lemonldap-ng/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SSL.pm

package Lemonldap::NG::Portal::Auth::SSL;

use strict;
use Mouse;
use Lemonldap::NG::Portal::Main::Constants qw(
  PE_BADCERTIFICATE
  PE_CERTIFICATEREQUIRED
  PE_FIRSTACCESS
  PE_OK
);

our $VERSION = '2.1.0';

extends 'Lemonldap::NG::Portal::Main::Auth';

# INITIALIZATION

has Name => ( is => 'ro', default => 'SSL' );

sub init {
    my ($self) = @_;
    return 1;
}

# Read username in SSL environment variables, or return an error
# @return Lemonldap::NG::Portal constant
sub extractFormInfo {
    my ( $self, $req ) = @_;
    my $field = $self->conf->{SSLVar};
    if ( $req->env->{SSL_CLIENT_I_DN} ) {
        $self->logger->debug(
            'Received SSL issuer ' . $req->env->{SSL_CLIENT_I_DN} );

        if ( my $tmp =
            $self->conf->{SSLVarIf}->{ $req->env->{SSL_CLIENT_I_DN} } )
        {
            $field = $tmp;
        }
    }
    $self->logger->debug("Using SSL environment variable $field");
    if ( $req->user( $req->env->{$field} ) ) {
        $self->userLogger->notice( "GoodSSL authentication for " . $req->user );
        return PE_OK;
    }
    elsif ( $req->env->{SSL_CLIENT_S_DN} ) {
        $self->userLogger->warn("$field was not found in user certificate");
        return PE_BADCERTIFICATE;
    }
    elsif ( $self->conf->{sslByAjax} and not $req->param('nossl') ) {
        $req->data->{waitingMessage} = 1;
        return PE_FIRSTACCESS;
    }
    else {
        if ( $self->conf->{sslByAjax} ) {
            $self->logger->debug( 'Append ' . $self->{Name} . ' init/script' );
            $self->logger->debug(
                "Send init/script -> " . $req->data->{customScript} );
        }
        $self->userLogger->warn('No certificate found');
        return PE_CERTIFICATEREQUIRED;
    }
}

sub authenticate {
    PE_OK;
}

sub setAuthSessionInfo {
    my ( $self, $req ) = @_;
    $req->sessionInfo->{authenticationLevel} = $self->conf->{SSLAuthnLevel};
    PE_OK;
}

sub getForm {
    my ( $self, $req ) = @_;
    $req->tplParams->{SSLHOST} = $self->conf->{sslHost};
    return "sslform";
}

sub authLogout {
    PE_OK;
}

1;
Add Auth/SSL (#595) 2016-08-05 13:56:16 +02:00			`package Lemonldap::NG::Portal::Auth::SSL;`

			`use strict;`
			`use Mouse;`
Add Ajax to SSL (closes #1212) 2017-04-11 21:19:59 +02:00			`use Lemonldap::NG::Portal::Main::Constants qw(`
Tidy 2019-02-05 23:12:17 +01:00			`PE_BADCERTIFICATE`
			`PE_CERTIFICATEREQUIRED`
			`PE_FIRSTACCESS`
			`PE_OK`
Add Ajax to SSL (closes #1212) 2017-04-11 21:19:59 +02:00			`);`
Add Auth/SSL (#595) 2016-08-05 13:56:16 +02:00
Set master version to 2.1.0 2019-02-12 18:21:38 +01:00			`our $VERSION = '2.1.0';`
Add Auth/SSL (#595) 2016-08-05 13:56:16 +02:00
Move Auth::Base to Main::Auth 2018-02-19 22:11:43 +01:00			`extends 'Lemonldap::NG::Portal::Main::Auth';`
Add Auth/SSL (#595) 2016-08-05 13:56:16 +02:00
			`# INITIALIZATION`

Merge branch 'v2.0' (with new tidy) 2019-07-02 20:12:11 +02:00			`has Name => ( is => 'ro', default => 'SSL' );`
Improve code (#1636) 2019-02-02 17:34:44 +01:00
Add Auth/SSL (#595) 2016-08-05 13:56:16 +02:00			`sub init {`
Improve code (#1636) 2019-02-02 17:34:44 +01:00			`my ($self) = @_;`
WebID (#595) 2017-01-30 22:00:54 +01:00			`return 1;`
Add Auth/SSL (#595) 2016-08-05 13:56:16 +02:00			`}`

			`# Read username in SSL environment variables, or return an error`
			`# @return Lemonldap::NG::Portal constant`
			`sub extractFormInfo {`
			`my ( $self, $req ) = @_;`
Set some default values in Attributes.pm (#595) 2018-04-30 18:06:15 +02:00			`my $field = $self->conf->{SSLVar};`
Manager: fix SSLVarIf syntax (#2082) 2020-01-31 17:43:49 +01:00			`if ( $req->env->{SSL_CLIENT_I_DN} ) {`
			`$self->logger->debug(`
fix whitespace (#2082) 2020-01-31 17:48:21 +01:00			`'Received SSL issuer ' . $req->env->{SSL_CLIENT_I_DN} );`
Manager: fix SSLVarIf syntax (#2082) 2020-01-31 17:43:49 +01:00
			`if ( my $tmp =`
			`$self->conf->{SSLVarIf}->{ $req->env->{SSL_CLIENT_I_DN} } )`
			`{`
			`$field = $tmp;`
			`}`
Add conditional SSLVar (closes: #803) 2017-02-24 07:29:50 +01:00			`}`
Manager: fix SSLVarIf syntax (#2082) 2020-01-31 17:43:49 +01:00			`$self->logger->debug("Using SSL environment variable $field");`
Add Ajax to SSL (closes #1212) 2017-04-11 21:19:59 +02:00			`if ( $req->user( $req->env->{$field} ) ) {`
Tidy 2019-02-05 23:12:17 +01:00			`$self->userLogger->notice( "GoodSSL authentication for " . $req->user );`
Add Ajax to SSL (closes #1212) 2017-04-11 21:19:59 +02:00			`return PE_OK;`
			`}`
			`elsif ( $req->env->{SSL_CLIENT_S_DN} ) {`
Add conditional SSLVar (closes: #803) 2017-02-24 07:29:50 +01:00			`$self->userLogger->warn("$field was not found in user certificate");`
Add Auth/SSL (#595) 2016-08-05 13:56:16 +02:00			`return PE_BADCERTIFICATE;`
			`}`
Add Ajax to SSL (closes #1212) 2017-04-11 21:19:59 +02:00			`elsif ( $self->conf->{sslByAjax} and not $req->param('nossl') ) {`
Add a waiting message for Kerberos/SSL workflow (#1670) 2019-03-11 16:36:32 +01:00			`$req->data->{waitingMessage} = 1;`
Add Ajax to SSL (closes #1212) 2017-04-11 21:19:59 +02:00			`return PE_FIRSTACCESS;`
			`}`
Add Auth/SSL (#595) 2016-08-05 13:56:16 +02:00			`else {`
Fix SSL/Kerberos Auth with Choice & Improve unit tests (#1636) 2019-02-03 20:05:28 +01:00			`if ( $self->conf->{sslByAjax} ) {`
Tidy 2019-02-05 23:12:17 +01:00			`$self->logger->debug( 'Append ' . $self->{Name} . ' init/script' );`
Fix SSL/Kerberos Auth with Choice & Improve unit tests (#1636) 2019-02-03 20:05:28 +01:00			`$self->logger->debug(`
			`"Send init/script -> " . $req->data->{customScript} );`
			`}`
Add Ajax to SSL (closes #1212) 2017-04-11 21:19:59 +02:00			`$self->userLogger->warn('No certificate found');`
Add Auth/SSL (#595) 2016-08-05 13:56:16 +02:00			`return PE_CERTIFICATEREQUIRED;`
			`}`
			`}`

			`sub authenticate {`
			`PE_OK;`
			`}`

Enable setAuthSessionInfo (#595) 2016-12-01 23:25:05 +01:00			`sub setAuthSessionInfo {`
			`my ( $self, $req ) = @_;`
Typo & upadte version 2019-04-05 22:58:48 +02:00			`$req->sessionInfo->{authenticationLevel} = $self->conf->{SSLAuthnLevel};`
Enable setAuthSessionInfo (#595) 2016-12-01 23:25:05 +01:00			`PE_OK;`
			`}`

Modularize Display/login (#1652) 2019-03-19 05:56:36 +01:00			`sub getForm {`
Merge branch 'v2.0' (with new tidy) 2019-07-02 20:12:11 +02:00			`my ( $self, $req ) = @_;`
Modularize Display/login (#1652) 2019-03-19 05:56:36 +01:00			`$req->tplParams->{SSLHOST} = $self->conf->{sslHost};`
			`return "sslform";`
Add Auth/SSL (#595) 2016-08-05 13:56:16 +02:00			`}`

Append authLogout function to Auth::SSL.pm (#1564) 2018-12-01 16:05:29 +01:00			`sub authLogout {`
			`PE_OK;`
			`}`

Add Auth/SSL (#595) 2016-08-05 13:56:16 +02:00			`1;`