stages/authenticator_sms: Add SMS Authenticator Stage (#1577)

* stages/authenticator_sms: initial implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: add initial stage UI Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/elements: clear invalid state when old input was invalid but new input is correct Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/authenticator_sms: add more logic Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/user: add basic SMS settings Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/authenticator_sms: initial working version Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/authenticator_sms: add tests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/flows: optimise totp password manager entry on authenticator_validation stage Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/elements: add grouping support for table Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: allow sms class in authenticator stage Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: add grouping to more pages Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * stages/authenticator_validate: add SMS support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * api: add throttling for flow executor based on session key and pending user Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: fix style issues Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * ci: add workflow to compile backend translations Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-10-11 17:51:49 +02:00
parent 7bf587af24
commit aef9d27706
48 changed files with 2425 additions and 93 deletions
--- a/web/src/user/user-settings/stages/StageSettings.ts
+++ b/web/src/user/user-settings/stages/StageSettings.ts
@ -12,6 +12,7 @@ import { DEFAULT_CONFIG } from "../../../api/Config";
 import { EVENT_REFRESH } from "../../../constants";
 import "../../../elements/EmptyState";
 import "./UserSettingsAuthenticatorDuo";
+import "./UserSettingsAuthenticatorSMS";
 import "./UserSettingsAuthenticatorStatic";
 import "./UserSettingsAuthenticatorTOTP";
 import "./UserSettingsAuthenticatorWebAuthn";
@ -69,6 +70,12 @@ export class UserStageSettingsPage extends LitElement {
                    .configureUrl=${stage.configureUrl}
                >
                </ak-user-settings-authenticator-duo>`;
+            case "ak-user-settings-authenticator-sms":
+                return html`<ak-user-settings-authenticator-sms
+                    objectId=${stage.objectUid}
+                    .configureUrl=${stage.configureUrl}
+                >
+                </ak-user-settings-authenticator-sms>`;
            default:
                return html`<p>${t`Error: unsupported stage settings: ${stage.component}`}</p>`;
        }
--- a/web/src/user/user-settings/stages/UserSettingsAuthenticatorSMS.ts
+++ b/web/src/user/user-settings/stages/UserSettingsAuthenticatorSMS.ts
@ -0,0 +1,83 @@
+import { t } from "@lingui/macro";
+
+import { html, TemplateResult } from "lit";
+import { customElement } from "lit/decorators";
+import { until } from "lit/directives/until";
+
+import { AuthenticatorsApi } from "@goauthentik/api";
+
+import { DEFAULT_CONFIG } from "../../../api/Config";
+import { EVENT_REFRESH } from "../../../constants";
+import { BaseUserSettings } from "../BaseUserSettings";
+
+@customElement("ak-user-settings-authenticator-sms")
+export class UserSettingsAuthenticatorSMS extends BaseUserSettings {
+    renderEnabled(): TemplateResult {
+        return html`<div class="pf-c-card__body">
+                <p>
+                    ${t`Status: Enabled`}
+                    <i class="pf-icon pf-icon-ok"></i>
+                </p>
+            </div>
+            <div class="pf-c-card__footer">
+                <button
+                    class="pf-c-button pf-m-danger"
+                    @click=${() => {
+                        return new AuthenticatorsApi(DEFAULT_CONFIG)
+                            .authenticatorsSmsList({})
+                            .then((devices) => {
+                                if (devices.results.length < 1) {
+                                    return;
+                                }
+                                // TODO: Handle multiple devices, currently we assume only one TOTP Device
+                                return new AuthenticatorsApi(DEFAULT_CONFIG)
+                                    .authenticatorsSmsDestroy({
+                                        id: devices.results[0].pk || 0,
+                                    })
+                                    .then(() => {
+                                        this.dispatchEvent(
+                                            new CustomEvent(EVENT_REFRESH, {
+                                                bubbles: true,
+                                                composed: true,
+                                            }),
+                                        );
+                                    });
+                            });
+                    }}
+                >
+                    ${t`Disable SMS authenticator`}
+                </button>
+            </div>`;
+    }
+
+    renderDisabled(): TemplateResult {
+        return html` <div class="pf-c-card__body">
+                <p>
+                    ${t`Status: Disabled`}
+                    <i class="pf-icon pf-icon-error-circle-o"></i>
+                </p>
+            </div>
+            <div class="pf-c-card__footer">
+                ${this.configureUrl
+                    ? html`<a
+                          href="${this.configureUrl}?next=/${encodeURIComponent("#/settings")}"
+                          class="pf-c-button pf-m-primary"
+                          >${t`Enable SMS authenticator`}
+                      </a>`
+                    : html``}
+            </div>`;
+    }
+
+    render(): TemplateResult {
+        return html`<div class="pf-c-card">
+            <div class="pf-c-card__title">${t`SMS`}</div>
+            ${until(
+                new AuthenticatorsApi(DEFAULT_CONFIG).authenticatorsSmsList({}).then((devices) => {
+                    return devices.results.length > 0
+                        ? this.renderEnabled()
+                        : this.renderDisabled();
+                }),
+            )}
+        </div>`;
+    }
+}