Reformating

modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthSAML.pm

@@ -34,16 +34,13 @@ sub authInit {
 sub extractFormInfo {
     my $self   = shift;
     my $server = $self->{_lassoServer};
-    my $login;
+
-    my $logout;
+    # TODO: seems to be unused (redefined later)
-    my $idp;
+    my (
-    my $idpConfKey;
+        $login,      $logout,     $idp,
-    my $method;
+        $idpConfKey, $request,    $response,
-    my $request;
+        $artifact,   $relaystate, $signature_status
-    my $response;
+    );
-    my $artifact;
-    my $relaystate;
-    my $signature_status;
 
     # 1. Get HTTP request informations to know
     # if we are receving SAML request or response
@@ -69,11 +66,11 @@ sub extractFormInfo {
         "samlSPSSODescriptorArtifactResolutionServiceArtifact");
 
     # 1.1 SSO assertion consumer
+    # TODO: if $saml_acs_art_url,... are fixed, add a /o
     if ( $url =~
 /^(\Q$saml_acs_art_url\E|\Q$saml_acs_post_url\E|\Q$saml_acs_get_url\E)$/i
       )
     {
-
         $self->lmLog( "URL $url detected as an SSO assertion consumer URL",
             'debug' );
 
@@ -85,7 +82,7 @@ sub extractFormInfo {
         $login = $self->createLogin($server);
 
         # Ignore signature verification
-            $self->disableSignatureVerification($login);
+        $self->disableSignatureVerification($login);
 
         if ($response) {
 
@@ -299,7 +296,7 @@ sub extractFormInfo {
     }
 
     # 1.2 SLO
-    if ( $url =~
+    elsif ( $url =~
 /^(\Q$saml_slo_soap_url\E|\Q$saml_slo_soap_url_ret\E|\Q$saml_slo_get_url\E|\Q$saml_slo_get_url_ret\E)$/i
       )
     {
@@ -313,7 +310,7 @@ sub extractFormInfo {
         $logout = $self->createLogout($server);
 
         # Ignore signature verification
-            $self->disableSignatureVerification($logout);
+        $self->disableSignatureVerification($logout);
 
         if ($response) {
 
@@ -509,15 +506,15 @@ sub extractFormInfo {
             }
 
             # Do we set signature?
-                my $signSLOMessage =
+            my $signSLOMessage =
               $self->{samlIDPMetaDataOptions}->{$idpConfKey}
-                  ->{samlIDPMetaDataOptionsSignSLOMessage};
+              ->{samlIDPMetaDataOptionsSignSLOMessage};
-                unless ($signSLOMessage) {
+            unless ($signSLOMessage) {
                 $self->lmLog(
                     "SLO message to IDP $idpConfKey will not be signed",
-                        'debug' );
+                    'debug' );
-                    $self->disableSignature($logout);
+                $self->disableSignature($logout);
-                }
+            }
 
             # Logout response
             unless ( $self->buildLogoutResponseMsg($logout) ) {
@@ -544,7 +541,7 @@ sub extractFormInfo {
             }
 
             # HTTP-POST
-            if ( $method == Lasso::Constants::HTTP_METHOD_POST ) {
+            elsif ( $method == Lasso::Constants::HTTP_METHOD_POST ) {
 
                 # Use autosubmit form
                 my $slo_url  = $logout->msg_url;
@@ -566,7 +563,7 @@ sub extractFormInfo {
             }
 
             # HTTP-SOAP
-            if ( $method == Lasso::Constants::HTTP_METHOD_SOAP ) {
+            elsif ( $method == Lasso::Constants::HTTP_METHOD_SOAP ) {
 
                 my $slo_body = $logout->msg_body;
 
@@ -596,7 +593,7 @@ sub extractFormInfo {
     }
 
     # 1.3 Artifact
-    if ( $url =~ /^(\Q$saml_ars_url\E)$/i ) {
+    elsif ( $url =~ /^(\Q$saml_ars_url\E)$/i ) {
 
         $self->lmLog( "URL $url detected as an artifact resolution service URL",
             'debug' );
@@ -713,7 +710,7 @@ sub extractFormInfo {
     }
 
     # If IDP is found but not confirmed, let the user confirm it
-    if ( $confirm_flag != 1 ) {
+    elsif ( $confirm_flag != 1 ) {
         $self->lmLog( "IDP $idp selected, need user confirmation", 'debug' );
 
         # Choosen IDP
@@ -858,7 +855,7 @@ sub extractFormInfo {
     }
 
     # HTTP-POST
-    if ( $method == Lasso::Constants::HTTP_METHOD_POST ) {
+    elsif ( $method == Lasso::Constants::HTTP_METHOD_POST ) {
 
         # Use autosubmit form
         my $sso_url  = $login->msg_url;
@@ -885,10 +882,10 @@ sub extractFormInfo {
 # Extract attributes sent in authentication statement
 # @return Lemonldap::NG::Portal error code
 sub setAuthSessionInfo {
-    my $self   = shift;
+    my $self       = shift;
-    my $server = $self->{_lassoServer};
+    my $server     = $self->{_lassoServer};
-    my $login  = $self->{_lassoLogin};
+    my $login      = $self->{_lassoLogin};
-    my $idp    = $self->{_idp};
+    my $idp        = $self->{_idp};
     my $idpConfKey = $self->{_idpConfKey};
 
     # Get SAML assertion
@@ -929,8 +926,8 @@ sub setAuthSessionInfo {
     }
 
     # Store other informations in session
-    $self->{sessionInfo}->{_user} = $self->{user};
+    $self->{sessionInfo}->{_user}       = $self->{user};
-    $self->{sessionInfo}->{_idp}  = $idp;
+    $self->{sessionInfo}->{_idp}        = $idp;
     $self->{sessionInfo}->{_idpConfKey} = $idpConfKey;
 
     # Adapt _utime with SessionNotOnOrAfter
@@ -991,8 +988,8 @@ sub authenticate {
 # Logout SP
 # @return Lemonldap::NG::Portal error code
 sub authLogout {
-    my $self        = shift;
+    my $self       = shift;
-    my $idp         = $self->{sessionInfo}->{_idp};
+    my $idp        = $self->{sessionInfo}->{_idp};
     my $idpConfKey = $self->{sessionInfo}->{_idpConfKey};
     my $method;
 
@@ -1070,7 +1067,7 @@ sub authLogout {
     }
 
     # HTTP-POST
-    if ( $method == Lasso::Constants::HTTP_METHOD_POST ) {
+    elsif ( $method == Lasso::Constants::HTTP_METHOD_POST ) {
 
         # Use autosubmit form
         my $slo_url  = $logout->msg_url;
@@ -1084,7 +1081,7 @@ sub authLogout {
     }
 
     # HTTP-SOAP
-    if ( $method == Lasso::Constants::HTTP_METHOD_SOAP ) {
+    elsif ( $method == Lasso::Constants::HTTP_METHOD_SOAP ) {
 
         my $slo_url  = $logout->msg_url;
         my $slo_body = $logout->msg_body;

modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_SAML.pm

@@ -14,8 +14,9 @@ use LWP::UserAgent;    # SOAP call
 use HTTP::Request;     # SOAP call
 use POSIX;             # Convert SAML2 date into timestamp
 use Encode;            # Encode attribute values
+use Date::Format
 
-our $VERSION = '0.01';
+  our $VERSION = '0.01';
 our $_samlCache;
 
 BEGIN {
@@ -262,19 +263,13 @@ sub loadSPs {
 # @param profile_type login or logout
 # @return ( $request, $response, $method, $relaystate, $artifact )
 sub checkMessage {
-    my $self           = shift;
+    my ( $self, $url, $request_method, $content_type, $profile_type ) =
-    my $url            = shift;
+      splice @_;
-    my $request_method = shift;
+    $profile_type ||= "login";
-    my $content_type   = shift;
+    my ( $request, $response, $message, $method, $relaystate, $artifact );
-    my $profile_type   = shift || "login";
-    my $request;
-    my $response;
-    my $message;
-    my $method;
-    my $relaystate;
-    my $artifact;
 
     # Check if SAML service is loaded
+    # TODO : return undefined values ???
     return ( $request, $response, $method, $relaystate, $artifact )
       unless $self->{_lassoServer};
 
@@ -362,7 +357,7 @@ sub checkMessage {
 
                 }
 
-                if ( $self->param('SAMLRequest') ) {
+                elsif ( $self->param('SAMLRequest') ) {
 
                     # Request in body part
                     $request = $self->param('SAMLRequest');
@@ -370,7 +365,7 @@ sub checkMessage {
 
                 }
 
-                if ( $self->param('SAMLart') ) {
+                elsif ( $self->param('SAMLart') ) {
 
                     # Artifact in SAMLart param
                     $artifact = $self->param('SAMLart');
@@ -1935,23 +1930,8 @@ sub getAuthnContext {
 sub timestamp2samldate {
     my ( $self, $timestamp ) = splice @_;
 
-    my ( $sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst ) =
+    my @t = gmtime($timestamp);
-      gmtime($timestamp);
+    return strftime( "%Y-%m-%dT%R:%SZ", @t );
-
-    $year += 1900;
-    $mon++;
-    $mon  = $mon > 9  ? $mon  : "0" . $mon;
-    $mday = $mday > 9 ? $mday : "0" . $mday;
-    $hour = $hour > 9 ? $hour : "0" . $hour;
-    $min  = $min > 9  ? $min  : "0" . $min;
-    $sec  = $sec > 9  ? $sec  : "0" . $sec;
-
-    my $samldate = "$year-$mon-$mday" . "T" . "$hour:$min:$sec" . "Z";
-
-    $self->lmLog( "Convert timestamp $timestamp in SAML2 date: $samldate",
-        'debug' );
-
-    return $samldate;
 }
 
 ## @method string samldate2timestamp(string samldate)
@@ -1980,11 +1960,7 @@ sub samldate2timestamp {
 # @param $wait If true, do not call to autoRedirect or autoPost function
 # @return boolean False if failed.
 sub sendLogoutResponseToServiceProvider {
-    my $self       = shift;
+    my ( $self, $logout, $method, $relaystate, $seconds ) = splice @_;
-    my $logout     = shift;
-    my $method     = shift;
-    my $relaystate = shift;
-    my $seconds    = shift;
 
     # Logout response
     unless ( $self->buildLogoutResponseMsg($logout) ) {
@@ -2017,7 +1993,7 @@ sub sendLogoutResponseToServiceProvider {
     }
 
     # HTTP-POST
-    if ( $method == Lasso::Constants::HTTP_METHOD_POST ) {
+    elsif ( $method == Lasso::Constants::HTTP_METHOD_POST ) {
 
         # Use autosubmit form
         my $slo_url  = $logout->msg_url;
@@ -2040,7 +2016,7 @@ sub sendLogoutResponseToServiceProvider {
     }
 
     # HTTP-SOAP
-    if ( $method == Lasso::Constants::HTTP_METHOD_SOAP ) {
+    elsif ( $method == Lasso::Constants::HTTP_METHOD_SOAP ) {
 
         my $slo_body = $logout->msg_body;
         $self->{SOAPMessage} = $slo_body;
@@ -2071,12 +2047,8 @@ sub sendLogoutResponseToServiceProvider {
 # @param $relay If SOAP method, build a relay logout request
 # @return int Number of concerned providers.
 sub sendLogoutRequestToServiceProvider {
-    my $self       = shift;
+    my ( $self, $logout, $providerID, $method, $relay ) = splice @_;
-    my $logout     = shift;
+    my $server = $self->{_lassoServer};
-    my $providerID = shift;
-    my $method     = shift;
-    my $relay      = shift;
-    my $server     = $self->{_lassoServer};
     my $info;
 
     # Test if provider is mentionned
@@ -2108,19 +2080,19 @@ sub sendLogoutRequestToServiceProvider {
 
         $self->lmLog( "No logout request found, build it", 'debug' );
 
-    # Initiate the logout request
+        # Initiate the logout request
-    unless ( $self->initLogoutRequest( $logout, $providerID, $method ) ) {
+        unless ( $self->initLogoutRequest( $logout, $providerID, $method ) ) {
-        $self->lmLog( "Initiate logout request failed for $providerID",
+            $self->lmLog( "Initiate logout request failed for $providerID",
-            'error' );
+                'error' );
-        return ( 0, $method, undef );
+            return ( 0, $method, undef );
-    }
+        }
 
-    # Build request message
+        # Build request message
-    unless ( $self->buildLogoutRequestMsg($logout) ) {
+        unless ( $self->buildLogoutRequestMsg($logout) ) {
             $self->lmLog( "Build logout request failed for $providerID",
                 'error' );
-        return ( 0, $method, undef );
+            return ( 0, $method, undef );
-    }
+        }
 
     }
 
@@ -2149,7 +2121,7 @@ sub sendLogoutRequestToServiceProvider {
     }
 
     # HTTP-POST
-    if ( $method == Lasso::Constants::HTTP_METHOD_POST ) {
+    elsif ( $method == Lasso::Constants::HTTP_METHOD_POST ) {
 
         $self->lmLog( "Send POST logout request to $providerID", 'debug' );
 
@@ -2169,7 +2141,7 @@ sub sendLogoutRequestToServiceProvider {
     }
 
     # HTTP-SOAP
-    if ( $method == Lasso::Constants::HTTP_METHOD_SOAP ) {
+    elsif ( $method == Lasso::Constants::HTTP_METHOD_SOAP ) {
 
         # Build a relay request, to be used after SLO process is done
         if ($relay) {