Commit f8e697d5 authored by Christophe Maudoux's avatar Christophe Maudoux

Delete 2F device (#1392)

parent 0af98837
......@@ -52,7 +52,7 @@ sub delSession {
return $self->sendJSONresponse( $req, { result => 1 } );
}
sub deleteU2FKey {
sub delete2F {
my ( $self, $req ) = @_;
return $self->sendJSONresponse( $req, { result => 1 } )
if ( $self->{demoMode} );
......@@ -77,31 +77,31 @@ sub deleteU2FKey {
return $self->sendJSONresponse( $req, { result => 1 } );
}
sub deleteTOTPKey {
my ( $self, $req ) = @_;
return $self->sendJSONresponse( $req, { result => 1 } )
if ( $self->{demoMode} );
my $mod = $self->getMod($req)
or return $self->sendError( $req, undef, 400 );
my $id = $req->params('sessionId')
or return $self->sendError( $req, 'sessionId is missing', 400 );
# Try to read session
my $session = $self->getApacheSession( $mod, $id )
or return $self->sendError( $req, undef, 400 );
# Delete U2F key attributs and update session
$session->data->{_totp2fSecret} = '';
$session->update( \%{ $session->data } );
Lemonldap::NG::Handler::PSGI::Main->localUnlog( $req, $id );
if ( $session->error ) {
return $self->sendError( $req, $session->error, 200 );
}
return $self->sendJSONresponse( $req, { result => 1 } );
}
sub addU2FKey {
#sub deleteTOTP {
#my ( $self, $req ) = @_;
#return $self->sendJSONresponse( $req, { result => 1 } )
#if ( $self->{demoMode} );
#my $mod = $self->getMod($req)
#or return $self->sendError( $req, undef, 400 );
#my $id = $req->params('sessionId')
#or return $self->sendError( $req, 'sessionId is missing', 400 );
## Try to read session
#my $session = $self->getApacheSession( $mod, $id )
#or return $self->sendError( $req, undef, 400 );
## Delete U2F key attributs and update session
#$session->data->{_totp2fSecret} = '';
#$session->update( \%{ $session->data } );
#Lemonldap::NG::Handler::PSGI::Main->localUnlog( $req, $id );
#if ( $session->error ) {
#return $self->sendError( $req, $session->error, 200 );
#}
#return $self->sendJSONresponse( $req, { result => 1 } );
#}
sub add2F {
my ( $self, $req ) = @_;
return $self->sendJSONresponse( $req, { result => 1 } )
if ( $self->{demoMode} );
......@@ -126,30 +126,30 @@ sub addU2FKey {
return $self->sendJSONresponse( $req, { result => 1 } );
}
sub verifyU2FKey {
my ( $self, $req ) = @_;
return $self->sendJSONresponse( $req, { result => 1 } )
if ( $self->{demoMode} );
my $mod = $self->getMod($req)
or return $self->sendError( $req, undef, 400 );
my $id = $req->params('sessionId')
or return $self->sendError( $req, 'sessionId is missing', 400 );
# Try to read session
my $session = $self->getApacheSession( $mod, $id )
or return $self->sendError( $req, undef, 400 );
# Delete U2F key attributs and update session
$session->data->{_u2fKeyHandle} = 'OK';
$session->data->{_u2fUserKey} = 'OK';
$session->update( \%{ $session->data } );
Lemonldap::NG::Handler::PSGI::Main->localUnlog( $req, $id );
if ( $session->error ) {
return $self->sendError( $req, $session->error, 200 );
}
return $self->sendJSONresponse( $req, { result => 1 } );
}
#sub verify2F {
#my ( $self, $req ) = @_;
#return $self->sendJSONresponse( $req, { result => 1 } )
#if ( $self->{demoMode} );
#my $mod = $self->getMod($req)
#or return $self->sendError( $req, undef, 400 );
#my $id = $req->params('sessionId')
#or return $self->sendError( $req, 'sessionId is missing', 400 );
## Try to read session
#my $session = $self->getApacheSession( $mod, $id )
#or return $self->sendError( $req, undef, 400 );
## Delete U2F key attributs and update session
#$session->data->{_u2fKeyHandle} = 'OK';
#$session->data->{_u2fUserKey} = 'OK';
#$session->update( \%{ $session->data } );
#Lemonldap::NG::Handler::PSGI::Main->localUnlog( $req, $id );
#if ( $session->error ) {
#return $self->sendError( $req, $session->error, 200 );
#}
#return $self->sendJSONresponse( $req, { result => 1 } );
#}
sub session {
my ( $self, $req, $id, $skey ) = @_;
......
......@@ -27,7 +27,7 @@ use constant defaultRoute => '2ndfa.html#/persistent';
sub addRoutes {
my ( $self, $conf ) = @_;
# Remote Procedure Call are defined in Lemonldap::NG::Common::Session::REST
# Remote Procedure are defined in Lemonldap::NG::Common::Session::REST
# HTML template
$self->addRoute( '2ndfa.html', undef, ['GET'] )
......@@ -75,21 +75,22 @@ sub delete2FA {
my $mod = $self->getMod($req)
or return $self->sendError( $req, undef, 400 );
my $params = $req->parameters();
my $Key = $params->{Key};
my $params = $req->parameters();
my $type = $params->{type};
my $epoch = $params->{epoch};
if ( $Key =~ /\bU2F\b/ ) {
$self->logger->debug("Call procedure deleteU2F");
return $self->deleteU2F( $req, $session, $skey );
}
elsif ( $Key =~ /\bTOTP\b/ ) {
$self->logger->debug("Call procedure deleteTOTP");
return $self->deleteTOTP( $req, $session, $skey );
}
elsif ( $Key =~ /\bUBK\b/ ) {
$self->logger->debug("Call procedure deleteUBK");
return $self->deleteUBK( $req, $session, $skey );
if ( $type =~ /\b(?:U2F|TOTP|UBK)\b/ and $epoch ) {
$self->logger->debug("Call procedure delete2F with type=$type and epoch=$epoch");
return $self->delete2F( $req, $session, $skey );
}
#elsif ( $type =~ /\bTOTP\b/ ) {
#$self->logger->debug("Call procedure deleteTOTP");
#return $self->deleteTOTP( $req, $session, $skey );
#}
#elsif ( $type =~ /\bUBK\b/ ) {
#$self->logger->debug("Call procedure deleteUBK");
#return $self->deleteUBK( $req, $session, $skey );
#}
else {
return $self->sendError( $req, undef, 400 );
}
......
......@@ -153,23 +153,11 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location',
$scope.data = []
$scope.updateTree2 '', $scope.data, 0, 0
# Delete U2F key
$scope.deleteU2FKey = ->
# Delete 2FA device
$scope.delete2FA (type, myDate) = ->
epoch = myDate.getTime() / 1000
$scope.waiting = true
$http['delete']("#{scriptname}sfa/#{sessionType}/#{$scope.currentSession.id}?Key=U2F").then (response) ->
$scope.currentSession = null
$scope.currentScope.remove()
$scope.waiting = false
, (resp) ->
$scope.currentSession = null
$scope.currentScope.remove()
$scope.waiting = false
$scope.showT = false
# Delete TOTP key
$scope.deleteTOTPKey = ->
$scope.waiting = true
$http['delete']("#{scriptname}sfa/#{sessionType}/#{$scope.currentSession.id}?Key=TOTP").then (response) ->
$http['delete']("#{scriptname}sfa/#{sessionType}/#{$scope.currentSession.id}?type=#{type}&epoch=#{epoch}").then (response) ->
$scope.currentSession = null
$scope.currentScope.remove()
$scope.waiting = false
......@@ -179,57 +167,32 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location',
$scope.waiting = false
$scope.showT = false
# Add U2F key
$scope.addU2FKey = ->
$scope.waiting = true
$http['put']("#{scriptname}sfa/#{sessionType}/#{$scope.currentSession.id}?Key=U2F").then (response) ->
$scope.currentSession = null
$scope.currentScope.remove()
$scope.waiting = false
, (resp) ->
$scope.currentSession = null
$scope.currentScope.remove()
$scope.waiting = false
$scope.showT = false
# Add TOTP key
$scope.addTOTPKey = ->
$scope.waiting = true
$http['put']("#{scriptname}sfa/#{sessionType}/#{$scope.currentSession.id}?Key=TOTP").then (response) ->
$scope.currentSession = null
$scope.currentScope.remove()
$scope.waiting = false
, (resp) ->
$scope.currentSession = null
$scope.currentScope.remove()
$scope.waiting = false
$scope.showT = false
# Verify U2F key
$scope.verifyU2FKey = ->
$scope.waiting = true
$http['post']("#{scriptname}sfa/#{sessionType}/#{$scope.currentSession.id}?Key=U2F").then (response) ->
$scope.currentSession = null
$scope.currentScope.remove()
$scope.waiting = false
, (resp) ->
$scope.currentSession = null
$scope.currentScope.remove()
$scope.waiting = false
$scope.showT = true
# Verify TOTP key
$scope.verifyTOTPKey = ->
$scope.waiting = true
$http['post']("#{scriptname}sfa/#{sessionType}/#{$scope.currentSession.id}?Key=TOTP").then (response) ->
$scope.currentSession = null
