diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main.pm index ba1b703cde4b29fc4896a5f16ca0402bcde8f048..e7f5cb11d53fbfd26f4428b521119156caf23c1f 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main.pm @@ -9,6 +9,7 @@ extends( 'Lemonldap::NG::Handler::PSGI::Try', 'Lemonldap::NG::Portal::Main::Init', 'Lemonldap::NG::Portal::Main::Run', + 'Lemonldap::NG::Portal::Main::Process', ); 1; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm index 961db753afc8fcde2e15eb9fac4480211c3d5477..87f57a2bfcadb78d0b87624d053f2a279ba93c46 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm @@ -26,6 +26,10 @@ has conf => ( is => 'rw', default => sub { {} } ); has _authentication => ( is => 'rw' ); has _userDB => ( is => 'rw' ); +# Macros and groups +has _macros => (is => 'rw'); +has _groups => (is => 'rw'); + # Lists to store plugins entry-points has beforeAuth => ( is => 'rw', @@ -65,10 +69,10 @@ sub init { # Core REST API ->addUnauthRoute( 'test', 'pleaseAuth', ['GET'] ) - ->addAuthRoute( 'test', 'authenticated', ['GET'] ) + ->addAuthRoute( 'test', 'authenticated', ['GET'] ); - # Default routes must point to routines declared above - $self->defaultAuthRoute(''); + # Default routes must point to routines declared above + $self->defaultAuthRoute(''); $self->defaultUnauthRoute(''); return $self->reloadConf($args); } @@ -86,6 +90,11 @@ sub reloadConf { delete $self->conf->{$key}; } + # Reinitialize arrays + foreach (qw(_macros _groups beforeAuth betweenAuthAndDatas afterDatas forAuthUser)) { + $self->{$_} = []; + } + # Load conf in portal object foreach my $key ( keys %$conf ) { $self->conf->{$key} = @@ -145,6 +154,8 @@ sub reloadConf { $self->conf->{trustedDomains} =~ s/\./\\./g; } + # TODO: compile macros in _macros, groups in _groups + # Load plugins foreach my $plugin ( $self->enabledPlugins ) { $self->loadPlugin($plugin) or return 0; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm new file mode 100644 index 0000000000000000000000000000000000000000..c11243412933b1a734dfeb4d3a8c44721148f639 --- /dev/null +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm @@ -0,0 +1,98 @@ +package Lemonldap::NG::Portal::Main::Process; + +use strict; +use Mouse; +use Lemonldap::NG::Portal::Main::Constants; +use Lemonldap::NG::Portal::Main::Request; + +our $VERSION = '2.0.0'; + +# Auth process +sub extractFormInfo { + my $self = shift; + return $self->_authentication->extractFormInfo(@_); +} + +sub getUser { + my $self = shift; + return $self->_userDB->getUser(@_); +} + +sub authenticate { + my $self = shift; + return $self->_authentication->authenticate(@_); +} + +# Session data providing + +sub setSessionInfo { + my ( $self, $req ) = @_; + + # Get the current user module + $req->{sessionInfo}->{_userDB} = $self->get_module("user"); + + # Store IP address from remote address or X-FORWARDED-FOR header + $req->{sessionInfo}->{ipAddr} = $req->remote_ip; + + # Date and time + if ( $self->conf->{updateSession} ) { + $req->{sessionInfo}->{updateTime} = + strftime( "%Y%m%d%H%M%S", localtime() ); + } + else { + $req->{sessionInfo}->{_utime} ||= time(); + $req->{sessionInfo}->{startTime} = + strftime( "%Y%m%d%H%M%S", localtime() ); + $req->{sessionInfo}->{_lastSeen} = time() if $self->conf->{timeoutActivity}; + } + + # Get environment variables matching exportedVars + foreach ( keys %{ $self->conf->{exportedVars} } ) { + if ( my $tmp = $ENV{ $self->conf->{exportedVars}->{$_} } ) { + $tmp =~ s/[\r\n]/ /gs; + $req->{sessionInfo}->{$_} = $tmp; + } + } + + # Store URL origin in session + $req->{sessionInfo}->{_url} = $req->datas->{urldc}; + + # Call UserDB setSessionInfo + return $self->_userDB->setSessionInfo($req) ); + + PE_OK; +} + +sub setMacros { + my ( $self, $req ) = @_; + foreach ( sort keys %{ $self->_macros } ) { + $req->{sessionInfo}->{$_} = $self->_macros->($req); + } + PE_OK; +} + +sub setGroups { + my ( $self, $req ) = @_; +} + +sub setPersistentSessionInfo { + my ( $self, $req ) = @_; +} + +sub setLocalGroups { + my ( $self, $req ) = @_; +} + +sub grantSession { + my ( $self, $req ) = @_; +} + +sub store { + my ( $self, $req ) = @_; +} + +sub buildCookie { + my ( $self, $req ) = @_; +} + +1; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Request.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Request.pm index 66c840b3a411f74283b0d0e8bcd70c9fc82d8826..e12cad426e00a36179eec64b76b31ef3160803e8 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Request.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Request.pm @@ -5,8 +5,9 @@ use Mouse; extends 'Lemonldap::NG::Common::PSGI::Request'; -has steps => ( is => 'rw' ); -has error => ( is => 'rw' ); +has steps => ( is => 'rw' ); +has datas => ( is => 'rw' ); +has sessionInfo => ( is => 'rw' ); sub wantJSON { return $_[0]->accept =~ m#(?:application|text)/json# ? 1 : 0; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm index a24068a126127e6b16ccaf86e353932df94e4fc7..5da7c7208e2e25839c9c32a70070cddce4ed5779 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm @@ -9,7 +9,10 @@ # # Entry points: # - "/test": * authenticated() for already authenticated users -# + pleaseAuth() for others +# * pleaseAuth() for others +# - "/": * login() ~first access +# * postLogin(), same for POST requests +# * authenticatedRequest() for authenticated users package Lemonldap::NG::Portal::Main::Run; use strict; @@ -49,14 +52,14 @@ sub pleaseAuth { sub authProcess { qw(extractFormInfo getUser authenticate) } sub sessionDatas { - qw(setAuthSessionInfo setSessionInfo setMacros setGroups - setPersistentSessionInfo setLocalGroups grantSession store - buildCookie); + qw(setSessionInfo setMacros setGroups setPersistentSessionInfo + setLocalGroups grantSession store buildCookie); } sub login { my ( $self, $req ) = @_; - return $req->do($req, + return $req->do( + $req, [ 'rememberArgs', @{ $self->beforeAuth }, &authProcess, @{ $self->betweenAuthAndDatas }, @@ -67,7 +70,8 @@ sub login { sub postLogin { my ( $self, $req ) = @_; - return $req->do($req, + return $req->do( + $req, [ 'restoreArgs', @{ $self->beforeAuth }, &authProcess, @{ $self->betweenAuthAndDatas }, @@ -78,25 +82,34 @@ sub postLogin { sub authenticatedRequest { my ( $self, $req ) = @_; - return $req->do($req, $self->forAuthUser ); + return $req->do( $req, $self->forAuthUser ); } sub do { - my ($self,$req,$steps) = @_; + my ( $self, $req, $steps ) = @_; $req->steps($steps); my $err = $self->process($req); + # TODO: updateStatus - if ( !$self->conf->{noAjaxHook} and $req->wantJSON ) { + if ( !$self->conf->{noAjaxHook} and $req->wantJSON ) { if ( $err > 0 ) { - return [ 401, ['WWW-Authenticate' => "SSO ".$self->conf->{portal},'Access-Control-Allow-Origin' => '*'],[]]; + return [ + 401, + [ + 'WWW-Authenticate' => "SSO " . $self->conf->{portal}, + 'Access-Control-Allow-Origin' => '*' + ], + [] + ]; } else { - return $self->senfJSONresponse({result=>1,message=>'Authenticated'}); + return $self->senfJSONresponse( + { result => 1, message => 'Authenticated' } ); } } else { - if($err) { - return $self->sendHtml($req,'login.tpl'); + if ($err) { + return $self->sendHtml( $req, 'login.tpl' ); } else { return $self->autoRedirect($req); @@ -106,10 +119,11 @@ sub do { sub process { my ( $self, $req ) = @_; + #$req->error(PE_OK); my $err = PE_OK; - while(my $sub = shift @{$req->steps}) { - last if($err = $self->$sub($req); + while ( my $sub = shift @{ $req->steps } ) { + last if ( $err = $self->$sub($req) ); } return $err; }