Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
lemonldap-ng
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
258
Issues
258
List
Boards
Labels
Service Desk
Milestones
Merge Requests
5
Merge Requests
5
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Incidents
Environments
Packages & Registries
Packages & Registries
Container Registry
Analytics
Analytics
CI / CD
Repository
Value Stream
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
LemonLDAP NG
lemonldap-ng
Commits
aa34a28b
Commit
aa34a28b
authored
Jan 30, 2016
by
Yadd
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Rearrange Nginx files
parent
9237dc78
Changes
13
Hide whitespace changes
Inline
Side-by-side
Showing
13 changed files
with
341 additions
and
287 deletions
+341
-287
Makefile
Makefile
+8
-5
_example/etc/handler-nginx.conf
_example/etc/handler-nginx.conf
+2
-1
debian/control
debian/control
+1
-1
e2e-tests/llng.psgi
e2e-tests/llng.psgi
+2
-2
lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI/Request.pm
lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI/Request.pm
+2
-0
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/API.pm
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/API.pm
+3
-3
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/API/ExperimentalNginx.pm
...handler/lib/Lemonldap/NG/Handler/API/ExperimentalNginx.pm
+222
-0
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/API/Nginx.pm
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/API/Nginx.pm
+3
-213
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/API/PSGI.pm
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/API/PSGI.pm
+4
-0
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/API/PSGI/Server.pm
...ap-ng-handler/lib/Lemonldap/NG/Handler/API/PSGI/Server.pm
+0
-12
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Nginx.pm
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Nginx.pm
+72
-0
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/PSGI/Base.pm
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/PSGI/Base.pm
+11
-30
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/PSGI/Server.pm
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/PSGI/Server.pm
+11
-20
No files found.
Makefile
View file @
aa34a28b
...
...
@@ -321,6 +321,11 @@ start_web_server: all prepare_test_server
@
if
test
"
$(TESTWEBSERVER)
"
=
"apache"
;
then
\
LLNG_DEFAULTCONFFILE
=
`
pwd
`
/e2e-tests/conf/lemonldap-ng.ini /usr/sbin/apache2
-d
`
pwd
`
/e2e-tests
-f
apache2.conf
-k
start
;
\
elif
test
"
$(TESTWEBSERVER)
"
=
"nginx"
;
then
\
echo
"Testing nginx conf"
;
\
$(NGINX)
-t
-p
`
pwd
`
/e2e-tests
\
-g
'error_log '
`
pwd
`
'/e2e-tests/conf/nginx.log;'
\
-c
`
pwd
`
/e2e-tests/nginx.conf
\
2>&1 |
grep
-v
'Permission denied'
||
true
;
\
echo
"Launching nginx"
;
\
$(NGINX)
-p
`
pwd
`
/e2e-tests
\
-g
'error_log '
`
pwd
`
'/e2e-tests/conf/nginx.log;'
\
...
...
@@ -364,12 +369,10 @@ restart_web_server: start_web_server
plackup
:
@
LLNG_DEFAULTCONFFILE
=
`
pwd
`
/e2e-tests/conf/lemonldap-ng.ini
\
/sbin/start-stop-daemon
--start
\
--pidfile
e2e-tests/conf/plackup.pid
\
-d
`
pwd
`
-b
-m
\
--exec
/usr/bin/plackup
--
\
-s
FCGI
\
plackup
-s
FCGI
\
--listen
e2e-tests/conf/llng.sock
\
--daemonize
--pid
e2e-tests/conf/plackup.pid
\
--nproc
1
--proc-title
llng-fastcgi-server
\
e2e-tests/llng.psgi
#
...
...
_example/etc/handler-nginx.conf
View file @
aa34a28b
...
...
@@ -25,7 +25,8 @@ server {
# Client requests
location
/ {
auth_request
/
lmauth
;
auth_request_set
$
lmlocation
$
upstream_http_x_location
;
auth_request_set
$
lmremote_user
$
upstream_http_lm_remote_user
;
auth_request_set
$
lmlocation
$
upstream_http_location
;
error_page
401
$
lmlocation
;
try_files
$
uri
$
uri
/ =
404
;
...
...
debian/control
View file @
aa34a28b
...
...
@@ -111,7 +111,7 @@ Package: liblemonldap-ng-handler-perl
Architecture: all
Depends: ${misc:Depends},
${perl:Depends},
libapache2-mod-perl2,
libapache2-mod-perl2
| nginx
,
liblemonldap-ng-common-perl (= ${binary:Version}),
libmouse-perl,
liburi-perl,
...
...
e2e-tests/llng.psgi
View file @
aa34a28b
...
...
@@ -18,8 +18,8 @@ my %_apps;
my
%builder
=
(
handler
=>
sub
{
require
Lemonldap::NG::Handler::
PSGI::
Server
;
return
Lemonldap::NG::Handler::
PSGI::
Server
->
run
(
{}
);
require
Lemonldap::NG::Handler::
Nginx
;
return
Lemonldap::NG::Handler::
Nginx
->
run
(
{}
);
},
manager
=>
sub
{
require
Lemonldap::NG::
Manager
;
...
...
lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI/Request.pm
View file @
aa34a28b
...
...
@@ -119,6 +119,8 @@ has CONTENT_LENGTH => (
);
has
error
=>
(
is
=>
'
rw
',
isa
=>
'
Str
',
default
=>
''
);
has
respHeaders
=>
(
is
=>
'
rw
',
isa
=>
'
HashRef
'
);
# JSON parser
sub
jsonBodyToObj
{
my
$self
=
shift
;
...
...
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/API.pm
View file @
aa34a28b
...
...
@@ -43,8 +43,8 @@ sub AUTOLOAD {
# - Nginx
if
(
!
$mode
or
$func
eq
'
newRequest
'
)
{
$mode
=
(
(
caller
(
1
)
)[
0
]
eq
'
Lemonldap::NG::Handler::
PSGI::Server
'
)
?
'
PSGI/Server
'
(
(
caller
(
1
)
)[
0
]
eq
'
Lemonldap::NG::Handler::
Nginx
'
)
?
'
Nginx
'
:
(
(
caller
(
0
)
)[
0
]
=~
/^Lemonldap::NG::Handler::PSGI/
or
(
...
...
@@ -57,7 +57,7 @@ sub AUTOLOAD {
:
$ENV
{
GATEWAY_INTERFACE
}
?
'
CGI
'
:
(
MP
==
2
)
?
'
ApacheMP2
'
:
(
MP
==
1
)
?
'
ApacheMP1
'
:
$
main::
{'
nginx::
'}
?
'
Nginx
'
:
$
main::
{'
nginx::
'}
?
'
Experimental
Nginx
'
:
'
CGI
';
unless
(
$INC
{"
Lemonldap/NG/Handler/API/
$mode
.pm
"}
)
{
$mode
=~
s#/#::#g
;
...
...
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/API/ExperimentalNginx.pm
0 → 100644
View file @
aa34a28b
package
Lemonldap::NG::Handler::API::
Nginx
;
our
$VERSION
=
'
1.9.0
';
use
constant
FORBIDDEN
=>
403
;
use
constant
HTTP_UNAUTHORIZED
=>
401
;
use
constant
REDIRECT
=>
302
;
use
constant
OK
=>
0
;
use
constant
DECLINED
=>
-
1
;
use
constant
DONE
=>
-
2
;
use
constant
SERVER_ERROR
=>
500
;
use
constant
AUTH_REQUIRED
=>
401
;
use
constant
MAINTENANCE
=>
503
;
my
$request
;
# Nginx object for current request
## @method void thread_share(string $variable)
# not applicable with Nginx
sub
thread_share
{
}
## @method void setServerSignature(string sign)
# modifies web server signature
# @param $sign String to add to server signature
sub
setServerSignature
{
my
(
$class
,
$sign
)
=
@_
;
# TODO
}
sub
newRequest
{
my
(
$class
,
$r
)
=
@_
;
$request
=
$r
;
$
Lemonldap::NG::API::
mode
=
'
Nginx
';
}
## @method void lmLog(string $msg, string $level)
# logs message $msg to Apache logs with loglevel $level
# @param $msg string message to log
# @param $level string loglevel
sub
lmLog
{
my
(
$class
,
$msg
,
$level
)
=
@_
;
# TODO
}
## @method void set_user(string user)
# sets remote_user
# @param user string username
sub
set_user
{
my
(
$class
,
$user
)
=
@_
;
$request
->
variable
(
'
lmremote_user
',
$user
);
}
## @method string header_in(string header)
# returns request header value
# @param header string request header
# @return request header value
sub
header_in
{
my
(
$class
,
$header
)
=
@_
;
$header
||=
$class
;
# to use header_in as a method or as a function
return
$request
->
header_in
(
$header
);
}
## @method void set_header_in(hash headers)
# sets or modifies request headers
# @param headers hash containing header names => header value
sub
set_header_in
{
my
(
$class
,
%headers
)
=
@_
;
while
(
my
(
$h
,
$v
)
=
each
%headers
)
{
if
(
$h
=~
/cookie/i
)
{
# TODO: check that variable $lmcookie is defined,
# else warn that LL::NG cookie will not be removed
$request
->
variable
(
'
lmcookie
',
$v
);
}
else
{
# TODO: check that header is not yet set, else throw warning
# or reject request if mode paranoid is set
# TODO: check that variable nginxName($h) is defined,
# else warn that header will not be sent
$request
->
variable
(
nginxName
(
$h
),
$v
);
}
}
}
## @method void unset_header_in(array headers)
# removes request headers
# @param headers array with header names to remove
sub
unset_header_in
{
my
(
$class
,
@headers
)
=
@_
;
foreach
my
$h1
(
@headers
)
{
# TODO: check that header is not yet set, else throw warning
$request
->
variable
(
nginxName
(
$h
),
''
);
}
}
## @method void set_header_out(hash headers)
# sets response headers
# @param headers hash containing header names => header value
sub
set_header_out
{
my
(
$class
,
%headers
)
=
@_
;
while
(
my
(
$h
,
$v
)
=
each
%headers
)
{
if
(
$h
=~
/location/i
)
{
$request
->
variable
(
'
lmlocation
',
$v
);
}
else
{
$request
->
header_out
(
$h
,
$v
);
}
}
}
## @method string hostname()
# returns host, as set by full URI or Host header
# @return host string Host value
sub
hostname
{
my
$class
=
shift
;
return
$request
->
variable
('
host
');
}
## @method string remote_ip
# returns client IP address
# @return IP_Addr string client IP
sub
remote_ip
{
my
$class
=
shift
;
return
$request
->
variable
('
remote_addr
');
}
## @method boolean is_initial_req
# returns true unless the current request is a subrequest
# @return is_initial_req boolean
sub
is_initial_req
{
my
$class
=
shift
;
return
1
;
}
## @method string args(string args)
# gets the query string
# @return args string Query string
sub
args
{
my
$class
=
shift
;
return
$request
->
args
();
}
## @method string uri
# returns the path portion of the URI, normalized, i.e. :
# * URL decoded (characters encoded as %XX are decoded,
# except ? in order not to merge path and query string)
# * references to relative path components "." and ".." are resolved
# * two or more adjacent slashes are merged into a single slash
# @return path portion of the URI, normalized
sub
uri
{
my
$class
=
shift
;
return
$request
->
uri
();
}
## @method string uri_with_args
# returns the URI, with arguments and with path portion normalized
# @return URI with normalized path portion
sub
uri_with_args
{
my
$class
=
shift
;
return
uri
()
.
(
$request
->
args
?
"
?
"
.
$request
->
args
:
""
);
}
## @method string unparsed_uri
# returns the full original request URI, with arguments
# @return full original request URI, with arguments
sub
unparsed_uri
{
my
$class
=
shift
;
return
$request
->
variable
('
request_uri
');
}
## @method string get_server_port
# returns the port the server is receiving the current request on
# @return port string server port
sub
get_server_port
{
my
$class
=
shift
;
return
$request
->
variable
('
server_port
');
}
## @method string method
# returns the method the request is sent with
# @return port string server port
sub
method
{
my
$class
=
shift
;
return
$request
->
request_method
;
}
## @method void print(string data)
# write data in HTTP response body
# @param data Text to add in response body
sub
print
{
my
(
$class
,
$data
)
=
@_
;
$request
->
print
(
$data
);
}
## @method void addToHtmlHead(string data)
# add data at end of html head: not feasible with Nginx
# @param data Text to add in html head
sub
addToHtmlHead
{
my
(
$class
,
$data
)
=
@_
;
# TODO: throw error log
}
## @method void setPostParams(hashref $params)
# add or modify parameters in POST request body: not feasible with Nginx
# @param $params hashref containing name => value
sub
setPostParams
{
my
(
$class
,
$params
)
=
@_
;
# TODO: throw error log
}
sub
nginxName
{
my
$h
=
lc
(
shift
);
$h
=~
s/-/_/g
;
return
"
lm_
$h
";
}
1
;
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/API/Nginx.pm
View file @
aa34a28b
package
Lemonldap::NG::Handler::API::
Nginx
;
use
strict
;
our
$VERSION
=
'
1.9.0
';
use
constant
FORBIDDEN
=>
403
;
use
constant
HTTP_UNAUTHORIZED
=>
401
;
use
constant
REDIRECT
=>
302
;
use
constant
OK
=>
0
;
use
constant
DECLINED
=>
-
1
;
use
constant
DONE
=>
-
2
;
use
constant
SERVER_ERROR
=>
500
;
use
constant
AUTH_REQUIRED
=>
401
;
use
constant
MAINTENANCE
=>
503
;
use
base
'
Lemonldap::NG::Handler::API::PSGI
';
my
$request
;
# Nginx object for current request
## @method void thread_share(string $variable)
# not applicable with Nginx
sub
thread_share
{
}
## @method void setServerSignature(string sign)
# modifies web server signature
# @param $sign String to add to server signature
sub
setServerSignature
{
my
(
$class
,
$sign
)
=
@_
;
# TODO
}
sub
newRequest
{
my
(
$class
,
$r
)
=
@_
;
$request
=
$r
;
$
Lemonldap::NG::API::
mode
=
'
Nginx
';
}
## @method void lmLog(string $msg, string $level)
# logs message $msg to Apache logs with loglevel $level
# @param $msg string message to log
# @param $level string loglevel
sub
lmLog
{
my
(
$class
,
$msg
,
$level
)
=
@_
;
# TODO
}
## @method void set_user(string user)
# sets remote_user
# @param user string username
sub
set_user
{
my
(
$class
,
$user
)
=
@_
;
$request
->
variable
(
'
lmremote_user
',
$user
);
}
## @method string header_in(string header)
# returns request header value
# @param header string request header
# @return request header value
sub
header_in
{
my
(
$class
,
$header
)
=
@_
;
$header
||=
$class
;
# to use header_in as a method or as a function
return
$request
->
header_in
(
$header
);
}
## @method void set_header_in(hash headers)
# sets or modifies request headers
# @param headers hash containing header names => header value
sub
set_header_in
{
my
(
$class
,
%headers
)
=
@_
;
while
(
my
(
$h
,
$v
)
=
each
%headers
)
{
if
(
$h
=~
/cookie/i
)
{
# TODO: check that variable $lmcookie is defined,
# else warn that LL::NG cookie will not be removed
$request
->
variable
(
'
lmcookie
',
$v
);
}
else
{
# TODO: check that header is not yet set, else throw warning
# or reject request if mode paranoid is set
# TODO: check that variable nginxName($h) is defined,
# else warn that header will not be sent
$request
->
variable
(
nginxName
(
$h
),
$v
);
}
}
}
## @method void unset_header_in(array headers)
# removes request headers
# @param headers array with header names to remove
sub
unset_header_in
{
my
(
$class
,
@headers
)
=
@_
;
foreach
my
$h1
(
@headers
)
{
# TODO: check that header is not yet set, else throw warning
$request
->
variable
(
nginxName
(
$h
),
''
);
}
}
## @method void set_header_out(hash headers)
# sets response headers
# @param headers hash containing header names => header value
sub
set_header_out
{
my
(
$class
,
%headers
)
=
@_
;
while
(
my
(
$h
,
$v
)
=
each
%headers
)
{
if
(
$h
=~
/location/i
)
{
$request
->
variable
(
'
lmlocation
',
$v
);
}
else
{
$request
->
header_out
(
$h
,
$v
);
}
}
}
## @method string hostname()
# returns host, as set by full URI or Host header
# @return host string Host value
sub
hostname
{
my
$class
=
shift
;
return
$request
->
variable
('
host
');
}
## @method string remote_ip
# returns client IP address
# @return IP_Addr string client IP
sub
remote_ip
{
my
$class
=
shift
;
return
$request
->
variable
('
remote_addr
');
}
## @method boolean is_initial_req
# returns true unless the current request is a subrequest
# @return is_initial_req boolean
sub
is_initial_req
{
my
$class
=
shift
;
return
1
;
}
## @method string args(string args)
# gets the query string
# @return args string Query string
sub
args
{
my
$class
=
shift
;
return
$request
->
args
();
}
## @method string uri
# returns the path portion of the URI, normalized, i.e. :
# * URL decoded (characters encoded as %XX are decoded,
# except ? in order not to merge path and query string)
# * references to relative path components "." and ".." are resolved
# * two or more adjacent slashes are merged into a single slash
# @return path portion of the URI, normalized
sub
uri
{
my
$class
=
shift
;
return
$request
->
uri
();
}
## @method string uri_with_args
# returns the URI, with arguments and with path portion normalized
# @return URI with normalized path portion
sub
uri_with_args
{
my
$class
=
shift
;
return
uri
()
.
(
$request
->
args
?
"
?
"
.
$request
->
args
:
""
);
}
## @method string unparsed_uri
# returns the full original request URI, with arguments
# @return full original request URI, with arguments
sub
unparsed_uri
{
my
$class
=
shift
;
return
$request
->
variable
('
request_uri
');
}
## @method string get_server_port
# returns the port the server is receiving the current request on
# @return port string server port
sub
get_server_port
{
my
$class
=
shift
;
return
$request
->
variable
('
server_port
');
}
## @method string method
# returns the method the request is sent with
# @return port string server port
sub
method
{
my
$class
=
shift
;
return
$request
->
request_method
;
}
## @method void print(string data)
# write data in HTTP response body
# @param data Text to add in response body
sub
print
{
my
(
$class
,
$data
)
=
@_
;
$request
->
print
(
$data
);
}
## @method void addToHtmlHead(string data)
# add data at end of html head: not feasible with Nginx
# @param data Text to add in html head
sub
addToHtmlHead
{
my
(
$class
,
$data
)
=
@_
;
# TODO: throw error log
}
## @method void setPostParams(hashref $params)
# add or modify parameters in POST request body: not feasible with Nginx
# @param $params hashref containing name => value
sub
setPostParams
{
my
(
$class
,
$params
)
=
@_
;
# TODO: throw error log
}
sub
nginxName
{
my
$h
=
lc
(
shift
);
$h
=~
s/-/_/g
;
return
"
lm_
$h
";
return
$
Lemonldap::NG::Handler::API::PSGI::
request
->
original_uri
;
}
1
;
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/API/PSGI.pm
View file @
aa34a28b
...
...
@@ -30,6 +30,10 @@ sub thread_share {
# nothing to do in PSGI
}
## @method void newRequest($r)
# Store request in global $request variable
#
#@param $r Lemonldap::NG::Common::PSGI::Request
sub
newRequest
{
my
(
$class
,
$r
)
=
@_
;
$request
=
$r
;
...
...
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/API/PSGI/Server.pm
deleted
100644 → 0
View file @
9237dc78
package
Lemonldap::NG::Handler::API::PSGI::
Server
;
use
strict
;
our
$VERSION
=
'
1.9.0
';
use
base
'
Lemonldap::NG::Handler::API::PSGI
';
sub
uri
{
return
$
Lemonldap::NG::Handler::API::PSGI::
request
->
original_uri
;
}
1
;
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Nginx.pm
0 → 100644
View file @
aa34a28b
# PSGI authentication package written for Nginx. It replace
# Lemonldap::NG::Handler::PSGI::Server to manage Nginx behaviour
package
Lemonldap::NG::Handler::
Nginx
;
use
strict
;
use
Mouse
;
use
Lemonldap::NG::Handler::
SharedConf
qw(:tsv)
;
extends
'
Lemonldap::NG::Handler::PSGI
';
## @method Code-Ref _run()
# Return a subroutine that call _authAndTrace() and tranform redirection
# response code from 302 to 401 (not authenticated) ones. This is required
# because Nginx "auth_request" parameter does not accept it. The Nginx
# configuration file should transform them back to 302 using:
#
# auth_request_set $lmlocation $upstream_http_location;
# error_page 401 $lmlocation;
#
#@return subroutine that will be called to manage FastCGI queries
sub
_run
{
my
$self
=
shift
;
return
sub
{
my
$req
=
$_
[
0
];
$self
->
lmLog
(
'
New request
',
'
debug
'
);
my
$res
=
$self
->
_authAndTrace
(
Lemonldap::NG::Common::PSGI::
Request
->
new
(
$_
[
0
]
)
);
# Transform 302 responses in 401 since Nginx refuse it
if
(
$res
->
[
0
]
==
302
or
$res
->
[
0
]
==
303
)
{
$res
->
[
0
]
=
401
;
}
# TODO: transform headers in $res->[1]