Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
lemonldap-ng
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
1
Issues
1
List
Boards
Labels
Service Desk
Milestones
Merge Requests
1
Merge Requests
1
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Incidents
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Maxime Besson
lemonldap-ng
Commits
820691df
Commit
820691df
authored
Feb 08, 2017
by
Xavier Guimard
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Start handler reorganization (#1160)
parent
554cd5e7
Changes
44
Expand all
Show whitespace changes
Inline
Side-by-side
Showing
44 changed files
with
545 additions
and
536 deletions
+545
-536
lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/RESTServer.pm
...ldap-ng-common/lib/Lemonldap/NG/Common/Conf/RESTServer.pm
+1
-1
lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm
...dap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm
+1
-1
lemonldap-ng-handler/MANIFEST
lemonldap-ng-handler/MANIFEST
+2
-2
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/ApacheMP2.pm
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/ApacheMP2.pm
+6
-343
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/ApacheMP2/AuthBasic.pm
...g-handler/lib/Lemonldap/NG/Handler/ApacheMP2/AuthBasic.pm
+14
-0
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/ApacheMP2/Main.pm
...dap-ng-handler/lib/Lemonldap/NG/Handler/ApacheMP2/Main.pm
+344
-0
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/AuthBasic.pm
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/AuthBasic.pm
+0
-65
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/AuthBasic.pm
...ldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/AuthBasic.pm
+8
-8
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main.pm
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main.pm
+0
-7
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Init.pm
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Init.pm
+4
-2
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Reload.pm
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Reload.pm
+10
-2
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm
+19
-6
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/SharedVariables.pm
...-handler/lib/Lemonldap/NG/Handler/Main/SharedVariables.pm
+4
-2
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Menu.pm
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Menu.pm
+2
-2
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/PSGI/Base.pm
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/PSGI/Base.pm
+3
-0
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/ZimbraPreAuth.pm
...ldap-ng-handler/lib/Lemonldap/NG/Handler/ZimbraPreAuth.pm
+1
-1
lemonldap-ng-handler/t/10-Lemonldap-NG-Handler-SharedConf.t
lemonldap-ng-handler/t/10-Lemonldap-NG-Handler-SharedConf.t
+3
-1
lemonldap-ng-handler/t/52-Lemonldap-NG-Handler-AuthBasic.t
lemonldap-ng-handler/t/52-Lemonldap-NG-Handler-AuthBasic.t
+0
-36
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
+22
-0
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
...p-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
+24
-13
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm
...nldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm
+1
-1
lemonldap-ng-manager/site/static/js/conftree.js
lemonldap-ng-manager/site/static/js/conftree.js
+25
-0
lemonldap-ng-manager/site/static/js/conftree.min.js
lemonldap-ng-manager/site/static/js/conftree.min.js
+1
-1
lemonldap-ng-manager/site/static/languages/en.json
lemonldap-ng-manager/site/static/languages/en.json
+1
-0
lemonldap-ng-manager/site/static/languages/fr.json
lemonldap-ng-manager/site/static/languages/fr.json
+1
-0
lemonldap-ng-portal/MANIFEST
lemonldap-ng-portal/MANIFEST
+6
-0
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm
+1
-1
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm
+1
-1
lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Artifact-with-SOAP-SLO-IdP-initiated.t
...th-and-issuer-SAML-Artifact-with-SOAP-SLO-IdP-initiated.t
+3
-3
lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Artifact-with-SOAP-SLO.t
...portal/t/30-Auth-and-issuer-SAML-Artifact-with-SOAP-SLO.t
+3
-3
lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Metadata.t
lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Metadata.t
+1
-1
lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST-IdP-initiated.t
...-ng-portal/t/30-Auth-and-issuer-SAML-POST-IdP-initiated.t
+3
-3
lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST.t
lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST.t
+3
-3
lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect-IdP-initiated.t
...portal/t/30-Auth-and-issuer-SAML-Redirect-IdP-initiated.t
+3
-3
lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect.t
lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect.t
+3
-3
lemonldap-ng-portal/t/31-Auth-and-issuer-CAS.t
lemonldap-ng-portal/t/31-Auth-and-issuer-CAS.t
+3
-3
lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code.t
...-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code.t
+1
-1
lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-hybrid.t
lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-hybrid.t
+1
-1
lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-implicit.t
lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-implicit.t
+1
-1
lemonldap-ng-portal/t/33-Auth-and-issuer-OpenID2.t
lemonldap-ng-portal/t/33-Auth-and-issuer-OpenID2.t
+3
-3
lemonldap-ng-portal/t/34-Auth-Proxy-and-REST-Server.t
lemonldap-ng-portal/t/34-Auth-Proxy-and-REST-Server.t
+3
-3
lemonldap-ng-portal/t/34-Auth-Proxy-and-SOAP-Server.t
lemonldap-ng-portal/t/34-Auth-Proxy-and-SOAP-Server.t
+3
-3
lemonldap-ng-portal/t/35-REST-sessions-with-REST-server.t
lemonldap-ng-portal/t/35-REST-sessions-with-REST-server.t
+3
-3
lemonldap-ng-portal/t/35-SOAP-sessions-with-SOAP-server.t
lemonldap-ng-portal/t/35-SOAP-sessions-with-SOAP-server.t
+3
-3
No files found.
lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/RESTServer.pm
View file @
820691df
...
...
@@ -209,7 +209,7 @@ sub virtualHosts {
}
return
$self
->
sendJSONresponse
(
$req
,
$resp
);
}
elsif
(
$query
=~
/^vhost(?:(?:Aliase|Http)s|Maintenance|Port)$/
)
{
elsif
(
$query
=~
/^vhost(?:(?:Aliase|Http)s|Maintenance|Port
|Type
)$/
)
{
$self
->
lmLog
(
"
Query for
$vh
/
$query
key
",
'
debug
'
);
# TODO: verify how this is done actually
...
...
lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm
View file @
820691df
...
...
@@ -26,7 +26,7 @@ our $oidcOPMetaDataNodeKeys = 'oidcOPMetaData(?:Options(?:C(?:lient(?:Secret|ID)
our
$oidcRPMetaDataNodeKeys
=
'
oidcRPMetaData(?:Options(?:I(?:DToken(?:Expiration|SignAlg)|con)|(?:RedirectUri|ExtraClaim)s|AccessTokenExpiration|Client(?:Secret|ID)|BypassConsent|DisplayName|UserIDAttr)|ExportedVars)
';
our
$samlIDPMetaDataNodeKeys
=
'
samlIDPMetaData(?:Options(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|EncryptionMod|IsPassiv)e|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Re(?:questedAuthnContext|solutionRule|layStateURL)|S(?:ignS[LS]OMessage|toreSAMLToken|[LS]OBinding)|Force(?:Authn|UTF8)|NameIDFormat)|ExportedAttributes|XML)
';
our
$samlSPMetaDataNodeKeys
=
'
samlSPMetaData(?:Options(?:N(?:ameID(?:SessionKey|Format)|otOnOrAfterTimeout)|S(?:essionNotOnOrAfterTimeout|ignS[LS]OMessage)|(?:CheckS[LS]OMessageSignatur|OneTimeUs)e|En(?:ableIDPInitiatedURL|cryptionMode)|ForceUTF8)|ExportedAttributes|XML)
';
our
$virtualHostKeys
=
'
(?:vhost(?:(?:
Aliase|Http)s|Maintenance
|Port)|(?:exportedHeader|locationRule)s|post)
';
our
$virtualHostKeys
=
'
(?:vhost(?:(?:
Maintenanc|Typ)e|(?:Aliase|Http)s
|Port)|(?:exportedHeader|locationRule)s|post)
';
our
$authParameters
=
{
adParams
=>
[
qw(ADPwdMaxAge ADPwdExpireWarning)
],
...
...
lemonldap-ng-handler/MANIFEST
View file @
820691df
...
...
@@ -5,8 +5,9 @@ example/scripts/purgeLocalCache
example/scripts/purgeLocalCache.cron.d
lib/Lemonldap/NG/Handler.pm
lib/Lemonldap/NG/Handler/ApacheMP2.pm
lib/Lemonldap/NG/Handler/ApacheMP2/AuthBasic.pm
lib/Lemonldap/NG/Handler/ApacheMP2/Main.pm
lib/Lemonldap/NG/Handler/API/ExperimentalNginx.pm
lib/Lemonldap/NG/Handler/AuthBasic.pm
lib/Lemonldap/NG/Handler/Lib/AuthBasic.pm
lib/Lemonldap/NG/Handler/Main.pm
lib/Lemonldap/NG/Handler/Main/Init.pm
...
...
@@ -37,7 +38,6 @@ t/12-Lemonldap-NG-Handler-Jail.t
t/13-Lemonldap-NG-Handler-Fake-Safe.t
t/50-Lemonldap-NG-Handler-SecureToken.t
t/51-Lemonldap-NG-Handler-Zimbra.t
t/52-Lemonldap-NG-Handler-AuthBasic.t
t/60-Lemonldap-NG-Handler-PSGI.t
t/61-Lemonldap-NG-Handler-PSGI-Server.t
t/62-Lemonldap-NG-Handler-Nginx.t
...
...
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/ApacheMP2.pm
View file @
820691df
package
Lemonldap::NG::Handler::
ApacheMP2
;
use
strict
;
use
AutoLoader
'
AUTOLOAD
';
use
Apache2::
RequestUtil
;
use
Apache2::
RequestRec
;
use
Apache2::
Log
;
use
Apache2::
ServerUtil
;
use
Apache2::
Connection
;
use
Apache2::
RequestIO
;
use
Apache2::
Const
;
use
Apache2::
Filter
;
use
APR::
Table
;
use
Apache2::
Const
-
compile
=>
qw(FORBIDDEN HTTP_UNAUTHORIZED REDIRECT OK DECLINED DONE SERVER_ERROR AUTH_REQUIRED HTTP_SERVICE_UNAVAILABLE)
;
use
Lemonldap::NG::Handler::
Main
;
use
constant
FORBIDDEN
=>
Apache2::Const::
FORBIDDEN
;
use
constant
HTTP_UNAUTHORIZED
=>
Apache2::Const::
HTTP_UNAUTHORIZED
;
use
constant
REDIRECT
=>
Apache2::Const::
REDIRECT
;
use
constant
OK
=>
Apache2::Const::
OK
;
use
constant
DECLINED
=>
Apache2::Const::
DECLINED
;
use
constant
DONE
=>
Apache2::Const::
DONE
;
use
constant
SERVER_ERROR
=>
Apache2::Const::
SERVER_ERROR
;
use
constant
AUTH_REQUIRED
=>
Apache2::Const::
AUTH_REQUIRED
;
use
constant
MAINTENANCE
=>
Apache2::Const::
HTTP_SERVICE_UNAVAILABLE
;
use
constant
BUFF_LEN
=>
8192
;
eval
{
require
threads::
shared
;
};
print
STDERR
"
You probably would have better perfs by enabling threads::shared
\n
"
if
(
$@
);
our
@ISA
=
qw(Lemonldap::NG::Handler::Main)
;
use
Lemonldap::NG::Handler::ApacheMP2::
Main
;
our
$VERSION
=
'
2.0.0
';
our
$request
;
# Apache2::RequestRec object for current request
# PUBLIC METHODS
sub
handler
{
my
$class
;
$class
=
$
#_ ? shift : __PACKAGE__;
shift
if
(
$
#_);
my
$type
=
Lemonldap::NG::Handler::ApacheMP2::
Main
->
checkType
(
@
_
);
my
$class
=
"
Lemonldap::NG::Handler::ApacheMP2::
$type
";
eval
"
require
$class
";
die
$@
if
(
$@
);
my
(
$res
)
=
$class
->
run
(
@
_
);
return
$res
;
}
## @rmethod protected int redirectFilter(string url, Apache2::Filter f)
# Launch the current HTTP request then redirects the user to $url.
# Used by logout_app and logout_app_sso targets
# @param $url URL to redirect the user
# @param $f Current Apache2::Filter object
# @return Constant $class->OK
sub
redirectFilter
{
my
$class
=
shift
;
my
$url
=
shift
;
my
$f
=
shift
;
unless
(
$f
->
ctx
)
{
# Here, we can use Apache2 functions instead of set_header_out
# since this function is used only with Apache2.
$f
->
r
->
status
(
$class
->
REDIRECT
);
$f
->
r
->
status_line
("
303 See Other
");
$f
->
r
->
headers_out
->
unset
('
Location
');
$f
->
r
->
err_headers_out
->
set
(
'
Location
'
=>
$url
);
$f
->
ctx
(
1
);
}
while
(
$f
->
read
(
my
$buffer
,
1024
)
)
{
}
$class
->
updateStatus
(
$f
->
r
,
'
$class->REDIRECT
',
$class
->
datas
->
{
$class
->
tsv
->
{
whatToTrace
}
},
'
filter
'
);
return
$class
->
OK
;
}
__PACKAGE__
->
init
();
# INTERNAL METHODS
## @method void thread_share(string $variable)
# try to share $variable between threads
# note: eval is needed,
# else it fails to compile if threads::shared is not loaded
# @param $variable the name of the variable to share
sub
thread_share
{
my
(
$class
,
$variable
)
=
@_
;
eval
"
threads::shared::share(
\$
variable);
";
}
## @method void setServerSignature(string sign)
# modifies web server signature
# @param $sign String to add to server signature
sub
setServerSignature
{
my
(
$class
,
$sign
)
=
@_
;
eval
{
Apache2::
ServerUtil
->
server
->
push_handlers
(
PerlPostConfigHandler
=>
sub
{
my
(
$c
,
$l
,
$t
,
$s
)
=
@_
;
$s
->
add_version_component
(
$sign
);
}
);
};
}
sub
newRequest
{
my
(
$class
,
$r
)
=
@_
;
$request
=
$r
;
}
## @method void _lmLog(string $msg, string $level)
# logs message $msg to Apache logs with loglevel $level
# @param $msg string message to log
# @param $level string loglevel
sub
_lmLog
{
my
(
$class
,
$msg
,
$level
)
=
@_
;
# TODO: remove the useless tag 'ApacheMP2.pm(70):' in debug logs
Apache2::
ServerRec
->
log
->
$level
(
$msg
);
}
## @method void set_user(string user)
# sets remote_user
# @param user string username
sub
set_user
{
my
(
$class
,
$user
)
=
@_
;
$request
->
user
(
$user
);
}
## @method string header_in(string header)
# returns request header value
# @param header string request header
# @return request header value
sub
header_in
{
my
(
$class
,
$header
)
=
@_
;
$header
||=
$class
;
# to use header_in as a method or as a function
return
$request
->
headers_in
->
{
$header
};
}
## @method void set_header_in(hash headers)
# sets or modifies request headers
# @param headers hash containing header names => header value
sub
set_header_in
{
my
(
$class
,
%headers
)
=
@_
;
while
(
my
(
$h
,
$v
)
=
each
%headers
)
{
$request
->
headers_in
->
set
(
$h
=>
$v
);
}
}
## @method void unset_header_in(array headers)
# removes request headers
# This function looks a bit heavy: it is to ensure that if a request
# header 'Auth-User' is removed, 'Auth_User' be removed also
# @param headers array with header names to remove
sub
unset_header_in
{
my
(
$class
,
@headers
)
=
@_
;
foreach
my
$h1
(
@headers
)
{
$h1
=
lc
$h1
;
$h1
=~
s/-/_/g
;
$request
->
headers_in
->
do
(
sub
{
my
$h
=
shift
;
my
$h2
=
lc
$h
;
$h2
=~
s/-/_/g
;
$request
->
headers_in
->
unset
(
$h
)
if
(
$h1
eq
$h2
);
return
1
;
}
);
}
}
## @method void set_header_out(hash headers)
# sets response headers
# @param headers hash containing header names => header value
sub
set_header_out
{
my
(
$class
,
%headers
)
=
@_
;
while
(
my
(
$h
,
$v
)
=
each
%headers
)
{
$request
->
err_headers_out
->
set
(
$h
=>
$v
);
}
}
## @method string hostname()
# returns host, as set by full URI or Host header
# @return host string Host value
sub
hostname
{
my
$class
=
shift
;
return
$request
->
hostname
;
}
## @method string remote_ip
# returns client IP address
# @return IP_Addr string client IP
sub
remote_ip
{
my
$class
=
shift
;
my
$remote_ip
=
(
$request
->
connection
->
can
('
remote_ip
')
?
$request
->
connection
->
remote_ip
:
$request
->
connection
->
client_ip
);
return
$remote_ip
;
}
## @method boolean is_initial_req
# returns true unless the current request is a subrequest
# @return is_initial_req boolean
sub
is_initial_req
{
my
$class
=
shift
;
return
$request
->
is_initial_req
;
}
## @method string args(string args)
# gets the query string
# @return args string Query string
sub
args
{
my
$class
=
shift
;
return
$request
->
args
();
}
## @method string uri
# returns the path portion of the URI, normalized, i.e. :
# * URL decoded (characters encoded as %XX are decoded,
# except ? in order not to merge path and query string)
# * references to relative path components "." and ".." are resolved
# * two or more adjacent slashes are merged into a single slash
# @return path portion of the URI, normalized
sub
uri
{
my
$class
=
shift
;
my
$uri
=
$request
->
uri
;
$uri
=~
s#//+#/#g
;
$uri
=~
s#\?#%3F#g
;
return
$uri
;
}
## @method string uri_with_args
# returns the URI, with arguments and with path portion normalized
# @return URI with normalized path portion
sub
uri_with_args
{
my
$class
=
shift
;
return
uri
.
(
$request
->
args
?
"
?
"
.
$request
->
args
:
""
);
}
## @method string unparsed_uri
# returns the full original request URI, with arguments
# @return full original request URI, with arguments
sub
unparsed_uri
{
my
$class
=
shift
;
return
$request
->
unparsed_uri
;
}
## @method string get_server_port
# returns the port the server is receiving the current request on
# @return port string server port
sub
get_server_port
{
my
$class
=
shift
;
return
$request
->
get_server_port
;
}
## @method string method
# returns the port the server is receiving the current request on
# @return port string server port
sub
method
{
my
$class
=
shift
;
return
$request
->
method
;
}
## @method void print(string data)
# write data in HTTP response body
# @param data Text to add in response body
sub
print
{
my
(
$class
,
$data
)
=
@_
;
$request
->
print
(
$data
);
}
1
;
__END__
## @method void addToHtmlHead(string data)
# add data at end of html head
# @param data Text to add in html head
sub addToHtmlHead {
use APR::Bucket ();
use APR::Brigade ();
my ( $class, $data ) = @_;
$request->add_output_filter(
sub {
my $f = shift;
my $bb = shift;
my $ctx = $f->ctx;
#unless ($ctx) {
# $f->r->headers_out->unset('Content-Length');
#}
my $done = 0;
my $buffer = $ctx->{data} ? $ctx->{data} : '';
my ( $bdata, $seen_eos ) = flatten_bb($bb);
unless ($done) {
$done = 1
if ( $bdata =~ s/(<\/head>)/$data$1/si
or $bdata =~ s/(<body>)/$1$data/si );
}
$buffer .= $bdata if ($bdata);
if ($seen_eos) {
my $len = length $buffer;
$f->r->headers_out->set( 'Content-Length', $len );
$f->print($buffer) if ($buffer);
}
else {
$ctx->{data} = $buffer;
$f->ctx($ctx);
}
return OK;
}
);
}
sub flatten_bb {
my ($bb) = shift;
my $seen_eos = 0;
my @data;
for ( my $b = $bb->first ; $b ; $b = $bb->next($b) ) {
$seen_eos++, last if $b->is_eos;
$b->read( my $bdata );
push @data, $bdata;
}
return ( join( '', @data ), $seen_eos );
}
## @method void setPostParams(hashref $params)
# add or modify parameters in POST request body
# @param $params hashref containing name => value
sub setPostParams {
my ( $class, $params ) = @_;
$request->add_input_filter(
sub {
my $f = shift;
my $buffer;
# Filter only POST request body
if ( $f->r->method eq "POST" ) {
my $body;
while ( $f->read($buffer) ) { $body .= $buffer; }
while ( my ( $name, $value ) = each(%$params) ) {
$body =~ s/((^|&))$name=[^\&]*/$1$name=$value/
or $body .= "&$name=$value";
}
$body =~ s/^&//;
$f->print($body);
}
else {
$f->print($buffer) while ( $f->read($buffer) );
}
return OK;
}
);
}
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/ApacheMP2/AuthBasic.pm
0 → 100644
View file @
820691df
# Auth-basic authentication with Lemonldap::NG rights management
# This specific handler is intended to be called directly by Apache
package
Lemonldap::NG::Handler::ApacheMP2::
AuthBasic
;
use
strict
;
use
base
'
Lemonldap::NG::Handler::Lib::AuthBasic
',
'
Lemonldap::NG::Handler::ApacheMP2::Main
';
our
$VERSION
=
'
2.0.0
';
1
;
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/ApacheMP2/Main.pm
0 → 100644
View file @
820691df
package
Lemonldap::NG::Handler::ApacheMP2::
Main
;
use
strict
;
use
AutoLoader
'
AUTOLOAD
';
use
Apache2::
RequestUtil
;
use
Apache2::
RequestRec
;
use
Apache2::
Log
;
use
Apache2::
ServerUtil
;
use
Apache2::
Connection
;
use
Apache2::
RequestIO
;
use
Apache2::
Const
;
use
Apache2::
Filter
;
use
APR::
Table
;
use
Apache2::
Const
-
compile
=>
qw(FORBIDDEN HTTP_UNAUTHORIZED REDIRECT OK DECLINED DONE SERVER_ERROR AUTH_REQUIRED HTTP_SERVICE_UNAVAILABLE)
;
use
base
'
Lemonldap::NG::Handler::Main
';
use
constant
FORBIDDEN
=>
Apache2::Const::
FORBIDDEN
;
use
constant
HTTP_UNAUTHORIZED
=>
Apache2::Const::
HTTP_UNAUTHORIZED
;
use
constant
REDIRECT
=>
Apache2::Const::
REDIRECT
;
use
constant
OK
=>
Apache2::Const::
OK
;
use
constant
DECLINED
=>
Apache2::Const::
DECLINED
;
use
constant
DONE
=>
Apache2::Const::
DONE
;
use
constant
SERVER_ERROR
=>
Apache2::Const::
SERVER_ERROR
;
use
constant
AUTH_REQUIRED
=>
Apache2::Const::
AUTH_REQUIRED
;
use
constant
MAINTENANCE
=>
Apache2::Const::
HTTP_SERVICE_UNAVAILABLE
;
use
constant
BUFF_LEN
=>
8192
;
eval
{
require
threads::
shared
;
};
our
$request
;
# Apache2::RequestRec object for current request
#*run = \&Lemonldap::NG::Handler::Main::run;
## @rmethod protected int redirectFilter(string url, Apache2::Filter f)
# Launch the current HTTP request then redirects the user to $url.
# Used by logout_app and logout_app_sso targets
# @param $url URL to redirect the user
# @param $f Current Apache2::Filter object
# @return Constant $class->OK
sub
redirectFilter
{
my
$class
=
shift
;
my
$url
=
shift
;
my
$f
=
shift
;
unless
(
$f
->
ctx
)
{
# Here, we can use Apache2 functions instead of set_header_out
# since this function is used only with Apache2.
$f
->
r
->
status
(
$class
->
REDIRECT
);
$f
->
r
->
status_line
("
303 See Other
");
$f
->
r
->
headers_out
->
unset
('
Location
');
$f
->
r
->
err_headers_out
->
set
(
'
Location
'
=>
$url
);
$f
->
ctx
(
1
);
}
while
(
$f
->
read
(
my
$buffer
,
1024
)
)
{
}
$class
->
updateStatus
(
$f
->
r
,
'
$class->REDIRECT
',
$class
->
datas
->
{
$class
->
tsv
->
{
whatToTrace
}
},
'
filter
'
);
return
$class
->
OK
;
}
__PACKAGE__
->
init
();
# INTERNAL METHODS
## @method void thread_share(string $variable)
# try to share $variable between threads
# note: eval is needed,
# else it fails to compile if threads::shared is not loaded
# @param $variable the name of the variable to share
sub
thread_share
{
my
(
$class
,
$variable
)
=
@_
;
eval
"
threads::shared::share(
\$
variable);
";
}
## @method void setServerSignature(string sign)
# modifies web server signature
# @param $sign String to add to server signature
sub
setServerSignature
{
my
(
$class
,
$sign
)
=
@_
;
eval
{
Apache2::
ServerUtil
->
server
->
push_handlers
(
PerlPostConfigHandler
=>
sub
{
my
(
$c
,
$l
,
$t
,
$s
)
=
@_
;
$s
->
add_version_component
(
$sign
);
}
);
};
}
sub
newRequest
{
my
(
$class
,
$r
)
=
@_
;
$request
=
$r
;
}
## @method void _lmLog(string $msg, string $level)
# logs message $msg to Apache logs with loglevel $level
# @param $msg string message to log
# @param $level string loglevel
sub
_lmLog
{
my
(
$class
,
$msg
,
$level
)
=
@_
;
# TODO: remove the useless tag 'ApacheMP2.pm(70):' in debug logs
Apache2::
ServerRec
->
log
->
$level
(
$msg
);
}
## @method void set_user(string user)
# sets remote_user
# @param user string username
sub
set_user
{
my
(
$class
,
$user
)
=
@_
;
$request
->
user
(
$user
);
}
## @method string header_in(string header)
# returns request header value
# @param header string request header
# @return request header value
sub
header_in
{
my
(
$class
,
$header
)
=
@_
;
$header
||=
$class
;
# to use header_in as a method or as a function
return
$request
->
headers_in
->
{
$header
};
}
## @method void set_header_in(hash headers)
# sets or modifies request headers
# @param headers hash containing header names => header value
sub
set_header_in
{
my
(
$class
,
%headers
)
=
@_
;
while
(
my
(
$h
,
$v
)
=
each
%headers
)
{
$request
->
headers_in
->
set
(
$h
=>
$v
);
}
}
## @method void unset_header_in(array headers)
# removes request headers
# This function looks a bit heavy: it is to ensure that if a request
# header 'Auth-User' is removed, 'Auth_User' be removed also
# @param headers array with header names to remove
sub
unset_header_in
{
my
(
$class
,
@headers
)
=
@_
;
foreach
my
$h1
(
@headers
)
{
$h1
=
lc
$h1
;
$h1
=~
s/-/_/g
;
$request
->
headers_in
->
do
(
sub
{
my
$h
=
shift
;
my
$h2
=
lc
$h
;
$h2
=~
s/-/_/g
;
$request
->
headers_in
->
unset
(
$h
)
if
(
$h1
eq
$h2
);
return
1
;
}
);
}
}
## @method void set_header_out(hash headers)
# sets response headers
# @param headers hash containing header names => header value
sub
set_header_out
{
my
(
$class
,
%headers
)
=
@_
;
while
(
my
(
$h
,
$v
)
=
each
%headers
)
{
$request
->
err_headers_out
->
set
(
$h
=>
$v
);
}
}
## @method string hostname()
# returns host, as set by full URI or Host header
# @return host string Host value
sub
hostname
{
my
$class
=
shift
;
return
$request
->
hostname
;
}
## @method string remote_ip
# returns client IP address
# @return IP_Addr string client IP
sub
remote_ip
{
my
$class
=
shift
;
my
$remote_ip
=
(
$request
->
connection
->
can
('
remote_ip
')
?
$request
->
connection
->
remote_ip
:
$request
->
connection
->
client_ip
);
return
$remote_ip
;
}