File Coverage

blib/lib/Lemonldap/Portal/Sslsso.pm

Criterion	Covered	Total	%
statement	15	156	9.6
branch	0	28	0.0
condition	0	9	0.0
subroutine	5	24	20.8
pod	6	9	66.6
total	26	226	11.5

line	stmt	bran	cond	sub	pod	time	code
1							package Lemonldap::Portal::Sslsso;
2
3	1			1		41215	use strict;
	1					2
	1					33
4	1			1		5	use warnings;
	1					1
	1					37
5
6							our $VERSION = '0.03';
7	1			1		967	use Net::LDAP;
	1					186090
	1					9
8	1			1		1235	use Data::Dumper;
	1					9519
	1					70
9	1			1		862	use MIME::Base64;
	1					790
	1					1461
10
11							sub new {
12	0			0	1		my $class = shift;
13	0						my %args = @_;
14	0		0				my $self = bless {}, ref($class) \|\| $class;
15	0						$self->{controlUrlOrigin} = \&__controlUrlOrigin;
16	0						$self->{controlTimeOut} = \&__controlTimeOut;
17	0						$self->{controlSyntax} = \&__controlSyntax;
18	0						$self->{bind} = \&__bind;
19	0						$self->{formateUser} = \&__none;
20	0						$self->{formateFilter} = \&__Filter;
21	0						$self->{formateBaseLDAP} = \&__none;
22	0						$self->{contactServer} = \&__contactServer;
23	0						$self->{bind} = \&__bind;
24	0						$self->{search} = \&__ldapsearch;
25	0						$self->{setSessionInfo} = \&__session;
26	0						$self->{unbind} = \&__unbind;
27	0						$self->{credentials} = \&__none;
28	0						my $mess = {
29							1 =>
30							'Your connection has expired; You must to be authentified once again',
31							2 => 'User and password fields must be filled',
32							3 => 'Wrong directory manager account or password',
33							4 => 'not found in directory',
34							};
35	0						$self->{msg} = $mess;
36
37	0						foreach ( keys %args ) {
38	0						$self->{$_} = $args{$_};
39							}
40
41	0						return $self;
42							}
43							##------------------------------------------------------------------
44							## method none
45							## This method does nothing ..
46							##------------------------------------------------------------------
47	0			0			sub __none { #does ...nothing;
48
49							}
50							##------------------------------------------------------------------
51							## method controlUrlOrigin
52							## This method looks at param cgi 'urlc' in order to determine if
53							## the request comes with a vip url (redirection) or for the menu
54							##------------------------------------------------------------------
55							sub __controlUrlOrigin {
56	0			0			my $urldc;
57	0						my $self = shift;
58	0						my $urlc = $self->{param}->{'url'};
59
60	0	0					if ( defined($urlc) ) {
61	0						$urldc = decode_base64($urlc);
62
63							# $urldc =~ s#:\d+/#/#; # Suppress port number in URL
64	0						$urlc = encode_base64( $urldc, '' );
65	0						$self->{'urlc'} = $urlc;
66	0						$self->{'urldc'} = $urldc;
67							}
68							}
69							##------------------------------------------------------------------
70							## method controlTimeOut
71							## This method looks at param cgi 'op'
72							## if op eq 't' (like timeout) the handler couldn't retrieve the
73							## storage session from id session
74							##------------------------------------------------------------------
75							sub __controlTimeOut {
76	0			0			my $self = shift;
77	0						my $operation = $self->{param}->{'op'};
78	0						$self->{operation} = $operation;
79	0	0	0				if ( defined($operation)
80							and $operation eq 't' )
81							{
82	0						$self->{'message'} = $self->{msg}{1};
83	0						$self->{'error'} = 1;
84							}
85							}
86							##------------------------------------------------------------------
87							## method controlSyntax
88							## This method looks at param cgi 'identifant' and 'secret'
89							##
90							##------------------------------------------------------------------
91	0			0			sub __controlSyntax {
92
93							}
94							##---------------------------------------------------------------------------
95							## Connection ldap on server and port ldap
96							##---------------------------------------------------------------------------
97
98							sub __contactServer {
99	0			0			my $self = shift;
100	0	0					unless ( $self->{ldap} ) {
101	0	0					my $ldap = Net::LDAP->new(
102							$self->{server},
103							port => $self->{port},
104							onerror => undef,
105							)
106							or die( 'Net::LDAP->new: ' . $@ );
107	0						$self->{ldap} = $ldap;
108							}
109							}
110
111							sub func_bind {
112	0			0	0		my $ldap = shift;
113	0						my $dn = shift;
114	0						my $password = shift;
115	0						my $mesg;
116	0	0	0				if ( $dn and $password ) { #named bind
117	0						$mesg = $ldap->bind( $dn, password => $password );
118							}
119							else { # anonymous bind
120	0						$mesg = $ldap->bind();
121							}
122
123	0						my $me = $mesg->code();
124	0	0					if ( $mesg->code() != 0 ) {
125	0						$ldap = undef;
126	0						return ("wrong password");
127							}
128	0						return;
129							}
130
131							##---------------------------------------------------------------------------
132							## formate filter
133							##---------------------------------------------------------------------------
134							sub __Filter {
135	0			0			my $self = shift;
136	0						my $valuecertif = $self->{value_certif};
137	0						my $idcertif = $self->{field_certif};
138
139	0						my $filtre = "$idcertif=$valuecertif";
140	0						$self->{filter} = $filtre;
141							}
142							##---------------------------------------------------------------------------
143							## Connection on server LDAP with manager credential
144							## in order to extract user infos
145							##---------------------------------------------------------------------------
146
147							sub __bind {
148	0			0			my $self = shift;
149							##---------------------------------------------------------------------------
150							## Authentification
151							##---------------------------------------------------------------------------
152
153	0						my $d = $self->{ldap};
154	0						my $p = $self->{DnManager};
155	0						my $r = $self->{passwdManager};
156
157	0						my $mesg =
158							&func_bind( $self->{ldap}, $self->{DnManager}, $self->{passwordManager} );
159
160	0	0					if ($mesg) {
161	0						$self->{'message'} = $self->{sg}{3};
162	0						$self->{'error'} = 3;
163
164							}
165							}
166
167							sub __ldapsearch {
168	0			0			my $self = shift;
169	0						my $ldap = $self->{ldap};
170	0						my $filter = $self->{filter};
171	0						my $base = $self->{branch};
172
173	0						my $mesg = $ldap->search(
174							base => $base,
175							scope => 'sub',
176							filter => $filter,
177							);
178	0	0					die $mesg->error() if ( $mesg->code() != 0 );
179	0						my $retour = $mesg->entry(0);
180	0						my $identifiantCopy = $self->{user};
181	0	0					if ( !defined($retour) ) {
182	0						$self->{'message'} = "$identifiantCopy :" . $self->{msg}{4};
183	0						$self->{'error'} = 4;
184	0						return;
185							}
186	0						$self->{entry} = $retour;
187	0						return;
188							}
189							##==============================================================================
190							## function _session
191							##
192							##==============================================================================
193
194							sub __session {
195	0			0			my $self = shift;
196	0						my %session;
197	0						my $entry = $self->{entry};
198	0						$session{dn} = $entry->dn();
199	0						$self->{dn} = $entry->dn();
200	0						$session{uid} = $entry->get_value('uid');
201	0						$session{cn} = $entry->get_value('cn');
202	0						$session{personaltitle} = $entry->get_value('personaltitle');
203	0						$session{mail} = $entry->get_value('mail');
204	0						$session{title} = $entry->get_value('title');
205	0						$self->{infosession} = \%session;
206
207							}
208							##==============================================================================
209							## Function unbind
210							## do unbind;
211							##==============================================================================
212							sub __unbind {
213	0			0			my $self = shift;
214	0	0					$self->{ldap}->unbind if $self->{ldap};
215							}
216
217							sub message {
218	0			0	1		my $self = shift;
219	0						return ( $self->{message} );
220							}
221
222							sub infoSession {
223	0			0	1		my $self = shift;
224	0						return ( $self->{infosession} );
225							}
226
227							sub getRedirection {
228	0			0	1		my $self = shift;
229	0						return ( $self->{urldc} );
230							}
231
232							sub getAllRedirection {
233	0			0	0		my $self = shift;
234	0						return ( $self->{urlc}, $self->{urldc} );
235							}
236
237							sub user {
238	0			0	0		my $self = shift;
239	0						return ( $self->{user} );
240							}
241
242							sub error {
243	0			0	1		my $self = shift;
244	0						return ( $self->{error} );
245							}
246
247							sub process {
248	0			0	1		my $self = shift;
249	0						my %args = @_;
250	0						foreach ( keys %args ) {
251	0						$self->{$_} = $args{$_};
252							}
253							##------------------------------------------------------------------
254							## method process
255							## This method step after step calls methods for dealing the
256							## connection
257							## step 0 : setting configuration
258							## step 1 : manage the source of request
259							## step 2 : manage timeout
260							## step 3 : control the input form of user and password
261							## step 4 : formate the user id if needing
262							## step 5 : build the filter for the search
263							## step 6 : build subtree for the search ldap
264							## step 7 : make socket upon ldap server
265							## step 8 : bind operation
266							## step 9 : make search
267							## step 10 : confection of %session from ldap infos
268							## step 11 : unbind
269							##------------------------------------------------------------------
270	0						&{ $self->{controlUrlOrigin} }($self); # no error avaiable in this step
	0
271	0						&{ $self->{controlTimeOut} }($self);
	0
272	0	0					return ($self) if $self->{'error'}; ## it's not necessary to go next.
273	0						&{ $self->{controlSyntax} }($self);
	0
274	0	0					return ($self) if $self->{'error'}; ## it's not necessary to go next.
275	0						&{ $self->{formateUser} }($self); # no error avaiable in this step
	0
276	0						&{ $self->{formateFilter} }($self); # no error avaiable in this step
	0
277	0						&{ $self->{formateBaseLDAP} }($self); # no error avaiable in this step
	0
278	0						&{ $self->{contactServer} }($self)
	0
279							; # can die if the server if unreachable: critical error
280	0						&{ $self->{bind} }($self);
	0
281	0	0					return ($self) if $self->{'error'}; ## it's not necessary to go next.
282	0						&{ $self->{search} }($self);
	0
283
284	0	0					if ( $self->{'error'} ) {
285							## it's not necessary to go next.
286	0						&{ $self->{unbind} }($self);
	0
287	0						return ($self);
288							}
289	0						&{ $self->{setSessionInfo} }($self); # no error avaiable in this step
	0
290	0						&{ $self->{credentials} }($self);
	0
291	0						&{ $self->{unbind} }($self); # no error avaiable in this step
	0
292	0						return ($self);
293							}
294
295							1;
296							__END__