From e4bf8ac6198da85a5e65b0e3f8babf6153eb767b Mon Sep 17 00:00:00 2001 From: Xavier Guimard Date: Thu, 5 Jan 2017 16:44:16 +0000 Subject: [PATCH] OpenID2 in progress (#595) --- .../lib/Lemonldap/NG/Portal/Issuer/OpenID.pm | 23 +++---- .../lib/Lemonldap/NG/Portal/Main/Init.pm | 4 +- .../t/33-Auth-and-issuer-OpenID2.t | 65 +++++++++++++++++-- 3 files changed, 73 insertions(+), 19 deletions(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenID.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenID.pm index b4f53b500..3041b7dca 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenID.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenID.pm @@ -3,6 +3,7 @@ package Lemonldap::NG::Portal::Issuer::OpenID; use strict; use JSON; use Mouse; +use Lemonldap::NG::Common::Regexp; use Lemonldap::NG::Portal::Main::Constants qw( PE_BADPARTNER PE_CONFIRM @@ -47,14 +48,7 @@ has spList => ( } ); -has openidPortal => ( - is => 'rw', - default => sub { - return $_[0]->conf->{portal} . '/' . $_[0]->path; - - #$openidPortal =~ s#(? ( is => 'rw' ); # INITIALIZATION @@ -65,6 +59,10 @@ sub init { $self->error("Unable to load Net::OpenID::Server: $@"); return 0; } + return 0 unless ( $self->SUPER::init() ); + $self->openidPortal( $self->conf->{portal} . '/' . $self->path ); + + #$openidPortal =~ s#(?datas->{_openidserver} if ( $req->datas->{_openidserver} ); - $req->datas->{_openidserver} = Lemonldap::NG::Portal::Lib::OpenID::Server->new( + $req->datas->{_openidserver} = + Lemonldap::NG::Portal::Lib::OpenID::Server->new( server_secret => sub { return $self->secret }, args => $req, endpoint_url => $self->openidPortal, @@ -179,10 +178,12 @@ sub openIDServer { sreg => sub { return ( 1, {} ) unless (@_); require Lemonldap::NG::Portal::Lib::OpenID::SREG; - return $self->Lemonldap::NG::Portal::Lib::OpenID::SREG::sregHook($req, @_); + return + $self->Lemonldap::NG::Portal::Lib::OpenID::SREG::sregHook( + $req, @_ ); }, }, - ); + ); return $req->datas->{_openidserver}; } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm index d263ffe82..cc9cd4ca3 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm @@ -268,8 +268,10 @@ sub loadPlugin { qw(beforeAuth betweenAuthAndDatas afterDatas forAuthUser beforeLogout)) { if ( $obj->can($sub) ) { + $self->lmLog( " Found $sub entry point:", 'debug' ); if ( my $callback = $obj->$sub ) { push @{ $self->{$sub} }, sub { $obj->$callback( $_[0] ) }; + $self->lmLog( " -> $callback", 'debug' ); } } } @@ -300,7 +302,7 @@ sub loadModule { } sub fail { - $_[0]->lmLog($_[0]->error,'error'); + $_[0]->lmLog( $_[0]->error, 'error' ); return 0; } diff --git a/lemonldap-ng-portal/t/33-Auth-and-issuer-OpenID2.t b/lemonldap-ng-portal/t/33-Auth-and-issuer-OpenID2.t index 52c0d3f2b..c9b6bef95 100644 --- a/lemonldap-ng-portal/t/33-Auth-and-issuer-OpenID2.t +++ b/lemonldap-ng-portal/t/33-Auth-and-issuer-OpenID2.t @@ -7,7 +7,7 @@ BEGIN { require 't/test-lib.pm'; } -my $maintests = 3; +my $maintests = 4; my $debug = 'debug'; my ( $issuer, $sp, $res ); my %handlerOR = ( issuer => [], sp => [] ); @@ -32,6 +32,18 @@ SKIP: { ), 'Unauth SP request' ); + expectForm( $res, '#', undef ); + ok( $res->[2]->[0] =~ /name="openid_identifier"/, ' Found OpenID input' ); + + my $query = + 'openid_identifier=http%3A%2F%2Fauth.idp.com%2Fopenidserver%2Fdwho'; + #ok( + # $res = $sp->_post( + # '/', IO::String->new($query), length => length($query), + # ), + # 'Post OpenID identity' + #); + #print STDERR Dumper($res); } @@ -46,16 +58,54 @@ sub switch { }; } +no warnings 'redefine'; + +sub LWP::UserAgent::request { + my ( $self, $req ) = @_; + ok( $req->uri =~ m#http://auth.idp.com(.*)#, ' Request from SP to IdP' ); + my $url = $1; + my ($res); + count(1); + print STDERR Dumper($req); + if ( $req->method =~ /^post$/i ) { + my $s = $req->content; + ok( + $res = $issuer->_post( + $url, IO::String->new($s), + length => length($s), + type => $req->header('Content-Type'), + ), + ' Execute request' + ); + } + else { + ok( $res = $issuer->_get( $url, ), ' Execute request' ); + } + expectOK($res); + ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#, + ' Content is JSON' ) + or explain( $res->[1], 'Content-Type => application/json' ); + my $httpResp = HTTP::Response->new( $res->[0], 'OK' ); + + while ( my $name = shift @{ $res->[1] } ) { + $httpResp->header( $name, shift( @{ $res->[1] } ) ); + } + $httpResp->content( join( '', @{ $res->[2] } ) ); + count(2); + return $httpResp; +} + sub issuer { return LLNG::Manager::Test->new( { ini => { - logLevel => $debug, - templatesDir => 'site/htdocs/static', - domain => 'idp.com', - portal => 'http://auth.idp.com', - authentication => 'Demo', - userDB => 'Demo', + logLevel => $debug, + templatesDir => 'site/htdocs/static', + domain => 'idp.com', + portal => 'http://auth.idp.com', + authentication => 'Demo', + userDB => 'Demo', + issuerDBOpenIDActivation => 1, } } ); @@ -70,6 +120,7 @@ sub sp { portal => 'http://auth.sp.com', authentication => 'OpenID', userDB => 'OpenID', + openIdSecret => 'qwerty', }, } );