Commit a09af344 authored by Xavier Guimard's avatar Xavier Guimard

Missing $req in updatePersistentSession calls (fixes: #1319)

parent 42148200
......@@ -162,12 +162,12 @@ sub openIDServer {
return 1;
}
elsif ( $req->param("confirm") and $req->param("confirm") == 1 ) {
$self->p->updatePersistentSession(
$self->p->updatePersistentSession( $req,
{ "_openidTrust$trust_root" => 1 } );
return 1;
}
elsif ( $req->param("confirm") and $req->param("confirm") == -1 ) {
$self->p->updatePersistentSession(
$self->p->updatePersistentSession( $req,
{ "_openidTrust$trust_root" => 0 } );
return 0;
}
......
......@@ -384,15 +384,17 @@ sub run {
}
# Check prompt parameter
$ask_for_consent = 1 if ( $prompt =~ /\bconsent\b/ );
$ask_for_consent = 1
if ( $prompt and $prompt =~ /\bconsent\b/ );
}
if ($ask_for_consent) {
if ( $req->param('confirm')
and $req->param('confirm') == 1 )
{
$self->p->updatePersistentSession(
$self->p->updatePersistentSession( $req,
{ "_oidc_consent_time_$rp" => time } );
$self->p->updatePersistentSession(
$req,
{
"_oidc_consent_scope_$rp" =>
$oidc_request->{'scope'}
......
......@@ -793,7 +793,7 @@ sub run {
# Update session
$self->logger->debug("Save Lasso identity in session");
$self->updatePersistentSession(
$self->updatePersistentSession( $req,
{ _lassoIdentityDump => $login->get_identity->dump },
undef, $session_id );
}
......
......@@ -24,7 +24,7 @@ sub sregHook {
$h{$_} = undef foreach (
qw(fullname nickname language postcode timezone country gender email dob)
);
$self->p->updatePersistentSession( \%h );
$self->p->updatePersistentSession( $req, \%h );
return 0;
}
......@@ -166,7 +166,7 @@ sub sregHook {
$ag{$k} = 0;
}
}
$self->p->updatePersistentSession( \%toStore ) if (%toStore);
$self->p->updatePersistentSession( $req, \%toStore ) if (%toStore);
# Check if user has agreed request
if ($accepted) {
......
......@@ -185,7 +185,33 @@ ok(
'Test if user is reject on SP'
);
count(1);
expectRedirection( $res, qr#^http://auth.op.com/oauth2/authorize# );
( $url, $query ) =
expectRedirection( $res, qr#^http://auth.op.com(/oauth2/authorize)\?(.*)$# );
# Test if consent was saved
# -------------------------
# Push request to OP
switch ('op');
ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ),
"Push request to OP, endpoint $url" );
count(1);
expectOK($res);
# Try to authenticate to OP
$query = "user=french&password=french&$query";
ok(
$res = $op->_post(
$url,
IO::String->new($query),
accept => 'text/html',
length => length($query),
),
"Post authentication, endpoint $url"
);
count(1);
$idpId = expectCookie($res);
expectRedirection( $res, qr#^http://auth.rp.com/# );
#print STDERR Dumper($res);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment