From 4497f39efee89883e1e9e4a8bb6a3ffb959d2890 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Mon, 17 Aug 2020 18:13:11 +0200 Subject: [PATCH] Factor psession id calculation into Common --- .../lib/Lemonldap/NG/Common/CliSessions.pm | 13 +++---------- .../lib/Lemonldap/NG/Common/Util.pm | 18 +++++++++++++++--- .../lib/Lemonldap/NG/Portal/Main/Run.pm | 11 +++-------- 3 files changed, 21 insertions(+), 21 deletions(-) diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/CliSessions.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/CliSessions.pm index 85300c0a0..629140fbf 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/CliSessions.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/CliSessions.pm @@ -3,12 +3,12 @@ package Lemonldap::NG::Common::CliSessions; use strict; use Mouse; use JSON; -use Digest::MD5 qw(md5_hex); use MIME::Base64; use Lemonldap::NG::Common::Conf; use Lemonldap::NG::Common::Logger::Std; use Lemonldap::NG::Common::Apache::Session; use Lemonldap::NG::Common::Session; +use Lemonldap::NG::Common::Util qw/getPSessionID/; our $VERSION = '2.0.8'; @@ -118,7 +118,7 @@ sub _get_one_session { # Handle --persistent elsif ( $self->opts->{persistent} ) { $backendStorage = "persistentStorage"; - $id = $self->_md5hash($id); + $id = getPSessionID($id); } # In any case, fall back to global storage if we couldn't find the backend @@ -195,13 +195,6 @@ sub get { return 0; } -# Return md5(s) -# TODO factor with portal function -sub _md5hash { - my ( $self, $s ) = @_; - return substr( Digest::MD5::md5_hex($s), 0, 32 ); -} - # TODO factor with manager API function sub _genId2F { my ( $self, $device ) = @_; @@ -211,7 +204,7 @@ sub _genId2F { sub _get_psession { my ( $self, $uid ) = @_; - my $psession_id = $self->_md5hash($uid); + my $psession_id = getPSessionID($uid); my $res = $self->_get_one_session( $psession_id, 'persistent' ); die "Could not get psession for user $uid" unless $res; return $res; diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Util.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Util.pm index c1208df8a..b305a8035 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Util.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Util.pm @@ -1,11 +1,19 @@ package Lemonldap::NG::Common::Util; require Exporter; +use Digest::MD5; + use 5.10.0; -our $VERSION = '2.0.9'; -our @ISA = qw(Exporter); -our @EXPORT_OK = qw(getSameSite); +our $VERSION = '2.0.9'; +our @ISA = qw(Exporter); +our @EXPORT_OK = qw(getSameSite getPSessionID); + +# Return stable psession ID from username +sub getPSessionID { + my ($uid) = @_; + return substr( Digest::MD5::md5_hex($uid), 0, 32 ); +} sub getSameSite { my ($conf) = @_; @@ -49,6 +57,10 @@ modules. =head1 METHODS +=head3 getPSessionID($uid) + +This method computes the psession ID from the user login + =head3 getSameSite($conf) Try to find a sensible value for the SameSite cookie attribute. diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm index 0da7030fc..31fe42baa 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm @@ -16,6 +16,7 @@ package Lemonldap::NG::Portal::Main; use strict; use URI::Escape; use JSON; +use Lemonldap::NG::Common::Util qw(getPSessionID); has trOverCache => ( is => 'rw', default => sub { {} } ); @@ -465,7 +466,7 @@ sub getPersistentSession { return unless ( defined $uid and !$self->conf->{disablePersistentStorage} ); # Compute persistent identifier - my $pid = $self->_md5hash($uid); + my $pid = getPSessionID($uid); $info->{_session_uid} = $uid; @@ -530,7 +531,7 @@ sub updatePersistentSession { if ( $persistentSession->error ) { $self->logger->error( - "Cannot update persistent session " . $self->_md5hash($uid) ); + "Cannot update persistent session " . getPSessionID($uid) ); $self->logger->error( $persistentSession->error ); } } @@ -639,12 +640,6 @@ sub _deleteSession { return $session->error ? 0 : 1; } -# Return md5(s) -sub _md5hash { - my ( $self, $s ) = @_; - return substr( Digest::MD5::md5_hex($s), 0, 32 ); -} - # Check if an URL's domain name is declared in LL::NG config or is declared as # trusted domain sub isTrustedUrl {