REST in progress (#970)
This commit is contained in:
parent
9f49d0b1b0
commit
10509e2a52
|
@ -186,6 +186,8 @@ sub defaultValues {
|
||||||
'portalRequireOldPassword' => 1,
|
'portalRequireOldPassword' => 1,
|
||||||
'portalSkin' => 'bootstrap',
|
'portalSkin' => 'bootstrap',
|
||||||
'portalUserAttr' => '_user',
|
'portalUserAttr' => '_user',
|
||||||
|
'proxyAuthnLevel' => 2,
|
||||||
|
'proxyUseSoap' => 0,
|
||||||
'radiusAuthnLevel' => 3,
|
'radiusAuthnLevel' => 3,
|
||||||
'randomPasswordRegexp' => '[A-Z]{3}[a-z]{5}.\\d{2}',
|
'randomPasswordRegexp' => '[A-Z]{3}[a-z]{5}.\\d{2}',
|
||||||
'redirectFormMethod' => 'get',
|
'redirectFormMethod' => 'get',
|
||||||
|
|
|
@ -1932,6 +1932,17 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
|
||||||
'test' => qr/^(?:none|authenticate|manager|)$/,
|
'test' => qr/^(?:none|authenticate|manager|)$/,
|
||||||
'type' => 'text'
|
'type' => 'text'
|
||||||
},
|
},
|
||||||
|
'proxyAuthnLevel' => {
|
||||||
|
'default' => 2,
|
||||||
|
'type' => 'int'
|
||||||
|
},
|
||||||
|
'proxyAuthService' => {
|
||||||
|
'type' => 'text'
|
||||||
|
},
|
||||||
|
'proxyUseSoap' => {
|
||||||
|
'default' => 0,
|
||||||
|
'type' => 'bool'
|
||||||
|
},
|
||||||
'radiusAuthnLevel' => {
|
'radiusAuthnLevel' => {
|
||||||
'default' => 3,
|
'default' => 3,
|
||||||
'type' => 'int'
|
'type' => 'int'
|
||||||
|
@ -2694,9 +2705,6 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
|
||||||
qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+))(?::\d+)?)?$/,
|
qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+))(?::\d+)?)?$/,
|
||||||
'type' => 'text'
|
'type' => 'text'
|
||||||
},
|
},
|
||||||
'soapAuthService' => {
|
|
||||||
'type' => 'text'
|
|
||||||
},
|
|
||||||
'soapConfigServer' => {
|
'soapConfigServer' => {
|
||||||
'default' => 0,
|
'default' => 0,
|
||||||
'type' => 'bool'
|
'type' => 'bool'
|
||||||
|
@ -2705,9 +2713,6 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-
|
||||||
'default' => 0,
|
'default' => 0,
|
||||||
'type' => 'bool'
|
'type' => 'bool'
|
||||||
},
|
},
|
||||||
'soapSessionService' => {
|
|
||||||
'type' => 'text'
|
|
||||||
},
|
|
||||||
'SSLAuthnLevel' => {
|
'SSLAuthnLevel' => {
|
||||||
'default' => 5,
|
'default' => 5,
|
||||||
'type' => 'int'
|
'type' => 'int'
|
||||||
|
|
|
@ -962,8 +962,8 @@ sub attributes {
|
||||||
documentation => 'Enable SOAP session server',
|
documentation => 'Enable SOAP session server',
|
||||||
},
|
},
|
||||||
soapConfigServer => {
|
soapConfigServer => {
|
||||||
default => 0,
|
default => 0,
|
||||||
type => 'bool',
|
type => 'bool',
|
||||||
documentation => 'Enable SOAP config server',
|
documentation => 'Enable SOAP config server',
|
||||||
},
|
},
|
||||||
exportedAttr => {
|
exportedAttr => {
|
||||||
|
@ -2004,9 +2004,18 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
|
||||||
},
|
},
|
||||||
|
|
||||||
# Proxy
|
# Proxy
|
||||||
soapAuthService => { type => 'text', },
|
proxyAuthService => { type => 'text', },
|
||||||
remoteCookieName => { type => 'text', },
|
remoteCookieName => { type => 'text', },
|
||||||
soapSessionService => { type => 'text', },
|
proxyUseSoap => {
|
||||||
|
type => 'bool',
|
||||||
|
default => 0,
|
||||||
|
documentation => 'Use SOAP instead of REST',
|
||||||
|
},
|
||||||
|
proxyAuthnLevel => {
|
||||||
|
type => 'int',
|
||||||
|
default => 2,
|
||||||
|
documentation => 'Proxy authentication level',
|
||||||
|
},
|
||||||
|
|
||||||
# OpenID
|
# OpenID
|
||||||
openIdAuthnLevel => {
|
openIdAuthnLevel => {
|
||||||
|
|
|
@ -298,8 +298,8 @@ sub tree {
|
||||||
help => 'authproxy.html',
|
help => 'authproxy.html',
|
||||||
form => 'simpleInputContainer',
|
form => 'simpleInputContainer',
|
||||||
nodes => [
|
nodes => [
|
||||||
'soapAuthService', 'remoteCookieName',
|
'proxyUseSoap', 'proxyAuthService',
|
||||||
'soapSessionService'
|
'remoteCookieName', 'proxyAuthnLevel'
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
|
|
@ -42,7 +42,7 @@ our $authParameters = {
|
||||||
nullParams => [qw(nullAuthnLevel)],
|
nullParams => [qw(nullAuthnLevel)],
|
||||||
oidcParams => [qw(oidcAuthnLevel oidcRPCallbackGetParam oidcRPStateTimeout)],
|
oidcParams => [qw(oidcAuthnLevel oidcRPCallbackGetParam oidcRPStateTimeout)],
|
||||||
openidParams => [qw(openIdAuthnLevel openIdExportedVars openIdSecret openIdIDPList)],
|
openidParams => [qw(openIdAuthnLevel openIdExportedVars openIdSecret openIdIDPList)],
|
||||||
proxyParams => [qw(soapAuthService remoteCookieName soapSessionService)],
|
proxyParams => [qw(proxyUseSoap proxyAuthService remoteCookieName proxyAuthnLevel)],
|
||||||
radiusParams => [qw(radiusAuthnLevel radiusSecret radiusServer)],
|
radiusParams => [qw(radiusAuthnLevel radiusSecret radiusServer)],
|
||||||
remoteParams => [qw(remotePortal remoteCookieName remoteGlobalStorage remoteGlobalStorageOptions)],
|
remoteParams => [qw(remotePortal remoteCookieName remoteGlobalStorage remoteGlobalStorageOptions)],
|
||||||
slaveParams => [qw(slaveAuthnLevel slaveExportedVars slaveUserHeader slaveMasterIP slaveHeaderName slaveHeaderContent)],
|
slaveParams => [qw(slaveAuthnLevel slaveExportedVars slaveUserHeader slaveMasterIP slaveHeaderName slaveHeaderContent)],
|
||||||
|
|
|
@ -519,7 +519,10 @@
|
||||||
"postTargetUrl": "Form target URL (optional)",
|
"postTargetUrl": "Form target URL (optional)",
|
||||||
"previous": "Previous",
|
"previous": "Previous",
|
||||||
"privateKey": "Private key",
|
"privateKey": "Private key",
|
||||||
|
"proxyAuthnLevel": "Authentication level",
|
||||||
|
"proxyAuthService": "Portal URL",
|
||||||
"proxyParams": "Proxy parameters",
|
"proxyParams": "Proxy parameters",
|
||||||
|
"proxyUseSoap": "Use SOAP instead of REST",
|
||||||
"publicKey": "Public key",
|
"publicKey": "Public key",
|
||||||
"purgeNotification": "Delete notification definitely",
|
"purgeNotification": "Delete notification definitely",
|
||||||
"radiusAuthnLevel": "Authentication level",
|
"radiusAuthnLevel": "Authentication level",
|
||||||
|
@ -593,8 +596,6 @@
|
||||||
"SMTPServer": "SMTP server",
|
"SMTPServer": "SMTP server",
|
||||||
"soapConfigServer": "SOAP configuration server",
|
"soapConfigServer": "SOAP configuration server",
|
||||||
"soapSessionServer": "SOAP session server",
|
"soapSessionServer": "SOAP session server",
|
||||||
"soapAuthService": "Portal URL",
|
|
||||||
"soapSessionService": "SOAP sessions end point",
|
|
||||||
"specialHandlers": "Special Handlers",
|
"specialHandlers": "Special Handlers",
|
||||||
"specialRule": "Special rule",
|
"specialRule": "Special rule",
|
||||||
"SSLAuthnLevel": "Authentication level",
|
"SSLAuthnLevel": "Authentication level",
|
||||||
|
|
|
@ -519,7 +519,10 @@
|
||||||
"postTargetUrl": "URL cible du formulaire (optionnel)",
|
"postTargetUrl": "URL cible du formulaire (optionnel)",
|
||||||
"previous": "Précédente",
|
"previous": "Précédente",
|
||||||
"privateKey": "Clef privée",
|
"privateKey": "Clef privée",
|
||||||
|
"proxyAuthnLevel": "Niveau d'authentification",
|
||||||
|
"proxyAuthService": "URL du portail",
|
||||||
"proxyParams": "Paramètres Proxy",
|
"proxyParams": "Paramètres Proxy",
|
||||||
|
"proxyUseSoap": "Utiliser SOAP ai lieu de REST",
|
||||||
"publicKey": "Clef publique",
|
"publicKey": "Clef publique",
|
||||||
"purgeNotification": "Supprimer définitivement la notification",
|
"purgeNotification": "Supprimer définitivement la notification",
|
||||||
"radiusAuthnLevel": "Niveau d'authentification",
|
"radiusAuthnLevel": "Niveau d'authentification",
|
||||||
|
@ -593,8 +596,6 @@
|
||||||
"SMTPServer": "Serveur SMTP",
|
"SMTPServer": "Serveur SMTP",
|
||||||
"soapConfigServer": "Serveur de configurations SOAP",
|
"soapConfigServer": "Serveur de configurations SOAP",
|
||||||
"soapSessionServer": "Serveur de sessions SOAP",
|
"soapSessionServer": "Serveur de sessions SOAP",
|
||||||
"soapAuthService": "URL du portail",
|
|
||||||
"soapSessionService": "Point d'accès SOAP des sessions",
|
|
||||||
"specialHandlers": "Handlers spéciaux",
|
"specialHandlers": "Handlers spéciaux",
|
||||||
"specialRule": "Règle spécifique",
|
"specialRule": "Règle spécifique",
|
||||||
"SSLAuthnLevel": "Niveau d'authentification",
|
"SSLAuthnLevel": "Niveau d'authentification",
|
||||||
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -6,11 +6,31 @@ use Lemonldap::NG::Portal::Main::Constants qw(PE_OK);
|
||||||
|
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.0.0';
|
||||||
|
|
||||||
extends 'Lemonldap::NG::Portal::Auth::_WebForm',
|
extends 'Lemonldap::NG::Portal::Auth::_WebForm';
|
||||||
'Lemonldap::NG::Portal::Lib::Proxy';
|
|
||||||
|
# INITIALIZATION
|
||||||
|
|
||||||
|
sub init {
|
||||||
|
my ($self) = @_;
|
||||||
|
if ( $self->conf->{proxyUseSoap} ) {
|
||||||
|
extends 'Lemonldap::NG::Portal::Auth::_WebForm',
|
||||||
|
'Lemonldap::NG::Portal::Lib::SOAPProxy';
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
extends 'Lemonldap::NG::Portal::Auth::_WebForm',
|
||||||
|
'Lemonldap::NG::Portal::Lib::RESTProxy';
|
||||||
|
}
|
||||||
|
return $self->SUPER::init();
|
||||||
|
}
|
||||||
|
|
||||||
# RUNNING METHODS
|
# RUNNING METHODS
|
||||||
|
|
||||||
|
sub setAuthSessionInfo {
|
||||||
|
my ( $self, $req ) = @_;
|
||||||
|
$req->{sessionInfo}->{authenticationLevel} = $self->conf->{proxyAuthnLevel};
|
||||||
|
PE_OK;
|
||||||
|
}
|
||||||
|
|
||||||
sub authLogout {
|
sub authLogout {
|
||||||
PE_OK;
|
PE_OK;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
# Auth/Proxy.pm and UserDB/Proxy.pm simple inheritance of this package
|
# Auth/Proxy.pm and UserDB/Proxy.pm simple inheritance of this package
|
||||||
package Lemonldap::NG::Portal::Lib::Proxy;
|
package Lemonldap::NG::Portal::Lib::SOAPProxy;
|
||||||
|
|
||||||
use strict;
|
use strict;
|
||||||
use Mouse;
|
use Mouse;
|
||||||
|
@ -12,13 +12,10 @@ our $VERSION = '2.0.0';
|
||||||
|
|
||||||
sub init {
|
sub init {
|
||||||
my ($self) = @_;
|
my ($self) = @_;
|
||||||
$self->conf->{soapSessionService} ||=
|
|
||||||
$self->conf->{soapAuthService} . '/sessions';
|
|
||||||
$self->conf->{soapSessionService} =~ s/\.plindex.pl/\.pl/;
|
|
||||||
$self->conf->{remoteCookieName} ||= $self->conf->{cookieName};
|
$self->conf->{remoteCookieName} ||= $self->conf->{cookieName};
|
||||||
|
|
||||||
unless ( defined $self->conf->{soapSessionService} ) {
|
unless ( defined $self->conf->{proxyAuthService} ) {
|
||||||
$self->error("Missing soapSessionService parameter");
|
$self->error("Missing proxyAuthService parameter");
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
return 1;
|
return 1;
|
||||||
|
@ -31,7 +28,7 @@ sub init {
|
||||||
sub getUser {
|
sub getUser {
|
||||||
my ( $self, $req ) = @_;
|
my ( $self, $req ) = @_;
|
||||||
return PE_OK if ( $req->datas->{_proxyQueryDone} );
|
return PE_OK if ( $req->datas->{_proxyQueryDone} );
|
||||||
my $soap = SOAP::Lite->proxy( $self->conf->{soapSessionService} )
|
my $soap = SOAP::Lite->proxy( $self->conf->{proxyAuthService} )
|
||||||
->uri('urn:Lemonldap/NG/Common/PSGI/SOAPService');
|
->uri('urn:Lemonldap/NG/Common/PSGI/SOAPService');
|
||||||
my $r = $soap->getCookies( $req->{user}, $req->datas->{password} );
|
my $r = $soap->getCookies( $req->{user}, $req->datas->{password} );
|
||||||
if ( $r->fault ) {
|
if ( $r->fault ) {
|
||||||
|
@ -64,7 +61,7 @@ sub setSessionInfo {
|
||||||
my ( $self, $req ) = @_;
|
my ( $self, $req ) = @_;
|
||||||
return PE_OK if ( $req->datas->{_setSessionInfoDone} );
|
return PE_OK if ( $req->datas->{_setSessionInfoDone} );
|
||||||
my $soap =
|
my $soap =
|
||||||
SOAP::Lite->proxy( $self->conf->{soapSessionService} )
|
SOAP::Lite->proxy( $self->conf->{proxyAuthService} )
|
||||||
->uri('urn:Lemonldap/NG/Common/PSGI/SOAPService');
|
->uri('urn:Lemonldap/NG/Common/PSGI/SOAPService');
|
||||||
my $r = $soap->getAttributes( $req->datas->{_remoteId} );
|
my $r = $soap->getAttributes( $req->datas->{_remoteId} );
|
||||||
if ( $r->fault ) {
|
if ( $r->fault ) {
|
|
@ -4,10 +4,25 @@ use strict;
|
||||||
use Mouse;
|
use Mouse;
|
||||||
use Lemonldap::NG::Portal::Main::Constants 'PE_OK';
|
use Lemonldap::NG::Portal::Main::Constants 'PE_OK';
|
||||||
|
|
||||||
extends 'Lemonldap::NG::Common::Module', 'Lemonldap::NG::Portal::Lib::Proxy';
|
extends 'Lemonldap::NG::Common::Module';
|
||||||
|
|
||||||
our $VERSION = '2.0.0';
|
our $VERSION = '2.0.0';
|
||||||
|
|
||||||
|
# INITIALIZATION
|
||||||
|
|
||||||
|
sub init {
|
||||||
|
my ($self) = @_;
|
||||||
|
if ( $self->conf->{proxyUseSoap} ) {
|
||||||
|
extends 'Lemonldap::NG::Common::Module',
|
||||||
|
'Lemonldap::NG::Portal::Lib::SOAPProxy';
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
extends 'Lemonldap::NG::Common::Module',
|
||||||
|
'Lemonldap::NG::Portal::Lib::RESTProxy';
|
||||||
|
}
|
||||||
|
return $self->SUPER::init();
|
||||||
|
}
|
||||||
|
|
||||||
# RUNNING METHODS
|
# RUNNING METHODS
|
||||||
|
|
||||||
sub setGroups {
|
sub setGroups {
|
||||||
|
|
|
@ -115,12 +115,13 @@ sub sp {
|
||||||
return LLNG::Manager::Test->new(
|
return LLNG::Manager::Test->new(
|
||||||
{
|
{
|
||||||
ini => {
|
ini => {
|
||||||
logLevel => $debug,
|
logLevel => $debug,
|
||||||
domain => 'sp.com',
|
domain => 'sp.com',
|
||||||
portal => 'http://auth.sp.com',
|
portal => 'http://auth.sp.com',
|
||||||
authentication => 'Proxy',
|
authentication => 'Proxy',
|
||||||
userDB => 'Proxy',
|
userDB => 'Proxy',
|
||||||
soapSessionService => 'http://auth.idp.com/sessions',
|
proxyAuthService => 'http://auth.idp.com/sessions',
|
||||||
|
proxyUseSoap => 1,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
|
Loading…
Reference in New Issue
Block a user