Refactor CAS code (#2321)
This commit is contained in:
parent
baeba92067
commit
e78f8a2270
|
@ -59,10 +59,9 @@ sub init {
|
||||||
);
|
);
|
||||||
|
|
||||||
# Add CAS Services, so we can check service= parameter on logout
|
# Add CAS Services, so we can check service= parameter on logout
|
||||||
foreach my $casSrv ( keys %{ $self->conf->{casAppMetaDataOptions} } ) {
|
foreach my $casSrv ( keys %{ $self->casAppList } ) {
|
||||||
if ( my $serviceUrl =
|
if ( my $serviceUrl =
|
||||||
$self->conf->{casAppMetaDataOptions}->{$casSrv}
|
$self->casAppList->{$casSrv}->{casAppMetaDataOptionsService} )
|
||||||
->{casAppMetaDataOptionsService} )
|
|
||||||
{
|
{
|
||||||
push @{ $self->p->{additionalTrustedDomains} }, $serviceUrl;
|
push @{ $self->p->{additionalTrustedDomains} }, $serviceUrl;
|
||||||
$self->logger->debug(
|
$self->logger->debug(
|
||||||
|
@ -96,14 +95,14 @@ sub storeEnvAndCheckGateway {
|
||||||
|
|
||||||
if ( $service and $service =~ m#^(https?://[^/]+)(/.*)?$# ) {
|
if ( $service and $service =~ m#^(https?://[^/]+)(/.*)?$# ) {
|
||||||
my ( $host, $uri ) = ( $1, $2 );
|
my ( $host, $uri ) = ( $1, $2 );
|
||||||
my $app = $self->casAppList->{$host};
|
my $app = $self->getCasApp($service);
|
||||||
|
|
||||||
if ($app) {
|
if ($app) {
|
||||||
$req->env->{llng_cas_app} = $app;
|
$req->env->{llng_cas_app} = $app;
|
||||||
|
|
||||||
# Store target authentication level in pdata
|
# Store target authentication level in pdata
|
||||||
my $targetAuthnLevel = $self->conf->{casAppMetaDataOptions}->{$app}
|
my $targetAuthnLevel =
|
||||||
->{casAppMetaDataOptionsAuthnLevel};
|
$self->casAppList->{$app}->{casAppMetaDataOptionsAuthnLevel};
|
||||||
$req->pdata->{targetAuthnLevel} = $targetAuthnLevel
|
$req->pdata->{targetAuthnLevel} = $targetAuthnLevel
|
||||||
if $targetAuthnLevel;
|
if $targetAuthnLevel;
|
||||||
|
|
||||||
|
@ -168,12 +167,12 @@ sub run {
|
||||||
return PE_ERROR;
|
return PE_ERROR;
|
||||||
}
|
}
|
||||||
my ( $host, $uri ) = ( $1, $2 );
|
my ( $host, $uri ) = ( $1, $2 );
|
||||||
my $app = $self->casAppList->{$host};
|
my $app = $self->getCasApp($service);
|
||||||
|
|
||||||
my $spAuthnLevel = 0;
|
my $spAuthnLevel = 0;
|
||||||
if ($app) {
|
if ($app) {
|
||||||
$spAuthnLevel = $self->conf->{casAppMetaDataOptions}->{$app}
|
$spAuthnLevel =
|
||||||
->{casAppMetaDataOptionsAuthnLevel} || 0;
|
$self->casAppList->{$app}->{casAppMetaDataOptionsAuthnLevel} || 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
# Renew
|
# Renew
|
||||||
|
@ -851,10 +850,8 @@ sub getUsernameForApp {
|
||||||
|
|
||||||
my $username_attribute =
|
my $username_attribute =
|
||||||
( $app
|
( $app
|
||||||
and $self->conf->{casAppMetaDataOptions}->{$app}
|
and $self->casAppList->{$app}->{casAppMetaDataOptionsUserAttribute} )
|
||||||
->{casAppMetaDataOptionsUserAttribute} )
