Use OTT for state token (#(595)

lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm

@@ -55,7 +55,6 @@ has ott => (
     lazy    => 1,
     default => sub {
         my $ott = $_[0]->{p}->loadModule('::Lib::OneTimeToken');
-        $ott->timeout( $_[0]->timeout );
         return $ott;
     }
 );
@@ -687,11 +686,7 @@ sub storeState {
     $infos->{_utime} = $time + ( $stateTimeout - $timeout );
 
     # Create state session and store infos
-    my $stateSession = $self->getOpenIDConnectSession( undef, $infos );
-    return unless $stateSession;
-
-    # Return session ID
-    return $stateSession->id;
+    return $self->ott->createToken($infos);
 }
 
 # Extract state information into $self
@@ -701,14 +696,14 @@ sub extractState {
     return 0 unless $state;
 
     # Open state session
-    my $stateSession = $self->getOpenIDConnectSession($state);
+    my $stateSession = $self->ott->getToken($state);
 
     return 0 unless $stateSession;
 
     # Push values in $self
-    foreach ( keys %{ $stateSession->data } ) {
+    foreach ( keys %{ $stateSession } ) {
         next if $_ =~ /(type|_session_id|_session_kind|_utime)/;
-        my $tmp = $stateSession->data->{$_};
+        my $tmp = $stateSession->{$_};
         if (s/^datas_//) {
             $req->datas->{$_} = $tmp;
         }
@@ -720,15 +715,6 @@ sub extractState {
         }
     }
 
-    # Delete state session
-    if ( $stateSession->remove ) {
-        $self->logger->debug("State $state was deleted");
-    }
-    else {
-        $self->logger->error("Unable to delete state $state");
-        $self->logger->error( $stateSession->error );
-    }
-
     return 1;
 }
 

lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP.t

@@ -9,7 +9,7 @@ BEGIN {
 }
 
 my $maintests = 11;
-my $debug     = 'debug';
+my $debug     = 'error';
 my ( $idp, $sp, $rp, $res );
 my %handlerOR = ( idp => [], sp => [], rp => [] );