2019-03-02 22:18:42 +01:00
|
|
|
package Lemonldap::NG::Portal::Plugins::IdSpoofing;
|
|
|
|
|
|
|
|
use strict;
|
|
|
|
use Mouse;
|
|
|
|
use Lemonldap::NG::Portal::Main::Constants qw( PE_OK PE_BADCREDENTIALS );
|
|
|
|
|
|
|
|
our $VERSION = '2.0.3';
|
|
|
|
|
|
|
|
extends 'Lemonldap::NG::Portal::Main::Plugin';
|
|
|
|
|
|
|
|
# INITIALIZATION
|
|
|
|
|
|
|
|
use constant endAuth => 'run';
|
|
|
|
|
2019-03-02 23:27:56 +01:00
|
|
|
sub hAttr {
|
|
|
|
$_[0]->{conf}->{idSpoofingHiddenAttributes} . ' '
|
|
|
|
. $_[0]->{conf}->{hiddenAttributes};
|
|
|
|
}
|
|
|
|
|
2019-03-02 22:18:42 +01:00
|
|
|
sub init {1}
|
|
|
|
|
|
|
|
# RUNNING METHOD
|
|
|
|
|
|
|
|
sub run {
|
|
|
|
my ( $self, $req ) = @_;
|
|
|
|
my $spoofId = $req->param('spoofId') || 'rtyler';
|
|
|
|
|
|
|
|
# Fill spoof session
|
|
|
|
my ( $realSession, $spoofSession ) = ( {}, {} );
|
|
|
|
my $spk = '';
|
|
|
|
foreach my $k ( keys %{ $req->{sessionInfo} } ) {
|
2019-03-02 23:27:56 +01:00
|
|
|
if ( $self->{conf}->{idSpoofingSkipEmptyValues} ) {
|
|
|
|
next unless defined $req->{sessionInfo}->{$k};
|
|
|
|
}
|
|
|
|
$spk = "$self->{conf}->{idSpoofingPrefix}$k";
|
|
|
|
unless ( $self->hAttr =~ /\b$k\b/ ) {
|
|
|
|
$realSession->{$spk} = $req->{sessionInfo}->{$k};
|
|
|
|
$self->logger->debug("-> Store $k in realSession key: $spk");
|
|
|
|
}
|
2019-03-02 22:18:42 +01:00
|
|
|
}
|
|
|
|
$self->logger->debug( "**** req before " . Data::Dumper::Dumper($req) );
|
2019-03-02 23:27:56 +01:00
|
|
|
$self->logger->debug(
|
|
|
|
"+++++ realSession " . Data::Dumper::Dumper($realSession) );
|
2019-03-02 22:18:42 +01:00
|
|
|
$req->{user} = $spoofId;
|
|
|
|
$spoofSession = $self->_userDatas($req);
|
|
|
|
|
2019-03-02 23:27:56 +01:00
|
|
|
$self->logger->debug(
|
|
|
|
"+++++ spoofSession " . Data::Dumper::Dumper($spoofSession) );
|
2019-03-02 22:18:42 +01:00
|
|
|
$self->logger->debug( "**** req after " . Data::Dumper::Dumper($req) );
|
|
|
|
|
2019-03-02 23:27:56 +01:00
|
|
|
$spoofSession = { %$spoofSession, %$realSession };
|
2019-03-02 22:18:42 +01:00
|
|
|
|
2019-03-02 23:27:56 +01:00
|
|
|
$self->logger->debug( "!!!!!!!!!!!!!!!!!! spoofSession "
|
|
|
|
. Data::Dumper::Dumper($spoofSession) );
|
2019-03-02 22:18:42 +01:00
|
|
|
|
2019-03-02 23:27:56 +01:00
|
|
|
# Main session
|
2019-03-02 22:18:42 +01:00
|
|
|
$self->p->updateSession( $req, $spoofSession );
|
|
|
|
|
2019-03-02 23:27:56 +01:00
|
|
|
#$self->p->updatePersistentSession( $req, $spoofSession ); #?????
|
2019-03-02 22:18:42 +01:00
|
|
|
|
2019-03-02 23:27:56 +01:00
|
|
|
return PE_OK;
|
2019-03-02 22:18:42 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
sub _userDatas {
|
|
|
|
my ( $self, $req ) = @_;
|
|
|
|
$req->{sessionInfo} = {};
|
|
|
|
|
|
|
|
# Search user in database
|
|
|
|
$req->steps(
|
2019-03-02 23:27:56 +01:00
|
|
|
[ 'getUser', 'setSessionInfo',
|
|
|
|
'setMacros', 'setGroups',
|
|
|
|
|
|
|
|
#'setPersistentSessionInfo', 'setLocalGroups'
|
|
|
|
'setLocalGroups'
|
2019-03-02 22:18:42 +01:00
|
|
|
]
|
|
|
|
);
|
|
|
|
if ( my $error = $self->p->process($req) ) {
|
|
|
|
if ( $error == PE_BADCREDENTIALS ) {
|
|
|
|
$self->userLogger->warn(
|
|
|
|
'IdSpoofing requested for an unvalid user ('
|
|
|
|
. $req->{user}
|
|
|
|
. ")" );
|
|
|
|
}
|
|
|
|
$self->logger->debug("Process returned error: $error");
|
|
|
|
return $req->error($error);
|
|
|
|
}
|
|
|
|
return $req->{sessionInfo};
|
|
|
|
}
|
|
|
|
|
|
|
|
1;
|