diff options
-rw-r--r-- | contrib/Makefile.am | 1 | ||||
-rw-r--r-- | contrib/anastasis_gtk_deny_singlefactor.glade | 54 | ||||
-rw-r--r-- | src/anastasis/anastasis-gtk_handle-main-window-forward-clicked.c | 67 |
3 files changed, 122 insertions, 0 deletions
diff --git a/contrib/Makefile.am b/contrib/Makefile.am index 8e0862d..d2a2cdb 100644 --- a/contrib/Makefile.am +++ b/contrib/Makefile.am @@ -37,6 +37,7 @@ pkgdata_DATA = \ anastasis_gtk_challenge_iban.glade \ anastasis_gtk_challenge_question.glade \ anastasis_gtk_challenge_totp.glade \ + anastasis_gtk_deny_singlefactor.glade \ anastasis_gtk_edit_providers.glade \ anastasis_gtk_edit_policy.glade \ anastasis_gtk_open_file_dialog.glade \ diff --git a/contrib/anastasis_gtk_deny_singlefactor.glade b/contrib/anastasis_gtk_deny_singlefactor.glade new file mode 100644 index 0000000..e68d21b --- /dev/null +++ b/contrib/anastasis_gtk_deny_singlefactor.glade @@ -0,0 +1,54 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- Generated with glade 3.38.2 --> +<interface> + <requires lib="gtk+" version="3.24"/> + <object class="GtkMessageDialog" id="anastasis_gtk_deny_singlefactor_dialog"> + <property name="can-focus">False</property> + <property name="title" translatable="yes">Single-factor authentication is not allowed!</property> + <property name="modal">True</property> + <property name="window-position">center</property> + <property name="type-hint">dialog</property> + <property name="message-type">warning</property> + <property name="text" translatable="yes">To keep your secret secure, we require at least two authentication options, and recommend you specify at least three authentication options before proceeding.</property> + <property name="secondary-text" translatable="yes">Select "back" to add additional authentication options.</property> + <signal name="response" handler="anastasis_gtk_deny_singlefactor_dialog_response_cb" swapped="no"/> + <child internal-child="vbox"> + <object class="GtkBox"> + <property name="can-focus">False</property> + <property name="orientation">vertical</property> + <property name="spacing">2</property> + <child internal-child="action_area"> + <object class="GtkButtonBox"> + <property name="can-focus">False</property> + <property name="homogeneous">True</property> + <property name="layout-style">end</property> + <child> + <object class="GtkButton" id="back_button"> + <property name="label">gtk-go-back</property> + <property name="visible">True</property> + <property name="can-focus">True</property> + <property name="receives-default">True</property> + <property name="tooltip-text" translatable="yes">Go back to the previous dialog to add more authentication options.</property> + <property name="use-stock">True</property> + </object> + <packing> + <property name="expand">True</property> + <property name="fill">True</property> + <property name="padding">5</property> + <property name="position">0</property> + </packing> + </child> + </object> + <packing> + <property name="expand">False</property> + <property name="fill">False</property> + <property name="position">0</property> + </packing> + </child> + </object> + </child> + <action-widgets> + <action-widget response="-6">back_button</action-widget> + </action-widgets> + </object> +</interface> diff --git a/src/anastasis/anastasis-gtk_handle-main-window-forward-clicked.c b/src/anastasis/anastasis-gtk_handle-main-window-forward-clicked.c index 68d10c6..ee1be10 100644 --- a/src/anastasis/anastasis-gtk_handle-main-window-forward-clicked.c +++ b/src/anastasis/anastasis-gtk_handle-main-window-forward-clicked.c @@ -170,6 +170,28 @@ anastasis_gtk_confirm_multifactor_dialog_response_cb ( /** + * Function called with the result of telling the + * user that they cannot use 1-FA. + * + * @param the dialog + * @param response_id must be GTK_RESPONSE_OK to proceed + * @param user_data the builder + */ +void +anastasis_gtk_deny_singlefactor_dialog_response_cb ( + GtkDialog *dialog, + gint response_id, + gpointer user_data) +{ + GtkBuilder *builder = user_data; + + gtk_widget_destroy (GTK_WIDGET (dialog)); + g_object_unref (G_OBJECT (builder)); + AG_thaw (); +} + + +/** * Launch dialog to question sanity of user providing * too few authentication methods. */ @@ -211,6 +233,46 @@ question_sanity (void) /** + * Launch dialog to deny 1-FA setups. + */ +static void +refuse_insanity (void) +{ + GtkBuilder *builder; + GtkDialog *ad; + + builder = GNUNET_GTK_get_new_builder ( + "anastasis_gtk_fail_singlefactor.glade", + NULL); + if (NULL == builder) + { + GNUNET_break (0); + return; + } + ad = GTK_DIALOG (gtk_builder_get_object (builder, + "anastasis_gtk_deny_singlefactor_dialog")); + if (NULL == ad) + { + GNUNET_break (0); + g_object_unref (G_OBJECT (builder)); + return; + } + /* show dialog */ + { + GtkWidget *toplevel; + GtkWidget *widget; + + widget = GTK_WIDGET (GCG_get_main_window_object ( + "anastasis_gtk_auth_button_grid")); + toplevel = gtk_widget_get_toplevel (widget); + gtk_window_set_transient_for (GTK_WINDOW (ad), + GTK_WINDOW (toplevel)); + gtk_window_present (GTK_WINDOW (ad)); + } +} + + +/** * The user has clicked 'next' in the 'authentications_editing' state. * Check if the number of authentication methods configured is above * a threshold. If no, warn before allowing to proceed. @@ -223,6 +285,11 @@ forward_authentications_editing (void) AG_freeze (); methods = json_object_get (AG_redux_state, "authentication_methods"); + if (json_array_size (methods) < 2) + { + refuse_insanity (); + return; + } if (json_array_size (methods) < 3) { question_sanity (); |