$scope.currentScope.remove()
$scope.waiting = false
, (resp) ->
$scope.currentSession = null
$scope.currentScope.remove()
$scope.waiting = false
$scope.showT = true
## Add 2FA device
#$scope.add2FA (type) = ->
#$scope.waiting = true
#$http['put']("#{scriptname}sfa/#{sessionType}/#{$scope.currentSession.id}?Key=U2F").then (response) ->
#$scope.currentSession = null
#$scope.currentScope.remove()
#$scope.waiting = false
#, (resp) ->
#$scope.currentSession = null
#$scope.currentScope.remove()
#$scope.waiting = false
#$scope.showT = false
## Verify 2FA device
#$scope.verify2FA (epoch) = ->
#$scope.waiting = true
#$http['post']("#{scriptname}sfa/#{sessionType}/#{$scope.currentSession.id}?Key=TOTP").then (response) ->
#$scope.currentSession = null
#$scope.currentScope.remove()
#$scope.waiting = false
#, (resp) ->
#$scope.currentSession = null
#$scope.currentScope.remove()
#$scope.waiting = false
#$scope.showT = true
# Open node
$scope.stoggle = (scope) ->
......@@ -297,12 +260,13 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location',
if key == 'name'
name = value
if key == 'epoch'
epoch = value
newDate = new Date(value * 1000)
myDate = newDate.toLocaleString()
subres.push
title: title
value: name
epoch: myDate
epoch: value
delete session[attr]
else
subres.push
......@@ -498,3 +462,5 @@ llapp.controller 'SessionsExplorerCtrl', ['$scope', '$translator', '$location',
$scope.type = if c then c[1] else '_whatToTrace'
]
......@@ -664,7 +664,7 @@
"security":"Security",
"serverError":"Server error",
"session":"session",
"sessions":"Sessions",
"sessions":"sessions",
"session_s":"session(s)",
"sessionDataToRemember":"Session data to store",
"sessionDeleted":"The session was deleted",
......
......@@ -664,7 +664,7 @@
"security":"Sécurité",
"serverError":"Erreur du serveur",
"session":"session",
"sessions":"Sessions",
"sessions":"sessions",
"session_s":"session(s)",
"sessionDataToRemember":"Données de session à conserver",
"sessionDeleted":"La session a été supprimée",
......
......@@ -665,7 +665,7 @@
"serverError":"Lỗi máy chủ",
"session":"phiên",
"sessions":"Phiên",
"session_s":"session (s)",
"session_s":"session(s)",
"sessionDataToRemember":"Dữ liệu phiên để lưu trữ",
"sessionDeleted":"Phiên đã bị xóa",
"sessionParams":"Phiên",
......
......@@ -84,13 +84,20 @@
</table>
</div>
<div ng-if="!node.nodes">
<th>{{translate(node.title)}}</th>
<td><span id="v-{{node.title}}"/>{{translate(node.value)}}</td>
<td><span id="v-{{node.epoch}}"/>{{translate(node.epoch)}}</td>
<span device={{node.type}} epoch={{node.epoch}}>
<th ng-if="node.title=='type'">{{translate(node.title)}}</th>
<td ng-if="node.title!='type'">{{node.title}}</td>
<th ng-if="node.title=='type'"><span id="v-{{node.value}}">{{translate(node.value)}}</span></th>
<td ng-if="node.title!='type'"><span id="v-{{node.value}}">{{node.value}}</span></td>
<th ng-if="node.title=='type'"><span id="v-{{node.epoch}}">{{translate(node.epoch)}}</span></th>
<td ng-if="node.title!='type'" class="data-epoch"><span id="v-{{node.epoch}}">{{node.epoch}}</span></td>
<td>
<span ng-if="node.title=='TOTP' || node.title=='UBK' || node.title=='U2F'" class="link text-danger glyphicon glyphicon-minus-sign" ng-click="del(currentNode.nodes,$index)" />
<span ng-if="$last && ( node.title=='TOTP' || node.title=='UBK' || node.title=='U2F' )" class="link text-success glyphicon glyphicon-plus-sign" ng-click="menuClick({title:'newRule'})"/>
<span ng-if="node.title=='TOTP' || node.title=='UBK' || node.title=='U2F'" class="link text-danger glyphicon glyphicon-minus-sign" ng-click="delete2FA(node.type, node.epoch)"></span>
<!--
<span ng-if="$last && ( node.title=='TOTP' || node.title=='UBK' || node.title=='U2F' )" class="link text-success glyphicon glyphicon-plus-sign" ng-click="menuClick({title:'newRule'})"></span>
-->
</td>
</span>
</div>
</script>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment