Commit 936b28ec authored by ls1947's avatar ls1947
Browse files

implement check for twofa with sshpubkey service

parent f0dd80a5
......@@ -18,4 +18,8 @@ public interface UserLoginInfoDao extends BaseDao<UserLoginInfoEntity, Long> {
List<UserLoginInfoEntity> findByUser(Long userId);
List<UserLoginInfoEntity> findByRegistry(Long registryId);
UserLoginInfoEntity findByRegistryTwofaSuccess(Long registryId);
}
......@@ -14,9 +14,11 @@ import java.util.List;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Named;
import javax.persistence.NoResultException;
import edu.kit.scc.webreg.dao.UserLoginInfoDao;
import edu.kit.scc.webreg.entity.UserLoginInfoEntity;
import edu.kit.scc.webreg.entity.UserLoginMethod;
@Named
@ApplicationScoped
......@@ -29,6 +31,31 @@ public class JpaUserLoginInfoDao extends JpaBaseDao<UserLoginInfoEntity, Long> i
.setParameter("userId", userId).getResultList();
}
@Override
@SuppressWarnings("unchecked")
public List<UserLoginInfoEntity> findByRegistry(Long registryId) {
return em.createQuery("select e from UserLoginInfoEntity e where e.registry.id = :registryId")
.setParameter("registryId", registryId).getResultList();
}
@Override
@SuppressWarnings("unchecked")
public UserLoginInfoEntity findByRegistryTwofaSuccess(Long registryId) {
List<UserLoginInfoEntity> list = em.createQuery(
"select e from UserLoginInfoEntity e where e.registry.id = :registryId "
+ "and e.loginMethod = :loginMethod order by e.loginDate desc")
.setParameter("registryId", registryId)
.setParameter("loginMethod", UserLoginMethod.TWOFA)
.setMaxResults(1)
.getResultList();
if (list.size() == 0) {
return null;
}
else {
return list.get(0);
}
}
@Override
public Class<UserLoginInfoEntity> getEntityClass() {
return UserLoginInfoEntity.class;
......
......@@ -13,11 +13,14 @@ import edu.kit.scc.webreg.dao.RegistryDao;
import edu.kit.scc.webreg.dao.ServiceDao;
import edu.kit.scc.webreg.dao.SshPubKeyRegistryDao;
import edu.kit.scc.webreg.dao.UserDao;
import edu.kit.scc.webreg.dao.UserLoginInfoDao;
import edu.kit.scc.webreg.entity.RegistryEntity;
import edu.kit.scc.webreg.entity.RegistryStatus;
import edu.kit.scc.webreg.entity.ServiceEntity;
import edu.kit.scc.webreg.entity.SshPubKeyRegistryEntity;
import edu.kit.scc.webreg.entity.UserEntity;
import edu.kit.scc.webreg.entity.UserLoginInfoEntity;
import edu.kit.scc.webreg.entity.UserLoginInfoStatus;
import edu.kit.scc.webreg.exc.NoRegistryFoundException;
import edu.kit.scc.webreg.exc.NoUserFoundException;
import edu.kit.scc.webreg.exc.RestInterfaceException;
......@@ -42,6 +45,9 @@ public class SshLoginServiceImpl implements SshLoginService {
@Inject
private SshPubKeyRegistryDao sshPubKeyRegistryDao;
@Inject
private UserLoginInfoDao userLoginInfoDao;
@Override
public String authByUidNumberInteractive(ServiceEntity service, Long uidNumber, HttpServletRequest request)
throws IOException, RestInterfaceException {
......@@ -58,8 +64,26 @@ public class SshLoginServiceImpl implements SshLoginService {
if (registry == null)
throw new NoRegistryFoundException("No active registry for user");
List<SshPubKeyRegistryEntity> regKeyList = sshPubKeyRegistryDao.findByRegistryForInteractiveLogin(registry.getId());
return buildKeyList(regKeyList, user);
if (service.getServiceProps().containsKey("twofa") &&
service.getServiceProps().get("twofa").equalsIgnoreCase("enabled")) {
UserLoginInfoEntity loginInfo = userLoginInfoDao.findByRegistryTwofaSuccess(registry.getId());
if (loginInfo != null && loginInfo.getLoginStatus().equals(UserLoginInfoStatus.SUCCESS)) {
// check expiry for twofa
List<SshPubKeyRegistryEntity> regKeyList = sshPubKeyRegistryDao.findByRegistryForInteractiveLogin(registry.getId());
return buildKeyList(regKeyList, user);
}
else {
return "";
}
}
else {
List<SshPubKeyRegistryEntity> regKeyList = sshPubKeyRegistryDao.findByRegistryForInteractiveLogin(registry.getId());
return buildKeyList(regKeyList, user);
}
}
@Override
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment