Commit c5a36870 authored by Xavier Guimard's avatar Xavier Guimard

Merge remote-tracking branch 'max/fix-redir' into v2.0

parents e41be10a 1cd0a069
...@@ -66,6 +66,7 @@ sub defaultValues { ...@@ -66,6 +66,7 @@ sub defaultValues {
'handlerInternalCache' => 15, 'handlerInternalCache' => 15,
'hiddenAttributes' => '_password', 'hiddenAttributes' => '_password',
'httpOnly' => 1, 'httpOnly' => 1,
'https' => -1,
'infoFormMethod' => 'get', 'infoFormMethod' => 'get',
'issuerDBCASPath' => '^/cas/', 'issuerDBCASPath' => '^/cas/',
'issuerDBCASRule' => 1, 'issuerDBCASRule' => 1,
...@@ -173,6 +174,7 @@ sub defaultValues { ...@@ -173,6 +174,7 @@ sub defaultValues {
'pamService' => 'login', 'pamService' => 'login',
'passwordDB' => 'Demo', 'passwordDB' => 'Demo',
'passwordResetAllowedRetries' => 3, 'passwordResetAllowedRetries' => 3,
'port' => -1,
'portal' => 'http://auth.example.com/', 'portal' => 'http://auth.example.com/',
'portalAntiFrame' => 1, 'portalAntiFrame' => 1,
'portalCheckLogins' => 1, 'portalCheckLogins' => 1,
......
...@@ -204,7 +204,6 @@ sub defaultValuesInit { ...@@ -204,7 +204,6 @@ sub defaultValuesInit {
$class->tsv->{cipher} = Lemonldap::NG::Common::Crypto->new( $conf->{key} ); $class->tsv->{cipher} = Lemonldap::NG::Common::Crypto->new( $conf->{key} );
foreach my $opt (qw(https port maintenance)) { foreach my $opt (qw(https port maintenance)) {
next unless defined $conf->{$opt};
# Record default value in key '_' # Record default value in key '_'
$class->tsv->{$opt} = { _ => $conf->{$opt} }; $class->tsv->{$opt} = { _ => $conf->{$opt} };
...@@ -216,7 +215,7 @@ sub defaultValuesInit { ...@@ -216,7 +215,7 @@ sub defaultValuesInit {
$conf->{vhostOptions}->{$vhost} ||= {}; $conf->{vhostOptions}->{$vhost} ||= {};
my $val = $conf->{vhostOptions}->{$vhost}->{$name}; my $val = $conf->{vhostOptions}->{$vhost}->{$name};
# Keep default value if $val is negative # Keep global value if $val is negative
if ( defined $val and $val >= 0 ) { if ( defined $val and $val >= 0 ) {
$class->logger->debug( $class->logger->debug(
"Options $opt for vhost $vhost: $val"); "Options $opt for vhost $vhost: $val");
......
...@@ -402,12 +402,8 @@ sub fetchId { ...@@ -402,12 +402,8 @@ sub fetchId {
my ( $class, $req ) = @_; my ( $class, $req ) = @_;
my $t = $req->{env}->{HTTP_COOKIE} or return 0; my $t = $req->{env}->{HTTP_COOKIE} or return 0;
my $vhost = $class->resolveAlias($req); my $vhost = $class->resolveAlias($req);
my $lookForHttpCookie = ( my $lookForHttpCookie = ( $class->tsv->{securedCookie} =~ /^(2|3)$/
$class->tsv->{securedCookie} =~ /^(2|3)$/ and not $class->_isHttps( $req, $vhost ) );
and !( defined( $class->tsv->{https}->{$vhost} ) )
? $class->tsv->{https}->{$vhost}
: $class->tsv->{https}->{_}
);
my $cn = $class->tsv->{cookieName}; my $cn = $class->tsv->{cookieName};
my $value my $value
= $lookForHttpCookie = $lookForHttpCookie
...@@ -535,23 +531,67 @@ sub retrieveSession { ...@@ -535,23 +531,67 @@ sub retrieveSession {
} }
} }
## @cmethod private int _getPort(string s)
# Returns the port on which this vhost is accessed
# @param $s VHost name
# @return PORT
sub _getPort {
my ( $class, $req, $vhost ) = @_;
if ( defined $class->tsv->{port}->{$vhost}
and ( $class->tsv->{port}->{$vhost} > 0 ) )
{
return $class->tsv->{port}->{$vhost};
}
else {
if ( defined $class->tsv->{port}->{_}
and ( $class->tsv->{port}->{_} > 0 ) )
{
return $class->tsv->{port}->{_};
}
else {
return $req->{env}->{SERVER_PORT};
}
}
}
## @cmethod private boot _isHttps(string s)
# Returns whether this VHost should he accessed
# via HTTPS
# @param $s VHost name
# @return RUE if the vhost should be accessed over HTTPS
sub _isHttps {
my ( $class, $req, $vhost ) = @_;
if ( defined $class->tsv->{https}->{$vhost}
and ( $class->tsv->{https}->{$vhost} > -1 ) )
{
return $class->tsv->{https}->{$vhost};
}
else {
if ( defined $class->tsv->{https}->{_}
and ( $class->tsv->{https}->{_} > -1 ) )
{
return $class->tsv->{https}->{_};
}
else {
return ( uc( $req->{env}->{HTTPS} ) eq "ON" );
}
}
}
## @cmethod private string _buildUrl(string s) ## @cmethod private string _buildUrl(string s)
# Transform /<s> into http(s?)://<host>:<port>/s # Transform /<s> into http(s?)://<host>:<port>/s
# @param $s path # @param $s path
# @return URL # @return URL
sub _buildUrl { sub _buildUrl {
my ( $class, $req, $s ) = @_; my ( $class, $req, $s ) = @_;
my $realvhost = $req->{env}->{HTTP_HOST}; my $realvhost = $req->{env}->{HTTP_HOST};
my $vhost = $class->resolveAlias($req); my $vhost = $class->resolveAlias($req);
my $_https = ( my $_https = $class->_isHttps( $req, $vhost );
defined( $class->tsv->{https}->{$vhost} ) my $portString = $class->_getPort( $req, $vhost );
? $class->tsv->{https}->{$vhost}
: $class->tsv->{https}->{_}
);
my $portString
= $class->tsv->{port}->{$vhost}
|| $class->tsv->{port}->{_}
|| $req->{env}->{SERVER_PORT};
$portString = ( $portString = (
( $realvhost =~ /:\d+/ ) ( $realvhost =~ /:\d+/ )
or ( $_https && $portString == 443 ) or ( $_https && $portString == 443 )
......
...@@ -1180,8 +1180,8 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][ ...@@ -1180,8 +1180,8 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
'type' => 'bool' 'type' => 'bool'
}, },
'https' => { 'https' => {
'default' => 0, 'default' => -1,
'type' => 'bool' 'type' => 'trool'
}, },
'infoFormMethod' => { 'infoFormMethod' => {
'default' => 'get', 'default' => 'get',
...@@ -2155,7 +2155,8 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][ ...@@ -2155,7 +2155,8 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
'type' => 'keyTextContainer' 'type' => 'keyTextContainer'
}, },
'port' => { 'port' => {
'type' => 'int' 'default' => -1,
'type' => 'int'
}, },
'portal' => { 'portal' => {
'default' => 'http://auth.example.com/', 'default' => 'http://auth.example.com/',
......
...@@ -293,8 +293,8 @@ sub attributes { ...@@ -293,8 +293,8 @@ sub attributes {
flags => 'hmp', flags => 'hmp',
}, },
https => { https => {
default => 0, default => -1,
type => 'bool', type => 'trool',
documentation => 'Use HTTPS for redirection from portal', documentation => 'Use HTTPS for redirection from portal',
flags => 'h', flags => 'h',
}, },
...@@ -306,6 +306,7 @@ sub attributes { ...@@ -306,6 +306,7 @@ sub attributes {
documentation => 'HTTP method for info page form', documentation => 'HTTP method for info page form',
}, },
port => { port => {
default => -1,
type => 'int', type => 'int',
documentation => 'Force port in redirection', documentation => 'Force port in redirection',
flags => 'h', flags => 'h',
......
// Generated by CoffeeScript 1.12.7 // Generated by CoffeeScript 1.12.8
/* /*
LemonLDAP::NG Manager client LemonLDAP::NG Manager client
......
This source diff could not be displayed because it is too large. You can view the blob instead.
...@@ -1417,11 +1417,12 @@ ...@@ -1417,11 +1417,12 @@
"type": "simpleInputContainer" "type": "simpleInputContainer"
}, { }, {
"_nodes": [{ "_nodes": [{
"default": 0, "default": -1,
"id": "https", "id": "https",
"title": "https", "title": "https",
"type": "bool" "type": "trool"
}, { }, {
"default": -1,
"id": "port", "id": "port",
"title": "port", "title": "port",
"type": "int" "type": "int"
......
...@@ -1597,16 +1597,17 @@ ...@@ -1597,16 +1597,17 @@
"title": "redirection", "title": "redirection",
"type": "simpleInputContainer", "type": "simpleInputContainer",
"nodes": [{ "nodes": [{
"default": 0, "default": -1,
"id": "https", "id": "https",
"title": "https", "title": "https",
"type": "bool", "type": "trool",
"data": 0 "data": -1
}, { }, {
"default": -1,
"id": "port", "id": "port",
"title": "port", "title": "port",
"type": "int", "type": "int",
"data": null "data": -1
}, { }, {
"default": 0, "default": 0,
"id": "useRedirectOnForbidden", "id": "useRedirectOnForbidden",
......
...@@ -1608,16 +1608,17 @@ ...@@ -1608,16 +1608,17 @@
"title": "redirection", "title": "redirection",
"type": "simpleInputContainer", "type": "simpleInputContainer",
"nodes": [{ "nodes": [{
"default": 0,
"id": "https", "id": "https",
"title": "https", "title": "https",
"type": "bool", "type": "trool",
"data": 0 "default": -1,
"data": -1
}, { }, {
"id": "port", "id": "port",
"title": "port", "title": "port",
"default": -1,
"type": "int", "type": "int",
"data": null "data": -1
}, { }, {
"default": 0, "default": 0,
"id": "useRedirectOnForbidden", "id": "useRedirectOnForbidden",
......
...@@ -1611,13 +1611,15 @@ ...@@ -1611,13 +1611,15 @@
"default": 0, "default": 0,
"id": "https", "id": "https",
"title": "https", "title": "https",
"type": "bool", "type": "trool",
"data": 0 "default": -1,
"data": -1
}, { }, {
"id": "port", "id": "port",
"title": "port", "title": "port",
"type": "int", "type": "int",
"data": null "default": -1,
"data": -1
}, { }, {
"default": 0, "default": 0,
"id": "useRedirectOnForbidden", "id": "useRedirectOnForbidden",
......
...@@ -1590,13 +1590,15 @@ ...@@ -1590,13 +1590,15 @@
"default": 0, "default": 0,
"id": "https", "id": "https",
"title": "https", "title": "https",
"type": "bool", "default": -1,
"data": 0 "type": "trool",
"data": -1
}, { }, {
"id": "port", "id": "port",
"default": -1,
"title": "port", "title": "port",
"type": "int", "type": "int",
"data": null "data": -1
}, { }, {
"default": 0, "default": 0,
"id": "useRedirectOnForbidden", "id": "useRedirectOnForbidden",
......
...@@ -2249,13 +2249,14 @@ ...@@ -2249,13 +2249,14 @@
}, },
{ {
"_nodes": [{ "_nodes": [{
"default": 0,
"id": "https", "id": "https",
"default": -1,
"title": "https", "title": "https",
"type": "bool" "type": "trool"
}, },
{ {
"id": "port", "id": "port",
"default": -1,
"title": "port", "title": "port",
"type": "int" "type": "int"
}, },
......
...@@ -199,12 +199,9 @@ sub send_mail { ...@@ -199,12 +199,9 @@ sub send_mail {
Subject => $subject, Subject => $subject,
Type => 'TEXT', Type => 'TEXT',
Data => $body, Data => $body,
Type => 'text/plain',
Charset => $self->charset,
); );
# Manage content type and charset
$message->attr( "content-type" => "text/plain" );
$message->attr( "content-type.charset" => $self->charset );
} }
# Send the mail # Send the mail
......
...@@ -326,7 +326,7 @@ sub _reset { ...@@ -326,7 +326,7 @@ sub _reset {
if ( $self->conf->{mailConfirmBody} ) { if ( $self->conf->{mailConfirmBody} ) {
# We use a specific text message, no html # We use a specific text message, no html
$body = $self->{mailConfirmBody}; $body = $self->conf->{mailConfirmBody};
} }
else { else {
...@@ -464,7 +464,7 @@ sub changePwd { ...@@ -464,7 +464,7 @@ sub changePwd {
if ( $self->conf->{mailBody} ) { if ( $self->conf->{mailBody} ) {
# We use a specific text message, no html # We use a specific text message, no html
$body = $self->{mailBody}; $body = $self->conf->{mailBody};
} }
else { else {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment