From ab1b201e718403cd26c53ef6a29e772bd9237125 Mon Sep 17 00:00:00 2001 From: Xavier Guimard Date: Tue, 10 Feb 2009 11:10:12 +0000 Subject: [PATCH] * AuthBasic now use SOAP request to create the new session * perltidy --- .../lib/Lemonldap/NG/Common/CGI.pm | 23 +++-- .../lib/Lemonldap/NG/Handler/AuthBasic.pm | 85 ++++++++++++------- .../lemonldap-ng-portal/example/index_skin.pl | 4 +- 3 files changed, 71 insertions(+), 41 deletions(-) diff --git a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI.pm b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI.pm index e1d045c55..ad82fb5b0 100644 --- a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI.pm +++ b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/CGI.pm @@ -10,6 +10,7 @@ use strict; use MIME::Base64; use Time::Local; use CGI; + #inherits Lemonldap::NG::Common::CGI::SOAPServer our $VERSION = '0.31'; @@ -22,14 +23,20 @@ use base qw(CGI); # @param $soapFunctions list of authorized functions. # @param $obj optional object that will receive SOAP requests sub soapTest { - my($self, $soapFunctions, $obj) = @_; + my ( $self, $soapFunctions, $obj ) = @_; # If non form encoded datas are posted, we call SOAP Services if ( $ENV{HTTP_SOAPACTION} ) { - require Lemonldap::NG::Common::CGI::SOAPServer; #link protected dispatcher - require Lemonldap::NG::Common::CGI::SOAPService; #link protected soapService - my @func = ( ref($soapFunctions) ? @$soapFunctions : split /\s+/, $soapFunctions ); - my $dispatcher = Lemonldap::NG::Common::CGI::SOAPService->new($obj||$self,@func); + require + Lemonldap::NG::Common::CGI::SOAPServer; #link protected dispatcher + require + Lemonldap::NG::Common::CGI::SOAPService; #link protected soapService + my @func = ( + ref($soapFunctions) ? @$soapFunctions : split /\s+/, + $soapFunctions + ); + my $dispatcher = + Lemonldap::NG::Common::CGI::SOAPService->new( $obj || $self, @func ); Lemonldap::NG::Common::CGI::SOAPServer->dispatch_to($dispatcher) ->handle($self); exit; @@ -99,16 +106,14 @@ sub abort { my $cgi = CGI->new; my ( $t1, $t2 ) = @_; $t2 ||= "See Apache's logs"; - print $cgi->header( - -type => 'text/html; charset=utf8', - ); + print $cgi->header( -type => 'text/html; charset=utf8', ); print $cgi->start_html( -title => $t1, -encoding => 'utf8', ); print "

$t1

"; print "

$t2

"; - print STDERR ( ref($self)|| $self ) . " error: $t1, $t2\n"; + print STDERR ( ref($self) || $self ) . " error: $t1, $t2\n"; exit; } diff --git a/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/AuthBasic.pm b/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/AuthBasic.pm index ec5729eb4..360deaab8 100644 --- a/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/AuthBasic.pm +++ b/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/AuthBasic.pm @@ -8,11 +8,13 @@ package Lemonldap::NG::Handler::AuthBasic; use strict; use Lemonldap::NG::Handler::SharedConf qw(:all); -use Lemonldap::NG::Portal::SharedConf; #inherits use Digest::MD5 qw(md5_base64); use MIME::Base64; +use SOAP::Lite; # link protected portalRequest use base qw(Lemonldap::NG::Handler::SharedConf); +use utf8; +no utf8; our $VERSION = '0.1'; @@ -38,9 +40,9 @@ sub run ($$) { my $class; ( $class, $apacheRequest ) = @_; if ( time() - $lastReload > $reloadTime ) { - unless ( $class->localConfUpdate($apacheRequest) == OK ) { + unless ( my $tmp = $class->testConf(1) == OK ) { $class->lmLog( "$class: No configuration found", 'error' ); - return SERVER_ERROR; + return $tmp; } } return DECLINED unless ( $apacheRequest->is_initial_req ); @@ -69,34 +71,57 @@ sub run ($$) { # 2.2 search in the local cache if exists unless ( $refLocalStorage and $datas = $refLocalStorage->get($id) ) { - # 2.3 Authentication by Lemonldap::NG::Portal - my $portal = Lemonldap::NG::Portal::SharedConf->new( - { - configStorage => $Lemonldap::NG::Conf::configStorage, - controlUrlOrigin => sub { PE_OK }, - controlExistingSession => sub { PE_OK }, - extractFormInfo => sub { - return PE_FORMEMPTY - unless ( length( $self->{'user'} ) - && length( $self->{'password'} ) ); - PE_OK; - }, - store => sub { PE_OK }, - buildCookie => sub { PE_OK }, - autoRedirect => sub { PE_OK }, - } - ); - ( $portal->{user}, $portal->{password} ) = split /:/, - decode_base64($user); - unless ( $portal->process() ) { - $class->lmLog( "Fail to authenticate user $user", 'notice' ); - lmSetErrHeaderOut( $apacheRequest, - 'WWW-Authenticate' => 'Basic realm="Lemonldap::NG"' ); - return AUTH_REQUIRED; + # 2.3 Authentication by Lemonldap::NG::Portal using SOAP request + my $soap = + SOAP::Lite->proxy($portal) + ->uri('urn:Lemonldap::NG::Common::CGI::SOAPService'); + $user = decode_base64($user); + ( $user, $pass ) = split /:/, $user; + my $r = $soap->getCookies( $user, $pass ); + + # Catch SOAP errors + if ( $r->fault ) { + $class->lmLog( + "SOAP request to the portal failed: " + . $r->fault->{faultstring}, + 'error' + ); + return SERVER_ERROR; } - $datas->{$_} = $portal->{sessionInfo}->{$_} - foreach ( keys %{ $portal->{sessionInfo} } ); - $datas->{_session_id} = $id; + else { + my $res = $r->result(); + + # If authentication failed, display error + if ( $res->{error} ) { + $class->lmLog( + "Authentication failed for $user " + . $soap->error( 'fr', $res->{error} )->result(), + 'notice' + ); + return AUTH_REQUIRED; + } + $id = $res->{cookies}->{$cookieName}; + } + + # Now, normal work to find session + my %h; + eval { tie %h, $globalStorage, $id, $globalStorageOptions; }; + if ($@) { + + # The cookie isn't yet available + $class->lmLog( "The cookie $id isn't yet available: $@", + 'info' ); + $class->updateStatus( $apacheRequest->connection->remote_ip, + $apacheRequest->uri, 'EXPIRED' ); + return $class->goToPortal($uri); + } + $datas->{$_} = $h{$_} foreach ( keys %h ); + + # Store now the user in the local storage + if ($refLocalStorage) { + $refLocalStorage->set( $id, $datas, "10 minutes" ); + } + untie %h; # Store now the user in the local storage if ($refLocalStorage) { diff --git a/modules/lemonldap-ng-portal/example/index_skin.pl b/modules/lemonldap-ng-portal/example/index_skin.pl index d8fc1a1bd..f0874b4c0 100644 --- a/modules/lemonldap-ng-portal/example/index_skin.pl +++ b/modules/lemonldap-ng-portal/example/index_skin.pl @@ -75,7 +75,7 @@ if ( $portal->process() ) { ); # Menu creation - use Lemonldap::NG::Portal::Menu; + require Lemonldap::NG::Portal::Menu; my $menu = Lemonldap::NG::Portal::Menu->new( { portalObject => $portal, @@ -108,7 +108,7 @@ if ( $portal->process() ) { print $portal->header('text/html; charset=utf8'); print $template->output; } -elsif( my $notif = $portal->notification ) { +elsif ( my $notif = $portal->notification ) { my $template = HTML::Template->new( filename => "$skin_dir/$skin/notification.tpl", die_on_bad_params => 0,