Commit cdeec009 authored by Xavier Guimard's avatar Xavier Guimard

Replace "?lmError=" by router path (#595)

parent a8f7e689
......@@ -12,8 +12,8 @@ log_format lm_combined '$remote_addr - $lmremote_user [$time_local] '
'"$http_referer" "$http_user_agent"';
# Common error page and security parameters
error_page 500 http://auth.__DNSDOMAIN__/?lmError=500;
error_page 503 http://auth.__DNSDOMAIN__/?lmError=503;
error_page 500 http://auth.__DNSDOMAIN__/lmerror/500;
error_page 503 http://auth.__DNSDOMAIN__/lmerror/503;
server {
listen __VHOSTLISTEN__;
......
......@@ -20,9 +20,9 @@ PerlOptions +GlobalRequest
PerlModule Lemonldap::NG::Handler
# Common error page and security parameters
ErrorDocument 403 http://auth.__DNSDOMAIN__/?lmError=403
ErrorDocument 500 http://auth.__DNSDOMAIN__/?lmError=500
ErrorDocument 503 http://auth.__DNSDOMAIN__/?lmError=503
ErrorDocument 403 http://auth.__DNSDOMAIN__/lmerror/403
ErrorDocument 500 http://auth.__DNSDOMAIN__/lmerror/500
ErrorDocument 503 http://auth.__DNSDOMAIN__/lmerror/503
<VirtualHost __VHOSTLISTEN__>
ServerName reload.__DNSDOMAIN__
......
......@@ -20,9 +20,9 @@ PerlOptions +GlobalRequest
PerlModule Lemonldap::NG::Handler
# Common error page and security parameters
ErrorDocument 403 http://auth.__DNSDOMAIN__/?lmError=403
ErrorDocument 500 http://auth.__DNSDOMAIN__/?lmError=500
ErrorDocument 503 http://auth.__DNSDOMAIN__/?lmError=503
ErrorDocument 403 http://auth.__DNSDOMAIN__/lmerror/403
ErrorDocument 500 http://auth.__DNSDOMAIN__/lmerror/500
ErrorDocument 503 http://auth.__DNSDOMAIN__/lmerror/503
<VirtualHost __VHOSTLISTEN__>
ServerName reload.__DNSDOMAIN__
......
......@@ -20,9 +20,9 @@ PerlOptions +GlobalRequest
PerlModule Lemonldap::NG::Handler
# Common error page and security parameters
ErrorDocument 403 http://auth.__DNSDOMAIN__/?lmError=403
ErrorDocument 500 http://auth.__DNSDOMAIN__/?lmError=500
ErrorDocument 503 http://auth.__DNSDOMAIN__/?lmError=503
ErrorDocument 403 http://auth.__DNSDOMAIN__/lmerror/403
ErrorDocument 500 http://auth.__DNSDOMAIN__/lmerror/500
ErrorDocument 503 http://auth.__DNSDOMAIN__/lmerror/503
<VirtualHost __VHOSTLISTEN__>
ServerName reload.__DNSDOMAIN__
......
......@@ -145,7 +145,7 @@ sub _authAndTrace {
}
else {
my %h = $req->{respHeaders} ? @{ $req->{respHeaders} } : ();
my $s = $type->tsv->{portal}->() . "?lmError=$res";
my $s = $type->tsv->{portal}->() . "/lmerror/$res";
$s =
'<html><head><title>Redirection</title></head><body>'
. qq{<script type="text/javascript">window.location='$s'</script>}
......
......@@ -227,7 +227,7 @@ sub _returnError {
# Redirect or Forbidden?
if ( $class->tsv->{useRedirectOnError} ) {
$class->logger->debug("Use redirect for error");
return $class->goToPortal( '/', 'lmError=500' );
return $class->goToError( '/', 500 );
}
else {
......
......@@ -91,7 +91,7 @@ sub run {
if ( $class->tsv->{useRedirectOnError} ) {
$class->logger->debug("Go to portal with maintenance error code");
return $class->goToPortal( '/', 'lmError=' . $class->MAINTENANCE );
return $class->goToError( '/', $class->MAINTENANCE );
}
else {
$class->logger->debug("Return maintenance error code");
......@@ -294,7 +294,7 @@ sub forbidden {
# Redirect or Forbidden?
if ( $class->tsv->{useRedirectOnForbidden} ) {
$class->logger->debug("Use redirect for forbidden access");
return $class->goToPortal( $uri, 'lmError=403' );
return $class->goToError( $uri, 403 );
}
else {
$class->logger->debug("Return forbidden access");
......@@ -344,6 +344,17 @@ sub goToPortal {
return $class->REDIRECT;
}
sub goToError {
my ( $class, $url, $code ) = @_;
my $urlc_init = $class->encodeUrl($url);
$class->logger->debug(
"Redirect " . $class->remote_ip . " to lmError (url was $url)" );
$class->set_header_out( 'Location' => $class->tsv->{portal}->()
. "/lmerror/$code"
. "?url=$urlc_init" );
return $class->REDIRECT;
}
## @rmethod protected fetchId()
# Get user cookies and search for Lemonldap::NG cookie.
# @return Value of the cookie if found, 0 else
......@@ -563,7 +574,7 @@ sub abort {
# Redirect or die
if ( $class->tsv->{useRedirectOnError} ) {
$class->logger->debug("Use redirect for error");
return $class->goToPortal( $uri, 'lmError=500' );
return $class->goToError( $uri, 500 );
}
else {
return $class->SERVER_ERROR;
......
......@@ -36,26 +36,6 @@ sub display {
my $skin_dir = $self->conf->{templatesDir};
my ( $skinfile, %templateParams );
# 0. Display error page
if ( my $http_error = $req->param('lmError') ) {
$skinfile = 'error';
# Check URL
$self->controlUrl($req);
%templateParams = (
LOGOUT_URL => $self->conf->{portal} . "?logout=1",
URL => $req->{urldc},
);
# Error code
foreach ( 403, 500, 503 ) {
$templateParams{"ERROR$_"} = ( $http_error == $_ ? 1 : 0 );
}
}
# 1. Authentication not complete
# 1.1 A notification has to be done (session is created but hidden and
......
......@@ -109,10 +109,14 @@ sub init {
->addUnauthRoute( 'psgi.js' => 'sendJs', ['GET'] )
->addAuthRoute( 'psgi.js' => 'sendJs', ['GET'] )
# psgi.js
# portal.css
->addUnauthRoute( 'portal.css' => 'sendCss', ['GET'] )
->addAuthRoute( 'portal.css' => 'sendCss', ['GET'] )
# lmerror
->addUnauthRoute( lmerror => { ':code' => 'lmError' }, ['GET'] )
->addAuthRoute( lmerror => { ':code' => 'lmError' }, ['GET'] )
# Core REST API
->addUnauthRoute( ping => 'pleaseAuth', ['GET'] )
->addAuthRoute( ping => 'authenticated', ['GET'] )
......
......@@ -259,7 +259,7 @@ sub autoRedirect {
if ( $req->mustRedirect and not( $req->info ) );
# Redirection should be made if urldc defined
if ( $req->{urldc} and not $req->param('lmError') ) {
if ( $req->{urldc} ) {
if ( $self->_jsRedirect->() ) {
$req->error(PE_REDIRECT);
$req->datas->{redirectFormMethod} = "get";
......@@ -734,6 +734,24 @@ sub sendCss {
];
}
sub lmError {
my ( $self, $req ) = @_;
my $httpError = $req->param('code');
# Check URL
$self->controlUrl($req);
my %templateParams = (
LOGOUT_URL => $self->conf->{portal} . "?logout=1",
URL => $req->{urldc},
);
# Error code
$templateParams{"ERROR$_"} = ( $httpError == $_ ? 1 : 0 )
foreach ( 403, 500, 503 );
return $self->sendHtml( $req, 'error', params => \%templateParams );
}
sub rebuildCookies {
my ( $self, $req ) = @_;
my @tmp;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment