Commit e6769e0c authored by Xavier Guimard's avatar Xavier Guimard

Merge branch 'master' into v2.0

parents 94679c3d 504e892e
......@@ -130,7 +130,7 @@ Copyright: 2009-2013 Jeff Mott
License: Expat
Files: lemonldap-ng-manager/site/htdocs/static/bwr/es5-shim/*
Copyright: 2009-2015, Kristopher Michael Kowal and contributors
Copyright: 2009-2015, contributors
License: Expat
Files: lemonldap-ng-manager/site/htdocs/static/bwr/file-saver.js/*
......
......@@ -120,6 +120,7 @@ VHOSTLISTEN="*:$(PORT)"
TESTWEBSERVER=apache
TESTWEBSERVERPORT=19876
TESTUSESSL=0
E2E_TESTS='portal/*.js'
# LDAP backend test
LLNGTESTLDAP_SLAPD_BIN=/usr/sbin/slapd
......@@ -548,7 +549,7 @@ launch_protractor:
# Start e2e tests
# NB: you must have protractor installed (using npm install -g protractor)
# and have run update-webdriver at least once and have a node.js > 4.0
@TESTWEBSERVERPORT=$(TESTWEBSERVERPORT) protractor e2e-tests/protractor-conf.js
@E2E_TESTS=$(E2E_TESTS) TESTWEBSERVERPORT=$(TESTWEBSERVERPORT) protractor e2e-tests/protractor-conf.js
stop_web_server:
# Stop web server
......@@ -568,7 +569,7 @@ plackup:
-F >e2e-tests/conf/fastcgi.log 2>&1 &
install_test:
@TESTWEBSERVERPORT=$(PORT) protractor e2e-tests/protractor-conf.js
@E2E_TESTS=$(E2E_TESTS) TESTWEBSERVERPORT=$(PORT) protractor e2e-tests/protractor-conf.js
# Install targets
# ---------------
......
......@@ -75,7 +75,7 @@
"description" : "Official LemonLDAP::NG Website",
"display" : "on",
"logo" : "network.png",
"name" : "Offical Website",
"name" : "Official Website",
"uri" : "http://lemonldap-ng.org/"
},
"type" : "application"
......@@ -86,7 +86,7 @@
"authentication" : "Demo",
"cfgAuthor" : "The LemonLDAP::NG team",
"cfgNum" : 1,
"cfgVersion" : "2.0.0",
"cfgVersion" : "2.0.1",
"cookieName" : "lemonldap",
"demoExportedVars" : {
"cn" : "cn",
......
lemonldap-ng (2.1.0) artful; urgency=medium
lemonldap-ng (2.0.1) artful; urgency=medium
* Bugs:
......
......@@ -277,6 +277,7 @@ Suggests: libcrypt-u2f-server-perl,
libglib-perl,
libgssapi-perl,
libimage-magick-perl,
libipc-run-perl,
liblasso-perl,
libnet-facebook-oauth2-perl (>= 0.10),
libnet-openid-consumer-perl,
......
......@@ -130,7 +130,7 @@ Copyright: 2009-2013 Jeff Mott
License: Expat
Files: lemonldap-ng-manager/site/htdocs/static/bwr/es5-shim/*
Copyright: 2009-2015, Kristopher Michael Kowal and contributors
Copyright: 2009-2015, contributors
License: Expat
Files: lemonldap-ng-manager/site/htdocs/static/bwr/file-saver.js/*
......
#End 2 End Testing (Protractor)
To run the end-2-end tests against the application you use [Protractor](https://github.com/angular/protractor).
## Testing with Protractor
As a one-time setup, download webdriver.
```
npm run update-webdriver
```
Start the Protractor test runner using the e2e configuration:
```
make e2e_test
```
## Devel tips
{
locator_: {
using: 'css selector',
value: '[ng-click="getLanguage(lang)"]'
},
parentElementFinder_: null,
opt_actionResult_: {
then: [Function: then],
cancel: [Function: cancel],
isPending: [Function: isPending]
},
opt_index_: 1,
click: [Function],
sendKeys: [Function],
getTagName: [Function],
getCssValue: [Function],
getAttribute: [Function],
getText: [Function],
getSize: [Function],
getLocation: [Function],
isEnabled: [Function],
isSelected: [Function],
submit: [Function],
clear: [Function],
isDisplayed: [Function],
getOuterHtml: [Function],
getInnerHtml: [Function],
toWireValue: [Function]
}
......@@ -57,6 +57,16 @@
},
"type": "application"
},
"0008-app": {
"options": {
"description": "Explore WebSSO 2FA sessions",
"display": "auto",
"logo": "database.png",
"name": "2FA Sessions explorer",
"uri": "http://manager.example.com:__port__/2ndfa.html"
},
"type": "application"
},
"type": "category"
},
"0008-cat": {
......@@ -76,7 +86,7 @@
"description": "Official LemonLDAP::NG Website",
"display": "on",
"logo": "network.png",
"name": "Offical Website",
"name": "Official Website",
"uri": "http://lemonldap-ng.org/"
},
"type": "application"
......
......@@ -3,14 +3,13 @@
/* http://docs.angularjs.org/guide/dev_guide.e2e-testing */
describe('00 Lemonldap::NG', function() {
describe('Auth mechanism', function() {
it('should want to authenticate', function() {
browser.driver.get('http://auth.example.com:' + process.env.TESTWEBSERVERPORT + '/');
// Login attempt
browser.driver.findElement(by.xpath("//input[@name='user']")).sendKeys('dwho');
browser.driver.findElement(by.xpath("//input[@name='password']")).sendKeys('dwho');
browser.driver.findElement(by.xpath("//button[@type='submit']")).click();
});
});
});
\ No newline at end of file
});
This diff is collapsed.
'use strict';
/* http://docs.angularjs.org/guide/dev_guide.e2e-testing */
describe('01 Lemonldap::NG Manager', function() {
describe('Tree display -> Variables', function() {
it('Main => should display 12 main nodes', function() {
browser.get('/');
expect(element.all(by.repeater('node in data track by node.id')).count()).toEqual(12);
});
it('Variables should display 3 sub nodes', function() {
element(by.id('a-variables')).click();
expect(element.all(by.repeater('node in node.nodes track by node.id')).count()).toEqual(3);
});
});
});
\ No newline at end of file
......@@ -3,15 +3,11 @@
/* http://docs.angularjs.org/guide/dev_guide.e2e-testing */
describe('01 Lemonldap::NG Manager', function() {
describe('Tree display', function() {
it('should display 9 main nodes', function() {
it('Main => should display 12 main nodes', function() {
browser.get('/');
var mainNodes = element.all(by.repeater('node in data track by node.id'));
expect(mainNodes.count()).toEqual(12);
expect(element.all(by.repeater('node in data track by node.id')).count()).toEqual(12);
});
it('should find a rule', function() {
browser.get('/#/confs/1');
var vhs = element(by.id('a-virtualHosts'));
......@@ -23,18 +19,5 @@ describe('01 Lemonldap::NG Manager', function() {
var def = element.all(by.id("t-virtualHosts/manager.example.com/locationRules/1"));
expect(def.count()).toEqual(1);
});
it('should find 19 auth/user modules but only Demo visible', function() {
browser.get('/#/confs/1');
element(by.id('a-generalParameters')).click();
element(by.id('a-authParams')).click();
/* todo */
});
it('should have a hash form if a key is clicked', function() {
element(by.id('a-demoParams')).click();
element(by.id('a-demoExportedVars')).click();
element(by.id('t-demoExportedVars/cn')).click();
var def = element.all(by.id('hashkeyinput'));
expect(def.count()).toEqual(1);
});
});
});
\ No newline at end of file
......@@ -12,7 +12,7 @@ describe('02 Lemonldap::NG Manager', function() {
"fr": "Paramètres généraux"
};
var els = element.all(by.css('[ng-click="getLanguage(lang)"]'));
expect(els.count()).toEqual(8);
expect(els.count()).toEqual(14);
els.each(function(el) {
el.isDisplayed().then(function(isVisible) {
if (isVisible) {
......
......@@ -9,6 +9,7 @@ describe('08 Lemonldap::NG Manager', function() {
it('should be able to add reload urls', function() {
browser.get('/#/confs/latest');
element(by.id('a-generalParameters')).click();
element(by.id('t-reloadParams')).click();
element(by.id('t-reloadUrls')).click();
element(by.css('.glyphicon-plus-sign')).click();
element(by.id('a-reloadUrls')).click();
......
......@@ -5,14 +5,13 @@
describe('35 Lemonldap::NG Manager', function() {
it('should be able to restore an old configuration', function() {
browser.get('/#/confs/1');
browser.get('/#!/confs/1');
element(by.id('save')).click();
element(by.id('longtextinput')).sendKeys('Restore conf 1');
element(by.id('saveok')).click();
browser.sleep(500);
element(by.id('messageok')).click();
browser.sleep(500);
element(by.id('forcesave')).click();
element(by.id('save')).click();
element(by.id('longtextinput')).sendKeys('Force to restore conf 1');
element(by.id('saveok')).click();
element(by.id('messageok')).click();
......
......@@ -7,7 +7,7 @@ describe('36 Lemonldap::NG Manager', function() {
describe('Diff interface', function() {
it('should find key changed', function() {
browser.get('/diff.html#6/7');
browser.get('/diff.html#!/6/7');
element(by.id('t-generalParameters')).click();
element(by.id('t-advancedParams')).click();
element(by.id('t-security')).click();
......
......@@ -5,7 +5,7 @@ describe('40 Lemonldap::NG Manager', function() {
it('should display other modules', function() {
browser.get('/');
var links = element.all(by.repeater('l in links'));
expect(links.count()).toEqual(3);
expect(links.count()).toEqual(4);
element(by.xpath("//a[@href='sessions.html']")).click();
});
......
'use strict';
/* http://docs.angularjs.org/guide/dev_guide.e2e-testing */
describe('00 Lemonldap::NG', function() {
describe('Auth mechanism', function() {
it('Portal should display 11 lang flags', function() {
browser.driver.get('http://auth.example.com:' + process.env.TESTWEBSERVERPORT + '/');
browser.driver.findElements(by.className('langicon')).then(function(elems) {
expect(elems.length).toEqual(11);
});
browser.driver.findElement(by.xpath("//img[@title='en']")).click();
expect(browser.driver.findElement(by.css('[trmsg="9"]')).getText()).toEqual('Authentication required');
expect(browser.driver.findElement(by.css('[trspan="createAccount"]')).getText()).toEqual('Create an account');
browser.driver.findElement(by.xpath("//img[@title='it']")).click();
expect(browser.driver.findElement(by.css('[trmsg="9"]')).getText()).toEqual('Autenticazione necessaria');
expect(browser.driver.findElement(by.css('[trspan="createAccount"]')).getText()).toEqual('Crea un account');
browser.driver.findElement(by.xpath("//img[@title='fr']")).click();
expect(browser.driver.findElement(by.css('[trspan="createAccount"]')).getText()).toEqual('Créer un compte');
});
it('should create an account', function() {
browser.driver.findElement(by.css('[trspan="createAccount"]')).click();
expect(browser.driver.findElement(by.css('[trmsg="78"]')).getText()).toEqual('Merci de saisir vos informations');
// A four inputs form + one captcha
browser.driver.findElements(by.className('input-group')).then(function(elems) {
expect(elems.length).toEqual(4);
});
browser.driver.findElements(by.className('img-thumbnail')).then(function(elems) {
expect(elems.length).toEqual(1);
});
});
it('should authenticate with history', function() {
expect(browser.driver.findElement(by.css('[trspan="back2Portal"]')).getText()).toEqual('Retourner au portail');
browser.driver.findElement(by.css('[trspan="back2Portal"]')).click();
