get attribute name from config

This commit is contained in:
Roland Gruber 2018-12-31 12:39:20 +01:00
parent 4fea8155c8
commit 89ab8d0f1f
1 changed files with 15 additions and 1 deletions

View File

@ -248,7 +248,7 @@ class YubicoProvider implements TwoFactorProvider {
* @see \LAM\LIB\TWO_FACTOR\TwoFactorProvider::getSerials() * @see \LAM\LIB\TWO_FACTOR\TwoFactorProvider::getSerials()
*/ */
public function getSerials($user, $password) { public function getSerials($user, $password) {
$keyAttributeName = strtolower('yubiKeyId'); $keyAttributeName = strtolower($this->config->twoFactorAuthenticationSerialAttributeName);
$loginDn = $_SESSION['ldap']->getUserName(); $loginDn = $_SESSION['ldap']->getUserName();
$handle = getLDAPServerHandle(); $handle = getLDAPServerHandle();
$ldapData = ldapGetDN($loginDn, array($keyAttributeName), $handle); $ldapData = ldapGetDN($loginDn, array($keyAttributeName), $handle);
@ -362,6 +362,15 @@ class TwoFactorProviderService {
$tfConfig->twoFactorAuthenticationURL = $conf->getTwoFactorAuthenticationURL(); $tfConfig->twoFactorAuthenticationURL = $conf->getTwoFactorAuthenticationURL();
$tfConfig->twoFactorAuthenticationClientId = $conf->getTwoFactorAuthenticationClientId(); $tfConfig->twoFactorAuthenticationClientId = $conf->getTwoFactorAuthenticationClientId();
$tfConfig->twoFactorAuthenticationSecretKey = $conf->getTwoFactorAuthenticationSecretKey(); $tfConfig->twoFactorAuthenticationSecretKey = $conf->getTwoFactorAuthenticationSecretKey();
if ($tfConfig->twoFactorAuthentication == TwoFactorProviderService::TWO_FACTOR_YUBICO) {
$moduleSettings = $conf->get_moduleSettings();
if (!empty($moduleSettings['yubiKeyUser_attributeName'][0])) {
$tfConfig->twoFactorAuthenticationSerialAttributeName = $moduleSettings['yubiKeyUser_attributeName'][0];
}
else {
$tfConfig->twoFactorAuthenticationSerialAttributeName = 'yubiKeyId';
}
}
return $tfConfig; return $tfConfig;
} }
@ -399,4 +408,9 @@ class TwoFactorConfiguration {
*/ */
public $twoFactorAuthenticationSecretKey = null; public $twoFactorAuthenticationSecretKey = null;
/**
* @var LDAP attribute name that stores the token serials
*/
public $twoFactorAuthenticationSerialAttributeName = null;
} }