diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/U2F.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/U2F.pm
index 473f79ab7..fe3d4af22 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/U2F.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/U2F.pm
@@ -54,6 +54,37 @@ sub run {
$self->userLogger->warn("U2F Registration failed: $err");
return $self->p->sendError( $req, $err, 200 );
}
+
+ if ( $action eq 'unregister' ) {
+ my $challenge = $self->crypter->registrationChallenge;
+ return [ 200, [ 'Content-Type' => 'application/json' ], [$challenge] ];
+ }
+ if ( $action eq 'unregistration' ) {
+ my $resp;
+ unless ( $resp = $req->param('unregistration') ) {
+ return $self->p->sendError( $req, 'Missing unregistration parameter',
+ 400 );
+ }
+ $self->logger->debug("Get unregistration data $resp");
+ my ( $keyHandle, $userKey ) = $self->crypter->registrationVerify($resp);
+ if ( $keyHandle and $userKey ) {
+ $self->p->updatePersistentSession(
+ $req,
+ {
+ _u2fKeyHandle => 'NULL',
+ _u2fUserKey => 'NULL'
+ }
+ );
+ return [
+ 200, [ 'Content-Type' => 'application/json' ],
+ ['{"result":1}']
+ ];
+ }
+ my $err = Crypt::U2F::Server::Simple::lastError();
+ $self->userLogger->warn("U2F Unregistration failed: $err");
+ return $self->p->sendError( $req, $err, 200 );
+ }
+
if ( $action eq 'verify' ) {
my ( $err, $error ) = $self->loadUser($req);
if ( $err == -1 ) {
diff --git a/lemonldap-ng-portal/site/htdocs/static/common/js/u2fregistration.js b/lemonldap-ng-portal/site/htdocs/static/common/js/u2fregistration.js
index bb111170d..ba0317eb6 100644
--- a/lemonldap-ng-portal/site/htdocs/static/common/js/u2fregistration.js
+++ b/lemonldap-ng-portal/site/htdocs/static/common/js/u2fregistration.js
@@ -5,7 +5,7 @@ LemonLDAP::NG U2F registration script
*/
(function() {
- var displayError, register, setMsg, verify;
+ var displayError, register, setMsg, verify, unregister;
setMsg = function(msg, level) {
$('#msg').html(window.translate(msg));
@@ -72,6 +72,50 @@ LemonLDAP::NG U2F registration script
});
};
+ unregister = function() {
+ return $.ajax({
+ type: "POST",
+ url: portal + "u2fregister/unregister",
+ data: {},
+ dataType: 'json',
+ error: displayError,
+ success: function(ch) {
+ var request;
+ request = [
+ {
+ challenge: ch.challenge,
+ version: ch.version
+ }
+ ];
+ setMsg('touchU2fDevice', 'positive');
+ $('#u2fPermission').show();
+ return u2f.register(ch.appId, request, [], function(data) {
+ $('#u2fPermission').hide();
+ if (data.errorCode) {
+ return setMsg('unableToGetU2FKey', 'warning');
+ } else {
+ return $.ajax({
+ type: "POST",
+ url: portal + "u2fregister/unregistration",
+ data: {
+ registration: JSON.stringify(data)
+ },
+ dataType: 'json',
+ success: function(resp) {
+ if (resp.error) {
+ return setMsg('u2fFailed', 'warning');
+ } else if (resp.result) {
+ return setMsg('u2fUnregistered', 'positive');
+ }
+ },
+ error: displayError
+ });
+ }
+ });
+ }
+ });
+ };
+
verify = function() {
return $.ajax({
type: "POST",
@@ -120,6 +164,7 @@ LemonLDAP::NG U2F registration script
$('#u2fPermission').hide();
$('#register').on('click', register);
$('#verify').on('click', verify);
+ $('#unregister').on('click', unregister);
return $('#goback').attr('href', portal);
});
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/ar.json b/lemonldap-ng-portal/site/htdocs/static/languages/ar.json
index aa1aac0f0..c9b8a2ca5 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/ar.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/ar.json
@@ -176,7 +176,8 @@
"redirectionToIdp":"إعادة توجيهك إلى موفر الهوية الخاص بك",
"refreshrights": "قم بتحديث حقوقي",
"refuse":"رفض",
-"register": "Register",
+"register": "تسجيل",
+"unregister": "إلغاء",
"registerRequestAlreadyIssued":"تم إصدار طلب تسجيل لهذا الحساب من قبل",
"rememberChoice":"تذكر اختياري",
"removeOtherSessions":"إزالة الجلسات الأخرى",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/de.json b/lemonldap-ng-portal/site/htdocs/static/languages/de.json
index 6b5b5061d..30b8bbe35 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/de.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/de.json
@@ -176,7 +176,8 @@
"redirectionToIdp":"Redirection to your Identity Provider",
"refreshrights": "Refresh my rights",
"refuse":"Refuse",
-"register": "Register",
+"register": "Registrieren",
+"unregister": "Abmelden",
"registerRequestAlreadyIssued":"A register request for this account was already issued on ",
"rememberChoice":"Remember my choice",
"removeOtherSessions":"Remove other sessions",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/en.json b/lemonldap-ng-portal/site/htdocs/static/languages/en.json
index e31ce80d8..369066975 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/en.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/en.json
@@ -177,6 +177,7 @@
"refreshrights": "Refresh my rights",
"refuse":"Refuse",
"register": "Register",
+"unregister": "Unregister",
"registerRequestAlreadyIssued":"A register request for this account was already issued on ",
"rememberChoice":"Remember my choice",
"removeOtherSessions":"Remove other sessions",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/es.json b/lemonldap-ng-portal/site/htdocs/static/languages/es.json
index 6ae0bced4..e04db15ce 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/es.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/es.json
@@ -176,7 +176,8 @@
"redirectionToIdp":"Redirection to your Identity Provider",
"refreshrights": "Refresh my rights",
"refuse":"Refuse",
-"register": "Register",
+"register": "Registro",
+"unregister": "No Registrado",
"registerRequestAlreadyIssued":"A register request for this account was already issued on ",
"rememberChoice":"Remember my choice",
"removeOtherSessions":"Remove other sessions",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/fr.json b/lemonldap-ng-portal/site/htdocs/static/languages/fr.json
index 52bb19cd4..c2900eae2 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/fr.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/fr.json
@@ -177,6 +177,7 @@
"refreshrights": "Rafraîchir mes droits",
"refuse":"Refuser",
"register": "Enregistrer",
+"unregister": "Supprimer",
"registerRequestAlreadyIssued":"Une demande de création pour ce compte a déjà été faite le ",
"rememberChoice":"Se souvenir de mon choix",
"removeOtherSessions":"Fermer les autres sessions",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/it.json b/lemonldap-ng-portal/site/htdocs/static/languages/it.json
index c9bd98f9a..dfd62ea7e 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/it.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/it.json
@@ -177,6 +177,7 @@
"refreshrights": "Aggiorna i miei diritti",
"refuse":"Rifiuta",
"register": "Registra",
+"unregister": "Non Registra",
"registerRequestAlreadyIssued":"Una richiesta di registrazione per questo conto é già stata rilasciata il",
"rememberChoice":"Ricordarsi della mia scelta",
"removeOtherSessions":"Rimuovere altre sessioni",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/nl.json b/lemonldap-ng-portal/site/htdocs/static/languages/nl.json
index f72ed02a1..22cc0127d 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/nl.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/nl.json
@@ -176,7 +176,8 @@
"redirectionToIdp":"Redirection to your Identity Provider",
"refreshrights": "Refresh my rights",
"refuse":"Refuse",
-"register": "Register",
+"register": "Registeren",
+"unregister": "Uitschrijven",
"registerRequestAlreadyIssued":"A register request for this account was already issued on ",
"rememberChoice":"Remember my choice",
"removeOtherSessions":"Remove other sessions",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/pt.json b/lemonldap-ng-portal/site/htdocs/static/languages/pt.json
index eace16ecf..dc770fbba 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/pt.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/pt.json
@@ -176,7 +176,8 @@
"redirectionToIdp":"Redirection to your Identity Provider",
"refreshrights": "Refresh my rights",
"refuse":"Refuse",
-"register": "Register",
+"register": "Registo",
+"unregister": "Cancelar o Registro",
"registerRequestAlreadyIssued":"A register request for this account was already issued on ",
"rememberChoice":"Remember my choice",
"removeOtherSessions":"Remove other sessions",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/ro.json b/lemonldap-ng-portal/site/htdocs/static/languages/ro.json
index b088c0c02..92e5b2c82 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/ro.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/ro.json
@@ -177,6 +177,7 @@
"refreshrights": "Refresh my rights",
"refuse":"Refuse",
"register": "Register",
+"unregister": "Unregister",
"registerRequestAlreadyIssued":"A register request for this account was already issued on ",
"rememberChoice":"Remember my choice",
"removeOtherSessions":"Remove other sessions",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/vi.json b/lemonldap-ng-portal/site/htdocs/static/languages/vi.json
index 53fcfd035..37e72df69 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/vi.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/vi.json
@@ -177,6 +177,7 @@
"refreshrights": "Làm mới lại quyền của tôi",
"refuse":"Từ chối",
"register": "Đăng ký",
+"unregister": "Hủy đăng ký",
"registerRequestAlreadyIssued":"Yêu cầu đăng ký cho tài khoản này đã được cấp phát",
"rememberChoice":"Hãy nhớ sự lựa chọn của tôi",
"removeOtherSessions":"Xóa các phiên khác",
diff --git a/lemonldap-ng-portal/site/templates/bootstrap/u2fregister.tpl b/lemonldap-ng-portal/site/templates/bootstrap/u2fregister.tpl
index e2011438d..63f7371dd 100644
--- a/lemonldap-ng-portal/site/templates/bootstrap/u2fregister.tpl
+++ b/lemonldap-ng-portal/site/templates/bootstrap/u2fregister.tpl
@@ -18,6 +18,10 @@
Verify
+
+
+ Unregister
+