Skip to content

GitLab

Commit a48daee3 authored by Christophe Maudoux's avatar Christophe Maudoux 🐛
Browse files
Options

Update sessionInfo during auth process

parent 0f591496
Hide whitespace changes
Inline Side-by-side
Showing with 30 additions and 16 deletions
lemonldap-ng-portal/MANIFEST
View file @ a48daee3
...@@ -47,6 +47,7 @@ lib/Lemonldap/NG/Portal/Auth/SSL.pm ...@@ -47,6 +47,7 @@ lib/Lemonldap/NG/Portal/Auth/SSL.pm
lib/Lemonldap/NG/Portal/Auth/Twitter.pm lib/Lemonldap/NG/Portal/Auth/Twitter.pm
lib/Lemonldap/NG/Portal/Auth/WebID.pm lib/Lemonldap/NG/Portal/Auth/WebID.pm
lib/Lemonldap/NG/Portal/CDC.pm lib/Lemonldap/NG/Portal/CDC.pm
lib/Lemonldap/NG/Portal/CertificateResetByMail/LDAP.pm
lib/Lemonldap/NG/Portal/Issuer/CAS.pm lib/Lemonldap/NG/Portal/Issuer/CAS.pm
lib/Lemonldap/NG/Portal/Issuer/Get.pm lib/Lemonldap/NG/Portal/Issuer/Get.pm
lib/Lemonldap/NG/Portal/Issuer/OpenID.pm lib/Lemonldap/NG/Portal/Issuer/OpenID.pm
...@@ -101,6 +102,7 @@ lib/Lemonldap/NG/Portal/Password/REST.pm ...@@ -101,6 +102,7 @@ lib/Lemonldap/NG/Portal/Password/REST.pm
lib/Lemonldap/NG/Portal/Plugins/AutoSignin.pm lib/Lemonldap/NG/Portal/Plugins/AutoSignin.pm
lib/Lemonldap/NG/Portal/Plugins/BruteForceProtection.pm lib/Lemonldap/NG/Portal/Plugins/BruteForceProtection.pm
lib/Lemonldap/NG/Portal/Plugins/CDA.pm lib/Lemonldap/NG/Portal/Plugins/CDA.pm
lib/Lemonldap/NG/Portal/Plugins/CertificateResetByMail.pm
lib/Lemonldap/NG/Portal/Plugins/CheckState.pm lib/Lemonldap/NG/Portal/Plugins/CheckState.pm
lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
lib/Lemonldap/NG/Portal/Plugins/ContextSwitching.pm lib/Lemonldap/NG/Portal/Plugins/ContextSwitching.pm
...@@ -370,6 +372,7 @@ site/templates/bootstrap/2fchoice.tpl ...@@ -370,6 +372,7 @@ site/templates/bootstrap/2fchoice.tpl
site/templates/bootstrap/2fregisters.tpl site/templates/bootstrap/2fregisters.tpl
site/templates/bootstrap/captcha.tpl site/templates/bootstrap/captcha.tpl
site/templates/bootstrap/casBack2Url.tpl site/templates/bootstrap/casBack2Url.tpl
site/templates/bootstrap/certificateReset.tpl
site/templates/bootstrap/checklogins.tpl site/templates/bootstrap/checklogins.tpl
site/templates/bootstrap/checkuser.tpl site/templates/bootstrap/checkuser.tpl
site/templates/bootstrap/confirm.tpl site/templates/bootstrap/confirm.tpl
...@@ -439,6 +442,7 @@ site/templates/common/mail/tr.json ...@@ -439,6 +442,7 @@ site/templates/common/mail/tr.json
site/templates/common/mail/vi.json site/templates/common/mail/vi.json
site/templates/common/mail/zh_CN.json site/templates/common/mail/zh_CN.json
site/templates/common/mail_2fcode.tpl site/templates/common/mail_2fcode.tpl
site/templates/common/mail_certificatReset.tpl
site/templates/common/mail_confirm.tpl site/templates/common/mail_confirm.tpl
site/templates/common/mail_footer.tpl site/templates/common/mail_footer.tpl
site/templates/common/mail_header.tpl site/templates/common/mail_header.tpl
...@@ -565,7 +569,7 @@ t/40-Notifications-XML-DBI.t ...@@ -565,7 +569,7 @@ t/40-Notifications-XML-DBI.t
t/40-Notifications-XML-File.t t/40-Notifications-XML-File.t
t/40-Notifications-XML-Server.t t/40-Notifications-XML-Server.t
t/41-Captcha.t t/41-Captcha.t
t/41-Token-Global-Storage.t t/41-Token-with-global-storage.t
t/41-Token.t t/41-Token.t
t/42-Register-Demo-with-captcha.t t/42-Register-Demo-with-captcha.t
t/42-Register-Demo-with-token.t t/42-Register-Demo-with-token.t
...@@ -579,6 +583,7 @@ t/43-MailPasswordReset-LDAP.t ...@@ -579,6 +583,7 @@ t/43-MailPasswordReset-LDAP.t
t/43-MailPasswordReset-with-captcha.t t/43-MailPasswordReset-with-captcha.t
t/43-MailPasswordReset-with-token.t t/43-MailPasswordReset-with-token.t
t/43-MailPasswordReset.t t/43-MailPasswordReset.t
t/44-CertificateResetByMail-LDAP.t
t/50-IssuerGet.t t/50-IssuerGet.t
t/57-GlobalLogout-without-Timer.t t/57-GlobalLogout-without-Timer.t
t/57-GlobalLogout.t t/57-GlobalLogout.t
...@@ -618,7 +623,7 @@ t/68-Impersonation-with-History.t ...@@ -618,7 +623,7 @@ t/68-Impersonation-with-History.t
t/68-Impersonation-with-merge.t t/68-Impersonation-with-merge.t
t/68-Impersonation-with-TOTP.t t/68-Impersonation-with-TOTP.t
t/68-Impersonation.t t/68-Impersonation.t
t/70-2F-TOTP-8.t t/70-2F-TOTP-8-with-global-storage.t
t/70-2F-TOTP-with-History.t t/70-2F-TOTP-with-History.t
t/70-2F-TOTP-with-TTL-and-JSON.t t/70-2F-TOTP-with-TTL-and-JSON.t
t/70-2F-TOTP-with-TTL-and-XML.t t/70-2F-TOTP-with-TTL-and-XML.t
......
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Engines/Default.pm
View file @ a48daee3
...@@ -21,7 +21,7 @@ use Lemonldap::NG::Portal::Main::Constants qw( ...@@ -21,7 +21,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
PE_TOKENEXPIRED PE_TOKENEXPIRED
); );
our $VERSION = '2.0.6'; our $VERSION = '2.0.8';
extends 'Lemonldap::NG::Portal::Main::Plugin'; extends 'Lemonldap::NG::Portal::Main::Plugin';
with 'Lemonldap::NG::Portal::Lib::OverConf'; with 'Lemonldap::NG::Portal::Lib::OverConf';
...@@ -266,15 +266,7 @@ sub run { ...@@ -266,15 +266,7 @@ sub run {
} }
# Search for authorized modules for this user # Search for authorized modules for this user
my @am; my @am = $self->searchForAuthorized2Fmodules($req);
foreach my $m ( @{ $self->sfModules } ) {
$self->logger->debug(
'Looking if ' . $m->{m}->prefix . '2F is available' );
if ( $m->{r}->( $req, $req->sessionInfo ) ) {
$self->logger->debug(' -> OK');
push @am, $m->{m};
}
}
# If no 2F module is authorized, skipping 2F # If no 2F module is authorized, skipping 2F
# Note that a rule may forbid access after (GrantSession plugin) # Note that a rule may forbid access after (GrantSession plugin)
...@@ -546,4 +538,18 @@ sub restoreSession { ...@@ -546,4 +538,18 @@ sub restoreSession {
: $self->_displayRegister( $req, @path ); : $self->_displayRegister( $req, @path );
} }
sub searchForAuthorized2Fmodules {
my ( $self, $req ) = @_;
my @am;
foreach my $m ( @{ $self->sfModules } ) {
$self->logger->debug(
'Looking if ' . $m->{m}->prefix . '2F is available' );
if ( $m->{r}->( $req, $req->sessionInfo ) ) {
$self->logger->debug(' -> OK');
push @am, $m->{m};
}
}
return @am;
}
1; 1;
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm
View file @ a48daee3
package Lemonldap::NG::Portal::Main::Process; package Lemonldap::NG::Portal::Main::Process;
our $VERSION = '2.0.7'; our $VERSION = '2.0.8';
package Lemonldap::NG::Portal::Main; package Lemonldap::NG::Portal::Main;
...@@ -483,8 +483,11 @@ sub store { ...@@ -483,8 +483,11 @@ sub store {
# Update current request # Update current request
$req->id( $session->id ); $req->id( $session->id );
$req->{sessionInfo}->{_session_id} = $session->{id}; unless ( $self->_sfEngine->searchForAuthorized2Fmodules($req) ) {
$req->{sessionInfo}->{_session_kind} = $session->{kind}; $self->logger->debug("No 2F module authorized -> Update current request");
$req->{sessionInfo}->{_session_id} = $session->{id};
$req->{sessionInfo}->{_session_kind} = $session->{kind};
}
# Compute unsecured cookie value if needed # Compute unsecured cookie value if needed
if ( $self->conf->{securedCookie} == 3 and !$req->refresh ) { if ( $self->conf->{securedCookie} == 3 and !$req->refresh ) {
......
lemonldap-ng-portal/t/78-2F-Upgrade.t
View file @ a48daee3
...@@ -144,7 +144,7 @@ expectRedirection( $res, 'http://test1.example.com' ); ...@@ -144,7 +144,7 @@ expectRedirection( $res, 'http://test1.example.com' );
$id = expectCookie($res); $id = expectCookie($res);
my $cookies = getCookies($res); my $cookies = getCookies($res);
ok( !defined( $cookies->{lemonldappdata} ), " Make sure no pdata is returned" ); ok( !$cookies->{lemonldappdata}, " Make sure no pdata is returned" );
count(1); count(1);
clean_sessions(); clean_sessions();
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment