zydronium/RDSFactor
1
0
Fork 0
mirror of https://github.com/jakobadam/RDSFactor.git synced 2025-05-31 09:43:48 +02:00
Code Issues Projects Releases Packages Wiki Activity

Use the AccessLog for logging

Browse source
This commit is contained in:
Jakob A. Dam 2015-04-09 09:42:59 +02:00 committed by Jakob Aarøe Dam
parent 5ef3e371c3
commit 3a2dff8fcd
2 changed files with 32 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

9
CICRadarR/CICRadarR.vb
View file

@ -130,11 +130,20 @@ Public Class CICRadarR
Public Shared Sub AccessLog(ByVal message)
If DEBUG = True Then
UserAccessLog.WriteLog(Now & ": DEBUG: " & message)
' Also write to the console if not a service
If Environment.UserInteractive Then
Console.WriteLine(Now & ": DEBUG: " & message)
End If
End If
End Sub
Public Shared Sub ServerLog(ByVal message)
Log.WriteLog(Now & ":" & message)
' Also write to the console if not a service
If Environment.UserInteractive Then
Console.WriteLine(Now & message)
End If
End Sub
Private Sub ProcessPacket(ByVal server As RADIUSServer, ByVal packet As RADIUSPacket)

43
CICRadarR/handlers/RDSHandler.vb
View file

@ -74,7 +74,7 @@ Public Class RDSHandler
' NOTE: Requests contain the session GUID in the password attribute
' of the packet.
Public Sub ProcessAppLaunchRequest()
Console.WriteLine("ProcessAppLaunchRequest")
CICRadarR.AccessLog("ProcessAppLaunchRequest")
' When the packet is an AppLaunchRequest the password attribute contains the session id!
Dim packetSessionId = mPassword
@ -82,7 +82,7 @@ Public Class RDSHandler
Dim sessionTimestamp = sessionTimestamps(mUsername)
If storedSessionId = Nothing Or sessionTimestamp = Nothing Then
Console.WriteLine("User has no session. MUST re-authenticate!")
CICRadarR.AccessLog("User has no session. MUST re-authenticate!")
mPacket.RejectAccessRequest()
Exit Sub
End If
@ -90,7 +90,7 @@ Public Class RDSHandler
If packetSessionId = storedSessionId Then
Dim minsSinceLastActivity = DateDiff(DateInterval.Minute, sessionTimestamp, Now)
If minsSinceLastActivity < CICRadarR.SessionTimeOut Then
Console.WriteLine("Opening window for: " & mUsername)
CICRadarR.AccessLog("Opening window for: " & mUsername)
' Pro-long session
sessionTimestamps(storedSessionId) = Now
' Open launch window
@ -98,12 +98,12 @@ Public Class RDSHandler
mPacket.AcceptAccessRequest()
Exit Sub
Else
Console.WriteLine("Session timed out -- User MUST re-authenticate")
CICRadarR.AccessLog("Session timed out -- User MUST re-authenticate")
userSessions.Remove(mUsername)
sessionTimestamps.Remove(mUsername)
End If
Else
Console.WriteLine("Stored session id didn't match packet session id!")
CICRadarR.AccessLog("Stored session id didn't match packet session id!")
End If
mPacket.RejectAccessRequest()
@ -117,15 +117,18 @@ Public Class RDSHandler
' * valid app launch window
'
' The launch window is closed after this request.
'
' TODO: Fix race-condition RD Web vs. Gateway. Don't start RDP client in RD Web
' before ensuring App Launch request was successful
Public Sub ProcessGatewayRequest()
Console.WriteLine("Gateway Request for user: " & mUsername)
CICRadarR.AccessLog("Gateway Request for user: " & mUsername)
Dim sessionId = userSessions(mUsername)
Dim launchTimestamp = userLaunchTimestamps(mUsername)
Dim attributes As New RADIUSAttributes
If sessionId = Nothing Or launchTimestamp = Nothing Then
Console.WriteLine("User's has no lauch window. User must re-authenticate")
CICRadarR.AccessLog("User's has no launch window. User must re-authenticate")
mPacket.RejectAccessRequest()
Exit Sub
End If
@ -138,10 +141,10 @@ Public Class RDSHandler
Dim secondsSinceLaunch = DateDiff(DateInterval.Second, launchTimestamp, Now)
If secondsSinceLaunch < CICRadarR.LaunchTimeOut Then
Console.WriteLine("Allowing access through gateway for user: " & mUsername & " -- closing window")
CICRadarR.AccessLog("Allowing access through gateway for user: " & mUsername & " -- closing window")
mPacket.AcceptAccessRequest(attributes)
Else
Console.WriteLine("Launch window has closed!")
CICRadarR.AccessLog("Launch window has closed!")
End If
' close window
@ -156,7 +159,7 @@ Public Class RDSHandler
Exit Sub
End If
Console.WriteLine("ProcessAccessRequest")
CICRadarR.AccessLog("ProcessAccessRequest")
Try
Dim ldapResult = Authenticate()
@ -167,13 +170,13 @@ Public Class RDSHandler
Accept()
End If
Catch ex As Exception
Console.WriteLine("Authentication failed. Sending reject. Error: " & ex.Message)
CICRadarR.AccessLog("Authentication failed. Sending reject. Error: " & ex.Message)
mPacket.RejectAccessRequest()
End Try
End Sub
Private Sub Accept()
Console.WriteLine("Accept")
CICRadarR.AccessLog("Accept")
Dim sGUID As String = System.Guid.NewGuid.ToString()
userSessions(mUsername) = sGUID
sessionTimestamps(mUsername) = Now
@ -186,7 +189,7 @@ Public Class RDSHandler
End Sub
Private Sub ProcessChallengeResponse()
Console.WriteLine("ProcessChallengeResponse")
CICRadarR.AccessLog("ProcessChallengeResponse")
' When the packet is an Challange-Response the password attr. contains the token
Dim challangeCode = mPassword
@ -203,17 +206,17 @@ Public Class RDSHandler
Private Sub TwoFactorChallenge()
Dim code = CICRadarR.GenerateCode
Dim sid = EncDec.Encrypt(mUsername & "_" & code, CICRadarR.encCode) 'generate unique code
Console.WriteLine("Access Challange Code: " & code)
CICRadarR.AccessLog("Access Challange Code: " & code)
userSidTokens(mUsername) = sid
tokenTimestamps(mUsername) = Now
If mUseSMSFactor Then
Console.WriteLine("TODO: Send SMS")
CICRadarR.AccessLog("TODO: Send SMS")
End If
If mUseEmailFactor Then
Console.WriteLine("TODO: Send Email")
CICRadarR.AccessLog("TODO: Send Email")
End If
Dim attributes As New RADIUSAttributes
@ -231,7 +234,7 @@ Public Class RDSHandler
Dim password As String = mPacket.UserPassword
Dim ldapDomain As String = CICRadarR.LDAPDomain
Console.WriteLine("Authenticating: LDAPPAth: " & "LDAP://" & ldapDomain & ", Username: " & mUsername)
CICRadarR.AccessLog("Authenticating: LDAPPAth: " & "LDAP://" & ldapDomain & ", Username: " & mUsername)
Dim dirEntry As New DirectoryEntry("LDAP://" & ldapDomain, mUsername, password)
Dim obj As Object = dirEntry.NativeObject
@ -252,7 +255,7 @@ Public Class RDSHandler
Dim result = search.FindOne()
If IsDBNull(result) Then
Console.WriteLine("Failed to authenticate with Active Directory")
CICRadarR.AccessLog("Failed to authenticate with Active Directory")
Throw New MissingUser
End If
@ -263,7 +266,7 @@ Public Class RDSHandler
Dim mobile = result.Properties(CICRadarR.ADField)(0)
mobile = Replace(mobile, "+", "")
If mobile.Trim.Length = 0 Then
Console.WriteLine("Unable to find correct phone number for user " & mUsername)
CICRadarR.AccessLog("Unable to find correct phone number for user " & mUsername)
End If
Return mobile
End Function
@ -272,7 +275,7 @@ Public Class RDSHandler
Dim email = result.Properties(CICRadarR.ADMailField)(0)
If InStr(email, "@") = 0 Then
Console.WriteLine("Unable to find correct email for user " & mUsername)
CICRadarR.AccessLog("Unable to find correct email for user " & mUsername)
End If
Return email
End Function