Commit e40d8ccc authored by Yadd's avatar Yadd

CheckState plugin (fixes: #1400)

parent 86283952
......@@ -129,7 +129,7 @@
.\" ========================================================================
.\"
.IX Title "llng-fastcgi-server 1"
.TH llng-fastcgi-server 1 "2018-03-22" "perl v5.26.1" "User Contributed Perl Documentation"
.TH llng-fastcgi-server 1 "2018-05-13" "perl v5.26.2" "User Contributed Perl Documentation"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
......
......@@ -753,6 +753,12 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
'cfgVersion' => {
'type' => 'text'
},
'checkState' => {
'type' => 'bool'
},
'checkStateSecret' => {
'type' => 'text'
},
'checkXSS' => {
'default' => 1,
'type' => 'bool'
......
......@@ -368,6 +368,14 @@ sub attributes {
type => 'bool',
documentation => 'Enable StayConnected plugin',
},
checkState => {
type => 'bool',
documentation => 'Enable CheckState plugin',
},
checkStateSecret => {
type => 'text',
documentation => 'Secret token for CheckState plugin',
},
# Loggers (ini only)
logLevel => {
......
......@@ -635,6 +635,11 @@ sub tree {
help => 'autoSignin.html',
nodes => ['autoSigninRules'],
},
{
title => 'stateCheck',
help => 'checkstate.html',
nodes => [ 'checkState', 'checkStateSecret', ],
},
]
},
{
......
......@@ -146,6 +146,8 @@
"cfgVersion":"عملية ضبط الإصدارات",
"checkXSS":"تحقق من هجمات XSS",
"clickHereToForce":"انقر هنا لإجبار",
"checkState":"Activation",
"checkStateSecret":"Shared secret",
"choiceParams":"اختيارالإعدادات",
"chooseLogo":"اختيار الشعار",
"chooseSkin":"اختيار الغلاف",
......@@ -704,6 +706,7 @@
"SSLVar":"حقل الشهادة الرقمية المستخرجة",
"SSLVarIf":"حقل الشهادة الرقمية المستخرجة الشرطية",
"ssoSessions":"جلسات السسو",
"stateCheck":"State Check",
"stayConnected":"الاتصالات المستمرة",
"successfullySaved":"تم الحفظ بنجاح",
"storePassword":"تخزين كلمة مرور المستخدم في بيانات الجلسة",
......
......@@ -146,6 +146,8 @@
"cfgVersion":"Configuration version",
"checkXSS":"Check XSS attacks",
"clickHereToForce":"Click here to force",
"checkState":"Activation",
"checkStateSecret":"Shared secret",
"choiceParams":"Choice parameters",
"chooseLogo":"Choose logo",
"chooseSkin":"Choose skin",
......@@ -704,6 +706,7 @@
"SSLVar":"Extracted certificate field",
"SSLVarIf":"Conditional extracted certificate field",
"ssoSessions":"SSO sessions",
"stateCheck":"State Check",
"stayConnected":"Persistent connections",
"successfullySaved":"Successfully saved",
"storePassword":"Store user password in session datas",
......
......@@ -146,6 +146,8 @@
"cfgVersion":"Version de la configuration",
"checkXSS":"Contrôler les attaques XSS",
"clickHereToForce":"Cliquer ici pour forcer",
"checkState":"Activation",
"checkStateSecret":"Secret partagé",
"choiceParams":"Paramètres des choix",
"chooseLogo":"Choisir le logo",
"chooseSkin":"Choisir le thème",
......@@ -704,6 +706,7 @@
"SSLVar":"Champ extrait du certificat",
"SSLVarIf":"Champ conditionnel extrait du certificat",
"ssoSessions":"Sessions SSO",
"stateCheck":"Vérification de l'état",
"stayConnected":"Connexions persistantes",
"successfullySaved":"Sauvegarde effectuée",
"storePassword":"Stocke le mot de passe de l'utilisateur en session",
......
......@@ -146,6 +146,8 @@
"cfgVersion":"Versione configurazione",
"checkXSS":"Verifica attacchi XSS",
"clickHereToForce":"Clicca qui per forzare",
"checkState":"Activation",
"checkStateSecret":"Shared secret",
"choiceParams":"Scelta parametri",
"chooseLogo":"Scegli logo",
"chooseSkin":"Scegli interfaccia",
......@@ -704,6 +706,7 @@
"SSLVar":"Campo certificato estratto",
"SSLVarIf":"Campo di certificato estratto condizionale",
"ssoSessions":"Sessioni SSO",
"stateCheck":"State Check",
"stayConnected":"Connessioni persistenti",
"successfullySaved":"Salvato con successo",
"storePassword":"Memorizzare la password dell'utente nei dati di sessione",
......
......@@ -146,6 +146,8 @@
"cfgVersion":"Phiên bản cấu hình",
"checkXSS":"Kiểm tra tấn công XSS",
"clickHereToForce":"Nhấp vào đây để bắt buộc",
"checkState":"Activation",
"checkStateSecret":"Shared secret",
"choiceParams":"Các tham số lựa chọn",
"chooseLogo":"Chọn logo",
"chooseSkin":"Chọn giao diện",
......@@ -659,8 +661,8 @@
"save":"Lưu",
"saveReport":"Lưu báo cáo",
"savingConfirmation":"Lưu xác nhận",
"secondFactors":"Second factors",
"search":"Search ...",
"secondFactors":"Second factors",
"securedCookie":"Cookie bảo mật (SSL)",
"security":"An ninh",
"serverError":"Lỗi máy chủ",
......@@ -704,6 +706,7 @@
"SSLVar":"Trích xuất trường chứng chỉ",
"SSLVarIf":"Trích xuất trường chứng chỉ có điều kiện",
"ssoSessions":"Phiên SSO",
"stateCheck":"State Check",
"stayConnected":"Duy trì kết nối",
"successfullySaved":"Lưu thành công",
"storePassword":"Lưu trữ mật khẩu người dùng trong các dữ liệu phiên",
......
......@@ -94,6 +94,7 @@ lib/Lemonldap/NG/Portal/Password/Null.pm
lib/Lemonldap/NG/Portal/Password/REST.pm
lib/Lemonldap/NG/Portal/Plugins/AutoSignin.pm
lib/Lemonldap/NG/Portal/Plugins/CDA.pm
lib/Lemonldap/NG/Portal/Plugins/CheckState.pm
lib/Lemonldap/NG/Portal/Plugins/GrantSession.pm
lib/Lemonldap/NG/Portal/Plugins/History.pm
lib/Lemonldap/NG/Portal/Plugins/MailReset.pm
......
......@@ -22,6 +22,7 @@ our @pList = (
grantSessionRule => '::Plugins::GrantSession',
upgradeSession => '::Plugins::Upgrade',
autoSigninRules => '::Plugins::AutoSignin',
checkState => '::Plugins::CheckState',
);
##@method list enabledPlugins
......
# Check state plugin
#
# test if portal is well loaded. If user/pasword parameters are set, it tests
# also login process
package Lemonldap::NG::Portal::Plugins::CheckState;
use strict;
use Mouse;
our $VERSION = '2.0.0';
extends 'Lemonldap::NG::Portal::Main::Plugin';
# INITIALIZATION
sub init {
my ($self) = @_;
unless ( $self->conf->{checkStateSecret} ) {
$self->logger->error(
'checkStateSecret is required for "check state" plugin');
return 0;
}
$self->addUnauthRoute( checkstate => 'check', ['GET'] );
return 1;
}
sub check {
my ( $self, $req ) = @_;
my @rep;
unless ($req->param('secret')
and $req->param('secret') eq $self->conf->{checkStateSecret} )
{
return $self->p->sendError( $req, 'Bad secret' );
}
$req->steps( [ 'controlUrl', @{ $self->p->beforeAuth } ] );
my $res = $self->p->process($req);
if ( $res > 0 ) {
push @rep, "Bad result before auth: $res";
}
if ( my $user = $req->param('user') and my $pwd = $req->param('password') )
{
# Note that "extractFormInfo" isn't launched due to "token"
$req->user($user);
$req->datas->{password} = $pwd;
$req->steps(
[
'getUser', 'authenticate',
@{ $self->p->betweenAuthAndDatas }, $self->p->sessionDatas,
@{ $self->p->afterDatas }
]
);
if ( $res = $self->p->process( $req, ) ) {
push @rep, "Bad result during auth: $res";
}
$self->p->deleteSession($req);
}
if (@rep) {
return $self->p->sendError( $req, join( ",\n", @rep ), 500 );
}
else {
return $self->p->sendJSONresponse( $req, { result => 1 } );
}
}
1;
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment