lemonldap-ng/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SSL.pm

package Lemonldap::NG::Portal::Auth::SSL;

use strict;
use Mouse;
use Lemonldap::NG::Portal::Main::Constants
  qw(PE_OK PE_BADCERTIFICATE PE_CERTIFICATEREQUIRED);

our $VERSION = '2.0.0';

extends 'Lemonldap::NG::Portal::Auth::Base';

# PROPERTIES

has SSLField => ( is => 'rw' );

# INITIALIZATION

sub init {
    my ($self) = @_;
    $self->SSLField( $self->conf->{SSLVar} ||= 'SSL_CLIENT_S_DN_Email' );
    $self->conf->{SSLVarIf} ||= {};
    return 1;
}

# Read username in SSL environment variables, or return an error
# @return Lemonldap::NG::Portal constant
sub extractFormInfo {
    my ( $self, $req ) = @_;
    my $field = $self->SSLField;
    if ( $req->env->{SSL_CLIENT_I_DN}
        and my $tmp =
        $self->conf->{SSLVarIf}->{ $req->env->{SSL_CLIENT_I_DN} } )
    {
        $field = $tmp;
    }
    return PE_OK
      if ( $req->user( $req->env->{$field} ) );
    if ( $req->env->{SSL_CLIENT_S_DN} ) {
        $self->userLogger->warn("$field was not found in user certificate");
        return PE_BADCERTIFICATE;
    }
    else {
        $self->userlogger->warn('No certificate found');
        return PE_CERTIFICATEREQUIRED;
    }
}

sub authenticate {
    PE_OK;
}

sub setAuthSessionInfo {
    my ( $self, $req ) = @_;
    $req->{sessionInfo}->{authenticationLevel} = $self->conf->{SSLAuthnLevel};
    PE_OK;
}

sub getDisplayType {
    return "logo";
}

1;
Add Auth/SSL (#595) 2016-08-05 13:56:16 +02:00			`package Lemonldap::NG::Portal::Auth::SSL;`

			`use strict;`
			`use Mouse;`
			`use Lemonldap::NG::Portal::Main::Constants`
			`qw(PE_OK PE_BADCERTIFICATE PE_CERTIFICATEREQUIRED);`

			`our $VERSION = '2.0.0';`

			`extends 'Lemonldap::NG::Portal::Auth::Base';`

			`# PROPERTIES`

			`has SSLField => ( is => 'rw' );`

			`# INITIALIZATION`

			`sub init {`
			`my ($self) = @_;`
			`$self->SSLField( $self->conf->{SSLVar} \|\|= 'SSL_CLIENT_S_DN_Email' );`
Add conditional SSLVar (closes: #803) 2017-02-24 07:29:50 +01:00			`$self->conf->{SSLVarIf} \|\|= {};`
WebID (#595) 2017-01-30 22:00:54 +01:00			`return 1;`
Add Auth/SSL (#595) 2016-08-05 13:56:16 +02:00			`}`

			`# Read username in SSL environment variables, or return an error`
			`# @return Lemonldap::NG::Portal constant`
			`sub extractFormInfo {`
			`my ( $self, $req ) = @_;`
Add conditional SSLVar (closes: #803) 2017-02-24 07:29:50 +01:00			`my $field = $self->SSLField;`
			`if ( $req->env->{SSL_CLIENT_I_DN}`
			`and my $tmp =`
			`$self->conf->{SSLVarIf}->{ $req->env->{SSL_CLIENT_I_DN} } )`
			`{`
			`$field = $tmp;`
			`}`
Add Auth/SSL (#595) 2016-08-05 13:56:16 +02:00			`return PE_OK`
Add conditional SSLVar (closes: #803) 2017-02-24 07:29:50 +01:00			`if ( $req->user( $req->env->{$field} ) );`
			`if ( $req->env->{SSL_CLIENT_S_DN} ) {`
			`$self->userLogger->warn("$field was not found in user certificate");`
Add Auth/SSL (#595) 2016-08-05 13:56:16 +02:00			`return PE_BADCERTIFICATE;`
			`}`
			`else {`
Replace userNotice/Error... by userLogger (#857) 2017-02-15 15:16:59 +01:00			`$self->userlogger->warn('No certificate found');`
Add Auth/SSL (#595) 2016-08-05 13:56:16 +02:00			`return PE_CERTIFICATEREQUIRED;`
			`}`
			`}`

			`sub authenticate {`
			`PE_OK;`
			`}`

Enable setAuthSessionInfo (#595) 2016-12-01 23:25:05 +01:00			`sub setAuthSessionInfo {`
			`my ( $self, $req ) = @_;`
			`$req->{sessionInfo}->{authenticationLevel} = $self->conf->{SSLAuthnLevel};`
			`PE_OK;`
			`}`

Add Auth/SSL (#595) 2016-08-05 13:56:16 +02:00			`sub getDisplayType {`
			`return "logo";`
			`}`

			`1;`