REST in progress (#970)
This commit is contained in:
parent
35924c935e
commit
62e3ba159d
|
@ -1939,6 +1939,9 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
|
||||||
'proxyAuthService' => {
|
'proxyAuthService' => {
|
||||||
'type' => 'text'
|
'type' => 'text'
|
||||||
},
|
},
|
||||||
|
'proxySessionService' => {
|
||||||
|
'type' => 'text'
|
||||||
|
},
|
||||||
'proxyUseSoap' => {
|
'proxyUseSoap' => {
|
||||||
'default' => 0,
|
'default' => 0,
|
||||||
'type' => 'bool'
|
'type' => 'bool'
|
||||||
|
|
|
@ -2004,9 +2004,10 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
|
||||||
},
|
},
|
||||||
|
|
||||||
# Proxy
|
# Proxy
|
||||||
proxyAuthService => { type => 'text', },
|
proxyAuthService => { type => 'text', },
|
||||||
remoteCookieName => { type => 'text', },
|
proxySessionService => { type => 'text', },
|
||||||
proxyUseSoap => {
|
remoteCookieName => { type => 'text', },
|
||||||
|
proxyUseSoap => {
|
||||||
type => 'bool',
|
type => 'bool',
|
||||||
default => 0,
|
default => 0,
|
||||||
documentation => 'Use SOAP instead of REST',
|
documentation => 'Use SOAP instead of REST',
|
||||||
|
|
|
@ -520,7 +520,8 @@
|
||||||
"previous": "Previous",
|
"previous": "Previous",
|
||||||
"privateKey": "Private key",
|
"privateKey": "Private key",
|
||||||
"proxyAuthnLevel": "Authentication level",
|
"proxyAuthnLevel": "Authentication level",
|
||||||
"proxyAuthService": "Portal URL",
|
"proxyAuthService": "Internal portal URL",
|
||||||
|
"proxySessionService": "Session service URL",
|
||||||
"proxyParams": "Proxy parameters",
|
"proxyParams": "Proxy parameters",
|
||||||
"proxyUseSoap": "Use SOAP instead of REST",
|
"proxyUseSoap": "Use SOAP instead of REST",
|
||||||
"publicKey": "Public key",
|
"publicKey": "Public key",
|
||||||
|
|
|
@ -520,7 +520,8 @@
|
||||||
"previous": "Précédente",
|
"previous": "Précédente",
|
||||||
"privateKey": "Clef privée",
|
"privateKey": "Clef privée",
|
||||||
"proxyAuthnLevel": "Niveau d'authentification",
|
"proxyAuthnLevel": "Niveau d'authentification",
|
||||||
"proxyAuthService": "URL du portail",
|
"proxyAuthService": "URL du portail interne",
|
||||||
|
"proxySessionService": "URL du service de session",
|
||||||
"proxyParams": "Paramètres Proxy",
|
"proxyParams": "Paramètres Proxy",
|
||||||
"proxyUseSoap": "Utiliser SOAP ai lieu de REST",
|
"proxyUseSoap": "Utiliser SOAP ai lieu de REST",
|
||||||
"publicKey": "Clef publique",
|
"publicKey": "Clef publique",
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
package Lemonldap::NG::Portal::Lib::SOAPProxy;
|
package Lemonldap::NG::Portal::Lib::RESTProxy;
|
||||||
|
|
||||||
use strict;
|
use strict;
|
||||||
use JSON;
|
use JSON;
|
||||||
|
@ -23,6 +23,8 @@ has ua => (
|
||||||
sub init {
|
sub init {
|
||||||
my ($self) = @_;
|
my ($self) = @_;
|
||||||
$self->conf->{remoteCookieName} ||= $self->conf->{cookieName};
|
$self->conf->{remoteCookieName} ||= $self->conf->{cookieName};
|
||||||
|
$self->conf->{proxySessionService} ||=
|
||||||
|
$self->conf->{proxyAuthService} . '/mysession/';
|
||||||
|
|
||||||
unless ( defined $self->conf->{proxyAuthService} ) {
|
unless ( defined $self->conf->{proxyAuthService} ) {
|
||||||
$self->error("Missing proxyAuthService parameter");
|
$self->error("Missing proxyAuthService parameter");
|
||||||
|
@ -31,11 +33,14 @@ sub init {
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
*authenticate = *getUser;
|
no warnings 'once';
|
||||||
|
*authenticate = \&getUser;
|
||||||
|
|
||||||
sub getUser {
|
sub getUser {
|
||||||
my ( $self, $req ) = @_;
|
my ( $self, $req ) = @_;
|
||||||
return PE_OK if ( $req->datas->{_proxyQueryDone} );
|
return PE_OK if ( $req->datas->{_proxyQueryDone} );
|
||||||
|
$self->lmLog( 'Proxy push auth to ' . $self->conf->{proxyAuthService},
|
||||||
|
'debug' );
|
||||||
my $resp = $self->ua->post( $self->conf->{proxyAuthService},
|
my $resp = $self->ua->post( $self->conf->{proxyAuthService},
|
||||||
{ user => $req->{user}, password => $req->datas->{password} } );
|
{ user => $req->{user}, password => $req->datas->{password} } );
|
||||||
unless ( $resp->is_success ) {
|
unless ( $resp->is_success ) {
|
||||||
|
@ -44,36 +49,47 @@ sub getUser {
|
||||||
'error' );
|
'error' );
|
||||||
return PE_ERROR;
|
return PE_ERROR;
|
||||||
}
|
}
|
||||||
|
$self->lmLog( 'Proxy gets a response', 'debug' );
|
||||||
my $res = eval { JSON::from_json( $resp->content ) };
|
my $res = eval { JSON::from_json( $resp->content ) };
|
||||||
if ($@) {
|
if ($@) {
|
||||||
$self->lmLog("Bad content: $@");
|
$self->lmLog("Bad content: $@");
|
||||||
return PE_ERROR;
|
return PE_ERROR;
|
||||||
}
|
}
|
||||||
$req->datas->{_proxyQueryDone}++;
|
$req->sessionInfo->{_proxyQueryDone}++;
|
||||||
return ( $res->{result} ? PE_OK : PE_BADCREDENTIALS );
|
unless ( $res->{result} ) {
|
||||||
|
$self->p->userNotice("Authentication refused for $req->{user}");
|
||||||
|
return PE_BADCREDENTIALS;
|
||||||
|
}
|
||||||
|
$req->sessionInfo->{_proxyCookies} = join '; ',
|
||||||
|
map { s/;.*$// } $resp->header('Set-Cookie');
|
||||||
|
$self->lmLog(
|
||||||
|
'Store cookies in session (' . $req->sessionInfo->{_proxyCookies} . ')',
|
||||||
|
'debug'
|
||||||
|
);
|
||||||
|
PE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
sub setSessionInfo {
|
sub setSessionInfo {
|
||||||
my ( $self, $req ) = @_;
|
my ( $self, $req ) = @_;
|
||||||
return PE_OK if ( $req->datas->{_setSessionInfoDone} );
|
return PE_OK if ( $req->datas->{_setSessionInfoDone} );
|
||||||
my $soap =
|
my $q = HTTP::Request->new(
|
||||||
SOAP::Lite->proxy( $self->conf->{proxyAuthService} )
|
GET => $self->conf->{proxySessionService},
|
||||||
->uri('urn:Lemonldap/NG/Common/PSGI/SOAPService');
|
Cookie => $req->sessionInfo->{_proxyCookies}
|
||||||
my $r = $soap->getAttributes( $req->datas->{_remoteId} );
|
);
|
||||||
if ( $r->fault ) {
|
my $resp = $self->ua->get($q);
|
||||||
$self->lmLog(
|
unless ( $resp->is_success ) {
|
||||||
"Unable to query authentication service" . $r->fault->{faultstring},
|
$self->lmLog( 'Unable to query session service: ' . $resp->status_line,
|
||||||
'error'
|
'error' );
|
||||||
);
|
|
||||||
}
|
|
||||||
my $res = $r->result();
|
|
||||||
if ( $res->{error} ) {
|
|
||||||
$self->userError("Unable to get attributes for $self->{user} ");
|
|
||||||
return PE_ERROR;
|
return PE_ERROR;
|
||||||
}
|
}
|
||||||
foreach ( keys %{ $res->{attributes} } ) {
|
$self->lmLog( 'Proxy gets a response', 'debug' );
|
||||||
$req->{sessionInfo}->{$_} ||= $res->{attributes}->{$_}
|
my $res = eval { JSON::from_json( $resp->content ) };
|
||||||
unless (/^_/);
|
if ($@) {
|
||||||
|
$self->lmLog("Bad content: $@");
|
||||||
|
return PE_ERROR;
|
||||||
|
}
|
||||||
|
foreach ( keys %$res ) {
|
||||||
|
$req->{sessionInfo}->{$_} ||= $res->{$_} unless (/^_/);
|
||||||
}
|
}
|
||||||
$req->datas->{_setSessionInfoDone}++;
|
$req->datas->{_setSessionInfoDone}++;
|
||||||
PE_OK;
|
PE_OK;
|
||||||
|
|
|
@ -11,7 +11,8 @@ our $VERSION = '2.0.0';
|
||||||
|
|
||||||
sub init {
|
sub init {
|
||||||
my ($self) = @_;
|
my ($self) = @_;
|
||||||
$self->conf->{remoteCookieName} ||= $self->conf->{cookieName};
|
$self->conf->{remoteCookieName} ||= $self->conf->{cookieName};
|
||||||
|
$self->conf->{proxySessionService} ||= $self->conf->{proxyAuthService};
|
||||||
|
|
||||||
unless ( defined $self->conf->{proxyAuthService} ) {
|
unless ( defined $self->conf->{proxyAuthService} ) {
|
||||||
$self->error("Missing proxyAuthService parameter");
|
$self->error("Missing proxyAuthService parameter");
|
||||||
|
@ -22,6 +23,8 @@ sub init {
|
||||||
|
|
||||||
# RUNNING METHODS
|
# RUNNING METHODS
|
||||||
|
|
||||||
|
no warnings 'once';
|
||||||
|
|
||||||
*authenticate = *getUser;
|
*authenticate = *getUser;
|
||||||
|
|
||||||
sub getUser {
|
sub getUser {
|
||||||
|
@ -59,8 +62,7 @@ sub getUser {
|
||||||
sub setSessionInfo {
|
sub setSessionInfo {
|
||||||
my ( $self, $req ) = @_;
|
my ( $self, $req ) = @_;
|
||||||
return PE_OK if ( $req->datas->{_setSessionInfoDone} );
|
return PE_OK if ( $req->datas->{_setSessionInfoDone} );
|
||||||
my $soap =
|
my $soap = SOAP::Lite->proxy( $self->conf->{proxySessionService} )
|
||||||
SOAP::Lite->proxy( $self->conf->{proxyAuthService} )
|
|
||||||
->uri('urn:Lemonldap/NG/Common/PSGI/SOAPService');
|
->uri('urn:Lemonldap/NG/Common/PSGI/SOAPService');
|
||||||
my $r = $soap->getAttributes( $req->datas->{_remoteId} );
|
my $r = $soap->getAttributes( $req->datas->{_remoteId} );
|
||||||
if ( $r->fault ) {
|
if ( $r->fault ) {
|
||||||
|
|
Loading…
Reference in New Issue
Block a user