From 095e7281048cb241d1ae552a80abd4f82f024fe1 Mon Sep 17 00:00:00 2001 From: Roland Gruber Date: Tue, 13 Aug 2019 17:29:02 +0200 Subject: [PATCH] Duo --- lam-packaging/debian/copyright | 27 +++++++++++++++++++++++++ lam/lib/2factor.inc | 37 +++++++++++++++++++++++++++++++++- lam/templates/login2Factor.php | 10 +++++---- 3 files changed, 69 insertions(+), 5 deletions(-) diff --git a/lam-packaging/debian/copyright b/lam-packaging/debian/copyright index f74a6745..586f9bb4 100644 --- a/lam-packaging/debian/copyright +++ b/lam-packaging/debian/copyright @@ -390,6 +390,31 @@ D: permanent authorization for you to choose that version for the Library. +E: + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the author may not be used to endorse or promote products + derived from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + Programs and licenses with other licenses and/or authors than the main license and authors: @@ -411,6 +436,8 @@ templates/lib/*jquery-validationEngine-*.js B 2010 Cedric Dugas and Olivier Re style/150_jquery-validationEngine*.css B 2010 Cedric Dugas and Olivier Refalo templates/lib/extra/cropperjs B 2018 Chen Fengyuan style/600_cropper*.css B 2018 Chen Fengyuan +templates/lib/extra/duo/*.js E 2019 Duo Security +lib/3rdParty/duo/*.php E 2019 Duo Security templates/lib/600_jquery.magnific-popup.js B 2016 Dmitry Semenov style/610_magnific-popup.css B 2016 Dmitry Semenov style/responsive/105_normalize.css B Nicolas Gallagher and Jonathan Neal diff --git a/lam/lib/2factor.inc b/lam/lib/2factor.inc index 1d63d71a..55267b31 100644 --- a/lam/lib/2factor.inc +++ b/lam/lib/2factor.inc @@ -71,6 +71,13 @@ interface TwoFactorProvider { * @param string user DN */ public function addCustomInput(&$row, $userDn); + + /** + * Returns if the submit button should be shown. + * + * @return bool show submit button + */ + public function isShowSubmitButton(); } /** @@ -116,6 +123,14 @@ abstract class BaseProvider implements TwoFactorProvider { return $userData[$attrName]; } + /** + * {@inheritDoc} + * @see \LAM\LIB\TWO_FACTOR\TwoFactorProvider::isShowSubmitButton() + */ + public function isShowSubmitButton() { + return true; + } + } /** @@ -374,6 +389,14 @@ class DuoProvider extends BaseProvider { return array('DUO'); } + /** + * {@inheritDoc} + * @see \LAM\LIB\TWO_FACTOR\TwoFactorProvider::isShowSubmitButton() + */ + public function isShowSubmitButton() { + return false; + } + /** * {@inheritDoc} * @see \LAM\LIB\TWO_FACTOR\TwoFactorProvider::hasCustomInputForm() @@ -394,7 +417,12 @@ class DuoProvider extends BaseProvider { $this->config->twoFactorAuthenticationSecretKey, $aKey, $loginAttribute); - $row->add(new htmlScript("lib/extra/duo/Duo-Web-v2.js", false, false), 12); + if ($this->config->isSelfService) { + $row->add(new htmlScript("../lib/extra/duo/Duo-Web-v2.js", false, false), 12); + } + else { + $row->add(new htmlScript("lib/extra/duo/Duo-Web-v2.js", false, false), 12); + } $iframe = new htmlIframe('duo_iframe'); $iframe->addDataAttribute('host', $this->config->twoFactorAuthenticationURL); $iframe->addDataAttribute('sig-request', $signedRequest); @@ -494,6 +522,7 @@ class TwoFactorProviderService { */ private function getConfigSelfService(&$profile) { $tfConfig = new TwoFactorConfiguration(); + $tfConfig->isSelfService = true; $tfConfig->twoFactorAuthentication = $profile->twoFactorAuthentication; $tfConfig->twoFactorAuthenticationInsecure = $profile->twoFactorAuthenticationInsecure; $tfConfig->twoFactorAuthenticationURL = $profile->twoFactorAuthenticationURL; @@ -527,6 +556,7 @@ class TwoFactorProviderService { */ private function getConfigAdmin($conf) { $tfConfig = new TwoFactorConfiguration(); + $tfConfig->isSelfService = false; $tfConfig->twoFactorAuthentication = $conf->getTwoFactorAuthentication(); $tfConfig->twoFactorAuthenticationInsecure = $conf->getTwoFactorAuthenticationInsecure(); $tfConfig->twoFactorAuthenticationURL = $conf->getTwoFactorAuthenticationURL(); @@ -557,6 +587,11 @@ class TwoFactorProviderService { */ class TwoFactorConfiguration { + /** + * @var bool is self service + */ + public $isSelfService = false; + /** * @var string provider id */ diff --git a/lam/templates/login2Factor.php b/lam/templates/login2Factor.php index c1fa4916..30c00064 100644 --- a/lam/templates/login2Factor.php +++ b/lam/templates/login2Factor.php @@ -167,10 +167,12 @@ echo $config->getTwoFactorAuthenticationCaption(); // buttons $row->add(new htmlSpacer('1em', '1em'), 12); - $submit = new htmlButton('submit', _("Submit")); - $submit->setCSSClasses(array('fullwidth')); - $row->add($submit, 12, 12, 12, 'fullwidth'); - $row->add(new htmlSpacer('0.5em', '0.5em'), 12); + if ($provider->isShowSubmitButton()) { + $submit = new htmlButton('submit', _("Submit")); + $submit->setCSSClasses(array('fullwidth')); + $row->add($submit, 12, 12, 12, 'fullwidth'); + $row->add(new htmlSpacer('0.5em', '0.5em'), 12); + } $logout = new htmlButton('logout', _("Cancel")); $logout->setCSSClasses(array('fullwidth')); $row->add($logout, 12);