Commit 8fe6a90b authored by Xavier Guimard's avatar Xavier Guimard

Merge branch 'llng-2.0-improvements' into 'master'

LLNG 2.0 improvements

See merge request lemonldap-ng/lemonldap-ng!29
parents b014dae7 71a55e2a
......@@ -193,7 +193,7 @@ inherits of L<Lemonldap::NG::Handler::PSGI::Router>
=head1 ORGANIZATION
Lemonldap::NG Manager contains 5 parts:
Lemonldap::NG Manager contains 6 parts:
=over
......@@ -203,6 +203,8 @@ Lemonldap::NG Manager contains 5 parts:
=item Notification explorer
=item Second Factors manager
=item Configuration builder (see L<Lemonldap::NG::Manager::Build>
=item Command line (see L<Lemonldap::NG::Manager::Cli>
......@@ -253,7 +255,7 @@ you can also fix them in $opts hash ref passed as argument to run() or new()).
protection = manager
;enabledModules: Modules to display. Default to `conf, sessions, notifications`
enabledModules = conf, sessions, notifications
enabledModules = conf, sessions, notifications, 2ndFA
;logLevel: choose one of error, warn, notice, info, debug
; See Lemonldap::NG::Common::PSGI doc for more
......
......@@ -362,7 +362,7 @@ sub tests {
return 1 unless ( $conf->{utotp2fActivation} );
my $w = "";
foreach ( 'totp', 'u' ) {
$w .= uc($_) . "2F is activated twice !!! \n"
$w .= uc($_) . "2F is activated twice \n"
if ( $conf->{ $_ . '2fActivation' } eq '1' );
}
return ( 1, ( $w ? $w : () ) );
......
......@@ -375,6 +375,7 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location',
$scope.waiting = false
, (resp) ->
$scope.waiting = false
# Colorized link
$scope.activeModule = "2ndFA"
$scope.myStyle = {color: '#ffb84d'}
......
......@@ -751,6 +751,7 @@ llapp.controller 'TreeCtrl', [
$scope.form = 'home'
$scope.waiting = false
, readError
# Colorized link
$scope.activeModule = "conf"
$scope.myStyle = {color: '#ffb84d'}
......
......@@ -241,6 +241,7 @@ llapp.controller 'NotificationsExplorerCtrl', [ '$scope', '$translator', '$locat
$scope.waiting = false
, (resp) ->
$scope.waiting = false
# Colorized link
$scope.activeModule = "notifications"
$scope.myStyle = {color: '#ffb84d'}
......
......@@ -395,6 +395,7 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location',
$scope.waiting = false
, (resp) ->
$scope.waiting = false
# Colorized link
$scope.activeModule = "sessions"
$scope.myStyle = {color: '#ffb84d'}
......
......@@ -25,7 +25,7 @@
"_url":"عنوان الموقع الأصلي",
"_utime":"التوقيت الزمني للجلسة",
"2faSessions":"2ndFA sessions explorer",
"2ndFA":"Second Facteur",
"2ndFA":"Second Factors",
"actives":"ناشط",
"activeTimer":"قبول تلقائي للوقت",
"addAppCasPartner":"إضافة تطبيق كاس",
......
......@@ -235,7 +235,7 @@
"exportedAttr":"SOAP/REST exported attributes",
"exportedHeaders":"Exported headers",
"exportedVars":"Exported Variables",
"external2f":"External 2nd factor",
"external2f":"External second factor",
"ext2fActivation":"Activation",
"ext2fAuthnLevel":"Authentication level",
"ext2fLogo":"Logo",
......
......@@ -235,7 +235,7 @@
"exportedAttr":"Attributs exportés par le portail (SOAP/REST)",
"exportedHeaders":"En-têtes exportés",
"exportedVars":"Attributs à exporter",
"external2f":"2nd facteur externe",
"external2f":"Second facteur externe",
"ext2fActivation":"Activation",
"ext2fAuthnLevel":"Niveau de l'authentification",
"ext2fLogo":"Logo",
......
......@@ -25,7 +25,7 @@
"_url":"URL di origine",
"_utime":"Sessione timestamp",
"2faSessions":"2ndFA sessions explorer",
"2ndFA":"Second Facteur",
"2ndFA":"Second Factors",
"actives":"Attivi",
"activeTimer":"Auto accettazione tempo",
"addAppCasPartner":"Aggiungi applicazione CAS",
......
