author | Dan Fuhry <dan@enanocms.org> |
Fri, 08 Apr 2016 17:23:16 -0400 | |
changeset 10 | 351d40b21cbc |
parent 8 | be4a5f24bb29 |
child 11 | b9eb748ac1e4 |
permissions | -rw-r--r-- |
0
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
1 |
<?php |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
2 |
/**!info** |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
3 |
{ |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
4 |
"Plugin Name" : "Yubikey management service", |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
5 |
"Plugin URI" : "http://enanocms.org/plugin/yubikey-yms", |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
6 |
"Description" : "Adds the ability for Enano to act as a Yubikey authentication provider. The Yubikey authentication plugin is a prerequisite.", |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
7 |
"Author" : "Dan Fuhry", |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
8 |
"Version" : "0.1", |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
9 |
"Author URI" : "http://enanocms.org/" |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
10 |
} |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
11 |
**!*/ |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
12 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
13 |
$plugins->attachHook('session_started', 'yms_add_special_pages();'); |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
14 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
15 |
function yms_add_special_pages() |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
16 |
{ |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
17 |
global $lang; |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
18 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
19 |
register_special_page('YMS', 'yms_specialpage_yms'); |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
20 |
register_special_page('YMSCreateClient', 'yms_specialpage_register'); |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
21 |
register_special_page('YubikeyValidate', 'yms_specialpage_validate'); |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
22 |
} |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
23 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
24 |
define('YMS_DISABLED', 0); |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
25 |
define('YMS_ENABLED', 1); |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
26 |
define('YMS_ANY_CLIENT', 2); |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
27 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
28 |
define('YMS_INSTALLED', 1); |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
29 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
30 |
require(ENANO_ROOT . '/plugins/yms/yms.php'); |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
31 |
require(ENANO_ROOT . '/plugins/yms/libotp.php'); |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
32 |
require(ENANO_ROOT . '/plugins/yms/transcode.php'); |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
33 |
require(ENANO_ROOT . '/plugins/yms/backend.php'); |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
34 |
require(ENANO_ROOT . '/plugins/yms/validate.php'); |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
35 |
require(ENANO_ROOT . '/plugins/yms/validate-functions.php'); |
3 | 36 |
require(ENANO_ROOT . '/plugins/yms/admincp.php'); |
0
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
37 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
38 |
/**!language** |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
39 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
40 |
The following text up to the closing comment tag is JSON language data. |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
41 |
It is not PHP code but your editor or IDE may highlight it as such. This |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
42 |
data is imported when the plugin is loaded for the first time; it provides |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
43 |
the strings displayed by this plugin's interface. |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
44 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
45 |
You should copy and paste this block when you create your own plugins so |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
46 |
that these comments and the basic structure of the language data is |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
47 |
preserved. All language data is in the same format as the Enano core |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
48 |
language files in the /language/* directories. See the Enano Localization |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
49 |
Guide and Enano API Documentation for further information on the format of |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
50 |
language files. |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
51 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
52 |
The exception in plugin language file format is that multiple languages |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
53 |
may be specified in the language block. This should be done by way of making |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
54 |
the top-level elements each a JSON language object, with elements named |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
55 |
according to the ISO-639-1 language they are representing. The path should be: |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
56 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
57 |
root => language ID => categories array, ( strings object => category \ |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
58 |
objects => strings ) |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
59 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
60 |
All text leading up to first curly brace is stripped by the parser; using |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
61 |
a code tag makes jEdit and other editors do automatic indentation and |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
62 |
syntax highlighting on the language data. The use of the code tag is not |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
63 |
necessary; it is only included as a tool for development. |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
64 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
65 |
<code> |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
66 |
{ |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
67 |
// english |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
68 |
eng: { |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
69 |
categories: [ 'meta', 'yms' ], |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
70 |
strings: { |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
71 |
meta: { |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
72 |
yms: 'Yubikey management system' |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
73 |
}, |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
74 |
yms: { |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
75 |
specialpage_yms: 'Yubikey manager', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
76 |
specialpage_register: 'Register YMS client', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
77 |
specialpage_validate: 'Yubikey validation API', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
78 |
err_yubikey_plugin_missing_title: 'Yubikey plugin not found', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
79 |
err_yubikey_plugin_missing_body: 'The Yubikey YMS cannot load because the Enano <a href="http://enanocms.org/plugin/yubikey">Yubikey authentication plugin</a> is not installed. Please ask your administrator to install it.', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
80 |
err_client_exists_title: 'Client already exists', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
81 |
err_client_exists_body: 'You cannot register another YMS client using this same user account.', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
82 |
register_confirm_title: 'Enable your account for Yubikey authentication', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
83 |
register_confirm_body: 'As a Yubikey authentication client, you gain the ability to manage multiple Yubikeys and tie them to your own organization. It also lets you retrieve secret AES keys for tokens, register new or reprogrammed keys, validate Yubikey OTPs using your own API key, and deactivate keys in case of a compromise. Do you want to enable your account for Yubikey management?', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
84 |
register_btn_submit: 'Create YMS client', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
85 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
86 |
register_msg_success_title: 'Congratulations! Your account is now enabled for YMS access.', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
87 |
register_msg_success_body: '<p>You can now go to the <a href="%yms_link|htmlsafe%">YMS admin panel</a> and add your Yubikeys. Your client ID and API key are below:</p> |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
88 |
<p class="yms-copypara">Client ID: <span class="yms-copyfield">%client_id%</span><br /> |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
89 |
API key: <span class="yms-copyfield">%api_key%</span><br /> |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
90 |
Validation API URL: <span class="yms-copyfield">%validate_url%</span></p> |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
91 |
<p><b>Remember to secure your user account!</b> Your Enano login is used to administer your YMS account. For maximum security, use the Yubikey Settings page of the User Control Panel to require both a password and a Yubikey OTP to log in.</p>', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
92 |
msg_no_yubikeys: 'No Yubikeys found', |
4
9fdc988ce46e
Added counter and ANY_CLIENT settings to ShowAESKey; Significant improvements to claim system: Added master switch for the whole system; Added ability for administrators to "su" to client ID 0 to manage pooled keys; Added ability for admins to release key when it is added
Dan
parents:
3
diff
changeset
|
93 |
msg_editing_zero: '<b>Notice:</b> You are currently viewing the YMS profile for Client ID 0, the pool of claimable keys. By default, anybody can validate or claim these Yubikeys, but you can prevent validation of these keys by marking them inactive here. All key settings such as lifecycle state and notes are reset when a user claims a key here.', |
0
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
94 |
btn_add_key: 'Add Yubikey', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
95 |
btn_add_key_preregistered: 'Claim a New Key', |
4
9fdc988ce46e
Added counter and ANY_CLIENT settings to ShowAESKey; Significant improvements to claim system: Added master switch for the whole system; Added ability for administrators to "su" to client ID 0 to manage pooled keys; Added ability for admins to release key when it is added
Dan
parents:
3
diff
changeset
|
96 |
btn_switch_to_zero: 'Edit claimable pool', |
9fdc988ce46e
Added counter and ANY_CLIENT settings to ShowAESKey; Significant improvements to claim system: Added master switch for the whole system; Added ability for administrators to "su" to client ID 0 to manage pooled keys; Added ability for admins to release key when it is added
Dan
parents:
3
diff
changeset
|
97 |
btn_switch_from_zero: 'Switch back to my client', |
0
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
98 |
state_active: 'Active', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
99 |
state_inactive: 'Inactive', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
100 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
101 |
th_id: 'ID#', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
102 |
th_publicid: 'OTP prefix', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
103 |
th_createtime: 'Created', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
104 |
th_accesstime: 'Last accessed', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
105 |
th_state: 'Lifecycle state', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
106 |
th_note: 'Note', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
107 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
108 |
msg_access_never: 'Never', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
109 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
110 |
// Add key interface |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
111 |
lbl_addkey_heading: 'Register Yubikey', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
112 |
lbl_addkey_desc: 'Register a Yubikey that you programmed yourself in YMS to enable validation of OTPs from that key against this server.', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
113 |
lbl_addkey_field_secret: 'AES secret key:', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
114 |
lbl_addkey_field_secret_hint: 'Input in ModHex, hex, or base-64. The format will be detected automatically.', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
115 |
lbl_addkey_field_otp: 'Enter an OTP from this Yubikey:', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
116 |
lbl_addkey_field_notes: 'Notes about this key:', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
117 |
lbl_addkey_field_state: 'Lifecycle state:', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
118 |
lbl_addkey_field_any_client_name: 'Allow validation by any client:', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
119 |
lbl_addkey_field_any_client_hint: 'If unchecked, OTPs from this Yubikey can only be verified by someone using your client ID. Check this if you plan to use this Yubikey on websites you don\'t control.', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
120 |
lbl_addkey_field_any_client: 'Other clients can validate OTPs from this key', |
4
9fdc988ce46e
Added counter and ANY_CLIENT settings to ShowAESKey; Significant improvements to claim system: Added master switch for the whole system; Added ability for administrators to "su" to client ID 0 to manage pooled keys; Added ability for admins to release key when it is added
Dan
parents:
3
diff
changeset
|
121 |
lbl_addkey_field_allow_claim_name: 'Place key in claimable pool:', |
9fdc988ce46e
Added counter and ANY_CLIENT settings to ShowAESKey; Significant improvements to claim system: Added master switch for the whole system; Added ability for administrators to "su" to client ID 0 to manage pooled keys; Added ability for admins to release key when it is added
Dan
parents:
3
diff
changeset
|
122 |
lbl_addkey_field_allow_claim_hint: 'After this key is added, YMS will release your ownership of this key so that other users may claim it.', |
9fdc988ce46e
Added counter and ANY_CLIENT settings to ShowAESKey; Significant improvements to claim system: Added master switch for the whole system; Added ability for administrators to "su" to client ID 0 to manage pooled keys; Added ability for admins to release key when it is added
Dan
parents:
3
diff
changeset
|
123 |
lbl_addkey_field_allow_claim: 'Release this key and allow others to claim it', |
0
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
124 |
btn_addkey_submit: 'Register key', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
125 |
msg_addkey_success: 'This key has been successfully registered.', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
126 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
127 |
err_addkey_crc_failed: 'The CRC check on the OTP failed. This usually means that your AES key is wrong or could not be properly interpreted.', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
128 |
err_addkey_invalid_key: 'There was an error decoding your AES secret key. Please enter a 128-bit hex, ModHex, or base-64 value.', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
129 |
err_addkey_invalid_otp: 'The OTP from the Yubikey is invalid.', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
130 |
err_addkey_key_exists: 'This Yubikey is already registered on this server.', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
131 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
132 |
// Claim key interface |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
133 |
lbl_claimkey_heading: 'Claim Yubikey', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
134 |
lbl_claimkey_desc: 'Attach a key you have not reprogrammed to your YMS account, so that you can see its AES secret key and keep track of it.', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
135 |
lbl_claimkey_field_otp: 'Enter an OTP from this Yubikey:', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
136 |
lbl_custom_hint: 'For your security, this is used to validate your ownership of this Yubikey.', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
137 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
138 |
// AES key view interface |
4
9fdc988ce46e
Added counter and ANY_CLIENT settings to ShowAESKey; Significant improvements to claim system: Added master switch for the whole system; Added ability for administrators to "su" to client ID 0 to manage pooled keys; Added ability for admins to release key when it is added
Dan
parents:
3
diff
changeset
|
139 |
showaes_heading_main: 'View AES key and counters', |
0
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
140 |
showaes_th: 'AES secret key for key %public_id%', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
141 |
showaes_lbl_hex: 'Hex:', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
142 |
showaes_lbl_modhex: 'ModHex:', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
143 |
showaes_lbl_base64: 'Base64:', |
4
9fdc988ce46e
Added counter and ANY_CLIENT settings to ShowAESKey; Significant improvements to claim system: Added master switch for the whole system; Added ability for administrators to "su" to client ID 0 to manage pooled keys; Added ability for admins to release key when it is added
Dan
parents:
3
diff
changeset
|
144 |
showaes_th_counter: 'Counters', |
9fdc988ce46e
Added counter and ANY_CLIENT settings to ShowAESKey; Significant improvements to claim system: Added master switch for the whole system; Added ability for administrators to "su" to client ID 0 to manage pooled keys; Added ability for admins to release key when it is added
Dan
parents:
3
diff
changeset
|
145 |
showaes_field_session_count: 'Session count:', |
9fdc988ce46e
Added counter and ANY_CLIENT settings to ShowAESKey; Significant improvements to claim system: Added master switch for the whole system; Added ability for administrators to "su" to client ID 0 to manage pooled keys; Added ability for admins to release key when it is added
Dan
parents:
3
diff
changeset
|
146 |
showaes_field_session_count_hint: 'Incremented by 1 each time you insert this Yubikey into a USB port.', |
9fdc988ce46e
Added counter and ANY_CLIENT settings to ShowAESKey; Significant improvements to claim system: Added master switch for the whole system; Added ability for administrators to "su" to client ID 0 to manage pooled keys; Added ability for admins to release key when it is added
Dan
parents:
3
diff
changeset
|
147 |
showaes_field_otp_count: 'OTP count:', |
9fdc988ce46e
Added counter and ANY_CLIENT settings to ShowAESKey; Significant improvements to claim system: Added master switch for the whole system; Added ability for administrators to "su" to client ID 0 to manage pooled keys; Added ability for admins to release key when it is added
Dan
parents:
3
diff
changeset
|
148 |
showaes_field_otp_count_hint: 'Incremented by 1 each time you press the button on the Yubikey; reset when the Yubikey is plugged in.', |
9fdc988ce46e
Added counter and ANY_CLIENT settings to ShowAESKey; Significant improvements to claim system: Added master switch for the whole system; Added ability for administrators to "su" to client ID 0 to manage pooled keys; Added ability for admins to release key when it is added
Dan
parents:
3
diff
changeset
|
149 |
|
9fdc988ce46e
Added counter and ANY_CLIENT settings to ShowAESKey; Significant improvements to claim system: Added master switch for the whole system; Added ability for administrators to "su" to client ID 0 to manage pooled keys; Added ability for admins to release key when it is added
Dan
parents:
3
diff
changeset
|
150 |
err_expected_int: 'Expected an integer', |
9fdc988ce46e
Added counter and ANY_CLIENT settings to ShowAESKey; Significant improvements to claim system: Added master switch for the whole system; Added ability for administrators to "su" to client ID 0 to manage pooled keys; Added ability for admins to release key when it is added
Dan
parents:
3
diff
changeset
|
151 |
msg_counter_update_success: 'The counters for this Yubikey have been updated.', |
0
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
152 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
153 |
// API key view interface |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
154 |
th_client_id: 'Client ID', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
155 |
lbl_client_id: 'Client ID:', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
156 |
th_api_key: 'API key', |
6 | 157 |
lbl_validate_url: 'Validation API URL:', |
0
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
158 |
|
2 | 159 |
// Deletion interface |
160 |
msg_delete_confirm: 'Are you sure you want to delete this Yubikey?', |
|
161 |
err_delete_not_found: 'That Yubikey was not found, or it is not yours to delete.', |
|
162 |
msg_delete_success: 'The selected Yubikey has been deleted successfully.', |
|
163 |
||
0
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
164 |
// Binary format converter |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
165 |
th_converted_value: 'Converted value', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
166 |
conv_err_invalid_string: 'The string was invalid or you entered did not match the format you selected.', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
167 |
th_converter: 'Convert binary formats', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
168 |
conv_lbl_value: 'Value to convert:', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
169 |
conv_lbl_format: 'Current encoding:', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
170 |
conv_lbl_format_auto: 'Auto-detect', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
171 |
conv_lbl_format_hex: 'Hexadecimal', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
172 |
conv_lbl_format_modhex: 'ModHex', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
173 |
conv_lbl_format_base64: 'Base-64', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
174 |
conv_btn_submit: 'Convert', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
175 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
176 |
// Key list |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
177 |
btn_note_view: 'View or edit note', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
178 |
btn_note_create: 'No note; click to create', |
2 | 179 |
btn_delete_key: 'Delete key', |
4
9fdc988ce46e
Added counter and ANY_CLIENT settings to ShowAESKey; Significant improvements to claim system: Added master switch for the whole system; Added ability for administrators to "su" to client ID 0 to manage pooled keys; Added ability for admins to release key when it is added
Dan
parents:
3
diff
changeset
|
180 |
btn_show_aes: 'AES secret and counter information', |
0
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
181 |
btn_show_converter: 'Binary encoding converter', |
3 | 182 |
btn_show_client_info: 'View client info', |
183 |
||
184 |
// ADMIN |
|
185 |
acp_title: 'Yubikey Management Server', |
|
186 |
acp_heading_main: 'YMS configuration', |
|
187 |
acp_th_main: 'Yubikey Management Server options', |
|
188 |
acp_field_require_reauth_title: 'Require re-authentication to access YMS interface:', |
|
189 |
acp_field_require_reauth_hint: 'This can be redundant and unnecessary if the sole purpose of your Enano installation is for YMS purposes.', |
|
190 |
acp_field_require_reauth: 'YMS pages require re-authentication', |
|
4
9fdc988ce46e
Added counter and ANY_CLIENT settings to ShowAESKey; Significant improvements to claim system: Added master switch for the whole system; Added ability for administrators to "su" to client ID 0 to manage pooled keys; Added ability for admins to release key when it is added
Dan
parents:
3
diff
changeset
|
191 |
acp_field_claim_enable_title: 'Allow users to claim Yubikeys:', |
9fdc988ce46e
Added counter and ANY_CLIENT settings to ShowAESKey; Significant improvements to claim system: Added master switch for the whole system; Added ability for administrators to "su" to client ID 0 to manage pooled keys; Added ability for admins to release key when it is added
Dan
parents:
3
diff
changeset
|
192 |
acp_field_claim_enable_hint: 'If you plan to program your own Yubikeys and give them to others, enable this to allow them to create YMS accounts and "claim" the keys so they can see AES secrets and control settings on their keys.<br /> |
9fdc988ce46e
Added counter and ANY_CLIENT settings to ShowAESKey; Significant improvements to claim system: Added master switch for the whole system; Added ability for administrators to "su" to client ID 0 to manage pooled keys; Added ability for admins to release key when it is added
Dan
parents:
3
diff
changeset
|
193 |
If you enable this, all Administrators will see an option when adding a new key to put it into the pool of unclaimed keys.<br /> |
9fdc988ce46e
Added counter and ANY_CLIENT settings to ShowAESKey; Significant improvements to claim system: Added master switch for the whole system; Added ability for administrators to "su" to client ID 0 to manage pooled keys; Added ability for admins to release key when it is added
Dan
parents:
3
diff
changeset
|
194 |
To claim a Yubikey, YMS requires users to enter a valid OTP, and optionally, an additional field you may configure below.', |
8
be4a5f24bb29
Add support for freezing the YMS client ID
Dan Fuhry <dan@enanocms.org>
parents:
7
diff
changeset
|
195 |
acp_field_force_client_id_title: 'Shared client ID:', |
be4a5f24bb29
Add support for freezing the YMS client ID
Dan Fuhry <dan@enanocms.org>
parents:
7
diff
changeset
|
196 |
acp_field_force_client_id_hint: 'If set, all Yubikeys will be registered to the same underlying client account. This allows everyone on the site to manage a single pool of Yubikeys using different accounts.', |
4
9fdc988ce46e
Added counter and ANY_CLIENT settings to ShowAESKey; Significant improvements to claim system: Added master switch for the whole system; Added ability for administrators to "su" to client ID 0 to manage pooled keys; Added ability for admins to release key when it is added
Dan
parents:
3
diff
changeset
|
197 |
acp_field_claim_enable: 'Enable the claim system', |
3 | 198 |
acp_field_claimauth_enable_title: 'Use external authentication when claiming Yubikeys:', |
199 |
acp_field_claimauth_enable_hint: 'This allows you to require an additional value - for example, the receipt number from the user\'s Yubikey order - when Yubikeys are claimed.', |
|
200 |
acp_field_claimauth_enable: 'Require additional field to claim a Yubikey', |
|
7 | 201 |
acp_field_claimauth_title: 'Name of the field:', |
202 |
acp_field_claimauth_title_hint: 'The label of the field the user sees when they are prompted. Example: "Receipt number"', |
|
3 | 203 |
acp_field_claimauth_url_title: 'URL to claim authentication server:', |
204 |
acp_field_claimauth_url_hint: 'The following variables will be applied: |
|
205 |
<ul> |
|
206 |
<li>%c = The value the user entered in your custom field</li> |
|
207 |
<li>%o = The Yubikey OTP from the form</li> |
|
208 |
<li>%h = The HMAC signature of the request</li> |
|
209 |
</ul> |
|
210 |
This authentication uses the same protocol as other Yubikey authentication servers. See the <a href="http://enanocms.org/plugin/yms" onclick="window.opeh(this.href); return false;">YMS plugin page on enanocms.org</a> for information on how to write an authentication server.<br /> |
|
211 |
<b>Example URL:</b> <tt>http://10.4.27.3/wsapi/validateclaim?id=1&tid=%c&otp=%o&h=%h</tt>', |
|
212 |
acp_field_claimauth_key_title: 'API key for authentication server:', |
|
213 |
acp_field_claimauth_key_hint: 'If provided, YMS will sign the requests it makes to your authentication server. Leave blank to disable signature support.', |
|
214 |
||
215 |
acp_msg_saved: 'Your changes to the YMS configuration have been saved.', |
|
0
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
216 |
} |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
217 |
} |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
218 |
} |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
219 |
} |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
220 |
</code> |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
221 |
**!*/ |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
222 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
223 |
/**!install dbms="mysql"; ** |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
224 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
225 |
CREATE TABLE {{TABLE_PREFIX}}yms_clients( |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
226 |
id int(12) NOT NULL DEFAULT 0, |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
227 |
apikey varchar(40) NOT NULL, |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
228 |
PRIMARY KEY ( id ) |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
229 |
); |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
230 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
231 |
CREATE TABLE {{TABLE_PREFIX}}yms_yubikeys( |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
232 |
id int(12) NOT NULL auto_increment, |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
233 |
client_id int(12) NOT NULL DEFAULT 0, |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
234 |
public_id varchar(12) NOT NULL DEFAULT '000000000000', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
235 |
private_id varchar(12) NOT NULL DEFAULT '000000000000', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
236 |
session_count int(8) NOT NULL DEFAULT 0, |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
237 |
token_count int(8) NOT NULL DEFAULT 0, |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
238 |
create_time int(12) NOT NULL DEFAULT 0, |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
239 |
access_time int(12) NOT NULL DEFAULT 0, |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
240 |
token_time int(12) NOT NULL DEFAULT 0, |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
241 |
aes_secret varchar(40) NOT NULL DEFAULT '00000000000000000000000000000000', |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
242 |
flags int(8) NOT NULL DEFAULT 1, |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
243 |
notes text, |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
244 |
PRIMARY KEY (id) |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
245 |
); |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
246 |
|
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
247 |
**!*/ |
9997bee9ad03
First commit. Lacks key deletion support and an admin CP for controlling options.
Dan
parents:
diff
changeset
|
248 |