Scroll to navigation

Lemonldap::NG::Portal::Main::SecondFactor(3pm) User Contributed Perl Documentation Lemonldap::NG::Portal::Main::SecondFactor(3pm)

NAME

Lemonldap::NG::Portal::Main::SecondFactor - Base class for Lemonldap::NG::Portal second factor plugins.

SYNOPSIS

  package Lemonldap::NG::Portal::2F::MySecondFactor;
  use Mouse;
  # Import used constants
  use Lemonldap::NG::Portal::Main::Constants qw(
    PE_OK
    PE_BADCREDENTIALS
    PE_SENDRESPONSE
  );
  extends 'Lemonldap::NG::Portal::Main::SecondFactor';
  
  # INITIALIZATION
  
  # Prefix that will be used in parameter names. The form used to enter the
  # second factor must post its result to "/my2fcheck" (if "my" is the prefix).
  has prefix => ( is => 'ro', default => 'my' );
  # Optional logo
  has logo => ( is => 'rw', default => 'mylogo.png' );
  
  # Required init method
  sub init {
      my ($self) = @_;
      # Insert here initialization process
      #
      # If self registration is enabled and "activation" is set to "enabled",
      # replace the rule to detect if user has registered a device key.
      # The rule must be like this :
      # By example :
      $self->conf->{u2fActivation} = '$_2fDevices =~ /"type":\s*"U2F"/s'
      # Optionally, the rule can be : '$_2fDevices and $_2fDevices =~ /"type":\s*"U2F"/s'
      # to avoid warning due to undef variable
      #
      # Required call:
      return $self->SUPER::init();
  }

  # RUNNING METHODS
  
  # Required 2nd factor send method
  sub run {
      my ( $self, $req, $token ) = @_;
      # $token must be inserted in a hidden input in your form with the name
      # "token"
      ...
      # A LLNG constant must be returned. Example:
      $req->response($my_psgi_response)
      return PE_SENDRESPONSE;
  }
  # Required 2nd factor verify method
  sub verify {
      my ( $self, $req, $session ) = @_;
      # Use $req->param('field') to get POST responses
      ...
      if($result eq $goodResult) {
        return PE_OK;
      }
      else {
        return PE_BADCREDENTIALS
      }
  }

Enable your plugin in lemonldap-ng.ini, section [portal]:

<prefix>2fActivation (required): 1, 0 or a rule
<prefix>2fAuthnLevel (optional): change authentication level for users authenticated by this plugin

Example:

  [portal]
  customPlugins = Lemonldap::NG::Portal::2F::MyPlugin
  my2fActivation = 1
  my2fAuthnLevel = 4

DESCRIPTION

Lemonldap::NG::Portal::Main::SecondFactor provides a simple framework to build Lemonldap::NG second authentication factor plugin.

See Lemonldap::NG::Portal::Plugins::2F::* packages for examples.

SEE ALSO

<http://lemonldap-ng.org>

OTHER POD FILES

Writing an authentication module: Lemonldap::NG::Portal::Auth
Writing a UserDB module: Lemonldap::NG::Portal::UserDB
Writing a second factor module: Lemonldap::NG::Portal::Main::SecondFactor
Writing an issuer module: Lemonldap::NG::Portal::Main::Issuer
Writing another plugin: Lemonldap::NG::Portal::Main::Plugin
Request object: Lemonldap::NG::Portal::Main::Request
Adding parameters in the manager: Lemonldap::NG::Manager::Build

AUTHORS

LemonLDAP::NG team <http://lemonldap-ng.org/team>

BUG REPORT

Use OW2 system to report bug or ask for features: <https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues>

DOWNLOAD

Lemonldap::NG is available at <http://forge.objectweb.org/project/showfiles.php?group_id=274>

COPYRIGHT AND LICENSE

See COPYING file for details.

This library is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>.

2019-10-04 perl v5.28.1