Commit 10f64075 authored by Christophe Maudoux's avatar Christophe Maudoux 🐛
Browse files

Fix some mistakes & display sessions with U2F key registered only

parent 9fccff74
......@@ -231,8 +231,8 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location',
session[key] = $scope.localeDate value
else if key.match /^(_startTime|_updateTime)$/
session[key] = _stToStr value
#else if key.match /^(_u2fKeyHandle|_u2fUserKey)$/
# session[key] = '########'
else if key.match /^(_u2fKeyHandle|_u2fUserKey)$/
session[key] = '########'
res = []
# 2. Push session keys in result, grouped by categories
......
......@@ -260,6 +260,8 @@
session[key] = $scope.localeDate(value);
} else if (key.match(/^(_startTime|_updateTime)$/)) {
session[key] = _stToStr(value);
} else if (key.match(/^(_u2fKeyHandle|_u2fUserKey)$/)) {
session[key] = '########';
}
}
}
......
(function(){var c,e,d,b,g,f,a;b=25;a={_whatToTrace:[function(i,h){return"groupBy=substr("+i+",1)"},function(i,h){return i+"="+h+"*&groupBy="+i},function(i,h){return i+"="+h}],ipAddr:[function(i,h){return"groupBy=net("+i+",16,1)"},function(i,h){if(!h.match(/:/)){h=h+"."}return i+"="+h+"*&groupBy=net("+i+",32,2)"},function(i,h){if(!h.match(/:/)){h=h+"."}return i+"="+h+"*&groupBy=net("+i+",48,3)"},function(i,h){if(!h.match(/:/)){h=h+"."}return i+"="+h+"*&groupBy=net("+i+",128,4)"},function(i,h){return i+"="+h+"&groupBy=_whatToTrace"},function(i,h,j){return j.replace(/\&groupBy.*$/,"")+("&_whatToTrace="+h)}],_startTime:[function(i,h){return"groupBy=substr("+i+",8)"},function(i,h){return i+"="+h+"*&groupBy=substr("+i+",10)"},function(i,h){return i+"="+h+"*&groupBy=substr("+i+",11)"},function(i,h){return i+"="+h+"*&groupBy=substr("+i+",12)"},function(i,h){return i+"="+h+"*&groupBy=_whatToTrace"},function(i,h,j){console.log(i);console.log(h);console.log(j);return j.replace(/\&groupBy.*$/,"")+("&_whatToTrace="+h)}],doubleIp:[function(i,h){return i},function(i,h){return"_whatToTrace="+h+"&groupBy=ipAddr"},function(i,h,j){return j.replace(/\&groupBy.*$/,"")+("&ipAddr="+h)}]};f={_whatToTrace:function(i,h,k,j){if(k===1){return i+"="+h+"*&groupBy=substr("+i+","+(k+j+1)+")"}else{return null}},ipAddr:function(i,h,k,j){if(k>0&&k<4){return i+"="+h+"*&groupBy=net("+i+","+(16*k+4*(j+1))+",2)"}else{return null}}};e="_password";c={dateTitle:["_utime","_startTime","_updateTime","_lastAuthnUTime","_lastSeen"],connectionTitle:["ipAddr","_timezone","_url"],authenticationTitle:["_session_id","_user","_password","authenticationLevel"],modulesTitle:["_auth","_userDB","_passwordDB","_issuerDB","_authChoice","_authMulti","_userDBMulti"],saml:["_idp","_idpConfKey","_samlToken","_lassoSessionDump","_lassoIdentityDump"],groups:["groups","hGroups"],ldap:["dn"],BrowserID:["_browserIdAnswer","_browserIdAnswerRaw"],OpenIDConnect:["_oidc_id_token","_oidc_OP","_oidc_access_token"]};g={delU2FKey:[{title:"deleteU2FKey",icon:"trash"}],addU2FKey:[{title:"addU2FKey",icon:"plus"}],verifyU2FKey:[{title:"verifyU2FKey",icon:"check"}],home:[]};d=angular.module("llngSessionsExplorer",["ui.tree","ui.bootstrap","llApp"]);d.controller("SessionsExplorerCtrl",["$scope","$translator","$location","$q","$http",function(p,h,i,j,m){var