......@@ -25,7 +25,7 @@
"_url":"URL gốc",
"_utime":"Dấu thời gian của phiên",
"2faSessions":"2ndFA sessions explorer",
"2ndFA":"Second Facteur",
"2ndFA":"Second Factors",
"actives":"Hoạt động",
"activeTimer":"Tự động chấp nhận thời gian",
"addAppCasPartner":"Thêm ứng dụng CAS",
......
......@@ -88,9 +88,9 @@
<div ng-if="!node.nodes" >
<th ng-if="node.title!='UBK' && node.title!='TOTP' && node.title!='U2F'">{{translate(node.title)}}</th>
<td ng-if="node.title=='TOTP' || node.title=='UBK' || node.title=='U2F'" >{{node.title}}</td>
<th ng-if="node.title=='type'">{{translate(node.value)}}</th>
<th class="col-md-3" ng-if="node.title=='type'">{{translate(node.value)}}</th>
<td class="col-md-3" ng-if="node.title!='type'" >{{node.value}}</td>
<th ng-if="node.title=='type'">{{translate(node.epoch)}}</th>
<th class="col-md-3" ng-if="node.title=='type'">{{translate(node.epoch)}}</th>
<td class="col-md-3" ng-if="node.title=='TOTP' || node.title=='UBK' || node.title=='U2F'">{{localeDate(node.epoch)}}</td>
<td >
<span ng-if="node.title=='TOTP' || node.title=='UBK' || node.title=='U2F'" class="link text-danger glyphicon glyphicon-minus-sign" ng-click="delete2FA(node.title, node.epoch)"></span>
......
......@@ -131,6 +131,15 @@ L<Lemonldap::NG::Portal> second factor plugins.
sub init {
my ($self) = @_;
# Insert here initialization process
#
# If self registration is enabled and "activation" is set to "enabled",
# replace the rule to detect if user has registered a device key.
# The rule must be like this :
# By example :
$self->conf->{u2fActivation} = '$_2fDevices =~ /"type":\s*"U2F"/s'
# Optionnaly, the rule can be : '$_2fDevices and $_2fDevices =~ /"type":\s*"U2F"/s'
# to avoid warning due to undef variable
#
# Required call:
return $self->SUPER::init();
}
......
......@@ -85,7 +85,7 @@
"PE83":"فشل التحقق من U2F",
"PE84":"أنت غير مخول بالدخول إلى هذا الخادم",
"PE85":" الموقع البعيد يطلب جلسة جديدة (ولم يتم تحميل برنامج ترقية الجلسة).\nسجل الخروج و أعد المحاولة",
"2FManagment":"2ndFA Managment",
"2FManagment":"2ndFA Management",
"accept":"قبول",
"accessDenied":"ليس لديك إذن بالدخول لهذا التطبيق",
"accountCreated":"تم إنشاء حسابك و إرسال كلمة المرور المؤقتة إلى بريدك الإلكتروني.",
......
......@@ -85,14 +85,14 @@
"PE83":"U2F verification failed",
"PE84":"You're not authorized to access to this host",
"PE85":"The remote site ask for a newer session (and UpgradeSession plugin isn't loaded). Logout and retry",
"2FManagment":"2ndFA Managment",
"2FManagment":"2ndFA Management",
"accept":"Accept",
"accessDenied":"You have no access authorization for this application",
"accountCreated":"Your account has been created, your temporary password has been sent to your mail address.",
"accountCreationSuccess":"Your account was successfully created.",
"action":"Action",
"anotherInformation":"Another information:",
"areYouSure":"Are you sure?",
"areYouSure":"Are you sure ?",
"askToRenew":"This application needs a more recent authentication. Do you want to reauthenticate ?",
"askToUpgrade":"This application needs an higher authentication level. Do you want to reauthenticate ?",
"authPortal":"Authentication portal",
......
......@@ -85,14 +85,14 @@
"PE83":"U2F verification failed. Retry or contact your administrator",
"PE84":"You're not authorized to access to this host",
"PE85":"The remote site ask for a newer session (and UpgradeSession plugin isn't loaded). Logout and retry",
"2FManagment":"2ndFA Managment",
"2FManagment":"2ndFA Management",
"accept":"Accept",
"accessDenied":"You have no access authorization for this application",
"accountCreated":"Your account has been created, your temporary password has been sent to your mail address.",
"accountCreationSuccess":"Your account was successfully created.",
"action":"Action",
"anotherInformation":"Another information:",
"areYouSure":"Are you sure?",
"areYouSure":"Are you sure ?",
"askToRenew":"This application needs a more recent authentication. Do you want to reauthenticate ?",
"askToUpgrade":"This application needs an higher authentication level. Do you want to reauthenticate ?",
"authPortal":"Authentication portal",
......
......@@ -85,14 +85,14 @@
"PE83":"U2F verification failed. Retry or contact your administrator",
"PE84":"You're not authorized to access to this host",
"PE85":"The remote site ask for a newer session (and UpgradeSession plugin isn't loaded). Logout and retry",
"2FManagment":"2ndFA Managment",
"2FManagment":"2ndFA Management",
"accept":"Accept",
"accessDenied":"You have no access authorization for this application",
"accountCreated":"Your account has been created, your temporary password has been sent to your mail address.",
"accountCreationSuccess":"Your account was successfully created.",
"action":"Action",
"anotherInformation":"Another information:",
"areYouSure":"Are you sure?",
"areYouSure":"Are you sure ?",
"askToRenew":"This application needs a more recent authentication. Do you want to reauthenticate ?",
"askToUpgrade":"This application needs an higher authentication level. Do you want to reauthenticate ?",
"authPortal":"Authentication portal",
......
{
"PE0":"Utilisateur authentifié",
"PE1":"Votre session a expiré, vous devez vous réauthentifier",
"PE1":"Votre session a expiré, vous devez vous ré-authentifier",
"PE2":"Identifiant ou mot de passe non renseigné",
"PE3":"Compte ou mot de passe LDAP de l'application incorrect",
"PE4":"Utilisateur inexistant",
......@@ -16,7 +16,7 @@
"PE14":"La requête renvoyée par le fournisseur d'identité Liberty Alliance est vide",
"PE15":"Un des appels SOAP Liberty Alliance a échoué",
"PE16":"Un des appels de déconnexion Liberty Alliance a échoué",
"PE17":"Aucun artefact SAML trouvé, ou échec de l'auto-acceptation SSO",
"PE17":"Aucun artefact SAML trouvé ou échec de l'auto-acceptation SSO",
"PE18":"Initialisation, construction ou requête SSO en échec",
"PE19":"Impossible d'enregistrer l'identifiant de connexion Liberty Alliance",
"PE20":"Un processus terminal Liberty Alliance a échoué",
......@@ -42,7 +42,7 @@
"PE40":"Nom d'utilisateur incorrect",
"PE41":"Ouverture de session interdite",
"PE42":"Confirmation demandée",
"PE43":"L'adresse mail est obligatoire ",
"PE43":"L'adresse mail est obligatoire",
"PE44":"La clé de confirmation est invalide ou trop ancienne",
"PE45":"L'envoi du mail a échoué",
"PE46":"Un mail vous a été envoyé",
......@@ -92,7 +92,7 @@
"accountCreationSuccess":"Votre compte a bien été créé.",
"action":"Action",
"anotherInformation":"Une autre information :",
"areYouSure":"Êtes vous sûr ?",
"areYouSure":"Êtes-vous sûr ?",
"askToRenew":"Cette application nécessite une authentification plus récente. Voulez-vous vous réauthentifier ?",
"askToUpgrade":"Cette application nécessite un plus haut niveau d'authentification. Voulez-vous vous réauthentifier ?",
"authPortal":"Portail d'authentification",
......@@ -146,7 +146,7 @@
"login":"Identifiant",
"logout":"Déconnexion",
"logoutConfirm":"Souhaitez-vous vous déconnecter ?",
"logoutFromOtherApp":"Déconnexion des autres applications...",
"logoutFromOtherApp":"Déconnexion des autres applications ...",
"logoutFromSP":"Déconnexion des services ...",
"mail":"Adresse mail",
"mailSent2":"Un message a été envoyé à votre adresse mail.",
......@@ -156,16 +156,16 @@
"newMessages":"Nouveaux messages",
"newPassword":"Nouveau mot de passe",
"newPwdSentTo":"Une confirmation a été envoyée à votre adresse mail.",
"noHistory":"Ceci est votre première connexion, bienvenue !",
"noHistory":"Ceci est votre première connexion. Bienvenue !",
"notAuthorized":"Vous n'êtes pas autorisé à faire cette requête",
"notFound": "Non trouvé: vous tentez d'accéder à une page non disponible",
"notFound": "Non trouvé : vous tentez d'accéder à une page non disponible",
"noTOTPFound":"Aucun secret TOTP trouvé",
"noU2FKeyFound": "Aucune clef U2F trouvée",
"oidcConsent":"L'application %s voudrait connaître :",
"oidcConsents": "Accords OIDC",
"oidcConsentsFull":"Accords OpenID-Connect",
"openidAp":"Consentez-vous à communiquer les paramètres suivants ?",
"openIdExample":"par exemple :http://myopenid.org/toto",
"openIdExample":"par exemple : http://myopenid.org/toto",
"openidExchange":"Souhaitez-vous vous identifier sur le site %s ?",
"openidPA":"La politique d'utilisation des données est disponible ici",
"openidRpns":"Le paramètre %s exigé pour la fédération n'est pas disponible",
......@@ -174,14 +174,14 @@
"otherSessions":"Autres sessions ouvertes",
"password": "Mot-de-passe",
"ppGrace": "authentifications restantes, changez votre mot de passe !",
"proxyError": "Mauvaise passerelle: impossible de joindre le serveur amont",
"proxyError": "Mauvaise passerelle : impossible de joindre le serveur amont",
"pwdChange":"Changement de mot de passe",
"pwd":"Mot de passe",
"pwdResetAlreadyIssued":"Une demande de réinitialisation de mot de passe a déjà été faite le ",
"pwdWillExpire":"%s jours, %s heures, %s minutes et %s secondes avant expiration de votre mot de passe, pensez à le changer !",
"redirectedFrom":"Vous avez été redirigé depuis ",
"redirectedIn":"Vous allez être redirigé(e) automatiquement dans 30 secondes",
"redirectionInProgres":"Redirection en cours...",
"redirectionInProgres":"Redirection en cours ...",
"redirectionToIdp":"Redirection vers votre fournisseur d'identité",
"refreshrights": "Rafraîchir mes droits",
"refuse":"Refuser",
......@@ -202,19 +202,19 @@
"SSOSessionInactive":"Session SSO inactive",
"stayConnected": "Rester connecté sur cet appareil",
"submit":"Envoyer",
"totpExistingKey":"Un secret TOTP existe déjà",
"totpExistingKey":"Un secret TOTP existe déjà !!!",
"touchU2fDevice": "Posez votre doigt sur le périphérique U2F",
"touchU2fDeviceOrEnterTotp": "Posez votre doigt sur le périphérique U2F ou entrez le code TOTP",
"type":"Type",
"u2fFailed": "La vérification U2F a échoué, réessayez ou contactez votre administrateur",
"u2fPermission": "Il est possible qu'on vous demande d'autoriser le site à accéder à votre clef. Après votre accord, la clef clignotera.",
"u2fWelcome": "Gestion du périphérique U2F",
"unableToGetKey": "Impossible d'accéder à la clef, réessayez ou contactez votre administrateur",
"unableToGetKey": "Impossible d'accéder à la clef. Réessayez ou contactez votre administrateur",
"unregister": "Supprimer",
"updateCdc": "Mise à jour du cookie de domaine commun",
"upgradeSession":"Se réauthentifier",
"user":"Utilisateur",
"useYubikey":"utilisez votre Yubikey",
"useYubikey":"Utilisez votre Yubikey",
"verify": "Vérifier",
"wait":"Attendre",
"warning":"Attention",
......@@ -229,7 +229,7 @@
"yourKeyIsAlreadyRegistered" : "Votre clef est déjà enregistrée !!!",
"yourKeyIsUnregistered":"Votre clef a été supprimée",
"yourKeyIsVerified":"Votre clef est vérifiée",
"yourNewTotpKey":"Votre nouvelle clef TOTP, testez-la et entrez le code",
"yourNewTotpKey":"Votre nouvelle clef TOTP. Testez-la et entrez le code",
"yourPhone":"Votre numéro de téléphone",
"yourProfile":"Vos informations personnelles",
"yourTotpKey":"Votre clef TOTP"
......
......@@ -85,14 +85,14 @@
"PE83":"Verifica U2F fallita",
"PE84":"Non sei autorizzato ad accedere a questo host",
"PE85":"Il sito remoto richiede una sessione più recente (e il plug-in di UpgradeSession non viene caricato). Disconnetti e riprova",
"2FManagment":"Gestionnaire 2ndFA",
"2FManagment":"2ndFA Management",
"accept":"Accetta",
"accessDenied":"Non hai un'autorizzazione di accesso per questa applicazione",
"accountCreated":"Il tuo account è stato creato, la tua password temporanea è stata inviata all'indirizzo email.",
"accountCreationSuccess":"Il tuo account è stato creato con successo.",
"action":"Action",
"anotherInformation":"Un'altra informazione:",
"areYouSure":"Sei sicuro?",
"areYouSure":"Sei sicuro ?",
"askToRenew":"Questa applicazione richiede un'autenticazione più recente. Vuoi reautenticare?",
"askToUpgrade":"Questa applicazione richiede un livello di autenticazione superiore. Vuoi reautenticare?",
"authPortal":"Portale di autenticazione",
......
......@@ -85,14 +85,14 @@
"PE83":"U2F verification failed. Retry or contact your administrator",
"PE84":"You're not authorized to access to this host",
"PE85":"The remote site ask for a newer session (and UpgradeSession plugin isn't loaded). Logout and retry",
"2FManagment":"Gestionnaire 2ndFA",
"2FManagment":"2ndFA Management",
"accept":"Accept",
"accessDenied":"You have no access authorization for this application",
"accountCreated":"Your account has been created, your temporary password has been sent to your mail address.",
"accountCreationSuccess":"Your account was successfully created.",
"action":"Action",
"anotherInformation":"Another information:",
"areYouSure":"Are you sure?",
"areYouSure":"Are you sure ?",
"askToRenew":"This application needs a more recent authentication. Do you want to reauthenticate ?",
"askToUpgrade":"This application needs an higher authentication level. Do you want to reauthenticate ?",
"authPortal":"Authentication portal",
......
......@@ -85,14 +85,14 @@
"PE83":"U2F verification failed. Retry or contact your administrator",
"PE84":"You're not authorized to access to this host",
"PE85":"The remote site ask for a newer session (and UpgradeSession plugin isn't loaded). Logout and retry",
"2FManagment":"Gestionnaire 2ndFA",
"2FManagment":"2ndFA Management",
"accept":"Accept",
"accessDenied":"You have no access authorization for this application",
"accountCreated":"Your account has been created, your temporary password has been sent to your mail address.",
"accountCreationSuccess":"Your account was successfully created.",
"action":"Action",
"anotherInformation":"Another information:",
"areYouSure":"Are you sure?",
"areYouSure":"Are you sure ?",
"askToRenew":"This application needs a more recent authentication. Do you want to reauthenticate ?",
"askToUpgrade":"This application needs an higher authentication level. Do you want to reauthenticate ?",
"authPortal":"Authentication portal",
......
......@@ -85,14 +85,14 @@
"PE83":"U2F verification failed. Retry or contact your administrator",
"PE84":"You're not authorized to access to this host",
"PE85":"The remote site ask for a newer session (and UpgradeSession plugin isn't loaded). Logout and retry",
"2FManagment":"Gestionnaire 2ndFA",
"2FManagment":"2ndFA Management",
"accept":"Accept",
"accessDenied":"You have no access authorization for this application",
"accountCreated":"Your account has been created, your temporary password has been sent to your mail address.",
"accountCreationSuccess":"Your account was successfully created.",
"action":"Action",
"anotherInformation":"Another information:",
"areYouSure":"Are you sure?",
"areYouSure":"Are you sure ?",
"askToRenew":"This application needs a more recent authentication. Do you want to reauthenticate ?",
"askToUpgrade":"This application needs an higher authentication level. Do you want to reauthenticate ?",
"authPortal":"Authentication portal",
......
......@@ -85,14 +85,14 @@
"PE83":"Xác minh U2F không thành công",
"PE84":"Bạn không được phép truy cập vào máy chủ lưu trữ này",
"PE85":"Trang web từ xa yêu cầu một phiên mới (và plugin UpgradeSession không được tải). Đăng xuất và thử lại ",
"2FManagment":"Gestionnaire 2ndFA",
"2FManagment":"2ndFA Management",
"accept":"Chấp nhận",
"accessDenied":"Bạn không có quyền truy cập vào ứng dụng này",
"accountCreated":"Tài khoản của bạn đã được tạo, mật khẩu tạm thời của bạn đã được gửi đến địa chỉ mail của bạn.",
"accountCreationSuccess":"Tài khoản của bạn đã được tạo thành công.",
"action":"Action",
"anotherInformation":"Thông tin khác:",
"areYouSure":"Bạn có chắc không?",
"areYouSure":"Bạn có chắc không ?",
"askToRenew":"Ứng dụng này cần có chứng thực gần đây hơn. Bạn có muốn chứng thực lại?",
"askToUpgrade":"Ứng dụng này cần một mức xác thực cao hơn. Bạn có muốn chứng thực lại?",
"authPortal":"Cổng thông tin xác thực",
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment