2016-03-30 21:51:12 +02:00
|
|
|
##@class Lemonldap::NG::Portal::Main::Run
|
|
|
|
|
# Serve request part of Lemonldap::NG portal
|
|
|
|
|
#
|
2016-04-03 08:33:50 +02:00
|
|
|
# Parts of this file:
|
|
|
|
|
# - response handler
|
|
|
|
|
# - main entry points
|
|
|
|
|
# - running methods
|
|
|
|
|
# - utilities
|
2016-03-31 07:27:59 +02:00
|
|
|
#
|
2016-03-29 23:09:55 +02:00
|
|
|
package Lemonldap::NG::Portal::Main::Run;
|
|
|
|
|
|
|
|
|
|
use strict;
|
|
|
|
|
use Mouse;
|
2016-03-31 22:08:43 +02:00
|
|
|
use Lemonldap::NG::Portal::Main::Constants;
|
2016-03-30 21:51:15 +02:00
|
|
|
use Lemonldap::NG::Portal::Main::Request;
|
2016-03-29 23:09:55 +02:00
|
|
|
|
2016-03-30 21:51:12 +02:00
|
|
|
our $VERSION = '2.0.0';
|
|
|
|
|
|
2016-04-03 08:33:50 +02:00
|
|
|
# List constants
|
|
|
|
|
sub authProcess { qw(extractFormInfo getUser authenticate) }
|
|
|
|
|
|
|
|
|
|
sub sessionDatas {
|
|
|
|
|
qw(setSessionInfo setMacros setGroups setPersistentSessionInfo
|
|
|
|
|
setLocalGroups store buildCookie);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# RESPONSE HANDLER
|
|
|
|
|
# ----------------
|
|
|
|
|
#
|
|
|
|
|
# - check if conf has changed
|
|
|
|
|
# - replace Lemonldap::NG::Common::PSGI::Request request by
|
|
|
|
|
# Lemonldap::NG::Portal::Main::Request
|
|
|
|
|
# - launch Lemonldap::NG::Common::PSGI::Request::handler()
|
2016-03-30 21:51:12 +02:00
|
|
|
sub handler {
|
2016-03-31 07:27:59 +02:00
|
|
|
my ( $self, $req ) = shift;
|
|
|
|
|
unless ($self->conf->{cfgNum}
|
|
|
|
|
and $self->conf->{cfgNum} eq HANDLER->lmConf->{cfgNum} )
|
|
|
|
|
{
|
|
|
|
|
$self->reloadConf();
|
2016-03-30 21:51:12 +02:00
|
|
|
}
|
2016-03-30 21:51:15 +02:00
|
|
|
bless $req, 'Lemonldap::NG::Portal::Main::Request';
|
2016-03-30 21:51:12 +02:00
|
|
|
return $self->SUPER::handler($req);
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-03 08:33:50 +02:00
|
|
|
# MAIN ENTRY POINTS (declared in Lemonldap::NG::Portal::Main::Init)
|
|
|
|
|
# -----------------
|
|
|
|
|
#
|
|
|
|
|
# Entry points:
|
|
|
|
|
# - "/test": - authenticated() for already authenticated users
|
|
|
|
|
# - pleaseAuth() for others
|
|
|
|
|
# - "/": - login() ~first access
|
|
|
|
|
# - postLogin(), same for POST requests
|
|
|
|
|
# - authenticatedRequest() for authenticated users
|
2016-03-31 07:27:59 +02:00
|
|
|
|
|
|
|
|
sub authenticated {
|
|
|
|
|
my ( $self, $req ) = @_;
|
|
|
|
|
return $self->sendJSONresponse( $req, { status => 1 } );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sub pleaseAuth {
|
|
|
|
|
my ( $self, $req ) = @_;
|
|
|
|
|
return $self->sendJSONresponse( $req, { status => 0 } );
|
|
|
|
|
}
|
|
|
|
|
|
2016-03-31 22:08:43 +02:00
|
|
|
|
2016-03-31 07:27:59 +02:00
|
|
|
sub login {
|
|
|
|
|
my ( $self, $req ) = @_;
|
2016-04-01 07:24:27 +02:00
|
|
|
return $req->do(
|
|
|
|
|
$req,
|
2016-03-31 22:08:43 +02:00
|
|
|
[
|
2016-04-02 22:17:39 +02:00
|
|
|
'controlUrl', @{ $self->beforeAuth },
|
|
|
|
|
&authProcess, @{ $self->betweenAuthAndDatas },
|
|
|
|
|
&sessionDatas, @{ $self->afterdatas },
|
2016-03-31 22:08:43 +02:00
|
|
|
]
|
2016-03-31 07:27:59 +02:00
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sub postLogin {
|
|
|
|
|
my ( $self, $req ) = @_;
|
2016-04-01 07:24:27 +02:00
|
|
|
return $req->do(
|
|
|
|
|
$req,
|
2016-03-31 22:08:43 +02:00
|
|
|
[
|
2016-04-03 08:33:50 +02:00
|
|
|
'restoreArgs', 'controlUrl',
|
|
|
|
|
@{ $self->beforeAuth }, &authProcess,
|
|
|
|
|
@{ $self->betweenAuthAndDatas }, &sessionDatas,
|
|
|
|
|
@{ $self->afterdatas },
|
2016-03-31 22:08:43 +02:00
|
|
|
]
|
2016-03-31 07:27:59 +02:00
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sub authenticatedRequest {
|
2016-03-31 22:08:43 +02:00
|
|
|
my ( $self, $req ) = @_;
|
2016-04-01 07:24:27 +02:00
|
|
|
return $req->do( $req, $self->forAuthUser );
|
2016-03-31 22:08:43 +02:00
|
|
|
}
|
|
|
|
|
|
2016-04-03 08:33:50 +02:00
|
|
|
# RUNNING METHODS
|
|
|
|
|
# ---------------
|
|
|
|
|
|
2016-03-31 22:08:43 +02:00
|
|
|
sub do {
|
2016-04-01 07:24:27 +02:00
|
|
|
my ( $self, $req, $steps ) = @_;
|
2016-03-31 22:08:43 +02:00
|
|
|
$req->steps($steps);
|
|
|
|
|
my $err = $self->process($req);
|
2016-04-01 07:24:27 +02:00
|
|
|
|
2016-03-31 22:08:43 +02:00
|
|
|
# TODO: updateStatus
|
2016-04-01 07:24:27 +02:00
|
|
|
if ( !$self->conf->{noAjaxHook} and $req->wantJSON ) {
|
2016-03-31 22:08:43 +02:00
|
|
|
if ( $err > 0 ) {
|
2016-04-01 07:24:27 +02:00
|
|
|
return [
|
|
|
|
|
401,
|
|
|
|
|
[
|
|
|
|
|
'WWW-Authenticate' => "SSO " . $self->conf->{portal},
|
|
|
|
|
'Access-Control-Allow-Origin' => '*'
|
|
|
|
|
],
|
|
|
|
|
[]
|
|
|
|
|
];
|
2016-03-31 22:08:43 +02:00
|
|
|
}
|
|
|
|
|
else {
|
2016-04-01 07:24:27 +02:00
|
|
|
return $self->senfJSONresponse(
|
|
|
|
|
{ result => 1, message => 'Authenticated' } );
|
2016-03-31 22:08:43 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
2016-04-01 07:24:27 +02:00
|
|
|
if ($err) {
|
2016-04-02 22:17:39 +02:00
|
|
|
return $self->sendHtml( $req, $req->template || 'login' );
|
2016-03-31 22:08:43 +02:00
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
return $self->autoRedirect($req);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-03 08:33:50 +02:00
|
|
|
# Utilities
|
|
|
|
|
# ---------
|
|
|
|
|
|
|
|
|
|
sub getModule {
|
|
|
|
|
my ( $self, $req, $type ) = @_;
|
|
|
|
|
if (
|
|
|
|
|
my $mod = {
|
|
|
|
|
auth => '_authentication',
|
|
|
|
|
user => '_userDB',
|
|
|
|
|
password => '_passwordDB'
|
|
|
|
|
}->{$type}
|
|
|
|
|
)
|
|
|
|
|
{
|
|
|
|
|
if ( $self->$mod->can('name') ) {
|
|
|
|
|
return $self->$mod->can('name');
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
return ref( $self->$mod );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
elsif ( $type eq 'issuer' ) {
|
|
|
|
|
return $req->{_activeIssuerDB};
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
die "Unknown type $type";
|
2016-03-31 22:08:43 +02:00
|
|
|
}
|
2016-03-31 07:27:59 +02:00
|
|
|
}
|
|
|
|
|
|
2016-03-29 23:09:55 +02:00
|
|
|
1;
|
