Append DecryptValue plugin (#1956)

lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm

@@ -5,7 +5,7 @@ use strict;
 use Exporter 'import';
 use base qw(Exporter);
 
-our $VERSION = '2.0.6';
+our $VERSION = '2.0.7';
 
 # CONSTANTS
 

lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm

@@ -1,7 +1,7 @@
 # This file is generated by Lemonldap::NG::Manager::Build. Don't modify it by hand
 package Lemonldap::NG::Common::Conf::DefaultValues;
 
-our $VERSION = '2.0.6';
+our $VERSION = '2.0.7';
 
 sub defaultValues {
     return {
@@ -52,6 +52,7 @@ sub defaultValues {
         'cspStyle'                       => '\'self\'',
         'dbiAuthnLevel'                  => 2,
         'dbiExportedVars'                => {},
+        'decryptValueRule'               => 0,
         'demoExportedVars'               => {
             'cn'   => 'cn',
             'mail' => 'mail',

lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm

@@ -5,7 +5,7 @@ use strict;
 use Exporter 'import';
 use base qw(Exporter);
 
-our $VERSION = '2.0.6';
+our $VERSION = '2.0.7';
 
 our %EXPORT_TAGS = ( 'all' => [qw($simpleHashKeys $doubleHashKeys $specialNodeKeys $casAppMetaDataNodeKeys $casSrvMetaDataNodeKeys $oidcOPMetaDataNodeKeys $oidcRPMetaDataNodeKeys $samlIDPMetaDataNodeKeys $samlSPMetaDataNodeKeys $virtualHostKeys $specialNodeHash $authParameters $issuerParameters $samlServiceParameters $oidcServiceParameters $casServiceParameters)] );
 our @EXPORT_OK   = ( @{ $EXPORT_TAGS{'all'} } );

lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/StatusConstants.pm

@@ -4,7 +4,7 @@ package Lemonldap::NG::Handler::Lib::StatusConstants;
 use strict;
 use Exporter 'import';
 
-our $VERSION = '2.0.6';
+our $VERSION = '2.0.7';
 
 sub portalConsts {
     return {
@@ -97,7 +97,8 @@ sub portalConsts {
         '91' => 'PE_OID_SERVICE_NOT_ALLOWED',
         '92' => 'PE_GET_SERVICE_NOT_ALLOWED',
         '93' => 'PE_IMPERSONATION_SERVICE_NOT_ALLOWED',
-        '94' => 'PE_ISSUERMISSINGREQATTR'
+        '94' => 'PE_ISSUERMISSINGREQATTR',
+        '95' => 'PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED'
     };
 
 }

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm

@@ -1,7 +1,7 @@
 # This file is generated by Lemonldap::NG::Manager::Build. Don't modify it by hand
 package Lemonldap::NG::Manager::Attributes;
 
-our $VERSION = '2.0.6';
+our $VERSION = '2.0.7';
 
 sub perlExpr {
     my ( $val, $conf ) = @_;
@@ -1100,6 +1100,10 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
         'dbiUserUser' => {
             'type' => 'text'
         },
+        'decryptValueRule' => {
+            'default' => 0,
+            'type'    => 'boolOrExpr'
+        },
         'demoExportedVars' => {
             'default' => {
                 'cn'   => 'cn',

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm

@@ -6,7 +6,7 @@
 
 package Lemonldap::NG::Manager::Build::Attributes;
 
-our $VERSION = '2.0.6';
+our $VERSION = '2.0.7';
 use strict;
 use Regexp::Common qw/URI/;
 
@@ -522,6 +522,12 @@ sub attributes {
             documentation => 'Stop context switching by logout',
             flags         => 'p',
         },
+        decryptValueRule => {
+            type          => 'boolOrExpr',
+            default       => 0,
+            documentation => 'Decrypt value activation rule',
+            flags         => 'p',
+        },
         skipRenewConfirmation => {
             type    => 'bool',
             default => 0,

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/PortalConstants.pm

@@ -5,7 +5,7 @@
 
 package Lemonldap::NG::Manager::Build::PortalConstants;
 
-our $VERSION = '2.0.6';
+our $VERSION = '2.0.7';
 
 sub portalConstants {
     return {
@@ -102,7 +102,7 @@ sub portalConstants {
         PE_GET_SERVICE_NOT_ALLOWED           => 92,
         PE_IMPERSONATION_SERVICE_NOT_ALLOWED => 93,
         PE_ISSUERMISSINGREQATTR              => 94,
-
+        PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED  => 95
     };
 }
 

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm

@@ -17,7 +17,7 @@
 
 package Lemonldap::NG::Manager::Build::Tree;
 
-our $VERSION = '2.0.6';
+our $VERSION = '2.0.7';
 
 # TODO: Missing:
 #  * activeTimer
@@ -712,6 +712,14 @@ sub tree {
                                 'contextSwitchingStopWithLogout',
                             ]
                         },
+                        {
+                            title => 'decryptValue',
+                            help  => 'decryptValueRule.html',
+                            form  => 'simpleInputContainer',
+                            nodes => [
+                                'decryptValueRule',
+                            ]
+                        },
                     ]
                 },
                 {

lemonldap-ng-manager/site/htdocs/static/languages/ar.json

@@ -230,6 +230,8 @@
 "dbiPasswordMailCol":"اسم حقل البريد",
 "dbiSchema":"مخطط",
 "dbiUserTable":"جدول المستخدم",
+"decryptValue":"Decrypt value",
+"decryptValueRule":"Use rule",
 "default":"الاعْتيادي",
 "defaultRule":"القاعدة الاعتيادية ",
 "demoModeOn":"هذا المدير يعمل في طريقة العرض",

lemonldap-ng-manager/site/htdocs/static/languages/de.json

@@ -230,6 +230,8 @@
 "dbiPasswordMailCol":"Mail field name",
 "dbiSchema":"Schema",
 "dbiUserTable":"User table",
+"decryptValue":"Decrypt value",
+"decryptValueRule":"Use rule",
 "default":"Default",
 "defaultRule":"Default rule",
 "demoModeOn":"This manager runs in demo mode",

lemonldap-ng-manager/site/htdocs/static/languages/en.json

@@ -230,6 +230,8 @@
 "dbiPasswordMailCol":"Mail field name",
 "dbiSchema":"Schema",
 "dbiUserTable":"User table",
+"decryptValue":"Decrypt value",
+"decryptValueRule":"Use rule",
 "default":"Default",
 "defaultRule":"Default rule",
 "demoModeOn":"This manager runs in demo mode",

lemonldap-ng-manager/site/htdocs/static/languages/fr.json

@@ -230,6 +230,8 @@
 "dbiPasswordMailCol":"Champ mail",
 "dbiSchema":"Schéma",
 "dbiUserTable":"Table des utilisateurs",
+"decryptValue":"Déchiffrement",
+"decryptValueRule":"Règle d'utilisation",
 "default":"Défaut",
 "defaultRule":"Règle par défaut",
 "demoModeOn":"Ce manager fonctionne en mode Demo",

lemonldap-ng-manager/site/htdocs/static/languages/it.json

@@ -230,6 +230,8 @@
 "dbiPasswordMailCol":"Nome del campo di posta",
 "dbiSchema":"Schema",
 "dbiUserTable":"Tabella utente",
+"decryptValue":"Decrypt value",
+"decryptValueRule":"Use rule",
 "default":"Predefinito",
 "defaultRule":"Regola predefinita",
 "demoModeOn":"Questo gestore viene eseguito in modalità demo",

lemonldap-ng-manager/site/htdocs/static/languages/vi.json

@@ -230,6 +230,8 @@
 "dbiPasswordMailCol":"Tên trường thư",
 "dbiSchema":"Giản đồ",
 "dbiUserTable":"Bảng người dùng",
+"decryptValue":"Decrypt value",
+"decryptValueRule":"Use rule",
 "default":"Mặc định",
 "defaultRule":"Quy tắc mặc định",
 "demoModeOn":"Trình quản lý này chạy ở chế độ demo",

lemonldap-ng-manager/site/htdocs/static/languages/zh.json

@@ -230,6 +230,8 @@
 "dbiPasswordMailCol":"Mail field name",
 "dbiSchema":"Schema",
 "dbiUserTable":"用户表",
+"decryptValue":"Decrypt value",
+"decryptValueRule":"Use rule",
 "default":"默认",
 "defaultRule":"默认规则",
 "demoModeOn":"This manager runs in demo mode",

lemonldap-ng-portal/MANIFEST

@@ -104,6 +104,7 @@ lib/Lemonldap/NG/Portal/Plugins/CDA.pm
 lib/Lemonldap/NG/Portal/Plugins/CheckState.pm
 lib/Lemonldap/NG/Portal/Plugins/CheckUser.pm
 lib/Lemonldap/NG/Portal/Plugins/ContextSwitching.pm
+lib/Lemonldap/NG/Portal/Plugins/DecryptValue.pm
 lib/Lemonldap/NG/Portal/Plugins/ForceAuthn.pm
 lib/Lemonldap/NG/Portal/Plugins/GrantSession.pm
 lib/Lemonldap/NG/Portal/Plugins/History.pm
@@ -366,6 +367,7 @@ site/templates/bootstrap/customhead.tpl
 site/templates/bootstrap/customheader.tpl
 site/templates/bootstrap/customLoginFooter.tpl
 site/templates/bootstrap/customLoginHeader.tpl
+site/templates/bootstrap/decryptvalue.tpl
 site/templates/bootstrap/error.tpl
 site/templates/bootstrap/ext2fcheck.tpl
 site/templates/bootstrap/footer.tpl

lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Constants.pm

@@ -4,7 +4,7 @@ package Lemonldap::NG::Portal::Main::Constants;
 use strict;
 use Exporter 'import';
 
-our $VERSION = '2.0.6';
+our $VERSION = '2.0.7';
 
 use constant HANDLER => 'Lemonldap::NG::Handler::PSGI::Main';
 use constant {
@@ -98,6 +98,7 @@ use constant {
     PE_GET_SERVICE_NOT_ALLOWED           => 92,
     PE_IMPERSONATION_SERVICE_NOT_ALLOWED => 93,
     PE_ISSUERMISSINGREQATTR              => 94,
+    PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED  => 95,
 };
 
 sub portalConsts {
@@ -191,7 +192,8 @@ sub portalConsts {
         '91' => 'PE_OID_SERVICE_NOT_ALLOWED',
         '92' => 'PE_GET_SERVICE_NOT_ALLOWED',
         '93' => 'PE_IMPERSONATION_SERVICE_NOT_ALLOWED',
-        '94' => 'PE_ISSUERMISSINGREQATTR'
+        '94' => 'PE_ISSUERMISSINGREQATTR',
+        '95' => 'PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED'
     };
 
 }
@@ -289,7 +291,8 @@ our @EXPORT_OK = (
     'PE_OID_SERVICE_NOT_ALLOWED',
     'PE_GET_SERVICE_NOT_ALLOWED',
     'PE_IMPERSONATION_SERVICE_NOT_ALLOWED',
-    'PE_ISSUERMISSINGREQATTR'
+    'PE_ISSUERMISSINGREQATTR',
+    'PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED'
 );
 our %EXPORT_TAGS = ( 'all' => [ @EXPORT_OK, 'import' ], );
 

lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm

@@ -2,7 +2,7 @@
 # into "plugins" list in lemonldap-ng.ini, section "portal"
 package Lemonldap::NG::Portal::Main::Plugins;
 
-our $VERSION = '2.0.6';
+our $VERSION = '2.0.7';
 
 package Lemonldap::NG::Portal::Main;
 
@@ -28,6 +28,7 @@ our @pList = (
     checkUser                  => '::Plugins::CheckUser',
     impersonationRule          => '::Plugins::Impersonation',
     contextSwitchingRule       => '::Plugins::ContextSwitching',
+    decryptValueRule           => '::Plugins::DecryptValue'
 );
 
 ##@method list enabledPlugins

lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/DecryptValue.pm

@@ -0,0 +1,158 @@
+package Lemonldap::NG::Portal::Plugins::DecryptValue;
+
+use strict;
+use Mouse;
+use Lemonldap::NG::Portal::Main::Constants qw(
+  PE_TOKENEXPIRED
+  PE_NOTOKEN
+  PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED
+);
+
+our $VERSION = '2.0.7';
+
+extends qw(
+  Lemonldap::NG::Portal::Main::Plugin
+  Lemonldap::NG::Portal::Lib::_tokenRule
+);
+
+# INITIALIZATION
+has rule => ( is => 'rw', default => sub { 0 } );
+has ott  => (
+    is      => 'rw',
+    lazy    => 1,
+    default => sub {
+        my $ott =
+          $_[0]->{p}->loadModule('Lemonldap::NG::Portal::Lib::OneTimeToken');
+        $ott->timeout( $_[0]->{conf}->{formTimeout} );
+        return $ott;
+    }
+);
+
+sub init {
+    my ($self) = @_;
+    my $hd = $self->p->HANDLER;
+    $self->addAuthRoute( decryptvalue => 'run', ['POST'] )
+      ->addAuthRouteWithRedirect( decryptvalue => 'display', ['GET'] );
+
+    # Parse activation rule
+    $self->logger->debug(
+        'DecryptValue rule -> ' . $self->conf->{decryptValueRule} );
+    my $rule =
+      $hd->buildSub( $hd->substitute( $self->conf->{decryptValueRule} ) );
+    unless ($rule) {
+        $self->error( 'Bad decryptValue rule -> ' . $hd->tsv->{jail}->error );
+        return 0;
+    }
+    $self->rule($rule);
+
+    return 1;
+}
+
+# RUNNING METHOD
+sub display {
+    my ( $self, $req ) = @_;
+
+    # Check access rules
+    unless ( $self->rule->( $req, $req->userData ) ) {
+        $self->userLogger->warn('decryptValue service NOT authorized');
+        return $self->p->do( $req,
+            [ sub { PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED } ] );
+    }
+
+    # Display form
+    my $params = {
+        PORTAL    => $self->conf->{portal},
+        MAIN_LOGO => $self->conf->{portalMainLogo},
+        SKIN      => $self->p->getSkin($req),
+        LANGS     => $self->conf->{showLanguages},
+        MSG       => 'decryptCipheredValue',
+        ALERTE    => 'alert-warning',
+        TOKEN     => (
+              $self->ottRule->( $req, {} )
+            ? $self->ott->createToken()
+            : ''
+        )
+    };
+    return $self->sendJSONresponse( $req, $params ) if ( $req->wantJSON );
+
+    # Display form
+    return $self->p->sendHtml( $req, 'decryptvalue', params => $params );
+}
+
+sub run {
+    my ( $self, $req ) = @_;
+    my $msg = '';
+
+    # Check access rules
+    unless ( $self->rule->( $req, $req->userData ) ) {
+        $self->userLogger->warn('decryptValue service NOT authorized');
+        return $self->p->do( $req,
+            [ sub { PE_DECRYPTVALUE_SERVICE_NOT_ALLOWED } ] );
+    }
+
+    # Check token
+    if ( $self->ottRule->( $req, {} ) ) {
+        my $token = $req->param('token');
+        unless ($token) {
+            $self->userLogger->warn('decryptValue try without token');
+            $msg   = PE_NOTOKEN;
+            $token = $self->ott->createToken();
+        }
+
+        unless ( $self->ott->getToken($token) ) {
+            $self->userLogger->warn('decryptValue try with expired/bad token');
+            $msg   = PE_TOKENEXPIRED;
+            $token = $self->ott->createToken();
+        }
+
+        my $params = {
+            PORTAL    => $self->conf->{portal},
+            MAIN_LOGO => $self->conf->{portalMainLogo},
+            SKIN      => $self->p->getSkin($req),
+            LANGS     => $self->conf->{showLanguages},
+            MSG       => "PE$msg",
+            ALERTE    => 'alert-warning',
+            TOKEN     => $token,
+        };
+        return $self->p->sendJSONresponse( $req, $params )
+          if ( $req->wantJSON );
+        return $self->p->sendHtml( $req, 'decryptvalue', params => $params )
+          if $msg;
+    }
+
+    my $cipheredValue = $req->param('cipheredValue') || '';
+    my $decryptedValue =
+      $self->p->HANDLER->tsv->{cipher}->decrypt($cipheredValue)
+      if $cipheredValue;
+
+    $self->logger->debug("decryptValue try with : $cipheredValue");
+    $self->logger->debug("Decrypted value = $decryptedValue") if $decryptedValue;
+
+    # Display form
+    my $params = {
+        PORTAL    => $self->conf->{portal},
+        MAIN_LOGO => $self->conf->{portalMainLogo},
+        SKIN      => $self->p->getSkin($req),
+        LANGS     => $self->conf->{showLanguages},
+        MSG       => 'decryptCipheredValue',
+        DECRYPTED => (
+            $decryptedValue ? $decryptedValue
+            : 'notAnEncryptedValue'
+        ),
+        DALERTE => (
+            $decryptedValue ? 'alert-info'
+            : 'alert-danger'
+        ),
+        ALERTE => 'alert-warning',
+        TOKEN  => (
+            $self->ottRule->( $req, {} ) ? $self->ott->createToken()
+            : ''
+        )
+    };
+    return $self->p->sendJSONresponse( $req, $params ) if ( $req->wantJSON );
+
+    # Display form
+    return $self->p->sendHtml( $req, 'decryptvalue', params => $params );
+}
+
+1;

lemonldap-ng-portal/site/htdocs/static/languages/ar.json

@@ -84,6 +84,7 @@
 "PE92":"Access not granted on GET service",
 "PE93":"Access not granted on IMPERSONATION service",
 "PE94":"A required attribute is not available",
+"PE95":"Access not granted on DECRYPT service",
 "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.",
 "accept":"قبول",
 "accessDenied":"ليس لديك إذن بالدخول لهذا التطبيق",
@@ -113,6 +114,7 @@
 "checkUserComputeSession":"Computed session data!",
 "choose2f":"Choose your second factor",
 "chooseApp":"اختر أحد التطبيقات المسموح لك بالدخول إليها",
+"cipheredValue":"Ciphered value",
 "clickHere":"الرجاء الضغط هنا",
 "clickOnYubikey":"Click on your Yubikey",
 "closeSSO":"أغلق جلسة الدخول الموحد (سسو)",
@@ -126,6 +128,7 @@
 "createAccount":"انشئ حساب",
 "currentPwd":"كلمة المرور الحالية",
 "date":"تاريخ",
+"decryptCipheredValue":"Decrypt a ciphered value",
 "enterCred":"الرجاء إدخال بيانات الاعتماد الخاصة بك",
 "enterExt2fCode":"تم إرسال رمز إليك. الرجاء إدخاله",
 "enterMail2fCode":"A code has been sent to your email address. Please enter it",
@@ -176,6 +179,7 @@
 "newPassword":"كلمة مرور جديدة",
 "newPwdSentTo":"تم إرسال تأكيد إلى عنوان بريدك الإلكتروني.",
 "noHistory":"هذا هو أول اتصال، مرحبا بك!",
+"notAnEncryptedValue":"It is not an encrypted value",
 "notAuthorized":"You're not authorized to do this",
 "notFound":"لم يتم العثور: محاولة الدخول إلى صفحة غير متوفرة",
 "noTOTPFound":"No TOTP found",

lemonldap-ng-portal/site/htdocs/static/languages/de.json

@@ -84,6 +84,7 @@
 "PE92":"Zugang zum GET-Service nicht genehmigt",
 "PE93":"Access not granted on IMPERSONATION service",
 "PE94":"A required attribute is not available",
+"PE95":"Access not granted on DECRYPT service",
 "2fRegRequired":"Dieser Dienst benötigt Zwei-Faktor-Authentifizierung. Bitte legen Sie ein Gerät an und gehen dann zum Portal zurück.",
 "accept":"Akzeptieren",
 "accessDenied":"Sie haben keine Zugriffsberechtigung für diese Anwendung",
@@ -113,6 +114,7 @@
 "checkUserComputeSession":"Computed session data!",
 "choose2f":"Wählen deinen Ihren zweiten Faktor",
 "chooseApp":"Wählen Sie eine Anwendung aus, auf die du zugreifen darfst",
+"cipheredValue":"Ciphered value",
 "clickHere":"Bitte hier klicken",
 "clickOnYubikey":"Klicke auf deinen Yubikey",
 "closeSSO":"Schließe deine SSO-Sitzung",
@@ -126,6 +128,7 @@
 "createAccount":"Konto erstellen",
 "currentPwd":"Aktuelles Passwort",
 "date":"Datum",
+"decryptCipheredValue":"Decrypt a ciphered value",
 "enterCred":"Bitte geben deine Zugangsdaten ein",
 "enterExt2fCode":"Ein Code wurde an dich gesendet. Bitte gebe diesen ein",
 "enterMail2fCode":"A code has been sent to your email address. Please enter it",
@@ -176,6 +179,7 @@
 "newPassword":"Neues Passwort",
 "newPwdSentTo":"Eine Bestätigung wurde an deine E-Mail Adresse gesendet.",
 "noHistory":"Das ist deine erste Verbindung, willkommen!",
+"notAnEncryptedValue":"It is not an encrypted value",
 "notAuthorized":"Du bist nicht dazu berechtigt",
 "notFound":"Nicht gefunden: Du versuchst, auf eine nicht verfügbare Seite zuzugreifen",
 "noTOTPFound":"Kein TOTP gefunden",

lemonldap-ng-portal/site/htdocs/static/languages/en.json

@@ -84,6 +84,7 @@
 "PE92":"Access not granted on GET service",
 "PE93":"Access not granted on IMPERSONATION service",
 "PE94":"A required attribute is not available",
+"PE95":"Access not granted on DECRYPT service",
 "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.",
 "accept":"Accept",
 "accessDenied":"You have no access authorization for this application",
@@ -113,6 +114,7 @@
 "checkUserComputeSession":"Computed session data!",
 "choose2f":"Choose your second factor",
 "chooseApp":"Choose an application your are allowed to access to",
+"cipheredValue":"Ciphered value",
 "clickHere":"Please click here",
 "clickOnYubikey":"Click on your Yubikey",
 "closeSSO":"Close your SSO session",
@@ -126,6 +128,7 @@
 "createAccount":"Create an account",
 "currentPwd":"Current password",
 "date":"Date",
+"decryptCipheredValue":"Decrypt a ciphered value",
 "enterCred":"Please enter your credentials",
 "enterExt2fCode":"A code has been sent to you. Please enter it",
 "enterMail2fCode":"A code has been sent to your email address. Please enter it",
@@ -176,6 +179,7 @@
 "newPassword":"New password",
 "newPwdSentTo":"A confirmation has been sent to your mail address.",
 "noHistory":"This is your first connection, welcome!",
+"notAnEncryptedValue":"It is not an encrypted value",
 "notAuthorized":"You're not authorized to do this",
 "notFound": "Not found: you try to access to an unavailable page",
 "noTOTPFound":"No TOTP found",

lemonldap-ng-portal/site/htdocs/static/languages/es.json

@@ -84,6 +84,7 @@
 "PE92":"Acceso no autorizado al servicio GET",
 "PE93":"Acceso no concedido al servicio de SUPLANTACIÓN",
 "PE94":"Un atributo obligatorio no está presente",
+"PE95":"Access not granted on DECRYPT service",
 "2fRegRequired":"Este servicio necesita la autenticación de dos factores. Registre un dispositivo ahora, luego reingrese al portal.",
 "accept":"Aceptar",
 "accessDenied":"No está autorizado a acceder a esta aplicación",
@@ -113,6 +114,7 @@
 "checkUserComputeSession":"¡Datos de sesión calculados!",
 "choose2f":"Seleccione su segundo factor",
 "chooseApp":"Elija una aplicación a la cual se le está permitido acceder",
+"cipheredValue":"Ciphered value",
 "clickHere":"Por favor haga clic aquí",
 "clickOnYubikey":"Haga clic en su Yubikey",
 "closeSSO":"Cierre su sesión SSO",
@@ -126,6 +128,7 @@
 "createAccount":"Crear una cuenta",
 "currentPwd":"Contraseña actual",
 "date":"Fecha",
+"decryptCipheredValue":"Decrypt a ciphered value",
 "enterCred":"Por favor ingrese sus credenciales",
 "enterExt2fCode":"Un código le ha sido enviado. Por favor ingréselo ",
 "enterMail2fCode":"Un código le ha sido enviado a dirección de e-mail. Por favor ingréselo",
@@ -176,6 +179,7 @@
 "newPassword":"Contraseña nueva",
 "newPwdSentTo":"Una confirmación ha sido enviada a su dirección de e-mail.",
 "noHistory":"Esta es su primera conexión, bienvenido.",
+"notAnEncryptedValue":"It is not an encrypted value",
 "notAuthorized":"Usted no está autorizado a hacer esto",
 "notFound":"No encontrado: página no disponible",
 "noTOTPFound":"TOTP no encontrado",

