dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Move some errors from tech logs to user logs (#595)

Browse Source
This commit is contained in:
Xavier Guimard 2017-02-18 14:25:48 +00:00
parent 1a811f8e21
commit 3e4554ee45
6 changed files with 29 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/AD.pm
View File

@ -73,7 +73,7 @@ sub authenticate {
my $expired_flag =
0x800000; # 8 at 6th position for flag UF_PASSWORD_EXPIRED to be set
if ( ( $computed & $mask ) == $expired_flag ) {
$self->logger->warn("[AD] Password has expired");
$self->userLogger->warn("[AD] Password has expired");
$res = PE_PP_PASSWORD_EXPIRED;
}

4
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/CAS.pm
View File

@ -111,7 +111,7 @@ sub extractFormInfo {
# Store pgtId and pgtIou
unless ( $self->cas->storePGT( $pgtIou, $pgtId ) ) {
$self->logger->error( "CAS: error " . &AuthCAS::get_errors() );
$self->userLogger->error( "CAS: error " . &AuthCAS::get_errors() );
}
else {
$self->logger->debug(
@ -144,7 +144,7 @@ sub extractFormInfo {
# Ticket found, try to validate it
unless ( $req->{user} = $self->cas->validateST( $local_url, $ticket ) ) {
$self->logger->error( "CAS: error " . &AuthCAS::get_errors() );
$self->userLogger->error( "CAS: error " . &AuthCAS::get_errors() );
return PE_ERROR;
}
else {

2
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/Facebook.pm
View File

@ -96,7 +96,7 @@ sub extractFormInfo {
# 1.2 Bad responses
if ( my $error_code = $req->param('error_code') ) {
my $error_message = $req->param('error_message');
$self->logger->error("Facebook error code $error_code: $error_message");
$self->userLogger->error("Facebook error code $error_code: $error_message");
return PE_ERROR;
}

8
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenID.pm
View File

@ -94,7 +94,7 @@ sub extractFormInfo {
# Remote error
unless ( $csr->is_server_response() ) {
$self->logger->info('No OpenID valid message found');
$self->userLogger->info('No OpenID valid message found');
return PE_BADCREDENTIALS;
}
@ -107,7 +107,7 @@ sub extractFormInfo {
# Check if user has refused to share his authentication
elsif ( $csr->user_cancel() ) {
$self->logger->info('OpenID request cancelled by user');
$self->userLogger->info('OpenID request cancelled by user');
return PE_FIRSTACCESS;
}
@ -122,7 +122,7 @@ sub extractFormInfo {
# Other errors
else {
$self->logger->warn( 'OpenID error: ' . $csr->err );
$self->logger->error( 'OpenID error: ' . $csr->err );
return PE_ERROR;
}
}
@ -139,7 +139,7 @@ sub extractFormInfo {
# Check if url is valid
unless ($claimed_identity) {
$self->logger->warn( 'OpenID error : ' . $req->{csr}->err() );
$self->userLogger->warn( 'OpenID error : ' . $req->{csr}->err() );
return PE_BADCREDENTIALS;
}

6
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm
View File

@ -81,7 +81,7 @@ sub extractFormInfo {
$self->logger->debug("State $state extracted");
}
else {
$self->logger->error("Unable to extract state $state");
$self->userLogger->error("Unable to extract state $state");
return PE_ERROR;
}
}
@ -90,7 +90,7 @@ sub extractFormInfo {
my $op = $req->datas->{_oidcOPCurrent};
unless ($op) {
$self->logger->error("OpenID Provider not found");
$self->userLogger->error("OpenID Provider not found");
return PE_ERROR;
}
@ -180,7 +180,7 @@ sub extractFormInfo {
# Check validity of ID Token
unless ( $self->checkIDTokenValidity( $op, $id_token_payload_hash ) ) {
$self->logger->error('ID Token not valid');
$self->userLogger->error('ID Token not valid');
return PE_ERROR;
}
else {

36
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm
View File

@ -152,7 +152,7 @@ sub extractFormInfo {
}
unless ($result) {
$self->logger->error("Signature is not valid");
$self->userLogger->error("Signature is not valid");
return PE_SAML_SIGNATURE_ERROR;
}
else {
@ -166,7 +166,7 @@ sub extractFormInfo {
# Get SAML response
my $saml_response = $login->response();
unless ($saml_response) {
$self->logger->error("No SAML response found");
$self->userLogger->error("No SAML response found");
return PE_SAML_SSO_ERROR;
}
@ -200,7 +200,7 @@ sub extractFormInfo {
my $assertion = $self->getAssertion($login);
unless ($assertion) {
$self->logger->error("No assertion found");
$self->userLogger->error("No assertion found");
return PE_SAML_SSO_ERROR;
}
@ -219,7 +219,7 @@ sub extractFormInfo {
)
)
{
$self->logger->error("Conditions not validated");
$self->userLogger->error("Conditions not validated");
return PE_SAML_CONDITIONS_ERROR;
}
@ -287,7 +287,7 @@ sub extractFormInfo {
my $user = $nameid->content;
unless ($user) {
$self->logger->error("No NameID value found");
$self->userLogger->error("No NameID value found");
return PE_SAML_SSO_ERROR;
}
@ -364,7 +364,7 @@ sub extractFormInfo {
else {
# This should not happen
$self->logger->error("SSO request or response was not found");
$self->userLogger->error("SSO request or response was not found");
return PE_SAML_ERROR;
}
@ -395,7 +395,7 @@ sub extractFormInfo {
my $result = $self->processLogoutResponseMsg( $logout, $response );
unless ($result) {
$self->logger->error("Fail to process logout response");
$self->userLogger->error("Fail to process logout response");
return PE_SAML_SLO_ERROR;
}
@ -433,7 +433,7 @@ sub extractFormInfo {
$result = $self->processLogoutResponseMsg( $logout, $response );
unless ($result) {
$self->logger->error("Signature is not valid");
$self->userLogger->error("Signature is not valid");
return PE_SAML_SIGNATURE_ERROR;
}
else {
@ -485,7 +485,7 @@ sub extractFormInfo {
# Process logout request
unless ( $self->processLogoutRequestMsg( $logout, $request ) ) {
$self->logger->error("Fail to process logout request");
$self->userLogger->error("Fail to process logout request");
$logout_error = 1;
}
@ -518,7 +518,7 @@ sub extractFormInfo {
if ($checkSLOMessageSignature) {
unless ( $self->checkSignatureStatus($logout) ) {
$self->logger->error("Signature is not valid");
$self->userLogger->error("Signature is not valid");
return PE_SAML_SIGNATURE_ERROR;
}
else {
@ -632,7 +632,7 @@ sub extractFormInfo {
# Validate request if no previous error
unless ($logout_error) {
unless ( $self->validateLogoutRequest($logout) ) {
$self->logger->error("SLO request is not valid");
$self->userLogger->error("SLO request is not valid");
}
}
@ -739,7 +739,7 @@ sub extractFormInfo {
else {
# This should not happen
$self->logger->error("SLO request or response was not found");
$self->userLogger->error("SLO request or response was not found");
# Redirect user
$req->mustRedirect(1);
@ -895,7 +895,7 @@ sub extractFormInfo {
my $idpConfKey = $self->idpList->{$idp}->{confKey};
unless ($idpConfKey) {
$self->logger->error("$idp do not match any IDP in configuration");
$self->userLogger->error("$idp do not match any IDP in configuration");
return PE_SAML_UNKNOWN_ENTITY;
}
@ -962,7 +962,7 @@ sub extractFormInfo {
);
unless ($login) {
$self->logger->error(
$self->userLogger->error(
"Could not create authentication request on $idpConfKey");
return PE_SAML_SSO_ERROR;
}
@ -1060,7 +1060,7 @@ sub setAuthSessionInfo {
my $assertion = $self->getAssertion($login);
unless ($assertion) {
$self->logger->error("No assertion found");
$self->userLogger->error("No assertion found");
return PE_SAML_SSO_ERROR;
}
@ -1218,7 +1218,7 @@ sub authLogout {
my $session_dump = $req->{sessionInfo}->{_lassoSessionDump};
unless ($session_dump) {
$self->logger->error("Could not get session dump from session");
$self->userLogger->error("Could not get session dump from session");
return PE_SAML_SLO_ERROR;
}
@ -1338,14 +1338,14 @@ sub authLogout {
unless ( $self->replayProtection($samlID) ) {
# Logout request was already consumed or is expired
$self->logger->error("Message $samlID already used or expired");
$self->userLogger->error("Message $samlID already used or expired");
return PE_SAML_SLO_ERROR;
}
return PE_OK;
}
else {
$self->logger->error("Lasso method $method not implemented here");
$self->userLogger->error("Lasso method $method not implemented here");
return PE_SAML_SLO_ERROR;
}
}