dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Append debug messages & Fix issue (#1509)

Browse Source
This commit is contained in:
Christophe Maudoux 2018-10-23 21:35:44 +02:00
parent 67e9dc23b1
commit aaaa8f54f5
2 changed files with 207 additions and 196 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

123
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm
View File

@ -44,17 +44,17 @@ sub getStatus {
if ( $ENV{LLNGSTATUSHOST} ) { if ( $ENV{LLNGSTATUSHOST} ) {
require IO::Socket::INET; require IO::Socket::INET;
foreach ( 64322 .. 64331 ) { foreach ( 64322 .. 64331 ) {
if ( $statusOut = if ( $statusOut
IO::Socket::INET->new( Proto => 'udp', LocalPort => $_ ) ) = IO::Socket::INET->new( Proto => 'udp', LocalPort => $_ ) )
{ {
$args = $args = ' host='
' host=' . ( $ENV{LLNGSTATUSCLIENT} || 'localhost' ) . ":$_"; . ( $ENV{LLNGSTATUSCLIENT} || 'localhost' ) . ":$_";
last; last;
} }
} }
return $class->abort( $req, return $class->abort( $req,
"$class: status page can not be displayed, unable to open socket" ) "$class: status page can not be displayed, unable to open socket"
unless ($statusOut); ) unless ($statusOut);
} }
return $class->abort( $req, "$class: status page can not be displayed" ) return $class->abort( $req, "$class: status page can not be displayed" )
unless ( $statusPipe and $statusOut ); unless ( $statusPipe and $statusOut );
@ -243,8 +243,8 @@ sub lmLog {
sub checkMaintenanceMode { sub checkMaintenanceMode {
my ( $class, $req ) = @_; my ( $class, $req ) = @_;
my $vhost = $class->resolveAlias($req); my $vhost = $class->resolveAlias($req);
my $_maintenance = my $_maintenance
( defined $class->tsv->{maintenance}->{$vhost} ) = ( defined $class->tsv->{maintenance}->{$vhost} )
? $class->tsv->{maintenance}->{$vhost} ? $class->tsv->{maintenance}->{$vhost}
: $class->tsv->{maintenance}->{_}; : $class->tsv->{maintenance}->{_};
@ -272,8 +272,8 @@ sub grant {
} }
} }
for ( for (
my $i = 0 ; my $i = 0;
$i < ( $class->tsv->{locationCount}->{$vhost} || 0 ) ; $i < ( $class->tsv->{locationCount}->{$vhost} || 0 );
$i++ $i++
) )
{ {
@ -405,8 +405,8 @@ sub fetchId {
: $class->tsv->{https}->{_} : $class->tsv->{https}->{_}
); );
my $cn = $class->tsv->{cookieName}; my $cn = $class->tsv->{cookieName};
my $value = my $value
$lookForHttpCookie = $lookForHttpCookie
? ( $t =~ /${cn}http=([^,; ]+)/o ? $1 : 0 ) ? ( $t =~ /${cn}http=([^,; ]+)/o ? $1 : 0 )
: ( $t =~ /$cn=([^,; ]+)/o ? $1 : 0 ); : ( $t =~ /$cn=([^,; ]+)/o ? $1 : 0 );
@ -446,8 +446,7 @@ sub retrieveSession {
# 2. Get the session from cache or backend # 2. Get the session from cache or backend
my $session = $req->data->{session} = ( my $session = $req->data->{session} = (
Lemonldap::NG::Common::Session->new( Lemonldap::NG::Common::Session->new(
{ { storageModule => $class->tsv->{sessionStorageModule},
storageModule => $class->tsv->{sessionStorageModule},
storageModuleOptions => $class->tsv->{sessionStorageOptions}, storageModuleOptions => $class->tsv->{sessionStorageOptions},
cacheModule => $class->tsv->{sessionCacheModule}, cacheModule => $class->tsv->{sessionCacheModule},
cacheModuleOptions => $class->tsv->{sessionCacheOptions}, cacheModuleOptions => $class->tsv->{sessionCacheOptions},
@ -462,11 +461,49 @@ sub retrieveSession {
$class->data( $session->data ); $class->data( $session->data );
$class->logger->debug("Get session $id from Handler::Main::Run"); $class->logger->debug("Get session $id from Handler::Main::Run");
# Verify that session is valid
$class->logger->error(
"_utime is not defined. This should not happen. Check if it is well transmitted to handler"
) unless $session->data->{_utime};
$class->logger->debug("Check session validity from Handler");
$class->logger->debug(
"Session timeout -> " . $class->tsv->{timeout} );
$class->logger->debug( "Session timeoutActivity -> "
. $class->tsv->{timeoutActivity}
. "s" )
if ( $class->tsv->{timeoutActivity} );
$class->logger->debug(
"Session _utime -> " . $session->data->{_utime} );
$class->logger->debug( "now -> " . $now );
$class->logger->debug( "_lastSeen -> " . $session->data->{_lastSeen} )
if ( $session->data->{_lastSeen} );
my $delta = $now - $session->data->{_lastSeen};
$class->logger->debug( "now - _lastSeen = " . $delta )
if ( $session->data->{_lastSeen} );
$class->logger->debug( "Session timeoutActivityInterval -> "
. $class->tsv->{timeoutActivityInterval} )
if ( $class->tsv->{timeoutActivityInterval} );
my $ttl = $class->tsv->{timeout} - $now + $session->data->{_utime};
$class->logger->debug( "Session TTL = " . $ttl );
if ($now - $session->data->{_utime} > $class->tsv->{timeout}
or ( $class->tsv->{timeoutActivity}
and $session->data->{_lastSeen}
and $delta > $class->tsv->{timeoutActivity} )
)
{
$class->logger->info("Session $id expired");
# Clean cached data
$class->data( {} );
return 0;
}
# Update the session to notify activity, if necessary # Update the session to notify activity, if necessary
if ( if ($class->tsv->{timeoutActivity}
$class->tsv->{timeoutActivity} and ( $now - $session->data->{_lastSeen}
and ( $now - $session->data->{_lastSeen} > > $class->tsv->{timeoutActivityInterval} )
$class->tsv->{timeoutActivityInterval} )
) )
{ {
$req->data->{session}->update( { '_lastSeen' => $now } ); $req->data->{session}->update( { '_lastSeen' => $now } );
@ -481,26 +518,6 @@ sub retrieveSession {
} }
} }
# Verify that session is valid
$class->logger->error(
"_utime is not defined. This should not happen. Check if it is well transmitted to handler"
) unless $session->data->{_utime};
$class->logger->debug( "Check session timeoutActivity from Handler -> " . $class->tsv->{timeoutActivity} ."s" );
if (
$now - $session->data->{_utime} > $class->tsv->{timeout}
or ( $class->tsv->{timeoutActivity}
and $session->data->{_lastSeen}
and ( ( $now - $session->data->{_lastSeen} ) > $class->tsv->{timeoutActivity} ) )
)
{
$class->logger->info("Session $id expired");
# Clean cached data
$class->data( {} );
return 0;
}
$class->dataUpdate($now); $class->dataUpdate($now);
return $session->data; return $session->data;
} }
@ -525,8 +542,8 @@ sub _buildUrl {
? $class->tsv->{https}->{$vhost} ? $class->tsv->{https}->{$vhost}
: $class->tsv->{https}->{_} : $class->tsv->{https}->{_}
); );
my $portString = my $portString
$class->tsv->{port}->{$vhost} = $class->tsv->{port}->{$vhost}
|| $class->tsv->{port}->{_} || $class->tsv->{port}->{_}
|| $req->{env}->{SERVER_PORT}; || $req->{env}->{SERVER_PORT};
$portString = ( $portString = (
@ -548,8 +565,8 @@ sub isUnprotected {
my ( $class, $req, $uri ) = @_; my ( $class, $req, $uri ) = @_;
my $vhost = $class->resolveAlias($req); my $vhost = $class->resolveAlias($req);
for ( for (
my $i = 0 ; my $i = 0;
$i < ( $class->tsv->{locationCount}->{$vhost} || 0 ) ; $i < ( $class->tsv->{locationCount}->{$vhost} || 0 );
$i++ $i++
) )
{ {
@ -568,7 +585,8 @@ sub sendHeaders {
if ( defined $class->tsv->{forgeHeaders}->{$vhost} ) { if ( defined $class->tsv->{forgeHeaders}->{$vhost} ) {
# Log headers in debug mode # Log headers in debug mode
my %headers = $class->tsv->{forgeHeaders}->{$vhost}->( $req, $session ); my %headers
= $class->tsv->{forgeHeaders}->{$vhost}->( $req, $session );
foreach my $h ( sort keys %headers ) { foreach my $h ( sort keys %headers ) {
if ( defined( my $v = $headers{$h} ) ) { if ( defined( my $v = $headers{$h} ) ) {
$class->logger->debug("Send header $h with value $v"); $class->logger->debug("Send header $h with value $v");
@ -673,8 +691,8 @@ sub postOutputFilter {
$class->logger->debug("Filling a html form with fake data"); $class->logger->debug("Filling a html form with fake data");
$class->unset_header_in( $req, "Accept-Encoding" ); $class->unset_header_in( $req, "Accept-Encoding" );
my %postdata = my %postdata = $class->tsv->{outputPostData}->{$vhost}->{$uri}
$class->tsv->{outputPostData}->{$vhost}->{$uri}->( $req, $session ); ->( $req, $session );
my $formParams = $class->tsv->{postFormParams}->{$vhost}->{$uri}; my $formParams = $class->tsv->{postFormParams}->{$vhost}->{$uri};
my $js = $class->postJavascript( $req, \%postdata, $formParams ); my $js = $class->postJavascript( $req, \%postdata, $formParams );
$class->addToHtmlHead( $req, $js ); $class->addToHtmlHead( $req, $js );
@ -691,8 +709,8 @@ sub postInputFilter {
if ( defined( $class->tsv->{inputPostData}->{$vhost}->{$uri} ) ) { if ( defined( $class->tsv->{inputPostData}->{$vhost}->{$uri} ) ) {
$class->logger->debug("Replacing fake data with real form data"); $class->logger->debug("Replacing fake data with real form data");
my %data = my %data = $class->tsv->{inputPostData}->{$vhost}->{$uri}
$class->tsv->{inputPostData}->{$vhost}->{$uri}->( $req, $session ); ->( $req, $session );
foreach ( keys %data ) { foreach ( keys %data ) {
$data{$_} = uri_escape( $data{$_} ); $data{$_} = uri_escape( $data{$_} );
} }
@ -712,18 +730,19 @@ sub postJavascript {
foreach my $name ( keys %$data ) { foreach my $name ( keys %$data ) {
use bytes; use bytes;
my $value = "x" x bytes::length( $data->{$name} ); my $value = "x" x bytes::length( $data->{$name} );
$filler .= $filler
"form.find('input[name=\"$name\"], select[name=\"$name\"], textarea[name=\"$name\"]').val('$value')\n"; .= "form.find('input[name=\"$name\"], select[name=\"$name\"], textarea[name=\"$name\"]').val('$value')\n";
} }
my $submitter = my $submitter
$formParams->{buttonSelector} eq "none" ? "" = $formParams->{buttonSelector} eq "none" ? ""
: $formParams->{buttonSelector} : $formParams->{buttonSelector}
? "form.find('$formParams->{buttonSelector}').click();\n" ? "form.find('$formParams->{buttonSelector}').click();\n"
: "form.submit();\n"; : "form.submit();\n";
my $jqueryUrl = $formParams->{jqueryUrl} || ""; my $jqueryUrl = $formParams->{jqueryUrl} || "";
$jqueryUrl = &{ $class->tsv->{portal} } . "skins/common/js/jquery-1.10.2.js" $jqueryUrl
= &{ $class->tsv->{portal} } . "skins/common/js/jquery-1.10.2.js"
if ( $jqueryUrl eq "default" ); if ( $jqueryUrl eq "default" );
$jqueryUrl = "<script type='text/javascript' src='$jqueryUrl'></script>\n" $jqueryUrl = "<script type='text/javascript' src='$jqueryUrl'></script>\n"
if ($jqueryUrl); if ($jqueryUrl);

124
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
View File

@ -17,7 +17,7 @@ use strict;
use URI::Escape; use URI::Escape;
# List constants # List constants
sub authProcess { qw(extractFormInfo getUser authenticate) } sub authProcess {qw(extractFormInfo getUser authenticate)}
sub sessionData { sub sessionData {
qw(setAuthSessionInfo setSessionInfo setMacros setGroups setPersistentSessionInfo qw(setAuthSessionInfo setSessionInfo setMacros setGroups setPersistentSessionInfo
@ -56,11 +56,9 @@ sub handler {
if ( $sp or %{ $req->pdata } ) { if ( $sp or %{ $req->pdata } ) {
my %v = ( my %v = (
name => $self->conf->{cookieName} . 'pdata', name => $self->conf->{cookieName} . 'pdata',
( ( %{ $req->pdata }
%{ $req->pdata }
? ( value => uri_escape( JSON::to_json( $req->pdata ) ) ) ? ( value => uri_escape( JSON::to_json( $req->pdata ) ) )
: ( : ( value => '',
value => '',
expires => 'Wed, 21 Oct 2015 00:00:00 GMT' expires => 'Wed, 21 Oct 2015 00:00:00 GMT'
) )
) )
@ -94,8 +92,7 @@ sub login {
my ( $self, $req ) = @_; my ( $self, $req ) = @_;
return $self->do( return $self->do(
$req, $req,
[ [ 'controlUrl', @{ $self->beforeAuth },
'controlUrl', @{ $self->beforeAuth },
$self->authProcess, @{ $self->betweenAuthAndData }, $self->authProcess, @{ $self->betweenAuthAndData },
$self->sessionData, @{ $self->afterData }, $self->sessionData, @{ $self->afterData },
$self->validSession, @{ $self->endAuth }, $self->validSession, @{ $self->endAuth },
@ -107,8 +104,7 @@ sub postLogin {
my ( $self, $req ) = @_; my ( $self, $req ) = @_;
return $self->do( return $self->do(
$req, $req,
[ [ 'restoreArgs', 'controlUrl',
'restoreArgs', 'controlUrl',
@{ $self->beforeAuth }, $self->authProcess, @{ $self->beforeAuth }, $self->authProcess,
@{ $self->betweenAuthAndData }, $self->sessionData, @{ $self->betweenAuthAndData }, $self->sessionData,
@{ $self->afterData }, $self->validSession, @{ $self->afterData }, $self->validSession,
@ -121,8 +117,7 @@ sub authenticatedRequest {
my ( $self, $req ) = @_; my ( $self, $req ) = @_;
return $self->do( return $self->do(
$req, $req,
[ [ 'importHandlerData', 'controlUrl',
'importHandlerData', 'controlUrl',
'checkLogout', @{ $self->forAuthUser } 'checkLogout', @{ $self->forAuthUser }
] ]
); );
@ -132,8 +127,7 @@ sub postAuthenticatedRequest {
my ( $self, $req ) = @_; my ( $self, $req ) = @_;
return $self->do( return $self->do(
$req, $req,
[ [ 'importHandlerData', 'restoreArgs',
'importHandlerData', 'restoreArgs',
'controlUrl', 'checkLogout', 'controlUrl', 'checkLogout',
@{ $self->forAuthUser } @{ $self->forAuthUser }
] ]
@ -151,8 +145,7 @@ sub refresh {
delete $data{$_} unless ( /^_/ or /^(?:startTime)$/ ); delete $data{$_} unless ( /^_/ or /^(?:startTime)$/ );
} }
$req->steps( $req->steps(
[ [ 'getUser',
'getUser',
@{ $self->betweenAuthAndData }, @{ $self->betweenAuthAndData },
'setAuthSessionInfo', 'setAuthSessionInfo',
'setSessionInfo', 'setSessionInfo',
@ -170,21 +163,21 @@ sub refresh {
if ($res) { if ($res) {
$req->info( $req->info(
$self->loadTemplate( $self->loadTemplate(
'simpleInfo', params => { trspan => 'rightsReloadNeedsLogout' } 'simpleInfo',
params => { trspan => 'rightsReloadNeedsLogout' }
) )
); );
$req->urldc( $self->conf->{portal} ); $req->urldc( $self->conf->{portal} );
return $self->do( $req, [ sub { PE_INFO } ] ); return $self->do( $req, [ sub {PE_INFO} ] );
} }
return $self->do( $req, [ sub { PE_OK } ] ); return $self->do( $req, [ sub {PE_OK} ] );
} }
sub logout { sub logout {
my ( $self, $req ) = @_; my ( $self, $req ) = @_;
return $self->do( return $self->do(
$req, $req,
[ [ 'controlUrl', @{ $self->beforeLogout },
'controlUrl', @{ $self->beforeLogout },
'authLogout', 'deleteSession' 'authLogout', 'deleteSession'
] ]
); );
@ -201,7 +194,7 @@ sub do {
# Update status # Update status
if ( my $p = $self->HANDLER->tsv->{statusPipe} ) { if ( my $p = $self->HANDLER->tsv->{statusPipe} ) {
$p->print( ( $req->user ? $req->user : $req->address ) . ' => ' $p->print(( $req->user ? $req->user : $req->address ) . ' => '
. $req->uri . $req->uri
. " $err\n" ); . " $err\n" );
} }
@ -215,9 +208,7 @@ sub do {
if ( ( $err > 0 and !$req->id ) or $err eq PE_SESSIONNOTGRANTED ) { if ( ( $err > 0 and !$req->id ) or $err eq PE_SESSIONNOTGRANTED ) {
return [ return [
401, 401,
[ [ 'WWW-Authenticate' => "SSO " . $self->conf->{portal} ],
'WWW-Authenticate' => "SSO " . $self->conf->{portal}
],
[qq'{"result":0,"error":$err}'] [qq'{"result":0,"error":$err}']
]; ];
} }
@ -231,16 +222,14 @@ sub do {
else { else {
return $self->sendJSONresponse( return $self->sendJSONresponse(
$req, $req,
{ { result => 1,
result => 1,
code => $err code => $err
} }
); );
} }
} }
else { else {
if ( if ( $err
$err
and $err != PE_LOGOUT_OK and $err != PE_LOGOUT_OK
and ( and (
$err != PE_REDIRECT $err != PE_REDIRECT
@ -267,8 +256,7 @@ sub do {
sub getModule { sub getModule {
my ( $self, $req, $type ) = @_; my ( $self, $req, $type ) = @_;
if ( if (my $mod = {
my $mod = {
auth => '_authentication', auth => '_authentication',
user => '_userDB', user => '_userDB',
password => '_passwordDB' password => '_passwordDB'
@ -280,8 +268,8 @@ sub getModule {
} }
else { else {
my $s = ref( $self->$mod ); my $s = ref( $self->$mod );
$s =~ $s
s/^Lemonldap::NG::Portal::(?:(?:Issuer|UserDB|Auth|Password)::)?//; =~ s/^Lemonldap::NG::Portal::(?:(?:Issuer|UserDB|Auth|Password)::)?//;
return $s; return $s;
} }
} }
@ -308,8 +296,9 @@ sub autoRedirect {
$req->data->{redirectFormMethod} = "get"; $req->data->{redirectFormMethod} = "get";
} }
else { else {
return [ 302, return [
[ Location => $req->{urldc}, @{ $req->respHeaders } ], [] ]; 302, [ Location => $req->{urldc}, @{ $req->respHeaders } ], []
];
} }
} }
my ( $tpl, $prms ) = $self->display($req); my ( $tpl, $prms ) = $self->display($req);
@ -330,8 +319,7 @@ sub getApacheSession {
} }
my $as = Lemonldap::NG::Common::Session->new( my $as = Lemonldap::NG::Common::Session->new(
{ { storageModule => $self->conf->{globalStorage},
storageModule => $self->conf->{globalStorage},
storageModuleOptions => $self->conf->{globalStorageOptions}, storageModuleOptions => $self->conf->{globalStorageOptions},
cacheModule => $self->conf->{localSessionStorage}, cacheModule => $self->conf->{localSessionStorage},
cacheModuleOptions => $self->conf->{localSessionStorageOptions}, cacheModuleOptions => $self->conf->{localSessionStorageOptions},
@ -345,8 +333,7 @@ sub getApacheSession {
if ( my $err = $as->error ) { if ( my $err = $as->error ) {
$self->lmLog( $self->lmLog(
$err, $err,
( ( $err =~ /(?:Object does not exist|Invalid session ID)/
$err =~ /(?:Object does not exist|Invalid session ID)/
? 'notice' ? 'notice'
: 'error' : 'error'
) )
@ -358,17 +345,20 @@ sub getApacheSession {
$self->logger->debug("Session $args{kind} $id not found"); $self->logger->debug("Session $args{kind} $id not found");
return; return;
} }
$self->logger->debug("Get session $id from Portal::Main::Run") if ( $id ); $self->logger->debug("Get session $id from Portal::Main::Run") if ($id);
$self->logger->debug("Check session timeoutActivity -> " . $self->conf->{timeoutActivity} . "s"); $self->logger->debug(
"Check session validity -> " . $self->conf->{timeoutActivity} . "s" )
if ( $self->conf->{timeoutActivity} );
my $now = time; my $now = time;
if ( if ( $id
$id
and defined $as->data->{_utime} and defined $as->data->{_utime}
and ( and (
( ( $now - $as->data->{_utime} ) > $self->conf->{timeout} ) ( ( $now - $as->data->{_utime} ) > $self->conf->{timeout} )
or ( $self->conf->{timeoutActivity} or ( $self->conf->{timeoutActivity}
and $as->data->{_lastSeen} and $as->data->{_lastSeen}
and ( ( $now - $as->data->{_lastSeen} ) > $self->conf->{timeoutActivity} ) ) and ( ( $now - $as->data->{_lastSeen} )
> $self->conf->{timeoutActivity} )
)
) )
) )
{ {
@ -393,8 +383,7 @@ sub getPersistentSession {
$info->{_session_uid} = $uid; $info->{_session_uid} = $uid;
my $ps = Lemonldap::NG::Common::Session->new( my $ps = Lemonldap::NG::Common::Session->new(
{ { storageModule => $self->conf->{persistentStorage},
storageModule => $self->conf->{persistentStorage},
storageModuleOptions => $self->conf->{persistentStorageOptions}, storageModuleOptions => $self->conf->{persistentStorageOptions},
id => $pid, id => $pid,
force => 1, force => 1,
@ -438,7 +427,8 @@ sub updatePersistentSession {
|| $req->userData->{ $self->conf->{whatToTrace} }; || $req->userData->{ $self->conf->{whatToTrace} };
$self->logger->debug("Found 'whatToTrace' -> $uid"); $self->logger->debug("Found 'whatToTrace' -> $uid");
unless ($uid) { unless ($uid) {
$self->logger->debug('No uid found, skipping updatePersistentSession'); $self->logger->debug(
'No uid found, skipping updatePersistentSession');
return (); return ();
} }
$self->logger->debug("Update $uid persistent session"); $self->logger->debug("Update $uid persistent session");
@ -480,14 +470,14 @@ sub updateSession {
foreach ( keys %$infos ) { foreach ( keys %$infos ) {
$self->logger->debug( $self->logger->debug(
"Update sessionInfo $_ with " . $infos->{$_} ); "Update sessionInfo $_ with " . $infos->{$_} );
$req->{sessionInfo}->{$_} = $self->HANDLER->data->{$_} = $req->{sessionInfo}->{$_} = $self->HANDLER->data->{$_}
$infos->{$_}; = $infos->{$_};
} }
# Update session in global storage with _updateTime # Update session in global storage with _updateTime
$infos->{_updateTime} = strftime( "%Y%m%d%H%M%S", localtime() ); $infos->{_updateTime} = strftime( "%Y%m%d%H%M%S", localtime() );
if ( my $apacheSession = if ( my $apacheSession
$self->getApacheSession( $id, info => $infos ) ) = $self->getApacheSession( $id, info => $infos ) )
{ {
if ( $apacheSession->error ) { if ( $apacheSession->error ) {
$self->logger->error("Cannot update session $id"); $self->logger->error("Cannot update session $id");
@ -570,8 +560,8 @@ sub isTrustedUrl {
sub stamp { sub stamp {
my $self = shift; my $self = shift;
my $res = my $res
$self->conf->{cipher} = $self->conf->{cipher}
? $self->conf->{cipher}->encrypt( time() ) ? $self->conf->{cipher}->encrypt( time() )
: 1; : 1;
$res =~ s/\+/%2B/g; $res =~ s/\+/%2B/g;
@ -732,7 +722,8 @@ sub sendHtml {
'X-Content-Type-Options' => 'nosniff'; 'X-Content-Type-Options' => 'nosniff';
# Set authorized URL for POST # Set authorized URL for POST
my $csp = $self->csp . "form-action 'self' " . $self->conf->{cspFormAction}; my $csp
= $self->csp . "form-action 'self' " . $self->conf->{cspFormAction};
if ( my $url = $req->urldc ) { if ( my $url = $req->urldc ) {
$self->logger->debug("Required urldc : $url"); $self->logger->debug("Required urldc : $url");
$url =~ s#(https?://[^/]+).*#$1#; $url =~ s#(https?://[^/]+).*#$1#;
@ -743,13 +734,14 @@ sub sendHtml {
if ( defined $url ) { if ( defined $url ) {
$self->logger->debug("Required Params URL : $url"); $self->logger->debug("Required Params URL : $url");
if ( $url =~ s#(https?://[^/]+).*#$1# ) { if ( $url =~ s#(https?://[^/]+).*#$1# ) {
$self->logger->debug("Set CSP form-action with Params URL : $url"); $self->logger->debug(
"Set CSP form-action with Params URL : $url");
$csp .= " $url"; $csp .= " $url";
} }
} }
if ( defined $req->{cspFormAction} ) { if ( defined $req->{cspFormAction} ) {
$self->logger->debug( $self->logger->debug( "Set CSP form-action with request URL: "
"Set CSP form-action with request URL: " . $req->{cspFormAction} ); . $req->{cspFormAction} );
$csp .= " " . $req->{cspFormAction}; $csp .= " " . $req->{cspFormAction};
} }
@ -789,8 +781,8 @@ sub sendHtml {
sub sendCss { sub sendCss {
my ( $self, $req ) = @_; my ( $self, $req ) = @_;
my $s = my $s
'html,body{background:url("' = 'html,body{background:url("'
. $self->staticPrefix . $self->staticPrefix
. '/common/backgrounds/' . '/common/backgrounds/'
. $self->conf->{portalSkinBackground} . $self->conf->{portalSkinBackground}
@ -798,8 +790,7 @@ sub sendCss {
. 'background-size:cover;}'; . 'background-size:cover;}';
return [ return [
200, 200,
[ [ 'Content-Type' => 'text/css',
'Content-Type' => 'text/css',
'Content-Length' => length($s), 'Content-Length' => length($s),
'Cache-Control' => 'public,max-age=3600', 'Cache-Control' => 'public,max-age=3600',
], ],
@ -828,7 +819,7 @@ sub lmError {
sub rebuildCookies { sub rebuildCookies {
my ( $self, $req ) = @_; my ( $self, $req ) = @_;
my @tmp; my @tmp;
for ( my $i = 0 ; $i < @{ $req->{respHeaders} } ; $i += 2 ) { for ( my $i = 0; $i < @{ $req->{respHeaders} }; $i += 2 ) {
push @tmp, $req->respHeaders->[0], $req->respHeaders->[1] push @tmp, $req->respHeaders->[0], $req->respHeaders->[1]
unless ( $req->respHeaders->[0] eq 'Set-Cookie' ); unless ( $req->respHeaders->[0] eq 'Set-Cookie' );
} }
@ -873,7 +864,8 @@ sub registerLogin {
# Forget oldest logins # Forget oldest logins
splice @{ $history->{$type} }, $self->conf->{ $type . "Number" } splice @{ $history->{$type} }, $self->conf->{ $type . "Number" }
if ( scalar @{ $history->{$type} } > $self->conf->{ $type . "Number" } ); if (
scalar @{ $history->{$type} } > $self->conf->{ $type . "Number" } );
# Save into persistent session # Save into persistent session
$self->updatePersistentSession( $req, { _loginHistory => $history, } ); $self->updatePersistentSession( $req, { _loginHistory => $history, } );
@ -884,8 +876,8 @@ sub registerLogin {
# @return hashref # @return hashref
sub _sumUpSession { sub _sumUpSession {
my ( $self, $session, $withoutUser ) = @_; my ( $self, $session, $withoutUser ) = @_;
my $res = my $res
$withoutUser = $withoutUser
? {} ? {}
: { user => $session->{ $self->conf->{whatToTrace} } }; : { user => $session->{ $self->conf->{whatToTrace} } };
$res->{$_} = $session->{$_} $res->{$_} = $session->{$_}
@ -898,8 +890,8 @@ sub _sumUpSession {
sub loadTemplate { sub loadTemplate {
my ( $self, $name, %prm ) = @_; my ( $self, $name, %prm ) = @_;
$name .= '.tpl'; $name .= '.tpl';
my $file = my $file
$self->conf->{templateDir} . '/' = $self->conf->{templateDir} . '/'
. $self->conf->{portalSkin} . '/' . $self->conf->{portalSkin} . '/'
. $name; . $name;
$file = $self->conf->{templateDir} . '/common/' . $name $file = $self->conf->{templateDir} . '/common/' . $name