IntenseWebs/pgadmin4
3
0
Fork 0
mirror of https://github.com/pgadmin-org/pgadmin4.git synced 2025-02-25 18:55:31 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fixed Multi-Factor Authentication bypass vulnerability (CVE-2024-4215). #7425

Browse Source
This commit is contained in:
Khushboo Vashi
2024-04-29 13:41:02 +05:30
committed by Akshay Joshi
parent e18a8bf620
commit f4761f55f7
35 changed files with 309 additions and 271 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
web/pgadmin/authenticate/__init__.py
View File

@@ -23,12 +23,10 @@ from flask_security.utils import logout_user, config_value
from flask_login import current_user
from flask_socketio import disconnect, ConnectionRefusedError
from pgadmin.model import db, User
from pgadmin.utils import PgAdminModule, get_safe_post_login_redirect, \
get_safe_post_logout_redirect
from pgadmin.utils.constants import KERBEROS, INTERNAL, OAUTH2, LDAP,\
MessageType
import pgadmin.utils as pga_utils
from pgadmin.authenticate.registry import AuthSourceRegistry
MODULE_NAME = 'authenticate'
@@ -84,7 +82,7 @@ def socket_login_required(f):
return wrapped
class AuthenticateModule(PgAdminModule):
class AuthenticateModule(pga_utils.PgAdminModule):
def get_exposed_url_endpoints(self):
return ['authenticate.login']
@@ -135,7 +133,7 @@ def _login():
'Administrator.'),
MessageType.WARNING)
logout_user()
return redirect(get_safe_post_logout_redirect())
return redirect(pga_utils.get_safe_post_logout_redirect())
# Validate the user
if not auth_obj.validate():
@@ -161,7 +159,7 @@ def _login():
flash_login_attempt_error = None
flash(error, MessageType.WARNING)
return redirect(get_safe_post_logout_redirect())
return redirect(pga_utils.get_safe_post_logout_redirect())
# Authenticate the user
status, msg = auth_obj.authenticate()
@@ -177,7 +175,7 @@ def _login():
'authenticate.kerberos_login'), url_for('browser.index')))
flash(msg, MessageType.ERROR)
return redirect(get_safe_post_logout_redirect())
return redirect(pga_utils.get_safe_post_logout_redirect())
session['auth_source_manager'] = current_auth_obj
@@ -187,7 +185,7 @@ def _login():
if 'auth_obj' in session:
session.pop('auth_obj')
return redirect(get_safe_post_login_redirect())
return redirect(pga_utils.get_safe_post_login_redirect())
elif isinstance(msg, Response):
return msg

6
web/pgadmin/authenticate/kerberos.py
View File

@@ -18,7 +18,7 @@ from flask import request, Response, session,\
current_app, render_template, flash, url_for
from flask_security.views import _security
from flask_security.utils import logout_user
from flask_security import login_required
from pgadmin.user_login_check import pga_login_required
import config
from pgadmin.model import User
@@ -97,7 +97,7 @@ def init_app(app):
@blueprint.route("/update_ticket",
endpoint="update_ticket", methods=["GET"])
@pgCSRFProtect.exempt
@login_required
@pga_login_required
def kerberos_update_ticket():
"""
Update the kerberos ticket.
@@ -127,7 +127,7 @@ def init_app(app):
@blueprint.route("/validate_ticket",
endpoint="validate_ticket", methods=["GET"])
@pgCSRFProtect.exempt
@login_required
@pga_login_required
def kerberos_validate_ticket():
"""
Return the kerberos ticket lifetime left after getting the

6
web/pgadmin/authenticate/mfa/utils.py
View File

@@ -13,7 +13,7 @@ from functools import wraps
from flask import url_for, session, request, redirect
from flask_login.utils import login_url
from flask_security import current_user
from flask_security import current_user, login_required
import config
from pgadmin.model import UserMFA, db
@@ -279,7 +279,7 @@ def mfa_required(wrapped):
registration_url = url_for('mfa.register')
if next_url.startswith(registration_url):
return url('browser.index')
return url_for('browser.index')
return next_url
@@ -290,8 +290,8 @@ def mfa_required(wrapped):
return redirect(login_url("mfa.register", next_url=get_next_url()))
@wraps(wrapped)
@login_required
def inner(*args, **kwargs):
def execute_func():
session['mfa_authenticated'] = True
return wrapped(*args, **kwargs)