Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
10
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Open sidebar
Maxime Besson
lemonldap-ng
Commits
00214387
Commit
00214387
authored
May 02, 2016
by
Yadd
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
LDAP in progress (#595)
parent
c8c1eb81
Changes
7
Hide whitespace changes
Inline
Side-by-side
Showing
7 changed files
with
44 additions
and
28 deletions
+44
-28
lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI/Request.pm
lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI/Request.pm
+4
-0
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/Demo.pm
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/Demo.pm
+2
-15
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/LDAP.pm
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/LDAP.pm
+6
-2
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/_WebForm.pm
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/_WebForm.pm
+10
-4
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm
+2
-2
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Request.pm
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Request.pm
+18
-4
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/LDAP.pm
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/LDAP.pm
+2
-1
No files found.
lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI/Request.pm
View file @
00214387
...
...
@@ -128,6 +128,10 @@ has error => ( is => 'rw', isa => 'Str', default => '' );
has
respHeaders
=>
(
is
=>
'
rw
',
isa
=>
'
ArrayRef
',
default
=>
sub
{
[]
}
);
sub
wantJSON
{
return
$_
[
0
]
->
accept
=~
m#(?:application|text)/json#
?
1
:
0
;
}
# JSON parser
sub
jsonBodyToObj
{
my
$self
=
shift
;
...
...
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/Demo.pm
View file @
00214387
...
...
@@ -35,18 +35,11 @@ sub init {
sub
authenticate
{
my
(
$self
,
$req
)
=
@_
;
return
PE_BADCREDENTIALS
unless
(
$req
->
{
user
}
eq
$req
->
{
password
}
);
return
PE_BADCREDENTIALS
unless
(
$req
->
{
user
}
eq
$req
->
datas
->
{
password
}
);
PE_OK
;
}
## @apmethod int authFinish()
# Does nothing.
# @return Lemonldap::NG::Portal constant
sub
authFinish
{
PE_OK
;
}
## @apmethod int authLogout()
# Does nothing
# @return Lemonldap::NG::Portal constant
...
...
@@ -58,13 +51,7 @@ sub authLogout {
# Does nothing
# @return result
sub
authForce
{
return
0
;
}
## @method string getDisplayType
# @return display type
sub
getDisplayType
{
return
"
standardform
";
PE_OK
;
}
1
;
...
...
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/LDAP.pm
View file @
00214387
...
...
@@ -5,7 +5,7 @@ use Mouse;
our
$VERSION
=
'
2.0.0
';
# Inheritance: UserDB::LDAP provides all needed ldap function
# Inheritance: UserDB::LDAP provides all needed ldap function
s
extends
qw(Lemonldap::NG::Portal::Auth::_WebForm Lemonldap::NG::Portal::UserDB::LDAP)
;
...
...
@@ -22,7 +22,7 @@ sub authenticate {
}
my
$res
=
$self
->
ldap
->
userBind
(
$req
->
datas
->
{
dn
},
password
=>
$req
->
{
password
}
);
$self
->
ldap
->
userBind
(
$req
->
datas
->
{
dn
},
password
=>
$req
->
datas
->
{
password
}
);
# Remember password if password reset needed
$req
->
datas
->
{
oldpassword
}
=
$self
->
{
password
}
...
...
@@ -37,4 +37,8 @@ sub authLogout {
PE_OK
;
}
sub
authForce
{
PE_OK
;
}
1
;
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/_WebForm.pm
View file @
00214387
...
...
@@ -43,7 +43,7 @@ sub extractFormInfo {
if
(
$defUser
&&
$defPassword
)
{
return
PE_FORMEMPTY
unless
(
(
$req
->
{
user
}
=
$req
->
param
('
user
')
)
&&
(
$req
->
{
password
}
=
$req
->
param
('
password
')
)
);
&&
(
$req
->
datas
->
{
password
}
=
$req
->
param
('
password
')
)
);
}
# 3. If user and oldpassword defined -> password form
...
...
@@ -110,9 +110,10 @@ sub setAuthSessionInfo {
# authenticationLevel
# +1 for user/password with HTTPS
$self
->
{
_authnLevel
}
||
=
0
;
$self
->
{
_authnLevel
}
//
=
0
;
$self
->
{
_authnLevel
}
+=
1
if
$self
->
https
();
#TODO: check where _authnLevel is defined
$self
->
{
sessionInfo
}
->
{
authenticationLevel
}
=
$self
->
{
_authnLevel
};
# Store user submitted login for basic rules
...
...
@@ -121,8 +122,8 @@ sub setAuthSessionInfo {
# Store submitted password if set in configuration
# WARNING: it can be a security hole
if
(
$self
->
conf
->
{
storePassword
}
)
{
$self
->
{
sessionInfo
}
->
{'
_password
'}
=
$
self
->
{'
newpassword
'}
||
$
self
->
{'
password
'};
$self
->
{
sessionInfo
}
->
{'
_password
'}
=
$
req
->
datas
->
{'
newpassword
'}
||
$
req
->
datas
->
{'
password
'};
}
# Store user timezone
...
...
@@ -131,4 +132,9 @@ sub setAuthSessionInfo {
PE_OK
;
}
# @return display type
sub
getDisplayType
{
return
"
standardform
";
}
1
;
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm
View file @
00214387
...
...
@@ -222,9 +222,9 @@ sub display {
CHOICE_PARAM
=>
$self
->
conf
->
{
authChoiceParam
},
CHOICE_VALUE
=>
$req
->
{
_authChoice
},
OLDPASSWORD
=>
$self
->
checkXSSAttack
(
'
oldpassword
',
$req
->
{
oldpassword
}
)
$self
->
checkXSSAttack
(
'
oldpassword
',
$req
->
datas
->
{
oldpassword
}
)
?
""
:
$
self
->
{
oldpassword
},
:
$
req
->
datas
->
{
oldpassword
},
HIDE_OLDPASSWORD
=>
$self
->
conf
->
{
hideOldPassword
},
);
}
...
...
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Request.pm
View file @
00214387
# Lemonldap::NG::Portal::Main::Request extends Lemonldap::NG::Common::PSGI::Request
# to add all parameters needed to manage authentication:
#
# - steps: list of methods to call
# - datas: free hash ref where plugins can store their datas
# - user infos:
# * id: Apache::Session id
# * sessionInfo: hash ref that will be stored in session DB
# * user: username given by authentication module, used by userDB module
# - query elements:
# * mustRedirect: boolean to indicate that response must be a redirection
# * urlNotBase64: boolean to indicate that url isn't Base64 encoded
# - menu elements:
# * info: info to display at login
# * menuError
# * notification: see notification plugin
# * errorType: returns positive/warning/negative depending on error (stored
# in error property)
package
Lemonldap::NG::Portal::Main::
Request
;
# Developpers, be careful: new() is never called so default values will not be
...
...
@@ -44,10 +62,6 @@ has notification => ( is => 'rw' );
has
_authChoice
=>
(
is
=>
'
rw
'
);
has
_openidPortal
=>
(
is
=>
'
rw
'
);
sub
wantJSON
{
return
$_
[
0
]
->
accept
=~
m#(?:application|text)/json#
?
1
:
0
;
}
# Error type
sub
error_type
{
my
$req
=
shift
;
...
...
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/LDAP.pm
View file @
00214387
...
...
@@ -82,7 +82,8 @@ has filter => (
||
$conf
->
{
LDAPFilter
}
||
'
(&(uid=$user)(objectClass=inetOrgPerson))
';
$filter
=~
s/"/\\"/g
;
$filter
=~
s/\$(user|_?password|mail)/".\$req->{$1}."/g
;
$filter
=~
s/\$(user)/".\$req->{$1}."/g
;
$filter
=~
s/\$(user|_?password|mail)/".\$req->{datas}->{$1}."/g
;
$filter
=~
s/\$(\w+)/".\$req->{sessionInfo}->{$1}."/g
;
$_
[
0
]
->
{
p
}
->
lmLog
(
"
LDAP transformed filter:
$filter
",
'
debug
'
);
$filter
=
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment