Commit 9231711a authored by Christophe Maudoux's avatar Christophe Maudoux 🐛

Merge branch 'v2.0'

parents 3f7ae26d fb74d03a
Pipeline #6867 failed with stages
in 18 minutes and 58 seconds
...@@ -142,7 +142,7 @@ ...@@ -142,7 +142,7 @@
"loginHistoryEnabled" : 1, "loginHistoryEnabled" : 1,
"macros" : { "macros" : {
"UA" : "$ENV{HTTP_USER_AGENT}", "UA" : "$ENV{HTTP_USER_AGENT}",
"_whatToTrace" : "$_auth eq 'SAML' ? lc($_user.'@'.$_idpConfKey) : $_auth eq 'OpenIDConnect' ? lc($_user.'@'.$_oidcConnectedRP) : lc($_user)" "_whatToTrace" : "$_auth eq 'SAML' ? lc($_user.'@'.$_idpConfKey) : $_auth eq 'OpenIDConnect' ? lc($_user.'@'.$_oidc_OP) : lc($_user)"
}, },
"mailUrl" : "http://auth.__DNSDOMAIN__/resetpwd", "mailUrl" : "http://auth.__DNSDOMAIN__/resetpwd",
"notification" : 1, "notification" : 1,
......
...@@ -167,7 +167,7 @@ ...@@ -167,7 +167,7 @@
"loginHistoryEnabled": 1, "loginHistoryEnabled": 1,
"macros": { "macros": {
"UA" : "$ENV{HTTP_USER_AGENT}", "UA" : "$ENV{HTTP_USER_AGENT}",
"_whatToTrace": "$_auth eq 'SAML' ? \"$_user\\@$_idpConfKey\" : $_auth eq 'OpenIDConnect' ? \"$_user\\@$_oidcConnectedRP\" : \"$_user\"" "_whatToTrace": "$_auth eq 'SAML' ? \"$_user\\@$_idpConfKey\" : $_auth eq 'OpenIDConnect' ? \"$_user\\@$_oidc_OP\" : \"$_user\""
}, },
"mailUrl": "http://auth.example.com:__port__/resetpwd", "mailUrl": "http://auth.example.com:__port__/resetpwd",
"notification": 1, "notification": 1,
......
...@@ -276,7 +276,12 @@ sub locationRulesInit { ...@@ -276,7 +276,12 @@ sub locationRulesInit {
foreach my $vhost ( keys %$orules ) { foreach my $vhost ( keys %$orules ) {
my $rules = $orules->{$vhost}; my $rules = $orules->{$vhost};
$class->tsv->{locationCount}->{$vhost} = 0; $class->tsv->{locationCount}->{$vhost} = 0;
$class->tsv->{locationCondition}->{$vhost} = [];
$class->tsv->{locationProtection}->{$vhost} = [];
$class->tsv->{locationRegexp}->{$vhost} = [];
$class->tsv->{locationConditionText}->{$vhost} = [];
foreach my $url ( sort keys %{$rules} ) { foreach my $url ( sort keys %{$rules} ) {
my ( $cond, $prot ) = $class->conditionSub( $rules->{$url} ); my ( $cond, $prot ) = $class->conditionSub( $rules->{$url} );
unless ($cond) { unless ($cond) {
...@@ -296,8 +301,8 @@ sub locationRulesInit { ...@@ -296,8 +301,8 @@ sub locationRulesInit {
push @{ $class->tsv->{locationProtection}->{$vhost} }, $prot; push @{ $class->tsv->{locationProtection}->{$vhost} }, $prot;
push @{ $class->tsv->{locationRegexp}->{$vhost} }, qr/$url/; push @{ $class->tsv->{locationRegexp}->{$vhost} }, qr/$url/;
push @{ $class->tsv->{locationConditionText}->{$vhost} }, push @{ $class->tsv->{locationConditionText}->{$vhost} },
$cond =~ /^\(\?#(.*?)\)/ ? $1 $url =~ /^\(\?#(.*?)\)/ ? $1
: $cond =~ /^(.*?)##(.+)$/ ? $2 : $url =~ /^(.*?)##(.+)$/ ? $2
: $url; : $url;
$class->tsv->{locationCount}->{$vhost}++; $class->tsv->{locationCount}->{$vhost}++;
} }
...@@ -362,7 +367,7 @@ sub sessionStorageInit { ...@@ -362,7 +367,7 @@ sub sessionStorageInit {
$class->tsv->{statusPipe}->print("RELOADCACHE $params\n"); $class->tsv->{statusPipe}->print("RELOADCACHE $params\n");
} }
} }
return 1; return 1;
} }
## @imethod void headersInit(hashRef args) ## @imethod void headersInit(hashRef args)
......
...@@ -849,10 +849,13 @@ sub _scanNodes { ...@@ -849,10 +849,13 @@ sub _scanNodes {
# authChoiceModules # authChoiceModules
if ( $name eq 'authChoiceModules' ) { if ( $name eq 'authChoiceModules' ) {
hdebug(' authChoiceModules'); hdebug(' authChoiceModules');
$n->{data}->[5] ||= {}; if ( ref( $n->{data}->[5] ) eq 'ARRAY' ) {
$n->{data}->[5] = $n->{data}->[5] = to_json(
to_json( { map { @$_ } @{ $n->{data}->[5] } } ) { map { @$_ } @{ $n->{data}->[5] } } );
if ref( $n->{data}->[5] ) eq 'ARRAY'; }
else {
$n->{data}->[5] = '{}';
}
} }
$n->{data} = join ';', @{ $n->{data} }; $n->{data} = join ';', @{ $n->{data} };
......
...@@ -108,7 +108,7 @@ sub zeroConf { ...@@ -108,7 +108,7 @@ sub zeroConf {
}, },
'macros' => { 'macros' => {
'_whatToTrace' => '_whatToTrace' =>
'$_auth eq \'SAML\' ? lc($_user.\'@\'.$_idpConfKey) : $_auth eq \'OpenIDConnect\' ? lc($_user.\'@\'.$_oidcConnectedRP) : lc($_user)', '$_auth eq \'SAML\' ? lc($_user.\'@\'.$_idpConfKey) : $_auth eq \'OpenIDConnect\' ? lc($_user.\'@\'.$_oidc_OP) : lc($_user)',
'UA' => '$ENV{HTTP_USER_AGENT}' 'UA' => '$ENV{HTTP_USER_AGENT}'
}, },
'notificationStorageOptions' => { 'notificationStorageOptions' => {
......
...@@ -269,7 +269,8 @@ sub display { ...@@ -269,7 +269,8 @@ sub display {
# Avoid issue 1867 # Avoid issue 1867
or ( $self->conf->{authentication} eq 'Combination' or ( $self->conf->{authentication} eq 'Combination'
and $req->{error} > PE_OK and $req->{error} > PE_OK
and $req->{error} != PE_FIRSTACCESS ) and $req->{error} != PE_FIRSTACCESS
and $req->{error} != PE_PP_PASSWORD_EXPIRED )
# and ( $req->{error} == PE_TOKENEXPIRED or $req->{error} == PE_NOTOKEN ) # and ( $req->{error} == PE_TOKENEXPIRED or $req->{error} == PE_NOTOKEN )
) )
......
