Add LWP options (closes: #1065)
This commit is contained in:
Xavier Guimard
parent
c702ba763b
commit
1e7b2c4a39
|
|
@ -1,7 +1,7 @@
|
|||
package Lemonldap::NG::Common::Apache::Session::REST;
|
||||
|
||||
use strict;
|
||||
use LWP::UserAgent;
|
||||
use Lemonldap::NG::Common::UserAgent;
|
||||
use JSON qw(from_json to_json);
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
|
|
@ -91,7 +91,7 @@ sub DESTROY {
|
|||
sub ua {
|
||||
my ($self) = @_;
|
||||
return $self->{ua} if ( $self->{ua} );
|
||||
my $ua = LWP::UserAgent->new( %{ $self->{lwpOpts} || {} } );
|
||||
my $ua = Lemonldap::NG::Common::UserAgent->new( $self->{lwpOpts} );
|
||||
if ( $self->{user} ) {
|
||||
my $url = $self->{baseUrl};
|
||||
my $port = ( $url =~ /^https/ ? 443 : 80 );
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
package Lemonldap::NG::Common::Conf::Backends::REST;
|
||||
|
||||
use strict;
|
||||
use LWP::UserAgent;
|
||||
use Lemonldap::NG::Common::UserAgent;
|
||||
use JSON qw(from_json to_json);
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
|
|
@ -26,7 +26,7 @@ sub prereq {
|
|||
sub ua {
|
||||
my ($self) = @_;
|
||||
return $self->{ua} if ( $self->{ua} );
|
||||
my $ua = LWP::UserAgent->new( %{ $self->{lwpOpts} || {} } );
|
||||
my $ua = Lemonldap::NG::Common::UserAgent->new();
|
||||
if ( $self->{user} ) {
|
||||
my $url = $self->{baseUrl};
|
||||
my $port = ( $url =~ /^https/ ? 443 : 80 );
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ use constant HANDLERSECTION => "handler";
|
|||
use constant MANAGERSECTION => "manager";
|
||||
use constant SESSIONSEXPLORERSECTION => "sessionsExplorer";
|
||||
use constant APPLYSECTION => "apply";
|
||||
our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wpSslOpt)|(?:(?:d(?:emo|bi)|facebook|webID)ExportedVa|exported(?:Heade|Va))r|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|c(?:as(?:StorageOption|Attribute)|ombModule)|re(?:moteGlobalStorageOption|loadUrl)|CAS_proxiedService|macro)s|o(?:idc(?:RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node)|S(?:erviceMetaDataAuthnContext|torageOptions))|penIdExportedVars)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|a(?:uthChoiceModules|pplicationList)|v(?:hostOptions|irtualHost))$/;
|
||||
our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|facebook|webID)ExportedVa|exported(?:Heade|Va))r|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|c(?:as(?:StorageOption|Attribute)|ombModule)|re(?:moteGlobalStorageOption|loadUrl)|CAS_proxiedService|macro)s|o(?:idc(?:RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node)|S(?:erviceMetaDataAuthnContext|torageOptions))|penIdExportedVars)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|a(?:uthChoiceModules|pplicationList)|v(?:hostOptions|irtualHost))$/;
|
||||
|
||||
our @sessionTypes = ( 'remoteGlobal', 'cas', 'global', 'localSession', 'persistent', 'saml', 'oidc' );
|
||||
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ our $specialNodeHash = {
|
|||
};
|
||||
|
||||
our $doubleHashKeys = 'issuerDBGetParameters';
|
||||
