From 7690a568432c8adc27f87fefe4a6b67bbcc86eb7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= Date: Fri, 19 Oct 2018 11:29:11 +0200 Subject: [PATCH] Put simple values in buil_urlencoded args (#1527) --- .../lib/Lemonldap/NG/Portal/Auth/LinkedIn.pm | 6 ++++-- .../lib/Lemonldap/NG/Portal/Auth/OpenID.pm | 5 +++-- .../lib/Lemonldap/NG/Portal/Auth/SAML.pm | 11 ++++++----- .../lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm | 3 ++- .../lib/Lemonldap/NG/Portal/Plugins/MailReset.pm | 6 ++++-- .../lib/Lemonldap/NG/Portal/Plugins/Register.pm | 12 ++++++++---- 6 files changed, 27 insertions(+), 16 deletions(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/LinkedIn.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/LinkedIn.pm index c9856ae04..c2c5be79e 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/LinkedIn.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/LinkedIn.pm @@ -188,12 +188,14 @@ sub extractFormInfo { $stateSession->update($stateInfos); my $authn_uri = $self->linkedInAuthorizationEndpoint; + my $client_id = $self->conf->{linkedInClientID}; + my $scope = $self->conf->{linkedInScope}; $authn_uri .= '?' . build_urlencoded( response_type => 'code', - client_id => $self->conf->{linkedInClientID}, + client_id => $client_id, redirect_uri => $callback_url, - scope => $self->conf->{linkedInScope}, + scope => $scope, state => $stateSession->id, ); diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenID.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenID.pm index 06c969c66..9a46c4568 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenID.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenID.pm @@ -148,12 +148,13 @@ sub extractFormInfo { # Build the redirection $self->logger->debug("OpenID redirection to $url"); + my $req_url = $req->data->{_url}; my $check_url = $claimed_identity->check_url( return_to => $self->conf->{portal} . '?openid=1&' . ( - $req->data->{_url} - ? build_urlencoded( url => $req->data->{_url} ) + $req_url + ? build_urlencoded( url => $req_url ) : '' ), trust_root => $self->conf->{portal}, diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm index 44a3086b0..f8bc87e8d 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm @@ -897,23 +897,24 @@ sub extractFormInfo { my $disco_url = $self->conf->{samlDiscoveryProtocolURL}; + my $portal = $self->conf->{portal}; $disco_url .= ( $disco_url =~ /\?/ ? '&' : '?' ) . build_urlencoded( entityID => $self->getMetaDataURL( 'samlEntityID', 0, 1 ), - return => $self->conf->{portal}, + return => $portal, returnIDParam => 'idp' ); if ( defined $self->conf->{samlDiscoveryProtocolPolicy} ) { - $disco_url .= "&" - . build_urlencoded( - policy => $self->conf->{samlDiscoveryProtocolPolicy} ); + my $dppolicy = $self->conf->{samlDiscoveryProtocolPolicy}; + $disco_url .= "&" . build_urlencoded( policy => $dppolicy ); } if ( defined $self->conf->{samlDiscoveryProtocolIsPassive} ) { + my $dpispassive = $self->conf->{samlDiscoveryProtocolIsPassive}; $disco_url .= "&" . build_urlencoded( - isPassive => $self->conf->{samlDiscoveryProtocolIsPassive} + isPassive => $dpispassive ? "true" : "false" ); diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm index 86ae2d7be..7f673ba5c 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm @@ -1335,9 +1335,10 @@ sub logout { ->{oidcRPMetaDataOptionsUserIDAttr} || $self->conf->{whatToTrace}; my $user_id = $req->{sessionInfo}->{$user_id_attribute}; + my $iss = $self->conf->{oidcServiceMetaDataIssuer}; $url .= ( $url =~ /\?/ ? '&' : '?' ) . build_urlencoded( - iss => $self->conf->{oidcServiceMetaDataIssuer}, + iss => $iss, sid => $user_id ); } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/MailReset.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/MailReset.pm index 75bfe7425..a452bda37 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/MailReset.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/MailReset.pm @@ -294,12 +294,14 @@ sub _reset { return PE_MAILERROR unless ( $req->data->{mailAddress} ); # Build confirmation url + my $req_url = $req->data->{_url}; + my $skin = $self->p->getSkin($req); my $url = $self->conf->{mailUrl} . '?' . build_urlencoded( mail_token => $req->{id}, - skin => $self->p->getSkin($req), - ( $req->data->{_url} ? ( url => $req->data->{_url} ) : () ), + skin => $skin, + ( $req_url ? ( url => $req_url ) : () ), ); # Build mail content diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Register.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Register.pm index 53eae8dcc..3d29c1e6b 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Register.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Register.pm @@ -287,12 +287,14 @@ sub _register { } # Build confirmation url + my $req_url = $req->data->{_url}; + my $skin = $self->p->getSkin($req); my $url = $self->registerUrl . '?' . build_urlencoded( register_token => $req->{id}, - skin => $self->p->getSkin($req), - ( $req->data->{_url} ? ( url => $req->data->{_url} ) : () ), + skin => $skin, + ( $req_url ? ( url => $req_url ) : () ), ); # Build mail content @@ -375,10 +377,12 @@ sub _register { # Build portal url my $url = $self->conf->{portal}; $url =~ s#/*$##; + my $req_url = $req->data->{_url}; + my $skin = $self->p->getSkin($req); $url .= '/?' . build_urlencoded( - skin => $self->p->getSkin($req), - ( $req->data->{_url} ? ( url => $req->data->{_url} ) : () ), + skin => $skin, + ( $req_url ? ( url => $req_url ) : () ), ); # Replace variables in body