Commit fcac69fe authored by Christophe Maudoux's avatar Christophe Maudoux

Merge branch 'v2.0' of gitlab.ow2.org:lemonldap-ng/lemonldap-ng into v2.0

parents 15308411 f35a7c30
...@@ -15,9 +15,9 @@ sub defaultValues { ...@@ -15,9 +15,9 @@ sub defaultValues {
'type' => 'category' 'type' => 'category'
} }
}, },
'authChoiceParam' => 'lmAuth', 'authChoiceParam' => 'lmAuth',
'authentication' => 'Demo', 'authentication' => 'Demo',
'available2F' => 'UTOTP,TOTP,U2F,REST,Ext2F,Yubikey', 'available2F' => 'UTOTP,TOTP,U2F,REST,Mail2F,Ext2F,Yubikey',
'available2FSelfRegistration' => 'TOTP,U2F,Yubikey', 'available2FSelfRegistration' => 'TOTP,U2F,Yubikey',
'bruteForceProtectionMaxAge' => 300, 'bruteForceProtectionMaxAge' => 300,
'bruteForceProtectionMaxFailed' => 3, 'bruteForceProtectionMaxFailed' => 3,
...@@ -119,6 +119,8 @@ sub defaultValues { ...@@ -119,6 +119,8 @@ sub defaultValues {
}, },
'logoutServices' => {}, 'logoutServices' => {},
'macros' => {}, 'macros' => {},
'mail2fActivation' => 0,
'mail2fCodeRegex' => '\\d\\d\\d\\d\\d\\d',
'mailCharset' => 'utf-8', 'mailCharset' => 'utf-8',
'mailFrom' => 'noreply@example.com', 'mailFrom' => 'noreply@example.com',
'mailSessionKey' => 'mail', 'mailSessionKey' => 'mail',
......
...@@ -105,6 +105,7 @@ sub portalTab { ...@@ -105,6 +105,7 @@ sub portalTab {
85 => 'PE_RENEWSESSION', 85 => 'PE_RENEWSESSION',
86 => 'PE_WAIT', 86 => 'PE_WAIT',
87 => 'PE_MUSTAUTHN', 87 => 'PE_MUSTAUTHN',
88 => 'PE_MUSTHAVEMAIL',
}; };
} }
......
...@@ -600,7 +600,7 @@ sub attributes { ...@@ -600,7 +600,7 @@ sub attributes {
'type' => 'keyTextContainer' 'type' => 'keyTextContainer'
}, },
'available2F' => { 'available2F' => {
'default' => 'UTOTP,TOTP,U2F,REST,Ext2F,Yubikey', 'default' => 'UTOTP,TOTP,U2F,REST,Mail2F,Ext2F,Yubikey',
'type' => 'text' 'type' => 'text'
}, },
'available2FSelfRegistration' => { 'available2FSelfRegistration' => {
...@@ -1562,6 +1562,29 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][ ...@@ -1562,6 +1562,29 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
}, },
'type' => 'keyTextContainer' 'type' => 'keyTextContainer'
}, },
'mail2fActivation' => {
'default' => 0,
'type' => 'boolOrExpr'
},
'mail2fAuthnLevel' => {
'type' => 'int'
},
'mail2fBody' => {
'type' => 'longtext'
},
'mail2fCodeRegex' => {
'default' => '\\d\\d\\d\\d\\d\\d',
'type' => 'pcre'
},
'mail2fLogo' => {
'type' => 'text'
},
'mail2fSubject' => {
'type' => 'text'
},
'mail2fTimeout' => {
'type' => 'int'
},
'mailBody' => { 'mailBody' => {
'type' => 'longtext' 'type' => 'longtext'
}, },
...@@ -3072,19 +3095,19 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.] ...@@ -3072,19 +3095,19 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
'default' => 0, 'default' => 0,
'select' => [ 'select' => [
{ {
'k' => '0', 'k' => 0,
'v' => 'unsecuredCookie' 'v' => 'unsecuredCookie'
}, },
{ {
'k' => '1', 'k' => 1,
'v' => 'securedCookie' 'v' => 'securedCookie'
}, },
{ {
'k' => '2', 'k' => 2,
'v' => 'doubleCookie' 'v' => 'doubleCookie'
}, },
{ {
'k' => '3', 'k' => 3,
'v' => 'doubleCookieForSingleSession' 'v' => 'doubleCookieForSingleSession'
} }
], ],
......
