Commit 4d8c2546 authored by Xavier Guimard's avatar Xavier Guimard

REST in progress (#970)

parent 34460af4
......@@ -71,6 +71,7 @@ lib/Lemonldap/NG/Portal/Lib/OpenID/Server.pm
lib/Lemonldap/NG/Portal/Lib/OpenID/SREG.pm
lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm
lib/Lemonldap/NG/Portal/Lib/Remote.pm
lib/Lemonldap/NG/Portal/Lib/RESTProxy.pm
lib/Lemonldap/NG/Portal/Lib/SAML.pm
lib/Lemonldap/NG/Portal/Lib/Slave.pm
lib/Lemonldap/NG/Portal/Lib/SMTP.pm
......@@ -373,6 +374,7 @@ t/32-Auth-and-issuer-OIDC-authorization_code.t
t/32-Auth-and-issuer-OIDC-hybrid.t
t/32-Auth-and-issuer-OIDC-implicit.t
t/33-Auth-and-issuer-OpenID2.t
t/34-Auth-Proxy-and-REST-Server.t
t/34-Auth-Proxy-and-SOAP-Server.t
t/40-Notifications-DBI.t
t/50-IssuerGet.t
......
......@@ -13,12 +13,12 @@ extends 'Lemonldap::NG::Portal::Auth::_WebForm';
sub init {
my ($self) = @_;
if ( $self->conf->{proxyUseSoap} ) {
extends 'Lemonldap::NG::Portal::Auth::_WebForm',
'Lemonldap::NG::Portal::Lib::SOAPProxy';
extends 'Lemonldap::NG::Portal::Lib::SOAPProxy',
'Lemonldap::NG::Portal::Auth::_WebForm';
}
else {
extends 'Lemonldap::NG::Portal::Auth::_WebForm',
'Lemonldap::NG::Portal::Lib::RESTProxy';
extends 'Lemonldap::NG::Portal::Lib::RESTProxy',
'Lemonldap::NG::Portal::Auth::_WebForm';
}
return $self->SUPER::init();
}
......@@ -31,10 +31,6 @@ sub setAuthSessionInfo {
PE_OK;
}
sub authLogout {
PE_OK;
}
sub getDisplayType {
return "standardform";
}
......
......@@ -9,14 +9,7 @@ use Lemonldap::NG::Common::FormEncode;
our $VERSION = '2.0.0';
has ua => (
is => 'rw',
default => sub {
my $ua = LWP::UserAgent->new;
$ua->default_header( Accept => 'application/json' );
return $ua;
}
);
has ua => ( is => 'rw' );
# INITIALIZATION
......@@ -24,7 +17,10 @@ sub init {
my ($self) = @_;
$self->conf->{remoteCookieName} ||= $self->conf->{cookieName};
$self->conf->{proxySessionService} ||=
$self->conf->{proxyAuthService} . '/mysession/';
$self->conf->{proxyAuthService} . '/mysession';
$self->conf->{proxySessionService} =~ s#/*$##;
$self->ua( LWP::UserAgent->new );
$self->ua->default_header( Accept => 'application/json' );
unless ( defined $self->conf->{proxyAuthService} ) {
$self->error("Missing proxyAuthService parameter");
......@@ -61,9 +57,10 @@ sub getUser {
return PE_BADCREDENTIALS;
}
$req->sessionInfo->{_proxyCookies} = join '; ',
map { s/;.*$// } $resp->header('Set-Cookie');
map { s/;.*$//; $_ } $resp->header('Set-Cookie');
$self->lmLog(
'Store cookies in session (' . $req->sessionInfo->{_proxyCookies} . ')',
'Store remote cookies in session ('
. $req->sessionInfo->{_proxyCookies} . ')',
'debug'
);
PE_OK;
......@@ -73,10 +70,13 @@ sub setSessionInfo {
my ( $self, $req ) = @_;
return PE_OK if ( $req->datas->{_setSessionInfoDone} );
my $q = HTTP::Request->new(
GET => $self->conf->{proxySessionService},
Cookie => $req->sessionInfo->{_proxyCookies}
GET => $self->conf->{proxySessionService} . '/global',
[
Cookie => $req->sessionInfo->{_proxyCookies},
Accept => 'application/json'
]
);
my $resp = $self->ua->get($q);
my $resp = $self->ua->request($q);
unless ( $resp->is_success ) {
$self->lmLog( 'Unable to query session service: ' . $resp->status_line,
'error' );
......@@ -95,5 +95,19 @@ sub setSessionInfo {
PE_OK;
}
sub authLogout {
my ( $self, $req ) = @_;
$self->lmLog( 'Proxy ask logout to '. $self->conf->{proxyAuthService},'debug');
my $q = HTTP::Request->new(
GET => $self->conf->{proxyAuthService} . '?logout=1',
[
Cookie => $req->sessionInfo->{_proxyCookies},
Accept => 'application/json'
]
);
my $resp = $self->ua->request($q);
return PE_OK;
}
1;
......@@ -84,4 +84,8 @@ sub setSessionInfo {
PE_OK;
}
sub authLogout {
PE_OK;
}
1;
......@@ -103,6 +103,7 @@ sub init {
[ 'GET', 'POST' ]
);
extends @parents if ($add);
$self->setTypes( $self->conf ) if ( $self->conf->{restSessionServer} );
return 1;
}
......@@ -167,7 +168,7 @@ sub delSession {
sub delMySession {
my ( $self, $req, $id ) = @_;
return $self->delSession( $req, $req->id );
return $self->delSession( $req, $req->userData->{_session_id} );
}
sub mysession {
......@@ -176,7 +177,7 @@ sub mysession {
# 1. whoami
if ( defined $req->param('whoami') ) {
return $self->p->sendJSONresponse( $req,
{ result => $req->sessionInfo->{ $self->conf->{whatToTrace} } } );
{ result => $req->userData->{ $self->conf->{whatToTrace} } } );
}
# Verify authorizationfor arg
......@@ -209,7 +210,8 @@ sub mysession {
sub getMyKey {
my ( $self, $req, $key ) = @_;
return $self->session( $req, $req->id, $key );
$self->lmLog( 'Request to get personal session info', 'debug' );
return $self->session( $req, $req->userData->{_session_id}, $key );
}
1;
use Test::More;
use strict;
use IO::String;
BEGIN {
require 't/test-lib.pm';
}
my $debug = 'error';
my ( $issuer, $sp, $res );
my %handlerOR = ( issuer => [], sp => [] );
ok( $issuer = issuer(), 'Issuer portal' );
$handlerOR{issuer} = \@Lemonldap::NG::Handler::Main::Reload::_onReload;
switch ('sp');
ok( $sp = sp(), 'SP portal' );
$handlerOR{sp} = \@Lemonldap::NG::Handler::Main::Reload::_onReload;
# Simple SP access
ok(
$res = $sp->_get(
'/', accept => 'text/html',
),
'Unauth SP request'
);
expectOK($res);
# Try to auth
ok(
$res = $sp->_post(
'/', IO::String->new('user=dwho&password=dwho'),
length => 23,
accept => 'text/html'
),
'Post user/password'
);
expectRedirection( $res, 'http://auth.sp.com' );
my $spId = expectCookie($res);
# Logout
ok(
$res = $sp->_get(
'/',
query => 'logout',
accept => 'text/html',
cookie => "lemonldap=$spId"
),
'Ask for logout'
);
count(1);
expectOK($res);
# Test if logout is done
ok(
$res = $sp->_get(
'/', cookie => "lemonldap=$spId",
),
'Test if user is reject on IdP'
);
count(1);
expectReject($res);
count(4);
clean_sessions();
done_testing( count() );
# Redefine LWP methods for tests
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#http://auth.idp.com(.*)#, " REST request (uri: $1)" );
count(1);
my $url = $1;
my $res;
my $s = $req->content;
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $issuer->_post(
$url,
IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Post request'
);
count(1);
expectOK($res);
expectCookie($res);
}
else {
ok(
$res = $issuer->_get(
$url,
accept => $req->header('Accept'),
cookie => $req->header('Cookie')
),
' Execute request'
);
count(1);
expectOK($res);
}
ok( getHeader( $res, 'Content-Type' ) =~ m#^(?:text|application)/json#,
'Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
count(1);
my $httpResp;
$httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
$httpResp->content( join( '', @{ $res->[2] } ) );
return $httpResp;
}
sub switch {
my $type = shift;
@Lemonldap::NG::Handler::Main::Reload::_onReload = @{
$handlerOR{$type};
};
}
sub issuer {
return LLNG::Manager::Test->new(
{
ini => {
logLevel => $debug,
templatesDir => 'site/htdocs/static',
domain => 'idp.com',
portal => 'http://auth.idp.com',
authentication => 'Demo',
userDB => 'Demo',
restSessionServer => 1,
}
}
);
}
sub sp {
return LLNG::Manager::Test->new(
{
ini => {
logLevel => $debug,
domain => 'sp.com',
portal => 'http://auth.sp.com',
authentication => 'Proxy',
userDB => 'Proxy',
proxyAuthService => 'http://auth.idp.com',
proxyUseSoap => 0,
},
}
);
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment