process input parameters only once

42e88f2e · Guillaume ROUSSE · e5fd5a87 · 42e88f2e
Commit 42e88f2e authored 7 years ago by Guillaume ROUSSE
--- a/lib/IdPAccountManager/WebRequest.pm
+++ b/lib/IdPAccountManager/WebRequest.pm
@@ -41,45 +41,7 @@ sub new {
    );

    $self->{db} = IdPAccountManager::DB->new();
-
-    my $http_query = CGI->new();
-
-    ## Input parameters
-    my %in_vars = $http_query->Vars;
-    $self->{param_in} = \%in_vars;
-
-    ## Usefull data for output (web pages or mail notices)
-    $self->{param_out}->{url_cgi} = $ENV{SCRIPT_NAME};
-    $self->{param_out}->{env}     = \%ENV;
-    $self->{param_out}->{actions} = $args{actions};
-    $self->{param_out}->{conf}    = $self->{configuration};
-
-    ## Clean input vars
-    foreach my $key (keys %{ $self->{param_in} }) {
-
-        ## Removing all ^M (0D)
-        $self->{param_in}->{$key} =~ s/\r//g;
-
-        $self->{param_in}->{$key} =~ s/\s+$//;    ## Remove trailing spaces
-        $self->{param_in}->{$key} =~ s/^\s+//;    ## Remove leading spaces
-
-        ## If action_xx param is set, then action=xx
-        ## Usefull to have sementicless values in submit forms
-        if ($key =~ /^action_(\w+)$/) {
-
-            #$self->{logger}->log(level => LOG_TRACE, message => "ACTION $key");
-            $self->{param_in}->{action} = $1;
-        }
-    }
-
-    ## Check the requested action
-    if ($self->{param_in}->{action}) {
-        $self->{action} = $self->{param_in}->{action};
-    } else {
-        ## Default action
-        $self->{logger}->log(level => LOG_INFO, message => 'Default action');
-        $self->{action} = 'home';
-    }
+    $self->{cgi} = CGI->new();

    bless $self, $pkg;

@@ -93,23 +55,54 @@ sub execute {

    my $status;

-    ## Check input parameters format
-    foreach my $key (keys %{ $self->{param_in} }) {
-        if (   $self->{param_in}->{$key} !~ /^\s*$/
-            && defined $self->{format}->{$key}
-            && !ref($self->{format}->{$key}))
-        {
-            unless ($self->{param_in}->{$key} =~ /^$self->format->{$key}$/) {
-                push @{ $self->{param_out}->{errors} }, "format_$key";
+    # initialize output parameters
+    $self->{param_out} = {
+        url_cgi => $ENV{SCRIPT_NAME},
+        env     => \%ENV,
+        actions => $self->{actions},
+        conf    => $self->{configuration},
+    };
+
+    # process input parameters
+    my %parameters = $self->{cgi}->Vars();
+
+    foreach my $parameter (keys %parameters) {
+
+        # cleanup
+        $parameters{$parameter} =~ s/\r//g;  # remove &0D char
+        $parameters{$parameter} =~ s/\s+$//; # remove trailing spaces
+        $parameters{$parameter} =~ s/^\s+//; # remove leading spaces
+
+        # format check
+        if (defined $self->{format}->{$parameter}
+            && !ref($self->{format}->{$parameter})) {
+            if ($parameters{$parameter} !~ /^$self->format->{$parameter}$/) {
+                push @{ $self->{param_out}->{errors} }, "format_$parameter";
                $self->{logger}->log(
                    level   => LOG_ERROR,
-                    message => "Incorrect parameter format : $key"
+                    message => "Incorrect parameter format : $parameter"
                );
                return undef;
            }
        }
+
+        # If action_xx parameter is set, set action parameter with value xx
+        if ($parameter =~ /^action_(\w+)$/) {
+            $parameters{action} = $1;
+        }
+
+        # register needed parameters
+        $self->{param_in} = {
+            email_adress => $parameters{action},
+            style        => $parameters{style},
+            sp_entityid  => $parameters{sp_entityid},
+            authentication_token => $parameters{authentication_token}
+        };
    }

+    # Check the requested action
+    $self->{action} = $parameters{action} || 'home';
+
    do {
        ## Actions can be chained
        $self->{action} = $self->{next_action} if ($self->{next_action});