dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5862481956
lemonldap-ng/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/ServiceToken.pm
Xavier Guimard 5862481956 Set master version to 2.1.0
2019-02-12 18:21:38 +01:00

43 lines
1.1 KiB
Perl
Raw Blame History

package Lemonldap::NG::Handler::Lib::ServiceToken;
use strict;
our $VERSION = '2.1.0';
sub fetchId {
my ( $class, $req ) = @_;
my $token = $req->{env}->{HTTP_X_LLNG_TOKEN};
return $class->Lemonldap::NG::Handler::Main::fetchId($req) unless ($token);
$class->logger->debug('Found token header');
# Decrypt token
my $s = $class->tsv->{cipher}->decrypt($token);
# Token format:
# time:_session_id:vhost1:vhost2,...
my ( $t, $_session_id, @vhosts ) = split /:/, $s;
# At least one vhost
unless (@vhosts) {
$class->userLogger->error('Bad service token');
return 0;
}
# Is token in good interval ?
unless ( $t <= time and $t > time - 30 ) {
$class->userLogger->warn('Expired service token');
return 0;
}
# Is vhost listed in token ?
my $vh = $class->resolveAlias($req);
unless ( grep { $_ eq $vh } @vhosts ) {
$class->userLogger->error(
"$vh not authorizated in token (" . join( ', ', @vhosts ) . ')' );
return 0;
}
return $_session_id;
}
1;
Reference in New Issue View Git Blame Copy Permalink