lemonldap-ng/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/IdSpoofing.pm

package Lemonldap::NG::Portal::Plugins::IdSpoofing;

use strict;
use Mouse;
use Lemonldap::NG::Portal::Main::Constants qw( PE_OK PE_BADCREDENTIALS );

our $VERSION = '2.0.3';

extends 'Lemonldap::NG::Portal::Main::Plugin';

# INITIALIZATION

use constant endAuth => 'run';

sub hAttr {
    $_[0]->{conf}->{idSpoofingHiddenAttributes} . ' '
        . $_[0]->{conf}->{hiddenAttributes};
}

sub init {1}

# RUNNING METHOD

sub run {
    my ( $self, $req ) = @_;
    my $spoofId = $req->param('spoofId') || '';
    return PE_OK unless $spoofId;

    # Fill spoof session
    my ( $realSession, $spoofSession ) = ( {}, {} );
    $self->logger->debug("Spoofing Id: $spoofId...");
    my $spk = '';
    foreach my $k ( keys %{ $req->{sessionInfo} } ) {
        if ( $self->{conf}->{idSpoofingSkipEmptyValues} ) {
            next unless defined $req->{sessionInfo}->{$k};
        }
        $spk = "$self->{conf}->{idSpoofingPrefix}$k";
        unless ( $self->hAttr =~ /\b$k\b/ ) {
            $realSession->{$spk} = $req->{sessionInfo}->{$k};
            $self->logger->debug("-> Store $k in realSession key: $spk");
        }
    }
    $req->{user} = $spoofId;
    $spoofSession = $self->_userDatas($req);
    $spoofSession = { %$spoofSession, %$realSession };

    # Main session
    #$self->p->updatePersistentSession( $req, $spoofSession ); #?????

    $self->p->updateSession( $req, $spoofSession );
    return PE_OK;
}

sub _userDatas {
    my ( $self, $req ) = @_;
    $req->{sessionInfo} = {};

    # Search user in database
    $req->steps(
        [   'getUser',   'setSessionInfo',
            'setMacros', 'setGroups',

            #'setPersistentSessionInfo', 'setLocalGroups'
            'setLocalGroups'
        ]
    );
    if ( my $error = $self->p->process($req) ) {
        if ( $error == PE_BADCREDENTIALS ) {
            $self->userLogger->warn(
                      'IdSpoofing requested for an unvalid user ('
                    . $req->{user}
                    . ")" );
        }
        $self->logger->debug("Process returned error: $error");
        return $req->error($error);
    }
    $self->logger->debug("Populating spoofed session...");
    return $req->{sessionInfo};
}

1;
WIP - Create session (#1664) 2019-03-02 22:18:42 +01:00			`package Lemonldap::NG::Portal::Plugins::IdSpoofing;`

			`use strict;`
			`use Mouse;`
			`use Lemonldap::NG::Portal::Main::Constants qw( PE_OK PE_BADCREDENTIALS );`

			`our $VERSION = '2.0.3';`

			`extends 'Lemonldap::NG::Portal::Main::Plugin';`

			`# INITIALIZATION`

			`use constant endAuth => 'run';`

WIP - Append conf. parameters (#1664) 2019-03-02 23:27:56 +01:00			`sub hAttr {`
			`$_[0]->{conf}->{idSpoofingHiddenAttributes} . ' '`
			`. $_[0]->{conf}->{hiddenAttributes};`
			`}`

WIP - Create session (#1664) 2019-03-02 22:18:42 +01:00			`sub init {1}`

			`# RUNNING METHOD`

			`sub run {`
			`my ( $self, $req ) = @_;`
WIP - Append parameters (#1664) 2019-03-03 20:50:21 +01:00			`my $spoofId = $req->param('spoofId') \|\| '';`
			`return PE_OK unless $spoofId;`
WIP - Create session (#1664) 2019-03-02 22:18:42 +01:00
			`# Fill spoof session`
			`my ( $realSession, $spoofSession ) = ( {}, {} );`
WIP - Append debug logs (#1664) 2019-03-03 20:56:22 +01:00			`$self->logger->debug("Spoofing Id: $spoofId...");`
WIP - Create session (#1664) 2019-03-02 22:18:42 +01:00			`my $spk = '';`
			`foreach my $k ( keys %{ $req->{sessionInfo} } ) {`
WIP - Append conf. parameters (#1664) 2019-03-02 23:27:56 +01:00			`if ( $self->{conf}->{idSpoofingSkipEmptyValues} ) {`
			`next unless defined $req->{sessionInfo}->{$k};`
			`}`
			`$spk = "$self->{conf}->{idSpoofingPrefix}$k";`
			`unless ( $self->hAttr =~ /\b$k\b/ ) {`
			`$realSession->{$spk} = $req->{sessionInfo}->{$k};`
			`$self->logger->debug("-> Store $k in realSession key: $spk");`
			`}`
WIP - Create session (#1664) 2019-03-02 22:18:42 +01:00			`}`
			`$req->{user} = $spoofId;`
			`$spoofSession = $self->_userDatas($req);`
WIP - Append conf. parameters (#1664) 2019-03-02 23:27:56 +01:00			`$spoofSession = { %$spoofSession, %$realSession };`
WIP - Create session (#1664) 2019-03-02 22:18:42 +01:00
WIP - Append conf. parameters (#1664) 2019-03-02 23:27:56 +01:00			`# Main session`
			`#$self->p->updatePersistentSession( $req, $spoofSession ); #?????`
WIP - Create session (#1664) 2019-03-02 22:18:42 +01:00
WIP - Append debug logs (#1664) 2019-03-03 20:56:22 +01:00			`$self->p->updateSession( $req, $spoofSession );`
WIP - Append conf. parameters (#1664) 2019-03-02 23:27:56 +01:00			`return PE_OK;`
WIP - Create session (#1664) 2019-03-02 22:18:42 +01:00			`}`

			`sub _userDatas {`
			`my ( $self, $req ) = @_;`
			`$req->{sessionInfo} = {};`

			`# Search user in database`
			`$req->steps(`
WIP - Append conf. parameters (#1664) 2019-03-02 23:27:56 +01:00			`[ 'getUser', 'setSessionInfo',`
			`'setMacros', 'setGroups',`

			`#'setPersistentSessionInfo', 'setLocalGroups'`
			`'setLocalGroups'`
WIP - Create session (#1664) 2019-03-02 22:18:42 +01:00			`]`
			`);`
			`if ( my $error = $self->p->process($req) ) {`
			`if ( $error == PE_BADCREDENTIALS ) {`
			`$self->userLogger->warn(`
			`'IdSpoofing requested for an unvalid user ('`
			`. $req->{user}`
			`. ")" );`
			`}`
			`$self->logger->debug("Process returned error: $error");`
			`return $req->error($error);`
			`}`
WIP - Append debug logs (#1664) 2019-03-03 20:56:22 +01:00			`$self->logger->debug("Populating spoofed session...");`
WIP - Create session (#1664) 2019-03-02 22:18:42 +01:00			`return $req->{sessionInfo};`
			`}`

			`1;`