From 055e4a7f0e5d34e6a27ad410c88599942a680412 Mon Sep 17 00:00:00 2001 From: Xavier Guimard Date: Thu, 31 Mar 2016 20:08:43 +0000 Subject: [PATCH] New process skeleton --- .../lib/Lemonldap/NG/Portal/Auth/_WebForm.pm | 4 +- .../lib/Lemonldap/NG/Portal/Main/Auth.pm | 12 ++++ .../lib/Lemonldap/NG/Portal/Main/Init.pm | 8 ++- .../lib/Lemonldap/NG/Portal/Main/Plugins.pm | 2 + .../lib/Lemonldap/NG/Portal/Main/Request.pm | 7 ++ .../lib/Lemonldap/NG/Portal/Main/Run.pm | 67 ++++++++++++++++--- 6 files changed, 84 insertions(+), 16 deletions(-) create mode 100644 lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Auth.pm diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/_WebForm.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/_WebForm.pm index 47f295a52..21ef9a372 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/_WebForm.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/_WebForm.pm @@ -10,9 +10,7 @@ use Mouse; our $VERSION = '2.0.0'; -sub AuthnLevel { - return $_[0]->https ? 1 : 0; -} +extends Lemonldap::NG::Portal::Main::Auth; ## @apmethod int authInit() # Does nothing. diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Auth.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Auth.pm new file mode 100644 index 000000000..9fb08e0fc --- /dev/null +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Auth.pm @@ -0,0 +1,12 @@ +package Lemonldap::NG::Portal::Main::Auth; + +use strict; +use Mouse; + +our $VERSION = '2.0.0'; + +extends 'Lemonldap::NG::Portal::Main::Module'; + +has authnLevel => (is => 'rw'); + +1; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm index 3a30d814d..961db753a 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm @@ -27,17 +27,17 @@ has _authentication => ( is => 'rw' ); has _userDB => ( is => 'rw' ); # Lists to store plugins entry-points -has beforeAuthProcess => ( +has beforeAuth => ( is => 'rw', isa => 'ArrayRef', default => sub { [] } ); -has addSessionData => ( +has betweenAuthAndDatas => ( is => 'rw', isa => 'ArrayRef', default => sub { [] } ); -has afterAuthProcess => ( +has afterDatas => ( is => 'rw', isa => 'ArrayRef', default => sub { [] } @@ -129,6 +129,8 @@ sub reloadConf { unless ( $self->{"_$type"} = $self->loadModule($module) and $self->{"_$type"}->init ); } + $self->_authentication->authnLevel( + $self->conf->{ $self->conf->authentication . "AuthnLevel" } ); # Initialize trusted domain list $self->conf->{trustedDomains} ||= ""; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm index 1dd2d1f2e..28f83bb8e 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm @@ -49,6 +49,8 @@ sub enabledPlugins { } } + # TODO: Password + # Check if custom plugins are required if ( $self->conf->{plugins} ) { $self->lmLog( 'Custom plugins: ' . $self->conf->{plugins}, 'debug' ); diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Request.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Request.pm index f0928e896..66c840b3a 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Request.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Request.pm @@ -5,4 +5,11 @@ use Mouse; extends 'Lemonldap::NG::Common::PSGI::Request'; +has steps => ( is => 'rw' ); +has error => ( is => 'rw' ); + +sub wantJSON { + return $_[0]->accept =~ m#(?:application|text)/json# ? 1 : 0; +} + 1; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm index 1ea1fc232..a24068a12 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm @@ -14,6 +14,7 @@ package Lemonldap::NG::Portal::Main::Run; use strict; use Mouse; +use Lemonldap::NG::Portal::Main::Constants; use Lemonldap::NG::Portal::Main::Request; our $VERSION = '2.0.0'; @@ -44,30 +45,76 @@ sub pleaseAuth { # MAIN ENTRY POINTS +# List constants +sub authProcess { qw(extractFormInfo getUser authenticate) } + +sub sessionDatas { + qw(setAuthSessionInfo setSessionInfo setMacros setGroups + setPersistentSessionInfo setLocalGroups grantSession store + buildCookie); +} + sub login { my ( $self, $req ) = @_; - return $self->process( - 'rememberArgs', @{ $self->beforeAuthProcess }, - @authProcess, @{ $self->addSessionData }, - @sessionDatas, @{ $self->afterAuthProcess } + return $req->do($req, + [ + 'rememberArgs', @{ $self->beforeAuth }, + &authProcess, @{ $self->betweenAuthAndDatas }, + &sessionDatas, @{ $self->afterdatas }, + ] ); } sub postLogin { my ( $self, $req ) = @_; - return $self->process( - @{ $self->beforeAuthProcess }, - @authProcess, @{ $self->addSessionData }, - @sessionDatas, @{ $self->afterAuthProcess } + return $req->do($req, + [ + 'restoreArgs', @{ $self->beforeAuth }, + &authProcess, @{ $self->betweenAuthAndDatas }, + &sessionDatas, @{ $self->afterdatas }, + ] ); } sub authenticatedRequest { + my ( $self, $req ) = @_; + return $req->do($req, $self->forAuthUser ); +} + +sub do { + my ($self,$req,$steps) = @_; + $req->steps($steps); + my $err = $self->process($req); + # TODO: updateStatus + if ( !$self->conf->{noAjaxHook} and $req->wantJSON ) { + if ( $err > 0 ) { + return [ 401, ['WWW-Authenticate' => "SSO ".$self->conf->{portal},'Access-Control-Allow-Origin' => '*'],[]]; + } + else { + return $self->senfJSONresponse({result=>1,message=>'Authenticated'}); + } + } + else { + if($err) { + return $self->sendHtml($req,'login.tpl'); + } + else { + return $self->autoRedirect($req); + } + } +} + +sub process { + my ( $self, $req ) = @_; + #$req->error(PE_OK); + my $err = PE_OK; + while(my $sub = shift @{$req->steps}) { + last if($err = $self->$sub($req); + } + return $err; } # TODO in run # - mustRedirect -# - store AuthnLevel in session (setSessionInfo) -# $self->{sessionInfo}->{authenticationLevel} = $self->_authentication->AuthnLevel 1;