diff --git a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/OpenID/SREG.pm b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/OpenID/SREG.pm
index 8c794337c..5a22c79e0 100644
--- a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/OpenID/SREG.pm
+++ b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/OpenID/SREG.pm
@@ -19,13 +19,18 @@ sub sregHook {
# Refuse federation if rejected by user
return 0 if ( $self->param('confirm') == -1 );
+
+ # If identity is not trusted, does nothing
return ( 0, $prm ) unless ($is_id);
$self->lmLog( "SREG start", 'debug' );
- # TODO: verify that request has been accepted
my $accepted = 1;
+
+ # Check all parameters
while ( my ( $k, $v ) = each %$prm ) {
+
+ # Store policy if provided
if ( $k eq 'policy_url' ) {
if ( $v =~ Lemonldap::NG::Common::Regexp::HTTP_URI ) {
$self->{_openIdTrustExtMsg} .=
@@ -33,7 +38,8 @@ sub sregHook {
. &Lemonldap::NG::Portal::_i18n::msg(PM_OPENID_PA)
. " :
$v";
- # TODO: is it important to notify policy changes ?
+ # Question: is it important to notify policy changes ?
+ # if yes, uncomment this
#my $p =
# $self->{sessionInfo}->{"_openidTrust$trust_root\_Policy"};
#$accepted = 0 unless ( $p and $p eq $v );
@@ -42,10 +48,14 @@ sub sregHook {
$self->lmLog( "Bad policy url", 'error' );
}
}
+
+ # Parse required attributes
elsif ( $k eq 'required' ) {
$self->lmLog( "Required attr $v", 'debug' );
push @req, split( /,/, $v );
}
+
+ # Parse optional attributes
elsif ( $k eq 'optional' ) {
$self->lmLog( "Optional attr $v", 'debug' );
push @opt,
@@ -57,7 +67,7 @@ sub sregHook {
}
# Check if required keys are valid SREG requests
- # TODO: reject bad SREG request ?
+ # Question: reject bad SREG request ? Not done yet
@req = sregfilter( $self, @req );
@opt = sregfilter( $self, @opt );
@@ -125,7 +135,6 @@ sub sregHook {
# Store the value returned
if ( !defined($agree) or $agree != $ck ) {
- $self->{sessionInfo}->{"_openidTrust$trust_root\_$k"} = 1;
$self->updateSession(
{ "_openidTrust$trust_root\_$k" => $ck } );
$agree = $ck;
@@ -142,6 +151,9 @@ sub sregHook {
$r{$k} = $msg{opt}->{$k};
$ag{$k} = 1;
}
+ elsif ( !defined($agree) ) {
+ $ag{$k} = 1;
+ }
else {
$ag{$k} = 0;
}
@@ -178,6 +190,10 @@ sub sregHook {
}
}
+## @method private array sregfilter(array attr)
+# Filter the arguments passed as parameters by checking their compliance with
+# SREG.
+# @return fitered datas
sub sregfilter {
my ( $self, @attr ) = splice @_;
my ( @ret, @rej );
diff --git a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Simple.pm b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Simple.pm
index d808813eb..6238c1559 100644
--- a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Simple.pm
+++ b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Simple.pm
@@ -781,11 +781,13 @@ sub updateSession {
my ( $self, $infos, $id ) = splice @_;
my %cookies = fetch CGI::Cookie;
- # Session ID
- unless ($id) {
- $id = $cookies{ $self->{cookieName} }->value
- if defined $cookies{ $self->{cookieName} };
- }
+ # Update sessionInfo datas
+ $self->{sessionInfo}->{$_} = $infos->{$_} unless ($id);
+
+ # Recover session ID unless given
+ $id ||= $self->{id};
+ $id ||= $cookies{ $self->{cookieName} }->value
+ if ( defined $cookies{ $self->{cookieName} } );
if ($id) {
my $h = $self->getApacheSession( $id, 1 ) or return undef;
@@ -800,7 +802,6 @@ sub updateSession {
untie %$h;
}
-
}
## @method void addSessionValue(string key, string value, string id)