diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/LDAP.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/LDAP.pm
index 24fa7728a..bc4a17ef6 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/LDAP.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/LDAP.pm
@@ -27,7 +27,8 @@ sub authenticate {
}
my $res =
- $self->userBind( $req->datas->{dn}, password => $req->datas->{password} );
+ $self->userBind( $req, $req->datas->{dn},
+ password => $req->datas->{password} );
# Remember password if password reset needed
$req->datas->{oldpassword} = $self->{password}
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/LDAP.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/LDAP.pm
index 5018c5756..11a6eac55 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/LDAP.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/LDAP.pm
@@ -162,6 +162,7 @@ sub loadPP {
# @return Lemonldap::NG portal error code
sub userBind {
my $self = shift;
+ my $req = shift;
if ( $self->{conf}->{ldapPpolicyControl} ) {
@@ -214,17 +215,11 @@ sub userBind {
}
if ( $resp->time_before_expiration ) {
- die 'TODO: change this by JS conversion';
- $self->{portal}->info(
- $req,
- "
"
- . sprintf(
- $self->{portal}->msg(PM_PP_EXP_WARNING),
- $self->{portal}
- ->convertSec( $resp->time_before_expiration )
- )
- . "
"
- );
+ $self->{portal}->info( $req,
+ '' );
}
return PE_OK;
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Register/Demo.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Register/Demo.pm
index bbbc82c1d..306c6968b 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Register/Demo.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Register/Demo.pm
@@ -43,4 +43,3 @@ sub createUser {
}
1;
-
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Register/LDAP.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Register/LDAP.pm
new file mode 100644
index 000000000..2e83736bb
--- /dev/null
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Register/LDAP.pm
@@ -0,0 +1,107 @@
+package Lemonldap::NG::Portal::Register::LDAP;
+
+use strict;
+use Mouse;
+use Lemonldap::NG::Portal::Lib::LDAP;
+use Lemonldap::NG::Portal::Main::Constants qw(
+ PE_LDAPCONNECTFAILED
+ PE_LDAPERROR
+ PE_OK
+);
+
+extends 'Lemonldap::NG::Portal::UserDB::LDAP';
+
+our $VERSION = '2.0.0';
+
+# RUNNING METHODS
+
+sub init {
+ my ($self) = @_;
+}
+
+# Compute a login from register infos
+# @result Lemonldap::NG::Portal constant
+sub computeLogin {
+ my ( $self, $req ) = @_;
+ return PE_LDAPCONNECTFAILED unless $self->ldap and $self->bind();
+
+ # Get first letter of firstname and lastname
+ my $login =
+ substr( lc $req->datas->{registerInfo}->{firstname}, 0, 1 )
+ . lc $req->datas->{registerInfo}->{lastname};
+
+ my $finalLogin = $login;
+
+ # The uid must be unique
+ my $i = 0;
+ while ( $self->isLoginUsed($finalLogin) ) {
+ $i++;
+ $finalLogin = $login . $i;
+ }
+
+ $req->datas->{registerInfo}->{login} = $finalLogin;
+ return PE_OK;
+}
+
+## @method int createUser
+# Do nothing
+# @result Lemonldap::NG::Portal constant
+sub createUser {
+ my ( $self, $req ) = @_;
+
+ # LDAP connection has been verified by computeLogin
+ my $mesg = $self->ldap->add(
+ "uid=" . $req->datas->{registerInfo}->{login} . "," . $self->conf->{ldapBase},
+ attrs => [
+ objectClass => [qw/top person organizationalPerson inetOrgPerson/],
+ uid => $req->datas->{registerInfo}->{login},
+ cn => ucfirst $req->datas->{registerInfo}->{firstname} . " "
+ . uc $req->datas->{registerInfo}->{lastname},
+ sn => uc $req->datas->{registerInfo}->{lastname},
+ givenName => ucfirst $req->datas->{registerInfo}->{firstname},
+ userPassword => $req->datas->{registerInfo}->{password},
+ mail => $req->datas->{registerInfo}->{mail},
+ ]
+ );
+
+ if ( $mesg->is_error ) {
+ $self->lmLog(
+ "Can not create entry for " . $req->datas->{registerInfo}->{login},
+ 'error' );
+ $self->lmLog( "LDAP error " . $mesg->error, 'error' );
+
+ $self->ldap->unbind();
+ $self->{flags}->{ldapActive} = 0;
+
+ return PE_LDAPERROR;
+ }
+ return PE_OK;
+}
+
+# PRIVATE METHODS
+
+# Search if login is already in use
+sub isLoginUsed {
+ my ( $self, $login ) = @_;
+
+ my $mesg = $self->ldap->search(
+ base => $self->conf->{ldapBase},
+ filter => "(uid=$login)",
+ scope => "sub",
+ attrs => ['1.1'],
+ );
+
+ if ( $mesg->code() != 0 ) {
+ $self->lmLog( "LDAP Search error for $login: " . $mesg->error, 'warn' );
+ return 1;
+ }
+
+ if ( $mesg->count() > 0 ) {
+ $self->lmLog( "Login $login already used in LDAP", 'debug' );
+ return 1;
+ }
+
+ return 0;
+}
+
+1;
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/LDAP.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/LDAP.pm
index ba4e96023..f27e08f53 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/LDAP.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/LDAP.pm
@@ -114,7 +114,13 @@ sub bind {
{
$self->ldap( $self->newLdap );
}
- return $self->ldap ? $self->ldap->bind(@_) : undef;
+ return undef unless($self->ldap);
+ my $msg = $self->ldap->bind(@_);
+ if ( $msg->code ) {
+ $self->lmLog( $msg->error, 'error' );
+ return undef;
+ }
+ return 1;
}
# RUNNING METHODS
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/en.json b/lemonldap-ng-portal/site/htdocs/static/languages/en.json
index c474856a4..bb34e09d5 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/en.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/en.json
@@ -83,7 +83,6 @@
"PM3":"The following sessions have been closed",
"PM4":"Other active sessions",
"PM5":"Remove other sessions",
-"PM6":"authentications remaining, change your password!",
"PM7":"%d days, %d hours, %d minutes and %d seconds before password expiration, change it!",
"PM8":"Select your Identity Provider",
"PM10":"Remember my choice",
@@ -100,6 +99,7 @@
"anotherInformation":"Another information:",
"areYouSure":"Are you sure?",
"authPortal":"Authentication portal",
+"authRemaining":"%s authentications remaining, change your password!",
"autoAccept":"Automatically accept in 5 seconds",
"autoMail":"This mail was sent automatically",
"back2CasUrl":"The application you just logged out of has provided a link it would like you to follow",
diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/fr.json b/lemonldap-ng-portal/site/htdocs/static/languages/fr.json
index 4a99f5970..37dfa54ac 100644
--- a/lemonldap-ng-portal/site/htdocs/static/languages/fr.json
+++ b/lemonldap-ng-portal/site/htdocs/static/languages/fr.json
@@ -83,7 +83,6 @@
"PM3":"Les sessions suivantes ont été fermées",
"PM4":"Autres sessions ouvertes",
"PM5":"Fermer les autres sessions",
-"PM6":"authentifications restantes, changez votre mot de passe !",
"PM7":"%d jours, %d heures, %d minutes et %d secondes avant expiration de votre mot de passe, pensez à le changer !",
"PM8":"Choisissez votre fournisseur d'identité",
"PM10":"Se souvenir de mon choix",
@@ -100,6 +99,7 @@
"anotherInformation":"Une autre information :",
"areYouSure":"Êtes vous sûr ?",
"authPortal":"Portail d'authentification",
+"authRemaining":"%s authentifications restantes, changez votre mot de passe !",
"autoAccept":"Acceptation automatique dans 5 secondes",
"autoMail":"Ceci est un message automatique",
"back2CasUrl":"Le service duquel vous arrivez a fourni un lien que vous êtes invité à suivre",
diff --git a/lemonldap-ng-portal/t/21-Auth-and-password-LDAP.t b/lemonldap-ng-portal/t/21-Auth-and-password-LDAP.t
index 2fa22a255..2f94e82f2 100644
--- a/lemonldap-ng-portal/t/21-Auth-and-password-LDAP.t
+++ b/lemonldap-ng-portal/t/21-Auth-and-password-LDAP.t
@@ -16,6 +16,7 @@ SKIP: {
useSafeJail => 1,
authentication => 'LDAP',
userDB => 'LDAP',
+ registerDB => 'LDAP',
LDAPFilter => $ENV{LDAPFILTER} || '(cn=$user)',
ldapServer => $ENV{LDAPSERVER},
ldapBase => $ENV{LDAPBASE},
diff --git a/lemonldap-ng-portal/t/test-lib.pm b/lemonldap-ng-portal/t/test-lib.pm
index c7b87320c..0b955ae3e 100644
--- a/lemonldap-ng-portal/t/test-lib.pm
+++ b/lemonldap-ng-portal/t/test-lib.pm
@@ -256,17 +256,17 @@ sub logout {
),
'Logout request'
);
- main::ok( $res->[0] == 200, 'Response is 200' )
+ main::ok( $res->[0] == 200, ' Response is 200' )
or explain( $res->[0], 200 );
my $c;
main::ok(
( defined( $c = main::getCookies($res)->{lemonldap} ) and not $c ),
- 'Cookie is deleted' )
+ ' Cookie is deleted' )
or main::explain( $res->[1], "Set-Cookie => 'lemonldap='" );
main::ok( $res = $self->_get( '/', cookie => "lemonldap=$id" ),
'Disconnect request' )
or explain( $res, '[,,]' );
- main::ok( $res->[0] == 401, 'Response is 401' )
+ main::ok( $res->[0] == 401, ' Response is 401' )
or main::explain( $res, 401 );
main::count(5);