OAuth2 Handler (#1146)

lemonldap-ng-handler/MANIFEST

@@ -12,6 +12,7 @@ lib/Lemonldap/NG/Handler/ApacheMP2/DevOpsST.pm
 lib/Lemonldap/NG/Handler/ApacheMP2/FCGIClient.pm
 lib/Lemonldap/NG/Handler/ApacheMP2/Main.pm
 lib/Lemonldap/NG/Handler/ApacheMP2/Menu.pm
+lib/Lemonldap/NG/Handler/ApacheMP2/OAuth2.pm
 lib/Lemonldap/NG/Handler/ApacheMP2/Request.pm
 lib/Lemonldap/NG/Handler/ApacheMP2/SecureToken.pm
 lib/Lemonldap/NG/Handler/ApacheMP2/ServiceToken.pm
@@ -19,6 +20,7 @@ lib/Lemonldap/NG/Handler/ApacheMP2/ZimbraPreAuth.pm
 lib/Lemonldap/NG/Handler/Lib/AuthBasic.pm
 lib/Lemonldap/NG/Handler/Lib/CDA.pm
 lib/Lemonldap/NG/Handler/Lib/DevOps.pm
+lib/Lemonldap/NG/Handler/Lib/OAuth2.pm
 lib/Lemonldap/NG/Handler/Lib/PSGI.pm
 lib/Lemonldap/NG/Handler/Lib/SecureToken.pm
 lib/Lemonldap/NG/Handler/Lib/ServiceToken.pm
@@ -44,6 +46,7 @@ lib/Lemonldap/NG/Handler/Server/DevOps.pm
 lib/Lemonldap/NG/Handler/Server/DevOpsST.pm
 lib/Lemonldap/NG/Handler/Server/Main.pm
 lib/Lemonldap/NG/Handler/Server/Nginx.pm
+lib/Lemonldap/NG/Handler/Server/OAuth2.pm
 lib/Lemonldap/NG/Handler/Server/SecureToken.pm
 lib/Lemonldap/NG/Handler/Server/ServiceToken.pm
 lib/Lemonldap/NG/Handler/Server/ZimbraPreAuth.pm

lemonldap-ng-handler/lib/Lemonldap/NG/Handler/ApacheMP2/OAuth2.pm

@@ -0,0 +1,13 @@
+# LLNG wrapper class to enable OAuth2 handler with Apache-2/ModPerl-2
+#
+# See https://lemonldap-ng.org/documentation/latest/handlerarch
+package Lemonldap::NG::Handler::ApacheMP2::OAuth2;
+
+use strict;
+
+use base 'Lemonldap::NG::Handler::Lib::OAuth2',
+  'Lemonldap::NG::Handler::ApacheMP2::Main';
+
+our $VERSION = '2.0.4';
+
+1;

lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/OAuth2.pm

@@ -0,0 +1,63 @@
+package Lemonldap::NG::Handler::Lib::OAuth2;
+
+use strict;
+
+our $VERSION = '2.0.4';
+
+sub fetchId {
+    my ( $class, $req ) = @_;
+
+    my $access_token;
+    my $authorization = $req->{env}->{HTTP_AUTHORIZATION};
+
+    if ( $authorization
+        and ( ($access_token) = ( $authorization =~ /^Bearer (.+)$/i ) ) )
+    {
+        $class->logger->debug( 'Found OAuth2 access token ' . $access_token );
+    }
+    else {
+        return $class->Lemonldap::NG::Handler::Main::fetchId($req);
+    }
+
+    # Get access token session
+    if ( my $infos = $class->getOIDCInfos($access_token) ) {
+        my $_session_id = $infos->{user_session_id};
+        $class->logger->debug( 'Get user session id ' . $_session_id );
+        return $_session_id;
+    }
+
+    return $class->Lemonldap::NG::Handler::Main::fetchId($req);
+}
+
+## @rmethod protected hash getOIDCInfos(id)
+# Tries to retrieve the OIDC session, get infos
+# @return OIDC session infos
+sub getOIDCInfos {
+    my ( $class, $id ) = @_;
+    my $infos = {};
+
+    # Get the session
+    my $oidcSession = Lemonldap::NG::Common::Session->new( {
+            storageModule        => $class->tsv->{oidcStorageModule},
+            storageModuleOptions => $class->tsv->{oidcStorageOptions},
+            cacheModule          => $class->tsv->{sessionCacheModule},
+            cacheModuleOptions   => $class->tsv->{sessionCacheOptions},
+            id                   => $id,
+            kind                 => "OIDCI",
+        }
+    );
+
+    unless ( $oidcSession->error ) {
+        $class->logger->debug("Get OIDC session $id");
+
+        $infos->{user_session_id} = $oidcSession->data->{user_session_id};
+    }
+    else {
+        $class->logger->info("OIDC Session $id can't be retrieved");
+        $class->logger->info( $oidcSession->error );
+    }
+
+    return $infos;
+}
+
+1;

lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Server/OAuth2.pm

@@ -0,0 +1,13 @@
+# LLNG wrapper class to enable OAuth2 handler with FastCGI handler
+#
+# See https://lemonldap-ng.org/documentation/latest/handlerarch
+package Lemonldap::NG::Handler::Server::OAuth2;
+
+use strict;
+
+use base 'Lemonldap::NG::Handler::Lib::OAuth2',
+  'Lemonldap::NG::Handler::Server::Main';
+
+our $VERSION = '2.0.4';
+
+1;