Commit 1e7b2c4a authored by Xavier Guimard's avatar Xavier Guimard

Add LWP options (closes: #1065)

parent c702ba76
package Lemonldap::NG::Common::Apache::Session::REST;
use strict;
use LWP::UserAgent;
use Lemonldap::NG::Common::UserAgent;
use JSON qw(from_json to_json);
our $VERSION = '2.0.0';
......@@ -91,7 +91,7 @@ sub DESTROY {
sub ua {
my ($self) = @_;
return $self->{ua} if ( $self->{ua} );
my $ua = LWP::UserAgent->new( %{ $self->{lwpOpts} || {} } );
my $ua = Lemonldap::NG::Common::UserAgent->new( $self->{lwpOpts} );
if ( $self->{user} ) {
my $url = $self->{baseUrl};
my $port = ( $url =~ /^https/ ? 443 : 80 );
......
package Lemonldap::NG::Common::Conf::Backends::REST;
use strict;
use LWP::UserAgent;
use Lemonldap::NG::Common::UserAgent;
use JSON qw(from_json to_json);
our $VERSION = '2.0.0';
......@@ -26,7 +26,7 @@ sub prereq {
sub ua {
my ($self) = @_;
return $self->{ua} if ( $self->{ua} );
my $ua = LWP::UserAgent->new( %{ $self->{lwpOpts} || {} } );
my $ua = Lemonldap::NG::Common::UserAgent->new();
if ( $self->{user} ) {
my $url = $self->{baseUrl};
my $port = ( $url =~ /^https/ ? 443 : 80 );
......
......@@ -23,7 +23,7 @@ use constant HANDLERSECTION => "handler";
use constant MANAGERSECTION => "manager";
use constant SESSIONSEXPLORERSECTION => "sessionsExplorer";
use constant APPLYSECTION => "apply";
our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wpSslOpt)|(?:(?:d(?:emo|bi)|facebook|webID)ExportedVa|exported(?:Heade|Va))r|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|c(?:as(?:StorageOption|Attribute)|ombModule)|re(?:moteGlobalStorageOption|loadUrl)|CAS_proxiedService|macro)s|o(?:idc(?:RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node)|S(?:erviceMetaDataAuthnContext|torageOptions))|penIdExportedVars)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|a(?:uthChoiceModules|pplicationList)|v(?:hostOptions|irtualHost))$/;
our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|facebook|webID)ExportedVa|exported(?:Heade|Va))r|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|c(?:as(?:StorageOption|Attribute)|ombModule)|re(?:moteGlobalStorageOption|loadUrl)|CAS_proxiedService|macro)s|o(?:idc(?:RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node)|S(?:erviceMetaDataAuthnContext|torageOptions))|penIdExportedVars)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|a(?:uthChoiceModules|pplicationList)|v(?:hostOptions|irtualHost))$/;
our @sessionTypes = ( 'remoteGlobal', 'cas', 'global', 'localSession', 'persistent', 'saml', 'oidc' );
......
......@@ -20,7 +20,7 @@ our $specialNodeHash = {
};
our $doubleHashKeys = 'issuerDBGetParameters';
our $simpleHashKeys = '(?:(?:l(?:o(?:calSessionStorageOption|goutService)|dapExportedVar|wpSslOpt)|(?:(?:d(?:emo|bi)|facebook|webID)E|e)xportedVar|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|c(?:as(?:StorageOption|Attribute)|ombModule)|p(?:ersistentStorageOption|ortalSkinRule)|re(?:moteGlobalStorageOption|loadUrl)|CAS_proxiedService|macro)s|o(?:idcS(?:erviceMetaDataAuthnContext|torageOptions)|penIdExportedVars)|s(?:(?:amlStorageOption|laveExportedVar)s|essionDataToRemember)|a(?:uthChoiceModules|pplicationList))';
our $simpleHashKeys = '(?:(?:l(?:o(?:calSessionStorageOption|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|facebook|webID)E|e)xportedVar|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|c(?:as(?:StorageOption|Attribute)|ombModule)|p(?:ersistentStorageOption|ortalSkinRule)|re(?:moteGlobalStorageOption|loadUrl)|CAS_proxiedService|macro)s|o(?:idcS(?:erviceMetaDataAuthnContext|torageOptions)|penIdExportedVars)|s(?:(?:amlStorageOption|laveExportedVar)s|essionDataToRemember)|a(?:uthChoiceModules|pplicationList))';
our $specialNodeKeys = '(?:(?:saml(?:ID|S)|oidc[OR])PMetaDataNode|virtualHost)s';
our $oidcOPMetaDataNodeKeys = 'oidcOPMetaData(?:Options(?:C(?:lient(?:Secret|ID)|heckJWTSignature|onfigurationURI)|TokenEndpointAuthMethod|(?:JWKSTimeou|Promp)t|I(?:DTokenMaxAge|con)|S(?:toreIDToken|cope)|U(?:iLocales|seNonce)|Display(?:Name)?|AcrValues|MaxAge)|ExportedVars|J(?:SON|WKS))';
our $oidcRPMetaDataNodeKeys = 'oidcRPMetaData(?:Options(?:I(?:DToken(?:Expiration|SignAlg)|con)|(?:RedirectUri|ExtraClaim)s|AccessTokenExpiration|Client(?:Secret|ID)|BypassConsent|DisplayName|UserIDAttr)|ExportedVars)';
......
package Lemonldap::NG::Common::UserAgent;
use LWP::UserAgent;
sub new {
my ( $class, $conf ) = @_;
my $opts = $conf->{lwpOpts} || {};
$opts->{ssl_opts} = $conf->{lwpSslOpts} if ( $conf->{lwpSslOpts} );
my $ua = LWP::UserAgent->new(%$opts);
push @{ $ua->requests_redirectable }, 'POST';
return $ua;
}
1;
......@@ -1294,6 +1294,9 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
'default' => {},
'type' => 'keyTextContainer'
},
'lwpOpts' => {
'type' => 'keyTextContainer'
},
'lwpSslOpts' => {
'type' => 'keyTextContainer'
},
......
......@@ -558,10 +558,14 @@ sub attributes {
default => 'uid',
documentation => 'Session parameter used to fill REMOTE_USER',
},
lwpSslOpts => {
lwpOpts => {
type => 'keyTextContainer',
documentation => 'Options given to LWP::UserAgent',
},
lwpSslOpts => {
type => 'keyTextContainer',
documentation => 'SSL options given to LWP::UserAgent',
},
# History
failedLoginNumber => {
......
......@@ -593,6 +593,7 @@ sub tree {
'trustedDomains',
'useSafeJail',
'checkXSS',
'lwpOpts',
'lwpSslOpts',
{
title => 'contentSecurityPolicy',
......
......@@ -10,6 +10,7 @@ use 5.10.0;
use utf8;
use Mouse;
use Lemonldap::NG::Common::Conf::Constants;
use Lemonldap::NG::Common::UserAgent;
use Crypt::OpenSSL::RSA;
use Convert::PEM;
use URI::URL;
......@@ -26,8 +27,11 @@ our $VERSION = '2.0.0';
use constant defaultRoute => 'manager.html';
has ua => ( is => 'rw' );
sub addRoutes {
my ( $self, $conf ) = @_;
$self->ua(Lemonldap::NG::Common::UserAgent->new($conf));
# HTML template
$self->addRoute( 'manager.html', undef, ['GET'] )
......@@ -125,11 +129,9 @@ sub prx {
unless ( $query->{url} );
return $self->sendError( $req, 'Bad parameter', 400 )
unless ( $query->{url} =~ m#^(?:f|ht)tps?://\w# );
require LWP::UserAgent;
my $ua = new LWP::UserAgent();
$ua->timeout(10);
$self->ua->timeout(10);
my $response = $ua->get( $query->{url} );
my $response = $self->ua->get( $query->{url} );
unless ( $response->code == 200 ) {
return $self->sendError( $req,
$response->code . " (" . $response->message . ")", 400 );
......@@ -329,10 +331,7 @@ sub applyConf {
}
return {} unless (%reloadUrls);
# Create user agent
require LWP::UserAgent;
my $ua = new LWP::UserAgent( requests_redirectable => [] );
$ua->timeout(3);
$self->ua->timeout(3);
# Parse apply values
while ( my ( $host, $request ) = each %reloadUrls ) {
......@@ -351,7 +350,7 @@ sub applyConf {
}
}
my $response = $ua->request($r);
my $response = $self->ua->request($r);
if ( $response->code != 200 ) {
$status->{$host} =
"Error " . $response->code . " (" . $response->message . ")";
......
......@@ -312,6 +312,7 @@
"logout": "Logout",
"logoutServices": "Logout forward",
"logParams": "Logs",
"lwpOpts": "Options for server requests",
"lwpSslOpts": "SSL options for server requests",
"macros": "Macros",
"mailBody": "Success mail content",
......
......@@ -312,6 +312,7 @@
"logout": "Déconnexion",
"logoutServices": "Transfert de la déconnexion",
"logParams": "Journalisation",
"lwpOpts": "Options pour les requêtes serveur",
"lwpSslOpts": "Options SSL pour les requêtes serveur",
"macros": "Macros",
"mailBody": "Contenu du message de succès",
......
......@@ -4,6 +4,7 @@ use strict;
use Mouse;
use Lemonldap::NG::Common::FormEncode;
use Lemonldap::NG::Common::Regexp;
use Lemonldap::NG::Common::UserAgent;
use Cache::FileCache;
use Lemonldap::NG::Portal::Main::Constants qw(
PE_BADCREDENTIALS
......@@ -49,7 +50,7 @@ has ua => (
builder => sub {
# TODO : LWP options to use a proxy for example
my $ua = LWP::UserAgent->new();
my $ua = Lemonldap::NG::Common::UserAgent->new( $_[0]->{conf} );
return $ua;
}
);
......
......@@ -3,7 +3,7 @@ package Lemonldap::NG::Portal::Auth::Yubikey;
use strict;
use Mouse;
use JSON;
use LWP::UserAgent;
use Lemonldap::NG::Common::UserAgent;
use HTTP::Request;
use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_ERROR PE_FORMEMPTY);
......
......@@ -2,6 +2,7 @@ package Lemonldap::NG::Portal::Lib::CAS;
use strict;
use Mouse;
use Lemonldap::NG::Common::UserAgent;
our $VERSION = '2.0.0';
......@@ -14,8 +15,7 @@ has ua => (
builder => sub {
# TODO : LWP options to use a proxy for example
my $ua = LWP::UserAgent->new();
push @{ $ua->requests_redirectable }, 'POST';
my $ua = Lemonldap::NG::Common::UserAgent->new( $_[0]->{conf} );
$ua->env_proxy();
return $ua;
}
......
......@@ -13,7 +13,7 @@ use Digest::SHA
sha512 sha256_base64 sha384_base64 sha512_base64/;
use JSON;
use Lemonldap::NG::Common::FormEncode;
use LWP::UserAgent;
use Lemonldap::NG::Common::UserAgent;
use MIME::Base64 qw/encode_base64 decode_base64/;
use Mouse;
......@@ -44,8 +44,7 @@ has ua => (
builder => sub {
# TODO : LWP options to use a proxy for example
my $ua = LWP::UserAgent->new();
push @{ $ua->requests_redirectable }, 'POST';
my $ua = Lemonldap::NG::Common::UserAgent->new($_[0]->{conf});
$ua->env_proxy();
return $ua;
}
......
......@@ -3,7 +3,7 @@ package Lemonldap::NG::Portal::Lib::RESTProxy;
use strict;
use JSON;
use Mouse;
use LWP::UserAgent;
use Lemonldap::NG::Common::UserAgent;
use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_ERROR PE_BADCREDENTIALS);
use Lemonldap::NG::Common::FormEncode;
......@@ -19,7 +19,7 @@ sub init {
$self->conf->{proxySessionService} ||=
$self->conf->{proxyAuthService} . '/mysession';
$self->conf->{proxySessionService} =~ s#/*$##;
$self->ua( LWP::UserAgent->new );
$self->ua( Lemonldap::NG::Common::UserAgent->new( $self->conf ) );
$self->ua->default_header( Accept => 'application/json' );
unless ( defined $self->conf->{proxyAuthService} ) {
......
......@@ -4,7 +4,7 @@ use strict;
use Mouse;
use Lemonldap::NG::Common::Conf::SAML::Metadata;
use Lemonldap::NG::Common::Session;
use LWP::UserAgent;
use Lemonldap::NG::Common::UserAgent;
use XML::Simple;
use MIME::Base64;
use String::Random;
......@@ -34,8 +34,7 @@ has ua => (
builder => sub {
# TODO : LWP options to use a proxy for example
my $ua = LWP::UserAgent->new();
push @{ $ua->requests_redirectable }, 'POST';
my $ua = Lemonldap::NG::Common::UserAgent->new( $_[0]->{conf} );
$ua->env_proxy();
return $ua;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment