From 2a894c487cf25e1ffa35548de1dc791aefed6471 Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Mon, 20 Nov 2017 15:51:06 -0800 Subject: [PATCH] GUACAMOLE-96: Clean up enrollment interface. Provide help text for user. --- .../auth/totp/UserVerificationService.java | 6 ++--- .../totp/form/AuthenticationCodeField.java | 22 +++++++++++++++++++ .../src/main/resources/styles/totp.css | 14 +++++++++++- .../templates/authenticationCodeField.html | 13 +++++++---- .../src/main/resources/translations/en.json | 17 +++++++++++--- 5 files changed, 61 insertions(+), 11 deletions(-) diff --git a/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/UserVerificationService.java b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/UserVerificationService.java index 987d4ca37..851bb9484 100644 --- a/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/UserVerificationService.java +++ b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/UserVerificationService.java @@ -245,14 +245,14 @@ public class UserVerificationService { if (!key.isConfirmed()) { field.exposeKey(key); throw new GuacamoleInsufficientCredentialsException( - "LOGIN.INFO_TOTP_REQUIRED", new CredentialsInfo( + "TOTP.INFO_ENROLL_REQUIRED", new CredentialsInfo( Collections.singletonList(field) )); } // Otherwise simply request the user's authentication code throw new GuacamoleInsufficientCredentialsException( - "LOGIN.INFO_TOTP_REQUIRED", new CredentialsInfo( + "TOTP.INFO_CODE_REQUIRED", new CredentialsInfo( Collections.singletonList(field) )); @@ -285,7 +285,7 @@ public class UserVerificationService { } // Provided code is not valid - throw new GuacamoleClientException("LOGIN.INFO_TOTP_VERIFICATION_FAILED"); + throw new GuacamoleClientException("TOTP.INFO_VERIFICATION_FAILED"); } diff --git a/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/form/AuthenticationCodeField.java b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/form/AuthenticationCodeField.java index e0333ddab..c3ca20710 100644 --- a/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/form/AuthenticationCodeField.java +++ b/extensions/guacamole-auth-totp/src/main/java/org/apache/guacamole/auth/totp/form/AuthenticationCodeField.java @@ -98,6 +98,28 @@ public class AuthenticationCodeField extends Field { this.key = key; } + /** + * Returns the number of digits used for each TOTP code. If the user's key + * is not being exposed to facilitate enrollment, this value will not be + * exposed either. + * + * @return + * The number of digits used for each TOTP code, or null if the user's + * key is not being exposed to facilitate enrollment. + * + * @throws GuacamoleException + * If the number of digits cannot be read from guacamole.properties. + */ + public Integer getDigits() throws GuacamoleException { + + // Do not reveal code size unless enrollment is in progress + if (key == null) + return null; + + return confService.getDigits(); + + } + /** * Returns the "otpauth" URI for the secret key used to generate TOTP codes * for the current user. If the secret key is not being exposed to diff --git a/extensions/guacamole-auth-totp/src/main/resources/styles/totp.css b/extensions/guacamole-auth-totp/src/main/resources/styles/totp.css index 8181e2ccd..6db7729da 100644 --- a/extensions/guacamole-auth-totp/src/main/resources/styles/totp.css +++ b/extensions/guacamole-auth-totp/src/main/resources/styles/totp.css @@ -17,4 +17,16 @@ * under the License. */ -/* STUB */ +.totp-enroll p { + font-size: 0.8em; +} + +.totp-qr-code { + text-align: center; +} + +.totp-qr-code img { + margin: 1em; + border: 1px solid rgba(0,0,0,0.25); + box-shadow: 1px 1px 2px rgba(0,0,0,0.25); +} diff --git a/extensions/guacamole-auth-totp/src/main/resources/templates/authenticationCodeField.html b/extensions/guacamole-auth-totp/src/main/resources/templates/authenticationCodeField.html index ae155d817..5a39be7a4 100644 --- a/extensions/guacamole-auth-totp/src/main/resources/templates/authenticationCodeField.html +++ b/extensions/guacamole-auth-totp/src/main/resources/templates/authenticationCodeField.html @@ -1,13 +1,18 @@
- -
- + +
+

+
+

- +
diff --git a/extensions/guacamole-auth-totp/src/main/resources/translations/en.json b/extensions/guacamole-auth-totp/src/main/resources/translations/en.json index 540b94e36..bd0e9e204 100644 --- a/extensions/guacamole-auth-totp/src/main/resources/translations/en.json +++ b/extensions/guacamole-auth-totp/src/main/resources/translations/en.json @@ -5,9 +5,20 @@ }, "LOGIN" : { - "FIELD_HEADER_GUAC_TOTP" : "Authentication Code", - "INFO_TOTP_REQUIRED" : "Please enter your authentication code to verify your identity.", - "INFO_TOTP_VERIFICATION_FAILED" : "Verification failed. Please try again." + "FIELD_HEADER_GUAC_TOTP" : "" + }, + + "TOTP" : { + + "FIELD_PLACEHOLDER_CODE" : "Authentication Code", + + "INFO_CODE_REQUIRED" : "Please enter your authentication code to verify your identity.", + "INFO_ENROLL_REQUIRED" : "Multi-factor authentication has been enabled on your account.", + "INFO_VERIFICATION_FAILED" : "Verification failed. Please try again.", + + "HELP_ENROLL_BARCODE" : "To complete the enrollment process, scan the barcode below with the two-factor authentication app on your phone or device.", + "HELP_ENROLL_VERIFY" : "After scanning the barcode, enter the {DIGITS}-digit authentication code displayed to verify that enrollment was successful." + } }