Commit a6c461f7 authored by Christophe Maudoux's avatar Christophe Maudoux

WIP - Rename plugin PortalForceAuthn (#1507)

parent 85c6ad24
......@@ -178,9 +178,8 @@ sub defaultValues {
'portalDisplayOidcConsents' => '$_oidcConnectedRP',
'portalDisplayRegister' => 1,
'portalErrorOnExpiredSession' => 1,
'portalForceAuthn' => 1,
'portalForceAuthnInterval' => 5,
'portalForceReAuthn' => 1,
'portalForceReAuthnTempo' => 300,
'portalPingInterval' => 60000,
'portalRequireOldPassword' => 1,
'portalSkin' => 'bootstrap',
......
......@@ -2165,16 +2165,12 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
'default' => 0,
'type' => 'bool'
},
'portalForceAuthnInterval' => {
'default' => 5,
'type' => 'int'
},
'portalForceReAuthn' => {
'portalForceAuthn' => {
'default' => 1,
'type' => 'bool'
},
'portalForceReAuthnTempo' => {
'default' => 300,
'portalForceAuthnInterval' => {
'default' => 5,
'type' => 'int'
},
'portalOpenLinkInNewWindow' => {
......
......@@ -556,16 +556,17 @@ sub attributes {
type => 'bool',
documentation => 'Check XSS',
},
portalForceReAuthn => {
default => 1,
type => 'bool',
documentation => 'Enable force reAuthentification to access to Portal',
portalForceAuthn => {
default => 1,
type => 'bool',
documentation =>
'Enable force to authenticate when displaying portal',
},
portalForceReAuthnTempo => {
default => 300,
portalForceAuthnInterval => {
default => 5,
type => 'int',
documentation =>
'Portal force reAuthentification -> Tempo before try again',
'Maximun interval in seconds since last authentifcation to force reauthentication',
},
bruteForceProtection => {
default => 1,
......@@ -2121,9 +2122,7 @@ sub attributes {
type => 'bool',
default => 0,
},
samlIDPMetaDataOptionsUserAttribute => {
type => 'text',
},
samlIDPMetaDataOptionsUserAttribute => { type => 'text', },
# SP keys
samlSPMetaDataExportedAttributes => {
......
......@@ -92,7 +92,7 @@ use constant {
PE_UNAUTHORIZEDPARTNER => 84,
PE_RENEWSESSION => 85,
PE_WAIT => 86,
PE_MUSTREAUTHN => 87,
PE_MUSTAUTHN => 87,
};
# EXPORTER PARAMETERS
......@@ -118,7 +118,7 @@ our @EXPORT_OK = qw( PE_SENDRESPONSE PE_INFO PE_REDIRECT PE_DONE PE_OK
PE_RADIUSCONNECTFAILED PE_MUST_SUPPLY_OLD_PASSWORD PE_FORBIDDENIP
PE_CAPTCHAERROR PE_CAPTCHAEMPTY PE_REGISTERFIRSTACCESS PE_REGISTERFORMEMPTY
PE_REGISTERALREADYEXISTS PE_NOTOKEN PE_TOKENEXPIRED HANDLER PE_U2FFAILED
PE_UNAUTHORIZEDPARTNER PE_RENEWSESSION PE_IDPCHOICE PE_WAIT PE_MUSTREAUTHN
PE_UNAUTHORIZEDPARTNER PE_RENEWSESSION PE_IDPCHOICE PE_WAIT PE_MUSTAUTHN
);
our %EXPORT_TAGS = ( 'all' => [ @EXPORT_OK, 'import' ], );
......
......@@ -24,7 +24,7 @@ our @pList = (
upgradeSession => '::Plugins::Upgrade',
autoSigninRules => '::Plugins::AutoSignin',
checkState => '::Plugins::CheckState',
portalForceReAuthn => '::Plugins::PortalForceReAuthn',
portalForceAuthn => '::Plugins::PortalForceAuthn',
);
##@method list enabledPlugins
......
package Lemonldap::NG::Portal::Plugins::PortalForceReAuthn;
package Lemonldap::NG::Portal::Plugins::PortalForceAuthn;
use Data::Dumper;
use strict;
......@@ -26,7 +26,7 @@ sub run {
if ( $req->env->{HTTP_HOST} and $portalURL =~ qr#\Q$HTTP_HOST# ) {
my $delta = time() - $req->{sessionInfo}->{_utime};
$self->logger->debug( "Delta with last Authn -> " . $delta );
$delta <= $self->conf->{portalForceReAuthnTempo}
$delta <= $self->conf->{portalForceAuthnInterval}
? return PE_OK
: return PE_MUSTREAUTHN;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment