Commit ceb767e2 authored by Xavier Guimard's avatar Xavier Guimard

Rearrange LDAP (#595)

parent 069d7605
......@@ -9,7 +9,12 @@ our $VERSION = '2.0.0';
# Inheritance: UserDB::LDAP provides all needed ldap functions
extends
qw(Lemonldap::NG::Portal::Auth::_WebForm Lemonldap::NG::Portal::UserDB::LDAP);
qw(Lemonldap::NG::Portal::Auth::_WebForm Lemonldap::NG::Portal::Lib::LDAP);
sub init {
my ($self) = @_;
return $self->Lemonldap::NG::Portal::Lib::LDAP::init;
}
# RUNNING METHODS
......
This diff is collapsed.
......@@ -12,7 +12,7 @@ our $VERSION = '2.0.0';
sub init {
my ($self) = @_;
return ( $self->Lemonldap::NG::Portal::Password::Base::init()
and $self->Lemonldap::NG::Portal::Lib::Choice->init(2) );
and $self->Lemonldap::NG::Portal::Lib::Choice::init(2) );
}
sub confirm {
......
......@@ -3,9 +3,8 @@ package Lemonldap::NG::Portal::Password::LDAP;
use strict;
use Mouse;
use Lemonldap::NG::Portal::Main::Constants qw(PE_PASSWORD_OK PE_LDAPERROR);
use Lemonldap::NG::Portal::Lib::LDAP;
extends 'Lemonldap::NG::Portal::UserDB::LDAP',
extends 'Lemonldap::NG::Portal::Lib::LDAP',
'Lemonldap::NG::Portal::Password::Base';
our $VERSION = '2.0.0';
......
......@@ -2,23 +2,18 @@ package Lemonldap::NG::Portal::Register::LDAP;
use strict;
use Mouse;
use Lemonldap::NG::Portal::Lib::LDAP;
use Lemonldap::NG::Portal::Main::Constants qw(
PE_LDAPCONNECTFAILED
PE_LDAPERROR
PE_OK
);
extends 'Lemonldap::NG::Portal::UserDB::LDAP';
extends 'Lemonldap::NG::Portal::Lib::LDAP';
our $VERSION = '2.0.0';
# RUNNING METHODS
sub init {
my ($self) = @_;
}
# Compute a login from register infos
# @result Lemonldap::NG::Portal constant
sub computeLogin {
......
......@@ -4,47 +4,11 @@ use strict;
use Mouse;
use Lemonldap::NG::Portal::Main::Constants
qw(PE_OK PE_LDAPCONNECTFAILED PE_LDAPERROR PE_BADCREDENTIALS);
use Lemonldap::NG::Portal::Lib::LDAP;
extends 'Lemonldap::NG::Common::Module';
extends 'Lemonldap::NG::Portal::Lib::LDAP';
our $VERSION = '2.0.0';
# PROPERTIES
has ldap => (
is => 'rw',
lazy => 1,
builder => 'newLdap',
);
sub newLdap {
my $self = $_[0];
my $ldap;
# Build object and test LDAP connexion
if (
$ldap = Lemonldap::NG::Portal::Lib::LDAP->new(
{ p => $self->{p}, conf => $self->{conf} }
)
and my $msg = $ldap->bind
)
{
if ( $msg->code != 0 ) {
$self->lmLog( "LDAP error: " . $msg->error, 'error' );
}
else {
if ( $self->{conf}->{ldapPpolicyControl} and not $ldap->loadPP() ) {
$self->lmLog( "LDAP password policy error", 'error' );
}
}
}
else {
$self->lmLog( "LDAP error: $@", 'error' );
}
return $ldap;
}
has ldapGroupAttributeNameSearch => (
is => 'rw',
builder => sub {
......@@ -74,55 +38,6 @@ has attrs => (
}
);
has filter => (
is => 'rw',
lazy => 1,
builder => 'buildFilter',
);
sub buildFilter {
my $conf = $_[0]->{conf};
$_[0]->{p}->lmLog( "LDAP Search base: $_[0]->{conf}->{ldapBase}", 'debug' );
# TODO : mailLDAPFilter
my $filter =
$conf->{AuthLDAPFilter}
|| $conf->{LDAPFilter}
|| '(&(uid=$user)(objectClass=inetOrgPerson))';
$filter =~ s/"/\\"/g;
$filter =~ s/\$(\w+)/".\$req->{sessionInfo}->{$1}."/g;
$filter =~ s/\$req->\{sessionInfo\}->\{user\}/\$req->{user}/g;
$filter =~
s/\$req->\{sessionInfo\}->\{(_?password|mail)\}/\$req->{datas}->{$1}/g;
$_[0]->{p}->lmLog( "LDAP transformed filter: $filter", 'debug' );
$filter = "sub{my(\$req)=\$_[0];return \"$filter\";}";
return eval $filter;
}
# INITIALIZATION
sub init {
my ($self) = @_;
$self->ldap and $self->filter;
}
# Test LDAP connection before trying to bind
sub bind {
my $self = shift;
unless ($self->ldap
and $self->ldap->root_dse( attrs => ['supportedLDAPVersion'] ) )
{
$self->ldap( $self->newLdap );
}
return undef unless($self->ldap);
my $msg = $self->ldap->bind(@_);
if ( $msg->code ) {
$self->lmLog( $msg->error, 'error' );
return undef;
}
return 1;
}
# RUNNING METHODS
sub getUser {
......
......@@ -15,6 +15,7 @@ SKIP: {
logLevel => 'error',
useSafeJail => 1,
authentication => 'LDAP',
portal => 'http://auth.example.com/',
userDB => 'LDAP',
registerDB => 'LDAP',
LDAPFilter => $ENV{LDAPFILTER} || '(cn=$user)',
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment