new configuration version
This commit is contained in:
haburger
parent
42684d5271
commit
692dfd46d1
|
|
@ -45,7 +45,7 @@ spec:
|
|||
podDisruptionBudget:
|
||||
maxUnavailable: "50%"
|
||||
git:
|
||||
tag: "r-be4d7b3836489983642da8c01294cab133468c44"
|
||||
tag: "r-7c3dca6bb9792f14907f6128a654a963518cbcca"
|
||||
dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth"
|
||||
credentials: "git-credentials"
|
||||
keystores:
|
||||
|
|
|
|||
Binary file not shown.
Binary file not shown.
|
|
@ -94,11 +94,12 @@ if (!session['ch.adnovum.nevisidm.userDto'].contains("<properties><name>idVerifi
|
|||
|
||||
json['items'].eachWithIndex { az, i ->
|
||||
if (az.roleExtId == level100RoleExtid) {
|
||||
agovAq100AuthEndpoint = "${endpoint}/${az.extId}"
|
||||
aq100AuthRestURL = "${endpoint}/${az.extId}"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
endpoint = "${aq100AuthRestURL}/properties"
|
||||
|
||||
def patchRequest = new HTTPRequestWrapper()
|
||||
|
|
|
|||
|
|
@ -186,7 +186,7 @@
|
|||
<!-- source: pattern://f63c475c35b616b7c6c1901c -->
|
||||
<ResultCond name="default" next="Auth_Realm_Main_IDP_Mobile_NLess_Auth"/>
|
||||
<!-- source: pattern://f63c475c35b616b7c6c1901c -->
|
||||
<ResultCond name="fido2" next="Auth_Realm_Main_IDP_FIDO2_ResetSessionInfos"/>
|
||||
<ResultCond name="fido2" next="Auth_Realm_Main_IDP_fido2_fetchCaptchaInfos"/>
|
||||
<!-- source: pattern://f63c475c35b616b7c6c1901c -->
|
||||
<ResultCond name="ok" next="Auth_Realm_Main_IDP_Mobile_NLess_Auth_Processing"/>
|
||||
<!-- source: pattern://f63c475c35b616b7c6c1901c -->
|
||||
|
|
@ -220,18 +220,24 @@
|
|||
<!-- source: pattern://f63c475c35b616b7c6c1901c -->
|
||||
<property name="parameter.recoveryurl" value="https://auth.agov-w.azure.adnovum.net/AUTH/RECOVERY/"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_FIDO2_ResetSessionInfos" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false">
|
||||
<!-- source: pattern://887ada57500885703a4a9408 -->
|
||||
<ResultCond name="ok" next="Auth_Realm_Main_IDP_fido2_fetchCaptchaInfos"/>
|
||||
<!-- source: pattern://887ada57500885703a4a9408 -->
|
||||
<AuthState name="Auth_Realm_Main_IDP_fido2_fetchCaptchaInfos" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false">
|
||||
<!-- source: pattern://f39352769cb2a1c88e1a176d -->
|
||||
<ResultCond name="error" next="Auth_Realm_Main_IDP_Mobile_NLess_Auth"/>
|
||||
<!-- source: pattern://f39352769cb2a1c88e1a176d -->
|
||||
<ResultCond name="ok" next="Auth_Realm_Main_IDP_Email_Input"/>
|
||||
<!-- source: pattern://f39352769cb2a1c88e1a176d -->
|
||||
<Response value="AUTH_ERROR">
|
||||
<!-- source: pattern://887ada57500885703a4a9408 -->
|
||||
<!-- source: pattern://f39352769cb2a1c88e1a176d -->
|
||||
<Arg name="ch.nevis.isiweb4.response.status" value="403"/>
|
||||
</Response>
|
||||
<!-- source: pattern://887ada57500885703a4a9408 -->
|
||||
<property name="sess:agov.fido2.X-ReCAPTCHA-Integration" value=""/>
|
||||
<!-- source: pattern://887ada57500885703a4a9408 -->
|
||||
<property name="removeOnEmptyValue" value="true"/>
|
||||
<!-- source: pattern://f39352769cb2a1c88e1a176d -->
|
||||
<property name="parameter.realIpHttpHeaderName" value="X-Forwarded-For"/>
|
||||
<!-- source: pattern://f39352769cb2a1c88e1a176d -->
|
||||
<property name="parameter.url" value="https://utility.agov-d.azure.adnovum.net/utility/api/v1/configinfo"/>
|
||||
<!-- source: pattern://f39352769cb2a1c88e1a176d -->
|
||||
<property name="scriptTraceGroup" value="AgovCaptcha"/>
|
||||
<!-- source: pattern://f39352769cb2a1c88e1a176d -->
|
||||
<property name="script" value="file:///var/opt/nevisauth/default/conf/fido2_fetchcaptchainfos.groovy"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_Mobile_NLess_Auth_Processing" class="ch.nevis.auth.fido.uaf.authstate.OutOfBandFidoUafAuthState" final="false" resumeState="false">
|
||||
<!-- source: pattern://f63c475c35b616b7c6c1901c -->
|
||||
|
|
@ -267,22 +273,37 @@
|
|||
<!-- source: pattern://d76231eaa88cb1645ce44cf3 -->
|
||||
<property name="script" value="file:///var/opt/nevisauth/default/conf/createuuid.groovy"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_fido2_fetchCaptchaInfos" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false">
|
||||
<!-- source: pattern://f39352769cb2a1c88e1a176d -->
|
||||
<ResultCond name="error" next="Auth_Realm_Main_IDP_Mobile_NLess_Auth"/>
|
||||
<!-- source: pattern://f39352769cb2a1c88e1a176d -->
|
||||
<ResultCond name="ok" next="Auth_Realm_Main_IDP_Email_Input"/>
|
||||
<!-- source: pattern://f39352769cb2a1c88e1a176d -->
|
||||
<Response value="AUTH_ERROR">
|
||||
<!-- source: pattern://f39352769cb2a1c88e1a176d -->
|
||||
<Arg name="ch.nevis.isiweb4.response.status" value="403"/>
|
||||
<AuthState name="Auth_Realm_Main_IDP_Email_Input" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="true" resumeState="true">
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<ResultCond name="cancel" next="Auth_Realm_Main_IDP_Mobile_NLess_Auth"/>
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<ResultCond name="stay" next="Auth_Realm_Main_IDP_Email_Input"/>
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<ResultCond name="timeout" next="Auth_Realm_Main_IDP_ReturnTimeoutButKeepSession"/>
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<ResultCond name="verifyEmail" next="Auth_Realm_Main_IDP_fido2_fetchCaptchaResult"/>
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<Response value="AUTH_CONTINUE">
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<Gui name="user_input">
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<GuiElem name="authRequestId" type="hidden" value="${sess:ch.nevis.auth.saml.request.id}" optional="true"/>
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<GuiElem name="email" type="text" label="prompt.email" value="#{(inargs.getProperty('userInputValue_prompt.email') != null) ? inargs.getProperty('userInputValue_prompt.email') : session.get('ch.nevis.idm.User.email')}" optional="true"/>
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<GuiElem name="captchaSettings.enabled" type="hidden" value="${sess:agov.fido2.captchaSettings.enabled}" optional="true"/>
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<GuiElem name="friendlyCaptchaSettings.siteKey" type="hidden" value="${sess:agov.fido2.captchaSettings.siteKey}" optional="true"/>
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<GuiElem name="friendlyCaptchaSettings.puzzleUrl" type="hidden" value="${sess:agov.fido2.captchaSettings.puzzleUrl}" optional="true"/>
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<GuiElem name="cancelFido2" type="submit" label="cancel.button.label" value="cancelFido2"/>
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<GuiElem name="submit" type="submit" label="submit.button.label" value="submit"/>
|
||||
</Gui>
|
||||
</Response>
|
||||
<!-- source: pattern://f39352769cb2a1c88e1a176d -->
|
||||
<property name="parameter.url" value="https://utility.agov-d.azure.adnovum.net/utility/api/v1/configinfo"/>
|
||||
<!-- source: pattern://f39352769cb2a1c88e1a176d -->
|
||||
<property name="scriptTraceGroup" value="AgovCaptcha"/>
|
||||
<!-- source: pattern://f39352769cb2a1c88e1a176d -->
|
||||
<property name="script" value="file:///var/opt/nevisauth/default/conf/fido2_fetchcaptchainfos.groovy"/>
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<property name="script" value="file:///var/opt/nevisauth/default/conf/sanitizeAndDispatchEmailInput.groovy"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_FidoUAF_VariableStep" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false">
|
||||
<!-- source: pattern://56c67433c7a47b6cb06f011a -->
|
||||
|
|
@ -361,37 +382,35 @@
|
|||
<!-- source: pattern://bfd395eb0dab50aff2f2c01b -->
|
||||
<property name="out.audienceRestriction" value="https://me.agov-d.azure.adnovum.net/registration/api/saml2/service-provider-metadata/agovidpdirect"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_Email_Input" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="true" resumeState="true">
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<ResultCond name="cancel" next="Auth_Realm_Main_IDP_Mobile_NLess_Auth"/>
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<ResultCond name="stay" next="Auth_Realm_Main_IDP_Email_Input"/>
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<ResultCond name="timeout" next="Auth_Realm_Main_IDP_ReturnTimeoutButKeepSession"/>
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<ResultCond name="verifyEmail" next="Auth_Realm_Main_IDP_fido2_fetchCaptchaResult"/>
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<AuthState name="Auth_Realm_Main_IDP_ReturnTimeoutButKeepSession" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false" resumeState="true">
|
||||
<!-- source: pattern://826166d230a6a4849f2837ae -->
|
||||
<Response value="AUTH_CONTINUE">
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<Gui name="user_input">
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<GuiElem name="authRequestId" type="hidden" value="${sess:ch.nevis.auth.saml.request.id}" optional="true"/>
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<GuiElem name="email" type="text" label="prompt.email" value="#{(inargs.getProperty('userInputValue_prompt.email') != null) ? inargs.getProperty('userInputValue_prompt.email') : session.get('ch.nevis.idm.User.email')}" optional="true"/>
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<GuiElem name="captchaSettings.enabled" type="hidden" value="${sess:agov.fido2.captchaSettings.enabled}" optional="true"/>
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<GuiElem name="friendlyCaptchaSettings.siteKey" type="hidden" value="${sess:agov.fido2.captchaSettings.siteKey}" optional="true"/>
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<GuiElem name="friendlyCaptchaSettings.puzzleUrl" type="hidden" value="${sess:agov.fido2.captchaSettings.puzzleUrl}" optional="true"/>
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<GuiElem name="cancelFido2" type="submit" label="cancel.button.label" value="cancelFido2"/>
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<GuiElem name="submit" type="submit" label="submit.button.label" value="submit"/>
|
||||
</Gui>
|
||||
<!-- source: pattern://826166d230a6a4849f2837ae -->
|
||||
<Gui name="NotUsed"/>
|
||||
</Response>
|
||||
<!-- source: pattern://e3cac41e75980361d7d26bde -->
|
||||
<property name="script" value="file:///var/opt/nevisauth/default/conf/sanitizeAndDispatchEmailInput.groovy"/>
|
||||
<!-- source: pattern://826166d230a6a4849f2837ae -->
|
||||
<property name="parameter.cookie.domain" value="agov-w.azure.adnovum.net"/>
|
||||
<!-- source: pattern://826166d230a6a4849f2837ae -->
|
||||
<property name="script" value="file:///var/opt/nevisauth/default/conf/returnTimeoutButKeepSession.groovy"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_fido2_fetchCaptchaResult" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false">
|
||||
<!-- source: pattern://699f22cf1cd4ad08bd973f31 -->
|
||||
<ResultCond name="error" next="Auth_Realm_Main_IDP_Email_Input"/>
|
||||
<!-- source: pattern://699f22cf1cd4ad08bd973f31 -->
|
||||
<ResultCond name="exit.1" next="Auth_Realm_Main_IDP_Email_Input"/>
|
||||
<!-- source: pattern://699f22cf1cd4ad08bd973f31 -->
|
||||
<ResultCond name="ok" next="Auth_Realm_Main_IDP_Fido_Email_Verify"/>
|
||||
<!-- source: pattern://699f22cf1cd4ad08bd973f31 -->
|
||||
<Response value="AUTH_ERROR">
|
||||
<!-- source: pattern://699f22cf1cd4ad08bd973f31 -->
|
||||
<Arg name="ch.nevis.isiweb4.response.status" value="403"/>
|
||||
</Response>
|
||||
<!-- source: pattern://699f22cf1cd4ad08bd973f31 -->
|
||||
<property name="parameter.url" value="https://utility.agov-d.azure.adnovum.net/utility/api/v2/captcha/"/>
|
||||
<!-- source: pattern://699f22cf1cd4ad08bd973f31 -->
|
||||
<property name="scriptTraceGroup" value="AgovCaptcha"/>
|
||||
<!-- source: pattern://699f22cf1cd4ad08bd973f31 -->
|
||||
<property name="script" value="file:///var/opt/nevisauth/default/conf/fido2_fetchcaptcharesult.groovy"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_Mobile_UserID_Verify" class="ch.nevis.idm.authstate.IdmUserVerifyState" final="false" resumeState="false">
|
||||
<!-- source: pattern://c686c1bdd5355351f7f98cc8 -->
|
||||
|
|
@ -449,35 +468,48 @@
|
|||
<!-- source: pattern://bfd395eb0dab50aff2f2c01b -->
|
||||
<property name="script" value="file:///var/opt/nevisauth/default/conf/handleRedirectRegistration.groovy"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_ReturnTimeoutButKeepSession" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false" resumeState="true">
|
||||
<!-- source: pattern://826166d230a6a4849f2837ae -->
|
||||
<Response value="AUTH_CONTINUE">
|
||||
<!-- source: pattern://826166d230a6a4849f2837ae -->
|
||||
<Gui name="NotUsed"/>
|
||||
</Response>
|
||||
<!-- source: pattern://826166d230a6a4849f2837ae -->
|
||||
<property name="parameter.cookie.domain" value="agov-w.azure.adnovum.net"/>
|
||||
<!-- source: pattern://826166d230a6a4849f2837ae -->
|
||||
<property name="script" value="file:///var/opt/nevisauth/default/conf/returnTimeoutButKeepSession.groovy"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_fido2_fetchCaptchaResult" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false">
|
||||
<!-- source: pattern://699f22cf1cd4ad08bd973f31 -->
|
||||
<ResultCond name="error" next="Auth_Realm_Main_IDP_Email_Input"/>
|
||||
<!-- source: pattern://699f22cf1cd4ad08bd973f31 -->
|
||||
<ResultCond name="exit.1" next="Auth_Realm_Main_IDP_Email_Input"/>
|
||||
<!-- source: pattern://699f22cf1cd4ad08bd973f31 -->
|
||||
<ResultCond name="ok" next="Auth_Realm_Main_IDP_Fido_Email_Verify"/>
|
||||
<!-- source: pattern://699f22cf1cd4ad08bd973f31 -->
|
||||
<AuthState name="Auth_Realm_Main_IDP_Fido_Email_Verify" class="ch.nevis.idm.authstate.IdmUserVerifyState" final="false" resumeState="false">
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<ResultCond name="clientNotFound" next="Auth_Realm_Main_IDP_AuthnFailed_Client_NotFound"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<ResultCond name="failed" next="Auth_Realm_Main_IDP_Fido_Email_Verify_FailedEmailState"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<ResultCond name="prospect" next="Auth_Realm_Main_IDP_Fido_Email_Verify_IdmGetPropertiesState"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<Response value="AUTH_ERROR">
|
||||
<!-- source: pattern://699f22cf1cd4ad08bd973f31 -->
|
||||
<Arg name="ch.nevis.isiweb4.response.status" value="403"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<Gui name="internal_error">
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<GuiElem name="transferId" type="hidden" value="${system:random.bytes.16}" optional="true"/>
|
||||
</Gui>
|
||||
</Response>
|
||||
<!-- source: pattern://699f22cf1cd4ad08bd973f31 -->
|
||||
<property name="parameter.url" value="https://utility.agov-d.azure.adnovum.net/utility/api/v2/captcha/"/>
|
||||
<!-- source: pattern://699f22cf1cd4ad08bd973f31 -->
|
||||
<property name="scriptTraceGroup" value="AgovCaptcha"/>
|
||||
<!-- source: pattern://699f22cf1cd4ad08bd973f31 -->
|
||||
<property name="script" value="file:///var/opt/nevisauth/default/conf/fido2_fetchcaptcharesult.groovy"/>
|
||||
<propertyRef name="nevisIDM_Connector"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="user.loginId" value="${inargs:userInputValue_prompt.email}"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="user.loginType" value="EMAIL"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="client.name" value="agov"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="presetNoteValues" value="false"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="detaillevel.user" value="HIGH"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="detaillevel.profile" value="HIGH"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="detaillevel.role" value="MEDIUM"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="detaillevel.authorization" value="HIGH"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="detaillevel.dataroom" value="LOW"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="detaillevel.credential" value="HIGH"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="detaillevel.property" value="HIGH"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="detaillevel.unit" value="LOW"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="detaillevel.default" value="EXCLUDE"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_AuthnFailed_Client_NotFound" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false">
|
||||
<!-- source: pattern://0b3ce3ceec7bfca3ea524983 -->
|
||||
|
|
@ -549,71 +581,6 @@
|
|||
<!-- source: pattern://e0fda9336be9c69dafc9b69e -->
|
||||
<property name="admin.service.connection.0" value="https://idm:8989/nevisidm/services/v1/AdminService"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_Fido_Email_Verify" class="ch.nevis.idm.authstate.IdmUserVerifyState" final="false" resumeState="false">
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<ResultCond name="clientNotFound" next="Auth_Realm_Main_IDP_AuthnFailed_Client_NotFound"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<ResultCond name="failed" next="Auth_Realm_Main_IDP_Fido_Email_Verify_FailedEmailState"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<ResultCond name="prospect" next="Auth_Realm_Main_IDP_Fido_Email_Verify_IdmGetPropertiesState"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<Response value="AUTH_ERROR">
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<Gui name="internal_error">
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<GuiElem name="transferId" type="hidden" value="${system:random.bytes.16}" optional="true"/>
|
||||
</Gui>
|
||||
</Response>
|
||||
<propertyRef name="nevisIDM_Connector"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="user.loginId" value="${inargs:userInputValue_prompt.email}"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="user.loginType" value="EMAIL"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="client.name" value="agov"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="presetNoteValues" value="false"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="detaillevel.user" value="HIGH"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="detaillevel.profile" value="HIGH"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="detaillevel.role" value="MEDIUM"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="detaillevel.authorization" value="HIGH"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="detaillevel.dataroom" value="LOW"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="detaillevel.credential" value="HIGH"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="detaillevel.property" value="HIGH"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="detaillevel.unit" value="LOW"/>
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="detaillevel.default" value="EXCLUDE"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_Ensure_Account_State" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false" resumeState="false">
|
||||
<!-- source: pattern://f393012a278e525956a362d3 -->
|
||||
<ResultCond name="done" next="Auth_Realm_Main_IDP_Ensure_Recovery_Code"/>
|
||||
<!-- source: pattern://f393012a278e525956a362d3 -->
|
||||
<ResultCond name="failed" next="Auth_Realm_Main_IDP_SendSamlResponseWithError"/>
|
||||
<!-- source: pattern://f393012a278e525956a362d3 -->
|
||||
<ResultCond name="reload" next="Auth_Realm_Main_IDP_Ensure_Account_State_Reload"/>
|
||||
<!-- source: pattern://f393012a278e525956a362d3 -->
|
||||
<Response value="AUTH_CONTINUE"/>
|
||||
<!-- source: pattern://f393012a278e525956a362d3 -->
|
||||
<property name="scriptTraceGroup" value="AGOV-ACCT"/>
|
||||
<!-- source: pattern://f393012a278e525956a362d3 -->
|
||||
<property name="script" value="file:///var/opt/nevisauth/default/conf/ensureAccountState.groovy"/>
|
||||
<!-- source: pattern://f393012a278e525956a362d3 -->
|
||||
<property name="parameter.idm.baseUrl" value="https://idm:8989/nevisidm/api"/>
|
||||
<!-- source: pattern://f393012a278e525956a362d3 -->
|
||||
<property name="parameter.unitExtid" value="1000"/>
|
||||
<!-- source: pattern://f393012a278e525956a362d3 -->
|
||||
<property name="parameter.level100.roleExtid" value="aee52e9f-7084-4e55-9aea-9383ac7757f7"/>
|
||||
<!-- source: pattern://f393012a278e525956a362d3 -->
|
||||
<property name="parameter.idm.httpclient.tls.trustStoreRef" value="Ensure_Account_State"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_Fido_Email_Verify_FailedEmailState" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false" resumeState="true">
|
||||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<ResultCond name="default" next="Auth_Realm_Main_IDP_FIDO2_Authentication"/>
|
||||
|
|
@ -675,6 +642,53 @@
|
|||
<!-- source: pattern://7fb39bfd6c34685866a22180 -->
|
||||
<property name="detaillevel.default" value="EXCLUDE"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_Ensure_Account_State" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false" resumeState="false">
|
||||
<!-- source: pattern://f393012a278e525956a362d3 -->
|
||||
<ResultCond name="done" next="Auth_Realm_Main_IDP_Ensure_Recovery_Code"/>
|
||||
<!-- source: pattern://f393012a278e525956a362d3 -->
|
||||
<ResultCond name="failed" next="Auth_Realm_Main_IDP_SendSamlResponseWithError"/>
|
||||
<!-- source: pattern://f393012a278e525956a362d3 -->
|
||||
<ResultCond name="reload" next="Auth_Realm_Main_IDP_Ensure_Account_State_Reload"/>
|
||||
<!-- source: pattern://f393012a278e525956a362d3 -->
|
||||
<Response value="AUTH_CONTINUE"/>
|
||||
<!-- source: pattern://f393012a278e525956a362d3 -->
|
||||
<property name="scriptTraceGroup" value="AGOV-ACCT"/>
|
||||
<!-- source: pattern://f393012a278e525956a362d3 -->
|
||||
<property name="script" value="file:///var/opt/nevisauth/default/conf/ensureAccountState.groovy"/>
|
||||
<!-- source: pattern://f393012a278e525956a362d3 -->
|
||||
<property name="parameter.idm.baseUrl" value="https://idm:8989/nevisidm/api"/>
|
||||
<!-- source: pattern://f393012a278e525956a362d3 -->
|
||||
<property name="parameter.unitExtid" value="1000"/>
|
||||
<!-- source: pattern://f393012a278e525956a362d3 -->
|
||||
<property name="parameter.level100.roleExtid" value="${param.agov.level100.roleExtid}"/>
|
||||
<!-- source: pattern://f393012a278e525956a362d3 -->
|
||||
<property name="parameter.idm.httpclient.tls.trustStoreRef" value="Ensure_Account_State"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_FIDO2_Authentication" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false" resumeState="true">
|
||||
<!-- source: pattern://302b0fa3c5c3d1d17e9b1004 -->
|
||||
<ResultCond name="cancel" next="Auth_Realm_Main_IDP_OnCancel_Dispatch"/>
|
||||
<!-- source: pattern://302b0fa3c5c3d1d17e9b1004 -->
|
||||
<ResultCond name="error" next="Auth_Realm_Main_IDP_Email_Input"/>
|
||||
<!-- source: pattern://302b0fa3c5c3d1d17e9b1004 -->
|
||||
<ResultCond name="ok" next="Auth_Realm_Main_IDP_Fido2_VariableStep"/>
|
||||
<!-- source: pattern://302b0fa3c5c3d1d17e9b1004 -->
|
||||
<Response value="AUTH_CONTINUE">
|
||||
<!-- source: pattern://302b0fa3c5c3d1d17e9b1004 -->
|
||||
<Gui name="fido2_auth" label="title.login.fido2"/>
|
||||
<!-- source: pattern://302b0fa3c5c3d1d17e9b1004 -->
|
||||
<Arg name="fido2UserVerification" value="required"/>
|
||||
</Response>
|
||||
<!-- source: pattern://302b0fa3c5c3d1d17e9b1004 -->
|
||||
<property name="parameter.cancel" value="OnCancel_Dispatch"/>
|
||||
<!-- source: pattern://302b0fa3c5c3d1d17e9b1004 -->
|
||||
<property name="parameter.fido" value="fido2:9443"/>
|
||||
<!-- source: pattern://302b0fa3c5c3d1d17e9b1004 -->
|
||||
<property name="parameter.rpId" value="agov-w.azure.adnovum.net"/>
|
||||
<!-- source: pattern://302b0fa3c5c3d1d17e9b1004 -->
|
||||
<property name="scriptTraceGroup" value="AGOV-ACCT"/>
|
||||
<!-- source: pattern://302b0fa3c5c3d1d17e9b1004 -->
|
||||
<property name="script" value="file:///var/opt/nevisauth/default/conf/fido2_auth.groovy"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_Ensure_Recovery_Code" class="ch.nevis.esauth.auth.states.jwt.JWTToken" final="false" resumeState="false">
|
||||
<!-- source: pattern://9ff0369f3cf662f95d94ff09 -->
|
||||
<ResultCond name="ok" next="Auth_Realm_Main_IDP_Ensure_Recovery_Code_decryptCode"/>
|
||||
|
|
@ -744,43 +758,6 @@
|
|||
<!-- source: pattern://f393012a278e525956a362d3 -->
|
||||
<property name="detaillevel.default" value="EXCLUDE"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_FIDO2_Authentication" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false" resumeState="true">
|
||||
<!-- source: pattern://302b0fa3c5c3d1d17e9b1004 -->
|
||||
<ResultCond name="cancel" next="Auth_Realm_Main_IDP_OnCancel_Dispatch"/>
|
||||
<!-- source: pattern://302b0fa3c5c3d1d17e9b1004 -->
|
||||
<ResultCond name="error" next="Auth_Realm_Main_IDP_Email_Input"/>
|
||||
<!-- source: pattern://302b0fa3c5c3d1d17e9b1004 -->
|
||||
<ResultCond name="ok" next="Auth_Realm_Main_IDP_Fido2_VariableStep"/>
|
||||
<!-- source: pattern://302b0fa3c5c3d1d17e9b1004 -->
|
||||
<Response value="AUTH_CONTINUE">
|
||||
<!-- source: pattern://302b0fa3c5c3d1d17e9b1004 -->
|
||||
<Gui name="fido2_auth" label="title.login.fido2"/>
|
||||
<!-- source: pattern://302b0fa3c5c3d1d17e9b1004 -->
|
||||
<Arg name="fido2UserVerification" value="required"/>
|
||||
</Response>
|
||||
<!-- source: pattern://302b0fa3c5c3d1d17e9b1004 -->
|
||||
<property name="parameter.cancel" value="OnCancel_Dispatch"/>
|
||||
<!-- source: pattern://302b0fa3c5c3d1d17e9b1004 -->
|
||||
<property name="parameter.fido" value="fido2:9443"/>
|
||||
<!-- source: pattern://302b0fa3c5c3d1d17e9b1004 -->
|
||||
<property name="parameter.rpId" value="agov-w.azure.adnovum.net"/>
|
||||
<!-- source: pattern://302b0fa3c5c3d1d17e9b1004 -->
|
||||
<property name="scriptTraceGroup" value="AGOV-ACCT"/>
|
||||
<!-- source: pattern://302b0fa3c5c3d1d17e9b1004 -->
|
||||
<property name="script" value="file:///var/opt/nevisauth/default/conf/fido2_auth.groovy"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_Ensure_Recovery_Code_decryptCode" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false" resumeState="true">
|
||||
<!-- source: pattern://9ff0369f3cf662f95d94ff09 -->
|
||||
<ResultCond name="default" next="Auth_Realm_Main_IDP_Ensure_Recovery_Code_Process"/>
|
||||
<!-- source: pattern://9ff0369f3cf662f95d94ff09 -->
|
||||
<Response value="AUTH_CONTINUE"/>
|
||||
<!-- source: pattern://9ff0369f3cf662f95d94ff09 -->
|
||||
<property name="cryptoKey" value="secret://8jzQ1+F4HHvx7/tKFYRZb2/hFmyXjzt1HXgMJz+Tb16qSMh5Yv2QNnDH0JqsXHAoqtvZu1Nlo5A="/>
|
||||
<!-- source: pattern://9ff0369f3cf662f95d94ff09 -->
|
||||
<property name="cryptoAlgorithm" value="AES/CTR/PKCS5Padding"/>
|
||||
<!-- source: pattern://9ff0369f3cf662f95d94ff09 -->
|
||||
<property name="${sess:agov.new.recovery.code.cipher}?notes:agov.new.recovery.code:decrypt-b64" value="${sess:agov.new.recovery.code.cipher}"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_OnCancel_Dispatch" class="ch.nevis.esauth.auth.states.standard.ConditionalDispatcherState" final="false">
|
||||
<!-- source: pattern://af4ec934e8efbef422f03926 -->
|
||||
<ResultCond name="AccessApp" next="Auth_Realm_Main_IDP_Mobile_NLess_Auth"/>
|
||||
|
|
@ -809,6 +786,37 @@
|
|||
<!-- source: pattern://1a7583c6caa3b5c36599b25e -->
|
||||
<property name="sess:authenticatedWith" value="urn:qa.agov.ch:names:tc:authfactor:fido"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_Ensure_Recovery_Code_decryptCode" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false" resumeState="true">
|
||||
<!-- source: pattern://9ff0369f3cf662f95d94ff09 -->
|
||||
<ResultCond name="default" next="Auth_Realm_Main_IDP_Ensure_Recovery_Code_Process"/>
|
||||
<!-- source: pattern://9ff0369f3cf662f95d94ff09 -->
|
||||
<Response value="AUTH_CONTINUE"/>
|
||||
<!-- source: pattern://9ff0369f3cf662f95d94ff09 -->
|
||||
<property name="cryptoKey" value="secret://8jzQ1+F4HHvx7/tKFYRZb2/hFmyXjzt1HXgMJz+Tb16qSMh5Yv2QNnDH0JqsXHAoqtvZu1Nlo5A="/>
|
||||
<!-- source: pattern://9ff0369f3cf662f95d94ff09 -->
|
||||
<property name="cryptoAlgorithm" value="AES/CTR/PKCS5Padding"/>
|
||||
<!-- source: pattern://9ff0369f3cf662f95d94ff09 -->
|
||||
<property name="${sess:agov.new.recovery.code.cipher}?notes:agov.new.recovery.code:decrypt-b64" value="${sess:agov.new.recovery.code.cipher}"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_clear_request_session" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false">
|
||||
<!-- source: pattern://8c28e8f3352491ef7c5315fc -->
|
||||
<ResultCond name="ok" next="Auth_Realm_Main_IDP_Email_Input"/>
|
||||
<!-- source: pattern://8c28e8f3352491ef7c5315fc -->
|
||||
<Response value="AUTH_ERROR">
|
||||
<!-- source: pattern://8c28e8f3352491ef7c5315fc -->
|
||||
<Arg name="ch.nevis.isiweb4.response.status" value="403"/>
|
||||
</Response>
|
||||
<!-- source: pattern://8c28e8f3352491ef7c5315fc -->
|
||||
<property name="request:loginId" value=""/>
|
||||
<!-- source: pattern://8c28e8f3352491ef7c5315fc -->
|
||||
<property name="sess:ch.adnovum.nevisidm.profileExtId" value=""/>
|
||||
<!-- source: pattern://8c28e8f3352491ef7c5315fc -->
|
||||
<property name="sess:ch.adnovum.nevisidm.profileId" value=""/>
|
||||
<!-- source: pattern://8c28e8f3352491ef7c5315fc -->
|
||||
<property name="sess:ch.adnovum.nevisidm.profileName" value=""/>
|
||||
<!-- source: pattern://8c28e8f3352491ef7c5315fc -->
|
||||
<property name="removeOnEmptyValue" value="true"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_Ensure_Recovery_Code_Process" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false" resumeState="false">
|
||||
<!-- source: pattern://9ff0369f3cf662f95d94ff09 -->
|
||||
<ResultCond name="done" next="Auth_Realm_Main_IDP_CheckLoa"/>
|
||||
|
|
@ -843,25 +851,6 @@
|
|||
<!-- source: pattern://9ff0369f3cf662f95d94ff09 -->
|
||||
<property name="parameter.cookie.domain" value="auth.agov-w.azure.adnovum.net"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_clear_request_session" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false">
|
||||
<!-- source: pattern://8c28e8f3352491ef7c5315fc -->
|
||||
<ResultCond name="ok" next="Auth_Realm_Main_IDP_Email_Input"/>
|
||||
<!-- source: pattern://8c28e8f3352491ef7c5315fc -->
|
||||
<Response value="AUTH_ERROR">
|
||||
<!-- source: pattern://8c28e8f3352491ef7c5315fc -->
|
||||
<Arg name="ch.nevis.isiweb4.response.status" value="403"/>
|
||||
</Response>
|
||||
<!-- source: pattern://8c28e8f3352491ef7c5315fc -->
|
||||
<property name="request:loginId" value=""/>
|
||||
<!-- source: pattern://8c28e8f3352491ef7c5315fc -->
|
||||
<property name="sess:ch.adnovum.nevisidm.profileExtId" value=""/>
|
||||
<!-- source: pattern://8c28e8f3352491ef7c5315fc -->
|
||||
<property name="sess:ch.adnovum.nevisidm.profileId" value=""/>
|
||||
<!-- source: pattern://8c28e8f3352491ef7c5315fc -->
|
||||
<property name="sess:ch.adnovum.nevisidm.profileName" value=""/>
|
||||
<!-- source: pattern://8c28e8f3352491ef7c5315fc -->
|
||||
<property name="removeOnEmptyValue" value="true"/>
|
||||
</AuthState>
|
||||
<AuthState name="Auth_Realm_Main_IDP_CheckLoa" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false">
|
||||
<!-- source: pattern://2cdd910036aa06b102863a4f -->
|
||||
<ResultCond name="error" next="Auth_Realm_Main_IDP_AuthnFailed_Zero_RoleLvl"/>
|
||||
|
|
@ -1629,6 +1618,8 @@
|
|||
<Arg name="ch.nevis.isiweb4.response.status" value="403"/>
|
||||
</Response>
|
||||
<!-- source: pattern://bea3ca0c85381d07d632be52 -->
|
||||
<property name="parameter.realIpHttpHeaderName" value="X-Forwarded-For"/>
|
||||
<!-- source: pattern://bea3ca0c85381d07d632be52 -->
|
||||
<property name="parameter.url" value="https://utility.agov-d.azure.adnovum.net/utility/api/v1/configinfo"/>
|
||||
<!-- source: pattern://bea3ca0c85381d07d632be52 -->
|
||||
<property name="scriptTraceGroup" value="AgovCaptcha"/>
|
||||
|
|
|
|||
|
|
@ -2,38 +2,24 @@ import groovy.json.JsonSlurper
|
|||
import io.opentelemetry.api.trace.Span
|
||||
|
||||
def url = parameters.get('url')
|
||||
def realIpHttpHeaderName = parameters.get('realIpHttpHeaderName') ?: 'X-Real-IP'
|
||||
def ip = request.getLoginContext()['connection.HttpHeader.X-Real-IP'] ?: 'unknown'
|
||||
|
||||
try {
|
||||
//TODO/haburger/2024-AUG-20: remove if reCaptcha is not needed anymore
|
||||
session.remove('agov.fido2.X-ReCAPTCHA-Integration')
|
||||
|
||||
def spanCtxt = Span.current().getSpanContext()
|
||||
|
||||
|
||||
def traceparent = "00-${spanCtxt.getTraceId()}-${spanCtxt.getSpanId()}-${spanCtxt.getTraceFlags().asHex()}"
|
||||
LOG.error('traceparent: ' + traceparent)
|
||||
|
||||
def jsonSlurper = new JsonSlurper()
|
||||
def httpClient = HttpClients.create(parameters)
|
||||
def httpResponse = Http.get().url(url).build().send(httpClient)
|
||||
LOG.debug('Response Message: ' + httpResponse.reasonPhrase())
|
||||
def httpResponse = Http.get().url(url).header('traceparent', traceparent)
|
||||
.header(realIpHttpHeaderName, ip).build().send(httpClient)
|
||||
|
||||
LOG.debug('Response Status Code: ' + httpResponse.code())
|
||||
LOG.debug('Response: ' + httpResponse.bodyAsString())
|
||||
|
||||
if (httpResponse.code() == 200) {
|
||||
def json = jsonSlurper.parseText(httpResponse.bodyAsString())
|
||||
|
||||
// TODO/haburger/2024-AUG-20: remove if reCaptcha is not needed anymore
|
||||
// response.setSessionAttribute('agov.fido2.json.captchaSettings.enabled', String.valueOf(json.captchaSettings.enabled))
|
||||
// response.setSessionAttribute('agov.fido2.json.captchaSettings.reCaptchaInvisibleSiteKey', json.captchaSettings.reCaptchaInvisibleSiteKey)
|
||||
// response.setSessionAttribute('agov.fido2.json.captchaSettings.reCaptchaVisibleSiteKey', json.captchaSettings.reCaptchaVisibleSiteKey)
|
||||
//
|
||||
// if (session.get('agov.fido2.X-ReCAPTCHA-Integration') == null) {
|
||||
// response.setSessionAttribute('agov.fido2.X-ReCAPTCHA-Integration', 'INVISIBLE')
|
||||
// } else {
|
||||
// response.setSessionAttribute('agov.fido2.X-ReCAPTCHA-Integration', 'VISIBLE')
|
||||
// }
|
||||
|
||||
response.setSessionAttribute('agov.fido2.captchaSettings.enabled', String.valueOf(json.friendlyCaptureClientSettings.enabled))
|
||||
response.setSessionAttribute('agov.fido2.captchaSettings.siteKey', json.friendlyCaptureClientSettings.siteKey)
|
||||
response.setSessionAttribute('agov.fido2.captchaSettings.puzzleUrl', json.friendlyCaptureClientSettings.puzzleUrl)
|
||||
|
|
|
|||
|
|
@ -1,7 +1,10 @@
|
|||
import io.opentelemetry.api.trace.Span
|
||||
|
||||
def url = parameters.get('url')
|
||||
|
||||
def email = inargs['userInputValue_prompt.email']
|
||||
def token = inargs['captcha_response']?: 'MISSING'
|
||||
def enabled = (session['agov.fido2.captchaSettings.enabled']?:'true').toBoolean()
|
||||
|
||||
def ip = request.getLoginContext()['connection.HttpHeader.X-Real-IP'] ?: 'unknown'
|
||||
def userAgent = request.getLoginContext()['connection.HttpHeader.user-agent'] ?: request.getLoginContext()['connection.HttpHeader.User-Agent'] ?: 'unknown'
|
||||
|
|
@ -13,11 +16,21 @@ LOG.debug('Payload: ' + payload)
|
|||
|
||||
try {
|
||||
|
||||
if (!enabled) {
|
||||
LOG.info("FriendlyCAPTCHA is disabled, allowing operation for ${payload}")
|
||||
response.setResult('ok')
|
||||
return
|
||||
}
|
||||
|
||||
def spanCtxt = Span.current().getSpanContext()
|
||||
def traceparent = "00-${spanCtxt.getTraceId()}-${spanCtxt.getSpanId()}-${spanCtxt.getTraceFlags().asHex()}"
|
||||
|
||||
def httpClient = HttpClients.create(parameters)
|
||||
def httpResponse = Http.post()
|
||||
.url(url)
|
||||
.header("Accept", "application/json")
|
||||
.header("X-FriendlyCAPTCHA-Token", token)
|
||||
.header("traceparent", traceparent)
|
||||
.entity(Http.entity()
|
||||
.content(payload)
|
||||
.contentType("application/json")
|
||||
|
|
@ -25,7 +38,6 @@ try {
|
|||
.build()
|
||||
.send(httpClient)
|
||||
|
||||
LOG.debug('Response Message: ' + httpResponse.reasonPhrase())
|
||||
LOG.debug('Response Status Code: ' + httpResponse.code())
|
||||
LOG.debug('Response: ' + httpResponse.bodyAsString())
|
||||
|
||||
|
|
@ -49,53 +61,3 @@ try {
|
|||
response.setResult('error')
|
||||
response.setError(1, 'Exception during HTTP call')
|
||||
}
|
||||
|
||||
|
||||
// TODO/haburger/2024-AUG-20: remove if reCaptcha is not needed anymore
|
||||
//
|
||||
// def payload = '{ "email": "' + inargs['userInputValue_prompt.email'] + '", "action": "LOGIN", "userIp": "' + ip + '", "userAgent": "' + userAgent + '"}'
|
||||
//
|
||||
// LOG.info('Token: ' + inargs['recaptcha_response'])
|
||||
// LOG.info('Integration: ' + session['agov.fido2.X-ReCAPTCHA-Integration'])
|
||||
// LOG.info('Payload: ' + payload)
|
||||
//
|
||||
// try {
|
||||
//
|
||||
// def httpClient = HttpClients.create(parameters)
|
||||
// def httpResponse = Http.post()
|
||||
// .url(url)
|
||||
// .header("Accept", "application/json")
|
||||
// .header("X-ReCAPTCHA-Token", inargs['recaptcha_response'])
|
||||
// .header("X-ReCAPTCHA-Integration", session['agov.fido2.X-ReCAPTCHA-Integration'])
|
||||
// .entity(Http.entity()
|
||||
// .content(payload)
|
||||
// .contentType("application/json")
|
||||
// .build())
|
||||
// .build()
|
||||
// .send(httpClient)
|
||||
//
|
||||
// LOG.info('Response Message: ' + httpResponse.reasonPhrase())
|
||||
// LOG.info('Response Status Code: ' + httpResponse.code())
|
||||
// LOG.info('Response: ' + httpResponse.bodyAsString())
|
||||
//
|
||||
// if (httpResponse.code() == 200) {
|
||||
// if (httpResponse.bodyAsString().contains('SUCCESSFUL')) {
|
||||
// response.setResult('ok')
|
||||
// return
|
||||
// } else {
|
||||
//
|
||||
// response.setSessionAttribute('agov.fido2.X-ReCAPTCHA-Integration', 'VISIBLE')
|
||||
// response.setResult('exit.1')
|
||||
// return
|
||||
// }
|
||||
// } else {
|
||||
// LOG.error('Unexcpected HTTP response code: ' + httpResponse.code())
|
||||
// response.setResult('error')
|
||||
// response.setError(1, 'Unexpected HTTP reponse')
|
||||
// }
|
||||
// } catch (all) {
|
||||
// // Handle exception and set the transition
|
||||
// LOG.error('error: ' + all, all)
|
||||
// response.setResult('error')
|
||||
// response.setError(1, 'Exception during HTTP call')
|
||||
// }
|
||||
|
|
@ -1,31 +1,26 @@
|
|||
import groovy.json.JsonSlurper
|
||||
import io.opentelemetry.api.trace.Span
|
||||
|
||||
def url = parameters.get('url')
|
||||
def realIpHttpHeaderName = parameters.get('realIpHttpHeaderName') ?: 'X-Real-IP'
|
||||
def ip = request.getLoginContext()['connection.HttpHeader.X-Real-IP'] ?: 'unknown'
|
||||
|
||||
try {
|
||||
def spanCtxt = Span.current().getSpanContext()
|
||||
def traceparent = "00-${spanCtxt.getTraceId()}-${spanCtxt.getSpanId()}-${spanCtxt.getTraceFlags().asHex()}"
|
||||
|
||||
def jsonSlurper = new JsonSlurper()
|
||||
def httpClient = HttpClients.create(parameters)
|
||||
def httpResponse = Http.get().url(url).build().send(httpClient)
|
||||
LOG.debug('Response Message: ' + httpResponse.reasonPhrase())
|
||||
def httpResponse = Http.get().url(url).header('traceparent', traceparent)
|
||||
.header(realIpHttpHeaderName, ip).build().send(httpClient)
|
||||
|
||||
LOG.debug('Response Status Code: ' + httpResponse.code())
|
||||
LOG.debug('Response: ' + httpResponse.bodyAsString())
|
||||
|
||||
if (httpResponse.code() == 200) {
|
||||
def json = jsonSlurper.parseText(httpResponse.bodyAsString())
|
||||
|
||||
// TODO/haburger/2024-AUG-20: remove if reCaptcha is not needed anymore
|
||||
// response.setSessionAttribute('agov.recovery.json.accountUrl', json.accountUrl)
|
||||
// response.setSessionAttribute('agov.recovery.json.registrationUrl', json.registrationUrl)
|
||||
// response.setSessionAttribute('agov.recovery.json.captchaSettings.enabled', String.valueOf(json.captchaSettings.enabled))
|
||||
// response.setSessionAttribute('agov.recovery.json.captchaSettings.reCaptchaInvisibleSiteKey', json.captchaSettings.reCaptchaInvisibleSiteKey)
|
||||
// response.setSessionAttribute('agov.recovery.json.captchaSettings.reCaptchaVisibleSiteKey', json.captchaSettings.reCaptchaVisibleSiteKey)
|
||||
// if (session.get('agov.recovery.X-ReCAPTCHA-Integration') == null) {
|
||||
// response.setSessionAttribute('agov.recovery.X-ReCAPTCHA-Integration', 'INVISIBLE')
|
||||
// } else {
|
||||
// response.setSessionAttribute('agov.recovery.X-ReCAPTCHA-Integration', 'VISIBLE')
|
||||
// }
|
||||
|
||||
response.setSessionAttribute('agov.recovery.captchaSettings.enabled', String.valueOf(json.captchaSettings.enabled))
|
||||
response.setSessionAttribute('agov.recovery.captchaSettings.enabled', String.valueOf(json.friendlyCaptureClientSettings.enabled))
|
||||
response.setSessionAttribute('agov.recovery.captchaSettings.siteKey', json.friendlyCaptureClientSettings.siteKey)
|
||||
response.setSessionAttribute('agov.recovery.captchaSettings.puzzleUrl', json.friendlyCaptureClientSettings.puzzleUrl)
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,10 @@
|
|||
import io.opentelemetry.api.trace.Span
|
||||
|
||||
def url = parameters.get('url')
|
||||
|
||||
def email = inargs['email']
|
||||
def token = inargs['captcha_response']?: 'MISSING'
|
||||
def enabled = (session['agov.recovery.captchaSettings.enabled']?:'true').toBoolean()
|
||||
|
||||
def ip = request.getLoginContext()['connection.HttpHeader.X-Real-IP'] ?: 'unknown'
|
||||
def userAgent = request.getLoginContext()['connection.HttpHeader.user-agent'] ?: request.getLoginContext()['connection.HttpHeader.User-Agent'] ?: 'unknown'
|
||||
|
|
@ -13,11 +16,21 @@ LOG.debug('Payload: ' + payload)
|
|||
|
||||
try {
|
||||
|
||||
if (!enabled) {
|
||||
LOG.info("FriendlyCAPTCHA is disabled, allowing operation for ${payload}")
|
||||
response.setResult('ok')
|
||||
return
|
||||
}
|
||||
|
||||
def spanCtxt = Span.current().getSpanContext()
|
||||
def traceparent = "00-${spanCtxt.getTraceId()}-${spanCtxt.getSpanId()}-${spanCtxt.getTraceFlags().asHex()}"
|
||||
|
||||
def httpClient = HttpClients.create(parameters)
|
||||
def httpResponse = Http.post()
|
||||
.url(url)
|
||||
.header("Accept", "application/json")
|
||||
.header("X-FriendlyCAPTCHA-Token", token)
|
||||
.header("traceparent", traceparent)
|
||||
.entity(Http.entity()
|
||||
.content(payload)
|
||||
.contentType("application/json")
|
||||
|
|
@ -25,7 +38,6 @@ try {
|
|||
.build()
|
||||
.send(httpClient)
|
||||
|
||||
LOG.debug('Response Message: ' + httpResponse.reasonPhrase())
|
||||
LOG.debug('Response Status Code: ' + httpResponse.code())
|
||||
LOG.debug('Response: ' + httpResponse.bodyAsString())
|
||||
|
||||
|
|
@ -49,54 +61,3 @@ try {
|
|||
response.setResult('error')
|
||||
response.setError(1, 'Exception during HTTP call')
|
||||
}
|
||||
|
||||
|
||||
|
||||
// TODO/haburger/2024-AUG-20: remove if reCaptcha is not needed anymore
|
||||
// def payload = '{ "email": "' + inargs['email'] + '", "action": "LOGIN", "userIp": "' + session.get('agov.recovery.ip') + '", "userAgent": "' + session.get('agov.recovery.userAgent') + '"}'
|
||||
//
|
||||
// LOG.info('Token: ' + inargs['recaptcha_response'])
|
||||
// LOG.info('Integration: ' + session['agov.recovery.X-ReCAPTCHA-Integration'])
|
||||
// LOG.info('Payload: ' + payload)
|
||||
//
|
||||
// try {
|
||||
//
|
||||
// def httpClient = HttpClients.create(parameters)
|
||||
// def httpResponse = Http.post()
|
||||
// .url(url)
|
||||
// .header("Accept", "application/json")
|
||||
// .header("X-ReCAPTCHA-Token", inargs['recaptcha_response'])
|
||||
// .header("X-ReCAPTCHA-Integration", session['agov.recovery.X-ReCAPTCHA-Integration'])
|
||||
// .entity(Http.entity()
|
||||
// .content(payload)
|
||||
// .contentType("application/json")
|
||||
// // .charSet("utf-8")
|
||||
// .build())
|
||||
// .build()
|
||||
// .send(httpClient)
|
||||
//
|
||||
// LOG.info('Response Message: ' + httpResponse.reasonPhrase())
|
||||
// LOG.info('Response Status Code: ' + httpResponse.code())
|
||||
// LOG.info('Response: ' + httpResponse.bodyAsString())
|
||||
//
|
||||
// if (httpResponse.code() == 200) {
|
||||
// if (httpResponse.bodyAsString().contains('SUCCESSFUL')) {
|
||||
// response.setResult('ok')
|
||||
// return
|
||||
// } else {
|
||||
//
|
||||
// response.setSessionAttribute('agov.recovery.X-ReCAPTCHA-Integration', 'VISIBLE')
|
||||
// response.setResult('exit.1')
|
||||
// return
|
||||
// }
|
||||
// } else {
|
||||
// LOG.error('Unexcpected HTTP response code: ' + httpResponse.code())
|
||||
// response.setResult('error')
|
||||
// response.setError(1, 'Unexpected HTTP reponse')
|
||||
// }
|
||||
// } catch (all) {
|
||||
// // Handle exception and set the transition
|
||||
// LOG.error('error: ' + all, all)
|
||||
// response.setResult('error')
|
||||
// response.setError(1, 'Exception during HTTP call')
|
||||
// }
|
||||
|
|
@ -1,4 +1,5 @@
|
|||
import ch.nevis.esauth.auth.engine.AuthResponse
|
||||
|
||||
if (inargs['cancel'] == 'cancel') {
|
||||
//cleanSession()
|
||||
response.setStatus(AuthResponse.AUTH_ERROR)
|
||||
|
|
|
|||
|
|
@ -1,19 +1,19 @@
|
|||
//import ch.nevis.esauth.util.httpclient.api.HttpClient;
|
||||
//import ch.nevis.esauth.util.httpclient.api.HttpClients;
|
||||
//import ch.nevis.esauth.util.httpclient.api.Http;
|
||||
import io.opentelemetry.api.trace.Span
|
||||
|
||||
def url = parameters.get('url')
|
||||
//def payload = parameters.get('json')
|
||||
//def url = "https://me.agov-d.azure.adnovum.net:48081/utility/api/v1/email/031"
|
||||
def email = inargs['email']
|
||||
def language = session['ch.nevis.session.user.language'] ?: 'en'
|
||||
def payload = '{ "email": "' + email + '", "language": "' + language + '"}'
|
||||
|
||||
try {
|
||||
def spanCtxt = Span.current().getSpanContext()
|
||||
def traceparent = "00-${spanCtxt.getTraceId()}-${spanCtxt.getSpanId()}-${spanCtxt.getTraceFlags().asHex()}"
|
||||
|
||||
def httpClient = HttpClients.create(parameters)
|
||||
def httpResponse = Http.post()
|
||||
.url(url)
|
||||
.header("Accept", "application/json")
|
||||
.header("traceparent", traceparent)
|
||||
.entity(Http.entity()
|
||||
.content(payload)
|
||||
.contentType("application/json")
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
import groovy.xml.XmlSlurper
|
||||
import groovy.json.JsonSlurper
|
||||
//import ch.nevis.esauth.util.httpclient.api.HttpClients
|
||||
//import ch.nevis.esauth.util.httpclient.api.Http
|
||||
|
||||
import io.opentelemetry.api.trace.Span
|
||||
|
||||
int getRequestedLevel(String authnContextClassRef, def roleList){
|
||||
if (!authnContextClassRef) {
|
||||
|
|
@ -58,11 +56,13 @@ if (requestedRoleLevelNumber == 0 || session.get('ch.nevis.auth.saml.request.sco
|
|||
}
|
||||
|
||||
try {
|
||||
def spanCtxt = Span.current().getSpanContext()
|
||||
def traceparent = "00-${spanCtxt.getTraceId()}-${spanCtxt.getSpanId()}-${spanCtxt.getTraceFlags().asHex()}"
|
||||
def jsonSlurper = new JsonSlurper()
|
||||
def url = parameters.get('url') + '?entity-id=' + session.get('ch.nevis.auth.saml.request.scoping.requesterId')
|
||||
LOG.debug('Request url: ' + url)
|
||||
def httpClient = HttpClients.create(parameters)
|
||||
def httpResponse = Http.get().url(url).build().send(httpClient)
|
||||
def httpResponse = Http.get().url(url).header('traceparent', traceparent).build().send(httpClient)
|
||||
LOG.debug('Response Message: ' + httpResponse.reasonPhrase())
|
||||
LOG.debug('Response Status Code: ' + httpResponse.code())
|
||||
LOG.debug('Response: ' + httpResponse.bodyAsString())
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
apiVersion: "operator.nevis-security.ch/v1"
|
||||
kind: "NevisTrustStore"
|
||||
metadata:
|
||||
name: "idm-internal-idp-auth-signer-trust"
|
||||
name: "idm-idp-idm-sectoken-signer-trust"
|
||||
namespace: "adn-agov-nevisidm-01-uat"
|
||||
labels:
|
||||
deploymentTarget: "idm"
|
||||
|
|
@ -46,14 +46,14 @@ spec:
|
|||
podDisruptionBudget:
|
||||
maxUnavailable: "50%"
|
||||
git:
|
||||
tag: "r-be4d7b3836489983642da8c01294cab133468c44"
|
||||
tag: "r-7c3dca6bb9792f14907f6128a654a963518cbcca"
|
||||
dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm"
|
||||
credentials: "git-credentials"
|
||||
keystores:
|
||||
- "idm-default-identity"
|
||||
truststores:
|
||||
- "idm-idp-idm-sectoken-signer-trust"
|
||||
- "idm-technical-trust-store"
|
||||
- "idm-internal-idp-auth-signer-trust"
|
||||
podSecurity:
|
||||
policy: "baseline"
|
||||
automountServiceAccountToken: false
|
||||
|
|
|
|||
Binary file not shown.
Binary file not shown.
|
|
@ -99,7 +99,7 @@ server.tls.truststore=/var/opt/keys/trust/idm-technical-trust-store/truststore.p
|
|||
# source: pattern://b8a36646f81c3247cdb5d90b
|
||||
server.tls.truststore-passphrase=${exec:/var/opt/keys/trust/idm-technical-trust-store/keypass}
|
||||
# source: pattern://b8a36646f81c3247cdb5d90b
|
||||
server.auth.ninja.truststore=/var/opt/keys/trust/idm-internal-idp-auth-signer-trust/truststore.jks
|
||||
server.auth.ninja.truststore=/var/opt/keys/trust/idm-idp-idm-sectoken-signer-trust/truststore.jks
|
||||
# source: pattern://b8a36646f81c3247cdb5d90b
|
||||
management.healthchecks.enabled=true
|
||||
# source: pattern://b8a36646f81c3247cdb5d90b
|
||||
|
|
|
|||
|
|
@ -44,7 +44,7 @@ spec:
|
|||
podDisruptionBudget:
|
||||
maxUnavailable: "50%"
|
||||
git:
|
||||
tag: "r-f0c2fc352ad8e75f5eae1bab7fc80e6315293282"
|
||||
tag: "r-7c3dca6bb9792f14907f6128a654a963518cbcca"
|
||||
dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend"
|
||||
credentials: "git-credentials"
|
||||
podSecurity:
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
|
|
@ -0,0 +1,5 @@
|
|||
document.addEventListener('DOMContentLoaded', function() {
|
||||
document.dispatchEvent(new Event('initQRCode'));
|
||||
document.dispatchEvent(new Event('initDrawer'));
|
||||
document.dispatchEvent(new Event('initCantonalBranding'));
|
||||
});
|
||||
|
|
@ -1,9 +1,3 @@
|
|||
document.addEventListener('DOMContentLoaded', function() {
|
||||
document.dispatchEvent(new Event('initAnswer'));
|
||||
});
|
||||
|
||||
// eslint-disable-next-line no-unused-vars
|
||||
function setErrorBanner(value) {
|
||||
document.getElementById('errorBanner').style.display = value ? 'none' : 'flex';
|
||||
document.getElementById('buttons').style.marginTop = value ? '16px' : '8px';
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,9 +1,3 @@
|
|||
document.addEventListener('DOMContentLoaded', function() {
|
||||
document.dispatchEvent(new Event('initAnswer'));
|
||||
});
|
||||
|
||||
// eslint-disable-next-line no-unused-vars
|
||||
function setErrorBanner(value) {
|
||||
document.getElementById('errorBanner').style.display = value ? 'none' : 'flex';
|
||||
console.log(document.getElementById('errorBanner').style.display);
|
||||
}
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
|
|
@ -83,7 +83,7 @@
|
|||
</div>
|
||||
<div class="mt-auto mb-6 sm:mb-0">
|
||||
<agov-button
|
||||
onclick="fido.authenticate()"
|
||||
id="fido_authenticate"
|
||||
data-type="button"
|
||||
data-label="$text.get("general.continue")"
|
||||
data-fullwidth="true"
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
$text.get("footer.text")
|
||||
<a target="_blank" class='text-hyperlink dark:text-dark-hyperlink underline' href='$text.get("footer.link")'>$text.get("footer.link.label")</a>
|
||||
</div>
|
||||
<p>1.6.0.local-20240821T091044Z-haburger: Wed Aug 21 12:02:18 CEST 2024</p>
|
||||
<p>1.6.8.13-20240919T195132Z</p>
|
||||
</footer>
|
||||
<script src="${login.appDataPath}/static/bundle.js"></script>
|
||||
</body>
|
||||
|
|
|
|||
|
|
@ -49,6 +49,8 @@
|
|||
|
||||
<div id="agovLoginImage"
|
||||
class="relative md:max-w-[520px] max-w-[350px] sm:max-w-[300px] mb-10 w-full mx-auto hidden md:block">
|
||||
<div class="hidden flex items-center p-2 bg-white dark:bg-black rounded-xl w-16 h-16 absolute left-[calc(39%-32px)] top-8"
|
||||
id="logoDoor"></div>
|
||||
<img alt="" src="${login.appDataPath}/static/images/login.svg"
|
||||
class="hidden md:block dark:hidden w-full">
|
||||
<img alt="" src="${login.appDataPath}/static/images/login-dark.svg"
|
||||
|
|
@ -362,13 +364,10 @@
|
|||
</form>
|
||||
</div>
|
||||
|
||||
<script>
|
||||
document.addEventListener('DOMContentLoaded', function () {
|
||||
document.dispatchEvent(new Event('initQRCode'));
|
||||
document.dispatchEvent(new Event('initDrawer'));
|
||||
document.dispatchEvent(new Event('initCantonalBranding'));
|
||||
cantonalBranding.getLogo("$gui.getGuiElem('agov.appSamlRpEntityId').value", "$login.language");
|
||||
});
|
||||
<script src="${login.appDataPath}/static/js-code/mauth_usernameless.js" defer>
|
||||
</script>
|
||||
<div id="appSamlRpEntityId" class="hidden" data-value="$gui.getGuiElem('agov.appSamlRpEntityId').value"
|
||||
data-language="$login.language">
|
||||
</div>
|
||||
|
||||
#parse("${templatePath}/footer.vm")
|
||||
|
|
@ -2,8 +2,8 @@
|
|||
|
||||
<agov-backdrop></agov-backdrop>
|
||||
<div id="modal" class="fixed top-0 bottom-0 left-0 right-0 pb-20 z-50 hidden">
|
||||
<div class="fixed top-0 bottom-0 left-0 right-0 backdrop-blur-[10px]" onclick="modal.setInvisible()"></div>
|
||||
<div class="fixed top-0 bottom-0 left-0 right-0 bg-[#E2E2E2E5]/80 dark:bg-[#111111]/90" onclick="modal.setInvisible()"></div>
|
||||
<div class="fixed top-0 bottom-0 left-0 right-0 backdrop-blur-[10px]" id="modal_light"></div>
|
||||
<div class="fixed top-0 bottom-0 left-0 right-0 bg-[#E2E2E2E5]/80 dark:bg-[#111111]/90" id="modal_dark"></div>
|
||||
|
||||
<div id="drawer"
|
||||
class="fixed bg-white dark:bg-surface-black rounded-[20px] p-10 w-11/12 sm:max-w-[660px] top-1/2 left-1/2 -translate-x-1/2 -translate-y-1/2">
|
||||
|
|
@ -26,12 +26,12 @@
|
|||
<div class="w-full sm:static mt-auto">
|
||||
<div class="flex justify-end flex-col-reverse sm:flex-row gap-4">
|
||||
<agov-button
|
||||
id="recovery_check_code"
|
||||
class="block"
|
||||
data-style="secondary"
|
||||
data-label="$text.get("general.cancel")"
|
||||
data-type="button"
|
||||
data-fullwidth="true"
|
||||
onclick="modal.setInvisible()">
|
||||
data-fullwidth="true">
|
||||
</agov-button>
|
||||
<a href="$text.get("general.help.link")" target="_blank" rel="noopener noreferrer">
|
||||
<agov-button
|
||||
|
|
@ -80,6 +80,7 @@
|
|||
accept-charset="UTF-8"
|
||||
class="flex flex-col flex-auto block ">
|
||||
<agov-input
|
||||
id="recovery_code_input"
|
||||
class="mb-4 py-16"
|
||||
data-label="$text.get("recovery_check_code.enterRecoveryCode")"
|
||||
data-isLabelHidden="true"
|
||||
|
|
@ -89,10 +90,6 @@
|
|||
data-value=""
|
||||
data-type="text"
|
||||
data-autofocus="true"
|
||||
oninput="validateCode.onInputCodeAndroid(event)"
|
||||
onkeyup="validateCode.onKeyUp(event)"
|
||||
onkeydown="validateCode.onInputCode(event)"
|
||||
onpaste="validateCode.paste(event)"
|
||||
data-email_invalid="$text.get("recovery_check_code.invalid.code")"
|
||||
data-email_too_long="$text.get("recovery_check_code.invalid.code.tooLong")"
|
||||
data-email_required="$text.get("recovery_check_code.invalid.code.required")">
|
||||
|
|
@ -101,17 +98,18 @@
|
|||
<div class="w-full sm:static mt-auto mb-6 sm:mb-0">
|
||||
<div class="flex flex-col flex-row-reverse gap-4">
|
||||
<agov-button
|
||||
id="recovery_code_btn"
|
||||
class="block basis-full"
|
||||
data-name="confirm"
|
||||
data-value="confirm"
|
||||
data-id="confirm"
|
||||
data-label="$text.get("general.confirm")"
|
||||
data-type="submit"
|
||||
data-fullwidth="true"
|
||||
onclick="validateCode.validateForm(event)">
|
||||
data-fullwidth="true">
|
||||
</agov-button>
|
||||
|
||||
<agov-button
|
||||
id="recovery_code_btn_cancel"
|
||||
class="block basis-full"
|
||||
data-style="frameless"
|
||||
data-name="cancelFido2"
|
||||
|
|
@ -120,8 +118,7 @@
|
|||
data-label="$text.get("recovery_check_code.noAccess")"
|
||||
data-type="button"
|
||||
data-fullwidth="true"
|
||||
data-validate="false"
|
||||
onclick="modal.setVisible()">
|
||||
data-validate="false">
|
||||
</agov-button>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -56,8 +56,7 @@
|
|||
data-style="secondary"
|
||||
data-label="<i class='fa-regular fa-eye align-middle text-xl text-indigo dark:text-lilac mr-2'></i>Reveal code"
|
||||
data-type="button"
|
||||
data-fullwidth="true"
|
||||
onclick="blurCode.unBlurCode()">
|
||||
data-fullwidth="true">
|
||||
</agov-button>
|
||||
<a class="mb-20" target="_blank" href="$PDFLink">
|
||||
<agov-button
|
||||
|
|
@ -77,14 +76,14 @@
|
|||
<div class="w-full sm:static mt-auto mb-6 sm:mb-0">
|
||||
<div class="flex flex-col flex-row-reverse gap-4">
|
||||
<agov-button
|
||||
id="recovery_code_continue"
|
||||
class="block basis-full"
|
||||
data-name="submit"
|
||||
data-value="submit"
|
||||
data-id="submit"
|
||||
data-label="$text.get("general.continue")"
|
||||
data-type="submit"
|
||||
data-fullwidth="true"
|
||||
onclick="blurCode.continue(event)">
|
||||
data-fullwidth="true">
|
||||
</agov-button>
|
||||
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -61,7 +61,7 @@
|
|||
|
||||
<div class="mt-auto mb-6 sm:mb-0">
|
||||
<agov-button
|
||||
onclick="fido.authenticate()"
|
||||
id="recovery_fido"
|
||||
data-type="button"
|
||||
data-label="$text.get("recovery_fidokey_auth.button")"
|
||||
data-fullwidth="true"
|
||||
|
|
|
|||
|
|
@ -32,6 +32,14 @@
|
|||
</div>
|
||||
#end
|
||||
|
||||
<div id="captchaNotFilled"
|
||||
class="hidden error flex rounded-xl bg-error-background dark:bg-dark-error-background items-center p-4 mb-4">
|
||||
<i class="fa-regular fa-exclamation-circle rounded-full p-3 text-error dark:text-dark-error bg-error/10 dark:bg-dark-error-icon mr-4 text-xl leading-none"></i>
|
||||
<p class="font-body text-body-l text-space-blue dark:text-white">
|
||||
$text.get("error_9909")
|
||||
</p>
|
||||
</div>
|
||||
|
||||
#set ($formTarget = $utils.escapeHtmlAttribute($gui.target.replaceAll('&?language=[^&]*','')))
|
||||
<form id="$gui.name" name="$gui.name" method="POST" target="_self" action="$formTarget" autocomplete="off"
|
||||
accept-charset="UTF-8"
|
||||
|
|
@ -63,21 +71,16 @@
|
|||
#set ($siteKey = $gui.getGuiElem("friendlyCaptchaSettings.siteKey"))
|
||||
#set ($puzzleUrl = $gui.getGuiElem("friendlyCaptchaSettings.puzzleUrl"))
|
||||
#set ($captchaEnabled = $gui.getGuiElem("captchaSettings.enabled"))
|
||||
|
||||
#if ($captchaEnabled.value && $captchaEnabled.value == "true")
|
||||
<div class="font-body text-body-l mb-4">
|
||||
<div class="font-body w-full text-body-l mb-4">
|
||||
<div class="flex mt-8">
|
||||
<script>
|
||||
function onSolution() {
|
||||
document.getElementById("submit").disabled = false;
|
||||
}
|
||||
</script>
|
||||
<div class="frc-captcha"
|
||||
id="frc-captcha"
|
||||
data-puzzle-endpoint="$puzzleUrl.value"
|
||||
data-sitekey="$siteKey.value"
|
||||
data-start="auto"
|
||||
data-lang="$login.language"
|
||||
data-callback="onSolution"
|
||||
data-solution-field-name="captcha_response">
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -86,16 +89,31 @@
|
|||
|
||||
<div class="w-full sm:static mt-auto mb-6 sm:mb-0">
|
||||
<div class="flex flex-col sm:flex-row-reverse gap-4">
|
||||
#if ($captchaEnabled.value && $captchaEnabled.value == "true")
|
||||
<agov-button
|
||||
id="submit_btn_captcha_enabled"
|
||||
disabled="true"
|
||||
class="block basis-full"
|
||||
data-name="continue"
|
||||
data-value="continue"
|
||||
data-id="continue"
|
||||
data-id="submit"
|
||||
data-label="$text.get("general.continue")"
|
||||
data-type="submit"
|
||||
data-fullwidth="true">
|
||||
</agov-button>
|
||||
#else
|
||||
<agov-button
|
||||
id="submit_btn_captcha_disabled"
|
||||
class="block basis-full"
|
||||
data-name="continue"
|
||||
data-value="continue"
|
||||
data-id="submit"
|
||||
data-label="$text.get("general.continue")"
|
||||
data-type="submit"
|
||||
data-fullwidth="true">
|
||||
</agov-button>
|
||||
#end ## if
|
||||
|
||||
<agov-button
|
||||
class="block basis-full"
|
||||
data-style="secondary"
|
||||
|
|
|
|||
|
|
@ -42,11 +42,11 @@
|
|||
<div id="buttons" class="w-full sm:static mt-auto mb-6 sm:mb-0 mt-24 sm:mt-24">
|
||||
<div class="flex sm:flex-row-reverse flex-col gap-2">
|
||||
<agov-button
|
||||
id="questionnaire_continue_btn"
|
||||
class="block basis-full"
|
||||
data-label="$text.get("general.continue")"
|
||||
data-type="submit"
|
||||
data-fullwidth="true"
|
||||
onclick="setErrorBanner(validateAnswer.validateFormYesOrNo(event))">
|
||||
data-fullwidth="true">
|
||||
</agov-button>
|
||||
<agov-button
|
||||
class="block basis-full"
|
||||
|
|
|
|||
|
|
@ -60,11 +60,11 @@
|
|||
<div class="w-full sm:static mt-8 mb-6 sm:mb-0 ">
|
||||
<div class="flex sm:flex-row-reverse flex-col gap-2">
|
||||
<agov-button
|
||||
id="questionnaire_continue_btn_reason"
|
||||
class="block basis-full"
|
||||
data-label="$text.get("general.continue")"
|
||||
data-type="submit"
|
||||
data-fullwidth="true"
|
||||
onclick="setErrorBanner(validateAnswer.validateForm(event))">
|
||||
data-fullwidth="true">
|
||||
</agov-button>
|
||||
|
||||
<agov-button
|
||||
|
|
|
|||
|
|
@ -15,6 +15,14 @@
|
|||
<h4 class="font-header text-h4 text-disabled-grey dark:text-silver">$text.get("general.securityKey")</h4>
|
||||
</div>
|
||||
|
||||
<div id="captchaNotFilled"
|
||||
class="hidden error flex rounded-xl bg-error-background dark:bg-dark-error-background items-center p-4 mb-4">
|
||||
<i class="fa-regular fa-exclamation-circle rounded-full p-3 text-error dark:text-dark-error bg-error/10 dark:bg-dark-error-icon mr-4 text-xl leading-none"></i>
|
||||
<p class="font-body text-body-l text-space-blue dark:text-white">
|
||||
$text.get("error_9909")
|
||||
</p>
|
||||
</div>
|
||||
|
||||
#set ($formTarget = $utils.escapeHtmlAttribute($gui.target.replaceAll('&?language=[^&]*','')))
|
||||
<form id="$gui.name" name="$gui.name" method="POST" target="_self" action="$formTarget" autocomplete="off"
|
||||
accept-charset="UTF-8"
|
||||
|
|
@ -42,21 +50,16 @@
|
|||
#set ($siteKey = $gui.getGuiElem("friendlyCaptchaSettings.siteKey"))
|
||||
#set ($puzzleUrl = $gui.getGuiElem("friendlyCaptchaSettings.puzzleUrl"))
|
||||
#set ($captchaEnabled = $gui.getGuiElem("captchaSettings.enabled"))
|
||||
|
||||
#if ($captchaEnabled.value && $captchaEnabled.value == "true")
|
||||
<div class="font-body text-body-l mb-4">
|
||||
<div class="w-full font-body text-body-l mb-4">
|
||||
<div class="flex mt-8">
|
||||
<script>
|
||||
function onSolution() {
|
||||
document.getElementById("submit").disabled = false;
|
||||
}
|
||||
</script>
|
||||
<div class="frc-captcha"
|
||||
id="frc-captcha"
|
||||
data-puzzle-endpoint="$puzzleUrl.value"
|
||||
data-sitekey="$siteKey.value"
|
||||
data-start="auto"
|
||||
data-lang="$login.language"
|
||||
data-callback="onSolution"
|
||||
data-solution-field-name="captcha_response">
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -65,7 +68,9 @@
|
|||
|
||||
<div class="w-full sm:static mt-auto mb-6 sm:mb-0">
|
||||
<div class="flex flex-col sm:flex-row-reverse gap-4">
|
||||
#if ($captchaEnabled.value && $captchaEnabled.value == "true")
|
||||
<agov-button
|
||||
id="submit_btn_captcha_enabled"
|
||||
disabled="true"
|
||||
class="block basis-full"
|
||||
data-name="submit"
|
||||
|
|
@ -75,6 +80,18 @@
|
|||
data-type="submit"
|
||||
data-fullwidth="true">
|
||||
</agov-button>
|
||||
#else
|
||||
<agov-button
|
||||
id="submit_btn_captcha_disabled"
|
||||
class="block basis-full"
|
||||
data-name="submit"
|
||||
data-value="submit"
|
||||
data-id="submit"
|
||||
data-label="$text.get("general.login")"
|
||||
data-type="submit"
|
||||
data-fullwidth="true">
|
||||
</agov-button>
|
||||
#end ## if
|
||||
<agov-button
|
||||
class="block basis-full"
|
||||
data-style="secondary"
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
|
|
@ -0,0 +1,5 @@
|
|||
document.addEventListener('DOMContentLoaded', function() {
|
||||
document.dispatchEvent(new Event('initQRCode'));
|
||||
document.dispatchEvent(new Event('initDrawer'));
|
||||
document.dispatchEvent(new Event('initCantonalBranding'));
|
||||
});
|
||||
|
|
@ -1,9 +1,3 @@
|
|||
document.addEventListener('DOMContentLoaded', function() {
|
||||
document.dispatchEvent(new Event('initAnswer'));
|
||||
});
|
||||
|
||||
// eslint-disable-next-line no-unused-vars
|
||||
function setErrorBanner(value) {
|
||||
document.getElementById('errorBanner').style.display = value ? 'none' : 'flex';
|
||||
document.getElementById('buttons').style.marginTop = value ? '16px' : '8px';
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,9 +1,3 @@
|
|||
document.addEventListener('DOMContentLoaded', function() {
|
||||
document.dispatchEvent(new Event('initAnswer'));
|
||||
});
|
||||
|
||||
// eslint-disable-next-line no-unused-vars
|
||||
function setErrorBanner(value) {
|
||||
document.getElementById('errorBanner').style.display = value ? 'none' : 'flex';
|
||||
console.log(document.getElementById('errorBanner').style.display);
|
||||
}
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
|
|
@ -83,7 +83,7 @@
|
|||
</div>
|
||||
<div class="mt-auto mb-6 sm:mb-0">
|
||||
<agov-button
|
||||
onclick="fido.authenticate()"
|
||||
id="fido_authenticate"
|
||||
data-type="button"
|
||||
data-label="$text.get("general.continue")"
|
||||
data-fullwidth="true"
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
$text.get("footer.text")
|
||||
<a target="_blank" class='text-hyperlink dark:text-dark-hyperlink underline' href='$text.get("footer.link")'>$text.get("footer.link.label")</a>
|
||||
</div>
|
||||
<p>1.6.0.local-20240821T091044Z-haburger: Wed Aug 21 12:02:18 CEST 2024</p>
|
||||
<p>1.6.8.13-20240919T195132Z</p>
|
||||
</footer>
|
||||
<script src="${login.appDataPath}/static/bundle.js"></script>
|
||||
</body>
|
||||
|
|
|
|||
|
|
@ -49,6 +49,8 @@
|
|||
|
||||
<div id="agovLoginImage"
|
||||
class="relative md:max-w-[520px] max-w-[350px] sm:max-w-[300px] mb-10 w-full mx-auto hidden md:block">
|
||||
<div class="hidden flex items-center p-2 bg-white dark:bg-black rounded-xl w-16 h-16 absolute left-[calc(39%-32px)] top-8"
|
||||
id="logoDoor"></div>
|
||||
<img alt="" src="${login.appDataPath}/static/images/login.svg"
|
||||
class="hidden md:block dark:hidden w-full">
|
||||
<img alt="" src="${login.appDataPath}/static/images/login-dark.svg"
|
||||
|
|
@ -362,13 +364,10 @@
|
|||
</form>
|
||||
</div>
|
||||
|
||||
<script>
|
||||
document.addEventListener('DOMContentLoaded', function () {
|
||||
document.dispatchEvent(new Event('initQRCode'));
|
||||
document.dispatchEvent(new Event('initDrawer'));
|
||||
document.dispatchEvent(new Event('initCantonalBranding'));
|
||||
cantonalBranding.getLogo("$gui.getGuiElem('agov.appSamlRpEntityId').value", "$login.language");
|
||||
});
|
||||
<script src="${login.appDataPath}/static/js-code/mauth_usernameless.js" defer>
|
||||
</script>
|
||||
<div id="appSamlRpEntityId" class="hidden" data-value="$gui.getGuiElem('agov.appSamlRpEntityId').value"
|
||||
data-language="$login.language">
|
||||
</div>
|
||||
|
||||
#parse("${templatePath}/footer.vm")
|
||||
|
|
@ -2,8 +2,8 @@
|
|||
|
||||
<agov-backdrop></agov-backdrop>
|
||||
<div id="modal" class="fixed top-0 bottom-0 left-0 right-0 pb-20 z-50 hidden">
|
||||
<div class="fixed top-0 bottom-0 left-0 right-0 backdrop-blur-[10px]" onclick="modal.setInvisible()"></div>
|
||||
<div class="fixed top-0 bottom-0 left-0 right-0 bg-[#E2E2E2E5]/80 dark:bg-[#111111]/90" onclick="modal.setInvisible()"></div>
|
||||
<div class="fixed top-0 bottom-0 left-0 right-0 backdrop-blur-[10px]" id="modal_light"></div>
|
||||
<div class="fixed top-0 bottom-0 left-0 right-0 bg-[#E2E2E2E5]/80 dark:bg-[#111111]/90" id="modal_dark"></div>
|
||||
|
||||
<div id="drawer"
|
||||
class="fixed bg-white dark:bg-surface-black rounded-[20px] p-10 w-11/12 sm:max-w-[660px] top-1/2 left-1/2 -translate-x-1/2 -translate-y-1/2">
|
||||
|
|
@ -26,12 +26,12 @@
|
|||
<div class="w-full sm:static mt-auto">
|
||||
<div class="flex justify-end flex-col-reverse sm:flex-row gap-4">
|
||||
<agov-button
|
||||
id="recovery_check_code"
|
||||
class="block"
|
||||
data-style="secondary"
|
||||
data-label="$text.get("general.cancel")"
|
||||
data-type="button"
|
||||
data-fullwidth="true"
|
||||
onclick="modal.setInvisible()">
|
||||
data-fullwidth="true">
|
||||
</agov-button>
|
||||
<a href="$text.get("general.help.link")" target="_blank" rel="noopener noreferrer">
|
||||
<agov-button
|
||||
|
|
@ -80,6 +80,7 @@
|
|||
accept-charset="UTF-8"
|
||||
class="flex flex-col flex-auto block ">
|
||||
<agov-input
|
||||
id="recovery_code_input"
|
||||
class="mb-4 py-16"
|
||||
data-label="$text.get("recovery_check_code.enterRecoveryCode")"
|
||||
data-isLabelHidden="true"
|
||||
|
|
@ -89,10 +90,6 @@
|
|||
data-value=""
|
||||
data-type="text"
|
||||
data-autofocus="true"
|
||||
oninput="validateCode.onInputCodeAndroid(event)"
|
||||
onkeyup="validateCode.onKeyUp(event)"
|
||||
onkeydown="validateCode.onInputCode(event)"
|
||||
onpaste="validateCode.paste(event)"
|
||||
data-email_invalid="$text.get("recovery_check_code.invalid.code")"
|
||||
data-email_too_long="$text.get("recovery_check_code.invalid.code.tooLong")"
|
||||
data-email_required="$text.get("recovery_check_code.invalid.code.required")">
|
||||
|
|
@ -101,17 +98,18 @@
|
|||
<div class="w-full sm:static mt-auto mb-6 sm:mb-0">
|
||||
<div class="flex flex-col flex-row-reverse gap-4">
|
||||
<agov-button
|
||||
id="recovery_code_btn"
|
||||
class="block basis-full"
|
||||
data-name="confirm"
|
||||
data-value="confirm"
|
||||
data-id="confirm"
|
||||
data-label="$text.get("general.confirm")"
|
||||
data-type="submit"
|
||||
data-fullwidth="true"
|
||||
onclick="validateCode.validateForm(event)">
|
||||
data-fullwidth="true">
|
||||
</agov-button>
|
||||
|
||||
<agov-button
|
||||
id="recovery_code_btn_cancel"
|
||||
class="block basis-full"
|
||||
data-style="frameless"
|
||||
data-name="cancelFido2"
|
||||
|
|
@ -120,8 +118,7 @@
|
|||
data-label="$text.get("recovery_check_code.noAccess")"
|
||||
data-type="button"
|
||||
data-fullwidth="true"
|
||||
data-validate="false"
|
||||
onclick="modal.setVisible()">
|
||||
data-validate="false">
|
||||
</agov-button>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -56,8 +56,7 @@
|
|||
data-style="secondary"
|
||||
data-label="<i class='fa-regular fa-eye align-middle text-xl text-indigo dark:text-lilac mr-2'></i>Reveal code"
|
||||
data-type="button"
|
||||
data-fullwidth="true"
|
||||
onclick="blurCode.unBlurCode()">
|
||||
data-fullwidth="true">
|
||||
</agov-button>
|
||||
<a class="mb-20" target="_blank" href="$PDFLink">
|
||||
<agov-button
|
||||
|
|
@ -77,14 +76,14 @@
|
|||
<div class="w-full sm:static mt-auto mb-6 sm:mb-0">
|
||||
<div class="flex flex-col flex-row-reverse gap-4">
|
||||
<agov-button
|
||||
id="recovery_code_continue"
|
||||
class="block basis-full"
|
||||
data-name="submit"
|
||||
data-value="submit"
|
||||
data-id="submit"
|
||||
data-label="$text.get("general.continue")"
|
||||
data-type="submit"
|
||||
data-fullwidth="true"
|
||||
onclick="blurCode.continue(event)">
|
||||
data-fullwidth="true">
|
||||
</agov-button>
|
||||
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -61,7 +61,7 @@
|
|||
|
||||
<div class="mt-auto mb-6 sm:mb-0">
|
||||
<agov-button
|
||||
onclick="fido.authenticate()"
|
||||
id="recovery_fido"
|
||||
data-type="button"
|
||||
data-label="$text.get("recovery_fidokey_auth.button")"
|
||||
data-fullwidth="true"
|
||||
|
|
|
|||
|
|
@ -32,6 +32,14 @@
|
|||
</div>
|
||||
#end
|
||||
|
||||
<div id="captchaNotFilled"
|
||||
class="hidden error flex rounded-xl bg-error-background dark:bg-dark-error-background items-center p-4 mb-4">
|
||||
<i class="fa-regular fa-exclamation-circle rounded-full p-3 text-error dark:text-dark-error bg-error/10 dark:bg-dark-error-icon mr-4 text-xl leading-none"></i>
|
||||
<p class="font-body text-body-l text-space-blue dark:text-white">
|
||||
$text.get("error_9909")
|
||||
</p>
|
||||
</div>
|
||||
|
||||
#set ($formTarget = $utils.escapeHtmlAttribute($gui.target.replaceAll('&?language=[^&]*','')))
|
||||
<form id="$gui.name" name="$gui.name" method="POST" target="_self" action="$formTarget" autocomplete="off"
|
||||
accept-charset="UTF-8"
|
||||
|
|
@ -63,21 +71,16 @@
|
|||
#set ($siteKey = $gui.getGuiElem("friendlyCaptchaSettings.siteKey"))
|
||||
#set ($puzzleUrl = $gui.getGuiElem("friendlyCaptchaSettings.puzzleUrl"))
|
||||
#set ($captchaEnabled = $gui.getGuiElem("captchaSettings.enabled"))
|
||||
|
||||
#if ($captchaEnabled.value && $captchaEnabled.value == "true")
|
||||
<div class="font-body text-body-l mb-4">
|
||||
<div class="font-body w-full text-body-l mb-4">
|
||||
<div class="flex mt-8">
|
||||
<script>
|
||||
function onSolution() {
|
||||
document.getElementById("submit").disabled = false;
|
||||
}
|
||||
</script>
|
||||
<div class="frc-captcha"
|
||||
id="frc-captcha"
|
||||
data-puzzle-endpoint="$puzzleUrl.value"
|
||||
data-sitekey="$siteKey.value"
|
||||
data-start="auto"
|
||||
data-lang="$login.language"
|
||||
data-callback="onSolution"
|
||||
data-solution-field-name="captcha_response">
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -86,16 +89,31 @@
|
|||
|
||||
<div class="w-full sm:static mt-auto mb-6 sm:mb-0">
|
||||
<div class="flex flex-col sm:flex-row-reverse gap-4">
|
||||
#if ($captchaEnabled.value && $captchaEnabled.value == "true")
|
||||
<agov-button
|
||||
id="submit_btn_captcha_enabled"
|
||||
disabled="true"
|
||||
class="block basis-full"
|
||||
data-name="continue"
|
||||
data-value="continue"
|
||||
data-id="continue"
|
||||
data-id="submit"
|
||||
data-label="$text.get("general.continue")"
|
||||
data-type="submit"
|
||||
data-fullwidth="true">
|
||||
</agov-button>
|
||||
#else
|
||||
<agov-button
|
||||
id="submit_btn_captcha_disabled"
|
||||
class="block basis-full"
|
||||
data-name="continue"
|
||||
data-value="continue"
|
||||
data-id="submit"
|
||||
data-label="$text.get("general.continue")"
|
||||
data-type="submit"
|
||||
data-fullwidth="true">
|
||||
</agov-button>
|
||||
#end ## if
|
||||
|
||||
<agov-button
|
||||
class="block basis-full"
|
||||
data-style="secondary"
|
||||
|
|
|
|||
|
|
@ -42,11 +42,11 @@
|
|||
<div id="buttons" class="w-full sm:static mt-auto mb-6 sm:mb-0 mt-24 sm:mt-24">
|
||||
<div class="flex sm:flex-row-reverse flex-col gap-2">
|
||||
<agov-button
|
||||
id="questionnaire_continue_btn"
|
||||
class="block basis-full"
|
||||
data-label="$text.get("general.continue")"
|
||||
data-type="submit"
|
||||
data-fullwidth="true"
|
||||
onclick="setErrorBanner(validateAnswer.validateFormYesOrNo(event))">
|
||||
data-fullwidth="true">
|
||||
</agov-button>
|
||||
<agov-button
|
||||
class="block basis-full"
|
||||
|
|
|
|||
|
|
@ -60,11 +60,11 @@
|
|||
<div class="w-full sm:static mt-8 mb-6 sm:mb-0 ">
|
||||
<div class="flex sm:flex-row-reverse flex-col gap-2">
|
||||
<agov-button
|
||||
id="questionnaire_continue_btn_reason"
|
||||
class="block basis-full"
|
||||
data-label="$text.get("general.continue")"
|
||||
data-type="submit"
|
||||
data-fullwidth="true"
|
||||
onclick="setErrorBanner(validateAnswer.validateForm(event))">
|
||||
data-fullwidth="true">
|
||||
</agov-button>
|
||||
|
||||
<agov-button
|
||||
|
|
|
|||
|
|
@ -15,6 +15,14 @@
|
|||
<h4 class="font-header text-h4 text-disabled-grey dark:text-silver">$text.get("general.securityKey")</h4>
|
||||
</div>
|
||||
|
||||
<div id="captchaNotFilled"
|
||||
class="hidden error flex rounded-xl bg-error-background dark:bg-dark-error-background items-center p-4 mb-4">
|
||||
<i class="fa-regular fa-exclamation-circle rounded-full p-3 text-error dark:text-dark-error bg-error/10 dark:bg-dark-error-icon mr-4 text-xl leading-none"></i>
|
||||
<p class="font-body text-body-l text-space-blue dark:text-white">
|
||||
$text.get("error_9909")
|
||||
</p>
|
||||
</div>
|
||||
|
||||
#set ($formTarget = $utils.escapeHtmlAttribute($gui.target.replaceAll('&?language=[^&]*','')))
|
||||
<form id="$gui.name" name="$gui.name" method="POST" target="_self" action="$formTarget" autocomplete="off"
|
||||
accept-charset="UTF-8"
|
||||
|
|
@ -42,21 +50,16 @@
|
|||
#set ($siteKey = $gui.getGuiElem("friendlyCaptchaSettings.siteKey"))
|
||||
#set ($puzzleUrl = $gui.getGuiElem("friendlyCaptchaSettings.puzzleUrl"))
|
||||
#set ($captchaEnabled = $gui.getGuiElem("captchaSettings.enabled"))
|
||||
|
||||
#if ($captchaEnabled.value && $captchaEnabled.value == "true")
|
||||
<div class="font-body text-body-l mb-4">
|
||||
<div class="w-full font-body text-body-l mb-4">
|
||||
<div class="flex mt-8">
|
||||
<script>
|
||||
function onSolution() {
|
||||
document.getElementById("submit").disabled = false;
|
||||
}
|
||||
</script>
|
||||
<div class="frc-captcha"
|
||||
id="frc-captcha"
|
||||
data-puzzle-endpoint="$puzzleUrl.value"
|
||||
data-sitekey="$siteKey.value"
|
||||
data-start="auto"
|
||||
data-lang="$login.language"
|
||||
data-callback="onSolution"
|
||||
data-solution-field-name="captcha_response">
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -65,7 +68,9 @@
|
|||
|
||||
<div class="w-full sm:static mt-auto mb-6 sm:mb-0">
|
||||
<div class="flex flex-col sm:flex-row-reverse gap-4">
|
||||
#if ($captchaEnabled.value && $captchaEnabled.value == "true")
|
||||
<agov-button
|
||||
id="submit_btn_captcha_enabled"
|
||||
disabled="true"
|
||||
class="block basis-full"
|
||||
data-name="submit"
|
||||
|
|
@ -75,6 +80,18 @@
|
|||
data-type="submit"
|
||||
data-fullwidth="true">
|
||||
</agov-button>
|
||||
#else
|
||||
<agov-button
|
||||
id="submit_btn_captcha_disabled"
|
||||
class="block basis-full"
|
||||
data-name="submit"
|
||||
data-value="submit"
|
||||
data-id="submit"
|
||||
data-label="$text.get("general.login")"
|
||||
data-type="submit"
|
||||
data-fullwidth="true">
|
||||
</agov-button>
|
||||
#end ## if
|
||||
<agov-button
|
||||
class="block basis-full"
|
||||
data-style="secondary"
|
||||
|
|
|
|||
|
|
@ -46,7 +46,7 @@ spec:
|
|||
podDisruptionBudget:
|
||||
maxUnavailable: "50%"
|
||||
git:
|
||||
tag: "r-be4d7b3836489983642da8c01294cab133468c44"
|
||||
tag: "r-7c3dca6bb9792f14907f6128a654a963518cbcca"
|
||||
dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp"
|
||||
credentials: "git-credentials"
|
||||
keystores:
|
||||
|
|
|
|||
|
|
@ -704,7 +704,7 @@
|
|||
<init-param>
|
||||
<param-name>DelegateToFrontend</param-name>
|
||||
<param-value>
|
||||
Content-Security-Policy-Report-Only:default-src 'none'; script-src 'self' 'sha256-jRcpQ00xp7HFefM8uuubCrmPgr9Q/zMqq+Be8IyLXyM=' 'sha256-jRcpQ00xp7HFefM8uuubCrmPgr9Q/zMqq+Be8IyLXyM=' 'sha256-jRcpQ00xp7HFefM8uuubCrmPgr9Q/zMqq+Be8IyLXyM=' 'sha256-jRcpQ00xp7HFefM8uuubCrmPgr9Q/zMqq+Be8IyLXyM=' 'unsafe-inline'; script-src-elem https://www.google.com https://www.gstatic.com 'sha256-jRcpQ00xp7HFefM8uuubCrmPgr9Q/zMqq+Be8IyLXyM=' 'sha256-VVRbrI9TGfTX6IQoysg2+krJFUO9Ckt6G7Gcs1q2dgM=' 'sha256-6FA//NVJWFgnJwirzDKHC42MZIXYrIxtNaKCahX3DLg=' 'sha256-3whVsWq2brmbgJQdoqbeJgW+43c+XyGdWbKl7sqG3YQ=' 'sha256-3whVsWq2brmbgJQdoqbeJgW+43c+XyGdWbKl7sqG3YQ=' 'self'; connect-src 'self'; img-src 'self'; style-src 'self' 'sha256-Q5DmyIIE+GwAh03yBzctDxvuwMTX0uUUUP5UU3yFoF0=' 'sha256-Q5DmyIIE+GwAh03yBzctDxvuwMTX0uUUUP5UU3yFoF0=' 'sha256-JnkgaYe2Kqj0SvIYv1vTPV72Rnsp5aU6c015YNij5Ks=' 'sha256-jRcpQ00xp7HFefM8uuubCrmPgr9Q/zMqq+Be8IyLXyM=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-MdFWcEIx4V82/ap9SUt01BxZMN4eFGEl8hNDFEGIzJU=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-ifPclQYYwRDXSPQgB9/6UgAgEICBpwegJBWNhOI8dOA=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-2diQqrANllVP9IWjXj1A6fjjvlPtpN6NXlmTiRJneCU=' 'sha256-Q5DmyIIE+GwAh03yBzctDxvuwMTX0uUUUP5UU3yFoF0=' 'sha256-Q5DmyIIE+GwAh03yBzctDxvuwMTX0uUUUP5UU3yFoF0=' 'sha256-ZdHxw9eWtnxUb3mk6tBS+gIiVUPE3pGM470keHPDFlE=' 'sha256-ZdHxw9eWtnxUb3mk6tBS+gIiVUPE3pGM470keHPDFlE=' 'sha256-ZdHxw9eWtnxUb3mk6tBS+gIiVUPE3pGM470keHPDFlE=' 'sha256-ZdHxw9eWtnxUb3mk6tBS+gIiVUPE3pGM470keHPDFlE=' 'sha256-ZdHxw9eWtnxUb3mk6tBS+gIiVUPE3pGM470keHPDFlE=' 'sha256-ZdHxw9eWtnxUb3mk6tBS+gIiVUPE3pGM470keHPDFlE=' 'sha256-ZdHxw9eWtnxUb3mk6tBS+gIiVUPE3pGM470keHPDFlE=' 'sha256-ZdHxw9eWtnxUb3mk6tBS+gIiVUPE3pGM470keHPDFlE=' 'sha256-ZdHxw9eWtnxUb3mk6tBS+gIiVUPE3pGM470keHPDFlE=' 'sha256-ZdHxw9eWtnxUb3mk6tBS+gIiVUPE3pGM470keHPDFlE=' 'sha256-ZdHxw9eWtnxUb3mk6tBS+gIiVUPE3pGM470keHPDFlE=' 'unsafe-hashes' 'unsafe-inline'; form-action 'self'; font-src 'self'; frame-src https://www.google.com
|
||||
Content-Security-Policy-Report-Only:default-src 'none'; script-src 'wasm-unsafe-eval' 'self' 'sha256-4r4l/2aahtvPIxQP0YmmqfftYXNwNqxxqOUaXVE0FjM=' 'sha256-3sconOU5uxdS6tVa5DhEli3N+/aY9IvYh873WqDptD0=' 'sha256-N3+RfLbnlpBc0lUnNy4soyLbX0tNDqQt5LPzkEsYOHo=' 'sha256-uOoE0nq21NJDv37YLUOxV9aCnNstJ0GK7BiXNMXQAcI='; worker-src blob:; child-src blob:; connect-src 'self' https://api.friendlycaptcha.com/api/v1/puzzle; img-src 'self'; style-src 'self' 'sha256-/yxYnm5QjS5hz1/KbfNQ/Deyfb9rK1xZefYJGNT9UmU=' 'sha256-2diQqrANllVP9IWjXj1A6fjjvlPtpN6NXlmTiRJneCU=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-DHdp+1g/LIFDKreGcezYZywjzyvqUEbmjv4fv+nEQeE=' 'sha256-DtJ0G5eArSV7tvvFUUeV7iyiWfBGflIkRW64/tmMWUk=' 'sha256-JhfXJ5URuB/EAqhZ9vqgEO6trOuCE0w2/ChmfrVzxFo=' 'sha256-MdFWcEIx4V82/ap9SUt01BxZMN4eFGEl8hNDFEGIzJU=' 'sha256-dnsMWK7eeuHUJm/wLL2CXCibJJV0lnUxjpqlu5fcUsg=' 'sha256-iKyiqXXi2KXxNcOUCr+VCUo09ipHFWuIkztLNvUXhd0=' 'sha256-ifPclQYYwRDXSPQgB9/6UgAgEICBpwegJBWNhOI8dOA='; form-action 'self' https://trustbroker.agov-d.azure.adnovum.net/adfs/ls https://me.agov-d.azure.adnovum.net/registration/api/login/saml2/sso/agovidpdirect https://me.agov-d.azure.adnovum.net/account/api/login/saml2/sso/agovidpdirect; font-src 'self';
|
||||
Cross-Origin-Embedder-Policy:require-corp
|
||||
Cross-Origin-Opener-Policy:same-origin
|
||||
Cross-Origin-Resource-Policy:same-site
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
Loading…
Reference in New Issue