Newer
Older
renater.salaun
committed
## Copyright (c) GEANT
## This software was developed by RENATER. The research leading to these results has received funding
## from the European Community¹s Seventh Framework Programme (FP7/2007-2013) under grant agreement nº 238875 (GÉANT).
use IdPAccountManager::Data::Testaccount;
use IdPAccountManager::Data::Testaccount::Manager;
use IdPAccountManager::Tools;
use POSIX qw(strftime);
use Carp;
INIT {
## Set error mode to non fatal
IdPAccountManager::Data::Testaccount::Manager->error_mode('return');
}
sub new {
my ($pkg) = shift;
my %args = @_;
my $self = {};
## Bless Provider object
bless $self, $pkg;
## Object may be created either with a hashref as argument or an IdPAccountManager::Data::Testaccount object
## Second case is usefull when fetching a set of IdPAccountManager::Data::Testaccount via IdPAccountManager::Data::Testaccount::Manager
if (ref($_[0]) eq 'IdPAccountManager::Data::Testaccount') {
$self->{'persistent'} = $_[0];
} else {
$self->{'persistent'} =
IdPAccountManager::Data::Testaccount->new(%args);
return $self;
}
sub get {
my $attribute_name = shift;
## User password is not stored in DB
if ($attribute_name eq 'user_password') {
return $self->{$attribute_name};
return $self->{'persistent'}->$attribute_name;
}
}
sub save {
my $self = shift;
## If no id is defined, it is a new account
unless (defined $self->{'persistent'}->id) {
$self->{'persistent'}->creation_date(time);
$self->{'persistent'}->expiration_date(
time + ($Conf::global{'accounts_validity_period'} * 3600 * 24));
$self->{'user_password'} =
IdPAccountManager::Tools::generate_password();
IdPAccountManager::Tools::sha256_hash($self->{'user_password'}));
unless ($self->{'persistent'}->save()) {
return undef;
}
}
## Delete a test account
sub delete {
my $self = shift;
unless ($self->{'persistent'}->delete()) {
return undef;
}
}
## Print the content of a test account
sub print {
my $self = shift;
my $fd = shift || \*STDOUT;
printf $fd
"Account ID=%s; password_hash=%s; sp_entityid=%s; account_profile=%s; creation_date=%s; expiration_date=%s\n",
$self->get('id'), $self->get('user_password_hash'),
$self->get('sp_entityid'), $self->get('account_profile'),
POSIX::strftime('%Y:%m:%d', localtime($self->get('creation_date'))),
POSIX::strftime('%Y:%m:%d', localtime($self->get('expiration_date')));
}
## list all test accounts
## Class method
sub list_test_accounts {
my %args = @_;
my $persistent_accounts =
IdPAccountManager::Data::Testaccount::Manager->get_testaccounts(%args);
my $accounts;
foreach my $persistent_account (@{$persistent_accounts}) {
my $account = IdPAccountManager::TestAccount->new($persistent_account);
push @$accounts, $account;
}
return $accounts;
## create test accounts for all active account profiles
sub create_test_accounts_for_sp {
my %args = @_;
my @test_accounts;
unless ($args{'sp_entityid'}) {
return undef;
}
foreach my $profile (@{ $Conf::global{'account_profiles'} }) {
my $test_account = IdPAccountManager::TestAccount->new(
account_profile => $profile,
sp_entityid => $args{'sp_entityid'}
);
unless (defined $test_account) {
unless ($test_account->save()) {
return undef;
}
push @test_accounts, $test_account;
}
return @test_accounts;
}
#before 'new' => sub { print "about to call new\n"; };
1; # Magic true value required at end of module
__END__
=head1 NAME
IdPAccountManager::TestAccount - Manage test user accounts for the Test Identity Provider
=head1 SYNOPSIS
my $test_account = IdPAccountManager::TestAccount->new(account_profile => 'student1',
sp_entityid => 'https://test.federation.renater.fr/test/ressource');
unless (defined $test_account) {
die "Failed to create test account";
}
unless ($test_account->save()) {
die "Failed to create test account";
}
printf "Account created:\n\tuserid: user%d\n\tpassword: %s\n", $test_account->get('id'), $test_account->get('user_password');
The Test Account manager instanciates test accounts associated to a SAML Identity Provider.
This module allows to manage the test accounts.
=over 8
=item C<new ARGS>
Class method. Create a new IdPAccountManager::TestAccount object.
Example:
my $test_account = IdPAccountManager::TestAccount->new(account_profile => 'student1',
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
sp_entityid => 'https://test.federation.renater.fr/test/ressource');
Supported arguments include:
=over 12
=item C<account_profile>
ID of the account profile to be used.
=item C<sp_entityid>
EntityID (SAML ID) of the Service Provider associated to the test account.
=back
=item C<create_test_accounts_for_sp ARGS>
Class method. Create test accounts for supported account profiles.
Supported arguments include:
=over 12
=item C<sp_entityid>
EntityID (SAML ID) of the Service Provider associated to the test account.
=back
=item C<delete>
Deletes the test account in the database.
=item C<get> ATTR_NAME
Returns the value of the specified ATTR_NAME attribute of the test account.
=item C<list_test_accounts ARGS>
Class method. List all test accounts in database.
Supported arguments include:
=over 12
=item C<sp_entityid>
Entityid of a SAML Service Provider to list only test accounts linked to this Service Provider.
=item C<account_profile>
Test account profile to list only test accounts linked based on this profile.
=back
=item C<print FD>
Dumps the content of the test account to the specified FD file handler (default to STDOUT)
=item C<save>
Save the test account in the database.
=back
=head1 AUTHOR
Olivier Salaün (olivier.salaun@renater.fr)
renater.salaun
committed
Copyright (c) GEANT
This software was developed by RENATER. The research leading to these results has received funding
from the European Community¹s Seventh Framework Programme (FP7/2007-2013) under grant agreement nº 238875 (GÉANT).