diff options
| -rw-r--r-- | deploy/flake.lock | 4 | ||||
| -rw-r--r-- | flake.lock | 4 | ||||
| -rw-r--r-- | flakes/flake.lock | 2 | ||||
| -rw-r--r-- | systems/eldiron/websites/tools/landing/ldap_ssh_keys.php | 137 |
4 files changed, 90 insertions, 57 deletions
diff --git a/deploy/flake.lock b/deploy/flake.lock index d8073ad..e0fff48 100644 --- a/deploy/flake.lock +++ b/deploy/flake.lock | |||
| @@ -2848,7 +2848,7 @@ | |||
| 2848 | }, | 2848 | }, |
| 2849 | "locked": { | 2849 | "locked": { |
| 2850 | "lastModified": 1, | 2850 | "lastModified": 1, |
| 2851 | "narHash": "sha256-hae/hbwlXJKa3f4R6f6oq7Gq9DW8YxsUoBAyOz8oN0s=", | 2851 | "narHash": "sha256-9LREn+Bx62kTYJ9qFlHM3REWanuhAjqMzuW2EIfYlQw=", |
| 2852 | "path": "../flakes", | 2852 | "path": "../flakes", |
| 2853 | "type": "path" | 2853 | "type": "path" |
| 2854 | }, | 2854 | }, |
| @@ -3970,7 +3970,7 @@ | |||
| 3970 | }, | 3970 | }, |
| 3971 | "locked": { | 3971 | "locked": { |
| 3972 | "lastModified": 1, | 3972 | "lastModified": 1, |
| 3973 | "narHash": "sha256-QbkQdVOe9KfYcBfNa0LUyEoFRQZkgvixM4OFcaGIIOM=", | 3973 | "narHash": "sha256-EaYcBPNpaP5rgiDFY1hfqpg4hMeLZEMQhFcCTP5VSso=", |
| 3974 | "path": "../systems/eldiron", | 3974 | "path": "../systems/eldiron", |
| 3975 | "type": "path" | 3975 | "type": "path" |
| 3976 | }, | 3976 | }, |
| @@ -2729,7 +2729,7 @@ | |||
| 2729 | }, | 2729 | }, |
| 2730 | "locked": { | 2730 | "locked": { |
| 2731 | "lastModified": 1, | 2731 | "lastModified": 1, |
| 2732 | "narHash": "sha256-hae/hbwlXJKa3f4R6f6oq7Gq9DW8YxsUoBAyOz8oN0s=", | 2732 | "narHash": "sha256-9LREn+Bx62kTYJ9qFlHM3REWanuhAjqMzuW2EIfYlQw=", |
| 2733 | "path": "./flakes", | 2733 | "path": "./flakes", |
| 2734 | "type": "path" | 2734 | "type": "path" |
| 2735 | }, | 2735 | }, |
| @@ -3986,7 +3986,7 @@ | |||
| 3986 | }, | 3986 | }, |
| 3987 | "locked": { | 3987 | "locked": { |
| 3988 | "lastModified": 1, | 3988 | "lastModified": 1, |
| 3989 | "narHash": "sha256-QbkQdVOe9KfYcBfNa0LUyEoFRQZkgvixM4OFcaGIIOM=", | 3989 | "narHash": "sha256-EaYcBPNpaP5rgiDFY1hfqpg4hMeLZEMQhFcCTP5VSso=", |
| 3990 | "path": "../systems/eldiron", | 3990 | "path": "../systems/eldiron", |
| 3991 | "type": "path" | 3991 | "type": "path" |
| 3992 | }, | 3992 | }, |
diff --git a/flakes/flake.lock b/flakes/flake.lock index 8a409bf..644fb56 100644 --- a/flakes/flake.lock +++ b/flakes/flake.lock | |||
| @@ -3890,7 +3890,7 @@ | |||
| 3890 | }, | 3890 | }, |
| 3891 | "locked": { | 3891 | "locked": { |
| 3892 | "lastModified": 1, | 3892 | "lastModified": 1, |
| 3893 | "narHash": "sha256-QbkQdVOe9KfYcBfNa0LUyEoFRQZkgvixM4OFcaGIIOM=", | 3893 | "narHash": "sha256-EaYcBPNpaP5rgiDFY1hfqpg4hMeLZEMQhFcCTP5VSso=", |
| 3894 | "path": "../systems/eldiron", | 3894 | "path": "../systems/eldiron", |
| 3895 | "type": "path" | 3895 | "type": "path" |
| 3896 | }, | 3896 | }, |
diff --git a/systems/eldiron/websites/tools/landing/ldap_ssh_keys.php b/systems/eldiron/websites/tools/landing/ldap_ssh_keys.php index 85ed973..47889ea 100644 --- a/systems/eldiron/websites/tools/landing/ldap_ssh_keys.php +++ b/systems/eldiron/websites/tools/landing/ldap_ssh_keys.php | |||
| @@ -1,50 +1,8 @@ | |||
| 1 | <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> | ||
| 2 | <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr" lang="fr"> | ||
| 3 | <head> | ||
| 4 | <title>ImmaeEu Account</title> | ||
| 5 | <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> | ||
| 6 | <meta name="viewport" content="width=device-width, initial-scale=1" /> | ||
| 7 | <link rel="stylesheet" href="https://assets.immae.eu/skeleton/2.0.4/skeleton.min.css" integrity="sha256-2YQRJMXD7pIAPHiXr0s+vlRWA7GYJEK0ARns7k2sbHY=" crossorigin="anonymous" /> | ||
| 8 | <style type="text/css"> | ||
| 9 | body { | ||
| 10 | font-family: Verdana,Arial,Courier New; | ||
| 11 | margin: auto; | ||
| 12 | } | ||
| 13 | table#ssh_keys_list textarea { | ||
| 14 | width: 100%; | ||
| 15 | height: 100%; | ||
| 16 | } | ||
| 17 | table#ssh_keys_list tbody tr.sshkeyrow { | ||
| 18 | height: 130px; | ||
| 19 | } | ||
| 20 | table#ssh_keys_list tbody tr.headrow th { | ||
| 21 | border-bottom: 0px !important; | ||
| 22 | padding-bottom: 0px !important; | ||
| 23 | } | ||
| 24 | table#ssh_keys_list tbody tr.mainrow td:not(.delete-button) { | ||
| 25 | border-bottom: 0px !important; | ||
| 26 | padding-bottom: 0px !important; | ||
| 27 | } | ||
| 28 | table#ssh_keys_list td.sshkey { | ||
| 29 | min-width: 600px; | ||
| 30 | height: 100%; | ||
| 31 | padding-top: 0px !important; | ||
| 32 | } | ||
| 33 | |||
| 34 | table#ssh_keys_list td.comment { | ||
| 35 | min-width: 160px; | ||
| 36 | } | ||
| 37 | |||
| 38 | </style> | ||
| 39 | </head> | ||
| 40 | <body> | ||
| 41 | <div class="container"> | ||
| 42 | <h1>Gestion des clés SSH</h1> | ||
| 43 | <?php | 1 | <?php |
| 44 | |||
| 45 | $connection = NULL; | ||
| 46 | |||
| 47 | session_start(); | 2 | session_start(); |
| 3 | if (isset($_POST['deconnexion'])) { | ||
| 4 | session_destroy(); | ||
| 5 | } | ||
| 48 | 6 | ||
| 49 | // Liste des applications gérées | 7 | // Liste des applications gérées |
| 50 | const apps = [ | 8 | const apps = [ |
| @@ -137,6 +95,16 @@ function getKeys() | |||
| 137 | return $keys; | 95 | return $keys; |
| 138 | } | 96 | } |
| 139 | 97 | ||
| 98 | // This is meant for non-interactive call (via curl for instance) | ||
| 99 | function addKey($key) | ||
| 100 | { | ||
| 101 | if (!isset($_SESSION["login"])) { | ||
| 102 | return false; | ||
| 103 | } | ||
| 104 | $pg = connectPg(); | ||
| 105 | pg_query_params($pg, "INSERT INTO ldap_users_ssh_keys (login,realm,key,usage,comment) values ($1,'immae',$2,ARRAY(SELECT * FROM json_array_elements_text($3))::ldap_users_ssh_key_usage[],$4)", array($_SESSION["login"], $key["public_key"], json_encode($key["apps"]), $key["comment"])); | ||
| 106 | } | ||
| 107 | |||
| 140 | function saveKeys($keys) | 108 | function saveKeys($keys) |
| 141 | { | 109 | { |
| 142 | if (!isset($_SESSION["login"])) { | 110 | if (!isset($_SESSION["login"])) { |
| @@ -158,11 +126,6 @@ function saveKeys($keys) | |||
| 158 | } | 126 | } |
| 159 | 127 | ||
| 160 | 128 | ||
| 161 | // Script | ||
| 162 | if (isset($_POST['deconnexion'])) { | ||
| 163 | $_SESSION = []; | ||
| 164 | } | ||
| 165 | |||
| 166 | if (isset($_POST['sauvegarder'])) { | 129 | if (isset($_POST['sauvegarder'])) { |
| 167 | $editedKeys = []; | 130 | $editedKeys = []; |
| 168 | $errors = false; | 131 | $errors = false; |
| @@ -205,6 +168,78 @@ if (isset($_POST['login'])) { | |||
| 205 | } | 168 | } |
| 206 | } | 169 | } |
| 207 | 170 | ||
| 171 | if (isset($_GET["batch"])) { | ||
| 172 | if (empty($_POST['username']) || empty($_POST['password'])) { | ||
| 173 | die("Le nom d'utilisateur et le mot de passe sont requis."); | ||
| 174 | } elseif (!checkLogin($_POST['username'], $_POST['password'])) { | ||
| 175 | die("Identifiants incorrects."); | ||
| 176 | } else { | ||
| 177 | $_SESSION['login'] = $_POST['username']; | ||
| 178 | } | ||
| 179 | if (!isset($_POST["usage"])) { | ||
| 180 | die("Une data 'usage' avec les applications gérées (séparées par des virgules) est attendue: " . implode(",",apps)); | ||
| 181 | } | ||
| 182 | $usage = array_intersect(apps, explode(',', $_POST["usage"])); | ||
| 183 | if (!isset($_POST["public_key"])) { | ||
| 184 | die("Une data 'public_key' avec la clé ssh (sans commentaire) est attendue"); | ||
| 185 | } | ||
| 186 | $key = $_POST["public_key"]; | ||
| 187 | if (!checkSshKey($key)) { | ||
| 188 | die("Clé ssh invalide"); | ||
| 189 | } | ||
| 190 | $comment = (isset($_POST["comment"])) ? $_POST["comment"] : null; | ||
| 191 | addKey(array ( | ||
| 192 | 'apps' => $usage, | ||
| 193 | 'comment' => $comment, | ||
| 194 | 'public_key' => $key | ||
| 195 | )); | ||
| 196 | echo "Done"; | ||
| 197 | exit; | ||
| 198 | } | ||
| 199 | |||
| 200 | ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> | ||
| 201 | <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr" lang="fr"> | ||
| 202 | <head> | ||
| 203 | <title>ImmaeEu Account</title> | ||
| 204 | <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> | ||
| 205 | <meta name="viewport" content="width=device-width, initial-scale=1" /> | ||
| 206 | <link rel="stylesheet" href="https://assets.immae.eu/skeleton/2.0.4/skeleton.min.css" integrity="sha256-2YQRJMXD7pIAPHiXr0s+vlRWA7GYJEK0ARns7k2sbHY=" crossorigin="anonymous" /> | ||
| 207 | <style type="text/css"> | ||
| 208 | body { | ||
| 209 | font-family: Verdana,Arial,Courier New; | ||
| 210 | margin: auto; | ||
| 211 | } | ||
| 212 | table#ssh_keys_list textarea { | ||
| 213 | width: 100%; | ||
| 214 | height: 100%; | ||
| 215 | } | ||
| 216 | table#ssh_keys_list tbody tr.sshkeyrow { | ||
| 217 | height: 130px; | ||
| 218 | } | ||
| 219 | table#ssh_keys_list tbody tr.headrow th { | ||
| 220 | border-bottom: 0px !important; | ||
| 221 | padding-bottom: 0px !important; | ||
| 222 | } | ||
| 223 | table#ssh_keys_list tbody tr.mainrow td:not(.delete-button) { | ||
| 224 | border-bottom: 0px !important; | ||
| 225 | padding-bottom: 0px !important; | ||
| 226 | } | ||
| 227 | table#ssh_keys_list td.sshkey { | ||
| 228 | min-width: 600px; | ||
| 229 | height: 100%; | ||
| 230 | padding-top: 0px !important; | ||
| 231 | } | ||
| 232 | |||
| 233 | table#ssh_keys_list td.comment { | ||
| 234 | min-width: 160px; | ||
| 235 | } | ||
| 236 | |||
| 237 | </style> | ||
| 238 | </head> | ||
| 239 | <body> | ||
| 240 | <div class="container"> | ||
| 241 | <h1>Gestion des clés SSH</h1> | ||
| 242 | <?php | ||
| 208 | if (isUserLogged()) : | 243 | if (isUserLogged()) : |
| 209 | $keys = isset($editedKeys) ? $editedKeys : getKeys(); | 244 | $keys = isset($editedKeys) ? $editedKeys : getKeys(); |
| 210 | ?> | 245 | ?> |
| @@ -339,5 +374,3 @@ endif; | |||
| 339 | </div> | 374 | </div> |
| 340 | </body> | 375 | </body> |
| 341 | </html> | 376 | </html> |
| 342 | |||
| 343 | |||