...@@ -1303,6 +1303,39 @@ sub attributes { ...@@ -1303,6 +1303,39 @@ sub attributes {
'Authentication level for users authentified by password+(U2F or TOTP)' 'Authentication level for users authentified by password+(U2F or TOTP)'
}, },
# Mail second factor
mail2fActivation => {
type => 'boolOrExpr',
default => 0,
documentation => 'Mail second factor activation',
},
mail2fSubject => {
type => 'text',
documentation => 'Mail subject for second factor authentication',
},
mail2fBody => {
type => 'longtext',
documentation => 'Mail body for second factor authentication',
},
mail2fCodeRegex => {
type => 'pcre',
default => '\d\d\d\d\d\d',
documentation => 'Regular expression to create a mail OTP code',
},
mail2fTimeout => {
type => 'int',
documentation => 'Second factor code timeout',
},
mail2fAuthnLevel => {
type => 'int',
documentation =>
'Authentication level for users authenticated by Mail second factor'
},
mail2fLogo => {
type => 'text',
documentation => 'Custom logo for Mail 2F',
},
# External second factor # External second factor
ext2fActivation => { ext2fActivation => {
type => 'boolOrExpr', type => 'boolOrExpr',
...@@ -2380,7 +2413,7 @@ sub attributes { ...@@ -2380,7 +2413,7 @@ sub attributes {
}, },
available2F => { available2F => {
type => 'text', type => 'text',
default => 'UTOTP,TOTP,U2F,REST,Ext2F,Yubikey', default => 'UTOTP,TOTP,U2F,REST,Mail2F,Ext2F,Yubikey',
documentation => 'Available second factor modules', documentation => 'Available second factor modules',
}, },
available2FSelfRegistration => { available2FSelfRegistration => {
......
...@@ -618,6 +618,19 @@ sub tree { ...@@ -618,6 +618,19 @@ sub tree {
'u2fUserCanRemoveKey', 'u2fUserCanRemoveKey',
] ]
}, },
{ title => 'mail2f',
help => 'mail2f.html',
form => 'simpleInputContainer',
nodes => [
'mail2fActivation',
'mail2fCodeRegex',
'mail2fTimeout',
'mail2fSubject',
'mail2fBody',
'mail2fAuthnLevel',
'mail2fLogo',
]
},
{ title => 'external2f', { title => 'external2f',
help => 'external2f.html', help => 'external2f.html',
form => 'simpleInputContainer', form => 'simpleInputContainer',
......
...@@ -325,7 +325,11 @@ sub tests { ...@@ -325,7 +325,11 @@ sub tests {
if ($@); if ($@);
# Create SMTP object # Create SMTP object
my $smtp = Net::SMTP->new( $conf->{SMTPServer}, Timeout => 5 ); my $smtp = Net::SMTP->new(
$conf->{SMTPServer},
Timeout => 5,
( $conf->{SMTPPort} ? ( Port => $conf->{SMTPPort} ) : () ),
);
return ( 1, return ( 1,
"SMTP connection to " . $conf->{SMTPServer} . " failed" ) "SMTP connection to " . $conf->{SMTPServer} . " failed" )
unless ($smtp); unless ($smtp);
......
...@@ -380,6 +380,14 @@ ...@@ -380,6 +380,14 @@
"lwpOpts":"خيارات لطلبات الخادم", "lwpOpts":"خيارات لطلبات الخادم",
"lwpSslOpts":"خيارات سسل لطلبات الخادم", "lwpSslOpts":"خيارات سسل لطلبات الخادم",
"macros":"ماكرو", "macros":"ماكرو",
"mail2f":"Mail second factor",
"mail2fActivation":"Activation",
"mail2fCodeRegex":"Code regex",
"mail2fTimeout":"Code timeout",
"mail2fSubject":"Mail subject",
"mail2fBody":"Mail body",
"mail2fAuthnLevel":"Authentication level",
"mail2fLogo":"Logo",
"mailBody":"محتوى البريد الناجح", "mailBody":"محتوى البريد الناجح",
"mailCharset":"charset", "mailCharset":"charset",
"mailConfirmBody":"تأكيد محتوى البريد", "mailConfirmBody":"تأكيد محتوى البريد",
......
...@@ -380,6 +380,14 @@ ...@@ -380,6 +380,14 @@
"lwpOpts":"Options for server requests", "lwpOpts":"Options for server requests",
"lwpSslOpts":"SSL options for server requests", "lwpSslOpts":"SSL options for server requests",
"macros":"Macros", "macros":"Macros",
"mail2f":"Mail second factor",
"mail2fActivation":"Activation",
"mail2fCodeRegex":"Code regex",
"mail2fTimeout":"Code timeout",
"mail2fSubject":"Mail subject",
"mail2fBody":"Mail body",
"mail2fAuthnLevel":"Authentication level",
"mail2fLogo":"Logo",
"mailBody":"Success mail content", "mailBody":"Success mail content",
"mailCharset":"Charset", "mailCharset":"Charset",
"mailConfirmBody":"Confirmation mail content", "mailConfirmBody":"Confirmation mail content",
......
...@@ -380,6 +380,14 @@ ...@@ -380,6 +380,14 @@
"lwpOpts":"Options for server requests", "lwpOpts":"Options for server requests",
"lwpSslOpts":"SSL options for server requests", "lwpSslOpts":"SSL options for server requests",
"macros":"Macros", "macros":"Macros",
"mail2f":"Mail second factor",
"mail2fActivation":"Activation",
"mail2fCodeRegex":"Code regex",
"mail2fTimeout":"Code timeout",
"mail2fSubject":"Mail subject",
"mail2fBody":"Mail body",
"mail2fAuthnLevel":"Authentication level",
"mail2fLogo":"Logo",
"mailBody":"Success mail content", "mailBody":"Success mail content",
"mailCharset":"Charset", "mailCharset":"Charset",
"mailConfirmBody":"Confirmation mail content", "mailConfirmBody":"Confirmation mail content",
......
...@@ -380,6 +380,14 @@ ...@@ -380,6 +380,14 @@
"lwpOpts":"Options pour les requêtes serveur", "lwpOpts":"Options pour les requêtes serveur",
"lwpSslOpts":"Options SSL pour les requêtes serveur", "lwpSslOpts":"Options SSL pour les requêtes serveur",
"macros":"Macros", "macros":"Macros",
"mail2f":"Second facteur par mail",
"mail2fActivation":"Activation",
"mail2fCodeRegex":"Expression régulière pour la génération du code",
"mail2fTimeout":"Délai d'expiration du code",
"mail2fSubject":"Sujet du message d'envoi du code",
"mail2fBody":"Contenu du message d'envoi du code",
"mail2fAuthnLevel":"Niveau de l'authentification",
"mail2fLogo":"Logo",
"mailBody":"Contenu du message de succès", "mailBody":"Contenu du message de succès",
"mailCharset":"Charset", "mailCharset":"Charset",
"mailConfirmBody":"Contenu du message de confirmation", "mailConfirmBody":"Contenu du message de confirmation",
......
...@@ -381,6 +381,14 @@ ...@@ -381,6 +381,14 @@
"lwpSslOpts":"Opzioni SSL per le richieste del server", "lwpSslOpts":"Opzioni SSL per le richieste del server",
"macros":"Macro", "macros":"Macro",
"mailBody":"Successo contenuto di posta", "mailBody":"Successo contenuto di posta",
"mail2f":"Mail second factor",
"mail2fActivation":"Activation",
"mail2fCodeRegex":"Code regex",
"mail2fTimeout":"Code timeout",
"mail2fSubject":"Mail subject",
"mail2fBody":"Mail body",
"mail2fAuthnLevel":"Authentication level",
"mail2fLogo":"Logo",
"mailCharset":"Charset", "mailCharset":"Charset",
"mailConfirmBody":"Contenuto della mail di conferma", "mailConfirmBody":"Contenuto della mail di conferma",
"mailConfirmSubject":"Soggetto della mail di conferma", "mailConfirmSubject":"Soggetto della mail di conferma",
......
...@@ -381,6 +381,14 @@ ...@@ -381,6 +381,14 @@
"lwpSslOpts":"Tùy chọn SSL cho yêu cầu máy chủ", "lwpSslOpts":"Tùy chọn SSL cho yêu cầu máy chủ",
"macros":"Macros", "macros":"Macros",
"mailBody":"Nội dung thư thành công", "mailBody":"Nội dung thư thành công",
"mail2f":"Mail second factor",
"mail2fActivation":"Activation",
"mail2fCodeRegex":"Code regex",
"mail2fTimeout":"Code timeout",
"mail2fSubject":"Mail subject",
"mail2fBody":"Mail body",
"mail2fAuthnLevel":"Authentication level",
"mail2fLogo":"Logo",
"mailCharset":"Charset", "mailCharset":"Charset",
"mailConfirmBody":"Xác nhận nội dung thư", "mailConfirmBody":"Xác nhận nội dung thư",
"mailConfirmSubject":"Xác nhận chủ đề thư", "mailConfirmSubject":"Xác nhận chủ đề thư",
......
...@@ -380,6 +380,14 @@ ...@@ -380,6 +380,14 @@
"lwpOpts":"Options for server requests", "lwpOpts":"Options for server requests",
"lwpSslOpts":"SSL options for server requests", "lwpSslOpts":"SSL options for server requests",
"macros":"Macros", "macros":"Macros",
"mail2f":"Mail second factor",
"mail2fActivation":"Activation",
"mail2fCodeRegex":"Code regex",
"mail2fTimeout":"Code timeout",
"mail2fSubject":"Mail subject",
"mail2fBody":"Mail body",
"mail2fAuthnLevel":"Authentication level",
"mail2fLogo":"Logo",
"mailBody":"Success mail content", "mailBody":"Success mail content",
"mailCharset":"Charset", "mailCharset":"Charset",
"mailConfirmBody":"Confirmation mail content", "mailConfirmBody":"Confirmation mail content",
......
This source diff could not be displayed because it is too large. You can view the blob instead.
...@@ -8,6 +8,7 @@ inc/LWP/Protocol/PSGI.pm ...@@ -8,6 +8,7 @@ inc/LWP/Protocol/PSGI.pm
lib/Lemonldap/NG/Portal.pm lib/Lemonldap/NG/Portal.pm
lib/Lemonldap/NG/Portal/2F/Engines/Default.pm lib/Lemonldap/NG/Portal/2F/Engines/Default.pm
lib/Lemonldap/NG/Portal/2F/Ext2F.pm lib/Lemonldap/NG/Portal/2F/Ext2F.pm
lib/Lemonldap/NG/Portal/2F/Mail2F.pm
lib/Lemonldap/NG/Portal/2F/Register/TOTP.pm lib/Lemonldap/NG/Portal/2F/Register/TOTP.pm
lib/Lemonldap/NG/Portal/2F/Register/U2F.pm lib/Lemonldap/NG/Portal/2F/Register/U2F.pm
lib/Lemonldap/NG/Portal/2F/Register/Yubikey.pm lib/Lemonldap/NG/Portal/2F/Register/Yubikey.pm
...@@ -380,6 +381,7 @@ site/templates/common/mail/fr.json ...@@ -380,6 +381,7 @@ site/templates/common/mail/fr.json
site/templates/common/mail/it.json site/templates/common/mail/it.json
site/templates/common/mail/vi.json site/templates/common/mail/vi.json
site/templates/common/mail/zh_CN.json site/templates/common/mail/zh_CN.json
site/templates/common/mail_2fcode.tpl
site/templates/common/mail_confirm.tpl site/templates/common/mail_confirm.tpl
site/templates/common/mail_footer.tpl site/templates/common/mail_footer.tpl
site/templates/common/mail_header.tpl site/templates/common/mail_header.tpl
......
package Lemonldap::NG::Portal::2F::Mail2F;
use strict;
use Mouse;
use String::Random;
use Lemonldap::NG::Portal::Main::Constants qw(
PE_BADCREDENTIALS
PE_ERROR
PE_FORMEMPTY
PE_OK
PE_SENDRESPONSE
PE_MUSTHAVEMAIL
);
our $VERSION = '2.0.2';
extends 'Lemonldap::NG::Portal::Main::SecondFactor',
'Lemonldap::NG::Portal::Lib::SMTP';
# INITIALIZATION
has prefix => ( is => 'ro', default => 'mail' );
has random => (
is => 'rw',
default => sub {
return String::Random->new;
}
);
has ott => (
is => 'rw',
lazy => 1,
default => sub {
my $ott =
$_[0]->{p}->loadModule('Lemonldap::NG::Portal::Lib::OneTimeToken');
$ott->timeout( $_[0]->{conf}->{mail2fTimeout}
|| $_[0]->{conf}->{formTimeout} );
return $ott;
}
);
sub init {
my ($self) = @_;
foreach (qw(mail2fCodeRegex mailSessionKey)) {
unless ( $self->conf->{$_} ) {
$self->error("Missing $_ parameter, aborting");
return 0;
}
}
$self->logo( $self->conf->{mail2fLogo} )
if ( $self->conf->{mail2fLogo} );
return $self->SUPER::init();
}
# RUNNING METHODS
sub run {
my ( $self, $req, $token ) = @_;
my $checkLogins = $req->param('checkLogins');
my $code = $self->random->randregex( $self->conf->{mail2fCodeRegex} );
$self->logger->debug("Generated two-factor code: $code");
$self->ott->updateToken( $token, __mail2fcode => $code );
my $dest = $req->{sessionInfo}->{ $self->conf->{mailSessionKey} };
unless ($dest) {
$self->logger->error( "Could not find mail attribute for login "
. $req->{sessionInfo}->{_user} );
return PE_MUSTHAVEMAIL;
}
# Build mail content
my %tplPrms;
$tplPrms{MAIN_LOGO} = $self->conf->{portalMainLogo};
my $tr = $self->translate($req);
my $subject = $self->conf->{mail2fSubject};
unless ($subject) {
$subject = 'mail2fSubject';
$tr->( \$subject );
}
my $body;
my $html;
if ( $self->conf->{mail2fBody} ) {
# We use a specific text message, no html
$body = $self->conf->{mail2fBody};
}
else {
# Use HTML template
$body = $self->loadTemplate(
'mail_2fcode',
filter => $tr,
params => \%tplPrms
);
$html = 1;
}
# Replace variables in body
$body =~ s/\$code/$code/g;
$body =~ s/\$(\w+)/$req->{sessionInfo}->{$1} || ''/ge;
# Send mail
unless ( $self->send_mail( $dest, $subject, $body, $html ) ) {
$self->logger->error( 'Unable to send 2F code mail to ' . $dest );
return PE_ERROR;
}
# Prepare form
my $tmp = $self->p->sendHtml(
$req,
'ext2fcheck',
params => {
MAIN_LOGO => $self->conf->{portalMainLogo},
SKIN => $self->conf->{portalSkin},
TOKEN => $token,
TARGET => '/' . $self->prefix . '2fcheck',
CHECKLOGINS => $checkLogins
}
);
$req->response($tmp);
return PE_SENDRESPONSE;
}
sub verify {
my ( $self, $req, $session ) = @_;
my $usercode;
unless ( $usercode = $req->param('code') ) {
$self->logger->error('Mail2F: no code');
return PE_FORMEMPTY;
}
my $savedcode = $session->{__mail2fcode};
unless ($savedcode) {
$self->logger->error(
'Unable to find generated 2F code in token session');
return PE_ERROR;
}
$self->logger->debug("Verifying Mail 2F code: $usercode againt $savedcode");
if ( $usercode eq $savedcode ) {
return PE_OK;
}
else {
$self->userLogger->warn( 'Second factor failed for '
. $session->{ $self->conf->{whatToTrace} } );
return PE_BADCREDENTIALS;
}
}
1;
...@@ -3,7 +3,7 @@ package Lemonldap::NG::Portal::Main::Constants; ...@@ -3,7 +3,7 @@ package Lemonldap::NG::Portal::Main::Constants;
use strict; use strict;
use Exporter 'import'; use Exporter 'import';
our $VERSION = '2.0.0'; our $VERSION = '2.0.2';
use constant HANDLER => 'Lemonldap::NG::Handler::PSGI::Main'; use constant HANDLER => 'Lemonldap::NG::Handler::PSGI::Main';
use constant { use constant {
...@@ -93,6 +93,7 @@ use constant { ...@@ -93,6 +93,7 @@ use constant {
PE_RENEWSESSION => 85, PE_RENEWSESSION => 85,
PE_WAIT => 86, PE_WAIT => 86,
PE_MUSTAUTHN => 87, PE_MUSTAUTHN => 87,
PE_MUSTHAVEMAIL => 88,
}; };
# EXPORTER PARAMETERS # EXPORTER PARAMETERS
...@@ -118,7 +119,8 @@ our @EXPORT_OK = qw( PE_SENDRESPONSE PE_INFO PE_REDIRECT PE_DONE PE_OK ...@@ -118,7 +119,8 @@ our @EXPORT_OK = qw( PE_SENDRESPONSE PE_INFO PE_REDIRECT PE_DONE PE_OK
PE_RADIUSCONNECTFAILED PE_MUST_SUPPLY_OLD_PASSWORD PE_FORBIDDENIP PE_RADIUSCONNECTFAILED PE_MUST_SUPPLY_OLD_PASSWORD PE_FORBIDDENIP
PE_CAPTCHAERROR PE_CAPTCHAEMPTY PE_REGISTERFIRSTACCESS PE_REGISTERFORMEMPTY PE_CAPTCHAERROR PE_CAPTCHAEMPTY PE_REGISTERFIRSTACCESS PE_REGISTERFORMEMPTY
PE_REGISTERALREADYEXISTS PE_NOTOKEN PE_TOKENEXPIRED HANDLER PE_U2FFAILED PE_REGISTERALREADYEXISTS PE_NOTOKEN PE_TOKENEXPIRED HANDLER PE_U2FFAILED
PE_UNAUTHORIZEDPARTNER PE_RENEWSESSION PE_IDPCHOICE PE_WAIT PE_MUSTAUTHN PE_UNAUTHORIZEDPARTNER PE_RENEWSESSION PE_IDPCHOICE PE_WAIT PE_MUSTAUTHN
PE_MUSTHAVEMAIL
); );
our %EXPORT_TAGS = ( 'all' => [ @EXPORT_OK, 'import' ], ); our %EXPORT_TAGS = ( 'all' => [ @EXPORT_OK, 'import' ], );
......
...@@ -87,6 +87,7 @@ ...@@ -87,6 +87,7 @@
"PE85":" الموقع البعيد يطلب جلسة جديدة (ولم يتم تحميل برنامج ترقية الجلسة).\nسجل الخروج و أعد المحاولة", "PE85":" الموقع البعيد يطلب جلسة جديدة (ولم يتم تحميل برنامج ترقية الجلسة).\nسجل الخروج و أعد المحاولة",
"PE86":"Your account is locked. You must wait 30s before authenticate again", "PE86":"Your account is locked. You must wait 30s before authenticate again",
"PE87":"You must authenticate again to access to Portal", "PE87":"You must authenticate again to access to Portal",
"PE88":"Your account must have an e-mail address in order to use double factor authentication",
"2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.", "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.",
"accept":"قبول", "accept":"قبول",
"accessDenied":"ليس لديك إذن بالدخول لهذا التطبيق", "accessDenied":"ليس لديك إذن بالدخول لهذا التطبيق",
...@@ -240,4 +241,4 @@ ...@@ -240,4 +241,4 @@
"yourPhone":"رقم هاتفك", "yourPhone":"رقم هاتفك",
"yourProfile":"ملفك الشخصي", "yourProfile":"ملفك الشخصي",
"yourTotpKey":"Your TOTP key" "yourTotpKey":"Your TOTP key"
} }
\ No newline at end of file
...@@ -87,6 +87,7 @@ ...@@ -87,6 +87,7 @@
"PE85":"Die Gegenseite fragt nach einer neueren Sitzung (und das UpgradeSession-Plugin wurde nicht geladen). Abmelden und erneut versuchen", "PE85":"Die Gegenseite fragt nach einer neueren Sitzung (und das UpgradeSession-Plugin wurde nicht geladen). Abmelden und erneut versuchen",
"PE86":"Your account is locked. You must wait 30s before authenticate again", "PE86":"Your account is locked. You must wait 30s before authenticate again",
"PE87":"You must authenticate again to access to Portal", "PE87":"You must authenticate again to access to Portal",
"PE88":"Your account must have an e-mail address in order to use double factor authentication",
"2fRegRequired":"Dieser Dienst benötigt Zwei-Faktor-Authentifizierung. Bitte legen Sie ein Gerät an und gehen dann zum Portal zurück.", "2fRegRequired":"Dieser Dienst benötigt Zwei-Faktor-Authentifizierung. Bitte legen Sie ein Gerät an und gehen dann zum Portal zurück.",
"accept":"Akzeptieren", "accept":"Akzeptieren",
"accessDenied":"Sie haben keine Zugriffsberechtigung für diese Anwendung", "accessDenied":"Sie haben keine Zugriffsberechtigung für diese Anwendung",
...@@ -240,4 +241,4 @@ ...@@ -240,4 +241,4 @@
"yourPhone":"Ihre Telefonnummer", "yourPhone":"Ihre Telefonnummer",
"yourProfile":"Ihr Profil", "yourProfile":"Ihr Profil",
"yourTotpKey":"Your TOTP key" "yourTotpKey":"Your TOTP key"
} }
\ No newline at end of file
...@@ -87,6 +87,7 @@ ...@@ -87,6 +87,7 @@
"PE85":"The remote site ask for a newer session (and UpgradeSession plugin isn't loaded). Logout and retry", "PE85":"The remote site ask for a newer session (and UpgradeSession plugin isn't loaded). Logout and retry",
"PE86":"Your account is locked. You must wait 30s before authenticate again", "PE86":"Your account is locked. You must wait 30s before authenticate again",
"PE87":"You must authenticate again to access to Portal", "PE87":"You must authenticate again to access to Portal",
"PE88":"Your account must have an e-mail address in order to use double factor authentication",
"2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.", "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.",
"accept":"Accept", "accept":"Accept",
"accessDenied":"You have no access authorization for this application", "accessDenied":"You have no access authorization for this application",
......
...@@ -87,6 +87,7 @@ ...@@ -87,6 +87,7 @@
"PE85":"The remote site ask for a newer session (and UpgradeSession plugin isn't loaded). Logout and retry", "PE85":"The remote site ask for a newer session (and UpgradeSession plugin isn't loaded). Logout and retry",
"PE86":"Your account is locked. You must wait 30s before authenticate again", "PE86":"Your account is locked. You must wait 30s before authenticate again",
"PE87":"You must authenticate again to access to Portal", "PE87":"You must authenticate again to access to Portal",
"PE88":"Your account must have an e-mail address in order to use double factor authentication",
"2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.", "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.",
"accept":"Accept", "accept":"Accept",
"accessDenied":"You have no access authorization for this application", "accessDenied":"You have no access authorization for this application",
...@@ -240,4 +241,4 @@ ...@@ -240,4 +241,4 @@
"yourPhone":"Your phone number", "yourPhone":"Your phone number",
"yourProfile":"Your profile", "yourProfile":"Your profile",
"yourTotpKey":"Your TOTP key" "yourTotpKey":"Your TOTP key"
} }
\ No newline at end of file
...@@ -87,6 +87,7 @@ ...@@ -87,6 +87,7 @@
"PE85":"Le site souhaite une authentification plus récente (et le plugin UpgradeSession n'est pas chargé). Déconnectez-vous et réessayez", "PE85":"Le site souhaite une authentification plus récente (et le plugin UpgradeSession n'est pas chargé). Déconnectez-vous et réessayez",
"PE86":"Votre compte est verrouillé. Vous devez attendre 30s avant de vous ré-authentifier.", "PE86":"Votre compte est verrouillé. Vous devez attendre 30s avant de vous ré-authentifier.",
"PE87":"Vous devez vous ré-authentifier pour pouvoir accéder au Portail", "PE87":"Vous devez vous ré-authentifier pour pouvoir accéder au Portail",
"PE88":"Votre compte doit avoir une addresse email pour pouvoir utiliser l'authentification à deux facteurs",
"2fRegRequired":"Ce service requiert une authentification à deux facteurs. Enregistrez un équipement ici et retournez au portail.", "2fRegRequired":"Ce service requiert une authentification à deux facteurs. Enregistrez un équipement ici et retournez au portail.",
"accept":"Accepter",