Commit 869e7dbb authored by ls1947's avatar ls1947
Browse files

Add disable and enable linotp functions

parent 8f7a8b73
......@@ -35,6 +35,7 @@ import org.slf4j.LoggerFactory;
import edu.kit.scc.webreg.entity.UserEntity;
import edu.kit.scc.webreg.service.twofa.linotp.LinotpInitAuthenticatorTokenResponse;
import edu.kit.scc.webreg.service.twofa.linotp.LinotpShowUserResponse;
import edu.kit.scc.webreg.service.twofa.linotp.LinotpSimpleResponse;
public class LinotpConnection {
......@@ -131,6 +132,58 @@ public class LinotpConnection {
}
}
public LinotpSimpleResponse disableToken(String serial) throws TwoFaException {
try {
HttpPost httpPost = new HttpPost(configMap.get("url") + "/admin/disable");
List<NameValuePair> nvps = new ArrayList <NameValuePair>();
if (configMap.containsKey("realm"))
nvps.add(new BasicNameValuePair("realm", configMap.get("realm")));
nvps.add(new BasicNameValuePair("session", adminSession));
nvps.add(new BasicNameValuePair("serial", serial));
httpPost.setEntity(new UrlEncodedFormEntity(nvps));
CloseableHttpResponse response = httpClient.execute(targetHost, httpPost, context);
try {
HttpEntity entity = response.getEntity();
String responseString = EntityUtils.toString(entity);
logger.debug(responseString);
return resultParser.parseSimpleResponse(responseString);
} finally {
response.close();
}
} catch (ParseException | IOException e) {
throw new TwoFaException(e);
}
}
public LinotpSimpleResponse enableToken(String serial) throws TwoFaException {
try {
HttpPost httpPost = new HttpPost(configMap.get("url") + "/admin/enable");
List<NameValuePair> nvps = new ArrayList <NameValuePair>();
if (configMap.containsKey("realm"))
nvps.add(new BasicNameValuePair("realm", configMap.get("realm")));
nvps.add(new BasicNameValuePair("session", adminSession));
nvps.add(new BasicNameValuePair("serial", serial));
httpPost.setEntity(new UrlEncodedFormEntity(nvps));
CloseableHttpResponse response = httpClient.execute(targetHost, httpPost, context);
try {
HttpEntity entity = response.getEntity();
String responseString = EntityUtils.toString(entity);
logger.debug(responseString);
return resultParser.parseSimpleResponse(responseString);
} finally {
response.close();
}
} catch (ParseException | IOException e) {
throw new TwoFaException(e);
}
}
public LinotpShowUserResponse getTokenList(UserEntity user) throws TwoFaException {
try {
......@@ -161,7 +214,7 @@ public class LinotpConnection {
}
}
public void requestAdminSession() throws TwoFaException {
public LinotpSimpleResponse requestAdminSession() throws TwoFaException {
HttpPost httpPost = new HttpPost(configMap.get("url") + "/admin/getsession");
......@@ -182,16 +235,18 @@ public class LinotpConnection {
adminSession = cookie.getValue();
}
}
if (adminSession == null) {
throw new TwoFaException("LinOTP issued no admin session. Cannot continue.");
}
return resultParser.parseSimpleResponse(responseString);
} finally {
response.close();
}
} catch (ParseException | IOException e) {
throw new TwoFaException(e);
}
if (adminSession == null) {
throw new TwoFaException("LinOTP issued no admin session. Cannot continue.");
}
}
protected List<?> getDataList(Map<?, ?> valueMap) {
......
......@@ -7,6 +7,7 @@ import com.fasterxml.jackson.databind.ObjectMapper;
import edu.kit.scc.webreg.service.twofa.linotp.LinotpInitAuthenticatorTokenResponse;
import edu.kit.scc.webreg.service.twofa.linotp.LinotpShowUserResponse;
import edu.kit.scc.webreg.service.twofa.linotp.LinotpSimpleResponse;
public class LinotpResultParser {
......@@ -17,6 +18,15 @@ public class LinotpResultParser {
om.disable(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES);
}
public LinotpSimpleResponse parseSimpleResponse(String responseString) throws TwoFaException {
try {
LinotpSimpleResponse response = om.readValue(responseString, LinotpSimpleResponse.class);
return response;
} catch (IOException e) {
throw new TwoFaException(e);
}
}
public LinotpShowUserResponse parseShowUserResponse(String responseString) throws TwoFaException {
try {
LinotpShowUserResponse response = om.readValue(responseString, LinotpShowUserResponse.class);
......
package edu.kit.scc.webreg.service.twofa;
import edu.kit.scc.webreg.service.twofa.linotp.LinotpInitAuthenticatorTokenResponse;
import edu.kit.scc.webreg.service.twofa.linotp.LinotpSimpleResponse;
public interface TwoFaService {
......@@ -8,4 +9,8 @@ public interface TwoFaService {
LinotpInitAuthenticatorTokenResponse createAuthenticatorToken(Long userId) throws TwoFaException;
LinotpSimpleResponse disableToken(Long userId, String serial) throws TwoFaException;
LinotpSimpleResponse enableToken(Long userId, String serial) throws TwoFaException;
}
......@@ -11,6 +11,7 @@ import edu.kit.scc.webreg.dao.UserDao;
import edu.kit.scc.webreg.entity.UserEntity;
import edu.kit.scc.webreg.service.twofa.linotp.LinotpInitAuthenticatorTokenResponse;
import edu.kit.scc.webreg.service.twofa.linotp.LinotpShowUserResponse;
import edu.kit.scc.webreg.service.twofa.linotp.LinotpSimpleResponse;
@Stateless
public class TwoFaServiceImpl implements TwoFaService {
......@@ -64,8 +65,39 @@ public class TwoFaServiceImpl implements TwoFaService {
linotpConnection.requestAdminSession();
LinotpInitAuthenticatorTokenResponse response = linotpConnection.createAuthenticatorToken(user);
if (response.getResult().isStatus() && response.getResult().isValue()) {
// Token succeful created
// Disable it for once
linotpConnection.disableToken(response.getDetail().getSerial());
return response;
}
else {
throw new TwoFaException("Token generation did not succeed!");
}
}
@Override
public LinotpSimpleResponse disableToken(Long userId, String serial) throws TwoFaException {
UserEntity user = userDao.findById(userId);
Map<String, String> configMap = configResolver.resolveConfig(user);
return response;
LinotpConnection linotpConnection = new LinotpConnection(configMap);
linotpConnection.requestAdminSession();
return linotpConnection.disableToken(serial);
}
@Override
public LinotpSimpleResponse enableToken(Long userId, String serial) throws TwoFaException {
UserEntity user = userDao.findById(userId);
Map<String, String> configMap = configResolver.resolveConfig(user);
LinotpConnection linotpConnection = new LinotpConnection(configMap);
linotpConnection.requestAdminSession();
return linotpConnection.enableToken(serial);
}
}
package edu.kit.scc.webreg.service.twofa.linotp;
import java.io.Serializable;
import com.fasterxml.jackson.annotation.JsonProperty;
public class LinotpSimpleResponse implements Serializable {
private static final long serialVersionUID = 1L;
private String version;
@JsonProperty("jsonrpc")
private String jsonRpc;
private LinotpResult result;
private Integer id;
public String getVersion() {
return version;
}
public void setVersion(String version) {
this.version = version;
}
public String getJsonRpc() {
return jsonRpc;
}
public void setJsonRpc(String jsonRpc) {
this.jsonRpc = jsonRpc;
}
public Integer getId() {
return id;
}
public void setId(Integer id) {
this.id = id;
}
public LinotpResult getResult() {
return result;
}
public void setResult(LinotpResult result) {
this.result = result;
}
}
......@@ -25,6 +25,7 @@ import edu.kit.scc.webreg.service.twofa.LinotpTokenResultList;
import edu.kit.scc.webreg.service.twofa.TwoFaException;
import edu.kit.scc.webreg.service.twofa.TwoFaService;
import edu.kit.scc.webreg.service.twofa.linotp.LinotpInitAuthenticatorTokenResponse;
import edu.kit.scc.webreg.service.twofa.linotp.LinotpSimpleResponse;
import edu.kit.scc.webreg.session.SessionManager;
import edu.kit.scc.webreg.util.FacesMessageGenerator;
......@@ -68,11 +69,46 @@ public class TwoFaUserBean implements Serializable {
public void createAuthenticatorToken() {
try {
createTokenResponse = twoFaService.createAuthenticatorToken(user.getId());
tokenList = twoFaService.findByUserId(sessionManager.getUserId());
} catch (TwoFaException e) {
logger.warn("TwoFaException", e);
}
}
public void enableToken(String serial) {
try {
LinotpSimpleResponse response = twoFaService.enableToken(user.getId(), serial);
tokenList = twoFaService.findByUserId(sessionManager.getUserId());
if ((response.getResult() != null) && response.getResult().isStatus() &&
response.getResult().isValue()) {
messageGenerator.addInfoMessage("Info", "Token " + serial + " enabled");
}
else {
messageGenerator.addWarningMessage("Warn", "Token " + serial + " could not be enabled");
}
} catch (TwoFaException e) {
logger.warn("TwoFaException", e);
messageGenerator.addErrorMessage("Error", e.toString());
}
}
public void disableToken(String serial) {
try {
LinotpSimpleResponse response = twoFaService.disableToken(user.getId(), serial);
tokenList = twoFaService.findByUserId(sessionManager.getUserId());
if ((response.getResult() != null) && response.getResult().isStatus() &&
response.getResult().isValue()) {
messageGenerator.addInfoMessage("Info", "Token " + serial + " disable");
}
else {
messageGenerator.addWarningMessage("Warn", "Token " + serial + " could not be disable");
}
} catch (TwoFaException e) {
logger.warn("TwoFaException", e);
messageGenerator.addErrorMessage("Error", e.toString());
}
}
public Boolean getReadOnly() {
return tokenList.getReadOnly();
}
......
......@@ -24,7 +24,7 @@
<ui:define name="content">
<h:form id="form">
<p:messages id="messageBox" for="key_error" showDetail="true" />
<div><p:messages showDetail="true" /></div>
<p:panel header="#{messages.twofa_list}" rendered="#{twoFaUserBean.readOnly}">
......@@ -43,11 +43,21 @@
<div><h:outputText value="#{token.serial}" /></div>
<div><h:outputText value="#{token.tokenType}" /></div>
<div><h:outputText value="#{token.isactive}" /></div>
<p:commandButton action="#{twoFaUserBean.disableToken(token.serial)}" value="Disable"
update="@form" rendered="#{token.isactive}"/>
<p:commandButton action="#{twoFaUserBean.enableToken(token.serial)}" value="Enable"
update="@form" rendered="#{! token.isactive}"/>
</p:panel>
</p:repeat>
</p:panelGrid>
<p:commandButton action="#{twoFaUserBean.createAuthenticatorToken()}" value="Create"></p:commandButton>
<p:commandButton action="#{twoFaUserBean.createAuthenticatorToken()}" value="Create" update="@form"></p:commandButton>
</p:panel>
<p:panel rendered="#{! twoFaUserBean.readOnly}">
<h:outputText value="#{twoFaUserBean.createTokenResponse.detail.googleurl.img}" escape="false" />
<h:outputText value="#{twoFaUserBean.createTokenResponse.detail.serial}"/>
</p:panel>
</h:form>
</ui:define>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment