2010-02-21 21:17:13 +01:00
|
|
|
## @file
|
|
|
|
# OpenID Issuer file
|
|
|
|
|
|
|
|
## @class
|
|
|
|
# OpenID Issuer class
|
|
|
|
package Lemonldap::NG::Portal::IssuerDBOpenID;
|
|
|
|
|
|
|
|
use strict;
|
|
|
|
use Lemonldap::NG::Portal::Simple;
|
|
|
|
|
|
|
|
our $VERSION = '0.01';
|
|
|
|
|
|
|
|
## @method void issuerDBInit()
|
|
|
|
# Do nothing
|
|
|
|
# @return Lemonldap::NG::Portal error code
|
|
|
|
sub issuerDBInit {
|
|
|
|
my $self = shift;
|
|
|
|
eval { require Net::OpenID::Server };
|
|
|
|
$self->abort( 'Unable to load Net::OpenID::Server', $@ ) if ($@);
|
2010-08-27 17:34:03 +02:00
|
|
|
|
|
|
|
# TODO secret
|
2010-03-15 11:57:17 +01:00
|
|
|
$self->lmLog(
|
|
|
|
'OpenID provider module is not fully functionnal now, use for test purpose only',
|
|
|
|
'warn'
|
|
|
|
);
|
2010-02-21 21:17:13 +01:00
|
|
|
return PE_OK;
|
|
|
|
}
|
|
|
|
|
|
|
|
## @apmethod int issuerForUnAuthUser()
|
|
|
|
# Do nothing
|
|
|
|
# @return Lemonldap::NG::Portal error code
|
|
|
|
sub issuerForUnAuthUser {
|
|
|
|
my $self = shift;
|
|
|
|
|
2010-08-27 17:34:03 +02:00
|
|
|
# Restore datas
|
|
|
|
$self->restoreOpenIDprm();
|
|
|
|
my $mode = $self->param('openid.mode');
|
|
|
|
|
|
|
|
print STDERR Dumper($self->{_prm}); use Data::Dumper;
|
|
|
|
unless($mode) {
|
|
|
|
$self->lmLog( 'OpenID SP test', 'debug' );
|
|
|
|
return PE_OPENID_EMPTY;
|
|
|
|
}
|
|
|
|
|
|
|
|
my ( $type, $data );
|
|
|
|
if($mode eq 'associate') {
|
|
|
|
return $self->_openIDResponse( $self->openIDServer->_mode_associate() );
|
|
|
|
}
|
|
|
|
elsif($mode eq 'check_authentication'){
|
|
|
|
return $self->_openIDResponse( $self->openIDServer->_mode_check_authentication() );
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
# TODO: store datas
|
|
|
|
$self->setHiddenFormValue('openidprm',Storable::nfreeze($self->{_prm}));
|
|
|
|
return PE_OK;
|
2010-02-21 21:17:13 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2010-08-27 17:34:03 +02:00
|
|
|
sub restoreOpenIDprm {
|
2010-02-21 21:17:13 +01:00
|
|
|
my $self = shift;
|
2010-08-27 17:34:03 +02:00
|
|
|
if(my $tmp = $self->getHiddenFormValue('openidprm')){
|
|
|
|
eval { $tmp = Storable::thaw($tmp); $self->{_prm}->{$_} = $tmp->{$_} foreach(keys %$tmp);};
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
sub openIDServer {
|
|
|
|
my $self = shift;
|
|
|
|
return $self->{_openidserver} if($self->{_openidserver});
|
|
|
|
$self->{_openidPortal} = $self->{portal} . "/openidserver/";
|
|
|
|
$self->{_openidPortal} =~ s#(?<!:)//#/#g;
|
|
|
|
|
|
|
|
$self->{_openidserver} = Net::OpenID::Server->new(
|
|
|
|
|
|
|
|
# TODO
|
|
|
|
server_secret=> sub{return 'azertt'},
|
|
|
|
post_args => $self->{_prm},
|
|
|
|
get_args => $self->{_prm},
|
|
|
|
endpoint_url => $self->{_openidPortal},
|
|
|
|
setup_url => $self->{_openidPortal},
|
2010-02-21 21:17:13 +01:00
|
|
|
get_user => sub {
|
2010-08-27 17:34:03 +02:00
|
|
|
print STDERR "############### 0#\n";
|
2010-02-21 21:17:13 +01:00
|
|
|
return $self->{sessionInfo}
|
|
|
|
->{ $self->{OpenIdAttr} || $self->{whatToTrace} };
|
|
|
|
},
|
|
|
|
get_identity => sub {
|
|
|
|
my ( $u, $identity ) = @_;
|
2010-08-27 17:34:03 +02:00
|
|
|
print STDERR "############### 1 $u, $identity#\n";
|
2010-02-21 21:17:13 +01:00
|
|
|
return $identity unless $u;
|
2010-08-27 17:34:03 +02:00
|
|
|
return $self->{_openidPortal} . $u->username;
|
2010-02-21 21:17:13 +01:00
|
|
|
},
|
|
|
|
is_identity => sub {
|
|
|
|
my ( $u, $identity ) = @_;
|
2010-08-27 17:34:03 +02:00
|
|
|
return 0 unless($u and $identity);
|
|
|
|
return $u eq ( split '/', $identity )[-1];
|
2010-02-21 21:17:13 +01:00
|
|
|
},
|
|
|
|
is_trusted => sub {
|
|
|
|
my ( $u, $trust_root, $is_identity ) = @_;
|
2010-08-27 17:34:03 +02:00
|
|
|
print STDERR "############### 3 $u, $trust_root, $is_identity#\n";
|
2010-02-21 21:17:13 +01:00
|
|
|
return $is_identity;
|
|
|
|
}
|
|
|
|
);
|
2010-08-27 17:34:03 +02:00
|
|
|
return $self->{_openidserver};
|
|
|
|
}
|
2010-02-21 21:17:13 +01:00
|
|
|
|
2010-08-27 17:34:03 +02:00
|
|
|
sub _openIDResponse {
|
|
|
|
my ($self,$type,$data)=splice @_;
|
2010-02-21 21:17:13 +01:00
|
|
|
if ( $type eq 'redirect' ) {
|
2010-08-27 17:34:03 +02:00
|
|
|
$self->lmLog( 'OpenID redirection', 'debug' );
|
2010-02-21 21:17:13 +01:00
|
|
|
print $self->redirect($data);
|
|
|
|
}
|
|
|
|
elsif ( $type eq 'setup' ) {
|
2010-08-27 17:34:03 +02:00
|
|
|
$self->lmLog( 'OpenID setup', 'debug' );
|
|
|
|
$self->abort('Must never append !!!');
|
2010-02-21 21:17:13 +01:00
|
|
|
}
|
|
|
|
else {
|
2010-08-27 17:34:03 +02:00
|
|
|
$self->lmLog( 'OpenID generated page', 'debug' );
|
2010-02-21 21:17:13 +01:00
|
|
|
print $self->header($type);
|
|
|
|
print $data;
|
|
|
|
}
|
2010-08-27 17:34:03 +02:00
|
|
|
$self->quit();
|
|
|
|
PE_OK;
|
|
|
|
}
|
|
|
|
|
|
|
|
## @apmethod int issuerForAuthUser()
|
|
|
|
# Do nothing
|
|
|
|
# @return Lemonldap::NG::Portal error code
|
|
|
|
sub issuerForAuthUser {
|
|
|
|
my $self = shift;
|
|
|
|
$self->restoreOpenIDprm();
|
|
|
|
|
|
|
|
$self->_openIDResponse( $self->openIDServer->handle_page() );
|
2010-02-21 21:17:13 +01:00
|
|
|
|
|
|
|
PE_OK;
|
|
|
|
}
|
|
|
|
|
|
|
|
## @apmethod int issuerLogout()
|
|
|
|
# TODO
|
|
|
|
# @return Lemonldap::NG::Portal error code
|
|
|
|
sub issuerLogout {
|
|
|
|
PE_OK;
|
|
|
|
}
|
|
|
|
|
|
|
|
1;
|
|
|
|
|
|
|
|
__END__
|
|
|
|
|
|
|
|
=head1 NAME
|
|
|
|
|
|
|
|
=encoding utf8
|
|
|
|
|
|
|
|
Lemonldap::NG::Portal::IssuerDBOpenID - OpenID IssuerDB for Lemonldap::NG
|
|
|
|
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
|
|
|
|
OpenID Issuer implementation in LemonLDAP::NG
|
|
|
|
|
|
|
|
=head1 SEE ALSO
|
|
|
|
|
|
|
|
L<Lemonldap::NG::Portal>
|
|
|
|
|
|
|
|
=head1 AUTHOR
|
|
|
|
|
|
|
|
Xavier Guimard, E<lt>x.guimard@free.frE<gt>
|
|
|
|
|
|
|
|
=head1 COPYRIGHT AND LICENSE
|
|
|
|
|
|
|
|
Copyright (C) 2010 by Xavier Guimard
|
|
|
|
|
|
|
|
This library is free software; you can redistribute it and/or modify
|
|
|
|
it under the same terms as Perl itself, either Perl version 5.10.0 or,
|
|
|
|
at your option, any later version of Perl 5 you may have available.
|
|
|
|
|
|
|
|
=cut
|