// Failed login attempt
browser.driver.findElement(by.xpath("//input[@name='user']")).sendKeys('dwho');
browser.driver.findElement(by.xpath("//input[@name='password']")).sendKeys('ohwd');
browser.driver.findElement(by.xpath("//input[@name='checkLogins']")).click();
browser.driver.findElement(by.xpath("//button[@type='submit']")).click();
expect(browser.driver.findElement(by.css('[trmsg="5"]')).getText()).toEqual('Mot de passe ou identifiant incorrect');
browser.driver.findElement(by.css('[trspan="goToPortal"]')).click();
// Login attempt
browser.driver.findElement(by.xpath("//input[@name='user']")).sendKeys('dwho');
browser.driver.findElement(by.xpath("//input[@name='password']")).sendKeys('dwho');
browser.driver.findElement(by.xpath("//input[@name='checkLogins']")).click();
browser.driver.findElement(by.xpath("//button[@type='submit']")).click();
// Change lang
browser.driver.findElement(by.xpath("//img[@title='de']")).click();
expect(browser.driver.findElement(by.css('[trspan="info"]')).getText()).toEqual("Information");
});
it('should display history', function() {
// Two entries
browser.driver.findElements(by.xpath('//table/tbody/tr')).then(function(elems) {
expect(elems.length).toEqual(2);
});
// Expect history with one login and one failed login
browser.driver.findElements(by.xpath('//form/div/div/h3')).then(function(elems) {
expect(elems.length).toEqual(3);
expect(elems[0].getText()).toEqual('Information');
expect(elems[1].getText()).toEqual('Letzte Anmeldungen');
expect(elems[2].getText()).toEqual('Letzte fehlgeschlagene Anmeldungen');
});
browser.driver.findElements(by.xpath('//table/thead/tr/th')).then(function(elems) {
expect(elems.length).toEqual(5);
expect(elems[0].getText()).toEqual('Datum');
expect(elems[2].getText()).toEqual('Datum');
expect(elems[4].getText()).toEqual('Fehlermeldung');
});
browser.driver.findElements(by.xpath('//table/tbody/tr/td')).then(function(elems) {
expect(elems.length).toEqual(5);
expect(elems[1].getText()).toEqual('127.0.0.1');
expect(elems[3].getText()).toEqual('127.0.0.1');
expect(elems[4].getText()).toEqual('Benutzername oder Passwort nicht korrekt');
});
expect(browser.driver.findElement(by.css('[trspan="PE5"]')).getText()).toEqual('Benutzername oder Passwort nicht korrekt');
expect(browser.driver.findElement(by.id('timer')).getText()).toMatch(/^Du wirst in \d{2} Sekunden umgeleitet$/);
browser.driver.findElement(by.xpath("//button[@type='reset']")).click();
expect(browser.driver.findElement(by.id('timer')).isDisplayed()).toEqual(false);
browser.driver.findElement(by.xpath("//button[@type='submit']")).click();
});
});
});
\ No newline at end of file
'use strict';
/* http://docs.angularjs.org/guide/dev_guide.e2e-testing */
describe('01 Lemonldap::NG', function() {
describe('Portal should display Menu', function() {
it('Should have four buttons', function() {
browser.driver.findElement(by.xpath("//img[@title='fr']")).click();
browser.driver.findElement(by.xpath("//button[@type='button']")).click();
// Change password form
browser.driver.findElements(by.xpath('//li/a/span/img')).then(function(links) {
expect(links.length).toEqual(4);
links[1].click();
browser.sleep(1000);
browser.driver.findElement(by.xpath("//input[@name='oldpassword']")).sendKeys('dwho');
browser.driver.findElement(by.xpath("//input[@name='newpassword']")).sendKeys('newpwd');
browser.driver.findElement(by.xpath("//input[@name='confirmpassword']")).sendKeys('newpwd');
browser.driver.findElement(by.xpath("//button[@type='submit']")).click();
expect(browser.driver.findElement(by.css('[trmsg="35"]')).getText()).toEqual('Le mot de passe a été changé');
browser.driver.findElement(by.css('[trspan="goToPortal"]')).click();
browser.driver.findElement(by.xpath("//button[@type='button']")).click();
browser.sleep(1000);
});
// History page
browser.driver.findElements(by.xpath('//li/a/span/img')).then(function(links) {
expect(links.length).toEqual(4);
links[2].click();
browser.sleep(1000);
// Expect history with one login and one failed login
browser.driver.findElements(by.xpath('//main/div/div/div/div/h4')).then(function(elems) {
expect(elems.length).toEqual(7);
expect(elems[4].getText()).toEqual('Dernières connexions');
expect(elems[5].getText()).toEqual('Dernières connexions refusées');
});
browser.driver.findElements(by.xpath('//table/thead/tr/th')).then(function(elems) {
expect(elems.length).toEqual(5);
expect(elems[0].getText()).toEqual('Date');
expect(elems[1].getText()).toEqual('Adresse IP');
expect(elems[2].getText()).toEqual('Date');
expect(elems[3].getText()).toEqual('Adresse IP');
expect(elems[4].getText()).toEqual("Message d'erreur");
});
browser.driver.findElements(by.xpath('//table/tbody/tr/td')).then(function(elems) {
expect(elems.length).toEqual(5);
expect(elems[1].getText()).toEqual('127.0.0.1');
expect(elems[3].getText()).toEqual('127.0.0.1');
expect(elems[4].getText()).toEqual('Mot de passe ou identifiant incorrect');
});
browser.driver.findElement(by.xpath("//button[@type='button']")).click();
browser.sleep(1000);
});
// Logout page
browser.driver.findElements(by.xpath('//li/a/span/img')).then(function(links) {
expect(links.length).toEqual(4);
links[3].click();
browser.sleep(1000);
expect(browser.driver.findElement(by.css('[trspan="areYouSure"]')).getText()).toEqual('Êtes-vous sûr ?');
expect(browser.driver.findElement(by.css('[trspan="imSure"]')).getText()).toEqual('Je suis sûr');
browser.driver.findElement(by.xpath("//button[@type='button']")).click();
browser.sleep(1000);
});
// Applications page
browser.driver.findElements(by.xpath('//li/a/span/img')).then(function(links) {
expect(links.length).toEqual(4);
links[0].click();
browser.sleep(1000);
});
browser.driver.findElements(by.xpath('//main/div/div/div/div/h4')).then(function(elems) {
expect(elems.length).toEqual(7);
expect(elems[0].getText()).toEqual('Sample applications');
expect(elems[1].getText()).toEqual('Administration');
expect(elems[2].getText()).toEqual('Documentation');
});
browser.driver.findElements(by.xpath('//main/div/div/div/div/div/div/div/a/div/div/div/h5')).then(function(elems) {
expect(elems.length).toEqual(8);
expect(elems[0].getText()).toEqual('Application Test 1');
expect(elems[1].getText()).toEqual('Application Test 2');
expect(elems[2].getText()).toEqual('WebSSO Manager');
expect(elems[3].getText()).toEqual('Notifications explorer');
expect(elems[4].getText()).toEqual('Sessions explorer');
expect(elems[5].getText()).toEqual('2FA Sessions explorer');
expect(elems[6].getText()).toEqual('Local documentation');
expect(elems[7].getText()).toEqual('Official Website');
});
});
});
});
'use strict';
/* http://docs.angularjs.org/guide/dev_guide.e2e-testing */
describe('99 Lemonldap::NG auth mechanism', function() {
it('should allow logout', function() {
browser.driver.get('http://auth.example.com:' + process.env.TESTWEBSERVERPORT + '/?logout=1');
});
});
\ No newline at end of file
#End 2 End Testing (Protractor)
To run the end-2-end tests against the application you use [Protractor](https://github.com/angular/protractor).
## Testing with Protractor
As a one-time setup, download webdriver.
```
npm run update-webdriver
```
Start the Protractor test runner using the e2e configuration:
```
make e2e_test
```
## Devel tips
{
locator_: {
using: 'css selector',
value: '[ng-click="getLanguage(lang)"]'
},
parentElementFinder_: null,
opt_actionResult_: {
then: [Function: then],
cancel: [Function: cancel],
isPending: [Function: isPending]
},
opt_index_: 1,
click: [Function],
sendKeys: [Function],
getTagName: [Function],
getCssValue: [Function],
getAttribute: [Function],
getText: [Function],
getSize: [Function],
getLocation: [Function],
isEnabled: [Function],
isSelected: [Function],
submit: [Function],
clear: [Function],
isDisplayed: [Function],
getOuterHtml: [Function],
getInnerHtml: [Function],
toWireValue: [Function]
}
exports.config = {
allScriptsTimeout: 11000,
specs: ['manager/*.js', 'handler/*.js'],
// Specific test
specs: process.env.E2E_TESTS,
// All tests
//specs: ['handler/*.js', 'portal/*.js', 'manager/*.js' ],
capabilities: {
capabilities: {
'browserName': 'chrome'
},
......
......@@ -5,7 +5,7 @@ use strict;
use Exporter 'import';
use base qw(Exporter);
our $VERSION = '2.0.0';
our $VERSION = '2.0.1';
# CONSTANTS
......
......@@ -5,7 +5,7 @@ use strict;
use Exporter 'import';
use base qw(Exporter);
our $VERSION = '2.0.0';
our $VERSION = '2.0.1';
our %EXPORT_TAGS = ( 'all' => [qw($simpleHashKeys $doubleHashKeys $specialNodeKeys $casAppMetaDataNodeKeys $casSrvMetaDataNodeKeys $oidcOPMetaDataNodeKeys $oidcRPMetaDataNodeKeys $samlIDPMetaDataNodeKeys $samlSPMetaDataNodeKeys $virtualHostKeys $specialNodeHash $authParameters $issuerParameters $samlServiceParameters $oidcServiceParameters $casServiceParameters)] );
our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } );
......
......@@ -94,7 +94,7 @@
<th ng-if="node.td!='1' && node.td!='2'">{{translate(node.title)}}</th>
<td class="data-{{node.epoch}}" ng-if="node.td>='1'">{{node.title}}</td>
<th ng-if="node.title=='type' || node.title=='rp'">{{translate(node.value)}}</th>
<td class="col-md-4 data-{{node.epoch}}" ng-if="node.title!='type' && node.title!='rp'">{{node.value}}</td>
<td id="v-{{node.title}}" class="col-md-4 data-{{node.epoch}}" ng-if="node.title!='type' && node.title!='rp'">{{node.value}}</td>
<th ng-if="node.title=='type' || node.title=='rp'">{{translate(node.epoch)}}</th>
<td class="col-md-4 data-{{node.epoch}}" ng-if="node.epoch > 1500000000">{{localeDate(node.epoch)}}</td>
<td class="data-{{node.epoch}}">
......
......@@ -27,6 +27,7 @@ lib/Lemonldap/NG/Portal/Auth/Custom.pm
lib/Lemonldap/NG/Portal/Auth/DBI.pm
lib/Lemonldap/NG/Portal/Auth/Demo.pm
lib/Lemonldap/NG/Portal/Auth/Facebook.pm
lib/Lemonldap/NG/Portal/Auth/GPG.pm
lib/Lemonldap/NG/Portal/Auth/Kerberos.pm
lib/Lemonldap/NG/Portal/Auth/LDAP.pm
lib/Lemonldap/NG/Portal/Auth/LinkedIn.pm
......@@ -324,6 +325,7 @@ site/templates/bootstrap/customLoginHeader.tpl
site/templates/bootstrap/error.tpl
site/templates/bootstrap/ext2fcheck.tpl
site/templates/bootstrap/footer.tpl
site/templates/bootstrap/gpgform.tpl
site/templates/bootstrap/header.tpl
site/templates/bootstrap/idpchoice.tpl
site/templates/bootstrap/info.tpl
......@@ -402,6 +404,7 @@ t/26-AuthRemote.t
t/27-AuthProxy.t
t/28-AuthChoice-and-password.t
t/28-AuthChoice-with-rules.t
t/29-AuthGPG.t
t/29-AuthSSL.t
t/30-Auth-and-issuer-SAML-Artifact-with-SOAP-SLO-IdP-initiated.t
t/30-Auth-and-issuer-SAML-Artifact-with-SOAP-SLO.t
......@@ -499,6 +502,12 @@ t/76-2F-Ext-with-GrantSession.t
t/76-2F-Ext-with-HISTORY.t
t/90-Translations.t
t/99-pod.t
t/gpghome/key.asc
t/gpghome/openpgp-revocs.d/9482CEFB055809CBAFE6D71AAB2D5542891D1677.rev
t/gpghome/private-keys-v1.d/A076B0E7DB141A919271EE8B581CDFA8DA42F333.key
t/gpghome/private-keys-v1.d/B7219440BCCD85200121CFB89F94C8D98C0397B3.key
t/gpghome/pubring.kbx
t/gpghome/trustdb.gpg
t/lmConf-1.json
t/pdata.pm
t/README.md
......
......@@ -16,6 +16,7 @@ WriteMakefile(
'Glib' => 0,
'HTTP::Message' => 0,
'Image::Magick' => 0,
'IPC::Run' => 0,
'Lasso' => '2.3.0',
'LWP::UserAgent' => 0,
'LWP::Protocol::https' => 0,
......
package Lemonldap::NG::Portal::Auth::GPG;
use strict;
use File::Temp 'tempdir';
use IPC::Run;
use Mouse;
use Lemonldap::NG::Portal::Main::Constants qw(
PE_BADCREDENTIALS
PE_ERROR
PE_FIRSTACCESS
PE_FORMEMPTY
PE_NOTOKEN
PE_OK
);
our $VERSION = '2.0.1';
extends 'Lemonldap::NG::Portal::Auth::_WebForm';
has db => ( is => 'rw' );
has tmp => (
is => 'rw',
default => sub {
tempdir( CLEANUP => 1 );
},
);
sub init {
my ($self) = @_;
$self->db( $self->conf->{gpgDb} );
unless ( $_[0]->{conf}->{requireToken} ) {
$self->error("requireToken isn't set, unable to use GPG");
}
unless ( $self->db ) {
$self->error("gpgDb not set");
return 0;
}
unless ( -r $self->db ) {
$self->error( "Unable to read " . $self->db );
return 0;
}
return $self->SUPER::init();
}
sub extractFormInfo {
my ( $self, $req ) = @_;
# Keep token data for later use
my ( $token, $gpgToken );
if ( $token = $req->param('token') ) {
$gpgToken = $self->ott->getToken($token);
$req->data->{tokenVerified} = 1 if ($gpgToken);
}
my $res = $self->SUPER::extractFormInfo($req);
return $res if ($res);
my $signed = $req->data->{password};
unless ( $signed =~ /SIGNATURE/s ) {
$self->userLogger->error("Bad signature content");
$self->userLogger->debug($signed);
$self->setSecurity($req);
return PE_BADCREDENTIALS;
}
unless ( $signed =~ /\b\Q$token\E\b/ ) {
$self->userLogger->error("User replayed a bad token in GPG !");
$self->setSecurity($req);
return PE_BADCREDENTIALS;
}
my ( $out, $err );
$self->logger->debug(
"Launching:\ngpgv --homedir /dev/null --keyring $self->{db} <<EOF\n$signed\nEOF"
);
my ( $lang, $language ) = ( $ENV{LANG}, $ENV{LANGUAGE} );
$ENV{LANG} = $ENV{LANGUAGE} = 'C';
IPC::Run::run(
[ 'gpgv', '--homedir', '/dev/null', '--keyring', $self->db ],
\$sig