Commit e40d8ccc authored by Xavier Guimard's avatar Xavier Guimard

CheckState plugin (fixes: #1400)

parent 86283952
......@@ -129,7 +129,7 @@
.\" ========================================================================
.\"
.IX Title "llng-fastcgi-server 1"
.TH llng-fastcgi-server 1 "2018-03-22" "perl v5.26.1" "User Contributed Perl Documentation"
.TH llng-fastcgi-server 1 "2018-05-13" "perl v5.26.2" "User Contributed Perl Documentation"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
......
......@@ -753,6 +753,12 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
'cfgVersion' => {
'type' => 'text'
},
'checkState' => {
'type' => 'bool'
},
'checkStateSecret' => {
'type' => 'text'
},
'checkXSS' => {
'default' => 1,
'type' => 'bool'
......
......@@ -368,6 +368,14 @@ sub attributes {
type => 'bool',
documentation => 'Enable StayConnected plugin',
},
checkState => {
type => 'bool',
documentation => 'Enable CheckState plugin',
},
checkStateSecret => {
type => 'text',
documentation => 'Secret token for CheckState plugin',
},
# Loggers (ini only)
logLevel => {
......
......@@ -635,6 +635,11 @@ sub tree {
help => 'autoSignin.html',
nodes => ['autoSigninRules'],
},
{
title => 'stateCheck',
help => 'checkstate.html',
nodes => [ 'checkState', 'checkStateSecret', ],
},
]
},
{
......
......@@ -146,6 +146,8 @@
"cfgVersion":"عملية ضبط الإصدارات",
"checkXSS":"تحقق من هجمات XSS",
"clickHereToForce":"انقر هنا لإجبار",
"checkState":"Activation",
"checkStateSecret":"Shared secret",
"choiceParams":"اختيارالإعدادات",
"chooseLogo":"اختيار الشعار",
"chooseSkin":"اختيار الغلاف",
......@@ -704,6 +706,7 @@
"SSLVar":"حقل الشهادة الرقمية المستخرجة",
"SSLVarIf":"حقل الشهادة الرقمية المستخرجة الشرطية",
"ssoSessions":"جلسات السسو",
"stateCheck":"State Check",
"stayConnected":"الاتصالات المستمرة",
"successfullySaved":"تم الحفظ بنجاح",
"storePassword":"تخزين كلمة مرور المستخدم في بيانات الجلسة",
......
......@@ -146,6 +146,8 @@
"cfgVersion":"Configuration version",
"checkXSS":"Check XSS attacks",
"clickHereToForce":"Click here to force",
"checkState":"Activation",
"checkStateSecret":"Shared secret",
"choiceParams":"Choice parameters",
"chooseLogo":"Choose logo",
"chooseSkin":"Choose skin",
......@@ -704,6 +706,7 @@
"SSLVar":"Extracted certificate field",
"SSLVarIf":"Conditional extracted certificate field",
"ssoSessions":"SSO sessions",
"stateCheck":"State Check",
"stayConnected":"Persistent connections",
"successfullySaved":"Successfully saved",
"storePassword":"Store user password in session datas",
......
......@@ -146,6 +146,8 @@
"cfgVersion":"Version de la configuration",
"checkXSS":"Contrôler les attaques XSS",
"clickHereToForce":"Cliquer ici pour forcer",
"checkState":"Activation",
"checkStateSecret":"Secret partagé",
"choiceParams":"Paramètres des choix",
"chooseLogo":"Choisir le logo",
"chooseSkin":"Choisir le thème",
......@@ -704,6 +706,7 @@
"SSLVar":"Champ extrait du certificat",
"SSLVarIf":"Champ conditionnel extrait du certificat",
"ssoSessions":"Sessions SSO",
"stateCheck":"Vérification de l'état",
"stayConnected":"Connexions persistantes",
"successfullySaved":"Sauvegarde effectuée",
"storePassword":"Stocke le mot de passe de l'utilisateur en session",
......
......@@ -146,6 +146,8 @@
"cfgVersion":"Versione configurazione",
"checkXSS":"Verifica attacchi XSS",
"clickHereToForce":"Clicca qui per forzare",
"checkState":"Activation",
"checkStateSecret":"Shared secret",
"choiceParams":"Scelta parametri",
"chooseLogo":"Scegli logo",
"chooseSkin":"Scegli interfaccia",
......@@ -704,6 +706,7 @@
"SSLVar":"Campo certificato estratto",
"SSLVarIf":"Campo di certificato estratto condizionale",
"ssoSessions":"Sessioni SSO",
"stateCheck":"State Check",
"stayConnected":"Connessioni persistenti",
"successfullySaved":"Salvato con successo",
"storePassword":"Memorizzare la password dell'utente nei dati di sessione",
......
......@@ -146,6 +146,8 @@
"cfgVersion":"Phiên bản cấu hình",
"checkXSS":"Kiểm tra tấn công XSS",
"clickHereToForce":"Nhấp vào đây để bắt buộc",
"checkState":"Activation",
"checkStateSecret":"Shared secret",
"choiceParams":"Các tham số lựa chọn",
"chooseLogo":"Chọn logo",
"chooseSkin":"Chọn giao diện",
......@@ -659,8 +661,8 @@
"save":"Lưu",
"saveReport":"Lưu báo cáo",
"savingConfirmation":"Lưu xác nhận",
"secondFactors":"Second factors",
"search":"Search ...",
"secondFactors":"Second factors",
"securedCookie":"Cookie bảo mật (SSL)",
"security":"An ninh",
"serverError":"Lỗi máy chủ",
......@@ -704,6 +706,7 @@
"SSLVar":"Trích xuất trường chứng chỉ",
"SSLVarIf":"Trích xuất trường chứng chỉ có điều kiện",
"ssoSessions":"Phiên SSO",
"stateCheck":"State Check",
"stayConnected":"Duy trì kết nối",
"successfullySaved":"Lưu thành công",
"storePassword":"Lưu trữ mật khẩu người dùng trong các dữ liệu phiên",
......
This source diff could not be displayed because it is too large. You can view the blob instead.
......@@ -94,6 +94,7 @@ lib/Lemonldap/NG/Portal/Password/Null.pm
lib/Lemonldap/NG/Portal/Password/REST.pm
lib/Lemonldap/NG/Portal/Plugins/AutoSignin.pm
lib/Lemonldap/NG/Portal/Plugins/CDA.pm
lib/Lemonldap/NG/Portal/Plugins/CheckState.pm
lib/Lemonldap/NG/Portal/Plugins/GrantSession.pm
lib/Lemonldap/NG/Portal/Plugins/History.pm
lib/Lemonldap/NG/Portal/Plugins/MailReset.pm
......
......@@ -22,6 +22,7 @@ our @pList = (
grantSessionRule => '::Plugins::GrantSession',
upgradeSession => '::Plugins::Upgrade',
autoSigninRules => '::Plugins::AutoSignin',
checkState => '::Plugins::CheckState',
);
##@method list enabledPlugins
......
# Check state plugin
#
# test if portal is well loaded. If user/pasword parameters are set, it tests
# also login process
package Lemonldap::NG::Portal::Plugins::CheckState;
use strict;
use Mouse;
our $VERSION = '2.0.0';
extends 'Lemonldap::NG::Portal::Main::Plugin';
# INITIALIZATION
sub init {
my ($self) = @_;
unless ( $self->conf->{checkStateSecret} ) {
$self->logger->error(
'checkStateSecret is required for "check state" plugin');
return 0;
}
$self->addUnauthRoute( checkstate => 'check', ['GET'] );
return 1;
}
sub check {
my ( $self, $req ) = @_;
my @rep;
unless ($req->param('secret')
and $req->param('secret') eq $self->conf->{checkStateSecret} )
{
return $self->p->sendError( $req, 'Bad secret' );
}
$req->steps( [ 'controlUrl', @{ $self->p->beforeAuth } ] );
my $res = $self->p->process($req);
if ( $res > 0 ) {
push @rep, "Bad result before auth: $res";
}
if ( my $user = $req->param('user') and my $pwd = $req->param('password') )
{
# Note that "extractFormInfo" isn't launched due to "token"
$req->user($user);
$req->datas->{password} = $pwd;
$req->steps(
[
'getUser', 'authenticate',
@{ $self->p->betweenAuthAndDatas }, $self->p->sessionDatas,
@{ $self->p->afterDatas }
]
);
if ( $res = $self->p->process( $req, ) ) {
push @rep, "Bad result during auth: $res";
}
$self->p->deleteSession($req);
}
if (@rep) {
return $self->p->sendError( $req, join( ",\n", @rep ), 500 );
}
else {
return $self->p->sendJSONresponse( $req, { result => 1 } );
}
}
1;
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment