Commit c84bc724 authored by Christophe Maudoux's avatar Christophe Maudoux 🐛

Hidde warning and improve debug msg

parent a0f1abee
...@@ -34,7 +34,7 @@ sub init { ...@@ -34,7 +34,7 @@ sub init {
if ( $self->conf->{totp2fSelfRegistration} if ( $self->conf->{totp2fSelfRegistration}
and $self->conf->{totp2fActivation} eq '1' ) and $self->conf->{totp2fActivation} eq '1' )
{ {
$self->conf->{totp2fActivation} = '$_2fDevices =~ /"type":\s*"TOTP"/s'; $self->conf->{totp2fActivation} = '$_2fDevices && $_2fDevices =~ /"type":\s*"TOTP"/s';
} }
return $self->SUPER::init(); return $self->SUPER::init();
} }
......
...@@ -37,7 +37,7 @@ sub init { ...@@ -37,7 +37,7 @@ sub init {
if ( $self->conf->{u2fSelfRegistration} if ( $self->conf->{u2fSelfRegistration}
and $self->conf->{u2fActivation} eq '1' ) and $self->conf->{u2fActivation} eq '1' )
{ {
$self->conf->{u2fActivation} = '$_2fDevices =~ /"type":\s*"U2F"/s'; $self->conf->{u2fActivation} = '$_2fDevices && $_2fDevices =~ /"type":\s*"U2F"/s';
} }
return 0 return 0
unless ( $self->Lemonldap::NG::Portal::Main::SecondFactor::init() unless ( $self->Lemonldap::NG::Portal::Main::SecondFactor::init()
...@@ -79,6 +79,9 @@ sub run { ...@@ -79,6 +79,9 @@ sub run {
$self->ott->updateToken( $token, __ch => $data->{challenge} ); $self->ott->updateToken( $token, __ch => $data->{challenge} );
$self->logger->debug("Prepare U2F verification");
$self->logger->debug(" -> Send challenge: ". $data->{challenge});
# Serialize data # Serialize data
$data = to_json( $data = to_json(
{ {
...@@ -98,7 +101,6 @@ sub run { ...@@ -98,7 +101,6 @@ sub run {
CHECKLOGINS => $checkLogins CHECKLOGINS => $checkLogins
} }
); );
$self->logger->debug("Prepare U2F verification");
$req->response($tmp); $req->response($tmp);
return PE_SENDRESPONSE; return PE_SENDRESPONSE;
...@@ -206,9 +208,9 @@ sub loadUser { ...@@ -206,9 +208,9 @@ sub loadUser {
return PE_ERROR; return PE_ERROR;
} }
$self->logger->debug("2F Device(s) found"); $self->logger->debug("2F Device(s) found");
$self->logger->debug("Looking for registered U2F key(s) ...");
foreach (@$_2fDevices) { foreach (@$_2fDevices) {
$self->logger->debug("Looking for registered U2F key(s) ...");
if ( $_->{type} eq 'U2F' ) { if ( $_->{type} eq 'U2F' ) {
unless ( $_->{_userKey} and $_->{_keyHandle} ) { unless ( $_->{_userKey} and $_->{_keyHandle} ) {
$self->logger->error( $self->logger->error(
...@@ -218,7 +220,7 @@ sub loadUser { ...@@ -218,7 +220,7 @@ sub loadUser {
} }
$self->logger->debug( "Found U2F key -> _userKey = " $self->logger->debug( "Found U2F key -> _userKey = "
. $_->{_userKey} . $_->{_userKey}
. "/ _keyHandle = " . " / _keyHandle = "
. $_->{_keyHandle} ); . $_->{_keyHandle} );
$_->{_userKey} = $self->decode_base64url( $_->{_userKey} ); $_->{_userKey} = $self->decode_base64url( $_->{_userKey} );
push @u2fs, $_; push @u2fs, $_;
...@@ -229,11 +231,12 @@ sub loadUser { ...@@ -229,11 +231,12 @@ sub loadUser {
# Manage multi u2f keys # Manage multi u2f keys
my @crypters; my @crypters;
if (@u2fs) { if (@u2fs) {
$self->logger->debug("kh & uk -> OK"); $self->logger->debug("Generating crypter(s) with uk & kh");
foreach (@u2fs) { foreach (@u2fs) {
$kh = $_->{_keyHandle}; $kh = $_->{_keyHandle};
$uk = $_->{_userKey}; $uk = $_->{_userKey};
$self->logger->debug("Append crypter with kh -> $kh");
my $c = $self->crypter( keyHandle => $kh, publicKey => $uk ); my $c = $self->crypter( keyHandle => $kh, publicKey => $uk );
if ($c) { if ($c) {
push @crypters, $c; push @crypters, $c;
......
...@@ -38,7 +38,7 @@ sub init { ...@@ -38,7 +38,7 @@ sub init {
) )
{ {
$self->conf->{utotp2fActivation} = $self->conf->{utotp2fActivation} =
'$_2fDevices =~ /"type":\s*"(?:TOTP|U2F)"/s'; '$_2fDevices && $_2fDevices =~ /"type":\s*"(?:TOTP|U2F)"/s';
} }
foreach (qw(U2F TOTP)) { foreach (qw(U2F TOTP)) {
...@@ -88,7 +88,7 @@ sub run { ...@@ -88,7 +88,7 @@ sub run {
# Get registered keys # Get registered keys
my @rk; my @rk;
foreach ( @{ $req->data->{crypter} } ) { foreach ( @{ $req->data->{crypter} } ) {
my $k = push @rk, push @rk,
{ keyHandle => $_->{keyHandle}, version => $data->{version} }; { keyHandle => $_->{keyHandle}, version => $data->{version} };
} }
......
...@@ -41,7 +41,7 @@ sub init { ...@@ -41,7 +41,7 @@ sub init {
and $self->conf->{yubikey2fActivation} eq '1' ) and $self->conf->{yubikey2fActivation} eq '1' )
{ {
$self->conf->{yubikey2fActivation} = $self->conf->{yubikey2fActivation} =
'$_2fDevices =~ /"type":\s*"UBK"/s'; '$_2fDevices && $_2fDevices =~ /"type":\s*"UBK"/s';
} }
unless ($self->conf->{yubikey2fClientID} unless ($self->conf->{yubikey2fClientID}
and $self->conf->{yubikey2fSecretKey} ) and $self->conf->{yubikey2fSecretKey} )
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment