Commit 10509e2a authored by Xavier Guimard's avatar Xavier Guimard

REST in progress (#970)

parent 9f49d0b1
......@@ -186,6 +186,8 @@ sub defaultValues {
'portalRequireOldPassword' => 1,
'portalSkin' => 'bootstrap',
'portalUserAttr' => '_user',
'proxyAuthnLevel' => 2,
'proxyUseSoap' => 0,
'radiusAuthnLevel' => 3,
'randomPasswordRegexp' => '[A-Z]{3}[a-z]{5}.\\d{2}',
'redirectFormMethod' => 'get',
......
......@@ -1932,6 +1932,17 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
'test' => qr/^(?:none|authenticate|manager|)$/,
'type' => 'text'
},
'proxyAuthnLevel' => {
'default' => 2,
'type' => 'int'
},
'proxyAuthService' => {
'type' => 'text'
},
'proxyUseSoap' => {
'default' => 0,
'type' => 'bool'
},
'radiusAuthnLevel' => {
'default' => 3,
'type' => 'int'
......@@ -2694,9 +2705,6 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+))(?::\d+)?)?$/,
'type' => 'text'
},
'soapAuthService' => {
'type' => 'text'
},
'soapConfigServer' => {
'default' => 0,
'type' => 'bool'
......@@ -2705,9 +2713,6 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-
'default' => 0,
'type' => 'bool'
},
'soapSessionService' => {
'type' => 'text'
},
'SSLAuthnLevel' => {
'default' => 5,
'type' => 'int'
......
......@@ -962,8 +962,8 @@ sub attributes {
documentation => 'Enable SOAP session server',
},
soapConfigServer => {
default => 0,
type => 'bool',
default => 0,
type => 'bool',
documentation => 'Enable SOAP config server',
},
exportedAttr => {
......@@ -2004,9 +2004,18 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
},
# Proxy
soapAuthService => { type => 'text', },
remoteCookieName => { type => 'text', },
soapSessionService => { type => 'text', },
proxyAuthService => { type => 'text', },
remoteCookieName => { type => 'text', },
proxyUseSoap => {
type => 'bool',
default => 0,
documentation => 'Use SOAP instead of REST',
},
proxyAuthnLevel => {
type => 'int',
default => 2,
documentation => 'Proxy authentication level',
},
# OpenID
openIdAuthnLevel => {
......
......@@ -298,8 +298,8 @@ sub tree {
help => 'authproxy.html',
form => 'simpleInputContainer',
nodes => [
'soapAuthService', 'remoteCookieName',
'soapSessionService'
'proxyUseSoap', 'proxyAuthService',
'remoteCookieName', 'proxyAuthnLevel'
]
},
{
......
......@@ -42,7 +42,7 @@ our $authParameters = {
nullParams => [qw(nullAuthnLevel)],
oidcParams => [qw(oidcAuthnLevel oidcRPCallbackGetParam oidcRPStateTimeout)],
openidParams => [qw(openIdAuthnLevel openIdExportedVars openIdSecret openIdIDPList)],
proxyParams => [qw(soapAuthService remoteCookieName soapSessionService)],
proxyParams => [qw(proxyUseSoap proxyAuthService remoteCookieName proxyAuthnLevel)],
radiusParams => [qw(radiusAuthnLevel radiusSecret radiusServer)],
remoteParams => [qw(remotePortal remoteCookieName remoteGlobalStorage remoteGlobalStorageOptions)],
slaveParams => [qw(slaveAuthnLevel slaveExportedVars slaveUserHeader slaveMasterIP slaveHeaderName slaveHeaderContent)],
......
......@@ -519,7 +519,10 @@
"postTargetUrl": "Form target URL (optional)",
"previous": "Previous",
"privateKey": "Private key",
"proxyAuthnLevel": "Authentication level",
"proxyAuthService": "Portal URL",
"proxyParams": "Proxy parameters",
"proxyUseSoap": "Use SOAP instead of REST",
"publicKey": "Public key",
"purgeNotification": "Delete notification definitely",
"radiusAuthnLevel": "Authentication level",
......@@ -593,8 +596,6 @@
"SMTPServer": "SMTP server",
"soapConfigServer": "SOAP configuration server",
"soapSessionServer": "SOAP session server",
"soapAuthService": "Portal URL",
"soapSessionService": "SOAP sessions end point",
"specialHandlers": "Special Handlers",
"specialRule": "Special rule",
"SSLAuthnLevel": "Authentication level",
......
......@@ -519,7 +519,10 @@
"postTargetUrl": "URL cible du formulaire (optionnel)",
"previous": "Précédente",
"privateKey": "Clef privée",
"proxyAuthnLevel": "Niveau d'authentification",
"proxyAuthService": "URL du portail",
"proxyParams": "Paramètres Proxy",
"proxyUseSoap": "Utiliser SOAP ai lieu de REST",
"publicKey": "Clef publique",
"purgeNotification": "Supprimer définitivement la notification",
"radiusAuthnLevel": "Niveau d'authentification",
......@@ -593,8 +596,6 @@
"SMTPServer": "Serveur SMTP",
"soapConfigServer": "Serveur de configurations SOAP",
"soapSessionServer": "Serveur de sessions SOAP",
"soapAuthService": "URL du portail",
"soapSessionService": "Point d'accès SOAP des sessions",
"specialHandlers": "Handlers spéciaux",
"specialRule": "Règle spécifique",
"SSLAuthnLevel": "Niveau d'authentification",
......
......@@ -6,11 +6,31 @@ use Lemonldap::NG::Portal::Main::Constants qw(PE_OK);
our $VERSION = '2.0.0';
extends 'Lemonldap::NG::Portal::Auth::_WebForm',
'Lemonldap::NG::Portal::Lib::Proxy';
extends 'Lemonldap::NG::Portal::Auth::_WebForm';
# INITIALIZATION
sub init {
my ($self) = @_;
if ( $self->conf->{proxyUseSoap} ) {
extends 'Lemonldap::NG::Portal::Auth::_WebForm',
'Lemonldap::NG::Portal::Lib::SOAPProxy';
}
else {
extends 'Lemonldap::NG::Portal::Auth::_WebForm',
'Lemonldap::NG::Portal::Lib::RESTProxy';
}
return $self->SUPER::init();
}
# RUNNING METHODS
sub setAuthSessionInfo {
my ( $self, $req ) = @_;
$req->{sessionInfo}->{authenticationLevel} = $self->conf->{proxyAuthnLevel};
PE_OK;
}
sub authLogout {
PE_OK;
}
......
# Auth/Proxy.pm and UserDB/Proxy.pm simple inheritance of this package
package Lemonldap::NG::Portal::Lib::Proxy;
package Lemonldap::NG::Portal::Lib::SOAPProxy;
use strict;
use Mouse;
......@@ -12,13 +12,10 @@ our $VERSION = '2.0.0';
sub init {
my ($self) = @_;
$self->conf->{soapSessionService} ||=
$self->conf->{soapAuthService} . '/sessions';
$self->conf->{soapSessionService} =~ s/\.plindex.pl/\.pl/;
$self->conf->{remoteCookieName} ||= $self->conf->{cookieName};
unless ( defined $self->conf->{soapSessionService} ) {
$self->error("Missing soapSessionService parameter");
unless ( defined $self->conf->{proxyAuthService} ) {
$self->error("Missing proxyAuthService parameter");
return 0;
}
return 1;
......@@ -31,7 +28,7 @@ sub init {
sub getUser {
my ( $self, $req ) = @_;
return PE_OK if ( $req->datas->{_proxyQueryDone} );
my $soap = SOAP::Lite->proxy( $self->conf->{soapSessionService} )
my $soap = SOAP::Lite->proxy( $self->conf->{proxyAuthService} )
->uri('urn:Lemonldap/NG/Common/PSGI/SOAPService');
my $r = $soap->getCookies( $req->{user}, $req->datas->{password} );
if ( $r->fault ) {
......@@ -64,7 +61,7 @@ sub setSessionInfo {
my ( $self, $req ) = @_;
return PE_OK if ( $req->datas->{_setSessionInfoDone} );
my $soap =
SOAP::Lite->proxy( $self->conf->{soapSessionService} )
SOAP::Lite->proxy( $self->conf->{proxyAuthService} )
->uri('urn:Lemonldap/NG/Common/PSGI/SOAPService');
my $r = $soap->getAttributes( $req->datas->{_remoteId} );
if ( $r->fault ) {
......
......@@ -4,10 +4,25 @@ use strict;
use Mouse;
use Lemonldap::NG::Portal::Main::Constants 'PE_OK';
extends 'Lemonldap::NG::Common::Module', 'Lemonldap::NG::Portal::Lib::Proxy';
extends 'Lemonldap::NG::Common::Module';
our $VERSION = '2.0.0';
# INITIALIZATION
sub init {
my ($self) = @_;
if ( $self->conf->{proxyUseSoap} ) {
extends 'Lemonldap::NG::Common::Module',
'Lemonldap::NG::Portal::Lib::SOAPProxy';
}
else {
extends 'Lemonldap::NG::Common::Module',
'Lemonldap::NG::Portal::Lib::RESTProxy';
}
return $self->SUPER::init();
}
# RUNNING METHODS
sub setGroups {
......
......@@ -115,12 +115,13 @@ sub sp {
return LLNG::Manager::Test->new(
{
ini => {
logLevel => $debug,
domain => 'sp.com',
portal => 'http://auth.sp.com',
authentication => 'Proxy',
userDB => 'Proxy',
soapSessionService => 'http://auth.idp.com/sessions',
logLevel => $debug,
domain => 'sp.com',
portal => 'http://auth.sp.com',
authentication => 'Proxy',
userDB => 'Proxy',
proxyAuthService => 'http://auth.idp.com/sessions',
proxyUseSoap => 1,
},
}
);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment