diff --git a/build/lemonldap-ng/Makefile b/build/lemonldap-ng/Makefile
index 05904b0ab..517872f14 100644
--- a/build/lemonldap-ng/Makefile
+++ b/build/lemonldap-ng/Makefile
@@ -455,7 +455,7 @@ cpan: clean configure common_cpan handler_cpan portal_cpan manager_cpan
$(UNCOMPRESS) Lemonldap-NG-$$i-*.$(COMPRESSSUFFIX) \
$$($(COMPRESS) tzf Lemonldap-NG-$$i-*.$(COMPRESSSUFFIX) |grep META.yml); \
mv Lemonldap-NG-$$i-*/META.yml lemonldap-ng-$$($(PERL) -e "print lc('$$i')")/; \
- rmdir Lemonldap-NG-$$i*/; \
+ rm -rf Lemonldap-NG-$$i*/; \
done
common_cpan: common_conf
diff --git a/modules/lemonldap-ng-portal/MANIFEST b/modules/lemonldap-ng-portal/MANIFEST
index 92dba138f..252a4345d 100644
--- a/modules/lemonldap-ng-portal/MANIFEST
+++ b/modules/lemonldap-ng-portal/MANIFEST
@@ -104,6 +104,7 @@ lib/Lemonldap/NG/Portal/AuthLA.pm
lib/Lemonldap/NG/Portal/AuthLDAP.pm
lib/Lemonldap/NG/Portal/AuthMulti.pm
lib/Lemonldap/NG/Portal/AuthNull.pm
+lib/Lemonldap/NG/Portal/AuthOpenID.pm
lib/Lemonldap/NG/Portal/AuthProxy.pm
lib/Lemonldap/NG/Portal/AuthRemote.pm
lib/Lemonldap/NG/Portal/AuthSAML.pm
diff --git a/modules/lemonldap-ng-portal/META.yml b/modules/lemonldap-ng-portal/META.yml
index e5577a7ca..efc7dae1d 100644
--- a/modules/lemonldap-ng-portal/META.yml
+++ b/modules/lemonldap-ng-portal/META.yml
@@ -33,3 +33,4 @@ meta-spec:
recommends:
Email::Date::Format: 0
MIME::Lite: 0
+ Net::OpenID::Consumer: 0
diff --git a/modules/lemonldap-ng-portal/Makefile.PL b/modules/lemonldap-ng-portal/Makefile.PL
index 68b4afc02..b676135e1 100644
--- a/modules/lemonldap-ng-portal/Makefile.PL
+++ b/modules/lemonldap-ng-portal/Makefile.PL
@@ -8,8 +8,9 @@ WriteMakefile(
LICENSE => 'gpl',
META_MERGE => {
'recommends' => {
- 'MIME::Lite' => 0,
- 'Email::Date::Format' => 0,
+ 'Email::Date::Format' => 0,
+ 'Net::OpenID::Consumer' => 0,
+ 'MIME::Lite' => 0,
},
},
BUILD_REQUIRES => { 'IO::String' => 0, },
diff --git a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthApache.pm b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthApache.pm
index 1c5e67054..9a0883c21 100644
--- a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthApache.pm
+++ b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthApache.pm
@@ -81,7 +81,7 @@ compatible portals with Apache authentication.
print $portal->redirect( -uri => 'https://portal/menu');
}
else {
- # If the user enters here, IT MEANS THAT CAS REDIRECTION DOES NOT WORK
+ # If the user enters here, IT MEANS THAT APACHE AUTHENTICATION DOES NOT WORK
print $portal->header('text/html; charset=utf8'); # DON'T FORGET THIS (see CGI(3))
print "Unable to work
";
print "This server isn't well configured. Contact your administrator.";
diff --git a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthOpenID.pm b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthOpenID.pm
new file mode 100644
index 000000000..94b9bd40b
--- /dev/null
+++ b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthOpenID.pm
@@ -0,0 +1,188 @@
+##@file
+# OpenID authentication backend file
+
+##@class
+# OpenID authentication backend class
+package Lemonldap::NG::Portal::AuthOpenID;
+
+use strict;
+use Lemonldap::NG::Portal::Simple;
+use Net::OpenID::Consumer;
+use LWP::UserAgent;
+
+our $VERSION = '0.1';
+
+## @apmethod int authInit()
+# @return Lemonldap::NG::Portal constant
+sub authInit {
+ my $self = shift;
+ $self->{csr} = Net::OpenID::Consumer->new(
+ ua => LWP::UserAgent->new,
+ cache => Cache::FileCache->new,
+ args => $self,
+ consumer_secret => $self->{openIdSecret},
+ required_root => $self->{portal},
+ );
+ PE_OK;
+}
+
+## @apmethod int extractFormInfo()
+# Read username return by OpenID authentication system.
+# @return Lemonldap::NG::Portal constant
+sub extractFormInfo {
+ my $self = shift;
+ my ( $url, $openid );
+
+ # 1. If no openid element has been detected
+ return PE_FIRSTACCESS
+ unless ( $url = $self->param('openIdUrl')
+ or $openid = $self->param('openid') );
+
+ # 2. Check OpenID responses
+ if ($openid) {
+ my $csr = $self->{csr};
+
+ # Remote error
+ unless ( $csr->is_server_response() ) {
+ $self->{msg} = 'No OpenID valid message found' . $csr->err();
+ $self->lmLog( $self->{msg}, 'debug' );
+ return PE_BADCREDENTIALS;
+ }
+
+ # TODO
+ if ( my $setup_url = $csr->user_setup_url ) {
+ $self->abort( 'Not implemented',
+ 'OpenID setup URL not yet implemented' );
+ }
+
+ # Check if user has refused to share his authentication
+ elsif ( $csr->user_cancel() ) {
+ $self->{msg} = "OpenID request cancelled by user";
+ $self->lmLog( $self->{msg}, 'debug' );
+ return PE_FIRSTACCESS;
+ }
+
+ # TODO: check verified identity
+ elsif ( $self->{_openiduser} = $csr->verified_identity ) {
+
+ # TODO : set $self->{user}
+ return PE_OK;
+ }
+
+ # Other errors
+ else {
+ $self->abort( 'OpenID error', $csr->err() );
+ }
+ }
+
+ # 3. Check if an OpenID url has been submitted
+ else {
+ my $claimed_identity = $self->{csr}->claimed_identity($url);
+
+ # Check if url is valid
+ unless ($claimed_identity) {
+ $self->{msg} = "OpenID error : " . $self->{csr}->err();
+ $self->lmLog( $self->{msg}, 'debug' );
+ return PE_BADCREDENTIALS;
+ }
+
+ # Redirect user
+ $self->lmLog( "OpenID redirection to $url", 'debug' );
+ my $check_url = $claimed_identity->check_url(
+ return_to => $self->{portal} . '?openid=1',
+ trust_root => $self->{portal},
+ );
+ }
+ PE_OK;
+}
+
+## @apmethod int setAuthSessionInfo()
+# Store user.
+# @return Lemonldap::NG::Portal constant
+sub setAuthSessionInfo {
+ my $self = shift;
+
+ # TODO
+
+ PE_OK;
+}
+
+## @apmethod int authenticate()
+# Does nothing.
+# @return Lemonldap::NG::Portal constant
+sub authenticate {
+ PE_OK;
+}
+
+1;
+__END__
+
+=head1 NAME
+
+=encoding utf8
+
+Lemonldap::NG::Portal::OpenID - Perl extension for building Lemonldap::NG
+compatible portals with OpenID authentication.
+
+=head1 SYNOPSIS
+
+ use Lemonldap::NG::Portal::SharedConf;
+ my $portal = new Lemonldap::NG::Portal::Simple(
+ configStorage => {...}, # See Lemonldap::NG::Portal
+ authentication => 'OpenID',
+ );
+
+ if($portal->process()) {
+ # Write here the menu with CGI methods. This page is displayed ONLY IF
+ # the user was not redirected here.
+ print $portal->header('text/html; charset=utf8'); # DON'T FORGET THIS (see CGI(3))
+ print "...";
+ }
+ else {
+ # If the user enters here, IT MEANS THAT CAS REDIRECTION DOES NOT WORK
+ print $portal->header('text/html; charset=utf8'); # DON'T FORGET THIS (see CGI(3))
+ print "Unable to work
";
+ print "This server isn't well configured. Contact your administrator.";
+ print "";
+ }
+
+=head1 DESCRIPTION
+
+This library just overload few methods of Lemonldap::NG::Portal::Simple to use
+OpenID authentication mechanism.
+
+See L for usage and other methods.
+
+=head1 SEE ALSO
+
+L, L,
+http://wiki.lemonldap.objectweb.org/xwiki/bin/view/NG/Presentation
+
+=head1 AUTHOR
+
+Thomas Chemineau, Ethomas.chemineau@linagora.comE,
+Xavier Guimard, Ex.guimard@free.frE
+
+=head1 BUG REPORT
+
+Use OW2 system to report bug or ask for features:
+L
+
+=head1 DOWNLOAD
+
+Lemonldap::NG is available at
+L
+
+=head1 COPYRIGHT AND LICENSE
+
+Copyright (C) 2007 by Thomas Chemineau,
+Ethomas.chemineau@linagora.comE and
+Xavier Guimard Ex.guimard@free.frE
+
+This library is free software; you can redistribute it and/or modify
+it under the same terms as Perl itself, either Perl version 5.8.4 or,
+at your option, any later version of Perl 5 you may have available.
+
+=cut
+
+