dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add a display type for each authentication module to know how to display errors (#251)

Browse Source
This commit is contained in:
Clément Oudot 2012-03-24 14:47:47 +00:00
parent b1582ff44b
commit c860549f27
19 changed files with 136 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthApache.pm
View File

@ -8,7 +8,7 @@ package Lemonldap::NG::Portal::AuthApache;
use strict;
use Lemonldap::NG::Portal::Simple;
our $VERSION = '1.0.1';
our $VERSION = '1.2.0';
## @apmethod int authInit()
# @return Lemonldap::NG::Portal constant
@ -24,7 +24,7 @@ sub authInit {
sub extractFormInfo {
my $self = shift;
unless ( $self->{user} = $ENV{REMOTE_USER} ) {
$self->lmLog( 'Apache is not configured to authenticate users !',
$self->lmLog( 'Apache is not configured to authenticate users!',
'error' );
return PE_ERROR;
}
@ -76,6 +76,12 @@ sub authForce {
return 0;
}
## @method string getDisplayType
# @return display type
sub getDisplayType {
return "logo";
}
1;
__END__

8
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthCAS.pm
View File

@ -9,7 +9,7 @@ use strict;
use Lemonldap::NG::Portal::Simple;
use URI::Escape;
our $VERSION = '1.0.0';
our $VERSION = '1.2.0';
our $initDone;
BEGIN {
@ -231,6 +231,12 @@ sub authForce {
return 0;
}
## @method string getDisplayType
# @return display type
sub getDisplayType {
return "logo";
}
1;
__END__

8
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthDBI.pm
View File

@ -9,7 +9,7 @@ use Lemonldap::NG::Portal::Simple;
use base qw(Lemonldap::NG::Portal::_WebForm Lemonldap::NG::Portal::_DBI);
use strict;
our $VERSION = '1.0.2';
our $VERSION = '1.2.0';
our $initDone;
BEGIN {
@ -91,4 +91,10 @@ sub authForce {
return 0;
}
## @method string getDisplayType
# @return display type
sub getDisplayType {
return "standardform";
}
1;

6
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthDemo.pm
View File

@ -78,6 +78,12 @@ sub authForce {
return 0;
}
## @method string getDisplayType
# @return display type
sub getDisplayType {
return "standardform";
}
1;
__END__

8
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthLDAP.pm
View File

@ -10,7 +10,7 @@ use Lemonldap::NG::Portal::_LDAP 'ldap'; #link protected ldap
use Lemonldap::NG::Portal::_WebForm;
use Lemonldap::NG::Portal::UserDBLDAP; #inherits
our $VERSION = '1.1.0';
our $VERSION = '1.2.0';
use base qw(Lemonldap::NG::Portal::_WebForm);
*_formateFilter = *Lemonldap::NG::Portal::UserDBLDAP::formateFilter;
@ -79,4 +79,10 @@ sub authForce {
return 0;
}
## @method string getDisplayType
# @return display type
sub getDisplayType {
return "standardform";
}
1;

7
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthMulti.pm
View File

@ -7,7 +7,7 @@ package Lemonldap::NG::Portal::AuthMulti;
use Lemonldap::NG::Portal::_Multi; #inherits
our $VERSION = '1.0.0';
our $VERSION = '1.2.0';
sub authInit {
my $self = shift;
@ -44,5 +44,10 @@ sub authForce {
return $self->_multi->try( 'authForce', 0 );
}
sub getDisplayType {
my $self = shift;
return $self->_multi->try( 'getDisplayType', 0 );
}
1;

8
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthNull.pm
View File

@ -8,7 +8,7 @@ package Lemonldap::NG::Portal::AuthNull;
use strict;
use Lemonldap::NG::Portal::Simple;
our $VERSION = '1.0.1';
our $VERSION = '1.2.0';
## @apmethod int authInit()
# Does nothing
@ -64,6 +64,12 @@ sub authForce {
return 0;
}
## @method string getDisplayType
# @return display type
sub getDisplayType {
return "";
}
1;
__END__

8
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthOpenID.pm
View File

@ -12,7 +12,7 @@ use Lemonldap::NG::Common::Regexp;
use LWP::UserAgent;
use Cache::FileCache;
our $VERSION = '1.0.0';
our $VERSION = '1.2.0';
our $initDone;
BEGIN {
@ -217,6 +217,12 @@ sub authForce {
return 0;
}
## @method string getDisplayType
# @return display type
sub getDisplayType {
return "openidform";
}
1;
__END__

8
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthProxy.pm
View File

@ -12,7 +12,7 @@ use Lemonldap::NG::Portal::_WebForm;
use Lemonldap::NG::Portal::Simple;
use base qw(Lemonldap::NG::Portal::_WebForm Lemonldap::NG::Portal::_Proxy);
our $VERSION = '1.0.0';
our $VERSION = '1.2.0';
## @apmethod int authInit()
# Call Lemonldap::NG::Portal::_Proxy::proxyInit();
@ -50,6 +50,12 @@ sub authForce {
return 0;
}
## @method string getDisplayType
# @return display type
sub getDisplayType {
return "standardform";
}
1;
__END__

