refactor(web): replace SOGoGoogleAuthenticatorEnabled with
SOGoTOTPEnabled Fixes #5294pull/299/head
parent
34184aa3fc
commit
20b2fd5e45
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
Copyright (C) 2006-2020 Inverse inc.
|
||||
Copyright (C) 2006-2021 Inverse inc.
|
||||
|
||||
This file is part of SOGo.
|
||||
|
||||
|
@ -120,7 +120,7 @@
|
|||
|
||||
- (BOOL) isSuperUser;
|
||||
- (BOOL) canAuthenticate;
|
||||
- (NSString *) googleAuthenticatorKey;
|
||||
- (NSString *) totpKey;
|
||||
|
||||
/* resource */
|
||||
- (BOOL) isResource;
|
||||
|
|
|
@ -1129,7 +1129,7 @@
|
|||
return [authValue boolValue];
|
||||
}
|
||||
|
||||
- (NSString *) googleAuthenticatorKey
|
||||
- (NSString *) totpKey
|
||||
{
|
||||
#if defined(MFA_CONFIG)
|
||||
NSString *key, *result;
|
||||
|
|
|
@ -133,8 +133,8 @@ extern NSString *SOGoWeekStartFirstFullWeek;
|
|||
- (void) setAnimationMode: (NSString *) newValue;
|
||||
- (NSString *) animationMode;
|
||||
|
||||
- (BOOL) googleAuthenticatorEnabled;
|
||||
- (void) setGoogleAuthenticatorEnabled: (BOOL) newValue;
|
||||
- (BOOL) totpEnabled;
|
||||
- (void) setTotpEnabled: (BOOL) newValue;
|
||||
|
||||
- (void) setMailComposeWindow: (NSString *) newValue;
|
||||
- (NSString *) mailComposeWindow;
|
||||
|
|
|
@ -228,6 +228,7 @@ NSString *SOGoWeekStartFirstFullWeek = @"FirstFullWeek";
|
|||
@"SOGoReminderEnabled", @"ReminderEnabled",
|
||||
@"SOGoReminderTime", @"ReminderTime",
|
||||
@"SOGoRemindWithASound", @"RemindWithASound",
|
||||
@"SOGoTOTPEnabled", @"SOGoGoogleAuthenticatorEnabled",
|
||||
nil];
|
||||
[migratedKeys retain];
|
||||
}
|
||||
|
@ -567,14 +568,14 @@ NSString *SOGoWeekStartFirstFullWeek = @"FirstFullWeek";
|
|||
return [self stringForKey: @"SOGoAnimationMode"];
|
||||
}
|
||||
|
||||
- (BOOL) googleAuthenticatorEnabled
|
||||
- (BOOL) totpEnabled
|
||||
{
|
||||
return [self boolForKey: @"SOGoGoogleAuthenticatorEnabled"];
|
||||
return [self boolForKey: @"SOGoTOTPEnabled"];
|
||||
}
|
||||
|
||||
- (void) setGoogleAuthenticatorEnabled: (BOOL) newValue
|
||||
- (void) setTotpEnabled: (BOOL) newValue
|
||||
{
|
||||
[self setBool: newValue forKey: @"SOGoGoogleAuthenticatorEnabled"];
|
||||
[self setBool: newValue forKey: @"SOGoTOTPEnabled"];
|
||||
}
|
||||
|
||||
- (void) setMailComposeWindow: (NSString *) newValue
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
|
||||
Copyright (C) 2006-2015 Inverse inc.
|
||||
Copyright (C) 2006-2021 Inverse inc.
|
||||
Copyright (C) 2004-2005 SKYRIX Software AG
|
||||
|
||||
This file is part of SOGo.
|
||||
|
@ -33,6 +33,7 @@
|
|||
#import <NGExtensions/NSNull+misc.h>
|
||||
#import <NGExtensions/NSString+misc.h>
|
||||
#import <NGExtensions/NSObject+Logs.h>
|
||||
#import <NGExtensions/NSObject+Values.h>
|
||||
|
||||
#import <Appointments/SOGoAppointmentFolders.h>
|
||||
|
||||
|
@ -185,7 +186,7 @@
|
|||
SOGoUserDefaults *ud;
|
||||
SOGoUser *loggedInUser;
|
||||
NSDictionary *params;
|
||||
NSString *username, *password, *language, *domain, *remoteHost, *verificationCode;
|
||||
NSString *username, *password, *language, *domain, *remoteHost;
|
||||
NSArray *supportedLanguages, *creds;
|
||||
|
||||
SOGoPasswordPolicyError err;
|
||||
|
@ -201,7 +202,6 @@
|
|||
|
||||
username = [params objectForKey: @"userName"];
|
||||
password = [params objectForKey: @"password"];
|
||||
verificationCode = [params objectForKey: @"verificationCode"];
|
||||
language = [params objectForKey: @"language"];
|
||||
rememberLogin = [[params objectForKey: @"rememberLogin"] boolValue];
|
||||
domain = [params objectForKey: @"domain"];
|
||||
|
@ -232,8 +232,11 @@
|
|||
loggedInUser = [SOGoUser userWithLogin: username];
|
||||
|
||||
#if defined(MFA_CONFIG)
|
||||
if ([[loggedInUser userDefaults] googleAuthenticatorEnabled])
|
||||
if ([[loggedInUser userDefaults] totpEnabled])
|
||||
{
|
||||
NSString *verificationCode;
|
||||
|
||||
verificationCode = [params objectForKey: @"verificationCode"];
|
||||
if ([verificationCode length] == 6 && [verificationCode unsignedIntValue] > 0)
|
||||
{
|
||||
unsigned int code;
|
||||
|
@ -245,7 +248,7 @@
|
|||
const auto time_step = OATH_TOTP_DEFAULT_TIME_STEP_SIZE;
|
||||
const auto digits = 6;
|
||||
|
||||
real_secret = [[loggedInUser googleAuthenticatorKey] UTF8String];
|
||||
real_secret = [[loggedInUser totpKey] UTF8String];
|
||||
|
||||
auto result = oath_init();
|
||||
auto t = time(NULL);
|
||||
|
@ -275,7 +278,7 @@
|
|||
{
|
||||
[self logWithFormat: @"Invalid TOTP key for '%@'", username];
|
||||
json = [NSDictionary dictionaryWithObject: [NSNumber numberWithInt: 1]
|
||||
forKey: @"GoogleAuthenticatorInvalidKey"];
|
||||
forKey: @"totpInvalidKey"];
|
||||
return [self responseWithStatus: 403
|
||||
andJSONRepresentation: json];
|
||||
}
|
||||
|
@ -284,7 +287,7 @@
|
|||
{
|
||||
[self logWithFormat: @"Missing TOTP key for '%@', asking it..", username];
|
||||
json = [NSDictionary dictionaryWithObject: [NSNumber numberWithInt: 1]
|
||||
forKey: @"GoogleAuthenticatorMissingKey"];
|
||||
forKey: @"totpMissingKey"];
|
||||
return [self responseWithStatus: 202
|
||||
andJSONRepresentation: json];
|
||||
}
|
||||
|
@ -736,7 +739,7 @@
|
|||
return response;
|
||||
}
|
||||
|
||||
- (BOOL) isGoogleAuthenticatorEnabled
|
||||
- (BOOL) isTotpEnabled
|
||||
{
|
||||
#if defined(MFA_CONFIG)
|
||||
return YES;
|
||||
|
|
|
@ -172,8 +172,8 @@ static SoProduct *preferencesProduct = nil;
|
|||
if (![[defaults source] objectForKey: @"SOGoAnimationMode"])
|
||||
[[defaults source] setObject: [defaults animationMode] forKey: @"SOGoAnimationMode"];
|
||||
|
||||
if (![[defaults source] objectForKey: @"SOGoGoogleAuthenticatorEnabled"])
|
||||
[[defaults source] setObject: [NSNumber numberWithBool: NO] forKey: @"SOGoGoogleAuthenticatorEnabled"];
|
||||
if (![[defaults source] objectForKey: @"SOGoTOTPEnabled"])
|
||||
[[defaults source] setObject: [NSNumber numberWithBool: NO] forKey: @"SOGoTOTPEnabled"];
|
||||
|
||||
//
|
||||
// Default Calendar preferences
|
||||
|
|
|
@ -1002,7 +1002,7 @@ static NSArray *reminderValues = nil;
|
|||
return [NSString stringWithString: SOGoVersion];
|
||||
}
|
||||
|
||||
- (BOOL) isGoogleAuthenticatorEnabled
|
||||
- (BOOL) isTotpEnabled
|
||||
{
|
||||
#if defined(MFA_CONFIG)
|
||||
return YES;
|
||||
|
@ -1011,9 +1011,9 @@ static NSArray *reminderValues = nil;
|
|||
#endif
|
||||
}
|
||||
|
||||
- (NSString *) googleAuthenticatorKey
|
||||
- (NSString *) totpKey
|
||||
{
|
||||
return [[context activeUser] googleAuthenticatorKey];
|
||||
return [[context activeUser] totpKey];
|
||||
}
|
||||
|
||||
//
|
||||
|
|
|
@ -127,14 +127,14 @@
|
|||
</div>
|
||||
|
||||
<!-- TOTP Code -->
|
||||
<var:if condition="isGoogleAuthenticatorEnabled">
|
||||
<var:if condition="isTotpEnabled">
|
||||
<div layout="row" layout-align="center center" layout-fill="layout-fill"
|
||||
ng-switch-when="googleauthenticatorcode">
|
||||
ng-switch-when="totpcode">
|
||||
<div flex="80" flex-sm="50" flex-gt-sm="40">
|
||||
<md-input-container class="md-block">
|
||||
<label><var:string label:value="Verification Code"/></label>
|
||||
<md-icon>lock</md-icon>
|
||||
<input type="text" ng-pattern="app.verificationCodePattern" ng-model="app.creds.verificationCode" ng-required="app.loginState == 'googleauthenticatorcode'"/>
|
||||
<input type="text" ng-pattern="app.verificationCodePattern" ng-model="app.creds.verificationCode" ng-required="app.loginState == 'totpcode'"/>
|
||||
<div class="sg-hint"><var:string label:value="Enter the 6-digit verification code from your TOTP application."/></div>
|
||||
</md-input-container>
|
||||
<div layout="row" layout-align="space-between center">
|
||||
|
@ -146,7 +146,7 @@
|
|||
</md-button>
|
||||
<md-button class="md-fab md-accent md-hue-2" type="submit"
|
||||
label:aria-label="Connect"
|
||||
ng-if="app.loginState == 'googleauthenticatorcode'"
|
||||
ng-if="app.loginState == 'totpcode'"
|
||||
ng-disabled="loginForm.$invalid"
|
||||
ng-click="app.login()">
|
||||
<md-icon>arrow_forward</md-icon>
|
||||
|
|
|
@ -243,8 +243,8 @@
|
|||
</md-radio-group>
|
||||
</md-input-container>
|
||||
|
||||
<var:if condition="isGoogleAuthenticatorEnabled">
|
||||
<md-checkbox ng-model="app.preferences.defaults.SOGoGoogleAuthenticatorEnabled"
|
||||
<var:if condition="isTotpEnabled">
|
||||
<md-checkbox ng-model="app.preferences.defaults.SOGoTOTPEnabled"
|
||||
ng-true-value="1"
|
||||
ng-false-value="0"
|
||||
label:aria-label="Enable two-factor authentication using a TOTP application">
|
||||
|
@ -252,9 +252,9 @@
|
|||
</md-checkbox>
|
||||
<div layout="row" layout-align="start center" layout-xs="column"
|
||||
layout-padding="layout-padding" layout-margin="layout-margin"
|
||||
ng-show="app.preferences.defaults.SOGoGoogleAuthenticatorEnabled">
|
||||
ng-show="app.preferences.defaults.SOGoTOTPEnabled">
|
||||
<div>
|
||||
<sg-qr-code var:text="googleAuthenticatorKey" />
|
||||
<sg-qr-code var:text="totpKey" />
|
||||
</div>
|
||||
<div flex="100" flex-sm="60" flex-gt-sm="50">
|
||||
<var:string label:value="You must enter this key into your TOTP application."/> <b><var:string label:value="If you do not and you log out you will not be able to login again."/></b>
|
||||
|
|
|
@ -94,8 +94,8 @@
|
|||
}
|
||||
else {
|
||||
// Check for TOTP
|
||||
if (typeof data.GoogleAuthenticatorMissingKey != 'undefined' && response.status == 202) {
|
||||
d.resolve({gamissingkey: 1});
|
||||
if (typeof data.totpMissingKey != 'undefined' && response.status == 202) {
|
||||
d.resolve({totpmissingkey: 1});
|
||||
}
|
||||
// Check password policy
|
||||
else if (typeof data.expire != 'undefined' && typeof data.grace != 'undefined') {
|
||||
|
@ -125,7 +125,7 @@
|
|||
}
|
||||
}, function(error) {
|
||||
var response, perr, data = error.data;
|
||||
if (data && data.GoogleAuthenticatorInvalidKey) {
|
||||
if (data && data.totpInvalidKey) {
|
||||
response = {error: l('You provided an invalid TOTP key.')};
|
||||
}
|
||||
else if (data && angular.isDefined(data.LDAPPasswordPolicyError)) {
|
||||
|
|
|
@ -25,7 +25,7 @@
|
|||
this.creds.language = $window.language;
|
||||
this.loginState = false;
|
||||
|
||||
// Code pattern for Google verification code
|
||||
// Code pattern for TOTP verification code
|
||||
this.verificationCodePattern = '\\d{6}';
|
||||
|
||||
// Password policy - change expired password
|
||||
|
@ -41,8 +41,8 @@
|
|||
Authentication.login(vm.creds)
|
||||
.then(function(data) {
|
||||
|
||||
if (data.gamissingkey) {
|
||||
vm.loginState = 'googleauthenticatorcode';
|
||||
if (data.totpmissingkey) {
|
||||
vm.loginState = 'totpcode';
|
||||
}
|
||||
else {
|
||||
vm.loginState = 'logged';
|
||||
|
|
Loading…
Reference in New Issue