dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Revert "Catch error msg if Id doesn t exist (#1628)"

Browse Source 
This reverts commit 8b9c47d6eb
This commit is contained in:
Christophe Maudoux 2019-02-04 13:02:29 +01:00
parent 8b9c47d6eb
commit b70d8ea673
1 changed files with 33 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm
View File

@ -108,11 +108,12 @@ sub controlUrl {
);
# XSS attack
if ($self->checkXSSAttack(
if (
$self->checkXSSAttack(
$req->param('logout') ? 'HTTP Referer' : 'urldc',
$req->{urldc}
)
)
)
{
delete $req->{urldc};
return PE_BADURL;
@ -121,9 +122,9 @@ sub controlUrl {
# Unprotected hosts
if ( $tmp and !$self->isTrustedUrl($tmp) ) {
$self->userLogger->error(
"URL contains a non protected host (param: "
. ( $req->param('logout') ? 'HTTP Referer' : 'urldc' )
. " | value: $tmp)" );
"URL contains a non protected host (param: "
. ( $req->param('logout') ? 'HTTP Referer' : 'urldc' )
. " | value: $tmp)" );
delete $req->{urldc};
return PE_BADURL;
}
@ -177,8 +178,7 @@ sub deleteSession {
# TODO
# Collect logout services and build hidden iFrames
if ( $req->data->{logoutServices} and %{ $req->data->{logoutServices} } )
{
if ( $req->data->{logoutServices} and %{ $req->data->{logoutServices} } ) {
$self->logger->debug("Create iFrames to forward logout to services");
@ -190,25 +190,24 @@ sub deleteSession {
foreach ( keys %{ $req->data->{logoutServices} } ) {
my $logoutServiceName = $_;
my $logoutServiceUrl
= $req->data->{logoutServices}->{$logoutServiceName};
my $logoutServiceUrl =
$req->data->{logoutServices}->{$logoutServiceName};
$self->logger->debug(
"Find logout service $logoutServiceName ($logoutServiceUrl)");
my $iframe
= qq'<iframe src="$logoutServiceUrl" alt="$logoutServiceName"'
. ' marginwidth="0" marginheight="0" scrolling="no"'
. ' class="hiddenFrame" width="0" height="0"'
. ' frameborder="0"></iframe>';
my $iframe =
qq'<iframe src="$logoutServiceUrl" alt="$logoutServiceName"'
. ' marginwidth="0" marginheight="0" scrolling="no"'
. ' class="hiddenFrame" width="0" height="0"'
. ' frameborder="0"></iframe>';
$req->info($iframe);
}
# Redirect on logout page if no other target defined
if ( !$req->urldc and !$req->postUrl ) {
$self->logger->debug(
'No other target defined, redirect on logout');
$self->logger->debug('No other target defined, redirect on logout');
$req->urldc( $req->script_name . "?logout=1" );
}
}
@ -290,9 +289,7 @@ sub extractFormInfo {
sub getUser {
my ( $self, $req, %args ) = @_;
return PE_ERROR unless ( $self->_userDB );
return ( $self->_userDB->getUser( $req, %args ) == PE_USERNOTFOUND
? PE_BADCREDENTIALS
: $self->_userDB->getUser( $req, %args ) );
return $self->_userDB->getUser( $req, %args );
}
sub authenticate {
@ -306,9 +303,10 @@ sub authenticate {
# Store failed login into history
$req->steps(
[ 'setSessionInfo', 'setMacros',
[
'setSessionInfo', 'setMacros',
'setPersistentSessionInfo', 'storeHistory',
@{ $self->afterData }, sub {PE_BADCREDENTIALS}
@{ $self->afterData }, sub { PE_BADCREDENTIALS }
]
);
@ -324,8 +322,7 @@ sub setAuthSessionInfo {
if ( $ret == PE_OK
and not( defined $req->sessionInfo->{authenticationLevel} ) )
{
$self->logger->error(
'Authentication level is not set by auth module');
$self->logger->error('Authentication level is not set by auth module');
}
return $ret;
}
@ -345,15 +342,15 @@ sub setSessionInfo {
# Date and time
if ( $self->conf->{updateSession} ) {
$req->{sessionInfo}->{_updateTime}
= strftime( "%Y%m%d%H%M%S", localtime() );
$req->{sessionInfo}->{_updateTime} =
strftime( "%Y%m%d%H%M%S", localtime() );
}
else {
$req->{sessionInfo}->{_utime} ||= time();
$req->{sessionInfo}->{_startTime}
= strftime( "%Y%m%d%H%M%S", localtime() );
$req->{sessionInfo}->{_startTime} =
strftime( "%Y%m%d%H%M%S", localtime() );
$req->{sessionInfo}->{_lastSeen} = time()
if $self->conf->{timeoutActivity};
if $self->conf->{timeoutActivity};
}
# Store URL origin in session
@ -371,8 +368,8 @@ sub setSessionInfo {
sub setMacros {
my ( $self, $req ) = @_;
foreach ( sort keys %{ $self->_macros } ) {
$req->{sessionInfo}->{$_}
= $self->_macros->{$_}->( $req, $req->sessionInfo );
$req->{sessionInfo}->{$_} =
$self->_macros->{$_}->( $req, $req->sessionInfo );
}
PE_OK;
}
@ -412,16 +409,16 @@ sub setLocalGroups {
my ( $self, $req ) = @_;
foreach ( sort keys %{ $self->_groups } ) {
if ( $self->_groups->{$_}->( $req, $req->sessionInfo ) ) {
$req->{sessionInfo}->{groups}
.= $self->conf->{multiValuesSeparator} . $_;
$req->{sessionInfo}->{groups} .=
$self->conf->{multiValuesSeparator} . $_;
$req->{sessionInfo}->{hGroups}->{$_}->{name} = $_;
}
}
# Clear values separator at the beginning
if ( $req->{sessionInfo}->{groups} ) {
$req->{sessionInfo}->{groups}
=~ s/^$self->{conf}->{multiValuesSeparator}//o;
$req->{sessionInfo}->{groups} =~
s/^$self->{conf}->{multiValuesSeparator}//o;
}
PE_OK;
}
@ -445,8 +442,8 @@ sub store {
# Compute unsecure cookie value if needed
if ( $self->conf->{securedCookie} == 3 ) {
$req->{sessionInfo}->{_httpSession}
= $self->conf->{cipher}->encryptHex( $req->{id}, "http" );
$req->{sessionInfo}->{_httpSession} =
$self->conf->{cipher}->encryptHex( $req->{id}, "http" );
}
# Fill session