Combination skeleton (#1151)
This commit is contained in:
parent
29d90718eb
commit
6cccc434e1
|
@ -103,7 +103,7 @@ sub parseBlock {
|
|||
die "Bad expression: $expr";
|
||||
}
|
||||
my @res = ( $1, $2 || $1 );
|
||||
@res = map { $self->parseMod( $moduleList, $_ ) } @res;
|
||||
@res = ($self->parseMod( $moduleList, 0, $res[0]),$self->parseMod( $moduleList, 1, $res[1]));
|
||||
return \@res;
|
||||
}
|
||||
|
||||
|
@ -111,11 +111,11 @@ sub parseBlock {
|
|||
# These expressions can be "LDAP" or "LDAP and DBI"
|
||||
# Return sub
|
||||
sub parseMod {
|
||||
my ( $self, $moduleList, $expr ) = @_;
|
||||
my ( $self, $moduleList, $type, $expr ) = @_;
|
||||
my @mods = map {
|
||||
die "Unknown module $_"
|
||||
unless ( $moduleList->{$_} );
|
||||
$moduleList->{$_}
|
||||
unless ( $moduleList->{$_}->[$type] );
|
||||
$moduleList->{$_}->[$type]
|
||||
} split( /\s+and\s+/, $expr );
|
||||
if ( @mods == 1 ) {
|
||||
my ($m) = @mods;
|
||||
|
|
|
@ -8,7 +8,7 @@ use_ok($m);
|
|||
my $authMods = {};
|
||||
|
||||
foreach (qw(A B C)) {
|
||||
$authMods->{$_} = LLNG::Auth->new($_);
|
||||
$authMods->{$_} = [ LLNG::Auth->new($_), LLNG::Auth->new($_) ];
|
||||
}
|
||||
|
||||
# Verify structure
|
||||
|
@ -55,11 +55,8 @@ ok(
|
|||
|
||||
# Test "and"
|
||||
|
||||
@tests = (
|
||||
'[A and B, A]',
|
||||
'[A,B] and [B,C]',
|
||||
'if(0) then [A,B] else [A,B] and [B,C]'
|
||||
);
|
||||
@tests = ( '[A and B, A]', '[A,B] and [B,C]',
|
||||
'if(0) then [A,B] else [A,B] and [B,C]' );
|
||||
|
||||
while ( my $expr = shift @tests ) {
|
||||
ok( getok($expr) == 0, qq{"$expr" returns PE_OK as auth result} )
|
||||
|
@ -67,13 +64,10 @@ while ( my $expr = shift @tests ) {
|
|||
}
|
||||
|
||||
# Test bad expr
|
||||
@tests = (
|
||||
'if(1) then {if(1) then [A] else [B]} else [C]',
|
||||
'[A,B or C]',
|
||||
);
|
||||
@tests = ( 'if(1) then {if(1) then [A] else [B]} else [C]', '[A,B or C]', );
|
||||
|
||||
foreach(@tests) {
|
||||
ok(!eval{authName($_)}, qq'Bad expr "$_"');
|
||||
foreach (@tests) {
|
||||
ok( !eval { authName($_) }, qq'Bad expr "$_"' );
|
||||
}
|
||||
|
||||
sub getok {
|
||||
|
@ -109,5 +103,5 @@ sub name {
|
|||
}
|
||||
|
||||
sub ok {
|
||||
return 0; # PE_OK
|
||||
return 0; # PE_OK
|
||||
}
|
||||
|
|
|
@ -15,6 +15,7 @@ lib/Lemonldap/NG/Portal/Auth/Apache.pm
|
|||
lib/Lemonldap/NG/Portal/Auth/Base.pm
|
||||
lib/Lemonldap/NG/Portal/Auth/CAS.pm
|
||||
lib/Lemonldap/NG/Portal/Auth/Choice.pm
|
||||
lib/Lemonldap/NG/Portal/Auth/Combination.pm
|
||||
lib/Lemonldap/NG/Portal/Auth/DBI.pm
|
||||
lib/Lemonldap/NG/Portal/Auth/Demo.pm
|
||||
lib/Lemonldap/NG/Portal/Auth/Facebook.pm
|
||||
|
@ -92,6 +93,7 @@ lib/Lemonldap/NG/Portal/Register/U2F.pm
|
|||
lib/Lemonldap/NG/Portal/Simple.pm
|
||||
lib/Lemonldap/NG/Portal/UserDB/AD.pm
|
||||
lib/Lemonldap/NG/Portal/UserDB/Choice.pm
|
||||
lib/Lemonldap/NG/Portal/UserDB/Combination.pm
|
||||
lib/Lemonldap/NG/Portal/UserDB/DBI.pm
|
||||
lib/Lemonldap/NG/Portal/UserDB/Demo.pm
|
||||
lib/Lemonldap/NG/Portal/UserDB/Facebook.pm
|
||||
|
|
124
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/Combination.pm
Normal file
124
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/Combination.pm
Normal file
|
@ -0,0 +1,124 @@
|
|||
package Lemonldap::NG::Portal::Auth::Choice;
|
||||
|
||||
use strict;
|
||||
use Mouse;
|
||||
use Lemonldap::NG::Common::Combination::Parser;
|
||||
use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_ERROR);
|
||||
|
||||
# TODO: See Lib::Wrapper
|
||||
extends 'Lemonldap::NG::Portal::Auth::Base';
|
||||
|
||||
# PROPERTIES
|
||||
|
||||
has stackSub => ( is => 'rw' );
|
||||
|
||||
# INITIALIZATION
|
||||
|
||||
sub init {
|
||||
my ($self) = @_;
|
||||
unless ( $self->conf->combination ) {
|
||||
$self->error('No combination found');
|
||||
return 0;
|
||||
}
|
||||
my %mods;
|
||||
foreach my $mod ( @{ $self->conf->{combModules} } ) {
|
||||
my @tmp = ( undef, undef );
|
||||
|
||||
# TODO: override params
|
||||
if ( $mod->{for} < 2 ) {
|
||||
$tmp[0] = $self->p->loadPlugin("::Auth::$mod->{type}");
|
||||
unless ( $tmp[0] ) {
|
||||
$self->error("Unable to load Auth::$mod->{type}");
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
unless ( $mod->{for} == 1 ) {
|
||||
$tmp[1] = $self->p->loadPlugin("::UserDB::$mod->{type}");
|
||||
unless ( $tmp[1] ) {
|
||||
$self->error("Unable to load UserDB::$mod->{type}");
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
$mods{ $mod->{name} } = \@tmp;
|
||||
}
|
||||
eval {
|
||||
$self->stackSub(
|
||||
Lemonldap::NG::Common::Combination::Parser->parse(
|
||||
\%mods, $self->conf->combination
|
||||
)
|
||||
);
|
||||
};
|
||||
if ($@) {
|
||||
$self->error("Bad combination: $@");
|
||||
return 0;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
sub extractFormInfo {
|
||||
my ( $self, $req ) = @_;
|
||||
|
||||
# Get available authentication schemes for this user
|
||||
$self->getStack($req) or return PE_ERROR;
|
||||
return $self->try->( 0, 'extractFormInfo', $req );
|
||||
}
|
||||
|
||||
sub getUser {
|
||||
return $_[0]->try->( 1, 'getUser', $_[1] );
|
||||
}
|
||||
|
||||
sub authenticate {
|
||||
return $_[0]->try->( 0, 'authenticate', $_[1] );
|
||||
}
|
||||
|
||||
sub setAuthSessionInfo {
|
||||
return $_[0]->try->( 0, 'authenticate', $_[1] );
|
||||
}
|
||||
|
||||
sub setSessionInfo {
|
||||
return $_[0]->try->( 1, 'authenticate', $_[1] );
|
||||
}
|
||||
|
||||
sub setGroups {
|
||||
return $_[0]->try->( 1, 'authenticate', $_[1] );
|
||||
}
|
||||
|
||||
sub getDisplayType {
|
||||
return $_[0]->try->( 0, 'getDisplayType', {} );
|
||||
}
|
||||
|
||||
# TODO: authLogout
|
||||
|
||||
sub getStack {
|
||||
my ( $self, $req ) = @_;
|
||||
my $stack = $req->datas->{multiStack} = $self->stackSub($req);
|
||||
unless ($stack) {
|
||||
$self->lmLog( 'No authentication scheme for this user', 'error' );
|
||||
}
|
||||
@{ $req->datas->{multiSteps} } = @{ $req->steps };
|
||||
$req->datas->{multiTry} = 0;
|
||||
return $stack;
|
||||
}
|
||||
|
||||
sub try {
|
||||
my ( $self, $type, $subname, $req ) = @_;
|
||||
my ( $nb, $stack ) = ( $req->datas->{multiTry}, $req->datas->{multiStack} );
|
||||
|
||||
# If more than 1 scheme is available
|
||||
if ( $nb < @$stack ) {
|
||||
|
||||
# TODO: change logLevel for userLog()
|
||||
my $res = $stack->[$nb]->[$type]->$subname($req);
|
||||
|
||||
# On error, restart authentication with next scheme
|
||||
if ( $res > PE_OK ) {
|
||||
$req->datas->{multiTry}++;
|
||||
$req->steps( [ @{ $req->datas->{multiSteps} } ] );
|
||||
return PE_OK;
|
||||
}
|
||||
return $res;
|
||||
}
|
||||
return $stack->[$nb]->[$type]->$subname($req);
|
||||
}
|
||||
|
||||
1;
|
|
@ -0,0 +1,7 @@
|
|||
package Lemonldap::NG::Portal::UserDB::Combination;
|
||||
|
||||
sub new {
|
||||
return $_[1]->{p}->{_authentication};
|
||||
}
|
||||
|
||||
1;
|
Loading…
Reference in New Issue
Block a user