SAML in progress (#595)
This commit is contained in:
parent
2ca207a60e
commit
b1f2ac6a73
|
@ -725,6 +725,7 @@ sub extractFormInfo {
|
||||||
|
|
||||||
# TODO: verify this
|
# TODO: verify this
|
||||||
$req->steps( ['autoPost'] );
|
$req->steps( ['autoPost'] );
|
||||||
|
$req->continue(1);
|
||||||
return PE_OK;
|
return PE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1059,6 +1060,7 @@ sub extractFormInfo {
|
||||||
|
|
||||||
# TODO: verify this
|
# TODO: verify this
|
||||||
$req->steps( ['autoPost'] );
|
$req->steps( ['autoPost'] );
|
||||||
|
$req->continue(1);
|
||||||
return PE_OK;
|
return PE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -220,7 +220,7 @@ sub checkXSSAttack {
|
||||||
sub extractFormInfo {
|
sub extractFormInfo {
|
||||||
my ( $self, $req ) = @_;
|
my ( $self, $req ) = @_;
|
||||||
my $ret = $self->_authentication->extractFormInfo($req);
|
my $ret = $self->_authentication->extractFormInfo($req);
|
||||||
if ( $ret == PE_OK and not $req->user ) {
|
if ( $ret == PE_OK and not ($req->user or $req->continue) ) {
|
||||||
$self->lmLog(
|
$self->lmLog(
|
||||||
'Authentication module succeed but has not set $req->user',
|
'Authentication module succeed but has not set $req->user',
|
||||||
'error' );
|
'error' );
|
||||||
|
|
|
@ -51,8 +51,13 @@ has customParameters => ( is => 'rw' );
|
||||||
has mustRedirect => ( is => 'rw' );
|
has mustRedirect => ( is => 'rw' );
|
||||||
|
|
||||||
# Store URL for redirections
|
# Store URL for redirections
|
||||||
has urldc => ( is => 'rw' );
|
has urldc => ( is => 'rw' );
|
||||||
has postUrl => ( is => 'rw' );
|
has postUrl => ( is => 'rw' );
|
||||||
|
has postFields => ( is => 'rw' );
|
||||||
|
has portalHiddenFormValues => ( is => 'rw' );
|
||||||
|
|
||||||
|
# Flag that permit to a auth module to return PE_OK without setting $user
|
||||||
|
has continue => ( is => 'rw' );
|
||||||
|
|
||||||
# "check logins "flag"
|
# "check logins "flag"
|
||||||
has checkLogins => ( is => 'rw' );
|
has checkLogins => ( is => 'rw' );
|
||||||
|
@ -114,11 +119,15 @@ sub init {
|
||||||
}
|
}
|
||||||
|
|
||||||
sub errorString {
|
sub errorString {
|
||||||
|
print STDERR "TODO Request::errorString()\n";
|
||||||
#TODO
|
|
||||||
}
|
}
|
||||||
|
|
||||||
sub loginInfo {
|
sub loginInfo {
|
||||||
|
print STDERR "TODO Request::loginInfo()\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
sub info {
|
||||||
|
print STDERR "TODO Request::info()\n";
|
||||||
}
|
}
|
||||||
|
|
||||||
# TODO: oldpassword
|
# TODO: oldpassword
|
||||||
|
|
|
@ -468,4 +468,121 @@ sub stamp {
|
||||||
return $self->conf->{cipher} ? $self->conf->{cipher}->encrypt( time() ) : 1;
|
return $self->conf->{cipher} ? $self->conf->{cipher}->encrypt( time() ) : 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Transfer POST data with auto submit
|
||||||
|
# @return void
|
||||||
|
sub autoPost {
|
||||||
|
my ( $self, $req ) = @_;
|
||||||
|
|
||||||
|
# Get URL and Form fields
|
||||||
|
$req->{urldc} = $req->postUrl;
|
||||||
|
my $formFields = $req->postFields;
|
||||||
|
|
||||||
|
$self->clearHiddenFormValue($req);
|
||||||
|
foreach ( keys %$formFields ) {
|
||||||
|
$self->setHiddenFormValue( $req, $_, $formFields->{$_}, "", 0 );
|
||||||
|
}
|
||||||
|
|
||||||
|
# Display info before redirecting
|
||||||
|
if ( $req->info() ) {
|
||||||
|
$req->{infoFormMethod} = $req->param('method') || "post";
|
||||||
|
return PE_INFO;
|
||||||
|
}
|
||||||
|
|
||||||
|
$self->{redirectFormMethod} = "post";
|
||||||
|
return PE_REDIRECT;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Add element into $self->{portalHiddenFormValues}, those values could be
|
||||||
|
# used to hide values into HTML form.
|
||||||
|
# @param fieldname The field name which will contain the correponding value
|
||||||
|
# @param value The associated value
|
||||||
|
# @param prefix Prefix of the field key
|
||||||
|
# @param base64 Encode value in base64
|
||||||
|
# @return nothing
|
||||||
|
sub setHiddenFormValue {
|
||||||
|
my ( $self, $req, $key, $val, $prefix, $base64 ) = @_;
|
||||||
|
|
||||||
|
# Default values
|
||||||
|
$prefix = "lmhidden_" unless defined $prefix;
|
||||||
|
$base64 = 1 unless defined $base64;
|
||||||
|
|
||||||
|
# Store value
|
||||||
|
if ($val) {
|
||||||
|
$key = $prefix . $key;
|
||||||
|
$val = encode_base64($val) if $base64;
|
||||||
|
$req->{portalHiddenFormValues}->{$key} = $val;
|
||||||
|
$self->lmLog( "Store $val in hidden key $key", 'debug' );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
## @method public void getHiddenFormValue(string fieldname, string prefix, boolean base64)
|
||||||
|
# Get value into $self->{portalHiddenFormValues}.
|
||||||
|
# @param fieldname The existing field name which contains a value
|
||||||
|
# @param prefix Prefix of the field key
|
||||||
|
# @param base64 Decode value from base64
|
||||||
|
# @return string The associated value
|
||||||
|
sub getHiddenFormValue {
|
||||||
|
my ( $self, $req, $key, $prefix, $base64 ) = @_;
|
||||||
|
|
||||||
|
# Default values
|
||||||
|
$prefix = "lmhidden_" unless defined $prefix;
|
||||||
|
$base64 = 1 unless defined $base64;
|
||||||
|
|
||||||
|
$key = $prefix . $key;
|
||||||
|
|
||||||
|
# Get value
|
||||||
|
if ( my $val = $req->param($key) ) {
|
||||||
|
$val = decode_base64($val) if $base64;
|
||||||
|
return $val;
|
||||||
|
$self->lmLog( "Hidden value $val found for key $key", 'debug' );
|
||||||
|
}
|
||||||
|
|
||||||
|
# No value found
|
||||||
|
return undef;
|
||||||
|
}
|
||||||
|
|
||||||
|
## @method protected void clearHiddenFormValue(arrayref keys)
|
||||||
|
# Clear values form stored hidden fields
|
||||||
|
# Delete all keys if no keys provided
|
||||||
|
# @param keys Array reference of keys
|
||||||
|
# @return nothing
|
||||||
|
sub clearHiddenFormValue {
|
||||||
|
my ( $self, $req, $keys ) = @_;
|
||||||
|
|
||||||
|
unless ( defined $keys ) {
|
||||||
|
delete $req->{portalHiddenFormValues};
|
||||||
|
$self->lmLog( "Delete all hidden values", 'debug' );
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
foreach (@$keys) {
|
||||||
|
delete $req->{portalHiddenFormValues}->{$_};
|
||||||
|
$self->lmLog( "Delete hidden value for key $_", 'debug' );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
##@method public string buildHiddenForm()
|
||||||
|
# Return an HTML representation of hidden values.
|
||||||
|
# @return HTML code
|
||||||
|
sub buildHiddenForm {
|
||||||
|
my ( $self, $req ) = @_;
|
||||||
|
my @keys = keys %{ $req->{portalHiddenFormValues} // {} };
|
||||||
|
my $val = '';
|
||||||
|
|
||||||
|
foreach (@keys) {
|
||||||
|
|
||||||
|
# Check XSS attacks
|
||||||
|
next
|
||||||
|
if $self->checkXSSAttack( $_, $req->{portalHiddenFormValues}->{$_} );
|
||||||
|
|
||||||
|
# Build hidden input HTML code
|
||||||
|
$val .= qq{<input type="hidden" name="$_" id="$_" value="}
|
||||||
|
. $req->{portalHiddenFormValues}->{$_} . '" />';
|
||||||
|
}
|
||||||
|
|
||||||
|
return $val;
|
||||||
|
}
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|
Loading…
Reference in New Issue
Block a user