6
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthRadius.pm
View File

@ -87,4 +87,10 @@ sub authForce {
return 0;
}
## @method string getDisplayType
# @return display type
sub getDisplayType {
return "standardform";
}
1;

8
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthRemote.pm
View File

@ -11,7 +11,7 @@ use Lemonldap::NG::Portal::_Remote;
use Lemonldap::NG::Portal::Simple;
use base qw(Lemonldap::NG::Portal::_Remote);
our $VERSION = '1.0.0';
our $VERSION = '1.2.0';
*authInit = *Lemonldap::NG::Portal::_Remote::init;
@ -72,6 +72,12 @@ sub authForce {
return 0;
}
## @method string getDisplayType
# @return display type
sub getDisplayType {
return "logo";
}
1;
__END__

6
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthSAML.pm
View File

@ -1430,6 +1430,12 @@ sub authFinish {
return PE_OK;
}
## @method string getDisplayType
# @return display type
sub getDisplayType {
return "logo";
}
1;
__END__

8
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthSSL.pm
View File

@ -17,7 +17,7 @@ our @ISA = qw(Lemonldap::NG::Portal::AuthNull);
# @return Lemonldap::NG::Portal constant
sub authInit {
my $self = shift;
$self->{SSLVar} ||= 'SSL_CLIENT_S_DN_Email';
$self->{SSLVar} ||= 'SSL_CLIENT_S_DN_Email';
PE_OK;
}
@ -51,6 +51,12 @@ sub setAuthSessionInfo {
PE_OK;
}
## @method string getDisplayType
# @return display type
sub getDisplayType {
return "logo";
}
1;
__END__

6
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthSlave.pm
View File

@ -49,6 +49,12 @@ sub setAuthSessionInfo {
PE_OK;
}
## @method string getDisplayType
# @return display type
sub getDisplayType {
return "logo";
}
1;
__END__

8
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthTwitter.pm
View File

@ -8,7 +8,7 @@ package Lemonldap::NG::Portal::AuthTwitter;
use strict;
use Lemonldap::NG::Portal::Simple;
our $VERSION = '1.0.0';
our $VERSION = '1.2.0';
our $initDone;
BEGIN {
@ -180,6 +180,12 @@ sub authForce {
return 0;
}
## @method string getDisplayType
# @return display type
sub getDisplayType {
return "logo";
}
1;
__END__

8
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthYubikey.pm
View File

@ -8,7 +8,7 @@ package Lemonldap::NG::Portal::AuthYubikey;
use strict;
use Lemonldap::NG::Portal::Simple;
our $VERSION = '1.1.0';
our $VERSION = '1.2.0';
our $yubikeyInitDone;
BEGIN {
@ -118,6 +118,12 @@ sub authForce {
return 0;
}
## @method string getDisplayType
# @return display type
sub getDisplayType {
return "yubikeyform";
}
1;
__END__

72
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Display.pm
View File

@ -198,7 +198,6 @@ sub display {
CHECK_LOGINS => $self->{portalCheckLogins},
ASK_LOGINS => $self->{checkLogins},
DISPLAY_RESETPASSWORD => $self->{portalDisplayResetPassword},
DISPLAY_FORM => 1,
MAIL_URL => $self->{mailUrl},
HIDDEN_INPUTS => $self->buildHiddenForm(),
LOGIN_INFO => $self->loginInfo(),
@ -217,7 +216,7 @@ sub display {
);
}
# Adapt template if password policy error
# Show password form if password policy error
if (
$self->{error} == PE_PP_CHANGE_AFTER_RESET
@ -237,7 +236,6 @@ sub display {
1, # Old password is required to check user credentials
DISPLAY_PASSWORD => 1,
DISPLAY_RESETPASSWORD => 0,
DISPLAY_FORM => 0,
AUTH_LOOP => [],
CHOICE_PARAM => $self->{authChoiceParam},
CHOICE_VALUE => $self->{_authChoice},
@ -249,58 +247,27 @@ sub display {
);
}
# Adapt template for OpenID
if ( $self->get_module("auth") =~ /openid/i and !$self->{authLoop} ) {
# Choose what form to display if not in a loop
if ( !$self->{authLoop} ) {
my $displayType = $self->getDisplayType();
$self->lmLog( "Display type $displayType ", 'debug' );
%templateParams = (
%templateParams,
DISPLAY_RESETPASSWORD => 0,
DISPLAY_FORM => 0,
DISPLAY_OPENID_FORM => 1,
DISPLAY_YUBIKEY_FORM => 0,
AUTH_LOOP => [],
DISPLAY_FORM => $displayType eq "standardform" ? 1 : 0,
DISPLAY_OPENID_FORM => $displayType eq "openidform" ? 1 : 0,
DISPLAY_YUBIKEY_FORM => $displayType eq "yubikeyform" ? 1 : 0,
AUTH_LOOP => [],
PORTAL_URL => $displayType eq "logo" ? $self->{portal} : 0,
MSG => $self->info(),
);
}
# Adapt template for Yubikey
if ( $self->get_module("auth") =~ /yubikey/i and !$self->{authLoop} ) {
%templateParams = (
%templateParams,
DISPLAY_RESETPASSWORD => 0,
DISPLAY_FORM => 0,
DISPLAY_OPENID_FORM => 0,
DISPLAY_YUBIKEY_FORM => 1,
AUTH_LOOP => [],
);
}
# Adapt template if external authentication error
# or session not granted, or logout is OK
if ( $self->{error} == PE_BADCERTIFICATE
or $self->{error} == PE_CERTIFICATEREQUIRED
or $self->{error} == PE_ERROR
or $self->{error} == PE_BADURL
or $self->{error} == PE_SAML_ERROR
or $self->{error} == PE_SAML_LOAD_SERVICE_ERROR
or $self->{error} == PE_SAML_LOAD_IDP_ERROR
or $self->{error} == PE_SAML_SSO_ERROR
or $self->{error} == PE_SAML_UNKNOWN_ENTITY
or $self->{error} == PE_SAML_DESTINATION_ERROR
or $self->{error} == PE_SAML_CONDITIONS_ERROR
or $self->{error} == PE_SAML_IDPSSOINITIATED_NOTALLOWED
or $self->{error} == PE_SAML_SLO_ERROR
or $self->{error} == PE_SAML_SIGNATURE_ERROR
or $self->{error} == PE_SAML_ART_ERROR
or $self->{error} == PE_SAML_SESSION_ERROR
or $self->{error} == PE_SAML_LOAD_SP_ERROR
or $self->{error} == PE_SAML_ATTR_ERROR
or $self->{error} == PE_OPENID_EMPTY
or $self->{error} == PE_OPENID_BADID
or $self->{error} == PE_MISSINGREQATTR
or $self->{error} == PE_BADPARTNER
or $self->{error} == PE_CAS_SERVICE_NOT_ALLOWED
or $self->{error} == PE_SESSIONNOTGRANTED
or $self->{error} == PE_LOGOUT_OK )
{
# Disable all forms on logout message
if ( $self->{error} == PE_LOGOUT_OK ) {
%templateParams = (
%templateParams,
DISPLAY_RESETPASSWORD => 0,
@ -308,11 +275,12 @@ sub display {
DISPLAY_OPENID_FORM => 0,
DISPLAY_YUBIKEY_FORM => 0,
AUTH_LOOP => [],
CHECK_LOGINS => 0,
PORTAL_URL => $self->{portal},
MSG => $self->info(),
);
}
}
## Common template params
@ -328,7 +296,7 @@ sub display {
## Custom template params
if ( my $customParams = $self->getCustomTemplateParameters() ) {
%templateParams = ( %templateParams, %$customParams );
%templateParams = ( %templateParams, %$customParams );
}
return ( "$skin_dir/$skin/$skinfile", %templateParams );

2
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBSAML.pm
View File

@ -1750,7 +1750,7 @@ sub issuerForAuthUser {
# RelayState
$self->{postFields}->{'RelayState'} = $relaystate
if ($relaystate);
if ($relaystate);
return $self->_subProcess(qw(autoPost));
}

30
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_Choice.pm
View File

@ -184,36 +184,20 @@ sub _buildAuthLoop {
my ( $auth, $userDB, $passwordDB ) =
split( /\|/, $self->{authChoiceModules}->{$_} );
# What do display
# -> login/password form (LDAP, DBI, ...)
# -> OpenID form
# -> Yubikey form
# -> logo with link (ex: CAS, SSL, etc.)
my $displayType = {
'standardform' => [qw(LDAP DBI Proxy)],
'openidform' => [qw(OpenID)],
'yubikeyform' => [qw(Yubikey)],
'logo' => [qw(CAS Twitter SAML SSL Apache Remote Slave)],
};
if ( $auth and $userDB and $passwordDB ) {
# Options to store in the loop
my $optionsLoop = { name => $name, key => $_, module => $auth };
# Get displayType for this module
my $modulePrefix = 'Lemonldap::NG::Portal::';
my $authModule = $modulePrefix . 'Auth' . $auth;
$self->loadModule($authModule);
my $displayType = &{ $authModule . '::getDisplayType' };
foreach my $type ( keys %$displayType ) {
foreach my $backend ( @{ $displayType->{$type} } ) {
if ( $auth eq $backend ) {
$self->lmLog( "Display type $type for module $auth",
'debug' );
$optionsLoop->{$type} = 1;
last;
}
}
}
$self->lmLog( "Display type $displayType for module $auth",
'debug' );
$optionsLoop->{$displayType} = 1;
# Register item in loop
push @authLoop, $optionsLoop;