dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

REST in progress (#970)

Browse Source
This commit is contained in:
Xavier Guimard 2017-01-10 12:25:30 +00:00
parent 35924c935e
commit 62e3ba159d
6 changed files with 52 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
View File

@ -1939,6 +1939,9 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
'proxyAuthService' => { 'proxyAuthService' => {
'type' => 'text' 'type' => 'text'
}, },
'proxySessionService' => {
'type' => 'text'
},
'proxyUseSoap' => { 'proxyUseSoap' => {
'default' => 0, 'default' => 0,
'type' => 'bool' 'type' => 'bool'

7
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
View File

@ -2004,9 +2004,10 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
}, },
# Proxy # Proxy
proxyAuthService => { type => 'text', }, proxyAuthService => { type => 'text', },
remoteCookieName => { type => 'text', }, proxySessionService => { type => 'text', },
proxyUseSoap => { remoteCookieName => { type => 'text', },
proxyUseSoap => {
type => 'bool', type => 'bool',
default => 0, default => 0,
documentation => 'Use SOAP instead of REST', documentation => 'Use SOAP instead of REST',

3
lemonldap-ng-manager/site/static/languages/en.json
View File

@ -520,7 +520,8 @@
"previous": "Previous", "previous": "Previous",
"privateKey": "Private key", "privateKey": "Private key",
"proxyAuthnLevel": "Authentication level", "proxyAuthnLevel": "Authentication level",
"proxyAuthService": "Portal URL", "proxyAuthService": "Internal portal URL",
"proxySessionService": "Session service URL",
"proxyParams": "Proxy parameters", "proxyParams": "Proxy parameters",
"proxyUseSoap": "Use SOAP instead of REST", "proxyUseSoap": "Use SOAP instead of REST",
"publicKey": "Public key", "publicKey": "Public key",

3
lemonldap-ng-manager/site/static/languages/fr.json
View File

@ -520,7 +520,8 @@
"previous": "Précédente", "previous": "Précédente",
"privateKey": "Clef privée", "privateKey": "Clef privée",
"proxyAuthnLevel": "Niveau d'authentification", "proxyAuthnLevel": "Niveau d'authentification",
"proxyAuthService": "URL du portail", "proxyAuthService": "URL du portail interne",
"proxySessionService": "URL du service de session",
"proxyParams": "Paramètres Proxy", "proxyParams": "Paramètres Proxy",
"proxyUseSoap": "Utiliser SOAP ai lieu de REST", "proxyUseSoap": "Utiliser SOAP ai lieu de REST",
"publicKey": "Clef publique", "publicKey": "Clef publique",

56
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/RESTProxy.pm
View File

@ -1,4 +1,4 @@
package Lemonldap::NG::Portal::Lib::SOAPProxy; package Lemonldap::NG::Portal::Lib::RESTProxy;
use strict; use strict;
use JSON; use JSON;
@ -23,6 +23,8 @@ has ua => (
sub init { sub init {
my ($self) = @_; my ($self) = @_;
$self->conf->{remoteCookieName} ||= $self->conf->{cookieName}; $self->conf->{remoteCookieName} ||= $self->conf->{cookieName};
$self->conf->{proxySessionService} ||=
$self->conf->{proxyAuthService} . '/mysession/';
unless ( defined $self->conf->{proxyAuthService} ) { unless ( defined $self->conf->{proxyAuthService} ) {
$self->error("Missing proxyAuthService parameter"); $self->error("Missing proxyAuthService parameter");
@ -31,11 +33,14 @@ sub init {
return 1; return 1;
} }
*authenticate = *getUser; no warnings 'once';
*authenticate = \&getUser;
sub getUser { sub getUser {
my ( $self, $req ) = @_; my ( $self, $req ) = @_;
return PE_OK if ( $req->datas->{_proxyQueryDone} ); return PE_OK if ( $req->datas->{_proxyQueryDone} );
$self->lmLog( 'Proxy push auth to ' . $self->conf->{proxyAuthService},
'debug' );
my $resp = $self->ua->post( $self->conf->{proxyAuthService}, my $resp = $self->ua->post( $self->conf->{proxyAuthService},
{ user => $req->{user}, password => $req->datas->{password} } ); { user => $req->{user}, password => $req->datas->{password} } );
unless ( $resp->is_success ) { unless ( $resp->is_success ) {
@ -44,36 +49,47 @@ sub getUser {
'error' ); 'error' );
return PE_ERROR; return PE_ERROR;
} }
$self->lmLog( 'Proxy gets a response', 'debug' );
my $res = eval { JSON::from_json( $resp->content ) }; my $res = eval { JSON::from_json( $resp->content ) };
if ($@) { if ($@) {
$self->lmLog("Bad content: $@"); $self->lmLog("Bad content: $@");
return PE_ERROR; return PE_ERROR;
} }
$req->datas->{_proxyQueryDone}++; $req->sessionInfo->{_proxyQueryDone}++;
return ( $res->{result} ? PE_OK : PE_BADCREDENTIALS ); unless ( $res->{result} ) {
$self->p->userNotice("Authentication refused for $req->{user}");
return PE_BADCREDENTIALS;
}
$req->sessionInfo->{_proxyCookies} = join '; ',
map { s/;.*$// } $resp->header('Set-Cookie');
$self->lmLog(
'Store cookies in session (' . $req->sessionInfo->{_proxyCookies} . ')',
'debug'
);
PE_OK;
} }
sub setSessionInfo { sub setSessionInfo {
my ( $self, $req ) = @_; my ( $self, $req ) = @_;
return PE_OK if ( $req->datas->{_setSessionInfoDone} ); return PE_OK if ( $req->datas->{_setSessionInfoDone} );
my $soap = my $q = HTTP::Request->new(
SOAP::Lite->proxy( $self->conf->{proxyAuthService} ) GET => $self->conf->{proxySessionService},
->uri('urn:Lemonldap/NG/Common/PSGI/SOAPService'); Cookie => $req->sessionInfo->{_proxyCookies}
my $r = $soap->getAttributes( $req->datas->{_remoteId} ); );
if ( $r->fault ) { my $resp = $self->ua->get($q);
$self->lmLog( unless ( $resp->is_success ) {
"Unable to query authentication service" . $r->fault->{faultstring}, $self->lmLog( 'Unable to query session service: ' . $resp->status_line,
'error' 'error' );
);
}
my $res = $r->result();
if ( $res->{error} ) {
$self->userError("Unable to get attributes for $self->{user} ");
return PE_ERROR; return PE_ERROR;
} }
foreach ( keys %{ $res->{attributes} } ) { $self->lmLog( 'Proxy gets a response', 'debug' );
$req->{sessionInfo}->{$_} ||= $res->{attributes}->{$_} my $res = eval { JSON::from_json( $resp->content ) };
unless (/^_/); if ($@) {
$self->lmLog("Bad content: $@");
return PE_ERROR;
}
foreach ( keys %$res ) {
$req->{sessionInfo}->{$_} ||= $res->{$_} unless (/^_/);
} }
$req->datas->{_setSessionInfoDone}++; $req->datas->{_setSessionInfoDone}++;
PE_OK; PE_OK;

8
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SOAPProxy.pm
View File

@ -11,7 +11,8 @@ our $VERSION = '2.0.0';
sub init { sub init {
my ($self) = @_; my ($self) = @_;
$self->conf->{remoteCookieName} ||= $self->conf->{cookieName}; $self->conf->{remoteCookieName} ||= $self->conf->{cookieName};
$self->conf->{proxySessionService} ||= $self->conf->{proxyAuthService};
unless ( defined $self->conf->{proxyAuthService} ) { unless ( defined $self->conf->{proxyAuthService} ) {
$self->error("Missing proxyAuthService parameter"); $self->error("Missing proxyAuthService parameter");
@ -22,6 +23,8 @@ sub init {
# RUNNING METHODS # RUNNING METHODS
no warnings 'once';
*authenticate = *getUser; *authenticate = *getUser;
sub getUser { sub getUser {
@ -59,8 +62,7 @@ sub getUser {
sub setSessionInfo { sub setSessionInfo {
my ( $self, $req ) = @_; my ( $self, $req ) = @_;
return PE_OK if ( $req->datas->{_setSessionInfoDone} ); return PE_OK if ( $req->datas->{_setSessionInfoDone} );
my $soap = my $soap = SOAP::Lite->proxy( $self->conf->{proxySessionService} )
SOAP::Lite->proxy( $self->conf->{proxyAuthService} )
->uri('urn:Lemonldap/NG/Common/PSGI/SOAPService'); ->uri('urn:Lemonldap/NG/Common/PSGI/SOAPService');
my $r = $soap->getAttributes( $req->datas->{_remoteId} ); my $r = $soap->getAttributes( $req->datas->{_remoteId} );
if ( $r->fault ) { if ( $r->fault ) {