dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

WIP - Modify oidcConsents key structure

Browse Source
This commit is contained in:
Christophe Maudoux 2018-07-15 19:17:48 +02:00
parent 8d5693dc1d
commit eff2b66cf2
2 changed files with 42 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm
View File

@ -370,8 +370,6 @@ sub run {
}
else {
my $ask_for_consent = 1;
########################
my $_oidcConsents;
my @RPoidcConsent = ();
@ -404,18 +402,6 @@ sub run {
{ rp => $rp, epoch => '', scope => '' };
}
###################
#if ( $req->{sessionInfo}->{"_oidc_consent_time_$rp"}
#and $req->{sessionInfo}->{"_oidc_consent_scope_$rp"} )
#{
#$ask_for_consent = 0;
#my $consent_time =
#$req->{sessionInfo}->{"_oidc_consent_time_$rp"};
#my $consent_scope =
#$req->{sessionInfo}->{"_oidc_consent_scope_$rp"};
if ( $RPoidcConsent[0]{rp} eq $rp ) {
$ask_for_consent = 0;
@ -451,6 +437,7 @@ sub run {
if ( $req->param('confirm')
and $req->param('confirm') == 1 )
{
############
$self->p->updatePersistentSession( $req,
{ "_oidc_consent_time_$rp" => time } );
$self->p->updatePersistentSession(
@ -460,20 +447,15 @@ sub run {
$oidc_request->{'scope'}
}
);
################
############
$RPoidcConsent[0]{epoch} = time;
$RPoidcConsent[0]{scope} = $oidc_request->{'scope'};
push @{$_oidcConsents}, @RPoidcConsent;
$self->logger->debug(
"Append Relying Party $rp Consent");
$self->p->updatePersistentSession( $req,
{ _oidcConsents => to_json($_oidcConsents) } );
#################
$self->logger->debug(
"Consent given for Relying Party $rp");
}

51
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm
View File

@ -7,6 +7,7 @@ our $VERSION = '2.0.0';
package Lemonldap::NG::Portal::Main;
use strict;
use Mouse;
use JSON;
has skinRules => ( is => 'rw' );
@ -521,18 +522,46 @@ sub mkOidcConsent {
}
}
my $consents = {};
foreach ( keys %$session ) {
if ( $_ =~ /_oidc_consent_time_(.+)$/ ) {
$consents->{$1}->{time} = $session->{ "_oidc_consent_time_" . $1 };
$consents->{$1}->{scope} =
$session->{ "_oidc_consent_scope_" . $1 };
$consents->{$1}->{displayName} =
$self->conf->{oidcRPMetaDataOptions}->{$1}
->{oidcRPMetaDataOptionsDisplayName};
# Loading existing oidcConsents
$self->logger->debug("Loading OIDC Consents ...");
my @consents = ();
if ( exists $session->{_oidcConsents} ) {
@consents = eval {
from_json( $session->{_oidcConsents}, { allow_nonref => 1 } );
};
if ($@) {
$self->logger->error("Corrupted session (_oidcConsents): $@");
return PE_ERROR;
}
}
else {
$self->logger->debug("No OIDC Consent found");
#$_oidcConsents = [];
}
my $consents = {};
#####################
foreach (@consents) {
my $rp = {$_}->{rp};
$consents->{$rp}->{epoch} = $_->{epoch};
$consents->{$rp}->{scope} = $_->{scope};
$consents->{$rp}->{displayName} =
$self->conf->{oidcRPMetaDataOptions}->{$rp}->{oidcRPMetaDataOptionsDisplayName};
}
#foreach ( keys %$session ) {
#if ( $_ =~ /_oidc_consent_time_(.+)$/ ) {
#$consents->{$1}->{time} = $session->{ "_oidc_consent_time_" . $1 };
#$consents->{$1}->{scope} =
#$session->{ "_oidc_consent_scope_" . $1 };
#$consents->{$1}->{displayName} =
#$self->conf->{oidcRPMetaDataOptions}->{$1}
#->{oidcRPMetaDataOptionsDisplayName};
#}
#}
#####################
return $self->loadTemplate(
'oidcConsents',
@ -541,7 +570,7 @@ sub mkOidcConsent {
map {
{
name => $_,
time => $consents->{$_}->{time},
time => $consents->{$_}->{epoch},
scope => $consents->{$_}->{scope},
displayName => $consents->{$_}->{displayName}
}