From 314cca48bac3e2271f10b8e54b8e6832fadb0e68 Mon Sep 17 00:00:00 2001
From: Guillaume Rousse <guillaume.rousse@renater.fr>
Date: Tue, 1 Feb 2022 16:53:48 +0100
Subject: [PATCH] factorisation

---
 lib/AccountManager/App/Controller.pm | 28 +++++++++++++++++++++++-----
 lib/AccountManager/App/Step1.pm      |  8 +++++---
 lib/AccountManager/App/Step2.pm      |  1 +
 lib/AccountManager/App/Step3.pm      | 15 +++++----------
 lib/AccountManager/App/Step4.pm      |  1 +
 lib/AccountManager/App/Step5.pm      |  1 +
 6 files changed, 36 insertions(+), 18 deletions(-)

diff --git a/lib/AccountManager/App/Controller.pm b/lib/AccountManager/App/Controller.pm
index 4c86d2d..8f2c9e1 100644
--- a/lib/AccountManager/App/Controller.pm
+++ b/lib/AccountManager/App/Controller.pm
@@ -66,21 +66,39 @@ sub init_db {
     return $db;
 }
 
-sub check_authentication {
+sub init_user {
     my $self = shift;
 
+    my $headers = $self->req()->headers();
+
     my $idp = 
-        $ENV{'Shib_Identity_Provider'} ||                          # local SP
-        $self->req()->headers()->header('Shib-Identity-Provider'); # remote SP
+        $ENV{'Shib_Identity_Provider'} ||           # local SP
+        $headers->header('Shib-Identity-Provider'); # remote SP
+
+    my $name =
+        $ENV{displayName} ||             # local SP
+        $headers->header('displayName'); # remote SP
+
+    my $user = {
+        idp => $idp,
+        name => $name
+    };
+
+    $self->stash(user => $user);
+
+    return $user;
+}
+
+sub check_authentication {
+    my $self = shift;
 
     return $self->abort(
         status       => 401,
         log_message  => sprintf("unauthenticated user for action %s",  $self->current_route()),
         user_message => Registry::Error::AuthenticationRequired->new()
-    ) if !$idp;
+    ) if !$self->stash('user');
 
     return 1;
-
 }
 
 sub check_token {
diff --git a/lib/AccountManager/App/Step1.pm b/lib/AccountManager/App/Step1.pm
index 77bcac6..75ea4f2 100644
--- a/lib/AccountManager/App/Step1.pm
+++ b/lib/AccountManager/App/Step1.pm
@@ -15,12 +15,14 @@ sub run {
 
     $self->init_db();
     $self->init_l10n();
+    $self->init_user();
 
     if ($config->{app}->{login_url}) {
         return if !$self->check_authentication();
     }
 
-    my $db = $self->stash('db');
+    my $db   = $self->stash('db');
+    my $user = $self->stash('user');
 
     my $sps = AccountManager::Entity->get_entities(
         db    => $db,
@@ -31,12 +33,12 @@ sub run {
     );
 
     my $idp;
-    if ($ENV{HTTP_SHIB_IDENTITY_PROVIDER}) {
+    if ($user) {
         my $idps = AccountManager::Entity->get_entities(
             db    => $db,
             query => [
                 type     => 'idp',
-                entityid => $ENV{HTTP_SHIB_IDENTITY_PROVIDER},
+                entityid => $user->{idp}
             ]
         );
         $idp = $idps->[0];
diff --git a/lib/AccountManager/App/Step2.pm b/lib/AccountManager/App/Step2.pm
index ad46f61..eaa3ec6 100644
--- a/lib/AccountManager/App/Step2.pm
+++ b/lib/AccountManager/App/Step2.pm
@@ -13,6 +13,7 @@ sub run {
 
     $self->init_db();
     $self->init_l10n();
+    $self->init_user();
 
     if ($config->{app}->{login_url}) {
         return if !$self->check_authentication();
diff --git a/lib/AccountManager/App/Step3.pm b/lib/AccountManager/App/Step3.pm
index 20a35bc..3f7c014 100644
--- a/lib/AccountManager/App/Step3.pm
+++ b/lib/AccountManager/App/Step3.pm
@@ -20,6 +20,7 @@ sub run {
 
     $self->init_db();
     $self->init_l10n();
+    $self->init_user();
 
     if ($config->{app}->{login_url}) {
         return if !$self->check_authentication();
@@ -29,6 +30,7 @@ sub run {
     my $email    = $self->param('email');
     my $db       = $self->stash('db');
     my $l10n     = $self->stash('l10n');
+    my $user     = $self->stash('user');
 
     my $sp = $self->get_sp(entityid => $entityid);
     return if !$sp;
@@ -103,14 +105,7 @@ sub run {
             $base_templates_dir->child('mail'),
         ]
     });
-    my $user =
-        $ENV{'HTTP_DISPLAYNAME'} ? $ENV{'HTTP_DISPLAYNAME'} :
-        $ENV{'displayName'}      ? $ENV{'displayName'}      :
-        undef;
-    my $idp =
-        $ENV{'HTTP_SHIB_IDENTITY_PROVIDER'} ? $ENV{'HTTP_SHIB_IDENTITY_PROVIDER'} :
-        $ENV{'Shib-Identity-Provider'}      ? $ENV{'Shib-Identity-Provider'}      :
-        undef;
+
     my $data = {
         app => {
             url           => $config->{app}->{url},
@@ -118,9 +113,9 @@ sub run {
             version       => $config->{app}->{version},
             name          => $config->{app}->{name},
         },
-        user          => $user,
+        user          => $user->{name},
         source_ip     => $self->client_ip(),
-        idp           => { entityid => $idp, },
+        idp           => { entityid => $user->{idp}, },
         sp            => { entityid => $entityid, },
         to            => $email,
         token         => $token->secret(),
diff --git a/lib/AccountManager/App/Step4.pm b/lib/AccountManager/App/Step4.pm
index 4a3a29e..b6d50a6 100644
--- a/lib/AccountManager/App/Step4.pm
+++ b/lib/AccountManager/App/Step4.pm
@@ -21,6 +21,7 @@ sub run {
 
     $self->init_db();
     $self->init_l10n();
+    $self->init_user();
 
     if ($config->{app}->{login_url}) {
         return if !$self->check_authentication();
diff --git a/lib/AccountManager/App/Step5.pm b/lib/AccountManager/App/Step5.pm
index 120d7ad..bec8dd0 100644
--- a/lib/AccountManager/App/Step5.pm
+++ b/lib/AccountManager/App/Step5.pm
@@ -21,6 +21,7 @@ sub run {
 
     $self->init_db();
     $self->init_l10n();
+    $self->init_user();
 
     if ($config->{app}->{login_url}) {
         return if !$self->check_authentication();
-- 
GitLab