lemonldap-ng-portal/site/htdocs/static/languages/fi.json

@@ -84,6 +84,7 @@
 "PE92":"Access not granted on GET service",
 "PE93":"Access not granted on IMPERSONATION service",
 "PE94":"A required attribute is not available",
+"PE95":"Access not granted on DECRYPT service",
 "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.",
 "accept":"Hyväksy",
 "accessDenied":"Sinulla ei ole käyttöoikeutta tähän sovellukseen",
@@ -113,6 +114,7 @@
 "checkUserComputeSession":"Computed session data!",
 "choose2f":"Choose your second factor",
 "chooseApp":"Choose an application your are allowed to access to",
+"cipheredValue":"Ciphered value",
 "clickHere":"Please click here",
 "clickOnYubikey":"Click on your Yubikey",
 "closeSSO":"Sulje SSO istuntosi",
@@ -126,6 +128,7 @@
 "createAccount":"Rekisteröidy",
 "currentPwd":"Nykyinen salasana",
 "date":"Päivämäärä",
+"decryptCipheredValue":"Decrypt a ciphered value",
 "enterCred":"Syötä käyttäjätietosi",
 "enterExt2fCode":"A code has been sent to you. Please enter it",
 "enterMail2fCode":"A code has been sent to your email address. Please enter it",
@@ -176,6 +179,7 @@
 "newPassword":"Uusi salasana",
 "newPwdSentTo":"A confirmation has been sent to your mail address.",
 "noHistory":"This is your first connection, welcome!",
+"notAnEncryptedValue":"It is not an encrypted value",
 "notAuthorized":"You're not authorized to do this",
 "notFound":"Not found: you try to access to an unavailable page",
 "noTOTPFound":"No TOTP found",

lemonldap-ng-portal/site/htdocs/static/languages/fr.json

@@ -84,6 +84,7 @@
 "PE92":"Accès non autorisé au service GET",
 "PE93":"Accès non autorisé au service d'Usurpation d'Identité",
 "PE94":"Un attribut exigé n'est pas disponible",
+"PE95":"Accès non autorisé au service de déchiffrement",
 "2fRegRequired":"Ce service requiert une authentification à deux facteurs. Enregistrez un équipement ici et retournez au portail.",
 "accept":"Accepter",
 "accessDenied":"Vous n'avez pas les droits d'accès à cette application",
@@ -113,6 +114,7 @@
 "checkUserComputeSession":"Données de session issues d'une évaluation !",
 "choose2f":"Choisissez votre second facteur",
 "chooseApp":"Choisissez une application à laquelle vous êtes autorisé à accéder",
+"cipheredValue":"Valeur cryptée",
 "clickHere":"Cliquez ici",
 "clickOnYubikey":"Cliquez sur votre Yubikey",
 "closeSSO":"Fermer votre Session SSO",
@@ -126,6 +128,7 @@
 "createAccount":"Créer un compte",
 "currentPwd":"Mot de passe actuel",
 "date":"Date",
+"decryptCipheredValue":"Déchiffrer une valeur cryptée",
 "enterCred":"Merci de vous authentifier",
 "enterExt2fCode":"Un code vous a été envoyé, entrez-le ici",
 "enterMail2fCode":"Un code vous a été envoyé par mail, entrez-le ici",
@@ -176,6 +179,7 @@
 "newPassword":"Nouveau mot de passe",
 "newPwdSentTo":"Une confirmation a été envoyée à votre adresse mail.",
 "noHistory":"Ceci est votre première connexion. Bienvenue !",
+"notAnEncryptedValue":"Ce n'est pas une valeur cryptée",
 "notAuthorized":"Vous n'êtes pas autorisé à faire cette requête",
 "notFound": "Non trouvé : vous tentez d'accéder à une page non disponible",
 "noTOTPFound":"Aucun secret TOTP trouvé",

lemonldap-ng-portal/site/htdocs/static/languages/it.json

@@ -84,6 +84,7 @@
 "PE92":"Accesso non concesso sul servizio GET",
 "PE93":"Accesso non concesso sul servizio IMPERSONATION",
 "PE94":"A required attribute is not available",
+"PE95":"Access not granted on DECRYPT service",
 "2fRegRequired":"Questo servizio richiede un'autenticazione a doppio fattore. Registrare un dispositivo ora, quindi tornare al portale.",
 "accept":"Accetta",
 "accessDenied":"Non hai un'autorizzazione di accesso per questa applicazione",
@@ -113,6 +114,7 @@
 "checkUserComputeSession":"Computed session data!",
 "choose2f":"Scegli il tuo secondo fattore",
 "chooseApp":"Scegli un'applicazione alla quale ti è consentito l'accesso",
+"cipheredValue":"Ciphered value",
 "clickHere":"Per favore clicka qui",
 "clickOnYubikey":"Clicca sulla tua Yubikey",
 "closeSSO":"Chiudi la sessione SSO",
@@ -126,6 +128,7 @@
 "createAccount":"Crea un account",
 "currentPwd":"Password attuale",
 "date":"Data",
+"decryptCipheredValue":"Decrypt a ciphered value",
 "enterCred":"Inserisci le tue credenziali",
 "enterExt2fCode":"Un codice vi é stato inviato. Inseritelo",
 "enterMail2fCode":"A code has been sent to your email address. Please enter it",
@@ -176,6 +179,7 @@
 "newPassword":"Nuova password",
 "newPwdSentTo":"Una conferma è stata inviata all'indirizzo di posta elettronica.",
 "noHistory":"Questa è la tua prima connessione, benvenuto!",
+"notAnEncryptedValue":"It is not an encrypted value",
 "notAuthorized":"Non sei autorizzato a farlo",
 "notFound":"Non trovato: si tenta di accedere ad una pagina non disponibile",
 "noTOTPFound":"Nessun TOTP trovato",

lemonldap-ng-portal/site/htdocs/static/languages/nl.json

@@ -84,6 +84,7 @@
 "PE92":"Onbevoegde toegang tot de GET-service",
 "PE93":"Access not granted on IMPERSONATION service",
 "PE94":"A required attribute is not available",
+"PE95":"Access not granted on DECRYPT service",
 "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.",
 "accept":"Accept",
 "accessDenied":"You have no access authorization for this application",
@@ -113,6 +114,7 @@
 "checkUserComputeSession":"Computed session data!",
 "choose2f":"Choose your second factor",
 "chooseApp":"Choose an application your are allowed to access to",
+"cipheredValue":"Ciphered value",
 "clickHere":"Please click here",
 "clickOnYubikey":"Click on your Yubikey",
 "closeSSO":"Close your SSO session",
@@ -126,6 +128,7 @@
 "createAccount":"Create an account",
 "currentPwd":"Current password",
 "date":"Date",
+"decryptCipheredValue":"Decrypt a ciphered value",
 "enterCred":"Please enter your credentials",
 "enterExt2fCode":"A code has been sent to you. Please enter it",
 "enterMail2fCode":"A code has been sent to your email address. Please enter it",
@@ -176,6 +179,7 @@
 "newPassword":"New password",
 "newPwdSentTo":"A confirmation has been sent to your mail address.",
 "noHistory":"This is your first connection, welcome!",
+"notAnEncryptedValue":"It is not an encrypted value",
 "notAuthorized":"You're not authorized to do this",
 "notFound":"Not found: you try to access to an unavailable page",
 "noTOTPFound":"No TOTP found",

lemonldap-ng-portal/site/htdocs/static/languages/pt.json

@@ -84,6 +84,7 @@
 "PE92":"Acesso não autorizado ao serviço GET",
 "PE93":"Access not granted on IMPERSONATION service",
 "PE94":"Um atributo exigido não está disponível",
+"PE95":"Access not granted on DECRYPT service",
 "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.",
 "accept":"Accept",
 "accessDenied":"You have no access authorization for this application",
@@ -113,6 +114,7 @@
 "checkUserComputeSession":"Computed session data!",
 "choose2f":"Choose your second factor",
 "chooseApp":"Choose an application your are allowed to access to",
+"cipheredValue":"Ciphered value",
 "clickHere":"Please click here",
 "clickOnYubikey":"Click on your Yubikey",
 "closeSSO":"Close your SSO session",
@@ -126,6 +128,7 @@
 "createAccount":"Create an account",
 "currentPwd":"Current password",
 "date":"Date",
+"decryptCipheredValue":"Decrypt a ciphered value",
 "enterCred":"Please enter your credentials",
 "enterExt2fCode":"A code has been sent to you. Please enter it",
 "enterMail2fCode":"A code has been sent to your email address. Please enter it",
@@ -176,6 +179,7 @@
 "newPassword":"New password",
 "newPwdSentTo":"A confirmation has been sent to your mail address.",
 "noHistory":"This is your first connection, welcome!",
+"notAnEncryptedValue":"It is not an encrypted value",
 "notAuthorized":"You're not authorized to do this",
 "notFound":"Not found: you try to access to an unavailable page",
 "noTOTPFound":"No TOTP found",

lemonldap-ng-portal/site/htdocs/static/languages/ro.json

@@ -84,6 +84,7 @@
 "PE92":"Access not granted on GET service",
 "PE93":"Access not granted on IMPERSONATION service",
 "PE94":"A required attribute is not available",
+"PE95":"Access not granted on DECRYPT service",
 "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.",
 "accept":"Accept",
 "accessDenied":"You have no access authorization for this application",
@@ -113,6 +114,7 @@
 "checkUserComputeSession":"Computed session data!",
 "choose2f":"Choose your second factor",
 "chooseApp":"Choose an application your are allowed to access to",
+"cipheredValue":"Ciphered value",
 "clickHere":"Please click here",
 "clickOnYubikey":"Click on your Yubikey",
 "closeSSO":"Close your SSO session",
@@ -126,6 +128,7 @@
 "createAccount":"Create an account",
 "currentPwd":"Current password",
 "date":"Date",
+"decryptCipheredValue":"Decrypt a ciphered value",
 "enterCred":"Please enter your credentials",
 "enterExt2fCode":"A code has been sent to you. Please enter it",
 "enterMail2fCode":"A code has been sent to your email address. Please enter it",
@@ -176,6 +179,7 @@
 "newPassword":"New password",
 "newPwdSentTo":"A confirmation has been sent to your mail address.",
 "noHistory":"This is your first connection, welcome!",
+"notAnEncryptedValue":"It is not an encrypted value",
 "notAuthorized":"You're not authorized to do this",
 "notFound":"Not found: you try to access to an unavailable page",
 "noTOTPFound":"No TOTP found",

lemonldap-ng-portal/site/htdocs/static/languages/vi.json

@@ -84,6 +84,7 @@
 "PE92":"Truy cập không được cấp trên dịch vụ GET",
 "PE93":"Access not granted on IMPERSONATION service",
 "PE94":"Một thuộc tính bắt buộc không có sẵn",
+"PE95":"Access not granted on DECRYPT service",
 "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.",
 "accept":"Chấp nhận",
 "accessDenied":"Bạn không có quyền truy cập vào ứng dụng này",
@@ -113,6 +114,7 @@
 "checkUserComputeSession":"Computed session data!",
 "choose2f":"Choose your second factor",
 "chooseApp":"Chọn một ứng dụng bạn được phép truy cập vào",
+"cipheredValue":"Ciphered value",
 "clickHere":"Vui lòng nhấp vào đây",
 "clickOnYubikey":"Click on your Yubikey",
 "closeSSO":"Đóng phiên SSO của bạn",
@@ -126,6 +128,7 @@
 "createAccount":"Tạo một tài khoản",
 "currentPwd":"Mật khẩu hiện tại",
 "date":"Ngày",
+"decryptCipheredValue":"Decrypt a ciphered value",
 "enterCred":"Vui lòng nhập thông tin đăng nhập của bạn",
 "enterExt2fCode":"Một mã đã được gửi cho bạn. Hãy nhập nó",
 "enterMail2fCode":"A code has been sent to your email address. Please enter it",
@@ -176,6 +179,7 @@
 "newPassword":"Mật khẩu mới",
 "newPwdSentTo":"Một xác nhận đã được gửi đến địa chỉ thư của bạn.",
 "noHistory":"Đây là kết nối đầu tiên của bạn, chào mừng!",
+"notAnEncryptedValue":"It is not an encrypted value",
 "notAuthorized":"You're not authorized to do this",
 "notFound":"Không tìm thấy: bạn cố gắng truy cập vào một trang không có sẵn",
 "noTOTPFound":"Đăng xuất khỏi các ứng dụng khác",

lemonldap-ng-portal/site/htdocs/static/languages/zh.json

@@ -84,6 +84,7 @@
 "PE92":"Access not granted on GET service",
 "PE93":"Access not granted on IMPERSONATION service",
 "PE94":"A required attribute is not available",
+"PE95":"Access not granted on DECRYPT service",
 "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.",
 "accept":"Accept 方法",
 "accessDenied":"您无权访问此应用",
@@ -113,6 +114,7 @@
 "checkUserComputeSession":"Computed session data!",
 "choose2f":"Choose your second factor",
 "chooseApp":"Choose an application your are allowed to access to",
+"cipheredValue":"Ciphered value",
 "clickHere":"请点击这里",
 "clickOnYubikey":"Click on your Yubikey",
 "closeSSO":"Close your SSO session",
@@ -126,6 +128,7 @@
 "createAccount":"创建账户",
 "currentPwd":"当前密码",
 "date":"日期",
+"decryptCipheredValue":"Decrypt a ciphered value",
 "enterCred":"请输入您的认证信息",
 "enterExt2fCode":"验证法已发送，请输入",
 "enterMail2fCode":"A code has been sent to your email address. Please enter it",
@@ -176,6 +179,7 @@
 "newPassword":"新密码",
 "newPwdSentTo":"确认邮件已发送至您的邮箱",
 "noHistory":"欢迎，这是您的首次登陆",
+"notAnEncryptedValue":"It is not an encrypted value",
 "notAuthorized":"您没有权限进行该项操作",
 "notFound":"无法找到：您请求的网页不存在。",
 "noTOTPFound":"No TOTP found",

lemonldap-ng-portal/site/templates/bootstrap/decryptvalue.tpl

@@ -0,0 +1,38 @@
+<TMPL_INCLUDE NAME="header.tpl">
+
+<div id="errorcontent" class="container">
+  <div class="alert <TMPL_VAR NAME="ALERTE"> alert"><div class="text-center"><span trspan="<TMPL_VAR NAME="MSG">"></span></div></div>
+
+  <TMPL_IF NAME="DECRYPTED">
+  <div class="alert <TMPL_VAR NAME="DALERTE"> alert"><div class="text-center"><span trspan="<TMPL_VAR NAME="DECRYPTED">"></span></div></div>
+  </TMPL_IF>
+
+  <form id="findUser" action="/decryptvalue" method="post" class="password" role="form">
+    <div class="buttons">
+      <TMPL_IF NAME="TOKEN">
+      <input type="hidden" name="token" value="<TMPL_VAR NAME="TOKEN">" />
+      </TMPL_IF>
+
+      <div class="input-group mb-3">
+        <div class="input-group-prepend">
+          <span class="input-group-text"><i class="fa fa-random icon-blue"></i> </span>
+        </div>
+        <input name="cipheredValue" type="text" class="form-control" trplaceholder="cipheredValue" autocomplete="off" aria-required="false"/>
+      </div>
+
+      <button type="submit" class="btn btn-success">
+        <span class="fa fa-search"></span>
+        <span trspan="search">Search</span>
+      </button>
+    </div>
+  </form>
+    <div class="buttons">
+      <a href="<TMPL_VAR NAME="PORTAL_URL">" class="btn btn-primary" role="button">
+        <span class="fa fa-home"></span>
+        <span trspan="goToPortal">Go to portal</span>
+      </a>
+    </div>
+  </div>
+</div>
+
+<TMPL_INCLUDE NAME="footer.tpl">