n,l,k,o;p.links=links;p.menulinks=menulinks;p.staticPrefix=staticPrefix;p.scriptname=scriptname;p.formPrefix=formPrefix;p.availableLanguages=availableLanguages;p.waiting=true;p.showM=false;p.showT=true;p.data=[];p.currentScope=null;p.currentSession=null;p.menu=g;p.translateP=h.translateP;p.translate=h.translate;p.translateTitle=function(q){return h.translateField(q,"title")};o="global";p.menuClick=function(q){if(q.popup){window.open(q.popup)}else{if(!q.action){q.action=q.title}switch(typeof q.action){case"function":q.action(p.currentNode,p);break;case"string":p[q.action]();break;default:console.log(typeof q.action)}}return p.showM=false};p.deleteU2FKey=function(){p.waiting=true;m["delete"](scriptname+"u2f/"+o+"/"+p.currentSession.id).then(function(q){p.currentSession=null;return p.waiting=false},function(q){p.currentSession=null;return p.waiting=false});return p.showT=true};p.addU2FKey=function(){p.waiting=true;m.put(scriptname+"u2f/"+o+"/"+p.currentSession.id).then(function(q){p.currentSession=null;return p.waiting=false},function(q){p.currentSession=null;return p.waiting=false});return p.showT=true};p.verifyU2FKey=function(){p.waiting=true;m.post(scriptname+"u2f/"+o+"/"+p.currentSession.id).then(function(q){p.currentSession=null;return p.waiting=false},function(q){p.currentSession=null;return p.waiting=false});return p.showT=true};p.stoggle=function(q){var r;r=q.$modelValue;if(r.nodes.length===0){p.updateTree(r.value,r.nodes,r.level,r.over,r.query,r.count)}return q.toggle()};p.displaySession=function(r){var s,q;q=function(t){var y,A,E,C,G,J,B,I,H,O,F,K,x,w,u,z,N,M,v,L,D;A=function(P){return P};y=function(S,U){var Q,R,P,T;P=[];R=new RegExp(S);for(Q in t){T=t[Q];if(Q.match(R)&&T){P.push({title:Q,value:T});delete t[Q]}}if(P.length>0){return N.push({title:U,nodes:P})}};v=t._utime;B=t._session_id;for(O in t){D=t[O];if(!D){delete t[O]}else{if(typeof t==="string"&&D.match(/; /)){t[O]=D.split("; ")}if(typeof t[O]!=="object"){if(e.match(new RegExp("\b"+O+"\b"))){t[O]="********"}else{if(O.match(/^(_utime|_lastAuthnUTime|_lastSeen|notification)$/)){t[O]=p.localeDate(D)}else{if(O.match(/^(_startTime|_updateTime)$/)){t[O]=A(D)}}}}}}N=[];for(G in c){C=c[G];M=[];for(J=0,K=C.length;J<K;J++){E=C[J];if(t[E]){M.push({title:E,value:t[E]});delete t[E]}}if(M.length>0){N.push({title:"__"+G+"__",nodes:M})}}y("^openid","OpenID");y("^notification_(.+)","__notificationsDone__");if(t._loginHistory){L=[];if(t._loginHistory.successLogin){u=t._loginHistory.successLogin;for(I=0,x=u.length;I<x;I++){F=u[I];L.push({t:F._utime,title:p.localeDate(F._utime),value:"Success (IP "+F.ipAddr+")"})}}if(t._loginHistory.failedLogin){z=t._loginHistory.failedLogin;for(H=0,w=z.length;H<w;H++){F=z[H];L.push({t:F._utime,title:p.localeDate(F._utime),value:F.error+" (IP "+F.ipAddr+")"})}}delete t._loginHistory;L.sort(function(Q,P){return Q.t-P.t});N.push({title:"__loginHistory__",nodes:L})}L=[];for(O in t){D=t[O];L.push({title:O,value:D})}L.sort(function(Q,P){if(Q.title>P.title){return 1}else{if(Q.title<P.title){return -1}else{return 0}}});N.push({title:"__attributesAndMacros__",nodes:L});return{_utime:v,id:B,nodes:N}};p.currentScope=r;s=r.$modelValue.session;m.get(scriptname+"u2f/"+o+"/"+s).then(function(t){return p.currentSession=q(t.data)});return p.showT=false};p.localeDate=function(q){var r;r=new Date(q*1000);return r.toLocaleString()};p.getLanguage=function(q){p.lang=q;p.form="white";p.init();return p.showM=false};k=function(r,q,s){var t;t=q.match(/#\/(\w+)/);o="global";if(t===null){p.type="_whatToTrace"}else{if(t[1].match(/^(persistent)$/)){o=RegExp.$1;p.type="_session_uid"}else{p.type=t[1]}}return p.init()};p.$on("$locationChangeSuccess",k);n=0;p.updateTree=function(y,s,q,v,x,u){var w,r,t;p.waiting=true;r=a[p.type]?a[p.type]:p.type==="_updateTime"?a._startTime:a._whatToTrace;w=r[q](p.type,y,x);if(u>b&&f[p.type]){if(t=f[p.type](p.type,y,q,v,x)){v++;w=t;q=q-1}else{v=0}}else{v=0}return m.get(scriptname+"u2f/"+o+"?"+w).then(function(A){var D,B,z,E,C;D=A.data;if(D.result){C=D.values;for(B=0,z=C.length;B<z;B++){E=C[B];n++;E.id="node"+n;if(q<r.length-1){E.nodes=[];E.level=q+1;E.query=w;E.over=v;if(p.type.match(/^(?:start|update)Time$/)){E.title=E.value.replace(/^(\d{8})(\d{2})(\d{2})$/,"$2:$3").replace(/^(\d{8})(\d{2})(\d)$/,"$2:$30").replace(/^(\d{8})(\d{2})$/,"$2h").replace(/^(\d{4})(\d{2})(\d{2})/,"$1-$2-$3")}}s.push(E)}if(y===""){p.total=D.total}}return p.waiting=false},function(z){return p.waiting=false})};p.init=function(){p.waiting=true;p.data=[];return j.all([h.init(p.lang),p.updateTree("",p.data,0,0)]).then(function(){return p.waiting=false},function(q){return p.waiting=false})};l=i.path().match(/^\/(\w+)/);return p.type=l?l[1]:"_whatToTrace"}])}).call(this);
\ No newline at end of file
(function(){var c,e,d,b,g,f,a;b=25;a={_whatToTrace:[function(i,h){return"groupBy=substr("+i+",1)"},function(i,h){return i+"="+h+"*&groupBy="+i},function(i,h){return i+"="+h}],ipAddr:[function(i,h){return"groupBy=net("+i+",16,1)"},function(i,h){if(!h.match(/:/)){h=h+"."}return i+"="+h+"*&groupBy=net("+i+",32,2)"},function(i,h){if(!h.match(/:/)){h=h+"."}return i+"="+h+"*&groupBy=net("+i+",48,3)"},function(i,h){if(!h.match(/:/)){h=h+"."}return i+"="+h+"*&groupBy=net("+i+",128,4)"},function(i,h){return i+"="+h+"&groupBy=_whatToTrace"},function(i,h,j){return j.replace(/\&groupBy.*$/,"")+("&_whatToTrace="+h)}],_startTime:[function(i,h){return"groupBy=substr("+i+",8)"},function(i,h){return i+"="+h+"*&groupBy=substr("+i+",10)"},function(i,h){return i+"="+h+"*&groupBy=substr("+i+",11)"},function(i,h){return i+"="+h+"*&groupBy=substr("+i+",12)"},function(i,h){return i+"="+h+"*&groupBy=_whatToTrace"},function(i,h,j){console.log(i);console.log(h);console.log(j);return j.replace(/\&groupBy.*$/,"")+("&_whatToTrace="+h)}],doubleIp:[function(i,h){return i},function(i,h){return"_whatToTrace="+h+"&groupBy=ipAddr"},function(i,h,j){return j.replace(/\&groupBy.*$/,"")+("&ipAddr="+h)}]};f={_whatToTrace:function(i,h,k,j){if(k===1){return i+"="+h+"*&groupBy=substr("+i+","+(k+j+1)+")"}else{return null}},ipAddr:function(i,h,k,j){if(k>0&&k<4){return i+"="+h+"*&groupBy=net("+i+","+(16*k+4*(j+1))+",2)"}else{return null}}};e="_password";c={dateTitle:["_utime","_startTime","_updateTime","_lastAuthnUTime","_lastSeen"],connectionTitle:["ipAddr","_timezone","_url"],authenticationTitle:["_session_id","_user","_password","authenticationLevel"],modulesTitle:["_auth","_userDB","_passwordDB","_issuerDB","_authChoice","_authMulti","_userDBMulti"],saml:["_idp","_idpConfKey","_samlToken","_lassoSessionDump","_lassoIdentityDump"],groups:["groups","hGroups"],ldap:["dn"],BrowserID:["_browserIdAnswer","_browserIdAnswerRaw"],OpenIDConnect:["_oidc_id_token","_oidc_OP","_oidc_access_token"]};g={delU2FKey:[{title:"deleteU2FKey",icon:"trash"}],addU2FKey:[{title:"addU2FKey",icon:"plus"}],verifyU2FKey:[{title:"verifyU2FKey",icon:"check"}],home:[]};d=angular.module("llngSessionsExplorer",["ui.tree","ui.bootstrap","llApp"]);d.controller("SessionsExplorerCtrl",["$scope","$translator","$location","$q","$http",function(p,h,i,j,m){var n,l,k,o;p.links=links;p.menulinks=menulinks;p.staticPrefix=staticPrefix;p.scriptname=scriptname;p.formPrefix=formPrefix;p.availableLanguages=availableLanguages;p.waiting=true;p.showM=false;p.showT=true;p.data=[];p.currentScope=null;p.currentSession=null;p.menu=g;p.translateP=h.translateP;p.translate=h.translate;p.translateTitle=function(q){return h.translateField(q,"title")};o="global";p.menuClick=function(q){if(q.popup){window.open(q.popup)}else{if(!q.action){q.action=q.title}switch(typeof q.action){case"function":q.action(p.currentNode,p);break;case"string":p[q.action]();break;default:console.log(typeof q.action)}}return p.showM=false};p.deleteU2FKey=function(){p.waiting=true;m["delete"](scriptname+"u2f/"+o+"/"+p.currentSession.id).then(function(q){p.currentSession=null;return p.waiting=false},function(q){p.currentSession=null;return p.waiting=false});return p.showT=true};p.addU2FKey=function(){p.waiting=true;m.put(scriptname+"u2f/"+o+"/"+p.currentSession.id).then(function(q){p.currentSession=null;return p.waiting=false},function(q){p.currentSession=null;return p.waiting=false});return p.showT=true};p.verifyU2FKey=function(){p.waiting=true;m.post(scriptname+"u2f/"+o+"/"+p.currentSession.id).then(function(q){p.currentSession=null;return p.waiting=false},function(q){p.currentSession=null;return p.waiting=false});return p.showT=true};p.stoggle=function(q){var r;r=q.$modelValue;if(r.nodes.length===0){p.updateTree(r.value,r.nodes,r.level,r.over,r.query,r.count)}return q.toggle()};p.displaySession=function(r){var s,q;q=function(t){var y,A,E,C,G,J,B,I,H,O,F,K,x,w,u,z,N,M,v,L,D;A=function(P){return P};y=function(S,U){var Q,R,P,T;P=[];R=new RegExp(S);for(Q in t){T=t[Q];if(Q.match(R)&&T){P.push({title:Q,value:T});delete t[Q]}}if(P.length>0){return N.push({title:U,nodes:P})}};v=t._utime;B=t._session_id;for(O in t){D=t[O];if(!D){delete t[O]}else{if(typeof t==="string"&&D.match(/; /)){t[O]=D.split("; ")}if(typeof t[O]!=="object"){if(e.match(new RegExp("\b"+O+"\b"))){t[O]="********"}else{if(O.match(/^(_utime|_lastAuthnUTime|_lastSeen|notification)$/)){t[O]=p.localeDate(D)}else{if(O.match(/^(_startTime|_updateTime)$/)){t[O]=A(D)}else{if(O.match(/^(_u2fKeyHandle|_u2fUserKey)$/)){t[O]="########"}}}}}}}N=[];for(G in c){C=c[G];M=[];for(J=0,K=C.length;J<K;J++){E=C[J];if(t[E]){M.push({title:E,value:t[E]});delete t[E]}}if(M.length>0){N.push({title:"__"+G+"__",nodes:M})}}y("^openid","OpenID");y("^notification_(.+)","__notificationsDone__");if(t._loginHistory){L=[];if(t._loginHistory.successLogin){u=t._loginHistory.successLogin;for(I=0,x=u.length;I<x;I++){F=u[I];L.push({t:F._utime,title:p.localeDate(F._utime),value:"Success (IP "+F.ipAddr+")"})}}if(t._loginHistory.failedLogin){z=t._loginHistory.failedLogin;for(H=0,w=z.length;H<w;H++){F=z[H];L.push({t:F._utime,title:p.localeDate(F._utime),value:F.error+" (IP "+F.ipAddr+")"})}}delete t._loginHistory;L.sort(function(Q,P){return Q.t-P.t});N.push({title:"__loginHistory__",nodes:L})}L=[];for(O in t){D=t[O];L.push({title:O,value:D})}L.sort(function(Q,P){if(Q.title>P.title){return 1}else{if(Q.title<P.title){return -1}else{return 0}}});N.push({title:"__attributesAndMacros__",nodes:L});return{_utime:v,id:B,nodes:N}};p.currentScope=r;s=r.$modelValue.session;m.get(scriptname+"u2f/"+o+"/"+s).then(function(t){return p.currentSession=q(t.data)});return p.showT=false};p.localeDate=function(q){var r;r=new Date(q*1000);return r.toLocaleString()};p.getLanguage=function(q){p.lang=q;p.form="white";p.init();return p.showM=false};k=function(r,q,s){var t;t=q.match(/#\/(\w+)/);o="global";if(t===null){p.type="_whatToTrace"}else{if(t[1].match(/^(persistent)$/)){o=RegExp.$1;p.type="_session_uid"}else{p.type=t[1]}}return p.init()};p.$on("$locationChangeSuccess",k);n=0;p.updateTree=function(y,s,q,v,x,u){var w,r,t;p.waiting=true;r=a[p.type]?a[p.type]:p.type==="_updateTime"?a._startTime:a._whatToTrace;w=r[q](p.type,y,x);if(u>b&&f[p.type]){if(t=f[p.type](p.type,y,q,v,x)){v++;w=t;q=q-1}else{v=0}}else{v=0}return m.get(scriptname+"u2f/"+o+"?"+w).then(function(A){var D,B,z,E,C;D=A.data;if(D.result){C=D.values;for(B=0,z=C.length;B<z;B++){E=C[B];n++;E.id="node"+n;if(q<r.length-1){E.nodes=[];E.level=q+1;E.query=w;E.over=v;if(p.type.match(/^(?:start|update)Time$/)){E.title=E.value.replace(/^(\d{8})(\d{2})(\d{2})$/,"$2:$3").replace(/^(\d{8})(\d{2})(\d)$/,"$2:$30").replace(/^(\d{8})(\d{2})$/,"$2h").replace(/^(\d{4})(\d{2})(\d{2})/,"$1-$2-$3")}}s.push(E)}if(y===""){p.total=D.total}}return p.waiting=false},function(z){return p.waiting=false})};p.init=function(){p.waiting=true;p.data=[];return j.all([h.init(p.lang),p.updateTree("",p.data,0,0)]).then(function(){return p.waiting=false},function(q){return p.waiting=false})};l=i.path().match(/^\/(\w+)/);return p.type=l?l[1]:"_whatToTrace"}])}).call(this);
\ No newline at end of file
......@@ -729,6 +729,7 @@
"u2fActivation":"تفعيل",
"u2fAuthnLevel":"U2F مستوى إثبات الهوية",
"u2fSelfRegistration":"التسجيل الذاتي",
"u2fSessions":"U2F sessions explorer",
"uid":"المعرف",
"unknownAttrOrMacro":"سمة غير معروفة أو ماكرو",
"unknownError":"خطأ غير معروف",
......
......@@ -729,6 +729,7 @@
"u2fActivation":"Activation",
"u2fAuthnLevel":"U2F authentication level",
"u2fSelfRegistration":"Self registration",
"u2fSessions":"U2F sessions explorer",
"uid":"Identifier",
"unknownAttrOrMacro":"Unknown attribute or macro",
"unknownError":"Unknown error",
......