our $simpleHashKeys = '(?:(?:l(?:o(?:calSessionStorageOption|goutService)|dapExportedVar|wpSslOpt)|(?:(?:d(?:emo|bi)|facebook|webID)E|e)xportedVar|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|c(?:as(?:StorageOption|Attribute)|ombModule)|p(?:ersistentStorageOption|ortalSkinRule)|re(?:moteGlobalStorageOption|loadUrl)|CAS_proxiedService|macro)s|o(?:idcS(?:erviceMetaDataAuthnContext|torageOptions)|penIdExportedVars)|s(?:(?:amlStorageOption|laveExportedVar)s|essionDataToRemember)|a(?:uthChoiceModules|pplicationList))';
|
||||
our $simpleHashKeys = '(?:(?:l(?:o(?:calSessionStorageOption|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|facebook|webID)E|e)xportedVar|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|c(?:as(?:StorageOption|Attribute)|ombModule)|p(?:ersistentStorageOption|ortalSkinRule)|re(?:moteGlobalStorageOption|loadUrl)|CAS_proxiedService|macro)s|o(?:idcS(?:erviceMetaDataAuthnContext|torageOptions)|penIdExportedVars)|s(?:(?:amlStorageOption|laveExportedVar)s|essionDataToRemember)|a(?:uthChoiceModules|pplicationList))';
|
||||
our $specialNodeKeys = '(?:(?:saml(?:ID|S)|oidc[OR])PMetaDataNode|virtualHost)s';
|
||||
our $oidcOPMetaDataNodeKeys = 'oidcOPMetaData(?:Options(?:C(?:lient(?:Secret|ID)|heckJWTSignature|onfigurationURI)|TokenEndpointAuthMethod|(?:JWKSTimeou|Promp)t|I(?:DTokenMaxAge|con)|S(?:toreIDToken|cope)|U(?:iLocales|seNonce)|Display(?:Name)?|AcrValues|MaxAge)|ExportedVars|J(?:SON|WKS))';
|
||||
our $oidcRPMetaDataNodeKeys = 'oidcRPMetaData(?:Options(?:I(?:DToken(?:Expiration|SignAlg)|con)|(?:RedirectUri|ExtraClaim)s|AccessTokenExpiration|Client(?:Secret|ID)|BypassConsent|DisplayName|UserIDAttr)|ExportedVars)';
|
||||
|
|
|
|||
14
lemonldap-ng-common/lib/Lemonldap/NG/Common/UserAgent.pm
Normal file
14
lemonldap-ng-common/lib/Lemonldap/NG/Common/UserAgent.pm
Normal file
|
|
@ -0,0 +1,14 @@
|
|||
package Lemonldap::NG::Common::UserAgent;
|
||||
|
||||
use LWP::UserAgent;
|
||||
|
||||
sub new {
|
||||
my ( $class, $conf ) = @_;
|
||||
my $opts = $conf->{lwpOpts} || {};
|
||||
$opts->{ssl_opts} = $conf->{lwpSslOpts} if ( $conf->{lwpSslOpts} );
|
||||
my $ua = LWP::UserAgent->new(%$opts);
|
||||
push @{ $ua->requests_redirectable }, 'POST';
|
||||
return $ua;
|
||||
}
|
||||
|
||||
1;
|
||||
|
|
@ -1294,6 +1294,9 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
|
|||
'default' => {},
|
||||
'type' => 'keyTextContainer'
|
||||
},
|
||||
'lwpOpts' => {
|
||||
'type' => 'keyTextContainer'
|
||||
},
|
||||
'lwpSslOpts' => {
|
||||
'type' => 'keyTextContainer'
|
||||
},
|
||||
|
|
|
|||
|
|
@ -558,10 +558,14 @@ sub attributes {
|
|||
default => 'uid',
|
||||
documentation => 'Session parameter used to fill REMOTE_USER',
|
||||
},
|
||||
lwpSslOpts => {
|
||||
lwpOpts => {
|
||||
type => 'keyTextContainer',
|
||||
documentation => 'Options given to LWP::UserAgent',
|
||||
},
|
||||
lwpSslOpts => {
|
||||
type => 'keyTextContainer',
|
||||
documentation => 'SSL options given to LWP::UserAgent',
|
||||
},
|
||||
|
||||
# History
|
||||
failedLoginNumber => {
|
||||
|
|
|
|||
|
|
@ -593,6 +593,7 @@ sub tree {
|
|||
'trustedDomains',
|
||||
'useSafeJail',
|
||||
'checkXSS',
|
||||
'lwpOpts',
|
||||
'lwpSslOpts',
|
||||
{
|
||||
title => 'contentSecurityPolicy',
