dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Refactor CAS code (#2321)

Browse Source
This commit is contained in:
Maxime Besson 2021-01-05 11:38:20 +01:00
parent baeba92067
commit e78f8a2270
2 changed files with 37 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/CAS.pm
View File

@ -59,10 +59,9 @@ sub init {
);
# Add CAS Services, so we can check service= parameter on logout
foreach my $casSrv ( keys %{ $self->conf->{casAppMetaDataOptions} } ) {
foreach my $casSrv ( keys %{ $self->casAppList } ) {
if ( my $serviceUrl =
$self->conf->{casAppMetaDataOptions}->{$casSrv}
->{casAppMetaDataOptionsService} )
$self->casAppList->{$casSrv}->{casAppMetaDataOptionsService} )
{
push @{ $self->p->{additionalTrustedDomains} }, $serviceUrl;
$self->logger->debug(
@ -96,14 +95,14 @@ sub storeEnvAndCheckGateway {
if ( $service and $service =~ m#^(https?://[^/]+)(/.*)?$# ) {
my ( $host, $uri ) = ( $1, $2 );
my $app = $self->casAppList->{$host};
my $app = $self->getCasApp($service);
if ($app) {
$req->env->{llng_cas_app} = $app;
# Store target authentication level in pdata
my $targetAuthnLevel = $self->conf->{casAppMetaDataOptions}->{$app}
->{casAppMetaDataOptionsAuthnLevel};
my $targetAuthnLevel =
$self->casAppList->{$app}->{casAppMetaDataOptionsAuthnLevel};
$req->pdata->{targetAuthnLevel} = $targetAuthnLevel
if $targetAuthnLevel;
@ -168,12 +167,12 @@ sub run {
return PE_ERROR;
}
my ( $host, $uri ) = ( $1, $2 );
my $app = $self->casAppList->{$host};
my $app = $self->getCasApp($service);
my $spAuthnLevel = 0;
if ($app) {
$spAuthnLevel = $self->conf->{casAppMetaDataOptions}->{$app}
->{casAppMetaDataOptionsAuthnLevel} || 0;
$spAuthnLevel =
$self->casAppList->{$app}->{casAppMetaDataOptionsAuthnLevel} || 0;
}
# Renew
@ -851,10 +850,8 @@ sub getUsernameForApp {
my $username_attribute =
( $app
and $self->conf->{casAppMetaDataOptions}->{$app}
->{casAppMetaDataOptionsUserAttribute} )
? $self->conf->{casAppMetaDataOptions}->{$app}
->{casAppMetaDataOptionsUserAttribute}
and $self->casAppList->{$app}->{casAppMetaDataOptionsUserAttribute} )
? $self->casAppList->{$app}->{casAppMetaDataOptionsUserAttribute}
: ( $self->conf->{casAttr}
|| $self->conf->{whatToTrace} );

34
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/CAS.pm
View File

@ -5,6 +5,7 @@ use Mouse;
use Lemonldap::NG::Common::FormEncode;
use XML::Simple;
use Lemonldap::NG::Common::UserAgent;
use URI;
our $VERSION = '2.0.8';
@ -43,20 +44,21 @@ sub loadSrv {
return 1;
}
# Load CAS application list, key is the service URL
# Load CAS application list
sub loadApp {
my ($self) = @_;
unless ( $self->conf->{casAppMetaDataOptions}
if ( $self->conf->{casAppMetaDataOptions}
and %{ $self->conf->{casAppMetaDataOptions} } )
{
$self->casAppList( $self->conf->{casAppMetaDataOptions} );
}
else {
$self->logger->info("No CAS apps found in configuration");
}
foreach ( keys %{ $self->conf->{casAppMetaDataOptions} } ) {
my $tmp =
$self->conf->{casAppMetaDataOptions}->{$_}
->{casAppMetaDataOptionsService};
$tmp =~ s#^(https?://[^/]+).*$#$1#;
$self->casAppList->{$tmp} = $_;
# Load access rule
my $rule = $self->conf->{casAppMetaDataOptions}->{$_}
->{casAppMetaDataOptionsRule};
if ( length $rule ) {
@ -497,6 +499,24 @@ sub retrievePT {
return $pt;
}
# Get CAS App from service URL
sub getCasApp {
my ( $self, $url ) = @_;
my $hostname = URI->new($url)->host;
return undef unless $hostname;
for my $app ( keys %{ $self->casAppList } ) {
my $appHost =
URI->new( $self->casAppList->{$app}->{casAppMetaDataOptionsService} )
->host;
return $app if ( $hostname eq $appHost );
}
return undef;
}
1;
__END__