......@@ -729,6 +729,7 @@
"u2fActivation":"Activation",
"u2fAuthnLevel":"Niveau d'authentification U2F",
"u2fSelfRegistration":"Auto-enregistrement",
"u2fSessions":"Explorateur de sessions U2F",
"uid":"Identifiant",
"unknownAttrOrMacro":"Attribut ou macro inconnu",
"unknownError":"Erreur inconnue",
......
......@@ -729,6 +729,7 @@
"u2fActivation":"Attivazione",
"u2fAuthnLevel":"Livello di autenticazione U2F",
"u2fSelfRegistration":"Auto-registrazione",
"u2fSessions":"U2F sessions explorer",
"uid":"Identificatore",
"unknownAttrOrMacro":"Attributo o macro sconosciuti",
"unknownError":"Errore sconosciuto",
......
......@@ -729,6 +729,7 @@
"u2fActivation":"Kích hoạt",
"u2fAuthnLevel":"Mức xác thực U2F",
"u2fSelfRegistration":"Tự đăng ký ",
"u2fSessions":"U2F sessions explorer",
"uid":"Trình định danh",
"unknownAttrOrMacro":"Thuộc tính hoặc macro chưa xác định",
"unknownError":"Lỗi không xác định",
......
......@@ -15,7 +15,7 @@
<div class="navbar navbar-default">
<div class="navbar-collapse">
<ul class="nav navbar-nav" role="grid">
<li><a id="a-persistent" href="#/persistent" role="row"><i class="glyphicon glyphicon-exclamation-sign"></i> {{translate('persistentSessions')}}</a></li>
<li><a id="a-persistent" href="#/persistent" role="row"><i class="glyphicon glyphicon-exclamation-sign"></i> {{translate('u2fSessions')}}</a></li>
</ul>
</div>
</div>
......@@ -41,9 +41,12 @@
<div class="lmmenu navbar navbar-default" ng-class="{'hidden-xs':!showM}">
<div class="navbar-collapse" ng-class="{'collapse':!showM}" id="formmenu">
<ul class="nav navbar-nav">
<!--
<li ng-if="currentSession" ng-repeat="button in menu.addU2FKey" ng-include="'menubutton.html'"></li>
<li ng-if="currentSession" ng-repeat="button in menu.verifyU2FKey" ng-include="'menubutton.html'"></li>
-->
<li ng-if="currentSession" ng-repeat="button in menu.delU2FKey" ng-include="'menubutton.html'"></li>
<li ng-if="currentSession===null" ng-repeat="button in menu.home" ng-include="'menubutton.html'"></li>
<li uib-dropdown class="visible-xs">
<a id="langmenu" name="menu" uib-dropdown-toggle data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Menu <span class="caret"></span></a>
......
......@@ -116,7 +116,7 @@ sub run {
elsif ( $err == 0 ) {
return $self->p->sendError( $req, "noU2FKeyFound" );
}
my $challenge = $req->data->{crypter}->authenticationChallenge;
my $challenge = $req->datas->{crypter}->authenticationChallenge;
return [ 200, [ 'Content-Type' => 'application/json' ], [$challenge] ];
}
if ( $action eq 'signature' ) {
......@@ -133,7 +133,7 @@ sub run {
return $self->p->sendError( $req, "noU2FKeyFound" );
}
my $res =
( $req->data->{crypter}->authenticationVerify($resp) ? 1 : 0 );
( $req->datas->{crypter}->authenticationVerify($resp) ? 1 : 0 );
return [
200, [ 'Content-Type' => 'application/json' ],
[qq'{"result":$res}']
......@@ -150,11 +150,11 @@ sub loadUser {
unless ( $kh and $uk ) {
return 0;
}
$req->data->{crypter} = $self->crypter(
$req->datas->{crypter} = $self->crypter(
keyHandle => $self->decode_base64url($kh),
publicKey => $self->decode_base64url($uk)
);
unless ( $req->data->{crypter} ) {
unless ( $req->datas->{crypter} ) {
my $error = Crypt::U2F::Server::Simple::lastError();
return ( -1, $error );
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment