Improved loa required logic

dashboard-gui/pom.xml

@@ -2,7 +2,7 @@
    <parent>
        <groupId>org.openconext</groupId>
        <artifactId>dashboard</artifactId>
-       <version>12.3.12</version>
+       <version>12.3.13-SNAPSHOT</version>
        <relativePath>../pom.xml</relativePath>
    </parent>
     <modelVersion>4.0.0</modelVersion>

dashboard-gui/src/javascripts/components/service_header.jsx

@@ -91,7 +91,7 @@ export default function ServiceHeader({ app, policies, onSubmit }) {
   }, [])
 
   const checkLoaLevel = (afterStepUpPathParameter, callback) => {
-    if (currentUser.currentLoaLevel < 2 && currentUser.dashboardStepupEnabled) {
+    if (currentUser.isMFARequired(2)) {
       setShowStepUpModal(true)
       setAfterStepUpPath(afterStepUpPathParameter)
     } else {

dashboard-gui/src/javascripts/models/current_user.js

@@ -1,74 +1,74 @@
 let currentUser = null
 
 class CurrentUser {
-  constructor(rawUser) {
-    this.attributeMap = rawUser.attributeMap
-    this.currentIdp = rawUser.currentIdp
-    this.dashboardAdmin = rawUser.dashboardAdmin
-    this.dashboardViewer = rawUser.dashboardViewer
-    this.dashboardMember = rawUser.dashboardMember
-    this.currentLoaLevel = rawUser.currentLoaLevel
-    this.displayName = rawUser.displayName
-    this.givenName = rawUser.givenName
-    this.surName = rawUser.surName
-    this.grantedAuthorities = rawUser.grantedAuthorities
-    this.institutionIdps = rawUser.institutionIdps
-    this.statsUrl = rawUser.statsUrl
-    this.superUser = rawUser.superUser
-    this.switchedToIdp = rawUser.switchedToIdp
-    this.uid = rawUser.uid
-    this.statsEnabled = rawUser.statsEnabled
-    this.manageConsentEnabled = rawUser.manageConsentEnabled
-    this.oidcEnabled = rawUser.oidcEnabled
-    this.jiraDown = rawUser.jiraDown
-    this.hideTabs = rawUser.hideTabs
-    this.supportedLanguages = rawUser.supportedLanguages
-    this.organization = rawUser.organization
-    this.guest = rawUser.guest
-    this.loaLevels = rawUser.loaLevels
-    this.authnContextLevels = rawUser.authnContextLevels
-    this.defaultLoa = rawUser.defaultLoa
-    this.email = rawUser.email
-    this.dashboardStepupEnabled = rawUser.dashboardStepupEnabled
-  }
-
-  isMFARequired() {
-    return this.currentLoaLevel < 2 && this.dashboardStepupEnabled
-  }
+    constructor(rawUser) {
+        this.attributeMap = rawUser.attributeMap
+        this.currentIdp = rawUser.currentIdp
+        this.dashboardAdmin = rawUser.dashboardAdmin
+        this.dashboardViewer = rawUser.dashboardViewer
+        this.dashboardMember = rawUser.dashboardMember
+        this.currentLoaLevel = rawUser.currentLoaLevel
+        this.displayName = rawUser.displayName
+        this.givenName = rawUser.givenName
+        this.surName = rawUser.surName
+        this.grantedAuthorities = rawUser.grantedAuthorities
+        this.institutionIdps = rawUser.institutionIdps
+        this.statsUrl = rawUser.statsUrl
+        this.superUser = rawUser.superUser
+        this.switchedToIdp = rawUser.switchedToIdp
+        this.uid = rawUser.uid
+        this.statsEnabled = rawUser.statsEnabled
+        this.manageConsentEnabled = rawUser.manageConsentEnabled
+        this.oidcEnabled = rawUser.oidcEnabled
+        this.jiraDown = rawUser.jiraDown
+        this.hideTabs = rawUser.hideTabs
+        this.supportedLanguages = rawUser.supportedLanguages
+        this.organization = rawUser.organization
+        this.guest = rawUser.guest
+        this.loaLevels = rawUser.loaLevels
+        this.authnContextLevels = rawUser.authnContextLevels
+        this.defaultLoa = rawUser.defaultLoa
+        this.email = rawUser.email
+        this.dashboardStepupEnabled = rawUser.dashboardStepupEnabled
+    }
 
-  getCurrentIdp() {
-    if (this.guest) {
-      return { state: 'prodaccepted' }
+    isMFARequired(requiredLoaLevel = 2) {
+        return this.currentLoaLevel < requiredLoaLevel && this.dashboardStepupEnabled
     }
-    if (this.superUser && this.switchedToIdp) {
-      return this.switchedToIdp
+
+    getCurrentIdp() {
+        if (this.guest) {
+            return {state: 'prodaccepted'}
+        }
+        if (this.superUser && this.switchedToIdp) {
+            return this.switchedToIdp
+        }
+        return this.switchedToIdp || this.currentIdp
     }
-    return this.switchedToIdp || this.currentIdp
-  }
 
-  getCurrentIdpId() {
-    return this.getCurrentIdp().id
-  }
+    getCurrentIdpId() {
+        return this.getCurrentIdp().id
+    }
 
-  getHideTabs() {
-    return this.hideTabs.split(',').map((s) => s.trim())
-  }
+    getHideTabs() {
+        return this.hideTabs.split(',').map((s) => s.trim())
+    }
 
-  showStats() {
-    const hideTabs = this.getHideTabs()
-    const currentIdp = this.getCurrentIdp()
+    showStats() {
+        const hideTabs = this.getHideTabs()
+        const currentIdp = this.getCurrentIdp()
 
-    return (
-      hideTabs.indexOf('statistics') === -1 &&
-      !this.guest &&
-      (!this.dashboardMember || currentIdp.displayStatsInDashboard)
-    )
-  }
+        return (
+            hideTabs.indexOf('statistics') === -1 &&
+            !this.guest &&
+            (!this.dashboardMember || currentIdp.displayStatsInDashboard)
+        )
+    }
 }
 
 export const createCurrentUser = (payload) => {
-  currentUser = new CurrentUser(payload)
-  return currentUser
+    currentUser = new CurrentUser(payload)
+    return currentUser
 }
 
 export const getCurrentUser = () => currentUser

dashboard-gui/src/javascripts/pages/authorization_policy_overview.jsx

@@ -25,7 +25,7 @@ export default function AuthorizationPolicyOverview({app, type, onPolicyChange})
     const isPolicyActive = policy => app.policyEnforcementDecisionRequired && policy.active
 
     const checkLoaLevel = (theLocation, callback) => {
-        if (currentUser.currentLoaLevel < 2 && currentUser.dashboardStepupEnabled) {
+        if (currentUser.isMFARequired(2)) {
             setShowStepUpModal(true)
             setLocationAfterStepup(theLocation)
         } else {

dashboard-gui/src/javascripts/pages/consent.jsx

@@ -33,7 +33,7 @@ export default function Consent({ app }) {
   }
 
   const checkLoaLevel = callback => {
-    if (currentUser.isMFARequired()) {
+    if (currentUser.isMFARequired(2)) {
       setShowStepUpModal(true)
     } else {
       callback();
@@ -75,7 +75,7 @@ export default function Consent({ app }) {
     return null
   }
   const msgAllowed = consent.type.toLowerCase() !== 'no_consent'
-  const loaRequired = currentUser.isMFARequired()
+  const loaRequired = currentUser.isMFARequired(2)
   return (
     <div>
       <div className={"title-container"}>

dashboard-gui/src/javascripts/pages/mfa.jsx

@@ -42,7 +42,7 @@ export default function MFA({app}) {
         && currentUser.authnContextLevels.indexOf(initialAuthnContextLevel) === -1
 
     const checkLoaLevel = callback => {
-        if (currentUser.currentLoaLevel < 3 && currentUser.dashboardStepupEnabled) {
+        if (currentUser.isMFARequired(3)) {
             setShowStepUpModal(true)
         } else {
             callback();
@@ -76,7 +76,7 @@ export default function MFA({app}) {
                 window.scrollTo(0, 0)
             })
     }
-    const loaRequired = currentUser.currentLoaLevel < 3 && currentUser.dashboardStepupEnabled
+    const loaRequired = currentUser.isMFARequired(3)
     return (
         <div className="mod-ssid-panel">
             <div className={"title-container"}>

dashboard-gui/src/javascripts/pages/my_idp.jsx

@@ -297,7 +297,7 @@ const EditIdpButton = ({currentUser, showModal}) => {
                    stopEvent(e)
                    if (currentUser.jiraDown) {
                        setShowJiraDownModal(true)
-                   } else if (currentUser.currentLoaLevel === 1 && currentUser.dashboardStepupEnabled) {
+                   } else if (currentUser.isMFARequired(2)) {
                        showModal(true)
                    } else {
                        history.replace("/my-idp/edit")

dashboard-gui/src/javascripts/pages/surf_secure_id.jsx

@@ -33,7 +33,7 @@ export default function SurfSecureID({ app }) {
   )
 
   const checkLoaLevel = callback => {
-    if (currentUser.currentLoaLevel < 3 && currentUser.dashboardStepupEnabled) {
+    if (currentUser.isMFARequired(3)) {
       setShowStepUpModal(true)
     } else {
       callback();
@@ -68,8 +68,7 @@ export default function SurfSecureID({ app }) {
       })
   }
 
-    const loaRequired = currentUser.currentLoaLevel < 3 && currentUser.dashboardStepupEnabled
-
+    const loaRequired = currentUser.isMFARequired(3)
     return (
     <div>
         <div className={"title-container"}>

dashboard-server/pom.xml

@@ -19,7 +19,7 @@
     <parent>
         <groupId>org.openconext</groupId>
         <artifactId>dashboard</artifactId>
-        <version>12.3.12</version>
+        <version>12.3.13-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>

pom.xml

@@ -31,7 +31,7 @@
 
     <groupId>org.openconext</groupId>
     <artifactId>dashboard</artifactId>
-    <version>12.3.12</version>
+    <version>12.3.13-SNAPSHOT</version>
     <name>dashboard</name>
     <description>OpenConext-Dashboard</description>
     <inceptionYear>2012</inceptionYear>