SSL.pm 1.77 KB
Newer Older
Xavier Guimard's avatar
Xavier Guimard committed
1 2 3 4
package Lemonldap::NG::Portal::Auth::SSL;

use strict;
use Mouse;
5 6 7 8 9 10
use Lemonldap::NG::Portal::Main::Constants qw(
  PE_BADCERTIFICATE
  PE_CERTIFICATEREQUIRED
  PE_FIRSTACCESS
  PE_OK
);
Xavier Guimard's avatar
Xavier Guimard committed
11

Xavier Guimard's avatar
Xavier Guimard committed
12
our $VERSION = '2.0.1';
Xavier Guimard's avatar
Xavier Guimard committed
13

14
extends 'Lemonldap::NG::Portal::Main::Auth';
Xavier Guimard's avatar
Xavier Guimard committed
15 16 17 18

# INITIALIZATION

sub init {
Xavier Guimard's avatar
Xavier Guimard committed
19
    return 1;
Xavier Guimard's avatar
Xavier Guimard committed
20 21 22 23 24 25
}

# Read username in SSL environment variables, or return an error
# @return Lemonldap::NG::Portal constant
sub extractFormInfo {
    my ( $self, $req ) = @_;
26
    my $field = $self->conf->{SSLVar};
27 28 29 30 31 32
    if ( $req->env->{SSL_CLIENT_I_DN}
        and my $tmp =
        $self->conf->{SSLVarIf}->{ $req->env->{SSL_CLIENT_I_DN} } )
    {
        $field = $tmp;
    }
33 34 35 36 37
    if ( $req->user( $req->env->{$field} ) ) {
        $self->userLogger->notice( "GoodSSL authentication for " . $req->user );
        return PE_OK;
    }
    elsif ( $req->env->{SSL_CLIENT_S_DN} ) {
38
        $self->userLogger->warn("$field was not found in user certificate");
Xavier Guimard's avatar
Xavier Guimard committed
39 40
        return PE_BADCERTIFICATE;
    }
41 42
    elsif ( $self->conf->{sslByAjax} and not $req->param('nossl') ) {
        $self->logger->debug('Send SSL javascript');
Xavier Guimard's avatar
Xavier Guimard committed
43
        $req->data->{customScript} .=
44 45 46
            '<script type="application/init">{"sslHost":"'
          . $self->conf->{sslHost}
          . '"}</script>';
47
        $self->logger->debug("Send JS -> " . $req->data->{customScript});
48 49
        return PE_FIRSTACCESS;
    }
Xavier Guimard's avatar
Xavier Guimard committed
50
    else {
51
        $self->userLogger->warn('No certificate found');
Xavier Guimard's avatar
Xavier Guimard committed
52 53 54 55 56 57 58 59
        return PE_CERTIFICATEREQUIRED;
    }
}

sub authenticate {
    PE_OK;
}

60 61 62 63 64 65
sub setAuthSessionInfo {
    my ( $self, $req ) = @_;
    $req->{sessionInfo}->{authenticationLevel} = $self->conf->{SSLAuthnLevel};
    PE_OK;
}

Xavier Guimard's avatar
Xavier Guimard committed
66
sub getDisplayType {
Xavier Guimard's avatar
Xavier Guimard committed
67 68
    my ($self) = @_;
    return ( $self->{conf}->{sslByAjax} ? "sslform" : "logo" );
Xavier Guimard's avatar
Xavier Guimard committed
69 70
}

71 72 73 74
sub authLogout {
    PE_OK;
}

Xavier Guimard's avatar
Xavier Guimard committed
75
1;