Replace "?lmError=" by router path (#595)

cdeec009 · Yadd · a8f7e689 · cdeec009 · cdeec009 · cdeec009
Commit cdeec009 authored Mar 16, 2017 by Yadd
10 changed files
--- a/_example/etc/experimental/handler-nginx.conf
+++ b/_example/etc/experimental/handler-nginx.conf
@@ -12,8 +12,8 @@ log_format lm_combined '$remote_addr - $lmremote_user [$time_local] '
                    '"$http_referer" "$http_user_agent"';

 # Common error page and security parameters
-error_page 500 http://auth.__DNSDOMAIN__/?lmError=500;
-error_page 503 http://auth.__DNSDOMAIN__/?lmError=503;
+error_page 500 http://auth.__DNSDOMAIN__/lmerror/500;
+error_page 503 http://auth.__DNSDOMAIN__/lmerror/503;

 server {
    listen __VHOSTLISTEN__;

--- a/_example/etc/handler-apache2.4.conf
+++ b/_example/etc/handler-apache2.4.conf
@@ -20,9 +20,9 @@ PerlOptions +GlobalRequest
 PerlModule Lemonldap::NG::Handler

 # Common error page and security parameters
-ErrorDocument 403 http://auth.__DNSDOMAIN__/?lmError=403
-ErrorDocument 500 http://auth.__DNSDOMAIN__/?lmError=500
-ErrorDocument 503 http://auth.__DNSDOMAIN__/?lmError=503
+ErrorDocument 403 http://auth.__DNSDOMAIN__/lmerror/403
+ErrorDocument 500 http://auth.__DNSDOMAIN__/lmerror/500
+ErrorDocument 503 http://auth.__DNSDOMAIN__/lmerror/503

 <VirtualHost __VHOSTLISTEN__>
    ServerName reload.__DNSDOMAIN__

--- a/_example/etc/handler-apache2.X.conf
+++ b/_example/etc/handler-apache2.X.conf
@@ -20,9 +20,9 @@ PerlOptions +GlobalRequest
 PerlModule Lemonldap::NG::Handler

 # Common error page and security parameters
-ErrorDocument 403 http://auth.__DNSDOMAIN__/?lmError=403
-ErrorDocument 500 http://auth.__DNSDOMAIN__/?lmError=500
-ErrorDocument 503 http://auth.__DNSDOMAIN__/?lmError=503
+ErrorDocument 403 http://auth.__DNSDOMAIN__/lmerror/403
+ErrorDocument 500 http://auth.__DNSDOMAIN__/lmerror/500
+ErrorDocument 503 http://auth.__DNSDOMAIN__/lmerror/503

 <VirtualHost __VHOSTLISTEN__>
    ServerName reload.__DNSDOMAIN__

--- a/_example/etc/handler-apache2.conf
+++ b/_example/etc/handler-apache2.conf
@@ -20,9 +20,9 @@ PerlOptions +GlobalRequest
 PerlModule Lemonldap::NG::Handler

 # Common error page and security parameters
-ErrorDocument 403 http://auth.__DNSDOMAIN__/?lmError=403
-ErrorDocument 500 http://auth.__DNSDOMAIN__/?lmError=500
-ErrorDocument 503 http://auth.__DNSDOMAIN__/?lmError=503
+ErrorDocument 403 http://auth.__DNSDOMAIN__/lmerror/403
+ErrorDocument 500 http://auth.__DNSDOMAIN__/lmerror/500
+ErrorDocument 503 http://auth.__DNSDOMAIN__/lmerror/503

 <VirtualHost __VHOSTLISTEN__>
    ServerName reload.__DNSDOMAIN__

--- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/PSGI.pm
+++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/PSGI.pm
@@ -145,7 +145,7 @@ sub _authAndTrace {
    }
    else {
        my %h = $req->{respHeaders} ? @{ $req->{respHeaders} } : ();
-        my $s = $type->tsv->{portal}->() . "?lmError=$res";
+        my $s = $type->tsv->{portal}->() . "/lmerror/$res";
        $s =
            '<html><head><title>Redirection</title></head><body>'
          . qq{<script type="text/javascript">window.location='$s'</script>}

--- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/SecureToken.pm
+++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/SecureToken.pm
@@ -227,7 +227,7 @@ sub _returnError {
    # Redirect or Forbidden?
    if ( $class->tsv->{useRedirectOnError} ) {
        $class->logger->debug("Use redirect for error");
-        return $class->goToPortal( '/', 'lmError=500' );
+        return $class->goToError( '/', 500 );
    }

    else {

--- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm
+++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm
@@ -91,7 +91,7 @@ sub run {

        if ( $class->tsv->{useRedirectOnError} ) {
            $class->logger->debug("Go to portal with maintenance error code");
-            return $class->goToPortal( '/', 'lmError=' . $class->MAINTENANCE );
+            return $class->goToError( '/', $class->MAINTENANCE );
        }
        else {
            $class->logger->debug("Return maintenance error code");
@@ -294,7 +294,7 @@ sub forbidden {
    # Redirect or Forbidden?
    if ( $class->tsv->{useRedirectOnForbidden} ) {
        $class->logger->debug("Use redirect for forbidden access");
-        return $class->goToPortal( $uri, 'lmError=403' );
+        return $class->goToError( $uri, 403 );
    }
    else {
        $class->logger->debug("Return forbidden access");
@@ -344,6 +344,17 @@ sub goToPortal {
    return $class->REDIRECT;
 }

+sub goToError {
+    my ( $class, $url, $code ) = @_;
+    my $urlc_init = $class->encodeUrl($url);
+    $class->logger->debug(
+        "Redirect " . $class->remote_ip . " to lmError (url was $url)" );
+    $class->set_header_out( 'Location' => $class->tsv->{portal}->()
+          . "/lmerror/$code"
+          . "?url=$urlc_init" );
+    return $class->REDIRECT;
+}
+
 ## @rmethod protected fetchId()
 # Get user cookies and search for Lemonldap::NG cookie.
 # @return Value of the cookie if found, 0 else
@@ -563,7 +574,7 @@ sub abort {
        # Redirect or die
        if ( $class->tsv->{useRedirectOnError} ) {
            $class->logger->debug("Use redirect for error");
-            return $class->goToPortal( $uri, 'lmError=500' );
+            return $class->goToError( $uri, 500 );
        }
        else {
            return $class->SERVER_ERROR;

--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm
@@ -36,26 +36,6 @@ sub display {
    my $skin_dir = $self->conf->{templatesDir};
    my ( $skinfile, %templateParams );

-    # 0. Display error page
-    if ( my $http_error = $req->param('lmError') ) {
-
-        $skinfile = 'error';
-
-        # Check URL
-        $self->controlUrl($req);
-
-        %templateParams = (
-            LOGOUT_URL => $self->conf->{portal} . "?logout=1",
-            URL        => $req->{urldc},
-        );
-
-        # Error code
-        foreach ( 403, 500, 503 ) {
-            $templateParams{"ERROR$_"} = ( $http_error == $_ ? 1 : 0 );
-        }
-
-    }
-
    # 1. Authentication not complete

    # 1.1 A notification has to be done (session is created but hidden and

--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm
@@ -109,10 +109,14 @@ sub init {
      ->addUnauthRoute( 'psgi.js' => 'sendJs', ['GET'] )
      ->addAuthRoute( 'psgi.js' => 'sendJs', ['GET'] )

-      # psgi.js
+      # portal.css
      ->addUnauthRoute( 'portal.css' => 'sendCss', ['GET'] )
      ->addAuthRoute( 'portal.css' => 'sendCss', ['GET'] )

+      # lmerror
+      ->addUnauthRoute( lmerror => { ':code' => 'lmError' }, ['GET'] )
+      ->addAuthRoute( lmerror => { ':code' => 'lmError' }, ['GET'] )
+
      # Core REST API
      ->addUnauthRoute( ping => 'pleaseAuth', ['GET'] )
      ->addAuthRoute( ping => 'authenticated', ['GET'] )

--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
@@ -259,7 +259,7 @@ sub autoRedirect {
      if ( $req->mustRedirect and not( $req->info ) );

    # Redirection should be made if urldc defined
-    if ( $req->{urldc} and not $req->param('lmError') ) {
+    if ( $req->{urldc} ) {
        if ( $self->_jsRedirect->() ) {
            $req->error(PE_REDIRECT);
            $req->datas->{redirectFormMethod} = "get";
@@ -734,6 +734,24 @@ sub sendCss {
    ];
 }

+sub lmError {
+    my ( $self, $req ) = @_;
+    my $httpError = $req->param('code');
+
+    # Check URL
+    $self->controlUrl($req);
+
+    my %templateParams = (
+        LOGOUT_URL => $self->conf->{portal} . "?logout=1",
+        URL        => $req->{urldc},
+    );
+
+    # Error code
+    $templateParams{"ERROR$_"} = ( $httpError == $_ ? 1 : 0 )
+      foreach ( 403, 500, 503 );
+    return $self->sendHtml( $req, 'error', params => \%templateParams );
+}
+
 sub rebuildCookies {
    my ( $self, $req ) = @_;
    my @tmp;