Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
lemonldap-ng
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Service Desk
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Incidents
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Xavier Bachelot
lemonldap-ng
Commits
e40d8ccc
Commit
e40d8ccc
authored
May 15, 2018
by
Xavier Guimard
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
CheckState plugin (fixes: #1400)
parent
86283952
Changes
14
Expand all
Hide whitespace changes
Inline
Side-by-side
Showing
14 changed files
with
106 additions
and
4 deletions
+106
-4
fastcgi-server/man/llng-fastcgi-server.1p
fastcgi-server/man/llng-fastcgi-server.1p
+1
-1
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
+6
-0
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
...p-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
+8
-0
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm
+5
-0
lemonldap-ng-manager/site/htdocs/static/languages/ar.json
lemonldap-ng-manager/site/htdocs/static/languages/ar.json
+3
-0
lemonldap-ng-manager/site/htdocs/static/languages/en.json
lemonldap-ng-manager/site/htdocs/static/languages/en.json
+3
-0
lemonldap-ng-manager/site/htdocs/static/languages/fr.json
lemonldap-ng-manager/site/htdocs/static/languages/fr.json
+3
-0
lemonldap-ng-manager/site/htdocs/static/languages/it.json
lemonldap-ng-manager/site/htdocs/static/languages/it.json
+3
-0
lemonldap-ng-manager/site/htdocs/static/languages/vi.json
lemonldap-ng-manager/site/htdocs/static/languages/vi.json
+4
-1
lemonldap-ng-manager/site/htdocs/static/reverseTree.json
lemonldap-ng-manager/site/htdocs/static/reverseTree.json
+1
-1
lemonldap-ng-manager/site/htdocs/static/struct.json
lemonldap-ng-manager/site/htdocs/static/struct.json
+1
-1
lemonldap-ng-portal/MANIFEST
lemonldap-ng-portal/MANIFEST
+1
-0
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm
+1
-0
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckState.pm
...p-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckState.pm
+66
-0
No files found.
fastcgi-server/man/llng-fastcgi-server.1p
View file @
e40d8ccc
...
...
@@ -129,7 +129,7 @@
.\" ========================================================================
.\"
.IX Title "llng-fastcgi-server 1"
.TH llng-fastcgi-server 1 "2018-0
3-22" "perl v5.26.1
" "User Contributed Perl Documentation"
.TH llng-fastcgi-server 1 "2018-0
5-13" "perl v5.26.2
" "User Contributed Perl Documentation"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
...
...
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
View file @
e40d8ccc
...
...
@@ -753,6 +753,12 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
'
cfgVersion
'
=>
{
'
type
'
=>
'
text
'
},
'
checkState
'
=>
{
'
type
'
=>
'
bool
'
},
'
checkStateSecret
'
=>
{
'
type
'
=>
'
text
'
},
'
checkXSS
'
=>
{
'
default
'
=>
1
,
'
type
'
=>
'
bool
'
...
...
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
View file @
e40d8ccc
...
...
@@ -368,6 +368,14 @@ sub attributes {
type
=>
'
bool
',
documentation
=>
'
Enable StayConnected plugin
',
},
checkState
=>
{
type
=>
'
bool
',
documentation
=>
'
Enable CheckState plugin
',
},
checkStateSecret
=>
{
type
=>
'
text
',
documentation
=>
'
Secret token for CheckState plugin
',
},
# Loggers (ini only)
logLevel
=>
{
...
...
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm
View file @
e40d8ccc
...
...
@@ -635,6 +635,11 @@ sub tree {
help
=>
'
autoSignin.html
',
nodes
=>
['
autoSigninRules
'],
},
{
title
=>
'
stateCheck
',
help
=>
'
checkstate.html
',
nodes
=>
[
'
checkState
',
'
checkStateSecret
',
],
},
]
},
{
...
...
lemonldap-ng-manager/site/htdocs/static/languages/ar.json
View file @
e40d8ccc
...
...
@@ -146,6 +146,8 @@
"cfgVersion"
:
"عملية ضبط الإصدارات"
,
"checkXSS"
:
"تحقق من هجمات XSS"
,
"clickHereToForce"
:
"انقر هنا لإجبار"
,
"checkState"
:
"Activation"
,
"checkStateSecret"
:
"Shared secret"
,
"choiceParams"
:
"اختيارالإعدادات"
,
"chooseLogo"
:
"اختيار الشعار"
,
"chooseSkin"
:
"اختيار الغلاف"
,
...
...
@@ -704,6 +706,7 @@
"SSLVar"
:
"حقل الشهادة الرقمية المستخرجة"
,
"SSLVarIf"
:
"حقل الشهادة الرقمية المستخرجة الشرطية"
,
"ssoSessions"
:
"جلسات السسو"
,
"stateCheck"
:
"State Check"
,
"stayConnected"
:
"الاتصالات المستمرة"
,
"successfullySaved"
:
"تم الحفظ بنجاح"
,
"storePassword"
:
"تخزين كلمة مرور المستخدم في بيانات الجلسة"
,
...
...
lemonldap-ng-manager/site/htdocs/static/languages/en.json
View file @
e40d8ccc
...
...
@@ -146,6 +146,8 @@
"cfgVersion"
:
"Configuration version"
,
"checkXSS"
:
"Check XSS attacks"
,
"clickHereToForce"
:
"Click here to force"
,
"checkState"
:
"Activation"
,
"checkStateSecret"
:
"Shared secret"
,
"choiceParams"
:
"Choice parameters"
,
"chooseLogo"
:
"Choose logo"
,
"chooseSkin"
:
"Choose skin"
,
...
...
@@ -704,6 +706,7 @@
"SSLVar"
:
"Extracted certificate field"
,
"SSLVarIf"
:
"Conditional extracted certificate field"
,
"ssoSessions"
:
"SSO sessions"
,
"stateCheck"
:
"State Check"
,
"stayConnected"
:
"Persistent connections"
,
"successfullySaved"
:
"Successfully saved"
,
"storePassword"
:
"Store user password in session datas"
,
...
...
lemonldap-ng-manager/site/htdocs/static/languages/fr.json
View file @
e40d8ccc
...
...
@@ -146,6 +146,8 @@
"cfgVersion"
:
"Version de la configuration"
,
"checkXSS"
:
"Contrôler les attaques XSS"
,
"clickHereToForce"
:
"Cliquer ici pour forcer"
,
"checkState"
:
"Activation"
,
"checkStateSecret"
:
"Secret partagé"
,
"choiceParams"
:
"Paramètres des choix"
,
"chooseLogo"
:
"Choisir le logo"
,
"chooseSkin"
:
"Choisir le thème"
,
...
...
@@ -704,6 +706,7 @@
"SSLVar"
:
"Champ extrait du certificat"
,
"SSLVarIf"
:
"Champ conditionnel extrait du certificat"
,
"ssoSessions"
:
"Sessions SSO"
,
"stateCheck"
:
"Vérification de l'état"
,
"stayConnected"
:
"Connexions persistantes"
,
"successfullySaved"
:
"Sauvegarde effectuée"
,
"storePassword"
:
"Stocke le mot de passe de l'utilisateur en session"
,
...
...
lemonldap-ng-manager/site/htdocs/static/languages/it.json
View file @
e40d8ccc
...
...
@@ -146,6 +146,8 @@
"cfgVersion"
:
"Versione configurazione"
,
"checkXSS"
:
"Verifica attacchi XSS"
,
"clickHereToForce"
:
"Clicca qui per forzare"
,
"checkState"
:
"Activation"
,
"checkStateSecret"
:
"Shared secret"
,
"choiceParams"
:
"Scelta parametri"
,
"chooseLogo"
:
"Scegli logo"
,
"chooseSkin"
:
"Scegli interfaccia"
,
...
...
@@ -704,6 +706,7 @@
"SSLVar"
:
"Campo certificato estratto"
,
"SSLVarIf"
:
"Campo di certificato estratto condizionale"
,
"ssoSessions"
:
"Sessioni SSO"
,
"stateCheck"
:
"State Check"
,
"stayConnected"
:
"Connessioni persistenti"
,
"successfullySaved"
:
"Salvato con successo"
,
"storePassword"
:
"Memorizzare la password dell'utente nei dati di sessione"
,
...
...
lemonldap-ng-manager/site/htdocs/static/languages/vi.json
View file @
e40d8ccc
...
...
@@ -146,6 +146,8 @@
"cfgVersion"
:
"Phiên bản cấu hình"
,
"checkXSS"
:
"Kiểm tra tấn công XSS"
,
"clickHereToForce"
:
"Nhấp vào đây để bắt buộc"
,
"checkState"
:
"Activation"
,
"checkStateSecret"
:
"Shared secret"
,
"choiceParams"
:
"Các tham số lựa chọn"
,
"chooseLogo"
:
"Chọn logo"
,
"chooseSkin"
:
"Chọn giao diện"
,
...
...
@@ -659,8 +661,8 @@
"save"
:
"Lưu"
,
"saveReport"
:
"Lưu báo cáo"
,
"savingConfirmation"
:
"Lưu xác nhận"
,
"secondFactors"
:
"Second factors"
,
"search"
:
"Search ..."
,
"secondFactors"
:
"Second factors"
,
"securedCookie"
:
"Cookie bảo mật (SSL)"
,
"security"
:
"An ninh"
,
"serverError"
:
"Lỗi máy chủ"
,
...
...
@@ -704,6 +706,7 @@
"SSLVar"
:
"Trích xuất trường chứng chỉ"
,
"SSLVarIf"
:
"Trích xuất trường chứng chỉ có điều kiện"
,
"ssoSessions"
:
"Phiên SSO"
,
"stateCheck"
:
"State Check"
,
"stayConnected"
:
"Duy trì kết nối"
,
"successfullySaved"
:
"Lưu thành công"
,
"storePassword"
:
"Lưu trữ mật khẩu người dùng trong các dữ liệu phiên"
,
...
...
lemonldap-ng-manager/site/htdocs/static/reverseTree.json
View file @
e40d8ccc
This diff is collapsed.
Click to expand it.
lemonldap-ng-manager/site/htdocs/static/struct.json
View file @
e40d8ccc
This diff is collapsed.
Click to expand it.
lemonldap-ng-portal/MANIFEST
View file @
e40d8ccc
...
...
@@ -94,6 +94,7 @@ lib/Lemonldap/NG/Portal/Password/Null.pm
lib/Lemonldap/NG/Portal/Password/REST.pm
lib/Lemonldap/NG/Portal/Plugins/AutoSignin.pm
lib/Lemonldap/NG/Portal/Plugins/CDA.pm
lib/Lemonldap/NG/Portal/Plugins/CheckState.pm
lib/Lemonldap/NG/Portal/Plugins/GrantSession.pm
lib/Lemonldap/NG/Portal/Plugins/History.pm
lib/Lemonldap/NG/Portal/Plugins/MailReset.pm
...
...
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm
View file @
e40d8ccc
...
...
@@ -22,6 +22,7 @@ our @pList = (
grantSessionRule
=>
'
::Plugins::GrantSession
',
upgradeSession
=>
'
::Plugins::Upgrade
',
autoSigninRules
=>
'
::Plugins::AutoSignin
',
checkState
=>
'
::Plugins::CheckState
',
);
##@method list enabledPlugins
...
...
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckState.pm
0 → 100644
View file @
e40d8ccc
# Check state plugin
#
# test if portal is well loaded. If user/pasword parameters are set, it tests
# also login process
package
Lemonldap::NG::Portal::Plugins::
CheckState
;
use
strict
;
use
Mouse
;
our
$VERSION
=
'
2.0.0
';
extends
'
Lemonldap::NG::Portal::Main::Plugin
';
# INITIALIZATION
sub
init
{
my
(
$self
)
=
@_
;
unless
(
$self
->
conf
->
{
checkStateSecret
}
)
{
$self
->
logger
->
error
(
'
checkStateSecret is required for "check state" plugin
');
return
0
;
}
$self
->
addUnauthRoute
(
checkstate
=>
'
check
',
['
GET
']
);
return
1
;
}
sub
check
{
my
(
$self
,
$req
)
=
@_
;
my
@rep
;
unless
(
$req
->
param
('
secret
')
and
$req
->
param
('
secret
')
eq
$self
->
conf
->
{
checkStateSecret
}
)
{
return
$self
->
p
->
sendError
(
$req
,
'
Bad secret
'
);
}
$req
->
steps
(
[
'
controlUrl
',
@
{
$self
->
p
->
beforeAuth
}
]
);
my
$res
=
$self
->
p
->
process
(
$req
);
if
(
$res
>
0
)
{
push
@rep
,
"
Bad result before auth:
$res
";
}
if
(
my
$user
=
$req
->
param
('
user
')
and
my
$pwd
=
$req
->
param
('
password
')
)
{
# Note that "extractFormInfo" isn't launched due to "token"
$req
->
user
(
$user
);
$req
->
datas
->
{
password
}
=
$pwd
;
$req
->
steps
(
[
'
getUser
',
'
authenticate
',
@
{
$self
->
p
->
betweenAuthAndDatas
},
$self
->
p
->
sessionDatas
,
@
{
$self
->
p
->
afterDatas
}
]
);
if
(
$res
=
$self
->
p
->
process
(
$req
,
)
)
{
push
@rep
,
"
Bad result during auth:
$res
";
}
$self
->
p
->
deleteSession
(
$req
);
}
if
(
@rep
)
{
return
$self
->
p
->
sendError
(
$req
,
join
(
"
,
\n
",
@rep
),
500
);
}
else
{
return
$self
->
p
->
sendJSONresponse
(
$req
,
{
result
=>
1
}
);
}
}
1
;
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment