Commit 0a14da29 authored by Christophe Maudoux's avatar Christophe Maudoux 🐛

Append unknownAction error + minor improvements

parent aeb1d41f
......@@ -171,8 +171,11 @@ sub run {
$self->p->updatePersistentSession( $req,
{ _2fDevices => to_json( \@keep ) } );
$self->userLogger->notice('TOTP registration succeed');
return [ 200, [ 'Content-Type' => 'application/json', 'Content-Length' => 12, ],
['{"result":1}'] ];
return [
200,
[ 'Content-Type' => 'application/json', 'Content-Length' => 12, ],
['{"result":1}']
];
}
# Get or generate master key
......@@ -263,15 +266,15 @@ sub run {
);
}
# Check if unregistration is allowed
unless ( $self->conf->{totp2fUserCanRemoveKey} ) {
return $self->p->sendError( $req, 'notAuthorized', 400 );
}
# Delete TOTP
if ( $action eq 'delete' ) {
elsif ( $action eq 'delete' ) {
my $epoch = $req->param('epoch');
# Check if unregistration is allowed
unless ( $self->conf->{totp2fUserCanRemoveKey} ) {
return $self->p->sendError( $req, 'notAuthorized', 400 );
}
# Read existing 2FDevices
$self->logger->debug("Loading 2F Devices ...");
my $_2fDevices;
......@@ -304,8 +307,15 @@ sub run {
$self->p->updatePersistentSession( $req,
{ _2fDevices => to_json( \@keep ) } );
$self->userLogger->notice('TOTP deletion succeed');
return [ 200, [ 'Content-Type' => 'application/json', 'Content-Length' => 12, ],
['{"result":1}'] ];
return [
200,
[ 'Content-Type' => 'application/json', 'Content-Length' => 12, ],
['{"result":1}']
];
}
else {
$self->logger->error("Unknown TOTP action -> $action");
return $self->p->sendError( $req, 'unknownAction', 400 );
}
}
......
......@@ -295,8 +295,11 @@ sub run {
$self->userLogger->warn("U2F Unregistration failed: $err");
return $self->p->sendError( $req, $err, 200 );
}
$self->logger->error("Unknown action $action");
return $self->p->sendError( $req, 'notAuthorized', 200 );
else {
$self->logger->error("Unknown U2F action -> $action");
return $self->p->sendError( $req, 'unknownAction', 400 );
}
}
sub loadUser {
......
......@@ -137,14 +137,14 @@ sub run {
}
}
# Check if unregistration is allowed
unless ( $self->conf->{yubikey2fUserCanRemoveKey} ) {
return $self->p->sendError( $req, 'notAuthorized', 400 );
}
if ( $action eq 'delete' ) {
elsif ( $action eq 'delete' ) {
my $epoch = $req->param('epoch');
# Check if unregistration is allowed
unless ( $self->conf->{yubikey2fUserCanRemoveKey} ) {
return $self->p->sendError( $req, 'notAuthorized', 400 );
}
# Read existing 2FDevices
$self->logger->debug("Looking for 2F Devices ...");
my $_2fDevices;
......@@ -185,14 +185,8 @@ sub run {
}
else {
$self->userLogger->error("Unknown Yubikey action $action");
return $self->p->sendHtml(
$req, 'error',
params => {
AUTH_ERROR => PE_ERROR,
AUTH_ERROR_TYPE => 'positive',
}
);
$self->logger->error("Unknown Yubikey action -> $action");
return $self->p->sendError( $req, 'unknownAction', 400 );
}
}
......
......@@ -27,8 +27,6 @@ delete2F = (device, epoch) ->
device = 'totp'
else setMsg 'u2fFailed', 'warning'
$("#delete-#{epoch}").hide()
$.ajax
type: "POST"
url: "#{portal}2fregisters/#{device}/delete"
......@@ -38,8 +36,11 @@ delete2F = (device, epoch) ->
error: displayError
success: (resp) ->
if resp.error
setMsg 'notAuthorized', 'warning'
if resp.error.match /notAuthorized/
setMsg 'notAuthorized', 'warning'
else setMsg 'unknownAction', 'warning'
else if resp.result
$("#delete-#{epoch}").hide()
setMsg 'yourKeyIsUnregistered', 'positive'
error: displayError
......
