worteks
/
lemonldap-ng
mirror of https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng
3
0
Fork 0
Code Issues Projects Releases Wiki Activity

Avoid append same URL (#1532)

Browse Source
environments/ppa-mbqj77/deployments/436
Christophe Maudoux 7 years ago
parent 52a7f884f6
commit 37c6498e3c
1 changed files with 37 additions and 28 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 65
      lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Choice.pm

65
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Choice.pm
Unescape View File

@ -39,12 +39,12 @@ sub init {
} }
foreach my $name ( keys %{ $self->conf->{authChoiceModules} } ) { foreach my $name ( keys %{ $self->conf->{authChoiceModules} } ) {
my @mods = my @mods
split( /[;\|]/, $self->conf->{authChoiceModules}->{$name} ); = split( /[;\|]/, $self->conf->{authChoiceModules}->{$name} );
my $module = my $module
'::' = '::'
. [ 'Auth', 'UserDB', 'Password' ]->[$type] . '::' . [ 'Auth', 'UserDB', 'Password' ]->[$type] . '::'
. $mods[$type]; . $mods[$type];
my $over; my $over;
if ( $mods[5] ) { if ( $mods[5] ) {
eval { $over = JSON::from_json( $mods[5] ) }; eval { $over = JSON::from_json( $mods[5] ) };
@ -56,11 +56,12 @@ sub init {
$self->modules->{$name} = $module; $self->modules->{$name} = $module;
$self->logger->debug( $self->logger->debug(
[qw(Authentication User Password)]->[$type] [qw(Authentication User Password)]->[$type]
. " module $name selected" ); . " module $name selected" );
} }
else { else {
$self->logger->error( $self->logger->error(
"Choice: unable to load $name, disabling it: " . $self->error ); "Choice: unable to load $name, disabling it: "
. $self->error );
$self->error(''); $self->error('');
} }
@ -76,8 +77,8 @@ sub init {
my $cond = $mods[4]; my $cond = $mods[4];
if ( defined $cond and $cond !~ /^$/ ) { if ( defined $cond and $cond !~ /^$/ ) {
$self->logger->debug("Found rule $cond for $name"); $self->logger->debug("Found rule $cond for $name");
$_choiceRules->{$name} = $_choiceRules->{$name}
$safe->reval("sub{my(\$env)=\@_;return ($cond)}"); = $safe->reval("sub{my(\$env)=\@_;return ($cond)}");
if ($@) { if ($@) {
$self->logger->error("Bad condition $cond: $@"); $self->logger->error("Bad condition $cond: $@");
return 0; return 0;
@ -85,7 +86,7 @@ sub init {
} }
else { else {
$self->logger->debug("No rule for $name"); $self->logger->debug("No rule for $name");
$_choiceRules->{$name} = sub { 1 }; $_choiceRules->{$name} = sub {1};
} }
} }
unless ( keys %{ $self->modules } ) { unless ( keys %{ $self->modules } ) {
@ -124,11 +125,11 @@ sub checkChoice {
unless ($name) { unless ($name) {
# Check with other methods # Check with other methods
$name ||= $name
$req->param( $self->conf->{authChoiceParam} ) ||= $req->param( $self->conf->{authChoiceParam} )
|| $req->userData->{_choice} || $req->userData->{_choice}
|| $req->sessionInfo->{_choice} || $req->sessionInfo->{_choice}
or return 0; or return 0;
$self->logger->debug("Choice $name selected"); $self->logger->debug("Choice $name selected");
} }
@ -185,16 +186,16 @@ sub _buildAuthLoop {
$name =~ s/\_/ /g; $name =~ s/\_/ /g;
# Find modules associated to authChoice # Find modules associated to authChoice
my ( $auth, $userDB, $passwordDB, $url, $condition ) = my ( $auth, $userDB, $passwordDB, $url, $condition )
split( /[;\|]/, $self->conf->{authChoiceModules}->{$_} ); = split( /[;\|]/, $self->conf->{authChoiceModules}->{$_} );
unless ( $_choiceRules->{$_} ) { unless ( $_choiceRules->{$_} ) {
$self->logger->error("$_ has no rule !!!"); $self->logger->error("$_ has no rule !!!");
$_choiceRules->{$_} = sub { 1 }; $_choiceRules->{$_} = sub {1};
} }
unless ( $_choiceRules->{$_}->( $req->env ) ) { unless ( $_choiceRules->{$_}->( $req->env ) ) {
$self->logger->debug( $self->logger->debug(
"Condition returns false, authentication choice $_ will not be displayed" "Condition returns false, authentication choice $_ will not be displayed"
); );
} }
else { else {
@ -202,14 +203,18 @@ sub _buildAuthLoop {
if ( $auth and $userDB and $passwordDB ) { if ( $auth and $userDB and $passwordDB ) {
# Default URL # Default URL
if ( defined $url if (defined $url
and not $self->checkXSSAttack( 'URI', and not $self->checkXSSAttack(
$req->env->{'REQUEST_URI'} ) 'URI', $req->env->{'REQUEST_URI'}
and $url =~ m%^(https?://)?[^\s/$.?#].[^\s]*$% )
and $url
=~ m%^(https?://)?[^\s/$.?#].[^\s]*$% # URL must be well formatted
) )
{ {
$url .= $req->env->{'REQUEST_URI'}; $url .= $req->env->{'REQUEST_URI'};
$req->{cspFormAction} .= " $url"; $req->{cspFormAction} .= " $url"
unless $req->{cspFormAction}
=~ qr%$url%; # Avoid same URL
} }
else { else {
$url .= '#'; $url .= '#';
@ -217,13 +222,17 @@ sub _buildAuthLoop {
$self->logger->debug("Use URL $url"); $self->logger->debug("Use URL $url");
# Options to store in the loop # Options to store in the loop
my $optionsLoop = my $optionsLoop = {
{ name => $name, key => $_, module => $auth, url => $url }; name => $name,
key => $_,
module => $auth,
url => $url
};
# Get displayType for this module # Get displayType for this module
no strict 'refs'; no strict 'refs';
my $displayType = "Lemonldap::NG::Portal::Auth::${auth}" my $displayType = "Lemonldap::NG::Portal::Auth::${auth}"
->can('getDisplayType')->( undef, $req ); ->can('getDisplayType')->( undef, $req );
$self->logger->debug( $self->logger->debug(
"Display type $displayType for module $auth"); "Display type $displayType for module $auth");

Write Preview
Loading…
Cancel
Save