Add a display type for each authentication module to know how to display errors (#251)
This commit is contained in:
parent
b1582ff44b
commit
c860549f27
|
@ -8,7 +8,7 @@ package Lemonldap::NG::Portal::AuthApache;
|
|||
use strict;
|
||||
use Lemonldap::NG::Portal::Simple;
|
||||
|
||||
our $VERSION = '1.0.1';
|
||||
our $VERSION = '1.2.0';
|
||||
|
||||
## @apmethod int authInit()
|
||||
# @return Lemonldap::NG::Portal constant
|
||||
|
@ -76,6 +76,12 @@ sub authForce {
|
|||
return 0;
|
||||
}
|
||||
|
||||
## @method string getDisplayType
|
||||
# @return display type
|
||||
sub getDisplayType {
|
||||
return "logo";
|
||||
}
|
||||
|
||||
1;
|
||||
__END__
|
||||
|
||||
|
|
|
@ -9,7 +9,7 @@ use strict;
|
|||
use Lemonldap::NG::Portal::Simple;
|
||||
use URI::Escape;
|
||||
|
||||
our $VERSION = '1.0.0';
|
||||
our $VERSION = '1.2.0';
|
||||
our $initDone;
|
||||
|
||||
BEGIN {
|
||||
|
@ -231,6 +231,12 @@ sub authForce {
|
|||
return 0;
|
||||
}
|
||||
|
||||
## @method string getDisplayType
|
||||
# @return display type
|
||||
sub getDisplayType {
|
||||
return "logo";
|
||||
}
|
||||
|
||||
1;
|
||||
|
||||
__END__
|
||||
|
|
|
@ -9,7 +9,7 @@ use Lemonldap::NG::Portal::Simple;
|
|||
use base qw(Lemonldap::NG::Portal::_WebForm Lemonldap::NG::Portal::_DBI);
|
||||
use strict;
|
||||
|
||||
our $VERSION = '1.0.2';
|
||||
our $VERSION = '1.2.0';
|
||||
our $initDone;
|
||||
|
||||
BEGIN {
|
||||
|
@ -91,4 +91,10 @@ sub authForce {
|
|||
return 0;
|
||||
}
|
||||
|
||||
## @method string getDisplayType
|
||||
# @return display type
|
||||
sub getDisplayType {
|
||||
return "standardform";
|
||||
}
|
||||
|
||||
1;
|
||||
|
|
|
@ -78,6 +78,12 @@ sub authForce {
|
|||
return 0;
|
||||
}
|
||||
|
||||
## @method string getDisplayType
|
||||
# @return display type
|
||||
sub getDisplayType {
|
||||
return "standardform";
|
||||
}
|
||||
|
||||
1;
|
||||
__END__
|
||||
|
||||
|
|
|
@ -10,7 +10,7 @@ use Lemonldap::NG::Portal::_LDAP 'ldap'; #link protected ldap
|
|||
use Lemonldap::NG::Portal::_WebForm;
|
||||
use Lemonldap::NG::Portal::UserDBLDAP; #inherits
|
||||
|
||||
our $VERSION = '1.1.0';
|
||||
our $VERSION = '1.2.0';
|
||||
use base qw(Lemonldap::NG::Portal::_WebForm);
|
||||
|
||||
*_formateFilter = *Lemonldap::NG::Portal::UserDBLDAP::formateFilter;
|
||||
|
@ -79,4 +79,10 @@ sub authForce {
|
|||
return 0;
|
||||
}
|
||||
|
||||
## @method string getDisplayType
|
||||
# @return display type
|
||||
sub getDisplayType {
|
||||
return "standardform";
|
||||
}
|
||||
|
||||
1;
|
||||
|
|
|
@ -7,7 +7,7 @@ package Lemonldap::NG::Portal::AuthMulti;
|
|||
|
||||
use Lemonldap::NG::Portal::_Multi; #inherits
|
||||
|
||||
our $VERSION = '1.0.0';
|
||||
our $VERSION = '1.2.0';
|
||||
|
||||
sub authInit {
|
||||
my $self = shift;
|
||||
|
@ -44,5 +44,10 @@ sub authForce {
|
|||
return $self->_multi->try( 'authForce', 0 );
|
||||
}
|
||||
|
||||
sub getDisplayType {
|
||||
my $self = shift;
|
||||
return $self->_multi->try( 'getDisplayType', 0 );
|
||||
}
|
||||
|
||||
1;
|
||||
|
||||
|
|
|
@ -8,7 +8,7 @@ package Lemonldap::NG::Portal::AuthNull;
|
|||
use strict;
|
||||
use Lemonldap::NG::Portal::Simple;
|
||||
|
||||
our $VERSION = '1.0.1';
|
||||
our $VERSION = '1.2.0';
|
||||
|
||||
## @apmethod int authInit()
|
||||
# Does nothing
|
||||
|
@ -64,6 +64,12 @@ sub authForce {
|
|||
return 0;
|
||||
}
|
||||
|
||||
## @method string getDisplayType
|
||||
# @return display type
|
||||
sub getDisplayType {
|
||||
return "";
|
||||
}
|
||||
|
||||
1;
|
||||
__END__
|
||||
|
||||
|
|
|
@ -12,7 +12,7 @@ use Lemonldap::NG::Common::Regexp;
|
|||
use LWP::UserAgent;
|
||||
use Cache::FileCache;
|
||||
|
||||
our $VERSION = '1.0.0';
|
||||
our $VERSION = '1.2.0';
|
||||
our $initDone;
|
||||
|
||||
BEGIN {
|
||||
|
@ -217,6 +217,12 @@ sub authForce {
|
|||
return 0;
|
||||
}
|
||||
|
||||
## @method string getDisplayType
|
||||
# @return display type
|
||||
sub getDisplayType {
|
||||
return "openidform";
|
||||
}
|
||||
|
||||
1;
|
||||
__END__
|
||||
|
||||
|
|
|
@ -12,7 +12,7 @@ use Lemonldap::NG::Portal::_WebForm;
|
|||
use Lemonldap::NG::Portal::Simple;
|
||||
use base qw(Lemonldap::NG::Portal::_WebForm Lemonldap::NG::Portal::_Proxy);
|
||||
|
||||
our $VERSION = '1.0.0';
|
||||
our $VERSION = '1.2.0';
|
||||
|
||||
## @apmethod int authInit()
|
||||
# Call Lemonldap::NG::Portal::_Proxy::proxyInit();
|
||||
|
@ -50,6 +50,12 @@ sub authForce {
|
|||
return 0;
|
||||
}
|
||||
|
||||
## @method string getDisplayType
|
||||
# @return display type
|
||||
sub getDisplayType {
|
||||
return "standardform";
|
||||
}
|
||||
|
||||
1;
|
||||
|
||||
__END__
|
||||
|
|
|
@ -87,4 +87,10 @@ sub authForce {
|
|||
return 0;
|
||||
}
|
||||
|
||||
## @method string getDisplayType
|
||||
# @return display type
|
||||
sub getDisplayType {
|
||||
return "standardform";
|
||||
}
|
||||
|
||||
1;
|
||||
|
|
|
@ -11,7 +11,7 @@ use Lemonldap::NG::Portal::_Remote;
|
|||
use Lemonldap::NG::Portal::Simple;
|
||||
use base qw(Lemonldap::NG::Portal::_Remote);
|
||||
|
||||
our $VERSION = '1.0.0';
|
||||
our $VERSION = '1.2.0';
|
||||
|
||||
*authInit = *Lemonldap::NG::Portal::_Remote::init;
|
||||
|
||||
|
@ -72,6 +72,12 @@ sub authForce {
|
|||
return 0;
|
||||
}
|
||||
|
||||
## @method string getDisplayType
|
||||
# @return display type
|
||||
sub getDisplayType {
|
||||
return "logo";
|
||||
}
|
||||
|
||||
1;
|
||||
|
||||
__END__
|
||||
|
|
|
@ -1430,6 +1430,12 @@ sub authFinish {
|
|||
return PE_OK;
|
||||
}
|
||||
|
||||
## @method string getDisplayType
|
||||
# @return display type
|
||||
sub getDisplayType {
|
||||
return "logo";
|
||||
}
|
||||
|
||||
1;
|
||||
|
||||
__END__
|
||||
|
|
|
@ -51,6 +51,12 @@ sub setAuthSessionInfo {
|
|||
PE_OK;
|
||||
}
|
||||
|
||||
## @method string getDisplayType
|
||||
# @return display type
|
||||
sub getDisplayType {
|
||||
return "logo";
|
||||
}
|
||||
|
||||
1;
|
||||
|
||||
__END__
|
||||
|
|
|
@ -49,6 +49,12 @@ sub setAuthSessionInfo {
|
|||
PE_OK;
|
||||
}
|
||||
|
||||
## @method string getDisplayType
|
||||
# @return display type
|
||||
sub getDisplayType {
|
||||
return "logo";
|
||||
}
|
||||
|
||||
1;
|
||||
__END__
|
||||
|
||||
|
|
|
@ -8,7 +8,7 @@ package Lemonldap::NG::Portal::AuthTwitter;
|
|||
use strict;
|
||||
use Lemonldap::NG::Portal::Simple;
|
||||
|
||||
our $VERSION = '1.0.0';
|
||||
our $VERSION = '1.2.0';
