Commit 6cccc434 authored by Xavier Guimard's avatar Xavier Guimard

Combination skeleton (#1151)

parent 29d90718
......@@ -103,7 +103,7 @@ sub parseBlock {
die "Bad expression: $expr";
}
my @res = ( $1, $2 || $1 );
@res = map { $self->parseMod( $moduleList, $_ ) } @res;
@res = ($self->parseMod( $moduleList, 0, $res[0]),$self->parseMod( $moduleList, 1, $res[1]));
return \@res;
}
......@@ -111,11 +111,11 @@ sub parseBlock {
# These expressions can be "LDAP" or "LDAP and DBI"
# Return sub
sub parseMod {
my ( $self, $moduleList, $expr ) = @_;
my ( $self, $moduleList, $type, $expr ) = @_;
my @mods = map {
die "Unknown module $_"
unless ( $moduleList->{$_} );
$moduleList->{$_}
unless ( $moduleList->{$_}->[$type] );
$moduleList->{$_}->[$type]
} split( /\s+and\s+/, $expr );
if ( @mods == 1 ) {
my ($m) = @mods;
......
......@@ -8,7 +8,7 @@ use_ok($m);
my $authMods = {};
foreach (qw(A B C)) {
$authMods->{$_} = LLNG::Auth->new($_);
$authMods->{$_} = [ LLNG::Auth->new($_), LLNG::Auth->new($_) ];
}
# Verify structure
......@@ -55,11 +55,8 @@ ok(
# Test "and"
@tests = (
'[A and B, A]',
'[A,B] and [B,C]',
'if(0) then [A,B] else [A,B] and [B,C]'
);
@tests = ( '[A and B, A]', '[A,B] and [B,C]',
'if(0) then [A,B] else [A,B] and [B,C]' );
while ( my $expr = shift @tests ) {
ok( getok($expr) == 0, qq{"$expr" returns PE_OK as auth result} )
......@@ -67,13 +64,10 @@ while ( my $expr = shift @tests ) {
}
# Test bad expr
@tests = (
'if(1) then {if(1) then [A] else [B]} else [C]',
'[A,B or C]',
);
@tests = ( 'if(1) then {if(1) then [A] else [B]} else [C]', '[A,B or C]', );
foreach(@tests) {
ok(!eval{authName($_)}, qq'Bad expr "$_"');
foreach (@tests) {
ok( !eval { authName($_) }, qq'Bad expr "$_"' );
}
sub getok {
......@@ -109,5 +103,5 @@ sub name {
}
sub ok {
return 0; # PE_OK
return 0; # PE_OK
}
......@@ -15,6 +15,7 @@ lib/Lemonldap/NG/Portal/Auth/Apache.pm
lib/Lemonldap/NG/Portal/Auth/Base.pm
lib/Lemonldap/NG/Portal/Auth/CAS.pm
lib/Lemonldap/NG/Portal/Auth/Choice.pm
lib/Lemonldap/NG/Portal/Auth/Combination.pm
lib/Lemonldap/NG/Portal/Auth/DBI.pm
lib/Lemonldap/NG/Portal/Auth/Demo.pm
lib/Lemonldap/NG/Portal/Auth/Facebook.pm
......@@ -92,6 +93,7 @@ lib/Lemonldap/NG/Portal/Register/U2F.pm
lib/Lemonldap/NG/Portal/Simple.pm
lib/Lemonldap/NG/Portal/UserDB/AD.pm
lib/Lemonldap/NG/Portal/UserDB/Choice.pm
lib/Lemonldap/NG/Portal/UserDB/Combination.pm
lib/Lemonldap/NG/Portal/UserDB/DBI.pm
lib/Lemonldap/NG/Portal/UserDB/Demo.pm
lib/Lemonldap/NG/Portal/UserDB/Facebook.pm
......
package Lemonldap::NG::Portal::Auth::Choice;
use strict;
use Mouse;
use Lemonldap::NG::Common::Combination::Parser;
use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_ERROR);
# TODO: See Lib::Wrapper
extends 'Lemonldap::NG::Portal::Auth::Base';
# PROPERTIES
has stackSub => ( is => 'rw' );
# INITIALIZATION
sub init {
my ($self) = @_;
unless ( $self->conf->combination ) {
$self->error('No combination found');
return 0;
}
my %mods;
foreach my $mod ( @{ $self->conf->{combModules} } ) {
my @tmp = ( undef, undef );
# TODO: override params
if ( $mod->{for} < 2 ) {
$tmp[0] = $self->p->loadPlugin("::Auth::$mod->{type}");
unless ( $tmp[0] ) {
$self->error("Unable to load Auth::$mod->{type}");
return 0;
}
}
unless ( $mod->{for} == 1 ) {
$tmp[1] = $self->p->loadPlugin("::UserDB::$mod->{type}");
unless ( $tmp[1] ) {
$self->error("Unable to load UserDB::$mod->{type}");
return 0;
}
}
$mods{ $mod->{name} } = \@tmp;
}
eval {
$self->stackSub(
Lemonldap::NG::Common::Combination::Parser->parse(
\%mods, $self->conf->combination
)
);
};
if ($@) {
$self->error("Bad combination: $@");
return 0;
}
return 1;
}
sub extractFormInfo {
my ( $self, $req ) = @_;
# Get available authentication schemes for this user
$self->getStack($req) or return PE_ERROR;
return $self->try->( 0, 'extractFormInfo', $req );
}
sub getUser {
return $_[0]->try->( 1, 'getUser', $_[1] );
}
sub authenticate {
return $_[0]->try->( 0, 'authenticate', $_[1] );
}
sub setAuthSessionInfo {
return $_[0]->try->( 0, 'authenticate', $_[1] );
}
sub setSessionInfo {
return $_[0]->try->( 1, 'authenticate', $_[1] );
}
sub setGroups {
return $_[0]->try->( 1, 'authenticate', $_[1] );
}
sub getDisplayType {
return $_[0]->try->( 0, 'getDisplayType', {} );
}
# TODO: authLogout
sub getStack {
my ( $self, $req ) = @_;
my $stack = $req->datas->{multiStack} = $self->stackSub($req);
unless ($stack) {
$self->lmLog( 'No authentication scheme for this user', 'error' );
}
@{ $req->datas->{multiSteps} } = @{ $req->steps };
$req->datas->{multiTry} = 0;
return $stack;
}
sub try {
my ( $self, $type, $subname, $req ) = @_;
my ( $nb, $stack ) = ( $req->datas->{multiTry}, $req->datas->{multiStack} );
# If more than 1 scheme is available
if ( $nb < @$stack ) {
# TODO: change logLevel for userLog()
my $res = $stack->[$nb]->[$type]->$subname($req);
# On error, restart authentication with next scheme
if ( $res > PE_OK ) {
$req->datas->{multiTry}++;
$req->steps( [ @{ $req->datas->{multiSteps} } ] );
return PE_OK;
}
return $res;
}
return $stack->[$nb]->[$type]->$subname($req);
}
1;
package Lemonldap::NG::Portal::UserDB::Combination;
sub new {
return $_[1]->{p}->{_authentication};
}
1;
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment