Fix #2708
This commit is contained in:
Maxime Besson
parent
d843bea529
commit
fd8c3b1b61
|
|
@ -19,9 +19,8 @@ extends qw(
|
|||
|
||||
# INTERFACE
|
||||
|
||||
has opList => ( is => 'rw', default => sub { [] } );
|
||||
has opNumber => ( is => 'rw', default => 0 );
|
||||
has path => ( is => 'rw', default => 'oauth2' );
|
||||
has opList => ( is => 'rw', isa => 'ArrayRef', default => sub { [] } );
|
||||
has path => ( is => 'rw', default => 'oauth2' );
|
||||
|
||||
use constant sessionKind => 'OIDC';
|
||||
|
||||
|
|
@ -36,7 +35,6 @@ sub init {
|
|||
$self->logger->error("No OP configured");
|
||||
return 0;
|
||||
}
|
||||
$self->opNumber( scalar @tab );
|
||||
my @list = ();
|
||||
my $portalPath = $self->conf->{portal};
|
||||
|
||||
|
|
@ -242,7 +240,7 @@ sub extractFormInfo {
|
|||
$self->logger->debug("Redirecting user to OP list");
|
||||
|
||||
# Auto select provider if there is only one
|
||||
if ( $self->opNumber == 1 ) {
|
||||
if ( @{ $self->opList } == 1 ) {
|
||||
$op = $self->opList->[0]->{val};
|
||||
$self->logger->debug("Selecting the only defined OP: $op");
|
||||
}
|
||||
|
|
|
|||
|
|
@ -86,10 +86,16 @@ sub loadOPs {
|
|||
|
||||
# Extract JSON data
|
||||
foreach ( keys %{ $self->conf->{oidcOPMetaDataJSON} } ) {
|
||||
$self->oidcOPList->{$_}->{conf} =
|
||||
my $op_conf =
|
||||
$self->decodeJSON( $self->conf->{oidcOPMetaDataJSON}->{$_} );
|
||||
$self->oidcOPList->{$_}->{jwks} =
|
||||
$self->decodeJSON( $self->conf->{oidcOPMetaDataJWKS}->{$_} );
|
||||
if ($op_conf) {
|
||||
$self->oidcOPList->{$_}->{conf} = $op_conf;
|
||||
$self->oidcOPList->{$_}->{jwks} =
|
||||
$self->decodeJSON( $self->conf->{oidcOPMetaDataJWKS}->{$_} );
|
||||
}
|
||||
else {
|
||||
$self->logger->warn("Could not parse OIDC metadata for $_");
|
||||
}
|
||||
}
|
||||
|
||||
# Set rule
|
||||
|
|
@ -319,6 +325,14 @@ sub buildAuthorizationCodeAuthnRequest {
|
|||
|
||||
my $authorize_uri =
|
||||
$self->oidcOPList->{$op}->{conf}->{authorization_endpoint};
|
||||
|
||||
unless ($authorize_uri) {
|
||||
$self->logger->error(
|
||||
"Could not build Authorize request: no
|
||||
'authorization_endpoint'" . " in JSON metadata for OP $op"
|
||||
);
|
||||
return undef;
|
||||
}
|
||||
my $client_id =
|
||||
$self->conf->{oidcOPMetaDataOptions}->{$op}
|
||||
->{oidcOPMetaDataOptionsClientID};
|
||||
|
|
@ -482,6 +496,14 @@ sub getAuthorizationCodeAccessToken {
|
|||
my $redirect_uri = $self->getCallbackUri($req);
|
||||
my $access_token_uri =
|
||||
$self->oidcOPList->{$op}->{conf}->{token_endpoint};
|
||||
unless ($access_token_uri) {
|
||||
$self->logger->error(
|
||||
"Could not build Token request: no
|
||||
'token_endpoint'" . " in JSON metadata for OP $op"
|
||||
);
|
||||
return 0;
|
||||
}
|
||||
|
||||
my $grant_type = "authorization_code";
|
||||
|
||||
unless ( $auth_method =~ /^client_secret_(basic|post)$/o ) {
|
||||
|
|
|
|||
Loading…
Reference in New Issue