|
||||
our $initDone;
|
||||
|
||||
BEGIN {
|
||||
|
@ -180,6 +180,12 @@ sub authForce {
|
|||
return 0;
|
||||
}
|
||||
|
||||
## @method string getDisplayType
|
||||
# @return display type
|
||||
sub getDisplayType {
|
||||
return "logo";
|
||||
}
|
||||
|
||||
1;
|
||||
__END__
|
||||
|
||||
|
|
|
@ -8,7 +8,7 @@ package Lemonldap::NG::Portal::AuthYubikey;
|
|||
use strict;
|
||||
use Lemonldap::NG::Portal::Simple;
|
||||
|
||||
our $VERSION = '1.1.0';
|
||||
our $VERSION = '1.2.0';
|
||||
our $yubikeyInitDone;
|
||||
|
||||
BEGIN {
|
||||
|
@ -118,6 +118,12 @@ sub authForce {
|
|||
return 0;
|
||||
}
|
||||
|
||||
## @method string getDisplayType
|
||||
# @return display type
|
||||
sub getDisplayType {
|
||||
return "yubikeyform";
|
||||
}
|
||||
|
||||
1;
|
||||
|
||||
__END__
|
||||
|
|
|
@ -198,7 +198,6 @@ sub display {
|
|||
CHECK_LOGINS => $self->{portalCheckLogins},
|
||||
ASK_LOGINS => $self->{checkLogins},
|
||||
DISPLAY_RESETPASSWORD => $self->{portalDisplayResetPassword},
|
||||
DISPLAY_FORM => 1,
|
||||
MAIL_URL => $self->{mailUrl},
|
||||
HIDDEN_INPUTS => $self->buildHiddenForm(),
|
||||
LOGIN_INFO => $self->loginInfo(),
|
||||
|
@ -217,7 +216,7 @@ sub display {
|
|||
);
|
||||
}
|
||||
|
||||
# Adapt template if password policy error
|
||||
# Show password form if password policy error
|
||||
if (
|
||||
|
||||
$self->{error} == PE_PP_CHANGE_AFTER_RESET
|
||||
|
@ -237,7 +236,6 @@ sub display {
|
|||
1, # Old password is required to check user credentials
|
||||
DISPLAY_PASSWORD => 1,
|
||||
DISPLAY_RESETPASSWORD => 0,
|
||||
DISPLAY_FORM => 0,
|
||||
AUTH_LOOP => [],
|
||||
CHOICE_PARAM => $self->{authChoiceParam},
|
||||
CHOICE_VALUE => $self->{_authChoice},
|
||||
|
@ -249,58 +247,27 @@ sub display {
|
|||
);
|
||||
}
|
||||
|
||||
# Adapt template for OpenID
|
||||
if ( $self->get_module("auth") =~ /openid/i and !$self->{authLoop} ) {
|
||||
# Choose what form to display if not in a loop
|
||||
if ( !$self->{authLoop} ) {
|
||||
|
||||
my $displayType = $self->getDisplayType();
|
||||
|
||||
$self->lmLog( "Display type $displayType ", 'debug' );
|
||||
|
||||
%templateParams = (
|
||||
%templateParams,
|
||||
DISPLAY_RESETPASSWORD => 0,
|
||||
DISPLAY_FORM => 0,
|
||||
DISPLAY_OPENID_FORM => 1,
|
||||
DISPLAY_YUBIKEY_FORM => 0,
|
||||
DISPLAY_FORM => $displayType eq "standardform" ? 1 : 0,
|
||||
DISPLAY_OPENID_FORM => $displayType eq "openidform" ? 1 : 0,
|
||||
DISPLAY_YUBIKEY_FORM => $displayType eq "yubikeyform" ? 1 : 0,
|
||||
AUTH_LOOP => [],
|
||||
PORTAL_URL => $displayType eq "logo" ? $self->{portal} : 0,
|
||||
MSG => $self->info(),
|
||||
);
|
||||
|
||||
}
|
||||
|
||||
# Adapt template for Yubikey
|
||||
if ( $self->get_module("auth") =~ /yubikey/i and !$self->{authLoop} ) {
|
||||
%templateParams = (
|
||||
%templateParams,
|
||||
DISPLAY_RESETPASSWORD => 0,
|
||||
DISPLAY_FORM => 0,
|
||||
DISPLAY_OPENID_FORM => 0,
|
||||
DISPLAY_YUBIKEY_FORM => 1,
|
||||
AUTH_LOOP => [],
|
||||
);
|
||||
}
|
||||
|
||||
# Adapt template if external authentication error
|
||||
# or session not granted, or logout is OK
|
||||
if ( $self->{error} == PE_BADCERTIFICATE
|
||||
or $self->{error} == PE_CERTIFICATEREQUIRED
|
||||
or $self->{error} == PE_ERROR
|
||||
or $self->{error} == PE_BADURL
|
||||
or $self->{error} == PE_SAML_ERROR
|
||||
or $self->{error} == PE_SAML_LOAD_SERVICE_ERROR
|
||||
or $self->{error} == PE_SAML_LOAD_IDP_ERROR
|
||||
or $self->{error} == PE_SAML_SSO_ERROR
|
||||
or $self->{error} == PE_SAML_UNKNOWN_ENTITY
|
||||
or $self->{error} == PE_SAML_DESTINATION_ERROR
|
||||
or $self->{error} == PE_SAML_CONDITIONS_ERROR
|
||||
or $self->{error} == PE_SAML_IDPSSOINITIATED_NOTALLOWED
|
||||
or $self->{error} == PE_SAML_SLO_ERROR
|
||||
or $self->{error} == PE_SAML_SIGNATURE_ERROR
|
||||
or $self->{error} == PE_SAML_ART_ERROR
|
||||
or $self->{error} == PE_SAML_SESSION_ERROR
|
||||
or $self->{error} == PE_SAML_LOAD_SP_ERROR
|
||||
or $self->{error} == PE_SAML_ATTR_ERROR
|
||||
or $self->{error} == PE_OPENID_EMPTY
|
||||
or $self->{error} == PE_OPENID_BADID
|
||||
or $self->{error} == PE_MISSINGREQATTR
|
||||
or $self->{error} == PE_BADPARTNER
|
||||
or $self->{error} == PE_CAS_SERVICE_NOT_ALLOWED
|
||||
or $self->{error} == PE_SESSIONNOTGRANTED
|
||||
or $self->{error} == PE_LOGOUT_OK )
|
||||
{
|
||||
# Disable all forms on logout message
|
||||
if ( $self->{error} == PE_LOGOUT_OK ) {
|
||||
%templateParams = (
|
||||
%templateParams,
|
||||
DISPLAY_RESETPASSWORD => 0,
|
||||
|
@ -308,11 +275,12 @@ sub display {
|
|||
DISPLAY_OPENID_FORM => 0,
|
||||
DISPLAY_YUBIKEY_FORM => 0,
|
||||
AUTH_LOOP => [],
|
||||
CHECK_LOGINS => 0,
|
||||
PORTAL_URL => $self->{portal},
|
||||
MSG => $self->info(),
|
||||
);
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
## Common template params
|
||||
|
|
|
@ -184,36 +184,20 @@ sub _buildAuthLoop {
|
|||
my ( $auth, $userDB, $passwordDB ) =
|
||||
split( /\|/, $self->{authChoiceModules}->{$_} );
|
||||
|
||||
# What do display
|
||||
# -> login/password form (LDAP, DBI, ...)
|
||||
# -> OpenID form
|
||||
# -> Yubikey form
|
||||
# -> logo with link (ex: CAS, SSL, etc.)
|
||||
my $displayType = {
|
||||
'standardform' => [qw(LDAP DBI Proxy)],
|
||||
'openidform' => [qw(OpenID)],
|
||||
'yubikeyform' => [qw(Yubikey)],
|
||||
'logo' => [qw(CAS Twitter SAML SSL Apache Remote Slave)],
|
||||
};
|
||||
|
||||
if ( $auth and $userDB and $passwordDB ) {
|
||||
|
||||
# Options to store in the loop
|
||||
my $optionsLoop = { name => $name, key => $_, module => $auth };
|
||||
|
||||
# Get displayType for this module
|
||||
my $modulePrefix = 'Lemonldap::NG::Portal::';
|
||||
my $authModule = $modulePrefix . 'Auth' . $auth;
|
||||
$self->loadModule($authModule);
|
||||
my $displayType = &{ $authModule . '::getDisplayType' };
|
||||
|
||||
foreach my $type ( keys %$displayType ) {
|
||||
foreach my $backend ( @{ $displayType->{$type} } ) {
|
||||
if ( $auth eq $backend ) {
|
||||
$self->lmLog( "Display type $type for module $auth",
|
||||
$self->lmLog( "Display type $displayType for module $auth",
|
||||
'debug' );
|
||||
|
||||
$optionsLoop->{$type} = 1;
|
||||
last;
|
||||
}
|
||||
}
|
||||
}
|
||||
$optionsLoop->{$displayType} = 1;
|
||||
|
||||
# Register item in loop
|
||||
push @authLoop, $optionsLoop;
|
||||
|
|
Loading…
Reference in New Issue
Block a user