mirror of
https://github.com/dkmstr/openuds.git
synced 2024-12-22 13:34:04 +03:00
fixed simpleldap mfa support
This commit is contained in:
parent
5c9dd741d3
commit
f7886abfbc
@ -328,6 +328,12 @@ class SimpleLDAPAuthenticator(auths.Authenticator):
|
||||
) = vals[14:17]
|
||||
self._verifySsl = gui.strToBool(verifySsl)
|
||||
|
||||
def mfaStorageKey(self, username: str) -> str:
|
||||
return 'mfa_' + str(self.dbAuthenticator().uuid) + username
|
||||
|
||||
def mfaIdentifier(self, username: str) -> str:
|
||||
return self.storage.getPickle(self.mfaStorageKey(username)) or ''
|
||||
|
||||
def __connection(
|
||||
self
|
||||
):
|
||||
@ -371,13 +377,17 @@ class SimpleLDAPAuthenticator(auths.Authenticator):
|
||||
@return: None if username is not found, an dictionary of LDAP entry attributes if found.
|
||||
@note: Active directory users contains the groups it belongs to in "memberOf" attribute
|
||||
"""
|
||||
attributes = [i for i in self._userNameAttr.split(',') + [self._userIdAttr]]
|
||||
if self._mfaAttr:
|
||||
attributes = attributes + [self._mfaAttr]
|
||||
|
||||
return ldaputil.getFirst(
|
||||
con=self.__connection(),
|
||||
base=self._ldapBase,
|
||||
objectClass=self._userClass,
|
||||
field=self._userIdAttr,
|
||||
value=username,
|
||||
attributes=[i for i in self._userNameAttr.split(',') + [self._userIdAttr]],
|
||||
attributes=attributes,
|
||||
sizeLimit=LDAP_RESULT_LIMIT,
|
||||
)
|
||||
|
||||
@ -473,6 +483,13 @@ class SimpleLDAPAuthenticator(auths.Authenticator):
|
||||
)
|
||||
return False
|
||||
|
||||
# store the user mfa attribute if it is set
|
||||
if self._mfaAttr:
|
||||
self.storage.putPickle(
|
||||
self.mfaStorageKey(username),
|
||||
user[self._mfaAttr][0],
|
||||
)
|
||||
|
||||
groupsManager.validate(self.__getGroups(user))
|
||||
|
||||
return True
|
||||
|
Loading…
Reference in New Issue
Block a user