Remove Auth::Yubikey (#1399)

7 years ago · e89db33b5e
parent c6908b87a2
commit e89db33b5e
14 changed files with 3 additions and 165 deletions
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm
@ -264,9 +264,7 @@ sub defaultValues {
        'whatToTrace'                             => 'uid',
        'yubikey2fActivation'                     => 0,
        'yubikey2fPublicIDSize'                   => 12,
-        'yubikey2fSelfRegistration'               => 0,
-        'yubikeyAuthnLevel'                       => 3,
-        'yubikeyPublicIDSize'                     => 12
+        'yubikey2fSelfRegistration'               => 0
    };
 }

--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm
@ -57,7 +57,6 @@ our $authParameters = {
  sslParams => [qw(SSLAuthnLevel SSLVar SSLVarIf sslByAjax sslHost)],
  twitterParams => [qw(twitterAuthnLevel twitterKey twitterSecret twitterAppName)],
  webidParams => [qw(webIDAuthnLevel webIDExportedVars webIDWhitelist)],
-  yubikeyParams => [qw(yubikeyAuthnLevel yubikeyClientID yubikeySecretKey yubikeyPublicIDSize)],
 };
 our $issuerParameters = {
  issuerDBCAS => [qw(issuerDBCASActivation issuerDBCASPath issuerDBCASRule casAttr casAttributes casAccessControlPolicy)],
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
@ -368,10 +368,6 @@ sub attributes {
                        'k' => 'WebID',
                        'v' => 'WebID'
                    },
-                    {
-                        'k' => 'Yubikey',
-                        'v' => 'Yubikey'
-                    },
                    {
                        'k' => 'Custom',
                        'v' => 'customModule'
@ -546,10 +542,6 @@ sub attributes {
                    'k' => 'WebID',
                    'v' => 'WebID'
                },
-                {
-                    'k' => 'Yubikey',
-                    'v' => 'Yubikey'
-                },
                {
                    'k' => 'Demo',
                    'v' => 'Demonstration'
@ -821,10 +813,6 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
                    'k' => 'WebID',
                    'v' => 'WebID'
                },
-                {
-                    'k' => 'Yubikey',
-                    'v' => 'Yubikey'
-                },
                {
                    'k' => 'Demo',
                    'v' => 'Demonstration'
@ -3438,20 +3426,6 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-
        'yubikey2fUrl' => {
            'type' => 'text'
        },
-        'yubikeyAuthnLevel' => {
-            'default' => 3,
-            'type'    => 'int'
-        },
-        'yubikeyClientID' => {
-            'type' => 'text'
-        },
-        'yubikeyPublicIDSize' => {
-            'default' => 12,
-            'type'    => 'int'
-        },
-        'yubikeySecretKey' => {
-            'type' => 'text'
-        },
        'zimbraAccountKey' => {
            'type' => 'text'
        },
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
@ -2134,7 +2134,6 @@ sub attributes {
                { k => 'SSL',         v => 'SSL' },
                { k => 'Twitter',     v => 'Twitter' },
                { k => 'WebID',       v => 'WebID' },
-                { k => 'Yubikey',     v => 'Yubikey' },
                { k => 'Demo',        v => 'Demonstration' },
                { k => 'Choice',      v => 'authChoice' },
                { k => 'Combination', v => 'combineMods' },
@ -2714,7 +2713,6 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
                    { k => 'SSL',           v => 'SSL' },
                    { k => 'Twitter',       v => 'Twitter' },
                    { k => 'WebID',         v => 'WebID' },
-                    { k => 'Yubikey',       v => 'Yubikey' },
                    { k => 'Custom',        v => 'customModule' },
                ],
                [
@ -2773,7 +2771,6 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
                { k => 'SSL',      v => 'SSL' },
                { k => 'Twitter',  v => 'Twitter' },
                { k => 'WebID',    v => 'WebID' },
-                { k => 'Yubikey',  v => 'Yubikey' },
                { k => 'Demo',     v => 'Demonstration' },
                { k => 'CAS',    v => 'Central Authentication Service (CAS)' },
                { k => 'OpenID', v => 'OpenID' },
@ -2787,20 +2784,6 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
            ],
        },

-        # Yubikey
-        yubikeyAuthnLevel => {
-            type          => 'int',
-            default       => 3,
-            documentation => 'Yubikey authentication level',
-        },
-        yubikeyClientID     => { type => 'text', },
-        yubikeySecretKey    => { type => 'text', },
-        yubikeyPublicIDSize => {
-            type          => 'int',
-            default       => 12,
-            documentation => 'Yubikey public ID size',
-        },
-
        # Custom auth modules
        customAuth => {
            type          => 'text',
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm
@ -388,15 +388,6 @@ sub tree {
                                'webIDWhitelist'
                            ]
                        },
-                        {
-                            title => 'yubikeyParams',
-                            help  => 'authyubikey.html',
-                            form  => 'simpleInputContainer',
-                            nodes => [
-                                'yubikeyAuthnLevel', 'yubikeyClientID',
-                                'yubikeySecretKey',  'yubikeyPublicIDSize'
-                            ]
-                        },
                        {
                            title => 'customParams',
                            help  => 'authcustom.html',
--- a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json
@ -794,11 +794,6 @@
 "yubikey2fSecretKey":"مفتاح سرأل API",
 "yubikey2fSelfRegistration":"التسجيل الذاتي",
 "yubikey2fUrl":"Service URL",
-"yubikeyAuthnLevel":"مستوى إثبات الهوية",
-"yubikeyClientID":"API  العميل ID",
-"yubikeyParams":"معاييرYubikey",
-"yubikeyPublicIDSize":"حجم الجزء العام لي OTP آي دي",
-"yubikeySecretKey":"مفتاح سرأل API",
 "zeroConfExplanations":"لا يحتوي الخادم على إعدادات. استخدام قالب لحفظ الأول",

 "saml":"SAML",
--- a/lemonldap-ng-manager/site/htdocs/static/languages/en.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/en.json
@ -794,11 +794,6 @@
 "yubikey2fSecretKey":"API secret key",
 "yubikey2fSelfRegistration":"Self registration",
 "yubikey2fUrl":"Service URL",
-"yubikeyAuthnLevel":"Authentication level",
-"yubikeyClientID":"API client ID",
-"yubikeyParams":"Yubikey parameters",
-"yubikeyPublicIDSize":"OTP public ID part size",
-"yubikeySecretKey":"API secret key",
 "zeroConfExplanations":"Server has no configuration. Use template to save the first.",

 "saml":"SAML",
--- a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json
@ -794,11 +794,6 @@
 "yubikey2fSecretKey":"Clef secrète de l'API",
 "yubikey2fSelfRegistration":"Auto-enregistrement",
 "yubikey2fUrl":"URL du service",
-"yubikeyAuthnLevel":"Niveau d'authentification",
-"yubikeyClientID":"Identifiant client de l'API",
-"yubikeyParams":"Paramètres Yubikey",
-"yubikeyPublicIDSize":"Taille de la partie publique de l'OTP",
-"yubikeySecretKey":"Clef secrète de l'API",
 "zeroConfExplanations":"Le serveur ne dispose pas de configuration. Cette configuration de base vous permet d'en initialiser une.",

 "saml":"SAML",
--- a/lemonldap-ng-manager/site/htdocs/static/languages/it.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/it.json
@ -794,11 +794,6 @@
 "yubikey2fSecretKey":"Chiave segreta API",
 "yubikey2fSelfRegistration":"Auto-registrazione",
 "yubikey2fUrl":"Service URL",
-"yubikeyAuthnLevel":"Livello di autenticazione",
-"yubikeyClientID":"ID client API",
-"yubikeyParams":"Parametri Yubikey",
-"yubikeyPublicIDSize":"Dimensione della parte ID OTP pubblica",
-"yubikeySecretKey":"Chiave segreta API",
 "zeroConfExplanations":"Il server non ha alcuna configurazione. Utilizza il modello per salvare il primo.",

 "saml":"SAML",
--- a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json
+++ b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json
@ -794,11 +794,6 @@
 "yubikey2fSecretKey":"Khóa bí mật API",
 "yubikey2fSelfRegistration":"Tự đăng ký",
 "yubikey2fUrl":"Service URL",
-"yubikeyAuthnLevel":"Mức xác thực",
-"yubikeyClientID":"ID ứng dụng khách API",
-"yubikeyParams":"Tham số Yubikey",
-"yubikeyPublicIDSize":"Kích thước phần tử công khai OTP",
-"yubikeySecretKey":"Khóa bí mật API",
 "zeroConfExplanations":"Máy chủ không có cấu hình. Sử dụng mẫu để lưu đầu tiên. ",

 "saml":"SAML",
--- a/lemonldap-ng-manager/site/htdocs/static/reverseTree.json
+++ b/lemonldap-ng-manager/site/htdocs/static/reverseTree.json
--- a/lemonldap-ng-manager/site/htdocs/static/struct.json
+++ b/lemonldap-ng-manager/site/htdocs/static/struct.json
--- a/lemonldap-ng-portal/MANIFEST
+++ b/lemonldap-ng-portal/MANIFEST
@ -46,7 +46,6 @@ lib/Lemonldap/NG/Portal/Auth/Slave.pm
 lib/Lemonldap/NG/Portal/Auth/SSL.pm
 lib/Lemonldap/NG/Portal/Auth/Twitter.pm
 lib/Lemonldap/NG/Portal/Auth/WebID.pm
-lib/Lemonldap/NG/Portal/Auth/Yubikey.pm
 lib/Lemonldap/NG/Portal/CDC.pm
 lib/Lemonldap/NG/Portal/Issuer/CAS.pm
 lib/Lemonldap/NG/Portal/Issuer/Get.pm
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/Yubikey.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/Yubikey.pm
@ -1,81 +0,0 @@
-package Lemonldap::NG::Portal::Auth::Yubikey;
-
-use strict;
-use Mouse;
-use JSON;
-use Lemonldap::NG::Common::UserAgent;
-use HTTP::Request;
-use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_ERROR PE_FORMEMPTY);
-
-our $VERSION = '2.0.0';
-
-extends 'Lemonldap::NG::Portal::Main::Auth';
-
-# INITIALIZATION
-
-# Try to load Yubikey perl module
-sub init {
-    my ($self) = @_;
-    eval { require Auth::Yubikey_WebClient };
-    if ($@) {
-        $self->error($@);
-        return 0;
-    }
-    unless ($self->conf->{yubikeyClientID}
-        and $self->conf->{yubikeySecretKey} )
-    {
-        $self->logger->error(
-            "Missing mandatory parameters (Client ID and secret key)");
-        return 0;
-    }
-    $self->conf->{yubikeyPublicIDSize} ||= 12;
-    return 1;
-}
-
-sub extractFormInfo {
-    my ( $self, $req ) = @_;
-
-    # Get OTP
-    my $otp = $req->param('yubikeyOTP');
-    return PE_FORMEMPTY unless $otp;
-
-    $self->logger->debug("Received Yubikey OTP $otp");
-
-    # Verify OTP
-    my $result = Auth::Yubikey_WebClient::yubikey_webclient(
-        $otp,
-        $self->conf->{yubikeyClientID},
-        $self->conf->{yubikeySecretKey}
-    );
-
-    if($result ne 'OK') {
-        $self->userLogger->warn('Yubikey verification failed');
-        return PE_BADCREDENTIALS;
-    }
-
-    # Store user, which is the public ID part of the OTP
-    $req->{user} = substr( $otp, 0, $self->conf->{yubikeyPublicIDSize} );
-
-    PE_OK;
-}
-
-sub authenticate {
-    PE_OK;
-}
-
-sub setAuthSessionInfo {
-    my ( $self, $req ) = @_;
-    $req->{sessionInfo}->{authenticationLevel} =
-      $self->conf->{yubikeyAuthnLevel};
-    PE_OK;
-}
-
-sub authLogout {
-    PE_OK;
-}
-
-sub getDisplayType {
-    return 'yubikeyform';
-}
-
-1;