Use new session API in Handler AuthBasic (#671)
This commit is contained in:
Clément Oudot
parent
bb2c6f0003
commit
ed0812d69b
|
|
@ -18,12 +18,13 @@ use HTTP::Headers;
|
||||||
use SOAP::Lite; # link protected portalRequest
|
use SOAP::Lite; # link protected portalRequest
|
||||||
use Lemonldap::NG::Handler::Main::Headers;
|
use Lemonldap::NG::Handler::Main::Headers;
|
||||||
use Lemonldap::NG::Handler::Main::Logger;
|
use Lemonldap::NG::Handler::Main::Logger;
|
||||||
|
use Lemonldap::NG::Common::Session;
|
||||||
|
|
||||||
use base qw(Lemonldap::NG::Handler::DefaultHandler);
|
use base qw(Lemonldap::NG::Handler::DefaultHandler);
|
||||||
use utf8;
|
use utf8;
|
||||||
no utf8;
|
no utf8;
|
||||||
|
|
||||||
our $VERSION = '1.2.3';
|
our $VERSION = '1.4.0';
|
||||||
|
|
||||||
# We need just this constant, that's why Portal is 'required' but not 'used'
|
# We need just this constant, that's why Portal is 'required' but not 'used'
|
||||||
*PE_OK = *Lemonldap::NG::Portal::SharedConf::PE_OK;
|
*PE_OK = *Lemonldap::NG::Portal::SharedConf::PE_OK;
|
||||||
|
|
@ -73,7 +74,7 @@ sub run ($$) {
|
||||||
}
|
}
|
||||||
$user =~ s/^Basic\s*//;
|
$user =~ s/^Basic\s*//;
|
||||||
|
|
||||||
# DEBUG
|
# ID for local cache
|
||||||
$id = md5_base64($user);
|
$id = md5_base64($user);
|
||||||
|
|
||||||
# II - recover the user datas
|
# II - recover the user datas
|
||||||
|
|
@ -82,8 +83,9 @@ sub run ($$) {
|
||||||
unless ( $id eq $datas->{_cache_id} ) {
|
unless ( $id eq $datas->{_cache_id} ) {
|
||||||
|
|
||||||
# 2.2 search in the local cache if exists
|
# 2.2 search in the local cache if exists
|
||||||
|
my $session_id;
|
||||||
unless ($tsv->{refLocalStorage}
|
unless ($tsv->{refLocalStorage}
|
||||||
and $datas = $tsv->{refLocalStorage}->get($id) )
|
and $session_id = $tsv->{refLocalStorage}->get($id) )
|
||||||
{
|
{
|
||||||
|
|
||||||
# 2.3 Authentication by Lemonldap::NG::Portal using SOAP request
|
# 2.3 Authentication by Lemonldap::NG::Portal using SOAP request
|
||||||
|
|
@ -106,7 +108,6 @@ sub run ($$) {
|
||||||
Lemonldap::NG::Handler::Main::Logger->lmLog(
|
Lemonldap::NG::Handler::Main::Logger->lmLog(
|
||||||
"AuthBasic authentication for user: $user", 'debug' );
|
"AuthBasic authentication for user: $user", 'debug' );
|
||||||
my $r = $soap->getCookies( $user, $pass );
|
my $r = $soap->getCookies( $user, $pass );
|
||||||
my $cv;
|
|
||||||
|
|
||||||
# Catch SOAP errors
|
# Catch SOAP errors
|
||||||
if ( $r->fault ) {
|
if ( $r->fault ) {
|
||||||
|
|
@ -128,32 +129,38 @@ sub run ($$) {
|
||||||
'WWW-Authenticate' => 'Basic realm="LemonLDAP::NG"' );
|
'WWW-Authenticate' => 'Basic realm="LemonLDAP::NG"' );
|
||||||
return AUTH_REQUIRED;
|
return AUTH_REQUIRED;
|
||||||
}
|
}
|
||||||
$cv = $res->{cookies}->{ $tsv->{cookieName} };
|
$session_id = $res->{cookies}->{ $tsv->{cookieName} };
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
# Now, normal work to find session
|
# Get the session
|
||||||
my %h;
|
my $apacheSession = Lemonldap::NG::Common::Session->new(
|
||||||
eval {
|
{
|
||||||
tie %h, $tsv->{globalStorage}, $cv,
|
storageModule => $tsv->{globalStorage},
|
||||||
$tsv->{globalStorageOptions};
|
storageModuleOptions => $tsv->{globalStorageOptions},
|
||||||
};
|
cacheModule => $tsv->{localSessionStorage},
|
||||||
if ($@) {
|
cacheModuleOptions => $tsv->{localSessionStorageOptions},
