diff --git a/lemonldap-ng-portal/MANIFEST b/lemonldap-ng-portal/MANIFEST index 018f3f4ec..e02748702 100644 --- a/lemonldap-ng-portal/MANIFEST +++ b/lemonldap-ng-portal/MANIFEST @@ -364,15 +364,6 @@ t/70-Lemonldap-NG-Portal-AuthOpenIDConnect.t t/99-pod.t t/lmConf-1.js t/sessions/lock/.exists -t/sessions/lock/Apache-Session-145dba262c1053fd855990d571d5583fe1c75f2ff6910a079f1e44c2b12f5f81.lock -t/sessions/lock/Apache-Session-1e662c0b3103d632d332d9561b6fbbf1f2aacb9a0d55263ee513311ec9ee7712.lock -t/sessions/lock/Apache-Session-32409f452220ef603d5819e1553d980b441474cf4a8f899de1243be2724aa50f.lock -t/sessions/lock/Apache-Session-4797304de2aa18005dc54b56d829477860f4ebadd1fc407af8f6de90edd59a2b.lock -t/sessions/lock/Apache-Session-5ece000315bf915633f75225fcdb11c2754bd254e49783a01f9763887d780c46.lock -t/sessions/lock/Apache-Session-7446b65e4838f5e35d661797c23118ee7afa08d3c673e3fd22c05721bdc5f273.lock -t/sessions/lock/Apache-Session-8e7cd669256eacc113b159e23d3ed1d84c862e9a3782022e50b362e6f3b29bab.lock -t/sessions/lock/Apache-Session-99ae337a06625431c00c76d8f85db2c9fed2afce9bdefba24e47a7f5f67a0f9f.lock -t/sessions/lock/Apache-Session-d44bc6a227a1a33ac7876b5e9d781f232262ec5ff9df68e62be81a38146edea3.lock t/test-lib.pm xt/PE_Constants.t xt/test-weaken-portal.t diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm index 7d6fd49a9..dc63602b9 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm @@ -53,6 +53,11 @@ has forAuthUser => ( isa => 'ArrayRef', default => sub { [] } ); +has beforeLogout => ( + is => 'rw', + isa => 'ArrayRef', + default => sub { [] } +); sub init { my ( $self, $args ) = @_; @@ -73,14 +78,17 @@ sub init { $self # "/" - ->addUnauthRoute( '*', 'login', ['GET'] ) - ->addUnauthRoute( '*', 'postLogin', ['POST'] ) - ->addAuthRoute( '*', 'authenticatedRequest', ['GET'] ) - ->addAuthRoute( '*', 'postAuthenticatedRequest', ['POST'] ) + ->addUnauthRoute( '*' => 'login', ['GET'] ) + ->addUnauthRoute( '*' => 'postLogin', ['POST'] ) + ->addAuthRoute( '*' => 'authenticatedRequest', ['GET'] ) + ->addAuthRoute( '*' => 'postAuthenticatedRequest', ['POST'] ) # Core REST API - ->addUnauthRoute( 'test', 'pleaseAuth', ['GET'] ) - ->addAuthRoute( 'test', 'authenticated', ['GET'] ); + ->addUnauthRoute( ping => 'pleaseAuth', ['GET'] ) + ->addAuthRoute( ping => 'authenticated', ['GET'] ) + + # Logout + ->addAuthRoute( logout => 'logout', ['GET'] ); # Default routes must point to routines declared above $self->defaultAuthRoute(''); diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm index 8ffe59ec1..0cd125fa9 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm @@ -107,88 +107,42 @@ sub controlUrl { sub checkLogout { my ( $self, $req ) = @_; if ( $req->param('logout') ) { - my $apacheSession = $self->getApacheSession($req->id); - unless ( $self->_deleteSession( $req, $apacheSession ) ) { - $self->lmLog( "Unable to delete session ".$req->id, 'error' ); - $self->lmLog( $apacheSession->error, 'error' ); - return PE_ERROR; - } - else { - $self->lmLog( "Session $req->{id} deleted from global storage", 'debug' ); - } + $req->steps([@{ $self->beforeLogout }, 'deleteSession' ] ); + } + PE_OK; +} - # TODO - # Call issuerDB logout on each used issuerDBmodule - #my $issuerDBList = $req->{sessionInfo}->{_issuerDB}; - #if ( defined $issuerDBList ) { - # foreach my $issuerDBtype ( - # split( /\Q$self->{conf}->{multiValuesSeparator}\E/o, $issuerDBList ) ) - # { - # my $module_name = "Lemonldap::NG::Portal::IssuerDB/$issuerDBtype"; - # $self->lmLog( - # "Process logout for issuerDB module $issuerDBtype", - # 'debug' ); +sub deleteSession { + my ( $self, $req ) = @_; + my $apacheSession = $self->getApacheSession( $req->id ); + unless ( $self->_deleteSession( $req, $apacheSession ) ) { + $self->lmLog( "Unable to delete session " . $req->id, 'error' ); + $self->lmLog( $apacheSession->error, 'error' ); + return PE_ERROR; + } + else { + $self->lmLog( "Session $req->{id} deleted from global storage", + 'debug' ); + } - # $self->{error} = $self->_subProcess( - # $module_name . "::issuerDBInit", - # $module_name . '::issuerLogout' - # ); + # Collect logout services and build hidden iFrames + #if ( $self->{logoutServices} and %{ $self->{logoutServices} } ) { - # } - #} + # $self->lmLog( "Create iFrames to forward logout to services", + # 'debug' ); - # Call logout for the module used to authenticate - #$self->lmLog( - # "Process logout for authentication module " - # . $self->{sessionInfo}->{_auth}, - # 'debug' - #); + # $self->info( "