Request.pm 7.3 KB
Newer Older
1 2
package Lemonldap::NG::Portal::Main::Request;

Xavier Guimard's avatar
Xavier Guimard committed
3
# Developpers, be careful: new() is never called so default values will not be
4
# taken in account (see Portal::Run::handler()): set default values in init()
Xavier Guimard's avatar
Xavier Guimard committed
5

6 7
use strict;
use Mouse;
Xavier Guimard's avatar
Xavier Guimard committed
8
use Lemonldap::NG::Portal::Main::Constants ':all';
9

10
our $VERSION = '2.0.3';
Xavier Guimard's avatar
Xavier Guimard committed
11

12 13
extends 'Lemonldap::NG::Common::PSGI::Request';

Xavier Guimard's avatar
Xavier Guimard committed
14
# List of methods to call
Xavier Guimard's avatar
Xavier Guimard committed
15
has steps => ( is => 'rw' );
Xavier Guimard's avatar
Xavier Guimard committed
16

Xavier Guimard's avatar
Xavier Guimard committed
17 18 19
# Authentication result
has authResult => ( is => 'rw' );

Xavier Guimard's avatar
Xavier Guimard committed
20
# Session data when created
Xavier Guimard's avatar
Xavier Guimard committed
21
has id          => ( is => 'rw' );
22
has sessionInfo => ( is => 'rw' );
Xavier Guimard's avatar
Xavier Guimard committed
23
has user        => ( is => 'rw' );
Xavier Guimard's avatar
Xavier Guimard committed
24

25 26 27
# Persistent data (stored in cookie during auth, erased when auth is ready)
has pdata => ( is => 'rw' );

Xavier Guimard's avatar
Xavier Guimard committed
28
# Response cookies (list of strings built by cookie())
Xavier Guimard's avatar
Xavier Guimard committed
29
has respCookies => ( is => 'rw' );
Xavier Guimard's avatar
Xavier Guimard committed
30

31 32 33
# Embedded response
has response => ( is => 'rw' );

Xavier Guimard's avatar
Xavier Guimard committed
34
# Template to display (if not defined, login or menu)
Xavier Guimard's avatar
Xavier Guimard committed
35 36
has template => ( is => 'rw' );

37
# Custom template parameters
Xavier Guimard's avatar
Xavier Guimard committed
38
has customParameters => ( is => 'rw' );
39

Xavier Guimard's avatar
Xavier Guimard committed
40 41 42
# Boolean to indicate that response must be a redirection
has mustRedirect => ( is => 'rw' );

43 44 45 46
# Boolean to indicate that login form must not be displayed (used to reset
# authentication)
has noLoginDisplay => ( is => 'rw' );

47
# Store URL for redirections
Xavier Guimard's avatar
Xavier Guimard committed
48 49 50 51 52 53 54
has urldc                  => ( is => 'rw' );
has postUrl                => ( is => 'rw' );
has postFields             => ( is => 'rw' );
has portalHiddenFormValues => ( is => 'rw' );

# Flag that permit to a auth module to return PE_OK without setting $user
has continue => ( is => 'rw' );
55

Xavier Guimard's avatar
Xavier Guimard committed
56 57 58
# "check logins "flag"
has checkLogins => ( is => 'rw' );

Xavier Guimard's avatar
Xavier Guimard committed
59 60
# Boolean to indicate that url isn't Base64 encoded
has urlNotBase64 => ( is => 'rw' );
Xavier Guimard's avatar
Xavier Guimard committed
61

Xavier Guimard's avatar
Xavier Guimard committed
62 63 64
# Menu error
has menuError => ( is => 'rw' );

65 66 67
# Frame flag (used by Run to not send Content-Security-Policy header)
has frame => ( is => 'rw' );

68 69 70 71 72 73 74 75
# Security
#
# Captcha
has captcha => ( is => 'rw' );

# Token
has token => ( is => 'rw' );

Xavier Guimard's avatar
Xavier Guimard committed
76 77
# Error type
sub error_type {
78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106
    my $req = shift;
    my $code = shift || $req->error;

    # Positive errors
    return "positive"
      if (
        scalar(
            grep { /^$code$/ } (
                PE_REDIRECT,        PE_DONE,
                PE_OK,              PE_PASSWORD_OK,
                PE_MAILOK,          PE_LOGOUT_OK,
                PE_MAILFIRSTACCESS, PE_PASSWORDFIRSTACCESS,
                PE_MAILCONFIRMOK,   PE_REGISTERFIRSTACCESS,
            )
        )
      );

    # Warning errors
    return "warning"
      if (
        scalar(
            grep { /^$code$/ } (
                PE_INFO,                          PE_SESSIONEXPIRED,
                PE_FORMEMPTY,                     PE_FIRSTACCESS,
                PE_PP_GRACE,                      PE_PP_EXP_WARNING,
                PE_NOTIFICATION,                  PE_BADURL,
                PE_CONFIRM,                       PE_MAILFORMEMPTY,
                PE_MAILCONFIRMATION_ALREADY_SENT, PE_PASSWORDFORMEMPTY,
                PE_CAPTCHAEMPTY,                  PE_REGISTERFORMEMPTY,
107
                PE_PP_CHANGE_AFTER_RESET
108 109 110 111 112 113
            )
        )
      );

    # Negative errors (default)
    return "negative";
Xavier Guimard's avatar
Xavier Guimard committed
114 115 116 117

    #TODO
}

118
sub init {
119
    my ( $self, $conf ) = @_;
Xavier Guimard's avatar
Xavier Guimard committed
120
    $self->{$_} = {} foreach (qw(data customParameters sessionInfo pdata));
Xavier Guimard's avatar
Xavier Guimard committed
121
    $self->{$_} = [] foreach (qw(respCookies));
122 123 124
    if ( my $tmp = $self->userData->{ $conf->{whatToTrace} } ) {
        $self->user($tmp);
    }
125 126
}

Xavier Guimard's avatar
Xavier Guimard committed
127
sub errorString {
Xavier Guimard's avatar
Xavier Guimard committed
128
    print STDERR "TODO Request::errorString()\n";
Xavier Guimard's avatar
Xavier Guimard committed
129 130 131
}

sub loginInfo {
Xavier Guimard's avatar
Xavier Guimard committed
132 133 134 135
    print STDERR "TODO Request::loginInfo()\n";
}

sub info {
Xavier Guimard's avatar
Xavier Guimard committed
136
    my ( $self, $info ) = @_;
Xavier Guimard's avatar
Xavier Guimard committed
137 138
    $self->data->{_info} .= $info if ( defined $info );
    return $self->data->{_info};
Xavier Guimard's avatar
Xavier Guimard committed
139 140
}

141 142 143 144 145
sub addCookie {
    my ( $self, $cookie ) = @_;
    push @{ $self->respHeaders }, 'Set-Cookie' => $cookie;
}

Xavier Guimard's avatar
Xavier Guimard committed
146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170
sub delCookie {
    my ( $self, $cookieName ) = @_;
    my $i = 0;
    @{ $self->respHeaders } = map {

        # Look for a Set-Cookie header
        if ( $_ =~ /^Set-Cookie$/i ) {
            $i = 1;
            return ();
        }
        elsif ($i) {

            # Keep other cookies
            unless (/^$cookieName\s*=/i) {
                $i = 0;
                return ( 'Set-Cookie' => $_ );
            }

            #Value is hidden here
            return ();
        }
        return $_;
    } @{ $self->respHeaders };
}

Xavier Guimard's avatar
Xavier Guimard committed
171
# TODO: oldpassword
172
1;
Xavier Guimard's avatar
Xavier Guimard committed
173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192
__END__

=head1 NAME

=encoding utf8

Lemonldap::NG::Portal::Main::Request - HTTP request object used in LLNG
portal methods.

=head1 SYNOPSIS

  # Somewhere in a plugin...
  sub run {
      my ( $self, $req ) = @_;
      # $req is a Lemonldap::NG::Portal::Main::Request object
      ...
  }

=head1 DESCRIPTION

Xavier Guimard's avatar
Xavier Guimard committed
193 194 195
Lemonldap::NG::Portal::Main::Request extends
L<Lemonldap::NG::Common::PSGI::Request> to add all parameters needed to manage
portal jobs.
Xavier Guimard's avatar
Xavier Guimard committed
196 197 198 199 200 201 202 203 204 205

=head1 METHODS

=head2 Accessors

=head3 steps()

Stack of methods to call for this requests. It can be modified to change
authentication process

Xavier Guimard's avatar
Xavier Guimard committed
206
=head3 data()
Xavier Guimard's avatar
Xavier Guimard committed
207

Xavier Guimard's avatar
Xavier Guimard committed
208 209 210 211 212 213 214 215 216
Free hash ref where plugins can store their data (during one request). Using it
is a LLNG best practice

=head3 pdata

Free hash ref where plugins can store some persistent data: data are kept
during auth process and cleaned after successful authentication, except if
C<$req-E<gt>pdata-E<gt>{keepPdata}> is set to 1. In this case, module that
has set this flag must remove it after its job ends.
Xavier Guimard's avatar
Xavier Guimard committed
217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256

=head3 User information

=head4 id()

Session id (main cookie value).

=head4 sessionInfo()

Hash ref that will be stored in session DB.

=head4 user()

Username given by authentication module, used by userDB module.

=head3 mustRedirect()

Boolean to indicate that response must be a redirection (used for example when
request is a POST).

=head3 urlNotBase64

Boolean to indicate that url isn't Base64 encoded.

=head2 Other methods

=head3 info()

Store info to display in response.

=head3 menuError()

=head3 notification()

see notification plugin.

=head3 errorType()

Returns positive/warning/negative depending on value stored in error property.

Xavier Guimard's avatar
Xavier Guimard committed
257 258 259 260 261 262 263 264 265 266 267 268 269
=head2 Cookie methods

=over

=item addCookie(string $cookie): add cookie in $req response headers. String
is a complete cookie string, ex: "lemonldap=xxx"

=item delCookie(string $cookieName): remove cookie from $req response headers.
It doesn't remove navigator cookie but remove a "Set-Cookie" header if value
match "L<lt>cookieNameL<gt>=..."

=back

Xavier Guimard's avatar
Xavier Guimard committed
270 271
=head1 SEE ALSO

Xavier Guimard's avatar
Xavier Guimard committed
272
L<http://lemonldap-ng.org/>, L<Lemonldap::NG::Common::PSGI::Request>
Xavier Guimard's avatar
Xavier Guimard committed
273 274 275 276 277

=head1 AUTHORS

=over

Xavier Guimard's avatar
Xavier Guimard committed
278
=item LemonLDAP::NG team L<http://lemonldap-ng.org/team>
Xavier Guimard's avatar
Xavier Guimard committed
279 280 281 282 283 284

=back

=head1 BUG REPORT

Use OW2 system to report bug or ask for features:
Xavier Guimard's avatar
Xavier Guimard committed
285
L<https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues>
Xavier Guimard's avatar
Xavier Guimard committed
286 287 288 289 290 291 292 293

=head1 DOWNLOAD

Lemonldap::NG is available at
L<http://forge.objectweb.org/project/showfiles.php?group_id=274>

=head1 COPYRIGHT AND LICENSE

Xavier Guimard's avatar
Xavier Guimard committed
294
See COPYING file for details.
Xavier Guimard's avatar
Xavier Guimard committed
295 296 297 298 299 300 301 302 303 304 305 306 307 308 309

This library is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see L<http://www.gnu.org/licenses/>.

=cut