1
0
mirror of https://github.com/dkmstr/openuds.git synced 2024-12-22 13:34:04 +03:00

fixed simpleldap mfa support

This commit is contained in:
Adolfo Gómez García 2023-03-22 02:47:17 +01:00
parent 5c9dd741d3
commit f7886abfbc
No known key found for this signature in database
GPG Key ID: DD1ABF20724CDA23

View File

@ -328,6 +328,12 @@ class SimpleLDAPAuthenticator(auths.Authenticator):
) = vals[14:17]
self._verifySsl = gui.strToBool(verifySsl)
def mfaStorageKey(self, username: str) -> str:
return 'mfa_' + str(self.dbAuthenticator().uuid) + username
def mfaIdentifier(self, username: str) -> str:
return self.storage.getPickle(self.mfaStorageKey(username)) or ''
def __connection(
self
):
@ -371,13 +377,17 @@ class SimpleLDAPAuthenticator(auths.Authenticator):
@return: None if username is not found, an dictionary of LDAP entry attributes if found.
@note: Active directory users contains the groups it belongs to in "memberOf" attribute
"""
attributes = [i for i in self._userNameAttr.split(',') + [self._userIdAttr]]
if self._mfaAttr:
attributes = attributes + [self._mfaAttr]
return ldaputil.getFirst(
con=self.__connection(),
base=self._ldapBase,
objectClass=self._userClass,
field=self._userIdAttr,
value=username,
attributes=[i for i in self._userNameAttr.split(',') + [self._userIdAttr]],
attributes=attributes,
sizeLimit=LDAP_RESULT_LIMIT,
)
@ -473,6 +483,13 @@ class SimpleLDAPAuthenticator(auths.Authenticator):
)
return False
# store the user mfa attribute if it is set
if self._mfaAttr:
self.storage.putPickle(
self.mfaStorageKey(username),
user[self._mfaAttr][0],
)
groupsManager.validate(self.__getGroups(user))
return True