diff --git a/lemonldap-ng-portal/KINEMATIC.md b/lemonldap-ng-portal/KINEMATIC.md index bc4e7170c..f58515aaa 100644 --- a/lemonldap-ng-portal/KINEMATIC.md +++ b/lemonldap-ng-portal/KINEMATIC.md @@ -14,48 +14,67 @@ Simple::new(): ### Request managing -| | Method | Comment | Auth users | Unauth | Proposed PSGI route -|---|-----------------------------------|:-------------------------------------:|---|---|-------------------------- -| 0 | _startSoapServices_ | Manage som path info | | X | /sessions -| 1 | controlUrlOrigin | check `url` parameter (+confirmation) | X | X | -| 2 | checkNotifBack | check accepted notifications | X | | -| 3 | controlExistingSession | check cookie | X | | -| | | * display captcha image | | X | /captcha -| | | * logout | X | | /logout -| | | * remove existing sessions | X | | -| | | * respond to ping | X | | /ping -| | | * respond to `storeAppsListOrder` | X | | /storeAppsListOrder -| | | * _If user is authenticated, call:_ | X | | -| | | - _issuerForAuthUser_ | X | | -| | | - _authFinish_ | X | | -| | | - _autoRedirect_ | X | | -| | _existingSession_ | manage reauthentication and force | X | | -| | _IssuerDB::issuerDBInit_ | | | | _(init^)_ -| | _Auth::authInit_ | | | | _(init^)_ -| 4 | __Issuer__::issuerForUnAuthUser | | | X | Many (SSO, SLO, SOAP,...) -| 5 | __Auth__::extractFormInfo | First call to auth module | | X | -| | _UserDB::userDBInit_ | | | | _(init^)_ -| 6 | __UserDB__::getUser | First call to UserDB: set $\_user | | X | -| 7 | __Auth__::setAuthSessionInfo | Auth module can set infos to session | | X | -| | _PasswordDB::passwordDBInit_ | | | | _(init^)_ -| 8 | __PasswordDB__::modifyPassword | Unique call to PasswordDB | | ? | ? -| 9 | setSessionInfo | Store datas in `$sessionInfo` | | X | -| 10 | setMacros | Update $sessionInfo with macros | | X | -| 11 | __UserDB__::setGroups | Set `$sessionInfo->{group}` | | X | -| 12 | setPersistentSessionInfo | Store some datas in persistent DB | | X | -| 13 | setLocalGroups | Set `$sessionInfo->{group}` | | X | -| 14 | __MailReset__::sendPasswordMail | Called if password was changed | | ? | -| 15 | __Auth__::authenticate | 3rd call to _Auth_ module (for LDAP) | P | | -| 16 | __Auth__::authFinish | Last call to _Auth_ | P | | -| 17 | __UserDB__::userDBFinish | Last call to _UserDB_ | P | | -| 18 | __PasswordDB__::passwordDBFinish | Last call to _PasswordDB_ | P | | -| 19 | grantSession | Apply the rule (user is authenticated | P | | -| 20 | removeOther | Remove other opened sessions | P | | -| 21 | store | Store session in DB | N | | -| 22 | buildCookie | Build LLNG cookie(s) | N | | -| 23 | checkNotification | Check if current user has messages | N | | -| 24 | __IssuerDB__::issuerForAuthUser | | * | | Many (SSO, SLO, SOAP, Attribute query,...) -| 25 | autoRedirect | Redirects to wanted url | * | | +Scenarii: + +* F: unknown user comes for the first time +* P: (good) post fo authentication +* M: menu display +* L: simple logout + +| | Method | Comment | F | P | M | L | Proposed PSGI route (for 2.0) +|---|-----------------------------------|:-------------------------------------:|---|---|---|---|------------------------------ +| 0 | _startSoapServices_ | Manage som path info | | | | | /sessions +| 1 | controlUrlOrigin | check `url` parameter (+confirmation) | X | X | X | X | +| 2 | checkNotifBack | check accepted notifications | X | X | X | X | /notif ? +| 3 | controlExistingSession | check cookie | X | X | X | X | +| | | * display captcha image | X | | | | /captcha +| | | * logout | | | | | /logout +| | | * remove existing sessions | | X | | | +| | | * respond to ping | | | | | /ping +| | | * respond to `storeAppsListOrder` | | | | | /storeAppsListOrder +| | | * _If user is authenticated, call:_ | | | | | +| | | - _issuerForAuthUser_ | | | | | +| | | - _authFinish_ | | | | | +| | | - _autoRedirect_ | | | | | +| | _existingSession_ | manage reauthentication and force | | | X | | +| | _authForce_ | | | | X | | +| | _IssuerDB::issuerDBInit_ | | X | X | X | X | _(init^)_ +| | _IssuerDB::logout_ | | | | | X | +| | _Auth::authInit_ | | X | X | X | X | _(init^)_ +| | _Auth::logout_ | | | | | X | +| 4 | __Issuer__::issuerForUnAuthUser | | X | X | | | Many (SSO, SLO, SOAP,...) +| 5 | __Auth__::extractFormInfo | First call to auth module | X | X | | | +| | _UserDB::userDBInit_ | | | X | | | _(init^)_ +| 6 | __UserDB__::getUser | First call to UserDB: set $\_user | | X | | | +| 7 | __Auth__::setAuthSessionInfo | Auth module can set infos to session | | X | | | +| | _PasswordDB::passwordDBInit_ | | | X | | | _(init^)_ +| 8 | __PasswordDB__::modifyPassword | Unique call to PasswordDB | | X | | | ? +| 9 | setSessionInfo | Store datas in `$sessionInfo` | | X | | | +| 10 | setMacros | Update $sessionInfo with macros | | X | | | +| | _create safe jail_ | | | X | | | +| 11 | __UserDB__::setGroups | Set `$sessionInfo->{group}` | | X | | | +| 12 | setPersistentSessionInfo | Store some datas in persistent DB | | X | | | +| 13 | setLocalGroups | Set `$sessionInfo->{group}` | | X | | | +| 14 | __MailReset__::sendPasswordMail | Called if password was changed | | X |_3_| | +| 15 | __Auth__::authenticate | 3rd call to _Auth_ module (for LDAP) | | X | | | +| 16 | __Auth__::authFinish | Last call to _Auth_ | | X |_1_| | +| 17 | __UserDB__::userDBFinish | Last call to _UserDB_ | | X | | | +| 18 | __PasswordDB__::passwordDBFinish | Last call to _PasswordDB_ | | X |_2_| | +| 19 | grantSession | Apply the rule (user is authenticated | | X | | | +| 20 | removeOther | Remove other opened sessions | | X | | | +| 21 | store | Store session in DB | | X | | | +| | _setApacheUser_ | | | | | | +| 22 | buildCookie | Build LLNG cookie(s) | | X | | | +| 23 | checkNotification | Check if current user has messages | | X | X | | +| 24 | __IssuerDB__::issuerForAuthUser | | | X | X | | Many (SSO, SLO, SOAP, Attribute query,...) +| 25 | autoRedirect | Redirects to wanted url | | X | | | +| | _menuInit_ | | | | X | | + +Notes: + +1. Called after issuerForAuthUser +2. Called after menuInit +3. called after passwordDBFinish !!! ## Other requests