|
||||||
|
id => $session_id,
|
||||||
# The cookie isn't yet available
|
kind => "SSO",
|
||||||
Lemonldap::NG::Handler::Main::Logger->lmLog(
|
|
||||||
"The cookie $cv isn't yet available: $@", 'info' );
|
|
||||||
$class->updateStatus( $class->ip(), $apacheRequest->uri,
|
|
||||||
'EXPIRED' );
|
|
||||||
return $class->goToPortal($uri);
|
|
||||||
}
|
}
|
||||||
$datas->{$_} = $h{$_} foreach ( keys %h );
|
);
|
||||||
$datas->{_cache_id} = $id;
|
|
||||||
|
|
||||||
# Store now the user in the local storage
|
unless ( $apacheSession->data ) {
|
||||||
if ( $tsv->{refLocalStorage} ) {
|
Lemonldap::NG::Handler::Main::Logger->lmLog(
|
||||||
$tsv->{refLocalStorage}->set( $id, $datas, "20 minutes" );
|
"The cookie $session_id isn't yet available", 'info' );
|
||||||
}
|
$class->updateStatus( $class->ip(), $apacheRequest->uri,
|
||||||
untie %h;
|
'EXPIRED' );
|
||||||
|
return $class->goToPortal($uri);
|
||||||
|
}
|
||||||
|
|
||||||
|
$datas->{$_} = $apacheSession->data->{$_}
|
||||||
|
foreach ( keys %{ $apacheSession->data } );
|
||||||
|
$datas->{_cache_id} = $id;
|
||||||
|
|
||||||
|
# Store now the user in the local storage
|
||||||
|
if ( $tsv->{refLocalStorage} ) {
|
||||||
|
$tsv->{refLocalStorage}
|
||||||
|
->set( $id, $datas->{_session_id}, "20 minutes" );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -177,7 +184,9 @@ sub run ($$) {
|
||||||
|
|
||||||
# ACCOUNTING
|
# ACCOUNTING
|
||||||
# 2 - Inform remote application
|
# 2 - Inform remote application
|
||||||
Lemonldap::NG::Handler::Main::Headers->sendHeaders;
|
Lemonldap::NG::Handler::Main::Headers->sendHeaders( $apacheRequest,
|
||||||
|
$tsv->{forgeHeaders} );
|
||||||
|
|
||||||
OK;
|
OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -17,12 +17,13 @@ use HTTP::Headers;
|
||||||
use SOAP::Lite; # link protected portalRequest
|
use SOAP::Lite; # link protected portalRequest
|
||||||
use Lemonldap::NG::Handler::Main::Headers;
|
use Lemonldap::NG::Handler::Main::Headers;
|
||||||
use Lemonldap::NG::Handler::Main::Logger;
|
use Lemonldap::NG::Handler::Main::Logger;
|
||||||
|
use Lemonldap::NG::Common::Session;
|
||||||
|
|
||||||
use base qw(Lemonldap::NG::Handler::DefaultHandler);
|
use base qw(Lemonldap::NG::Handler::DefaultHandler);
|
||||||
use utf8;
|
use utf8;
|
||||||
no utf8;
|
no utf8;
|
||||||
|
|
||||||
our $VERSION = '1.2.3';
|
our $VERSION = '1.4.0';
|
||||||
|
|
||||||
# We need just this constant, that's why Portal is 'required' but not 'used'
|
# We need just this constant, that's why Portal is 'required' but not 'used'
|
||||||
*PE_OK = *Lemonldap::NG::Portal::SharedConf::PE_OK;
|
*PE_OK = *Lemonldap::NG::Portal::SharedConf::PE_OK;
|
||||||
|
|
@ -72,7 +73,7 @@ sub run ($$) {
|
||||||
}
|
}
|
||||||
$user =~ s/^Basic\s*//;
|
$user =~ s/^Basic\s*//;
|
||||||
|
|
||||||
# DEBUG
|
# ID for local cache
|
||||||
$id = md5_base64($user);
|
$id = md5_base64($user);
|
||||||
|
|
||||||
# II - recover the user datas
|
# II - recover the user datas
|
||||||
|
|
@ -81,8 +82,9 @@ sub run ($$) {
|
||||||
unless ( $id eq $datas->{_cache_id} ) {
|
unless ( $id eq $datas->{_cache_id} ) {
|
||||||
|
|
||||||
# 2.2 search in the local cache if exists
|
# 2.2 search in the local cache if exists
|
||||||
|
my $session_id;
|
||||||
unless ($tsv->{refLocalStorage}
|
unless ($tsv->{refLocalStorage}
|
||||||
and $datas = $tsv->{refLocalStorage}->get($id) )
|
and $session_id = $tsv->{refLocalStorage}->get($id) )
|
||||||
{
|
{
|
||||||
|
|
||||||
# 2.3 Authentication by Lemonldap::NG::Portal using SOAP request
|
# 2.3 Authentication by Lemonldap::NG::Portal using SOAP request
|
||||||
|
|
@ -105,7 +107,6 @@ sub run ($$) {
|
||||||
Lemonldap::NG::Handler::Main::Logger->lmLog(
|
Lemonldap::NG::Handler::Main::Logger->lmLog(
|
||||||
"AuthBasic authentication for user: $user", 'debug' );
|
"AuthBasic authentication for user: $user", 'debug' );
|
||||||
my $r = $soap->getCookies( $user, $pass );
|
my $r = $soap->getCookies( $user, $pass );
|
||||||
my $cv;
|
|
||||||
|
|
||||||
# Catch SOAP errors
|
# Catch SOAP errors
|
||||||
if ( $r->fault ) {
|
if ( $r->fault ) {
|
||||||
|
|
@ -127,32 +128,38 @@ sub run ($$) {
|
||||||
'WWW-Authenticate' => 'Basic realm="LemonLDAP::NG"' );
|
'WWW-Authenticate' => 'Basic realm="LemonLDAP::NG"' );
|
||||||
return AUTH_REQUIRED;
|
return AUTH_REQUIRED;
|
||||||
}
|
}
|
||||||
$cv = $res->{cookies}->{ $tsv->{cookieName} };
|
$session_id = $res->{cookies}->{ $tsv->{cookieName} };
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
# Now, normal work to find session
|
# Get the session
|
||||||
my %h;
|
my $apacheSession = Lemonldap::NG::Common::Session->new(
|
||||||
eval {
|
{
|
||||||
tie %h, $tsv->{globalStorage}, $cv,
|
storageModule => $tsv->{globalStorage},
|
||||||
$tsv->{globalStorageOptions};
|
storageModuleOptions => $tsv->{globalStorageOptions},
|
||||||
};
|
cacheModule => $tsv->{localSessionStorage},
|
||||||
if ($@) {
|
cacheModuleOptions => $tsv->{localSessionStorageOptions},
|
||||||
|
id => $session_id,
|
||||||
# The cookie isn't yet available
|
kind => "SSO",
|
||||||
Lemonldap::NG::Handler::Main::Logger->lmLog(
|
|
||||||
"The cookie $cv isn't yet available: $@", 'info' );
|
|
||||||
$class->updateStatus( $class->ip(), $apacheRequest->uri,
|
|
||||||
'EXPIRED' );
|
|
||||||
return $class->goToPortal($uri);
|
|
||||||
}
|
}
|
||||||
$datas->{$_} = $h{$_} foreach ( keys %h );
|
);
|
||||||
$datas->{_cache_id} = $id;
|
|
||||||
|
|
||||||
# Store now the user in the local storage
|
unless ( $apacheSession->data ) {
|
||||||
if ( $tsv->{refLocalStorage} ) {
|
Lemonldap::NG::Handler::Main::Logger->lmLog(
|
||||||
$tsv->{refLocalStorage}->set( $id, $datas, "20 minutes" );
|
"The cookie $session_id isn't yet available", 'info' );
|
||||||
}
|
$class->updateStatus( $class->ip(), $apacheRequest->uri,
|
||||||
untie %h;
|
'EXPIRED' );
|
||||||
|
return $class->goToPortal($uri);
|
||||||
|
}
|
||||||
|
|
||||||
|
$datas->{$_} = $apacheSession->data->{$_}
|
||||||
|
foreach ( keys %{ $apacheSession->data } );
|
||||||
|
$datas->{_cache_id} = $id;
|
||||||
|
|
||||||
|
# Store now the user in the local storage
|
||||||
|
if ( $tsv->{refLocalStorage} ) {
|
||||||
|
$tsv->{refLocalStorage}
|
||||||
|
->set( $id, $datas->{_session_id}, "20 minutes" );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -176,7 +183,9 @@ sub run ($$) {
|
||||||
|
|
||||||
# ACCOUNTING
|
# ACCOUNTING
|
||||||
# 2 - Inform remote application
|
# 2 - Inform remote application
|
||||||
Lemonldap::NG::Handler::Main::Headers->sendHeaders;
|
Lemonldap::NG::Handler::Main::Headers->sendHeaders( $apacheRequest,
|
||||||
|
$tsv->{forgeHeaders} );
|
||||||
|
|
||||||
OK;
|
OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user