Commit a48daee3 authored by Christophe Maudoux's avatar Christophe Maudoux 🐛

Update sessionInfo during auth process

parent 0f591496
......@@ -47,6 +47,7 @@ lib/Lemonldap/NG/Portal/Auth/SSL.pm
lib/Lemonldap/NG/Portal/Auth/Twitter.pm
lib/Lemonldap/NG/Portal/Auth/WebID.pm
lib/Lemonldap/NG/Portal/CDC.pm
lib/Lemonldap/NG/Portal/CertificateResetByMail/LDAP.pm
lib/Lemonldap/NG/Portal/Issuer/CAS.pm
lib/Lemonldap/NG/Portal/Issuer/Get.pm
lib/Lemonldap/NG/Portal/Issuer/OpenID.pm
......@@ -101,6 +102,7 @@ lib/Lemonldap/NG/Portal/Password/REST.pm
lib/Lemonldap/NG/Portal/Plugins/AutoSignin.pm
lib/Lemonldap/NG/Portal/Plugins/BruteForceProtection.pm
lib/Lemonldap/NG/Portal/Plugins/CDA.pm
lib/Lemonldap/NG/Portal/Plugins/CertificateResetByMail.pm
lib/Lemonldap/NG/Portal/Plugins/CheckState.pm
lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
lib/Lemonldap/NG/Portal/Plugins/ContextSwitching.pm
......@@ -370,6 +372,7 @@ site/templates/bootstrap/2fchoice.tpl
site/templates/bootstrap/2fregisters.tpl
site/templates/bootstrap/captcha.tpl
site/templates/bootstrap/casBack2Url.tpl
site/templates/bootstrap/certificateReset.tpl
site/templates/bootstrap/checklogins.tpl
site/templates/bootstrap/checkuser.tpl
site/templates/bootstrap/confirm.tpl
......@@ -439,6 +442,7 @@ site/templates/common/mail/tr.json
site/templates/common/mail/vi.json
site/templates/common/mail/zh_CN.json
site/templates/common/mail_2fcode.tpl
site/templates/common/mail_certificatReset.tpl
site/templates/common/mail_confirm.tpl
site/templates/common/mail_footer.tpl
site/templates/common/mail_header.tpl
......@@ -565,7 +569,7 @@ t/40-Notifications-XML-DBI.t
t/40-Notifications-XML-File.t
t/40-Notifications-XML-Server.t
t/41-Captcha.t
t/41-Token-Global-Storage.t
t/41-Token-with-global-storage.t
t/41-Token.t
t/42-Register-Demo-with-captcha.t
t/42-Register-Demo-with-token.t
......@@ -579,6 +583,7 @@ t/43-MailPasswordReset-LDAP.t
t/43-MailPasswordReset-with-captcha.t
t/43-MailPasswordReset-with-token.t
t/43-MailPasswordReset.t
t/44-CertificateResetByMail-LDAP.t
t/50-IssuerGet.t
t/57-GlobalLogout-without-Timer.t
t/57-GlobalLogout.t
......@@ -618,7 +623,7 @@ t/68-Impersonation-with-History.t
t/68-Impersonation-with-merge.t
t/68-Impersonation-with-TOTP.t
t/68-Impersonation.t
t/70-2F-TOTP-8.t
t/70-2F-TOTP-8-with-global-storage.t
t/70-2F-TOTP-with-History.t
t/70-2F-TOTP-with-TTL-and-JSON.t
t/70-2F-TOTP-with-TTL-and-XML.t
......
......@@ -21,7 +21,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
PE_TOKENEXPIRED
);
our $VERSION = '2.0.6';
our $VERSION = '2.0.8';
extends 'Lemonldap::NG::Portal::Main::Plugin';
with 'Lemonldap::NG::Portal::Lib::OverConf';
......@@ -266,15 +266,7 @@ sub run {
}
# Search for authorized modules for this user
my @am;
foreach my $m ( @{ $self->sfModules } ) {
$self->logger->debug(
'Looking if ' . $m->{m}->prefix . '2F is available' );
if ( $m->{r}->( $req, $req->sessionInfo ) ) {
$self->logger->debug(' -> OK');
push @am, $m->{m};
}
}
my @am = $self->searchForAuthorized2Fmodules($req);
# If no 2F module is authorized, skipping 2F
# Note that a rule may forbid access after (GrantSession plugin)
......@@ -546,4 +538,18 @@ sub restoreSession {
: $self->_displayRegister( $req, @path );
}
sub searchForAuthorized2Fmodules {
my ( $self, $req ) = @_;
my @am;
foreach my $m ( @{ $self->sfModules } ) {
$self->logger->debug(
'Looking if ' . $m->{m}->prefix . '2F is available' );
if ( $m->{r}->( $req, $req->sessionInfo ) ) {
$self->logger->debug(' -> OK');
push @am, $m->{m};
}
}
return @am;
}
1;
package Lemonldap::NG::Portal::Main::Process;
our $VERSION = '2.0.7';
our $VERSION = '2.0.8';
package Lemonldap::NG::Portal::Main;
......@@ -483,8 +483,11 @@ sub store {
# Update current request
$req->id( $session->id );
$req->{sessionInfo}->{_session_id} = $session->{id};
$req->{sessionInfo}->{_session_kind} = $session->{kind};
unless ( $self->_sfEngine->searchForAuthorized2Fmodules($req) ) {
$self->logger->debug("No 2F module authorized -> Update current request");
$req->{sessionInfo}->{_session_id} = $session->{id};
$req->{sessionInfo}->{_session_kind} = $session->{kind};
}
# Compute unsecured cookie value if needed
if ( $self->conf->{securedCookie} == 3 and !$req->refresh ) {
......
......@@ -144,7 +144,7 @@ expectRedirection( $res, 'http://test1.example.com' );
$id = expectCookie($res);
my $cookies = getCookies($res);
ok( !defined( $cookies->{lemonldappdata} ), " Make sure no pdata is returned" );
ok( !$cookies->{lemonldappdata}, " Make sure no pdata is returned" );
count(1);
clean_sessions();
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment