Proxmox/pve-manager
5
0
Fork 0
Code Pull Requests Releases Activity

allow to set/edit two factor authentication

Browse Source
This commit is contained in:
Dietmar Maurer 2014-07-18 11:45:58 +02:00
parent 89e00d1ab9
commit c5ebd41fd3
4 changed files with 131 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
debian/changelog.Debian vendored
View File

@ -1,7 +1,9 @@
pve-manager (3.2-17) unstable; urgency=low
* include improved Spanish translation
* include improved Spanish translation
* allow to set/edit two factor authentication (yubico, oath)
-- Proxmox Support Team <support@proxmox.com> Fri, 18 Jul 2014 08:23:02 +0200
pve-manager (3.2-16) unstable; urgency=low

10
www/manager/Parser.js
View File

@ -285,5 +285,15 @@ Ext.define('PVE.Parser', { statics: {
return datastr;
},
parseTfaConfig: function(value) {
var res = {};
Ext.Array.each(value.split(','), function(p) {
var kva = p.split(/=/, 2);
res[kva[0]] = kva[1];
});
return res;
}
}});

153
www/manager/dc/AuthEdit.js
View File

@ -63,17 +63,22 @@ Ext.define('PVE.dc.AuthEdit', {
fieldLabel: gettext('User Attribute Name'),
allowBlank: false
});
} else if (me.authType === 'pve') {
if (me.create) throw 'unknown auth type';
me.subject = 'Proxmox VE authentication server';
} else if (me.authType === 'pam') {
if (me.create) throw 'unknown auth type';
me.subject = 'linux PAM';
} else {
throw 'unknown auth type ';
}
column1.push({
xtype: 'textfield',
name: 'comment',
fieldLabel: gettext('Comment')
});
column1.push({
xtype: 'pvecheckbox',
fieldLabel: gettext('Default'),
@ -81,39 +86,89 @@ Ext.define('PVE.dc.AuthEdit', {
uncheckedValue: 0
});
var column2 = [
{
xtype: 'textfield',
fieldLabel: gettext('Server'),
name: 'server1',
allowBlank: false
},
{
xtype: 'pvetextfield',
fieldLabel: gettext('Fallback Server'),
deleteEmpty: !me.create,
name: 'server2'
},
{
xtype: 'numberfield',
name: 'port',
fieldLabel: gettext('Port'),
minValue: 1,
maxValue: 65535,
emptyText: gettext('Default'),
submitEmptyText: false
},
{
xtype: 'pvecheckbox',
fieldLabel: 'SSL',
name: 'secure',
uncheckedValue: 0
}
];
var column2 = [];
if (me.authType === 'ldap' || me.authType === 'ad') {
column2.push([
{
xtype: 'textfield',
fieldLabel: gettext('Server'),
name: 'server1',
allowBlank: false
},
{
xtype: 'pvetextfield',
fieldLabel: gettext('Fallback Server'),
deleteEmpty: !me.create,
name: 'server2'
},
{
xtype: 'numberfield',
name: 'port',
fieldLabel: gettext('Port'),
minValue: 1,
maxValue: 65535,
emptyText: gettext('Default'),
submitEmptyText: false
},
{
xtype: 'pvecheckbox',
fieldLabel: 'SSL',
name: 'secure',
uncheckedValue: 0
}
]);
}
// Two Factor Auth settings
column2.push({
xtype: 'pveKVComboBox',
name: 'tfa',
value: '',
fieldLabel: gettext('TFA'),
data: [ ['', 'none'], ['oath', 'OATH'], ['yubico', 'Yubico']],
listeners: {
change: function(f, value) {
if (!me.rendered) {
return;
}
me.down('field[name=yubico_api_id]').setVisible(value === 'yubico');
me.down('field[name=yubico_api_key]').setVisible(value === 'yubico');
me.down('field[name=yubico_url]').setVisible(value === 'yubico');
}
}
});
column2.push({
xtype: 'textfield',
name: 'yubico_api_id',
hidden: true,
fieldLabel: 'Yubico API Id'
});
column2.push({
xtype: 'textfield',
name: 'yubico_api_key',
hidden: true,
fieldLabel: 'Yubico API Key'
});
column2.push({
xtype: 'textfield',
name: 'yubico_url',
hidden: true,
fieldLabel: 'Yubico URL'
});
var ipanel = Ext.create('PVE.panel.InputPanel', {
column1: column1,
column2: column2,
columnB: [{
xtype: 'textfield',
name: 'comment',
fieldLabel: gettext('Comment')
}],
onGetValues: function(values) {
if (!values.port) {
if (!me.create) {
@ -126,6 +181,23 @@ Ext.define('PVE.dc.AuthEdit', {
values.type = me.authType;
}
if (values.tfa === 'oath') {
values.tfa = "type=oath";
} else if (values.tfa === 'yubico') {
values.tfa = "type=yubico";
values.tfa += ",id=" + values.yubico_api_id;
values.tfa += ",key=" + values.yubico_api_key;
if (values.yubico_url) {
values.tfa += ",url=" + values.yubico_url;
}
} else {
delete values.tfa;
}
delete values.yubico_api_id;
delete values.yubico_api_key;
delete values.yubico_url;
return values;
}
});
@ -150,6 +222,17 @@ Ext.define('PVE.dc.AuthEdit', {
me.close();
throw "got wrong auth type";
}
if (data.tfa) {
var tfacfg = PVE.Parser.parseTfaConfig(data.tfa);
data.tfa = tfacfg.type;
if (tfacfg.type === 'yubico') {
data.yubico_api_key = tfacfg.key;
data.yubico_api_id = tfacfg.id;
data.yubico_url = tfacfg.url;
}
}
me.setValues(data);
}
});

7
www/manager/dc/AuthView.js
View File

@ -26,10 +26,6 @@ Ext.define('PVE.dc.AuthView', {
return;
}
if (rec.data.type === 'pve' || rec.data.type === 'pam') {
return;
}
var win = Ext.create('PVE.dc.AuthEdit',{
realm: rec.data.realm,
authType: rec.data.type
@ -42,9 +38,6 @@ Ext.define('PVE.dc.AuthView', {
text: gettext('Edit'),
disabled: true,
selModel: sm,
enableFn: function(rec) {
return !(rec.data.type === 'pve' || rec.data.type === 'pam');
},
handler: run_editor
});