2016-04-03 10:44:58 +02:00
|
|
|
package Lemonldap::NG::Portal::Plugins::CDA;
|
|
|
|
|
|
|
|
use strict;
|
|
|
|
use Mouse;
|
2017-04-19 10:32:42 +02:00
|
|
|
use Lemonldap::NG::Portal::Main::Constants qw(
|
|
|
|
PE_APACHESESSIONERROR
|
2020-11-16 18:37:26 +01:00
|
|
|
PE_ERROR
|
2017-04-19 10:32:42 +02:00
|
|
|
PE_OK
|
|
|
|
);
|
2016-04-03 10:44:58 +02:00
|
|
|
|
2020-02-25 22:01:04 +01:00
|
|
|
our $VERSION = '2.0.8';
|
2016-06-09 20:40:20 +02:00
|
|
|
|
2016-06-02 23:20:36 +02:00
|
|
|
extends 'Lemonldap::NG::Common::Module';
|
2016-04-03 10:44:58 +02:00
|
|
|
|
2016-06-09 20:40:20 +02:00
|
|
|
# INTERFACE
|
|
|
|
|
2018-09-05 09:19:01 +02:00
|
|
|
use constant endAuth => 'changeUrldc';
|
2018-06-11 14:03:09 +02:00
|
|
|
use constant forAuthUser => 'changeUrldc';
|
2016-04-03 10:44:58 +02:00
|
|
|
|
2017-08-18 15:03:42 +02:00
|
|
|
sub init { 1 }
|
|
|
|
|
2016-06-09 20:40:20 +02:00
|
|
|
# RUNNING METHOD
|
|
|
|
|
2016-04-03 10:44:58 +02:00
|
|
|
sub changeUrldc {
|
|
|
|
my ( $self, $req ) = @_;
|
2018-06-11 14:03:09 +02:00
|
|
|
my $urldc = $req->{urldc} || '';
|
2016-04-03 10:44:58 +02:00
|
|
|
if ( $req->id
|
|
|
|
and $urldc !~ m#^https?://[^/]*$self->{conf}->{domain}(:\d+)?/#oi
|
2016-04-03 18:27:13 +02:00
|
|
|
and $self->p->isTrustedUrl($urldc) )
|
2016-04-03 10:44:58 +02:00
|
|
|
{
|
|
|
|
my $ssl = $urldc =~ /^https/;
|
2017-02-15 07:41:50 +01:00
|
|
|
$self->logger->debug('CDA request');
|
2016-11-15 14:33:39 +01:00
|
|
|
|
|
|
|
# Create CDA session
|
2019-05-11 09:31:17 +02:00
|
|
|
my $cdaInfos = { '_utime' => time };
|
|
|
|
if ( $self->{conf}->{securedCookie} < 2 or $ssl ) {
|
|
|
|
$cdaInfos->{cookie_value} = $req->id;
|
|
|
|
$cdaInfos->{cookie_name} = $self->{conf}->{cookieName};
|
2016-11-15 14:33:39 +01:00
|
|
|
}
|
|
|
|
else {
|
2020-11-16 18:37:26 +01:00
|
|
|
if ( $req->{sessionInfo}->{_httpSession} ) {
|
|
|
|
$cdaInfos->{cookie_value} =
|
|
|
|
$req->{sessionInfo}->{_httpSession};
|
|
|
|
$cdaInfos->{cookie_name} = $self->{conf}->{cookieName} . "http";
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
$self->logger->error(
|
|
|
|
"Session does not contain _httpSession field. "
|
|
|
|
. "Portal must be accessed over HTTPS when using CDA with double cookie"
|
|
|
|
);
|
|
|
|
return PE_ERROR;
|
|
|
|
}
|
2019-05-11 09:31:17 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
my $cdaSession =
|
|
|
|
$self->p->getApacheSession( undef, kind => "CDA", info => $cdaInfos );
|
|
|
|
unless ($cdaSession) {
|
2017-02-15 07:41:50 +01:00
|
|
|
$self->logger->error("Unable to create CDA session");
|
2016-11-15 14:33:39 +01:00
|
|
|
return PE_APACHESESSIONERROR;
|
|
|
|
}
|
2019-05-11 09:31:17 +02:00
|
|
|
|
|
|
|
# We are about to redirect the user to the CDA application,
|
|
|
|
# dismiss any previously stored redirections (#1650)
|
|
|
|
delete $req->{pdata}->{_url};
|
|
|
|
|
|
|
|
$req->{urldc} .=
|
|
|
|
( $urldc =~ /\?/ ? '&' : '?' )
|
|
|
|
. $self->{conf}->{cookieName} . "cda="
|
|
|
|
. $cdaSession->id;
|
|
|
|
|
|
|
|
$self->logger->debug( "CDA redirection to " . $req->{urldc} );
|
2016-04-03 10:44:58 +02:00
|
|
|
}
|
2020-02-25 22:01:04 +01:00
|
|
|
return PE_OK;
|
2016-04-03 10:44:58 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
1;
|