...@@ -140,24 +140,24 @@ sub init { ...@@ -140,24 +140,24 @@ sub init {
# psgi.js # psgi.js
->addUnauthRoute( 'psgi.js' => 'sendJs', ['GET'] ) ->addUnauthRoute( 'psgi.js' => 'sendJs', ['GET'] )
->addAuthRoute( 'psgi.js' => 'sendJs', ['GET'] ) ->addAuthRoute( 'psgi.js' => 'sendJs', ['GET'] )
# portal.css # portal.css
->addUnauthRoute( 'portal.css' => 'sendCss', ['GET'] ) ->addUnauthRoute( 'portal.css' => 'sendCss', ['GET'] )
->addAuthRoute( 'portal.css' => 'sendCss', ['GET'] ) ->addAuthRoute( 'portal.css' => 'sendCss', ['GET'] )
# lmerror # lmerror
->addUnauthRoute( lmerror => { ':code' => 'lmError' }, ['GET'] ) ->addUnauthRoute( lmerror => { ':code' => 'lmError' }, ['GET'] )
->addAuthRoute( lmerror => { ':code' => 'lmError' }, ['GET'] ) ->addAuthRoute( lmerror => { ':code' => 'lmError' }, ['GET'] )
# Core REST API # Core REST API
->addUnauthRoute( ping => 'pleaseAuth', ['GET'] ) ->addUnauthRoute( ping => 'pleaseAuth', ['GET'] )
->addAuthRoute( ping => 'authenticated', ['GET'] ) ->addAuthRoute( ping => 'authenticated', ['GET'] )
# Refresh session # Refresh session
->addAuthRoute( refresh => 'refresh', ['GET'] ) ->addAuthRoute( refresh => 'refresh', ['GET'] )
->addAuthRoute( '*' => 'corsPreflight', ['OPTIONS'] ) ->addAuthRoute( '*' => 'corsPreflight', ['OPTIONS'] )
->addUnauthRoute( '*' => 'corsPreflight', ['OPTIONS'] ) ->addUnauthRoute( '*' => 'corsPreflight', ['OPTIONS'] )
# Logout # Logout
...@@ -367,7 +367,8 @@ sub reloadConf { ...@@ -367,7 +367,8 @@ sub reloadConf {
delete $_[0]->pdata->{$k}; delete $_[0]->pdata->{$k};
} }
} }
$self->userLogger->notice( $_[0]->user . ' connected' ) if $_[0]->user; my $user_log = $_[0]->{sessionInfo}->{ $self->conf->{whatToTrace} };
$self->userLogger->notice( $user_log . ' connected' ) if $user_log;
if (@$tmp) { if (@$tmp) {
$self->logger->debug( $self->logger->debug(
'Add ' . join( ',', @$tmp ) . ' in keepPdata' ); 'Add ' . join( ',', @$tmp ) . ' in keepPdata' );
......
...@@ -320,7 +320,7 @@ sub authenticate { ...@@ -320,7 +320,7 @@ sub authenticate {
$req->steps( [ $req->steps( [
'setSessionInfo', 'setMacros', 'setSessionInfo', 'setMacros',
'setPersistentSessionInfo', 'storeHistory', 'setPersistentSessionInfo', 'storeHistory',
@{ $self->afterData }, sub { PE_BADCREDENTIALS } @{ $self->afterData }, sub { PE_BADCREDENTIALS }
] ]
); );
...@@ -520,8 +520,9 @@ sub buildCookie { ...@@ -520,8 +520,9 @@ sub buildCookie {
); );
} }
} }
my $user_log = $req->{sessionInfo}->{ $self->conf->{whatToTrace} };
$self->userLogger->notice( $self->userLogger->notice(
"User $req->{user} successfully authenticated at level $req->{sessionInfo}->{authenticationLevel}" "User $user_log successfully authenticated at level $req->{sessionInfo}->{authenticationLevel}"
); );
PE_OK; PE_OK;
} }
......
...@@ -28,7 +28,8 @@ has ott => ( ...@@ -28,7 +28,8 @@ has ott => (
sub init { sub init {
my ($self) = @_; my ($self) = @_;
if ( $self->conf->{forceGlobalStorageUpgradeOTT} ) { if ( $self->conf->{forceGlobalStorageUpgradeOTT} ) {
$self->logger->debug("Upgrade token will be stored into global storage"); $self->logger->debug(
"Upgrade token will be stored into global storage");
$self->ott->cache(undef); $self->ott->cache(undef);
} }
$self->addAuthRoute( upgradesession => 'ask', ['GET'] ); $self->addAuthRoute( upgradesession => 'ask', ['GET'] );
...@@ -52,6 +53,8 @@ sub ask { ...@@ -52,6 +53,8 @@ sub ask {
$req, $req,
'upgradesession', 'upgradesession',
params => { params => {
MAIN_LOGO => $self->conf->{portalMainLogo},
LANGS => $self->conf->{showLanguages},
MSG => 'askToUpgrade', MSG => 'askToUpgrade',
CONFIRMKEY => $self->p->stamp, CONFIRMKEY => $self->p->stamp,
PORTAL => $self->conf->{portal}, PORTAL => $self->conf->{portal},
......
<TMPL_INCLUDE NAME="header.tpl"> <TMPL_INCLUDE NAME="header.tpl">
<div id="errorcontent" class="container"> <div id="errorcontent" class="container">
<!--
<div class="message message-positive alert"><span trspan="<TMPL_VAR NAME="MSG">"></span></div>
-->
<div class="alert <TMPL_VAR NAME="ALERTE"> alert"><div class="text-center"><span trspan="<TMPL_VAR NAME="MSG">"></span></div></div> <div class="alert <TMPL_VAR NAME="ALERTE"> alert"><div class="text-center"><span trspan="<TMPL_VAR NAME="MSG">"></span></div></div>
<form id="checkuser" action="/checkuser" method="post" class="password" role="form"> <form id="checkuser" action="/checkuser" method="post" class="password" role="form">
<div class="buttons"> <div class="buttons">
......
...@@ -5,7 +5,7 @@ use IO::String; ...@@ -5,7 +5,7 @@ use IO::String;
require 't/test-lib.pm'; require 't/test-lib.pm';
my $res; my $res;
my $maintests = 8; my $maintests = 7;
my $userdb = tempdb(); my $userdb = tempdb();
...@@ -58,8 +58,7 @@ SKIP: { ...@@ -58,8 +58,7 @@ SKIP: {
ok( $res = $client->_get("/sessions/global/$id"), 'Get UTF-8' ); ok( $res = $client->_get("/sessions/global/$id"), 'Get UTF-8' );
expectOK($res); expectOK($res);
ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' ) $res = expectJSON($res);
or print STDERR $@;
ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' ) ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' )
or explain( $res, 'cn => Frédéric Accents' ); or explain( $res, 'cn => Frédéric Accents' );
......
...@@ -152,12 +152,10 @@ count(1); ...@@ -152,12 +152,10 @@ count(1);
# Verify UTF-8 # Verify UTF-8
switch ('rp'); switch ('rp');
ok( $res = $rp->_get("/sessions/global/$spId"), 'Get UTF-8' ); ok( $res = $rp->_get("/sessions/global/$spId"), 'Get UTF-8' );
expectOK($res); $res = expectJSON($res);
ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' )
or print STDERR $@;
ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' ) ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' )
or explain( $res, 'cn => Frédéric Accents' ); or explain( $res, 'cn => Frédéric Accents' );
count(3); count(2);
# Logout initiated by OP # Logout initiated by OP
switch ('op'); switch ('op');
......
...@@ -163,11 +163,10 @@ ok( ...@@ -163,11 +163,10 @@ ok(
), ),
'Get userinfo' 'Get userinfo'
); );
ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' ) $res = expectJSON($res);
or print STDERR $@;
ok( $res->{name} eq 'Frédéric Accents', 'UTF-8 values' ) ok( $res->{name} eq 'Frédéric Accents', 'UTF-8 values' )
or explain( $res, 'name => Frédéric Accents' ); or explain( $res, 'name => Frédéric Accents' );
count(3); count(2);
ok( $res = $op->_get("/sessions/global/$spId"), 'Get UTF-8' ); ok( $res = $op->_get("/sessions/global/$spId"), 'Get UTF-8' );
expectOK($res); expectOK($res);
......
...@@ -163,28 +163,23 @@ ok( ...@@ -163,28 +163,23 @@ ok(
), ),
'Get userinfo' 'Get userinfo'
); );
ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' ) $res = expectJSON($res);
or print STDERR $@;
ok( $res->{name} eq 'Frédéric Accents', 'UTF-8 values' ) ok( $res->{name} eq 'Frédéric Accents', 'UTF-8 values' )
or explain( $res, 'name => Frédéric Accents' ); or explain( $res, 'name => Frédéric Accents' );
count(3); count(2);
ok( $res = $op->_get("/sessions/global/$spId"), 'Get UTF-8' ); ok( $res = $op->_get("/sessions/global/$spId"), 'Get UTF-8' );
expectOK($res); $res = expectJSON($res);
ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' )
or print STDERR $@;
ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' ) ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' )
or explain( $res, 'cn => Frédéric Accents' ); or explain( $res, 'cn => Frédéric Accents' );
count(3); count(2);
switch ('rp'); switch ('rp');
ok( $res = $rp->_get("/sessions/global/$spId"), 'Get UTF-8' ); ok( $res = $rp->_get("/sessions/global/$spId"), 'Get UTF-8' );
expectOK($res); $res = expectJSON($res);
ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' )
or print STDERR $@;
ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' ) ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' )
or explain( $res, 'cn => Frédéric Accents' ); or explain( $res, 'cn => Frédéric Accents' );
count(3); count(2);
# Logout initiated by RP # Logout initiated by RP
ok( ok(
......
...@@ -163,28 +163,23 @@ ok( ...@@ -163,28 +163,23 @@ ok(
), ),
'Get userinfo' 'Get userinfo'
); );
ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' ) $res = expectJSON($res);
or print STDERR $@;
ok( $res->{name} eq 'Frédéric Accents', 'UTF-8 values' ) ok( $res->{name} eq 'Frédéric Accents', 'UTF-8 values' )
or explain( $res, 'name => Frédéric Accents' ); or explain( $res, 'name => Frédéric Accents' );
count(3); count(2);
ok( $res = $op->_get("/sessions/global/$spId"), 'Get UTF-8' ); ok( $res = $op->_get("/sessions/global/$spId"), 'Get UTF-8' );
expectOK($res); $res = expectJSON($res);
ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' )
or print STDERR $@;
ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' ) ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' )
or explain( $res, 'cn => Frédéric Accents' ); or explain( $res, 'cn => Frédéric Accents' );
count(3); count(2);
switch ('rp'); switch ('rp');
ok( $res = $rp->_get("/sessions/global/$spId"), 'Get UTF-8' ); ok( $res = $rp->_get("/sessions/global/$spId"), 'Get UTF-8' );
expectOK($res); $res = expectJSON($res);
ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' )
or print STDERR $@;
ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' ) ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' )
or explain( $res, 'cn => Frédéric Accents' ); or explain( $res, 'cn => Frédéric Accents' );
count(3); count(2);
# Logout initiated by RP # Logout initiated by RP
ok( ok(
......
...@@ -202,9 +202,8 @@ ok( ...@@ -202,9 +202,8 @@ ok(
"Post introspection" "Post introspection"
); );
expectOK($res); $res = expectJSON($res);
$json = from_json( $res->[2]->[0] ); ok( !$res->{active}, "Token is no longer valid" );
ok( !$json->{active}, "Token is no longer valid" );
clean_sessions(); clean_sessions();
done_testing(); done_testing();
......
...@@ -192,8 +192,8 @@ ok( ...@@ -192,8 +192,8 @@ ok(
"Post token" "Post token"
); );
count(1); count(1);
my $json = from_json( $res->[2]->[0] ); $res = expectJSON($res);
my $token = $json->{access_token}; my $token = $res->{access_token};
ok( $token, 'Access token present' ); ok( $token, 'Access token present' );
count(1); count(1);
sleep(2); sleep(2);
......
...@@ -287,7 +287,7 @@ SKIP: { ...@@ -287,7 +287,7 @@ SKIP: {
); );
ok( ok(
$res->[2]->[0] =~ $res->[2]->[0] =~
m%<div class="message message-positive alert"><span trspan="PE5"></span></div>%, m%<div class="alert alert-warning alert"><div class="text-center"><span trspan="PE5"></span></div></div>%,
' PE5 found' ' PE5 found'
) or explain( $res->[2]->[0], 'PE5 - Unknown identity' ); ) or explain( $res->[2]->[0], 'PE5 - Unknown identity' );
count(2); count(2);
......
...@@ -444,7 +444,7 @@ ok( ...@@ -444,7 +444,7 @@ ok(
); );
ok( ok(
$res->[2]->[0] =~ $res->[2]->[0] =~
m%<div class="message message-positive alert"><span trspan="PE5"></span></div>%, m%<div class="alert alert-warning alert"><div class="text-center"><span trspan="PE5"></span></div></div>%,
' PE5 found' ' PE5 found'
) or explain( $res->[2]->[0], 'PE5 - Forbidden identity' ); ) or explain( $res->[2]->[0], 'PE5 - Forbidden identity' );
count(2); count(2);
...@@ -463,7 +463,7 @@ ok( ...@@ -463,7 +463,7 @@ ok(
); );
ok( ok(
$res->[2]->[0] =~ $res->[2]->[0] =~
m%<div class="message message-positive alert"><span trspan="PE5"></span></div>%, m%<div class="alert alert-warning alert"><div class="text-center"><span trspan="PE5"></span></div></div>%,
' PE5 found' ' PE5 found'
) or explain( $res->[2]->[0], 'PE5 - Unknown identity' ); ) or explain( $res->[2]->[0], 'PE5 - Unknown identity' );
count(2); count(2);
...@@ -482,7 +482,7 @@ ok( ...@@ -482,7 +482,7 @@ ok(
); );
ok( ok(
$res->[2]->[0] =~ $res->[2]->[0] =~
m%<div class="message message-positive alert"><span trspan="PE5"></span></div>%, m%<div class="alert alert-warning alert"><div class="text-center"><span trspan="PE5"></span></div></div>%,
' PE5 found' ' PE5 found'
) or explain( $res->[2]->[0], 'PE5 - Unvalid identity' ); ) or explain( $res->[2]->[0], 'PE5 - Unvalid identity' );
count(2); count(2);
......
...@@ -60,10 +60,15 @@ ok( ...@@ -60,10 +60,15 @@ ok(
), ),
'Upgrade session query' 'Upgrade session query'
); );
count(1);
my ( $host, $url, $query ) = my ( $host, $url, $query ) =
expectForm( $res, undef, '/upgradesession', 'confirm', 'url' ); expectForm( $res, undef, '/upgradesession', 'confirm', 'url' );
ok( $res->[2]->[0] =~ qq%<img src="/static/common/logos/logo_llng_400px.png"%,
'Found custom Main Logo' )
or print STDERR Dumper( $res->[2]->[0] );
ok( $res->[2]->[0] =~ m%<span id="languages"></span>%, ' Language icons found' )
or print STDERR Dumper( $res->[2]->[0] );
count(3);
# Accept session upgrade # Accept session upgrade
# ---------------------- # ----------------------
......
...@@ -324,6 +324,24 @@ sub expectOK { ...@@ -324,6 +324,24 @@ sub expectOK {
count(1); count(1);
} }
=head4 expectJSON($res)
Verify that the HTTP response contains valid JSON and returns the corresponding object
=cut
sub expectJSON {
my ($res) = @_;
is( $res->[0], 200, ' HTTP code is 200' ) or explain( $res, 200 );
my %hdr = @{$res->[1]};
like( $hdr{'Content-Type'}, qr,^application/json,i , ' Content-Type is JSON' ) or explain( $res );
my $json;
eval { $json = JSON::from_json($res->[2]->[0]) };
ok( not($@), 'Content is valid JSON' );
count(3);
return $json;
}
=head4 expectBadRequest($res) =head4 expectBadRequest($res)
Verify that returned code is 400. Note that it works only for Ajax request Verify that returned code is 400. Note that it works only for Ajax request
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment