2017-02-16 11:42:22 +01:00
|
|
|
package Lemonldap::NG::Handler::Lib::CDA;
|
|
|
|
|
|
|
|
use strict;
|
2020-10-26 16:10:28 +01:00
|
|
|
use URI;
|
|
|
|
use URI::QueryParam;
|
2017-02-16 11:42:22 +01:00
|
|
|
|
2020-05-08 18:14:53 +02:00
|
|
|
our $VERSION = '2.0.9';
|
2017-02-28 21:53:19 +01:00
|
|
|
|
2017-02-16 11:42:22 +01:00
|
|
|
sub run {
|
|
|
|
my ( $class, $req, $rule, $protection ) = @_;
|
2017-03-28 23:07:49 +02:00
|
|
|
my $uri = $req->{env}->{REQUEST_URI};
|
2017-02-16 11:42:22 +01:00
|
|
|
my $cn = $class->tsv->{cookieName};
|
2020-04-16 21:48:11 +02:00
|
|
|
my ( $id, $session );
|
2020-10-26 16:10:28 +01:00
|
|
|
if ( $uri =~ m/[\?&;]${cn}cda=(\w+)/oi ) {
|
2017-03-28 23:07:49 +02:00
|
|
|
if ( $id = $class->fetchId($req)
|
|
|
|
and $session = $class->retrieveSession( $req, $id ) )
|
2017-02-19 12:51:58 +01:00
|
|
|
{
|
2017-02-16 11:42:22 +01:00
|
|
|
$class->logger->info(
|
|
|
|
'CDA asked for an already available session, skipping');
|
|
|
|
}
|
|
|
|
else {
|
2020-10-26 16:10:28 +01:00
|
|
|
# Extract CDA code from URI
|
|
|
|
my $u = URI->new( $req->uri );
|
|
|
|
my $cdaid = $u->query_param("${cn}cda");
|
|
|
|
|
|
|
|
# Remove CDA param from URI
|
|
|
|
$u->query_param_delete("${cn}cda");
|
|
|
|
|
2017-02-16 11:42:22 +01:00
|
|
|
$class->logger->debug("CDA request with id $cdaid");
|
|
|
|
|
2017-03-28 23:07:49 +02:00
|
|
|
my $cdaInfos = $class->getCDAInfos( $req, $cdaid );
|
2017-02-16 11:42:22 +01:00
|
|
|
unless ( $cdaInfos->{cookie_value} and $cdaInfos->{cookie_name} ) {
|
|
|
|
$class->logger->error("CDA request for id $cdaid is not valid");
|
|
|
|
return $class->FORBIDDEN;
|
|
|
|
}
|
|
|
|
|
2020-10-26 16:10:28 +01:00
|
|
|
my $redirectUrl = $class->_buildUrl( $req, $u->path_query );
|
2017-02-16 11:42:22 +01:00
|
|
|
my $redirectHttps = ( $redirectUrl =~ m/^https/ );
|
|
|
|
$class->set_header_out(
|
2017-03-28 23:07:49 +02:00
|
|
|
$req,
|
2017-02-16 11:42:22 +01:00
|
|
|
'Location' => $redirectUrl,
|
|
|
|
'Set-Cookie' => $cdaInfos->{cookie_name} . "=" . 'c:'
|
|
|
|
. $class->tsv->{cipher}->encrypt(
|
2017-03-28 23:07:49 +02:00
|
|
|
$cdaInfos->{cookie_value} . ' ' . $class->resolveAlias($req)
|
2017-02-16 11:42:22 +01:00
|
|
|
)
|
|
|
|
. "; path=/"
|
|
|
|
. ( $redirectHttps ? "; secure" : "" )
|
|
|
|
. ( $class->tsv->{httpOnly} ? "; HttpOnly" : "" )
|
|
|
|
. (
|
|
|
|
$class->tsv->{cookieExpiration}
|
2018-11-15 15:17:07 +01:00
|
|
|
? "; max-age=" . $class->tsv->{cookieExpiration}
|
2017-02-16 11:42:22 +01:00
|
|
|
: ""
|
|
|
|
)
|
|
|
|
);
|
2019-07-10 10:40:32 +02:00
|
|
|
$req->data->{'noTry'} = 1;
|
2017-02-16 11:42:22 +01:00
|
|
|
return $class->REDIRECT;
|
|
|
|
}
|
|
|
|
}
|
2020-04-16 21:48:11 +02:00
|
|
|
return $class->Lemonldap::NG::Handler::Main::run( $req, $rule,
|
|
|
|
$protection );
|
2017-02-16 11:42:22 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
## @rmethod protected hash getCDAInfos(id)
|
|
|
|
# Tries to retrieve the CDA session, get infos and delete session
|
|
|
|
# @return CDA session infos
|
|
|
|
sub getCDAInfos {
|
2017-03-28 23:07:49 +02:00
|
|
|
my ( $class, $req, $id ) = @_;
|
2017-02-16 11:42:22 +01:00
|
|
|
my $infos = {};
|
|
|
|
|
|
|
|
# Get the session
|
2019-02-07 09:27:56 +01:00
|
|
|
my $cdaSession = Lemonldap::NG::Common::Session->new( {
|
2017-02-16 11:42:22 +01:00
|
|
|
storageModule => $class->tsv->{sessionStorageModule},
|
|
|
|
storageModuleOptions => $class->tsv->{sessionStorageOptions},
|
|
|
|
cacheModule => $class->tsv->{sessionCacheModule},
|
|
|
|
cacheModuleOptions => $class->tsv->{sessionCacheOptions},
|
|
|
|
id => $id,
|
|
|
|
kind => "CDA",
|
|
|
|
}
|
|
|
|
);
|
|
|
|
|
|
|
|
unless ( $cdaSession->error ) {
|
|
|
|
$class->logger->debug("Get CDA session $id");
|
|
|
|
|
|
|
|
$infos->{cookie_value} = $cdaSession->data->{cookie_value};
|
|
|
|
$infos->{cookie_name} = $cdaSession->data->{cookie_name};
|
|
|
|
|
|
|
|
$cdaSession->remove;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
$class->logger->info("CDA Session $id can't be retrieved");
|
|
|
|
$class->logger->info( $cdaSession->error );
|
|
|
|
}
|
|
|
|
|
|
|
|
return $infos;
|
|
|
|
}
|
|
|
|
|
|
|
|
1;
|