Commit 5b2363b9 authored by Yadd's avatar Yadd
Browse files

perltidy

parent b2a450f6
......@@ -78,7 +78,6 @@ portalDisplayResetPassword = 0
https = 0
[manager]
dhtmlXTreeImageLocation = /imgs/
;protection = authenticate
[apply]
......
......@@ -69,33 +69,27 @@ sub confUpload {
if ( $test->{keyTest} ) {
( $res, $m ) = $self->applyTest( $test->{keyTest}, $name );
unless ($res) {
$res->{errors}->{$name} = "Value \"$name\" rejected: "
. ( $m || $test->{keyMsgFail} );
$res->{errors}->{$name} = $m || $test->{keyMsgFail};
next;
}
}
if ( $test->{test} ) {
( $res, $m ) = $self->applyTest( $test->{test}, $value );
unless ($res) {
$res->{errors}->{$name} =
"Value of key \"$name\" rejected: "
. ( $m || $test->{msgFail} );
$res->{errors}->{$name} = $m || $test->{msgFail};
next;
}
}
if ( $test->{warnKeyTest} ) {
( $res, $m ) = $self->applyTest( $test->{warnKeyTest}, $name );
unless ($res) {
$res->{warnings}->{$name} = "Warning for value \"$name\": "
. ( $m || $test->{keyMsgWarn} );
$res->{warnings}->{$name} = $m || $test->{keyMsgWarn};
}
}
if ( $test->{warnTest} ) {
( $res, $m ) = $self->applyTest( $test->{warnTest}, $value );
unless ($res) {
$res->{warnings}->{$name} =
"Warning for the value of key \"$name\": "
. ( $m || $test->{keyMsgWarn} );
$res->{warnings}->{$name} = $m || $test->{keyMsgWarn};
}
}
}
......@@ -134,8 +128,8 @@ sub confUpload {
my $i=0;
while ( my ( $type, $h ) = each %$res ) {
$buf .= ',' if($i);
$buf .= "$type:{";
$buf .= join( ',', map { "$_:$h->{$_}" } keys %$h );
$buf .= "'$type':{";
$buf .= join( ',', map { "'$_':'$h->{$_}'" } keys %$h );
$buf .= '}';
$i++;
}
......
......@@ -19,9 +19,7 @@ sub authInit {
# require Perl module
eval { require AuthCAS };
if ($@) {
$self->lmLog(
"Module AuthCAS not found in @INC",
'error' );
$self->lmLog( "Module AuthCAS not found in @INC", 'error' );
return PE_ERROR;
}
......
......@@ -15,15 +15,16 @@ our $VERSION = '0.1';
#@return Lemonldap::NG::Portal constant
sub authInit {
my $self = shift;
unless ( $self->{dbiAuthChain}
unless ($self->{dbiAuthChain}
and $self->{dbiAuthTable}
and $self->{dbiAuthUser}
and $self->{dbiAuthPassword}
and $self->{dbiAuthLoginCol}
and $self->{dbiAuthPasswordCol}
) {
$self->lmLog("Missing configuration parameters for DBI authentication", 'error');
return PE_ERROR;
and $self->{dbiAuthPasswordCol} )
{
$self->lmLog( "Missing configuration parameters for DBI authentication",
'error' );
return PE_ERROR;
}
PE_OK;
......@@ -36,35 +37,46 @@ sub authenticate {
my $self = shift;
# Connect
my $dbh = $self->dbh( $self->{dbiAuthChain}, $self->{dbiAuthUser}, $self->{dbiAuthPassword} );
my $dbh =
$self->dbh( $self->{dbiAuthChain}, $self->{dbiAuthUser},
$self->{dbiAuthPassword} );
return PE_ERROR unless $dbh;
# Check credentials
my $table = $self->{dbiAuthTable};
my $loginCol = $self->{dbiAuthLoginCol};
my $table = $self->{dbiAuthTable};
my $loginCol = $self->{dbiAuthLoginCol};
my $passwordCol = $self->{dbiAuthPasswordCol};
my $user = $self->{user};
my $user = $self->{user};
my $password;
# Manage password hash
if ( $self->{dbiAuthPasswordHash} =~ /^(md5|sha|sha1)$/i ) {
$self->lmLog( "Using ".uc($self->{dbiAuthPasswordHash})." to hash password", 'debug' );
$password = uc($self->{dbiAuthPasswordHash})."('".$self->{password}."')";
} else {
$self->lmLog( "No valid password hash, using clear text for password", 'debug' );
$password = "'".$self->{password}."'";
$self->lmLog(
"Using " . uc( $self->{dbiAuthPasswordHash} ) . " to hash password",
'debug'
);
$password =
uc( $self->{dbiAuthPasswordHash} ) . "('" . $self->{password} . "')";
}
else {
$self->lmLog( "No valid password hash, using clear text for password",
'debug' );
$password = "'" . $self->{password} . "'";
}
my $sth = $dbh->prepare("SELECT $loginCol FROM $table WHERE $loginCol='$user' AND $passwordCol=$password");
my $sth = $dbh->prepare(
"SELECT $loginCol FROM $table WHERE $loginCol='$user' AND $passwordCol=$password"
);
$sth->execute();
my @rows = $sth->fetchrow_array();
if ($#rows eq 0) {
if ( $#rows eq 0 ) {
$self->lmLog( "One row returned by SQL query", 'debug' );
return PE_OK;
} else {
}
else {
$self->lmLog( "Bad password for $user", 'error' );
return PE_BADCREDENTIALS;
}
......
......@@ -241,16 +241,15 @@ sub process {
}
elsif ( $urldir eq $self->PC_LA_URLFT ) {
$self->{error} = $self->_subProcess(
qw( libertyFederationTermination autoRedirect ));
$self->{error} =
$self->_subProcess(qw( libertyFederationTermination autoRedirect ));
# federationTerminationReturn
}
elsif ( $urldir eq $self->PC_LA_URLFTR ) {
$self->{error} = $self->_subProcess(
qw( libertyFederationTerminationReturn autoRedirect )
);
qw( libertyFederationTerminationReturn autoRedirect ) );
# singleLogout : called when IDP request Logout.
}
......@@ -268,8 +267,7 @@ sub process {
}
elsif ( $urldir eq $self->PC_LA_URLSLR ) {
$self->{error} =
$self->_subProcess(qw( libertySingleLogoutReturn ));
$self->{error} = $self->_subProcess(qw( libertySingleLogoutReturn ));
# soapCall
}
......
......@@ -37,7 +37,8 @@ sub setAuthSessionInfo {
# Store user login for basic rules
$self->{sessionInfo}->{'_user'} = $self->{'user'};
# Store password (deleted in checkRemoteId() if local policy does not accept stored passwords)
# Store password (deleted in checkRemoteId() if local policy does not accept
#stored passwords)
$self->{sessionInfo}->{'_password'} = $self->{'password'};
PE_OK;
......
......@@ -16,7 +16,7 @@ use base ('Lemonldap::NG::Portal::SharedConf');
sub new {
my $class = shift;
my $self = $class->SUPER::new(@_);
my $self = $class->SUPER::new(@_);
$self->{cda} = 1;
return $self;
}
......
......@@ -10,7 +10,7 @@ use warnings;
require Lemonldap::NG::Common::CGI;
use Lemonldap::NG::Portal::SharedConf;
use XML::LibXML;
use Lemonldap::NG::Common::Safelib; #link protected safe Safe object
use Lemonldap::NG::Common::Safelib; #link protected safe Safe object
use Safe;
#inherits Net::LDAP::Control::PasswordPolicy
......@@ -106,21 +106,28 @@ sub new {
$self->{portalObject}->{'user'} =
$self->{portalObject}->{sessionInfo}->{'_user'};
# Password modification functions (TODO merge Menu.pm in Simple.pm to inherits those functions)
if ( exists $self->{portalObject}->{passwordDB} and $self->{portalObject}->{passwordDB} =~ /DBI/i ) {
# Password modification functions (TODO merge Menu.pm in Simple.pm to inherits those functions)
if ( exists $self->{portalObject}->{passwordDB}
and $self->{portalObject}->{passwordDB} =~ /DBI/i )
{
use Lemonldap::NG::Portal::PasswordDBDBI; #inherits
use Lemonldap::NG::Portal::_DBI; #link protected ldap Object used to change passwords only
*_modifyPassword = *Lemonldap::NG::Portal::PasswordDBDBI::modifyPassword;
*_passwordDBInit = *Lemonldap::NG::Portal::PasswordDBDBI::passwordDBInit;
} else {
*_modifyPassword =
*Lemonldap::NG::Portal::PasswordDBDBI::modifyPassword;
*_passwordDBInit =
*Lemonldap::NG::Portal::PasswordDBDBI::passwordDBInit;
}
else {
# Default to LDAP
use Lemonldap::NG::Portal::PasswordDBLDAP; #inherits
use Lemonldap::NG::Portal::_LDAP 'ldap'; #link protected ldap Object used to change passwords only
*_modifyPassword = *Lemonldap::NG::Portal::PasswordDBLDAP::modifyPassword;
*_passwordDBInit = *Lemonldap::NG::Portal::PasswordDBLDAP::passwordDBInit;
*_modifyPassword =
*Lemonldap::NG::Portal::PasswordDBLDAP::modifyPassword;
*_passwordDBInit =
*Lemonldap::NG::Portal::PasswordDBLDAP::passwordDBInit;
}
# Change password (only if newpassword submitted)
$self->{error} = &_passwordDBInit( $self->{portalObject} )
if $self->{portalObject}->{'newpassword'};
......
......@@ -6,7 +6,7 @@
package Lemonldap::NG::Portal::PasswordDBDBI;
use Lemonldap::NG::Portal::Simple;
use Lemonldap::NG::Portal::AuthDBI; #inherits
use Lemonldap::NG::Portal::AuthDBI; #inherits
use base qw(Lemonldap::NG::Portal::_DBI);
our $VERSION = '0.1';
......@@ -22,39 +22,55 @@ sub modifyPassword {
return PE_OK unless ( $self->{newpassword} );
# Verify confirmation password matching
return PE_PASSWORD_MISMATCH unless ( $self->{newpassword} eq $self->{confirmpassword} );
return PE_PASSWORD_MISMATCH
unless ( $self->{newpassword} eq $self->{confirmpassword} );
# Connect
my $dbh = $self->dbh( $self->{dbiAuthChain}, $self->{dbiAuthUser}, $self->{dbiAuthPassword} );
my $dbh =
$self->dbh( $self->{dbiAuthChain}, $self->{dbiAuthUser},
$self->{dbiAuthPassword} );
return PE_ERROR unless $dbh;
my $table = $self->{dbiAuthTable};
my $loginCol = $self->{dbiAuthLoginCol};
my $table = $self->{dbiAuthTable};
my $loginCol = $self->{dbiAuthLoginCol};
my $passwordCol = $self->{dbiAuthPasswordCol};
my $user = $self->{sessionInfo}->{_user};
my $user = $self->{sessionInfo}->{_user};
my $password;
# Check old passord
if ( $self->{oldpassword} ) {
# Manage password hash (TODO in _DBI.pm)
if ( $self->{dbiAuthPasswordHash} =~ /^(md5|sha|sha1)$/i ) {
$self->lmLog( "Using ".uc($self->{dbiAuthPasswordHash})." to hash password", 'debug' );
$password = uc($self->{dbiAuthPasswordHash})."('".$self->{oldpassword}."')";
} else {
$self->lmLog( "No valid password hash, using clear text for password", 'debug' );
$password = "'".$self->{oldpassword}."'";
$self->lmLog(
"Using "
. uc( $self->{dbiAuthPasswordHash} )
. " to hash password",
'debug'
);
$password =
uc( $self->{dbiAuthPasswordHash} ) . "('"
. $self->{oldpassword} . "')";
}
else {
$self->lmLog(
"No valid password hash, using clear text for password",
'debug' );
$password = "'" . $self->{oldpassword} . "'";
}
my $sth = $dbh->prepare("SELECT $loginCol FROM $table WHERE $loginCol='$user' AND $passwordCol=$password");
my $sth = $dbh->prepare(
"SELECT $loginCol FROM $table WHERE $loginCol='$user' AND $passwordCol=$password"
);
$sth->execute();
my @rows = $sth->fetchrow_array();
if ($#rows eq 0) {
if ( $#rows eq 0 ) {
$self->lmLog( "One row returned by SQL query", 'debug' );
} else {
}
else {
$self->lmLog( "Bad password for $user", 'error' );
return PE_BADOLDPASSWORD;
}
......@@ -63,15 +79,23 @@ sub modifyPassword {
# Modify password
# Manage password hash (TODO in _DBI.pm)
if ( $self->{dbiAuthPasswordHash} =~ /^(md5|sha|sha1)$/i ) {
$self->lmLog( "Using ".uc($self->{dbiAuthPasswordHash})." to hash password", 'debug' );
$password = uc($self->{dbiAuthPasswordHash})."('".$self->{newpassword}."')";
} else {
$self->lmLog( "No valid password hash, using clear text for password", 'debug' );
$password = "'".$self->{newpassword}."'";
$self->lmLog(
"Using " . uc( $self->{dbiAuthPasswordHash} ) . " to hash password",
'debug'
);
$password =
uc( $self->{dbiAuthPasswordHash} ) . "('"
. $self->{newpassword} . "')";
}
else {
$self->lmLog( "No valid password hash, using clear text for password",
'debug' );
$password = "'" . $self->{newpassword} . "'";
}
eval {
my $sth = $dbh->prepare("UPDATE $table SET $passwordCol=$password WHERE $loginCol='$user'");
my $sth = $dbh->prepare(
"UPDATE $table SET $passwordCol=$password WHERE $loginCol='$user'");
$sth->execute();
};
if ($@) {
......
......@@ -7,7 +7,7 @@ package Lemonldap::NG::Portal::SharedConf;
use strict;
use Lemonldap::NG::Portal::Simple qw(:all);
use Lemonldap::NG::Common::Conf; #link protected lmConf Configuration
use Lemonldap::NG::Common::Conf; #link protected lmConf Configuration
use Lemonldap::NG::Common::Conf::Constants; #inherits
*EXPORT_OK = *Lemonldap::NG::Portal::Simple::EXPORT_OK;
......@@ -39,7 +39,7 @@ sub getConf {
# Get global configuration
my $globalconf = $self->_getLmConf;
return 0 unless $globalconf;
return 0 unless $globalconf;
# Get local configuration
my $localconf = $self->_getLocalLmConf;
......@@ -49,8 +49,9 @@ sub getConf {
# 2/ Local file configuration
# 3/ Script embedded configuration
$self->{$_} = $args{$_} || $globalconf->{$_} foreach ( keys %$globalconf );
if ( $localconf ) {
$self->{$_} = $args{$_} || $localconf->{$_} foreach ( keys %$localconf );
if ($localconf) {
$self->{$_} = $args{$_} || $localconf->{$_}
foreach ( keys %$localconf );
}
1;
}
......@@ -90,7 +91,7 @@ sub _getLocalLmConf {
}
# Get local configuration parameters for portal
return $self->{lmConf}->getLocalConf( PORTALSECTION );
return $self->{lmConf}->getLocalConf(PORTALSECTION);
}
1;
......
......@@ -17,7 +17,7 @@ use CGI::Cookie;
require POSIX;
use Lemonldap::NG::Portal::_i18n; #inherits
use Lemonldap::NG::Common::Safelib; #link protected safe Safe object
use Lemonldap::NG::Common::Apache::Session ; #link protected session Apache::Session object
use Lemonldap::NG::Common::Apache::Session; #link protected session Apache::Session object
use Safe;
# Special comments for doxygen
......@@ -144,8 +144,8 @@ sub new {
# Push authentication/userDB/passwordDb/issuerDB modules in @ISA
foreach (qw(authentication userDB passwordDB issuerDB)) {
my $module_name = 'Lemonldap::NG::Portal::';
my $db_type = $_;
my $db_name = $self->{$db_type};
my $db_type = $_;
my $db_name = $self->{$db_type};
# Adapt module type to real module name
$db_type =~ s/authentication/Auth/;
......@@ -251,37 +251,44 @@ sub getConf {
# Set default values.
sub setDefaultValues {
my $self = shift;
$self->{whatToTrace} ||= 'uid';
$self->{whatToTrace} =~ s/^\$//;
$self->{httpOnly} = 1 unless ( defined ( $self->{httpOnly} ) );
$self->{portalSkin} ||= 'pastel';
$self->{portalDisplayLogout} = 1 unless ( defined ( $self->{portalDisplayLogout} ) );
$self->{portalDisplayResetPassword} = 1 unless ( defined ( $self->{portalDisplayResetPassword} ) );
$self->{portalDisplayChangePassword} = 1 unless ( defined ( $self->{portalDisplayChangePassword} ) );
$self->{portalDisplayAppslist} = 1 unless ( defined ( $self->{portalDisplayAppslist} ) );
$self->{portalAutocomplete} ||= "off";
$self->{portalRequireOldPassword} = 1 unless ( defined ( $self->{portalRequireOldPassword} ) );
$self->{portalUserAttr} ||= "_user";
$self->{securedCookie} ||= 0;
$self->{cookieName} ||= "lemonldap";
$self->{authentication} ||= 'LDAP';
$self->{authentication} =~ s/^ldap/LDAP/;
$self->{SMTPServer} ||= 'localhost';
$self->{mailLDAPFilter} ||= '(&(mail=$mail)(objectClass=inetOrgPerson))';
$self->{randomPasswordRegexp} ||= '[A-Z]{3}[a-z]{5}.\d{2}';
$self->{mailFrom} ||= "noreply@" . $self->{domain};
$self->{mailSubject} ||= "Change password request";
$self->{mailBody} ||= 'Your new password is $password';
$self->{issuerDB} ||= 'Null';
$self->{whatToTrace} ||= 'uid';
$self->{whatToTrace} =~ s/^\$//;
$self->{httpOnly} = 1 unless ( defined( $self->{httpOnly} ) );
$self->{portalSkin} ||= 'pastel';
$self->{portalDisplayLogout} = 1
unless ( defined( $self->{portalDisplayLogout} ) );
$self->{portalDisplayResetPassword} = 1
unless ( defined( $self->{portalDisplayResetPassword} ) );
$self->{portalDisplayChangePassword} = 1
unless ( defined( $self->{portalDisplayChangePassword} ) );
$self->{portalDisplayAppslist} = 1
unless ( defined( $self->{portalDisplayAppslist} ) );
$self->{portalAutocomplete} ||= "off";
$self->{portalRequireOldPassword} = 1
unless ( defined( $self->{portalRequireOldPassword} ) );
$self->{portalUserAttr} ||= "_user";
$self->{securedCookie} ||= 0;
$self->{cookieName} ||= "lemonldap";
$self->{authentication} ||= 'LDAP';
$self->{authentication} =~ s/^ldap/LDAP/;
$self->{SMTPServer} ||= 'localhost';
$self->{mailLDAPFilter} ||= '(&(mail=$mail)(objectClass=inetOrgPerson))';
$self->{randomPasswordRegexp} ||= '[A-Z]{3}[a-z]{5}.\d{2}';
$self->{mailFrom} ||= "noreply@" . $self->{domain};
$self->{mailSubject} ||= "Change password request";
$self->{mailBody} ||= 'Your new password is $password';
$self->{issuerDB} ||= 'Null';
# Set default userDB and passwordDB to DBI if authentication is DBI
if ( $self->{authentication} =~ /DBI/i ) {
$self->{userDB} ||= "DBI";
$self->{passwordDB} ||= "DBI";
} else {
$self->{userDB} ||= "DBI";
$self->{passwordDB} ||= "DBI";
}
else {
# Default to LDAP
$self->{userDB} ||= "LDAP";
$self->{passwordDB} ||= "LDAP";
$self->{userDB} ||= "LDAP";
$self->{passwordDB} ||= "LDAP";
}
}
......@@ -667,7 +674,8 @@ sub checkNotifBack {
}
else {
$self->{error} = $self->_subProcess(
qw(checkNotification issuerForAuthUser issuerLogout autoRedirect));
qw(checkNotification issuerForAuthUser issuerLogout autoRedirect)
);
return $self->{error} || PE_DONE;
}
}
......@@ -857,28 +865,30 @@ sub removeOther {
{
tied(%$h)->delete();
$self->lmLog( "Deleting session $id", 'debug' );
eval {
$self->{lmConf}->{refLocalStorage}->remove($id);
#$Lemonldap::NG::Handler::Simple::refLocalStorage->remove($id);
};
eval {
$self->{lmConf}->{refLocalStorage}->remove($id);
#$Lemonldap::NG::Handler::Simple::refLocalStorage->remove($id);
};
}
}
}
if ( $self->{singleUserByIP} ) {
my $sessions =
$self->{globalStorage}->searchOn( $self->{globalStorageOptions},
$self->{ipAddr},
$ENV{REMOTE_ADDR} );
$self->{ipAddr}, $ENV{REMOTE_ADDR} );
foreach my $id ( keys %$sessions ) {
my $h = $self->getApacheSession($id);
unless ( $self->{sessionInfo}->{ $self->{whatToTrace} } eq $h->{ $self->{whatToTrace} } )
unless ( $self->{sessionInfo}->{ $self->{whatToTrace} } eq
$h->{ $self->{whatToTrace} } )
{
tied(%$h)->delete();
$self->lmLog( "Deleting session $id", 'debug' );
eval {
$self->{lmConf}->{refLocalStorage}->remove($id);
#$Lemonldap::NG::Handler::Simple::refLocalStorage->remove($id);
};
eval {
$self->{lmConf}->{refLocalStorage}->remove($id);
#$Lemonldap::NG::Handler::Simple::refLocalStorage->remove($id);
};
}
}
}
......
......@@ -40,16 +40,21 @@ sub setSessionInfo {
my $self = shift;
# Return if no data to collect
return PE_OK unless ( $self->{exportedVars} and ref( $self->{exportedVars} ) eq 'HASH' );
return PE_OK
unless ( $self->{exportedVars}
and ref( $self->{exportedVars} ) eq 'HASH' );
# Connect
my $dbh = $self->dbh( $self->{dbiUserChain}, $self->{dbiUserUser}, $self->{dbiUserPassword} );
my $dbh =
$self->dbh( $self->{dbiUserChain}, $self->{dbiUserUser},
$self->{dbiUserPassword} );
return PE_ERROR unless $dbh;
my $table = $self->{dbiUserTable};
my $pivot = $self->{userPivot};
my $sth = $dbh->prepare("SELECT * FROM $table WHERE $pivot='".$self->{user}."'");
my $sth = $dbh->prepare(
"SELECT * FROM $table WHERE $pivot='" . $self->{user} . "'" );
$sth->execute();
......@@ -57,7 +62,8 @@ sub setSessionInfo {
foreach ( keys %{ $self->{exportedVars} } ) {
if ( exists $result->{ $self->{exportedVars}->{$_} } ) {
$self->{sessionInfo}->{$_} = $result->{ $self->{exportedVars}->{$_} };
$self->{sessionInfo}->{$_} =
$result->{ $self->{exportedVars}->{$_} };
}
}