2017-01-09 07:11:30 +01:00
|
|
|
package Lemonldap::NG::Portal::Lib::SOAPProxy;
|
2016-06-06 22:49:59 +02:00
|
|
|
|
|
|
|
|
use strict;
|
|
|
|
|
use Mouse;
|
2016-06-07 23:04:24 +02:00
|
|
|
use SOAP::Lite;
|
2021-09-09 14:28:06 +02:00
|
|
|
use Lemonldap::NG::Portal::Main::Constants qw(
|
|
|
|
|
URIRE
|
|
|
|
|
PE_OK
|
|
|
|
|
PE_ERROR
|
|
|
|
|
PE_BADCREDENTIALS
|
|
|
|
|
);
|
2016-06-06 22:49:59 +02:00
|
|
|
|
2021-09-09 14:28:06 +02:00
|
|
|
our $VERSION = '2.0.14';
|
2016-06-06 22:49:59 +02:00
|
|
|
|
2016-06-09 20:40:20 +02:00
|
|
|
# INITIALIZATION
|
|
|
|
|
|
2021-09-09 14:28:06 +02:00
|
|
|
has cookieName => ( is => 'rw' );
|
|
|
|
|
has sessionService => ( is => 'rw' );
|
|
|
|
|
has urn => (
|
2020-02-20 21:49:55 +01:00
|
|
|
is => 'rw',
|
|
|
|
|
lazy => 1,
|
|
|
|
|
default => sub {
|
|
|
|
|
$_[0]->conf->{soapProxyUrn};
|
|
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
|
2016-06-06 22:49:59 +02:00
|
|
|
sub init {
|
|
|
|
|
my ($self) = @_;
|
|
|
|
|
|
2021-09-09 14:28:06 +02:00
|
|
|
unless ( defined $self->conf->{proxyAuthService}
|
|
|
|
|
&& $self->conf->{proxyAuthService} =~ URIRE )
|
|
|
|
|
{
|
|
|
|
|
$self->error("Bad or missing proxyAuthService parameter");
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
my $sessionService = $self->conf->{proxySessionService}
|
|
|
|
|
|| $self->conf->{proxyAuthService};
|
|
|
|
|
unless ( $sessionService =~ URIRE ) {
|
|
|
|
|
$self->error("Malformed proxySessionService parameter");
|
2016-06-06 22:49:59 +02:00
|
|
|
return 0;
|
|
|
|
|
}
|
2021-09-09 14:28:06 +02:00
|
|
|
$self->sessionService($sessionService);
|
2021-09-10 22:13:51 +02:00
|
|
|
$self->cookieName( $self->conf->{proxyCookieName}
|
2021-09-09 14:28:06 +02:00
|
|
|
|| $self->conf->{cookieName} );
|
|
|
|
|
|
2016-06-06 22:49:59 +02:00
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2016-06-09 20:40:20 +02:00
|
|
|
# RUNNING METHODS
|
|
|
|
|
|
2017-01-10 13:25:30 +01:00
|
|
|
no warnings 'once';
|
2016-06-09 13:45:06 +02:00
|
|
|
*authenticate = *getUser;
|
|
|
|
|
|
|
|
|
|
sub getUser {
|
2016-06-06 22:49:59 +02:00
|
|
|
my ( $self, $req ) = @_;
|
2018-07-05 22:56:16 +02:00
|
|
|
return PE_OK if ( $req->data->{_proxyQueryDone} );
|
2021-09-09 14:28:06 +02:00
|
|
|
$self->logger->debug(
|
|
|
|
|
'Proxy push auth to ' . $self->conf->{proxyAuthService} );
|
2020-02-20 21:49:55 +01:00
|
|
|
my $soap =
|
|
|
|
|
SOAP::Lite->proxy( $self->conf->{proxyAuthService} )->uri( $self->urn );
|
2018-07-05 22:56:16 +02:00
|
|
|
my $r = $soap->getCookies( $req->{user}, $req->data->{password} );
|
2016-06-06 22:49:59 +02:00
|
|
|
if ( $r->fault ) {
|
2017-02-15 07:41:50 +01:00
|
|
|
$self->logger->error( "Unable to query authentication service: "
|
|
|
|
|
. $r->fault->{faultstring} );
|
2016-06-06 22:49:59 +02:00
|
|
|
return PE_ERROR;
|
|
|
|
|
}
|
2021-09-09 14:28:06 +02:00
|
|
|
$self->logger->debug('Proxy gets a response');
|
2016-06-06 22:49:59 +02:00
|
|
|
my $res = $r->result();
|
|
|
|
|
|
|
|
|
|
# If authentication failed, display error
|
2016-06-07 23:04:24 +02:00
|
|
|
if ( $res->{errorCode} ) {
|
2017-02-15 15:16:59 +01:00
|
|
|
$self->userLogger->warn(
|
2016-06-07 23:04:24 +02:00
|
|
|
"Authentication failed for $req->{user}: error $res->{errorCode}");
|
2017-03-14 17:52:11 +01:00
|
|
|
$self->setSecurity($req);
|
2016-06-06 22:49:59 +02:00
|
|
|
return PE_BADCREDENTIALS;
|
|
|
|
|
}
|
2021-09-09 14:28:06 +02:00
|
|
|
unless ( $req->data->{_remoteId} = $res->{cookies}->{ $self->cookieName } )
|
2016-06-06 22:49:59 +02:00
|
|
|
{
|
2017-02-15 07:41:50 +01:00
|
|
|
$self->logger->error("No cookie named $self->{remoteCookieName}");
|
2016-06-06 22:49:59 +02:00
|
|
|
return PE_ERROR;
|
|
|
|
|
}
|
2018-07-05 22:56:16 +02:00
|
|
|
$req->data->{_proxyQueryDone}++;
|
2021-04-01 23:07:58 +02:00
|
|
|
|
|
|
|
|
return PE_OK;
|
2016-06-06 22:49:59 +02:00
|
|
|
}
|
|
|
|
|
|
2021-01-02 18:58:40 +01:00
|
|
|
sub findUser {
|
|
|
|
|
|
|
|
|
|
# Nothing to do here
|
2021-04-01 23:07:58 +02:00
|
|
|
return PE_OK;
|
2021-01-02 18:58:40 +01:00
|
|
|
}
|
|
|
|
|
|
2016-06-06 22:49:59 +02:00
|
|
|
sub setSessionInfo {
|
|
|
|
|
my ( $self, $req ) = @_;
|
2018-07-05 22:56:16 +02:00
|
|
|
return PE_OK if ( $req->data->{_setSessionInfoDone} );
|
2021-09-09 14:28:06 +02:00
|
|
|
$self->logger->debug(
|
|
|
|
|
'Proxy requests sessionInfo to ' . $self->sessionService . '/global' );
|
|
|
|
|
my $soap = SOAP::Lite->proxy( $self->sessionService )->uri( $self->urn );
|
|
|
|
|
my $r = $soap->getAttributes( $req->data->{_remoteId} );
|
|
|
|
|
$self->logger->error(
|
|
|
|
|
"Unable to query session service: " . $r->fault->{faultstring} )
|
|
|
|
|
if ( $r->fault );
|
|
|
|
|
|
2016-06-06 22:49:59 +02:00
|
|
|
my $res = $r->result();
|
|
|
|
|
if ( $res->{error} ) {
|
2021-09-09 14:28:06 +02:00
|
|
|
$self->userLogger->warn("Unable to get attributes for $self->{user}");
|
2016-06-06 22:49:59 +02:00
|
|
|
return PE_ERROR;
|
|
|
|
|
}
|
|
|
|
|
foreach ( keys %{ $res->{attributes} } ) {
|
|
|
|
|
$req->{sessionInfo}->{$_} ||= $res->{attributes}->{$_}
|
|
|
|
|
unless (/^_/);
|
|
|
|
|
}
|
2018-07-05 22:56:16 +02:00
|
|
|
$req->data->{_setSessionInfoDone}++;
|
2021-04-01 23:07:58 +02:00
|
|
|
|
|
|
|
|
return PE_OK;
|
2016-06-06 22:49:59 +02:00
|
|
|
}
|
|
|
|
|
|
2017-01-10 17:09:28 +01:00
|
|
|
sub authLogout {
|
2021-09-09 14:28:06 +02:00
|
|
|
|
|
|
|
|
# Nothing to do here
|
2021-04-01 23:07:58 +02:00
|
|
|
return PE_OK;
|
2017-01-10 17:09:28 +01:00
|
|
|
}
|
|
|
|
|
|
2016-06-06 22:49:59 +02:00
|
|
|
1;
|
