Duo

lam-packaging/debian/copyright

@@ -390,6 +390,31 @@ D:
    permanent authorization for you to choose that version for the
    Library.
 
+E:
+
+  Redistribution and use in source and binary forms, with or without
+  modification, are permitted provided that the following conditions
+  are met:
+
+  1. Redistributions of source code must retain the above copyright
+     notice, this list of conditions and the following disclaimer.
+  2. Redistributions in binary form must reproduce the above copyright
+     notice, this list of conditions and the following disclaimer in the
+     documentation and/or other materials provided with the distribution.
+  3. The name of the author may not be used to endorse or promote products
+     derived from this software without specific prior written permission.
+
+  THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+  IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+  OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+  INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+  NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+  THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
 
 Programs and licenses with other licenses and/or authors than the
 main license and authors:
@@ -411,6 +436,8 @@ templates/lib/*jquery-validationEngine-*.js B  2010  Cedric Dugas and Olivier Re
 style/150_jquery-validationEngine*.css      B  2010  Cedric Dugas and Olivier Refalo
 templates/lib/extra/cropperjs               B  2018  Chen Fengyuan
 style/600_cropper*.css                      B  2018  Chen Fengyuan
+templates/lib/extra/duo/*.js                E  2019  Duo Security
+lib/3rdParty/duo/*.php                      E  2019  Duo Security
 templates/lib/600_jquery.magnific-popup.js  B  2016  Dmitry Semenov
 style/610_magnific-popup.css                B  2016  Dmitry Semenov
 style/responsive/105_normalize.css          B        Nicolas Gallagher and Jonathan Neal

lam/lib/2factor.inc

@@ -71,6 +71,13 @@ interface TwoFactorProvider {
 	 * @param string user DN
 	 */
 	public function addCustomInput(&$row, $userDn);
+
+	/**
+	 * Returns if the submit button should be shown.
+	 *
+	 * @return bool show submit button
+	 */
+	public function isShowSubmitButton();
 }
 
 /**
@@ -116,6 +123,14 @@ abstract class BaseProvider implements TwoFactorProvider {
 		return $userData[$attrName];
 	}
 
+	/**
+	 * {@inheritDoc}
+	 * @see \LAM\LIB\TWO_FACTOR\TwoFactorProvider::isShowSubmitButton()
+	 */
+	public function isShowSubmitButton() {
+		return true;
+	}
+
 }
 
 /**
@@ -374,6 +389,14 @@ class DuoProvider extends BaseProvider {
 		return array('DUO');
 	}
 
+	/**
+	 * {@inheritDoc}
+	 * @see \LAM\LIB\TWO_FACTOR\TwoFactorProvider::isShowSubmitButton()
+	 */
+	public function isShowSubmitButton() {
+		return false;
+	}
+
 	/**
 	 * {@inheritDoc}
 	 * @see \LAM\LIB\TWO_FACTOR\TwoFactorProvider::hasCustomInputForm()
@@ -394,7 +417,12 @@ class DuoProvider extends BaseProvider {
 				$this->config->twoFactorAuthenticationSecretKey,
 				$aKey,
 				$loginAttribute);
-		$row->add(new htmlScript("lib/extra/duo/Duo-Web-v2.js", false, false), 12);
+		if ($this->config->isSelfService) {
+			$row->add(new htmlScript("../lib/extra/duo/Duo-Web-v2.js", false, false), 12);
+		}
+		else {
+			$row->add(new htmlScript("lib/extra/duo/Duo-Web-v2.js", false, false), 12);
+		}
 		$iframe = new htmlIframe('duo_iframe');
 		$iframe->addDataAttribute('host', $this->config->twoFactorAuthenticationURL);
 		$iframe->addDataAttribute('sig-request', $signedRequest);
@@ -494,6 +522,7 @@ class TwoFactorProviderService {
 	 */
 	private function getConfigSelfService(&$profile) {
 		$tfConfig = new TwoFactorConfiguration();
+		$tfConfig->isSelfService = true;
 		$tfConfig->twoFactorAuthentication = $profile->twoFactorAuthentication;
 		$tfConfig->twoFactorAuthenticationInsecure = $profile->twoFactorAuthenticationInsecure;
 		$tfConfig->twoFactorAuthenticationURL = $profile->twoFactorAuthenticationURL;
@@ -527,6 +556,7 @@ class TwoFactorProviderService {
 	 */
 	private function getConfigAdmin($conf) {
 		$tfConfig = new TwoFactorConfiguration();
+		$tfConfig->isSelfService = false;
 		$tfConfig->twoFactorAuthentication = $conf->getTwoFactorAuthentication();
 		$tfConfig->twoFactorAuthenticationInsecure = $conf->getTwoFactorAuthenticationInsecure();
 		$tfConfig->twoFactorAuthenticationURL = $conf->getTwoFactorAuthenticationURL();
@@ -557,6 +587,11 @@ class TwoFactorProviderService {
  */
 class TwoFactorConfiguration {
 
+	/**
+	 * @var bool is self service
+	 */
+	public $isSelfService = false;
+
 	/**
 	 * @var string provider id
 	 */

lam/templates/login2Factor.php

@@ -167,10 +167,12 @@ echo $config->getTwoFactorAuthenticationCaption();
 
 	// buttons
 	$row->add(new htmlSpacer('1em', '1em'), 12);
-	$submit = new htmlButton('submit', _("Submit"));
-	$submit->setCSSClasses(array('fullwidth'));
-	$row->add($submit, 12, 12, 12, 'fullwidth');
-	$row->add(new htmlSpacer('0.5em', '0.5em'), 12);
+	if ($provider->isShowSubmitButton()) {
+		$submit = new htmlButton('submit', _("Submit"));
+		$submit->setCSSClasses(array('fullwidth'));
+		$row->add($submit, 12, 12, 12, 'fullwidth');
+		$row->add(new htmlSpacer('0.5em', '0.5em'), 12);
+	}
 	$logout = new htmlButton('logout', _("Cancel"));
 	$logout->setCSSClasses(array('fullwidth'));
 	$row->add($logout, 12);