WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Duo

This commit is contained in:
Roland Gruber 2019-08-13 17:29:02 +02:00
parent bf777b2e99
commit 095e728104
3 changed files with 69 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
lam-packaging/debian/copyright
View File

@ -390,6 +390,31 @@ D:
permanent authorization for you to choose that version for the permanent authorization for you to choose that version for the
Library. Library.
E:
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. The name of the author may not be used to endorse or promote products
derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Programs and licenses with other licenses and/or authors than the Programs and licenses with other licenses and/or authors than the
main license and authors: main license and authors:
@ -411,6 +436,8 @@ templates/lib/*jquery-validationEngine-*.js B 2010 Cedric Dugas and Olivier Re
style/150_jquery-validationEngine*.css B 2010 Cedric Dugas and Olivier Refalo style/150_jquery-validationEngine*.css B 2010 Cedric Dugas and Olivier Refalo
templates/lib/extra/cropperjs B 2018 Chen Fengyuan templates/lib/extra/cropperjs B 2018 Chen Fengyuan
style/600_cropper*.css B 2018 Chen Fengyuan style/600_cropper*.css B 2018 Chen Fengyuan
templates/lib/extra/duo/*.js E 2019 Duo Security
lib/3rdParty/duo/*.php E 2019 Duo Security
templates/lib/600_jquery.magnific-popup.js B 2016 Dmitry Semenov templates/lib/600_jquery.magnific-popup.js B 2016 Dmitry Semenov
style/610_magnific-popup.css B 2016 Dmitry Semenov style/610_magnific-popup.css B 2016 Dmitry Semenov
style/responsive/105_normalize.css B Nicolas Gallagher and Jonathan Neal style/responsive/105_normalize.css B Nicolas Gallagher and Jonathan Neal

35
lam/lib/2factor.inc
View File

@ -71,6 +71,13 @@ interface TwoFactorProvider {
* @param string user DN * @param string user DN
*/ */
public function addCustomInput(&$row, $userDn); public function addCustomInput(&$row, $userDn);
/**
* Returns if the submit button should be shown.
*
* @return bool show submit button
*/
public function isShowSubmitButton();
} }
/** /**
@ -116,6 +123,14 @@ abstract class BaseProvider implements TwoFactorProvider {
return $userData[$attrName]; return $userData[$attrName];
} }
/**
* {@inheritDoc}
* @see \LAM\LIB\TWO_FACTOR\TwoFactorProvider::isShowSubmitButton()
*/
public function isShowSubmitButton() {
return true;
}
} }
/** /**
@ -374,6 +389,14 @@ class DuoProvider extends BaseProvider {
return array('DUO'); return array('DUO');
} }
/**
* {@inheritDoc}
* @see \LAM\LIB\TWO_FACTOR\TwoFactorProvider::isShowSubmitButton()
*/
public function isShowSubmitButton() {
return false;
}
/** /**
* {@inheritDoc} * {@inheritDoc}
* @see \LAM\LIB\TWO_FACTOR\TwoFactorProvider::hasCustomInputForm() * @see \LAM\LIB\TWO_FACTOR\TwoFactorProvider::hasCustomInputForm()
@ -394,7 +417,12 @@ class DuoProvider extends BaseProvider {
$this->config->twoFactorAuthenticationSecretKey, $this->config->twoFactorAuthenticationSecretKey,
$aKey, $aKey,
$loginAttribute); $loginAttribute);
if ($this->config->isSelfService) {
$row->add(new htmlScript("../lib/extra/duo/Duo-Web-v2.js", false, false), 12);
}
else {
$row->add(new htmlScript("lib/extra/duo/Duo-Web-v2.js", false, false), 12); $row->add(new htmlScript("lib/extra/duo/Duo-Web-v2.js", false, false), 12);
}
$iframe = new htmlIframe('duo_iframe'); $iframe = new htmlIframe('duo_iframe');
$iframe->addDataAttribute('host', $this->config->twoFactorAuthenticationURL); $iframe->addDataAttribute('host', $this->config->twoFactorAuthenticationURL);
$iframe->addDataAttribute('sig-request', $signedRequest); $iframe->addDataAttribute('sig-request', $signedRequest);
@ -494,6 +522,7 @@ class TwoFactorProviderService {
*/ */
private function getConfigSelfService(&$profile) { private function getConfigSelfService(&$profile) {
$tfConfig = new TwoFactorConfiguration(); $tfConfig = new TwoFactorConfiguration();
$tfConfig->isSelfService = true;
$tfConfig->twoFactorAuthentication = $profile->twoFactorAuthentication; $tfConfig->twoFactorAuthentication = $profile->twoFactorAuthentication;
$tfConfig->twoFactorAuthenticationInsecure = $profile->twoFactorAuthenticationInsecure; $tfConfig->twoFactorAuthenticationInsecure = $profile->twoFactorAuthenticationInsecure;
$tfConfig->twoFactorAuthenticationURL = $profile->twoFactorAuthenticationURL; $tfConfig->twoFactorAuthenticationURL = $profile->twoFactorAuthenticationURL;
@ -527,6 +556,7 @@ class TwoFactorProviderService {
*/ */
private function getConfigAdmin($conf) { private function getConfigAdmin($conf) {
$tfConfig = new TwoFactorConfiguration(); $tfConfig = new TwoFactorConfiguration();
$tfConfig->isSelfService = false;
$tfConfig->twoFactorAuthentication = $conf->getTwoFactorAuthentication(); $tfConfig->twoFactorAuthentication = $conf->getTwoFactorAuthentication();
$tfConfig->twoFactorAuthenticationInsecure = $conf->getTwoFactorAuthenticationInsecure(); $tfConfig->twoFactorAuthenticationInsecure = $conf->getTwoFactorAuthenticationInsecure();
$tfConfig->twoFactorAuthenticationURL = $conf->getTwoFactorAuthenticationURL(); $tfConfig->twoFactorAuthenticationURL = $conf->getTwoFactorAuthenticationURL();
@ -557,6 +587,11 @@ class TwoFactorProviderService {
*/ */
class TwoFactorConfiguration { class TwoFactorConfiguration {
/**
* @var bool is self service
*/
public $isSelfService = false;
/** /**
* @var string provider id * @var string provider id
*/ */

2
lam/templates/login2Factor.php
View File

@ -167,10 +167,12 @@ echo $config->getTwoFactorAuthenticationCaption();
// buttons // buttons
$row->add(new htmlSpacer('1em', '1em'), 12); $row->add(new htmlSpacer('1em', '1em'), 12);
if ($provider->isShowSubmitButton()) {
$submit = new htmlButton('submit', _("Submit")); $submit = new htmlButton('submit', _("Submit"));
$submit->setCSSClasses(array('fullwidth')); $submit->setCSSClasses(array('fullwidth'));
$row->add($submit, 12, 12, 12, 'fullwidth'); $row->add($submit, 12, 12, 12, 'fullwidth');
$row->add(new htmlSpacer('0.5em', '0.5em'), 12); $row->add(new htmlSpacer('0.5em', '0.5em'), 12);
}
$logout = new htmlButton('logout', _("Cancel")); $logout = new htmlButton('logout', _("Cancel"));
$logout->setCSSClasses(array('fullwidth')); $logout->setCSSClasses(array('fullwidth'));
$row->add($logout, 12); $row->add($logout, 12);