|
? $self->casAppList->{$app}->{casAppMetaDataOptionsUserAttribute}
|
||||||
? $self->conf->{casAppMetaDataOptions}->{$app}
|
|
||||||
->{casAppMetaDataOptionsUserAttribute}
|
|
||||||
: ( $self->conf->{casAttr}
|
: ( $self->conf->{casAttr}
|
||||||
|| $self->conf->{whatToTrace} );
|
|| $self->conf->{whatToTrace} );
|
||||||
|
|
||||||
|
|
|
@ -5,6 +5,7 @@ use Mouse;
|
||||||
use Lemonldap::NG::Common::FormEncode;
|
use Lemonldap::NG::Common::FormEncode;
|
||||||
use XML::Simple;
|
use XML::Simple;
|
||||||
use Lemonldap::NG::Common::UserAgent;
|
use Lemonldap::NG::Common::UserAgent;
|
||||||
|
use URI;
|
||||||
|
|
||||||
our $VERSION = '2.0.8';
|
our $VERSION = '2.0.8';
|
||||||
|
|
||||||
|
@ -43,20 +44,21 @@ sub loadSrv {
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
# Load CAS application list, key is the service URL
|
# Load CAS application list
|
||||||
sub loadApp {
|
sub loadApp {
|
||||||
my ($self) = @_;
|
my ($self) = @_;
|
||||||
unless ( $self->conf->{casAppMetaDataOptions}
|
if ( $self->conf->{casAppMetaDataOptions}
|
||||||
and %{ $self->conf->{casAppMetaDataOptions} } )
|
and %{ $self->conf->{casAppMetaDataOptions} } )
|
||||||
{
|
{
|
||||||
|
$self->casAppList( $self->conf->{casAppMetaDataOptions} );
|
||||||
|
}
|
||||||
|
else {
|
||||||
$self->logger->info("No CAS apps found in configuration");
|
$self->logger->info("No CAS apps found in configuration");
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach ( keys %{ $self->conf->{casAppMetaDataOptions} } ) {
|
foreach ( keys %{ $self->conf->{casAppMetaDataOptions} } ) {
|
||||||
my $tmp =
|
|
||||||
$self->conf->{casAppMetaDataOptions}->{$_}
|
# Load access rule
|
||||||
->{casAppMetaDataOptionsService};
|
|
||||||
$tmp =~ s#^(https?://[^/]+).*$#$1#;
|
|
||||||
$self->casAppList->{$tmp} = $_;
|
|
||||||
my $rule = $self->conf->{casAppMetaDataOptions}->{$_}
|
my $rule = $self->conf->{casAppMetaDataOptions}->{$_}
|
||||||
->{casAppMetaDataOptionsRule};
|
->{casAppMetaDataOptionsRule};
|
||||||
if ( length $rule ) {
|
if ( length $rule ) {
|
||||||
|
@ -497,6 +499,24 @@ sub retrievePT {
|
||||||
return $pt;
|
return $pt;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Get CAS App from service URL
|
||||||
|
sub getCasApp {
|
||||||
|
my ( $self, $url ) = @_;
|
||||||
|
|
||||||
|
my $hostname = URI->new($url)->host;
|
||||||
|
return undef unless $hostname;
|
||||||
|
|
||||||
|
for my $app ( keys %{ $self->casAppList } ) {
|
||||||
|
my $appHost =
|
||||||
|
URI->new( $self->casAppList->{$app}->{casAppMetaDataOptionsService} )
|
||||||
|
->host;
|
||||||
|
|
||||||
|
return $app if ( $hostname eq $appHost );
|
||||||
|
|
||||||
|
}
|
||||||
|
return undef;
|
||||||
|
}
|
||||||
|
|
||||||
1;
|
1;
|
||||||
__END__
|
__END__
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user