// Generated by CoffeeScript 1.9.3
// Generated by CoffeeScript 1.12.7
/*
LemonLDAP::NG 2F registration script
......@@ -38,7 +38,6 @@ LemonLDAP::NG 2F registration script
} else {
setMsg('u2fFailed', 'warning');
}
$("#delete-" + epoch).hide();
return $.ajax({
type: "POST",
url: portal + "2fregisters/" + device + "/delete",
......@@ -49,8 +48,13 @@ LemonLDAP::NG 2F registration script
error: displayError,
success: function(resp) {
if (resp.error) {
return setMsg('notAuthorized', 'warning');
if (resp.error.match(/notAuthorized/)) {
return setMsg('notAuthorized', 'warning');
} else {
return setMsg('unknownAction', 'warning');
}
} else if (resp.result) {
$("#delete-" + epoch).hide();
return setMsg('yourKeyIsUnregistered', 'positive');
}
},
......
(function(){var b,a,c;c=function(d,e){$("#msg").html(window.translate(d));$("#color").removeClass("message-positive message-warning alert-success alert-warning");$("#color").addClass("message-"+e);if(e==="positive"){e="success"}return $("#color").addClass("alert-"+e)};a=function(e,d,g){var f;console.log("Error",g);f=JSON.parse(e.responseText);if(f&&f.error){f=f.error.replace(/.* /,"");console.log("Returned error",f);return c(f,"warning")}};b=function(d,e){if(d==="U2F"){d="u"}else{if(d==="UBK"){d="yubikey"}else{if(d==="TOTP"){d="totp"}else{c("u2fFailed","warning")}}}$("#delete-"+e).hide();return $.ajax({type:"POST",url:portal+"2fregisters/"+d+"/delete",data:{epoch:e},dataType:"json",error:a,success:function(f){if(f.error){return c("notAuthorized","warning")}else{if(f.result){return c("yourKeyIsUnregistered","positive")}}},error:a})};$(document).ready(function(){$("body").on("click",".btn-danger",function(){return b($(this).attr("device"),$(this).attr("epoch"))});$("#goback").attr("href",portal);return $(".data-epoch").each(function(){var d;d=new Date($(this).text()*1000);return $(this).text(d.toLocaleString())})})}).call(this);
\ No newline at end of file
(function(){var delete2F,displayError,setMsg;setMsg=function(msg,level){$("#msg").html(window.translate(msg));$("#color").removeClass("message-positive message-warning alert-success alert-warning");$("#color").addClass("message-"+level);if(level==="positive"){level="success"}return $("#color").addClass("alert-"+level)};displayError=function(j,status,err){var res;console.log("Error",err);res=JSON.parse(j.responseText);if(res&&res.error){res=res.error.replace(/.* /,"");console.log("Returned error",res);return setMsg(res,"warning")}};delete2F=function(device,epoch){if(device==="U2F"){device="u"}else if(device==="UBK"){device="yubikey"}else if(device==="TOTP"){device="totp"}else{setMsg("u2fFailed","warning")}return $.ajax({type:"POST",url:portal+"2fregisters/"+device+"/delete",data:{epoch:epoch},dataType:"json",error:displayError,success:function(resp){if(resp.error){if(resp.error.match(/notAuthorized/)){return setMsg("notAuthorized","warning")}else{return setMsg("unknownAction","warning")}}else if(resp.result){$("#delete-"+epoch).hide();return setMsg("yourKeyIsUnregistered","positive")}},error:displayError})};$(document).ready(function(){$("body").on("click",".btn-danger",function(){return delete2F($(this).attr("device"),$(this).attr("epoch"))});$("#goback").attr("href",portal);return $(".data-epoch").each(function(){var myDate;myDate=new Date($(this).text()*1e3);return $(this).text(myDate.toLocaleString())})})}).call(this);
......@@ -212,6 +212,7 @@
"u2fPermission": "قد تتم مطالبتك بالسماح للموقع إذن الوصول إلى مفاتيح الأمان الخاصة بك.بعد منح الإذن، سيبدأ الجهاز في العملية.",
"u2fWelcome": "U2F device management",
"unableToGetKey": "تعذر الوصول إلى المفتاح. أعد محاولة الاتصال بالمشرف أو اتصل به",
"unknownAction":"Unknown action",
"unregister": "إلغاء",
"updateCdc": "تحديث ملف تعريف ارتباط المجال المشترك",
"upgradeSession":"ترقية الجلسة",
......
......@@ -212,6 +212,7 @@
"u2fPermission": "You may be prompted to allow the site permission to access your security keys. After granting permission, the device will start to blink.",
"u2fWelcome": "U2F device management",
"unableToGetKey": "Unable to access to your key. Retry or contact your administrator",
"unknownAction":"Unknown action",
"unregister": "Abmelden",
"updateCdc": "Update Common Domain Cookie",
"upgradeSession":"Upgrade session",
......
......@@ -212,6 +212,7 @@
"u2fPermission": "You may be prompted to allow the site permission to access your security keys. After granting permission, the device will start to blink.",
"u2fWelcome": "U2F device management",
"unableToGetKey": "Unable to access to your key. Retry or contact your administrator",
"unknownAction":"Unknown action",
"unregister": "Unregister",
"updateCdc": "Update Common Domain Cookie",
"upgradeSession":"Upgrade session",
......
......@@ -212,6 +212,7 @@
"u2fPermission": "You may be prompted to allow the site permission to access your security keys. After granting permission, the device will start to blink.",
"u2fWelcome": "U2F device management",
"unableToGetKey": "Unable to access to your key. Retry or contact your administrator",
"unknownAction":"Unknown action",
"unregister": "No Registrado",
"updateCdc": "Update Common Domain Cookie",
"upgradeSession":"Upgrade session",
......
......@@ -212,6 +212,7 @@
"u2fPermission": "Il est possible qu'on vous demande d'autoriser le site à accéder à votre clef. Après votre accord, la clef clignotera.",
"u2fWelcome": "Gestion du périphérique U2F",
"unableToGetKey": "Impossible d'accéder à la clef. Réessayez ou contactez votre administrateur",
"unknownAction":"Action inconnue",
"unregister": "Supprimer",
"updateCdc": "Mise à jour du cookie de domaine commun",
"upgradeSession":"Se réauthentifier",
......
......@@ -212,6 +212,7 @@
"u2fPermission": "È possibile che venga richiesto di consentire il permesso del sito per accedere alle chiavi di sicurezza. Dopo aver concesso il permesso, il dispositivo inizierà a lampeggiare.",
"u2fWelcome": "U2F device management",
"unableToGetKey": "Impossibile accedere alla chiave. Riprovare o contattare l'amministratore",
"unknownAction":"Unknown action",
"unregister": "Non Registra",
"updateCdc": "Aggiorna il Cookie di Common Domain",
"upgradeSession":"Sessione di aggiornamento",
......
......@@ -212,6 +212,7 @@
"u2fPermission": "You may be prompted to allow the site permission to access your security keys. After granting permission, the device will start to blink.",
"u2fWelcome": "U2F device management",
"unableToGetKey": "Unable to access to your key. Retry or contact your administrator",
"unknownAction":"Unknown action",
"unregister": "Uitschrijven",
"updateCdc": "Update Common Domain Cookie",
"upgradeSession":"Upgrade session",
......
......@@ -212,6 +212,7 @@
"u2fPermission": "You may be prompted to allow the site permission to access your security keys. After granting permission, the device will start to blink.",
"u2fWelcome": "U2F device management",
"unableToGetKey": "Unable to access to your key. Retry or contact your administrator",
"unknownAction":"Unknown action",
"unregister": "Cancelar o Registro",
"updateCdc": "Update Common Domain Cookie",
"upgradeSession":"Upgrade session",
......
......@@ -212,6 +212,7 @@
"u2fPermission": "You may be prompted to allow the site permission to access your security keys. After granting permission, the device will start to blink.",
"u2fWelcome": "U2F device management",
"unableToGetKey": "Unable to access to your key. Retry or contact your administrator",
"unknownAction":"Unknown action",
"unregister": "Unregister",
"updateCdc": "Update Common Domain Cookie",
"upgradeSession":"Upgrade session",
......
......@@ -212,6 +212,7 @@
"u2fPermission": "Bạn có thể được nhắc cho phép trang web được phép truy cập vào các khóa bảo mật của bạn. Sau khi cho phép, thiết bị sẽ bắt đầu nhấp nháy. ",
"u2fWelcome": "U2F device management",
"unableToGetKey": "Không thể truy cập khóa của bạn. Thử lại hoặc liên hệ với quản trị viên của bạn ",
"unknownAction":"Unknown action",
"unregister": "Hủy đăng ký",
"updateCdc": "Cập nhật Cookie miền thông thường",
"upgradeSession":"Phiên nâng cấp",
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment