Commit 069d7605 authored by Xavier Guimard's avatar Xavier Guimard

Repair LDAP + add register (#595)

parent 095c0cc8
......@@ -27,7 +27,8 @@ sub authenticate {
}
my $res =
$self->userBind( $req->datas->{dn}, password => $req->datas->{password} );
$self->userBind( $req, $req->datas->{dn},
password => $req->datas->{password} );
# Remember password if password reset needed
$req->datas->{oldpassword} = $self->{password}
......
......@@ -162,6 +162,7 @@ sub loadPP {
# @return Lemonldap::NG portal error code
sub userBind {
my $self = shift;
my $req = shift;
if ( $self->{conf}->{ldapPpolicyControl} ) {
......@@ -214,17 +215,11 @@ sub userBind {
}
if ( $resp->time_before_expiration ) {
die 'TODO: change this by JS conversion';
$self->{portal}->info(
$req,
"<h3>"
. sprintf(
$self->{portal}->msg(PM_PP_EXP_WARNING),
$self->{portal}
->convertSec( $resp->time_before_expiration )
)
. "</h3>"
);
$self->{portal}->info( $req,
'<h3 trspan="authRemaining,'
. $self->{portal}
->convertSec( $resp->time_before_expiration )
. '"></h3>' );
}
return PE_OK;
......
package Lemonldap::NG::Portal::Register::LDAP;
use strict;
use Mouse;
use Lemonldap::NG::Portal::Lib::LDAP;
use Lemonldap::NG::Portal::Main::Constants qw(
PE_LDAPCONNECTFAILED
PE_LDAPERROR
PE_OK
);
extends 'Lemonldap::NG::Portal::UserDB::LDAP';
our $VERSION = '2.0.0';
# RUNNING METHODS
sub init {
my ($self) = @_;
}
# Compute a login from register infos
# @result Lemonldap::NG::Portal constant
sub computeLogin {
my ( $self, $req ) = @_;
return PE_LDAPCONNECTFAILED unless $self->ldap and $self->bind();
# Get first letter of firstname and lastname
my $login =
substr( lc $req->datas->{registerInfo}->{firstname}, 0, 1 )
. lc $req->datas->{registerInfo}->{lastname};
my $finalLogin = $login;
# The uid must be unique
my $i = 0;
while ( $self->isLoginUsed($finalLogin) ) {
$i++;
$finalLogin = $login . $i;
}
$req->datas->{registerInfo}->{login} = $finalLogin;
return PE_OK;
}
## @method int createUser
# Do nothing
# @result Lemonldap::NG::Portal constant
sub createUser {
my ( $self, $req ) = @_;
# LDAP connection has been verified by computeLogin
my $mesg = $self->ldap->add(
"uid=" . $req->datas->{registerInfo}->{login} . "," . $self->conf->{ldapBase},
attrs => [
objectClass => [qw/top person organizationalPerson inetOrgPerson/],
uid => $req->datas->{registerInfo}->{login},
cn => ucfirst $req->datas->{registerInfo}->{firstname} . " "
. uc $req->datas->{registerInfo}->{lastname},
sn => uc $req->datas->{registerInfo}->{lastname},
givenName => ucfirst $req->datas->{registerInfo}->{firstname},
userPassword => $req->datas->{registerInfo}->{password},
mail => $req->datas->{registerInfo}->{mail},
]
);
if ( $mesg->is_error ) {
$self->lmLog(
"Can not create entry for " . $req->datas->{registerInfo}->{login},
'error' );
$self->lmLog( "LDAP error " . $mesg->error, 'error' );
$self->ldap->unbind();
$self->{flags}->{ldapActive} = 0;
return PE_LDAPERROR;
}
return PE_OK;
}
# PRIVATE METHODS
# Search if login is already in use
sub isLoginUsed {
my ( $self, $login ) = @_;
my $mesg = $self->ldap->search(
base => $self->conf->{ldapBase},
filter => "(uid=$login)",
scope => "sub",
attrs => ['1.1'],
);
if ( $mesg->code() != 0 ) {
$self->lmLog( "LDAP Search error for $login: " . $mesg->error, 'warn' );
return 1;
}
if ( $mesg->count() > 0 ) {
$self->lmLog( "Login $login already used in LDAP", 'debug' );
return 1;
}
return 0;
}
1;
......@@ -114,7 +114,13 @@ sub bind {
{
$self->ldap( $self->newLdap );
}
return $self->ldap ? $self->ldap->bind(@_) : undef;
return undef unless($self->ldap);
my $msg = $self->ldap->bind(@_);
if ( $msg->code ) {
$self->lmLog( $msg->error, 'error' );
return undef;
}
return 1;
}
# RUNNING METHODS
......
......@@ -83,7 +83,6 @@
"PM3":"The following sessions have been closed",
"PM4":"Other active sessions",
"PM5":"Remove other sessions",
"PM6":"authentications remaining, change your password!",
"PM7":"%d days, %d hours, %d minutes and %d seconds before password expiration, change it!",
"PM8":"Select your Identity Provider",
"PM10":"Remember my choice",
......@@ -100,6 +99,7 @@
"anotherInformation":"Another information:",
"areYouSure":"Are you sure?",
"authPortal":"Authentication portal",
"authRemaining":"%s authentications remaining, change your password!",
"autoAccept":"Automatically accept in 5 seconds",
"autoMail":"This mail was sent automatically",
"back2CasUrl":"The application you just logged out of has provided a link it would like you to follow",
......
......@@ -83,7 +83,6 @@
"PM3":"Les sessions suivantes ont été fermées",
"PM4":"Autres sessions ouvertes",
"PM5":"Fermer les autres sessions",
"PM6":"authentifications restantes, changez votre mot de passe !",
"PM7":"%d jours, %d heures, %d minutes et %d secondes avant expiration de votre mot de passe, pensez à le changer !",
"PM8":"Choisissez votre fournisseur d'identité",
"PM10":"Se souvenir de mon choix",
......@@ -100,6 +99,7 @@
"anotherInformation":"Une autre information :",
"areYouSure":"Êtes vous sûr ?",
"authPortal":"Portail d'authentification",
"authRemaining":"%s authentifications restantes, changez votre mot de passe !",
"autoAccept":"Acceptation automatique dans 5 secondes",
"autoMail":"Ceci est un message automatique",
"back2CasUrl":"Le service duquel vous arrivez a fourni un lien que vous êtes invité à suivre",
......
......@@ -16,6 +16,7 @@ SKIP: {
useSafeJail => 1,
authentication => 'LDAP',
userDB => 'LDAP',
registerDB => 'LDAP',
LDAPFilter => $ENV{LDAPFILTER} || '(cn=$user)',
ldapServer => $ENV{LDAPSERVER},
ldapBase => $ENV{LDAPBASE},
......
......@@ -256,17 +256,17 @@ sub logout {
),
'Logout request'
);
main::ok( $res->[0] == 200, 'Response is 200' )
main::ok( $res->[0] == 200, ' Response is 200' )
or explain( $res->[0], 200 );
my $c;
main::ok(
( defined( $c = main::getCookies($res)->{lemonldap} ) and not $c ),
'Cookie is deleted' )
' Cookie is deleted' )
or main::explain( $res->[1], "Set-Cookie => 'lemonldap='" );
main::ok( $res = $self->_get( '/', cookie => "lemonldap=$id" ),
'Disconnect request' )
or explain( $res, '[<code>,<hdrs>,<content>]' );
main::ok( $res->[0] == 401, 'Response is 401' )
main::ok( $res->[0] == 401, ' Response is 401' )
or main::explain( $res, 401 );
main::count(5);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment