#form").submit()}};timer=function(){var h;h=$("#timer").html();if(i>0){i--}h=h.replace(/\d+/,i);$("#timer").html(h);return window.setTimeout(timer,1e3)};$(document).ready(function(){if(window.datas["activeTimer"]){window.setTimeout(go,3e4);window.setTimeout(timer,1e3)}else{stop}return $("#wait").on("click",function(){return stop()})})}).call(this); (function(){var _go,go,i,stop,timer;i=30;_go=1;stop=function(){_go=0;return $("#divToHide").hide()};go=function(){if(_go){return $("#form").submit()}};timer=function(){var h;h=$("#timer").html();if(i>0){i--}h=h.replace(/\d+/,i);$("#timer").html(h);return window.setTimeout(timer,1e3)};$(document).ready(function(){if(window.datas["activeTimer"]){window.setTimeout(go,3e4);window.setTimeout(timer,1e3)}else{stop}return $("#wait").on("click",function(){return stop()})})}).call(this);
\ No newline at end of file
// Generated by CoffeeScript 1.10.0 // Generated by CoffeeScript 1.12.8
(function() { (function() {
$(document).ready(function() { $(document).ready(function() {
return $.ajax(portal + '?kerberos=1', { return $.ajax(portal + '?kerberos=1', {
......
(function(){$(document).ready(function(){return $.ajax(portal+"?kerberos=1",{dataType:"json",statusCode:{401:function(){return $("#lform").submit()}},success:function(a){return $("#lform").submit()},error:function(){return $("#lform").submit()}})})}).call(this); (function(){$(document).ready(function(){return $.ajax(portal+"?kerberos=1",{dataType:"json",statusCode:{401:function(){return $("#lform").submit()}},success:function(data){return $("#lform").submit()},error:function(){return $("#lform").submit()}})})}).call(this);
\ No newline at end of file
// Generated by CoffeeScript 1.12.7 // Generated by CoffeeScript 1.12.8
(function() { (function() {
$(document).ready(function() { $(document).ready(function() {
return $.ajax(portal + '?kerberos=1', { return $.ajax(portal + '?kerberos=1', {
......
// Generated by CoffeeScript 1.12.7 // Generated by CoffeeScript 1.12.8
(function() { (function() {
var values; var values;
......
// Generated by CoffeeScript 1.12.7 // Generated by CoffeeScript 1.12.8
/* /*
LemonLDAP::NG Portal jQuery scripts LemonLDAP::NG Portal jQuery scripts
......
// Generated by CoffeeScript 1.10.0 // Generated by CoffeeScript 1.12.8
(function() { (function() {
document.onreadystatechange = function() { document.onreadystatechange = function() {
var redirect; var redirect;
......
(function(){document.onreadystatechange=function(){var a;if(document.readyState==="complete"){a=document.getElementById("redirect").textContent.replace(/\s/g,"");if(a){if(a==="form"){return document.getElementById("form").submit()}else{return document.location.href=a}}else{return console.log("No redirection !")}}}}).call(this); (function(){document.onreadystatechange=function(){var redirect;if(document.readyState==="complete"){redirect=document.getElementById("redirect").textContent.replace(/\s/g,"");if(redirect){if(redirect==="form"){return document.getElementById("form").submit()}else{return document.location.href=redirect}}else{return console.log("No redirection !")}}}}).call(this);
\ No newline at end of file
// Generated by CoffeeScript 1.10.0 // Generated by CoffeeScript 1.12.8
(function() { (function() {
$(document).ready(function() { $(document).ready(function() {
return new Fingerprint2().get(function(result, components) { return new Fingerprint2().get(function(result, components) {
......
(function(){$(document).ready(function(){return new Fingerprint2().get(function(a,b){$("#fg").attr("value",a);return $("#form").submit()})})}).call(this); (function(){$(document).ready(function(){return(new Fingerprint2).get(function(result,components){$("#fg").attr("value",result);return $("#form").submit()})})}).call(this);
\ No newline at end of file
// Generated by CoffeeScript 1.12.7 // Generated by CoffeeScript 1.12.8
(function() { (function() {
var tryssl; var tryssl;
......
// Generated by CoffeeScript 1.12.7 // Generated by CoffeeScript 1.12.8
(function() { (function() {
var tryssl; var tryssl;
......
// Generated by CoffeeScript 1.12.7 // Generated by CoffeeScript 1.12.8
/* /*
LemonLDAP::NG TOTP registration script LemonLDAP::NG TOTP registration script
......
// Generated by CoffeeScript 1.9.3 // Generated by CoffeeScript 1.12.8
/* /*
LemonLDAP::NG U2F verify script LemonLDAP::NG U2F verify script
......
(function(){var a;a=function(){return u2f.sign(window.datas.appId,window.datas.challenge,window.datas.registeredKeys,function(b){$("#verify-data").val(JSON.stringify(b));$("#verify-challenge").val(window.datas.challenge);return $("#verify-form").submit()})};$(document).ready(function(){return setTimeout(a,1000)})}).call(this); (function(){var check;check=function(){return u2f.sign(window.datas.appId,window.datas.challenge,window.datas.registeredKeys,function(data){$("#verify-data").val(JSON.stringify(data));$("#verify-challenge").val(window.datas.challenge);return $("#verify-form").submit()})};$(document).ready(function(){return setTimeout(check,1e3)})}).call(this);
\ No newline at end of file
// Generated by CoffeeScript 1.12.7 // Generated by CoffeeScript 1.12.8
/* /*
LemonLDAP::NG U2F registration script LemonLDAP::NG U2F registration script
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment