Request.pm 7.26 KB
Newer Older
Yadd's avatar
Yadd committed
1 2
package Lemonldap::NG::Portal::Main::Request;

Yadd's avatar
Yadd committed
3
# Developpers, be careful: new() is never called so default values will not be
Yadd's avatar
Yadd committed
4
# taken in account (see Portal::Run::handler()): set default values in init()
Yadd's avatar
Yadd committed
5

Yadd's avatar
Yadd committed
6 7
use strict;
use Mouse;
Yadd's avatar
Yadd committed
8
use Lemonldap::NG::Portal::Main::Constants ':all';
Yadd's avatar
Yadd committed
9

Yadd's avatar
Yadd committed
10 11
our $VERSION = '2.0.0';

Yadd's avatar
Yadd committed
12 13
extends 'Lemonldap::NG::Common::PSGI::Request';

Yadd's avatar
Yadd committed
14
# List of methods to call
Yadd's avatar
Yadd committed
15
has steps => ( is => 'rw' );
Yadd's avatar
Yadd committed
16

Yadd's avatar
Yadd committed
17 18 19
# Authentication result
has authResult => ( is => 'rw' );

Yadd's avatar
Yadd committed
20
# Session data when created
Yadd's avatar
Yadd committed
21
has id          => ( is => 'rw' );
Yadd's avatar
Yadd committed
22
has sessionInfo => ( is => 'rw' );
Yadd's avatar
Yadd committed
23
has user        => ( is => 'rw' );
Yadd's avatar
Yadd committed
24

Yadd's avatar
Yadd committed
25 26 27
# Persistent data (stored in cookie during auth, erased when auth is ready)
has pdata => ( is => 'rw' );

Yadd's avatar
Yadd committed
28
# Response cookies (list of strings built by cookie())
Yadd's avatar
Yadd committed
29
has respCookies => ( is => 'rw' );
Yadd's avatar
Yadd committed
30

31 32 33
# Embedded response
has response => ( is => 'rw' );

Yadd's avatar
Yadd committed
34
# Template to display (if not defined, login or menu)
Yadd's avatar
Yadd committed
35 36
has template => ( is => 'rw' );

Yadd's avatar
Yadd committed
37
# Custom template parameters
Yadd's avatar
Yadd committed
38
has customParameters => ( is => 'rw' );
Yadd's avatar
Yadd committed
39

Yadd's avatar
Yadd committed
40 41 42
# Boolean to indicate that response must be a redirection
has mustRedirect => ( is => 'rw' );

Yadd's avatar
Yadd committed
43 44 45 46
# Boolean to indicate that login form must not be displayed (used to reset
# authentication)
has noLoginDisplay => ( is => 'rw' );

Yadd's avatar
Yadd committed
47
# Store URL for redirections
Yadd's avatar
Yadd committed
48 49 50 51 52 53 54
has urldc                  => ( is => 'rw' );
has postUrl                => ( is => 'rw' );
has postFields             => ( is => 'rw' );
has portalHiddenFormValues => ( is => 'rw' );

# Flag that permit to a auth module to return PE_OK without setting $user
has continue => ( is => 'rw' );
Yadd's avatar
Yadd committed
55

Yadd's avatar
Yadd committed
56 57 58
# "check logins "flag"
has checkLogins => ( is => 'rw' );

Yadd's avatar
Yadd committed
59 60
# Boolean to indicate that url isn't Base64 encoded
has urlNotBase64 => ( is => 'rw' );
Yadd's avatar
Yadd committed
61

Yadd's avatar
Yadd committed
62 63 64
# Menu error
has menuError => ( is => 'rw' );

Yadd's avatar
Yadd committed
65 66 67
# Frame flag (used by Run to not send Content-Security-Policy header)
has frame => ( is => 'rw' );

Yadd's avatar
Yadd committed
68 69 70 71 72 73 74 75
# Security
#
# Captcha
has captcha => ( is => 'rw' );

# Token
has token => ( is => 'rw' );

Yadd's avatar
Yadd committed
76 77
# Error type
sub error_type {
Yadd's avatar
Yadd committed
78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112
    my $req = shift;
    my $code = shift || $req->error;

    # Positive errors
    return "positive"
      if (
        scalar(
            grep { /^$code$/ } (
                PE_REDIRECT,        PE_DONE,
                PE_OK,              PE_PASSWORD_OK,
                PE_MAILOK,          PE_LOGOUT_OK,
                PE_MAILFIRSTACCESS, PE_PASSWORDFIRSTACCESS,
                PE_MAILCONFIRMOK,   PE_REGISTERFIRSTACCESS,
            )
        )
      );

    # Warning errors
    return "warning"
      if (
        scalar(
            grep { /^$code$/ } (
                PE_INFO,                          PE_SESSIONEXPIRED,
                PE_FORMEMPTY,                     PE_FIRSTACCESS,
                PE_PP_GRACE,                      PE_PP_EXP_WARNING,
                PE_NOTIFICATION,                  PE_BADURL,
                PE_CONFIRM,                       PE_MAILFORMEMPTY,
                PE_MAILCONFIRMATION_ALREADY_SENT, PE_PASSWORDFORMEMPTY,
                PE_CAPTCHAEMPTY,                  PE_REGISTERFORMEMPTY,
            )
        )
      );

    # Negative errors (default)
    return "negative";
Yadd's avatar
Yadd committed
113 114 115 116

    #TODO
}

Yadd's avatar
Yadd committed
117
sub init {
Yadd's avatar
Yadd committed
118
    my ( $self, $conf ) = @_;
Yadd's avatar
Yadd committed
119
    $self->{$_} = {} foreach (qw(data customParameters sessionInfo pdata));
Yadd's avatar
Yadd committed
120
    $self->{$_} = [] foreach (qw(respCookies));
Yadd's avatar
Yadd committed
121 122 123
    if ( my $tmp = $self->userData->{ $conf->{whatToTrace} } ) {
        $self->user($tmp);
    }
Yadd's avatar
Yadd committed
124 125
}

Yadd's avatar
Yadd committed
126
sub errorString {
Yadd's avatar
Yadd committed
127
    print STDERR "TODO Request::errorString()\n";
Yadd's avatar
Yadd committed
128 129 130
}

sub loginInfo {
Yadd's avatar
Yadd committed
131 132 133 134
    print STDERR "TODO Request::loginInfo()\n";
}

sub info {
Yadd's avatar
Yadd committed
135
    my ( $self, $info ) = @_;
Yadd's avatar
Yadd committed
136 137
    $self->data->{_info} .= $info if ( defined $info );
    return $self->data->{_info};
Yadd's avatar
Yadd committed
138 139
}

Yadd's avatar
Yadd committed
140 141 142 143 144
sub addCookie {
    my ( $self, $cookie ) = @_;
    push @{ $self->respHeaders }, 'Set-Cookie' => $cookie;
}

Yadd's avatar
Yadd committed
145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169
sub delCookie {
    my ( $self, $cookieName ) = @_;
    my $i = 0;
    @{ $self->respHeaders } = map {

        # Look for a Set-Cookie header
        if ( $_ =~ /^Set-Cookie$/i ) {
            $i = 1;
            return ();
        }
        elsif ($i) {

            # Keep other cookies
            unless (/^$cookieName\s*=/i) {
                $i = 0;
                return ( 'Set-Cookie' => $_ );
            }

            #Value is hidden here
            return ();
        }
        return $_;
    } @{ $self->respHeaders };
}

Yadd's avatar
Yadd committed
170
# TODO: oldpassword
Yadd's avatar
Yadd committed
171
1;
Yadd's avatar
Yadd committed
172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191
__END__

=head1 NAME

=encoding utf8

Lemonldap::NG::Portal::Main::Request - HTTP request object used in LLNG
portal methods.

=head1 SYNOPSIS

  # Somewhere in a plugin...
  sub run {
      my ( $self, $req ) = @_;
      # $req is a Lemonldap::NG::Portal::Main::Request object
      ...
  }

=head1 DESCRIPTION

Yadd's avatar
Yadd committed
192 193 194
Lemonldap::NG::Portal::Main::Request extends
L<Lemonldap::NG::Common::PSGI::Request> to add all parameters needed to manage
portal jobs.
Yadd's avatar
Yadd committed
195 196 197 198 199 200 201 202 203 204

=head1 METHODS

=head2 Accessors

=head3 steps()

Stack of methods to call for this requests. It can be modified to change
authentication process

Yadd's avatar
Yadd committed
205
=head3 data()
Yadd's avatar
Yadd committed
206

Yadd's avatar
Yadd committed
207 208 209 210 211 212 213 214 215
Free hash ref where plugins can store their data (during one request). Using it
is a LLNG best practice

=head3 pdata

Free hash ref where plugins can store some persistent data: data are kept
during auth process and cleaned after successful authentication, except if
C<$req-E<gt>pdata-E<gt>{keepPdata}> is set to 1. In this case, module that
has set this flag must remove it after its job ends.
Yadd's avatar
Yadd committed
216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255

=head3 User information

=head4 id()

Session id (main cookie value).

=head4 sessionInfo()

Hash ref that will be stored in session DB.

=head4 user()

Username given by authentication module, used by userDB module.

=head3 mustRedirect()

Boolean to indicate that response must be a redirection (used for example when
request is a POST).

=head3 urlNotBase64

Boolean to indicate that url isn't Base64 encoded.

=head2 Other methods

=head3 info()

Store info to display in response.

=head3 menuError()

=head3 notification()

see notification plugin.

=head3 errorType()

Returns positive/warning/negative depending on value stored in error property.

Yadd's avatar
Yadd committed
256 257 258 259 260 261 262 263 264 265 266 267 268
=head2 Cookie methods

=over

=item addCookie(string $cookie): add cookie in $req response headers. String
is a complete cookie string, ex: "lemonldap=xxx"

=item delCookie(string $cookieName): remove cookie from $req response headers.
It doesn't remove navigator cookie but remove a "Set-Cookie" header if value
match "L<lt>cookieNameL<gt>=..."

=back

Yadd's avatar
Yadd committed
269 270
=head1 SEE ALSO

Yadd's avatar
Yadd committed
271
L<http://lemonldap-ng.org/>, L<Lemonldap::NG::Common::PSGI::Request>
Yadd's avatar
Yadd committed
272 273 274 275 276

=head1 AUTHORS

=over

Yadd's avatar
Yadd committed
277
=item LemonLDAP::NG team L<http://lemonldap-ng.org/team>
Yadd's avatar
Yadd committed
278 279 280 281 282 283

=back

=head1 BUG REPORT

Use OW2 system to report bug or ask for features:
Yadd's avatar
Yadd committed
284
L<https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues>
Yadd's avatar
Yadd committed
285 286 287 288 289 290 291 292

=head1 DOWNLOAD

Lemonldap::NG is available at
L<http://forge.objectweb.org/project/showfiles.php?group_id=274>

=head1 COPYRIGHT AND LICENSE

Yadd's avatar
Yadd committed
293
See COPYING file for details.
Yadd's avatar
Yadd committed
294 295 296 297 298 299 300 301 302 303 304 305 306 307 308

This library is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see L<http://www.gnu.org/licenses/>.

=cut