Refactor CAS code (#2321)
This commit is contained in:
parent
baeba92067
commit
e78f8a2270
|
@ -59,10 +59,9 @@ sub init {
|
|||
);
|
||||
|
||||
# Add CAS Services, so we can check service= parameter on logout
|
||||
foreach my $casSrv ( keys %{ $self->conf->{casAppMetaDataOptions} } ) {
|
||||
foreach my $casSrv ( keys %{ $self->casAppList } ) {
|
||||
if ( my $serviceUrl =
|
||||
$self->conf->{casAppMetaDataOptions}->{$casSrv}
|
||||
->{casAppMetaDataOptionsService} )
|
||||
$self->casAppList->{$casSrv}->{casAppMetaDataOptionsService} )
|
||||
{
|
||||
push @{ $self->p->{additionalTrustedDomains} }, $serviceUrl;
|
||||
$self->logger->debug(
|
||||
|
@ -96,14 +95,14 @@ sub storeEnvAndCheckGateway {
|
|||
|
||||
if ( $service and $service =~ m#^(https?://[^/]+)(/.*)?$# ) {
|
||||
my ( $host, $uri ) = ( $1, $2 );
|
||||
my $app = $self->casAppList->{$host};
|
||||
my $app = $self->getCasApp($service);
|
||||
|
||||
if ($app) {
|
||||
$req->env->{llng_cas_app} = $app;
|
||||
|
||||
# Store target authentication level in pdata
|
||||
my $targetAuthnLevel = $self->conf->{casAppMetaDataOptions}->{$app}
|
||||
->{casAppMetaDataOptionsAuthnLevel};
|
||||
my $targetAuthnLevel =
|
||||
$self->casAppList->{$app}->{casAppMetaDataOptionsAuthnLevel};
|
||||
$req->pdata->{targetAuthnLevel} = $targetAuthnLevel
|
||||
if $targetAuthnLevel;
|
||||
|
||||
|
@ -168,12 +167,12 @@ sub run {
|
|||
return PE_ERROR;
|
||||
}
|
||||
my ( $host, $uri ) = ( $1, $2 );
|
||||
my $app = $self->casAppList->{$host};
|
||||
my $app = $self->getCasApp($service);
|
||||
|
||||
my $spAuthnLevel = 0;
|
||||
if ($app) {
|
||||
$spAuthnLevel = $self->conf->{casAppMetaDataOptions}->{$app}
|
||||
->{casAppMetaDataOptionsAuthnLevel} || 0;
|
||||
$spAuthnLevel =
|
||||
$self->casAppList->{$app}->{casAppMetaDataOptionsAuthnLevel} || 0;
|
||||
}
|
||||
|
||||
# Renew
|
||||
|
@ -851,10 +850,8 @@ sub getUsernameForApp {
|
|||
|
||||
my $username_attribute =
|
||||
( $app
|
||||
and $self->conf->{casAppMetaDataOptions}->{$app}
|
||||
->{casAppMetaDataOptionsUserAttribute} )
|
||||
? $self->conf->{casAppMetaDataOptions}->{$app}
|
||||
->{casAppMetaDataOptionsUserAttribute}
|
||||
and $self->casAppList->{$app}->{casAppMetaDataOptionsUserAttribute} )
|
||||
? $self->casAppList->{$app}->{casAppMetaDataOptionsUserAttribute}
|
||||
: ( $self->conf->{casAttr}
|
||||
|| $self->conf->{whatToTrace} );
|
||||
|
||||
|
|
|
@ -5,6 +5,7 @@ use Mouse;
|
|||
use Lemonldap::NG::Common::FormEncode;
|
||||
use XML::Simple;
|
||||
use Lemonldap::NG::Common::UserAgent;
|
||||
use URI;
|
||||
|
||||
our $VERSION = '2.0.8';
|
||||
|
||||
|
@ -43,20 +44,21 @@ sub loadSrv {
|
|||
return 1;
|
||||
}
|
||||
|
||||
# Load CAS application list, key is the service URL
|
||||
# Load CAS application list
|
||||
sub loadApp {
|
||||
my ($self) = @_;
|
||||
unless ( $self->conf->{casAppMetaDataOptions}
|
||||
if ( $self->conf->{casAppMetaDataOptions}
|
||||
and %{ $self->conf->{casAppMetaDataOptions} } )
|
||||
{
|
||||
$self->casAppList( $self->conf->{casAppMetaDataOptions} );
|
||||
}
|
||||
else {
|
||||
$self->logger->info("No CAS apps found in configuration");
|
||||
}
|
||||
|
||||
foreach ( keys %{ $self->conf->{casAppMetaDataOptions} } ) {
|
||||
my $tmp =
|
||||
$self->conf->{casAppMetaDataOptions}->{$_}
|
||||
->{casAppMetaDataOptionsService};
|
||||
$tmp =~ s#^(https?://[^/]+).*$#$1#;
|
||||
$self->casAppList->{$tmp} = $_;
|
||||
|
||||
# Load access rule
|
||||
my $rule = $self->conf->{casAppMetaDataOptions}->{$_}
|
||||
->{casAppMetaDataOptionsRule};
|
||||
if ( length $rule ) {
|
||||
|
@ -497,6 +499,24 @@ sub retrievePT {
|
|||
return $pt;
|
||||
}
|
||||
|
||||
# Get CAS App from service URL
|
||||
sub getCasApp {
|
||||
my ( $self, $url ) = @_;
|
||||
|
||||
my $hostname = URI->new($url)->host;
|
||||
return undef unless $hostname;
|
||||
|
||||
for my $app ( keys %{ $self->casAppList } ) {
|
||||
my $appHost =
|
||||
URI->new( $self->casAppList->{$app}->{casAppMetaDataOptionsService} )
|
||||
->host;
|
||||
|
||||
return $app if ( $hostname eq $appHost );
|
||||
|
||||
}
|
||||
return undef;
|
||||
}
|
||||
|
||||
1;
|
||||
__END__
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user