WIP - Modify oidcConsents key structure
This commit is contained in:
Christophe Maudoux
parent
8d5693dc1d
commit
eff2b66cf2
|
|
@ -370,8 +370,6 @@ sub run {
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
my $ask_for_consent = 1;
|
my $ask_for_consent = 1;
|
||||||
|
|
||||||
########################
|
|
||||||
my $_oidcConsents;
|
my $_oidcConsents;
|
||||||
my @RPoidcConsent = ();
|
my @RPoidcConsent = ();
|
||||||
|
|
||||||
|
|
@ -404,18 +402,6 @@ sub run {
|
||||||
{ rp => $rp, epoch => '', scope => '' };
|
{ rp => $rp, epoch => '', scope => '' };
|
||||||
}
|
}
|
||||||
|
|
||||||
###################
|
|
||||||
|
|
||||||
#if ( $req->{sessionInfo}->{"_oidc_consent_time_$rp"}
|
|
||||||
#and $req->{sessionInfo}->{"_oidc_consent_scope_$rp"} )
|
|
||||||
|
|
||||||
#{
|
|
||||||
#$ask_for_consent = 0;
|
|
||||||
#my $consent_time =
|
|
||||||
#$req->{sessionInfo}->{"_oidc_consent_time_$rp"};
|
|
||||||
#my $consent_scope =
|
|
||||||
#$req->{sessionInfo}->{"_oidc_consent_scope_$rp"};
|
|
||||||
|
|
||||||
if ( $RPoidcConsent[0]{rp} eq $rp ) {
|
if ( $RPoidcConsent[0]{rp} eq $rp ) {
|
||||||
$ask_for_consent = 0;
|
$ask_for_consent = 0;
|
||||||
|
|
||||||
|
|
@ -451,6 +437,7 @@ sub run {
|
||||||
if ( $req->param('confirm')
|
if ( $req->param('confirm')
|
||||||
and $req->param('confirm') == 1 )
|
and $req->param('confirm') == 1 )
|
||||||
{
|
{
|
||||||
|
############
|
||||||
$self->p->updatePersistentSession( $req,
|
$self->p->updatePersistentSession( $req,
|
||||||
{ "_oidc_consent_time_$rp" => time } );
|
{ "_oidc_consent_time_$rp" => time } );
|
||||||
$self->p->updatePersistentSession(
|
$self->p->updatePersistentSession(
|
||||||
|
|
@ -460,20 +447,15 @@ sub run {
|
||||||
$oidc_request->{'scope'}
|
$oidc_request->{'scope'}
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
############
|
||||||
################
|
|
||||||
|
|
||||||
$RPoidcConsent[0]{epoch} = time;
|
$RPoidcConsent[0]{epoch} = time;
|
||||||
$RPoidcConsent[0]{scope} = $oidc_request->{'scope'};
|
$RPoidcConsent[0]{scope} = $oidc_request->{'scope'};
|
||||||
|
|
||||||
push @{$_oidcConsents}, @RPoidcConsent;
|
push @{$_oidcConsents}, @RPoidcConsent;
|
||||||
$self->logger->debug(
|
$self->logger->debug(
|
||||||
"Append Relying Party $rp Consent");
|
"Append Relying Party $rp Consent");
|
||||||
$self->p->updatePersistentSession( $req,
|
$self->p->updatePersistentSession( $req,
|
||||||
{ _oidcConsents => to_json($_oidcConsents) } );
|
{ _oidcConsents => to_json($_oidcConsents) } );
|
||||||
|
|
||||||
#################
|
|
||||||
|
|
||||||
$self->logger->debug(
|
$self->logger->debug(
|
||||||
"Consent given for Relying Party $rp");
|
"Consent given for Relying Party $rp");
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -7,6 +7,7 @@ our $VERSION = '2.0.0';
|
||||||
package Lemonldap::NG::Portal::Main;
|
package Lemonldap::NG::Portal::Main;
|
||||||
use strict;
|
use strict;
|
||||||
use Mouse;
|
use Mouse;
|
||||||
|
use JSON;
|
||||||
|
|
||||||
has skinRules => ( is => 'rw' );
|
has skinRules => ( is => 'rw' );
|
||||||
|
|
||||||
|
|
@ -521,18 +522,46 @@ sub mkOidcConsent {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
my $consents = {};
|
# Loading existing oidcConsents
|
||||||
|
$self->logger->debug("Loading OIDC Consents ...");
|
||||||
foreach ( keys %$session ) {
|
my @consents = ();
|
||||||
if ( $_ =~ /_oidc_consent_time_(.+)$/ ) {
|
if ( exists $session->{_oidcConsents} ) {
|
||||||
$consents->{$1}->{time} = $session->{ "_oidc_consent_time_" . $1 };
|
@consents = eval {
|
||||||
$consents->{$1}->{scope} =
|
from_json( $session->{_oidcConsents}, { allow_nonref => 1 } );
|
||||||
$session->{ "_oidc_consent_scope_" . $1 };
|
};
|
||||||
$consents->{$1}->{displayName} =
|
if ($@) {
|
||||||
$self->conf->{oidcRPMetaDataOptions}->{$1}
|
$self->logger->error("Corrupted session (_oidcConsents): $@");
|
||||||
->{oidcRPMetaDataOptionsDisplayName};
|
return PE_ERROR;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
else {
|
||||||
|
$self->logger->debug("No OIDC Consent found");
|
||||||
|
|
||||||
|
#$_oidcConsents = [];
|
||||||
|
}
|
||||||
|
|
||||||
|
my $consents = {};
|
||||||
|
#####################
|
||||||
|
|
||||||
|
foreach (@consents) {
|
||||||
|
my $rp = {$_}->{rp};
|
||||||
|
$consents->{$rp}->{epoch} = $_->{epoch};
|
||||||
|
$consents->{$rp}->{scope} = $_->{scope};
|
||||||
|
$consents->{$rp}->{displayName} =
|
||||||
|
$self->conf->{oidcRPMetaDataOptions}->{$rp}->{oidcRPMetaDataOptionsDisplayName};
|
||||||
|
}
|
||||||
|
|
||||||
|
#foreach ( keys %$session ) {
|
||||||
|
#if ( $_ =~ /_oidc_consent_time_(.+)$/ ) {
|
||||||
|
#$consents->{$1}->{time} = $session->{ "_oidc_consent_time_" . $1 };
|
||||||
|
#$consents->{$1}->{scope} =
|
||||||
|
#$session->{ "_oidc_consent_scope_" . $1 };
|
||||||
|
#$consents->{$1}->{displayName} =
|
||||||
|
#$self->conf->{oidcRPMetaDataOptions}->{$1}
|
||||||
|
#->{oidcRPMetaDataOptionsDisplayName};
|
||||||
|
#}
|
||||||
|
#}
|
||||||
|
#####################
|
||||||
|
|
||||||
return $self->loadTemplate(
|
return $self->loadTemplate(
|
||||||
'oidcConsents',
|
'oidcConsents',
|
||||||
|
|
@ -541,7 +570,7 @@ sub mkOidcConsent {
|
||||||
map {
|
map {
|
||||||
{
|
{
|
||||||
name => $_,
|
name => $_,
|
||||||
time => $consents->{$_}->{time},
|
time => $consents->{$_}->{epoch},
|
||||||
scope => $consents->{$_}->{scope},
|
scope => $consents->{$_}->{scope},
|
||||||
displayName => $consents->{$_}->{displayName}
|
displayName => $consents->{$_}->{displayName}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user