From f1ac524c24e4cec0ca45845b2b57762926643d3d Mon Sep 17 00:00:00 2001
From: Xavier Guimard <xavier.guimard@laposte.net>
Date: Sat, 18 Mar 2017 19:51:00 +0000
Subject: [PATCH] Use OTT for state token (#(595)

---
 .../Lemonldap/NG/Portal/Lib/OpenIDConnect.pm  | 22 ++++---------------
 .../t/37-OIDC-RP-to-SAML-IdP.t                |  2 +-
 2 files changed, 5 insertions(+), 19 deletions(-)

diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm
index 63bf74ff4..f0c0731a5 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm
@@ -55,7 +55,6 @@ has ott => (
     lazy    => 1,
     default => sub {
         my $ott = $_[0]->{p}->loadModule('::Lib::OneTimeToken');
-        $ott->timeout( $_[0]->timeout );
         return $ott;
     }
 );
@@ -687,11 +686,7 @@ sub storeState {
     $infos->{_utime} = $time + ( $stateTimeout - $timeout );
 
     # Create state session and store infos
-    my $stateSession = $self->getOpenIDConnectSession( undef, $infos );
-    return unless $stateSession;
-
-    # Return session ID
-    return $stateSession->id;
+    return $self->ott->createToken($infos);
 }
 
 # Extract state information into $self
@@ -701,14 +696,14 @@ sub extractState {
     return 0 unless $state;
 
     # Open state session
-    my $stateSession = $self->getOpenIDConnectSession($state);
+    my $stateSession = $self->ott->getToken($state);
 
     return 0 unless $stateSession;
 
     # Push values in $self
-    foreach ( keys %{ $stateSession->data } ) {
+    foreach ( keys %{ $stateSession } ) {
         next if $_ =~ /(type|_session_id|_session_kind|_utime)/;
-        my $tmp = $stateSession->data->{$_};
+        my $tmp = $stateSession->{$_};
         if (s/^datas_//) {
             $req->datas->{$_} = $tmp;
         }
@@ -720,15 +715,6 @@ sub extractState {
         }
     }
 
-    # Delete state session
-    if ( $stateSession->remove ) {
-        $self->logger->debug("State $state was deleted");
-    }
-    else {
-        $self->logger->error("Unable to delete state $state");
-        $self->logger->error( $stateSession->error );
-    }
-
     return 1;
 }
 
diff --git a/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP.t b/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP.t
index f01d0f899..cc47fa835 100644
--- a/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP.t
+++ b/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP.t
@@ -9,7 +9,7 @@ BEGIN {
 }
 
 my $maintests = 11;
-my $debug     = 'debug';
+my $debug     = 'error';
 my ( $idp, $sp, $rp, $res );
 my %handlerOR = ( idp => [], sp => [], rp => [] );