Rearrange cookie management (#595)
This commit is contained in:
Xavier Guimard
parent
1b88459c31
commit
880be4f6bd
|
|
@ -843,15 +843,15 @@ sub extractFormInfo {
|
|||
$req->datas->{confirmRemember} = 1;
|
||||
|
||||
# Delete existing IDP resolution cookie
|
||||
push @{ $req->respHeaders },
|
||||
'Set-Cookie' => $self->p->cookie(
|
||||
name => $self->conf->{samlIdPResolveCookie},
|
||||
value => 0,
|
||||
domain => $self->conf->{domain},
|
||||
path => "/",
|
||||
secure => 0,
|
||||
expires => '-1d',
|
||||
);
|
||||
$req->addCookie(
|
||||
$self->p->cookie(
|
||||
name => $self->conf->{samlIdPResolveCookie},
|
||||
value => 0,
|
||||
domain => $self->conf->{domain},
|
||||
secure => 0,
|
||||
expires => '-1d',
|
||||
)
|
||||
);
|
||||
|
||||
#TODO: check this
|
||||
$req->datas->{login} = 1;
|
||||
|
|
@ -898,16 +898,15 @@ sub extractFormInfo {
|
|||
# User can choose temporary (0) or persistent cookie (1)
|
||||
my $cookie_type = $req->param("cookie_type") || "0";
|
||||
|
||||
push @{ $req->{respHeaders} },
|
||||
'Set-Cookie' => $self->p->cookie(
|
||||
name => $self->conf->{samlIdPResolveCookie},
|
||||
value => $idp,
|
||||
domain => $self->conf->{domain},
|
||||
path => "/",
|
||||
secure => $self->conf->{securedCookie},
|
||||
HttpOnly => $self->conf->{httpOnly},
|
||||
expires => $cookie_type ? "+365d" : "",
|
||||
);
|
||||
$req->addCookie(
|
||||
$self->p->cookie(
|
||||
name => $self->conf->{samlIdPResolveCookie},
|
||||
value => $idp,
|
||||
domain => $self->conf->{domain},
|
||||
secure => $self->conf->{securedCookie},
|
||||
expires => $cookie_type ? "+365d" : "",
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
# 3. Build authentication request
|
||||
|
|
|
|||
|
|
@ -114,12 +114,14 @@ sub handler {
|
|||
'debug' );
|
||||
|
||||
# Build cookie
|
||||
push @{ $req->respHeaders },
|
||||
'Set-Cookie' => $self->cdc_name
|
||||
. "=$cdc_cookie; domain=$cdc_domain; path=/; secure=1; HttpOnly="
|
||||
. $self->httpOnly
|
||||
. "; expires="
|
||||
. $self->cookieExpiration;
|
||||
$req->addCookie(
|
||||
$self->p->cookie(
|
||||
name => $self->cdc_name,
|
||||
value => $cdc_cookie,
|
||||
domain => $cdc_domain,
|
||||
secure => 1
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
# Read request
|
||||
|
|
|
|||
|
|
@ -255,15 +255,15 @@ sub extractFormInfo {
|
|||
elsif ( $ret == PE_FIRSTACCESS
|
||||
and $req->cookies->{ $self->conf->{cookieName} } )
|
||||
{
|
||||
push @{ $req->respHeaders },
|
||||
'Set-Cookie' => $self->cookie(
|
||||
name => $self->conf->{cookieName},
|
||||
value => 0,
|
||||
domain => $self->conf->{domain},
|
||||
path => "/",
|
||||
secure => 0,
|
||||
expires => '-1d',
|
||||
);
|
||||
$req->addCookie(
|
||||
$self->cookie(
|
||||
name => $self->conf->{cookieName},
|
||||
value => 0,
|
||||
domain => $self->conf->{domain},
|
||||
secure => 0,
|
||||
expires => '-1d',
|
||||
)
|
||||
);
|
||||
return PE_SESSIONEXPIRED;
|
||||
}
|
||||
return $ret;
|
||||
|
|
@ -449,50 +449,25 @@ sub store {
|
|||
|
||||
sub buildCookie {
|
||||
my ( $self, $req ) = @_;
|
||||
push @{ $req->respHeaders },
|
||||
'Set-Cookie' => $self->cookie(
|
||||
name => $self->conf->{cookieName},
|
||||
value => $req->{id},
|
||||
domain => $self->conf->{domain},
|
||||
path => "/",
|
||||
secure => $self->conf->{securedCookie},
|
||||
HttpOnly => $self->conf->{httpOnly},
|
||||
expires => $self->conf->{cookieExpiration},
|
||||
);
|
||||
$req->addCookie(
|
||||
$self->cookie(
|
||||
name => $self->conf->{cookieName},
|
||||
value => $req->{id},
|
||||
domain => $self->conf->{domain},
|
||||
secure => $self->conf->{securedCookie},
|
||||
)
|
||||
);
|
||||
if ( $self->conf->{securedCookie} >= 2 ) {
|
||||
push @{ $req->respHeaders },
|
||||
'Set-Cookie' => $self->cookie(
|
||||
name => $self->conf->{cookieName} . "http",
|
||||
value => $req->{sessionInfo}->{_httpSession},
|
||||
domain => $self->conf->{domain},
|
||||
path => "/",
|
||||
secure => 0,
|
||||
HttpOnly => $self->conf->{httpOnly},
|
||||
expires => $self->conf->{cookieExpiration},
|
||||
);
|
||||
$req->addCookie(
|
||||
$self->cookie(
|
||||
name => $self->conf->{cookieName} . "http",
|
||||
value => $req->{sessionInfo}->{_httpSession},
|
||||
domain => $self->conf->{domain},
|
||||
secure => 0,
|
||||
)
|
||||
);
|
||||
}
|
||||
PE_OK;
|
||||
}
|
||||
|
||||
sub cookie {
|
||||
my ( $self, %h ) = @_;
|
||||
my @res;
|
||||
$res[0] = "$h{name}" or die("name required");
|
||||
$res[0] .= "=$h{value}";
|
||||
foreach (qw(domain path expires max_age HttpOnly)) {
|
||||
my $f = $_;
|
||||
$f =~ s/_/-/g;
|
||||
push @res, "$f=$h{$_}" if ( $h{$_} );
|
||||
}
|
||||
return join( '; ', @res );
|
||||
}
|
||||
|
||||
sub _dump {
|
||||
my ( $self, $variable ) = @_;
|
||||
require Data::Dumper;
|
||||
$Data::Dumper::Indent = 0;
|
||||
$self->lmLog( "Dump: " . Data::Dumper::Dumper($variable), 'debug' );
|
||||
return;
|
||||
}
|
||||
|
||||
1;
|
||||
|
|
|
|||
|
|
@ -114,6 +114,11 @@ sub info {
|
|||
return $self->datas->{_info};
|
||||
}
|
||||
|
||||
sub addCookie {
|
||||
my ( $self, $cookie ) = @_;
|
||||
push @{ $self->respHeaders }, 'Set-Cookie' => $cookie;
|
||||
}
|
||||
|
||||
# TODO: oldpassword
|
||||
1;
|
||||
__END__
|
||||
|
|
|
|||
|
|
@ -437,30 +437,30 @@ sub _deleteSession {
|
|||
}
|
||||
|
||||
# Create an obsolete cookie to remove it
|
||||
push @{ $req->respHeaders },
|
||||
'Set-Cookie' => $self->cookie(
|
||||
name => $self->conf->{cookieName} . 'http',
|
||||
value => 0,
|
||||
domain => $self->conf->{domain},
|
||||
path => "/",
|
||||
secure => 0,
|
||||
expires => '-1d',
|
||||
) unless ($preserveCookie);
|
||||
$req->addCookie(
|
||||
$self->cookie(
|
||||
name => $self->conf->{cookieName} . 'http',
|
||||
value => 0,
|
||||
domain => $self->conf->{domain},
|
||||
secure => 0,
|
||||
expires => '-1d',
|
||||
)
|
||||
) unless ($preserveCookie);
|
||||
}
|
||||
|
||||
HANDLER->localUnlog( $session->id );
|
||||
$session->remove;
|
||||
|
||||
# Create an obsolete cookie to remove it
|
||||
push @{ $req->respHeaders },
|
||||
'Set-Cookie' => $self->cookie(
|
||||
name => $self->conf->{cookieName},
|
||||
value => 0,
|
||||
domain => $self->conf->{domain},
|
||||
path => "/",
|
||||
secure => 0,
|
||||
expires => '-1d',
|
||||
) unless ($preserveCookie);
|
||||
$req->addCookie(
|
||||
$self->cookie(
|
||||
name => $self->conf->{cookieName},
|
||||
value => 0,
|
||||
domain => $self->conf->{domain},
|
||||
secure => 0,
|
||||
expires => '-1d',
|
||||
)
|
||||
) unless ($preserveCookie);
|
||||
|
||||
# Log
|
||||
my $user = $req->{sessionInfo}->{ $self->conf->{whatToTrace} };
|
||||
|
|
@ -606,4 +606,29 @@ sub fullUrl {
|
|||
return $pHost . $req->uri;
|
||||
}
|
||||
|
||||
sub cookie {
|
||||
my ( $self, %h ) = @_;
|
||||
my @res;
|
||||
$res[0] = "$h{name}" or die("name required");
|
||||
$res[0] .= "=$h{value}";
|
||||
$h{path} ||= '/';
|
||||
$h{HttpOnly} //= $self->conf->{httpOnly};
|
||||
$h{expires} //= $self->conf->{cookieExpiration};
|
||||
foreach (qw(domain path expires max_age HttpOnly)) {
|
||||
my $f = $_;
|
||||
$f =~ s/_/-/g;
|
||||
push @res, "$f=$h{$_}" if ( $h{$_} );
|
||||
}
|
||||
push @res, 'secure' if($h{secure});
|
||||
return join( '; ', @res );
|
||||
}
|
||||
|
||||
sub _dump {
|
||||
my ( $self, $variable ) = @_;
|
||||
require Data::Dumper;
|
||||
$Data::Dumper::Indent = 0;
|
||||
$self->lmLog( "Dump: " . Data::Dumper::Dumper($variable), 'debug' );
|
||||
return;
|
||||
}
|
||||
|
||||
1;
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user