|
||||
|
|
|
|||
|
|
@ -10,6 +10,7 @@ use 5.10.0;
|
|||
use utf8;
|
||||
use Mouse;
|
||||
use Lemonldap::NG::Common::Conf::Constants;
|
||||
use Lemonldap::NG::Common::UserAgent;
|
||||
use Crypt::OpenSSL::RSA;
|
||||
use Convert::PEM;
|
||||
use URI::URL;
|
||||
|
|
@ -26,8 +27,11 @@ our $VERSION = '2.0.0';
|
|||
|
||||
use constant defaultRoute => 'manager.html';
|
||||
|
||||
has ua => ( is => 'rw' );
|
||||
|
||||
sub addRoutes {
|
||||
my ( $self, $conf ) = @_;
|
||||
$self->ua(Lemonldap::NG::Common::UserAgent->new($conf));
|
||||
|
||||
# HTML template
|
||||
$self->addRoute( 'manager.html', undef, ['GET'] )
|
||||
|
|
@ -125,11 +129,9 @@ sub prx {
|
|||
unless ( $query->{url} );
|
||||
return $self->sendError( $req, 'Bad parameter', 400 )
|
||||
unless ( $query->{url} =~ m#^(?:f|ht)tps?://\w# );
|
||||
require LWP::UserAgent;
|
||||
my $ua = new LWP::UserAgent();
|
||||
$ua->timeout(10);
|
||||
$self->ua->timeout(10);
|
||||
|
||||
my $response = $ua->get( $query->{url} );
|
||||
my $response = $self->ua->get( $query->{url} );
|
||||
unless ( $response->code == 200 ) {
|
||||
return $self->sendError( $req,
|
||||
$response->code . " (" . $response->message . ")", 400 );
|
||||
|
|
@ -329,10 +331,7 @@ sub applyConf {
|
|||
}
|
||||
return {} unless (%reloadUrls);
|
||||
|
||||
# Create user agent
|
||||
require LWP::UserAgent;
|
||||
my $ua = new LWP::UserAgent( requests_redirectable => [] );
|
||||
$ua->timeout(3);
|
||||
$self->ua->timeout(3);
|
||||
|
||||
# Parse apply values
|
||||
while ( my ( $host, $request ) = each %reloadUrls ) {
|
||||
|
|
@ -351,7 +350,7 @@ sub applyConf {
|
|||
}
|
||||
}
|
||||
|
||||
my $response = $ua->request($r);
|
||||
my $response = $self->ua->request($r);
|
||||
if ( $response->code != 200 ) {
|
||||
$status->{$host} =
|
||||
"Error " . $response->code . " (" . $response->message . ")";
|
||||
|
|
|
|||
|
|
@ -312,6 +312,7 @@
|
|||
"logout": "Logout",
|
||||
"logoutServices": "Logout forward",
|
||||
"logParams": "Logs",
|
||||
"lwpOpts": "Options for server requests",
|
||||
"lwpSslOpts": "SSL options for server requests",
|
||||
"macros": "Macros",
|
||||
"mailBody": "Success mail content",
|
||||
|
|
|
|||
|
|
@ -312,6 +312,7 @@
|
|||
"logout": "Déconnexion",
|
||||
"logoutServices": "Transfert de la déconnexion",
|
||||
"logParams": "Journalisation",
|
||||
"lwpOpts": "Options pour les requêtes serveur",
|
||||
"lwpSslOpts": "Options SSL pour les requêtes serveur",
|
||||
"macros": "Macros",
|
||||
"mailBody": "Contenu du message de succès",
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
|
@ -4,6 +4,7 @@ use strict;
|
|||
use Mouse;
|
||||
use Lemonldap::NG::Common::FormEncode;
|
||||
use Lemonldap::NG::Common::Regexp;
|
||||
use Lemonldap::NG::Common::UserAgent;
|
||||
use Cache::FileCache;
|
||||
use Lemonldap::NG::Portal::Main::Constants qw(
|
||||
PE_BADCREDENTIALS
|
||||
|
|
@ -49,7 +50,7 @@ has ua => (
|
|||
builder => sub {
|
||||
|
||||
# TODO : LWP options to use a proxy for example
|
||||
my $ua = LWP::UserAgent->new();
|
||||
my $ua = Lemonldap::NG::Common::UserAgent->new( $_[0]->{conf} );
|
||||
return $ua;
|
||||
}
|
||||
);
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@ package Lemonldap::NG::Portal::Auth::Yubikey;
|
|||
use strict;
|
||||
use Mouse;
|
||||
use JSON;
|
||||
use LWP::UserAgent;
|
||||
use Lemonldap::NG::Common::UserAgent;
|
||||
use HTTP::Request;
|
||||
use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_ERROR PE_FORMEMPTY);
|
||||
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@ package Lemonldap::NG::Portal::Lib::CAS;
|
|||
|
||||
use strict;
|
||||
use Mouse;
|
||||
use Lemonldap::NG::Common::UserAgent;
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
|
||||
|
|
@ -14,8 +15,7 @@ has ua => (
|
|||
builder => sub {
|
||||
|
||||
# TODO : LWP options to use a proxy for example
|
||||
my $ua = LWP::UserAgent->new();
|
||||
push @{ $ua->requests_redirectable }, 'POST';
|
||||
my $ua = Lemonldap::NG::Common::UserAgent->new( $_[0]->{conf} );
|
||||
$ua->env_proxy();
|
||||
return $ua;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ use Digest::SHA
|
|||
sha512 sha256_base64 sha384_base64 sha512_base64/;
|
||||
use JSON;
|
||||
use Lemonldap::NG::Common::FormEncode;
|
||||
use LWP::UserAgent;
|
||||
use Lemonldap::NG::Common::UserAgent;
|
||||
use MIME::Base64 qw/encode_base64 decode_base64/;
|
||||
use Mouse;
|
||||
|
||||
|
|
@ -44,8 +44,7 @@ has ua => (
|
|||
builder => sub {
|
||||
|
||||
# TODO : LWP options to use a proxy for example
|
||||
my $ua = LWP::UserAgent->new();
|
||||
push @{ $ua->requests_redirectable }, 'POST';
|
||||
my $ua = Lemonldap::NG::Common::UserAgent->new($_[0]->{conf});
|
||||
$ua->env_proxy();
|
||||
return $ua;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@ package Lemonldap::NG::Portal::Lib::RESTProxy;
|
|||
use strict;
|
||||
use JSON;
|
||||
use Mouse;
|
||||
use LWP::UserAgent;
|
||||
use Lemonldap::NG::Common::UserAgent;
|
||||
use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_ERROR PE_BADCREDENTIALS);
|
||||
use Lemonldap::NG::Common::FormEncode;
|
||||
|
||||
|
|
@ -19,7 +19,7 @@ sub init {
|
|||
$self->conf->{proxySessionService} ||=
|
||||
$self->conf->{proxyAuthService} . '/mysession';
|
||||
$self->conf->{proxySessionService} =~ s#/*$##;
|
||||
$self->ua( LWP::UserAgent->new );
|
||||
$self->ua( Lemonldap::NG::Common::UserAgent->new( $self->conf ) );
|
||||
$self->ua->default_header( Accept => 'application/json' );
|
||||
|
||||
unless ( defined $self->conf->{proxyAuthService} ) {
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ use strict;
|
|||
use Mouse;
|
||||
use Lemonldap::NG::Common::Conf::SAML::Metadata;
|
||||
use Lemonldap::NG::Common::Session;
|
||||
use LWP::UserAgent;
|
||||
use Lemonldap::NG::Common::UserAgent;
|
||||
use XML::Simple;
|
||||
use MIME::Base64;
|
||||
use String::Random;
|
||||
|
|
@ -34,8 +34,7 @@ has ua => (
|
|||
builder => sub {
|
||||
|
||||
# TODO : LWP options to use a proxy for example
|
||||
my $ua = LWP::UserAgent->new();
|
||||
push @{ $ua->requests_redirectable }, 'POST';
|
||||
my $ua = Lemonldap::NG::Common::UserAgent->new( $_[0]->{conf} );
|
||||
$ua->env_proxy();
|
||||
return $ua;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user