Skip to content
Snippets Groups Projects
Commit 8c743676 authored by Guillaume ROUSSE's avatar Guillaume ROUSSE
Browse files

don't depend on input paramer to select template

parent 7b5cb8e3
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
lib/AccountManager/WebRequest.pm
+ 207
71
View file @ 8c743676
......@@ -93,7 +93,12 @@ sub run {
$self->{logger}->error(
"Incorrect parameter format : $parameter"
);
$self->respond({ errors => [ "format_$parameter" ] });
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "format_$parameter" ]
}
);
}
}
......@@ -105,7 +110,6 @@ sub run {
# register needed parameters
$self->{in} = {
email => $parameters{email},
style => $parameters{style},
entityid => $parameters{entityid},
token => $parameters{token},
key => $parameters{key},
......@@ -120,7 +124,12 @@ sub run {
} else {
## unknown action
$self->{logger}->error( "Unknown action '$action'");
$self->respond({ errors => [ "Unknown action '$action'" ] });
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "Unknown action '$action'" ]
}
);
}
return 1;
......@@ -128,9 +137,9 @@ sub run {
## Return HTML content
sub respond {
my ($self, $data) = @_;
$data->{app} = {
my ($self, %in) = @_;
$in{data}->{app} = {
name => $self->{configuration}->{app}->{name},
url => $self->{configuration}->{app}->{url},
support_email => $self->{configuration}->{app}->{support_email},
......@@ -147,13 +156,6 @@ sub respond {
my $template;
## nobanner is used to do AJAX to get only pieces of HTML to load in the web client
if ($self->{in}->{style} && $self->{in}->{style} eq 'nobanner') {
$template = 'index-nobanner.tt2.html';
} else {
$template = 'index.tt2.html';
}
binmode(STDOUT, ":utf8");
print $self->{cgi}->header(
......@@ -161,7 +163,7 @@ sub respond {
-charset => 'utf8'
);
unless ($tt2->process($template, $data, \*STDOUT)) {
unless ($tt2->process($in{template}, $in{data}, \*STDOUT)) {
printf "Content-type: text/plain\n\n Error: %s", $tt2->error();
$self->{logger}->errorf("Web parser error : %s", $tt2->error());
}
......@@ -180,16 +182,24 @@ sub req_select_sp {
};
if ($EVAL_ERROR) {
$self->{logger}->error("Failed to load federation metadata: $EVAL_ERROR");
$self->respond({ errors => [ "internal" ] });
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "internal" ]
}
);
}
$self->respond({
env => {
SCRIPT_NAME => $ENV{SCRIPT_NAME}
},
metadata => $metadata->parse(type => 'sp'),
action => 'select_sp'
});
$self->respond(
template => 'index.tt2.html',
data => {
env => {
SCRIPT_NAME => $ENV{SCRIPT_NAME}
},
metadata => $metadata->parse(type => 'sp'),
action => 'select_sp'
}
);
}
sub req_select_email {
......@@ -197,7 +207,12 @@ sub req_select_email {
unless ($self->{in}->{entityid}) {
$self->{logger}->error("Missing parameter entityid");
$self->respond({ errors => [ "missing_entityid" ] });
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "missing_entityid" ]
}
);
}
# Create a persistent service provider object
......@@ -219,7 +234,12 @@ sub req_select_email {
};
if ($EVAL_ERROR) {
$self->{logger}->error("Failed to load federation metadata: $EVAL_ERROR");
$self->respond({ errors => [ "internal" ] });
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "internal" ]
}
);
}
my $sps = $metadata->parse(id => $self->{in}->{entityid});
......@@ -227,7 +247,12 @@ sub req_select_email {
$self->{logger}->errorf(
"No such SP '%s' in metadata", $self->{in}->{entityid}
);
$self->respond({ errors => [ "no_such_entity" ] });
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "no_such_entity" ]
}
);
}
my $sp = $sps->[0];
......@@ -239,7 +264,12 @@ sub req_select_email {
# save in DB
unless ($provider->save()) {
$self->{logger}->error("Failed to save service provider object");
$self->respond({ errors => [ "internal" ] });
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "internal" ]
}
);
}
}
......@@ -258,10 +288,13 @@ sub req_select_email {
}
}
$self->respond({
provider => $provider,
action => 'select_email'
});
$self->respond(
template => 'index-nobanner.tt2.html',
data => {
provider => $provider,
action => 'select_email'
}
);
}
sub req_complete_challenge {
......@@ -269,12 +302,22 @@ sub req_complete_challenge {
unless ($self->{in}->{entityid}) {
$self->{logger}->error("Missing parameter entityid");
$self->respond({ errors => [ "missing_entityid" ] });
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "missing_entityid" ]
}
);
}
unless ($self->{in}->{email}) {
$self->{logger}->error("Missing parameter email");
$self->respond({ errors => [ "missing_email" ] });
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "missing_email" ]
}
);
}
my $provider = AccountManager::Service->new(
......@@ -284,7 +327,12 @@ sub req_complete_challenge {
unless ($provider->load(speculative => 1)) {
$self->{logger}->errorf("No such SP '%s' in database", $self->{in}->{entityid});
$self->respond({ errors => [ "no_such_entity" ] });
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "no_such_entity" ]
}
);
}
# override metadata contacts if needed
......@@ -310,7 +358,12 @@ sub req_complete_challenge {
$self->{in}->{entityid},
$self->{in}->{email}
);
$self->respond({ errors => [ "internal" ] });
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "internal" ]
}
);
}
# delete any previous token for the same email/service couple
......@@ -326,7 +379,12 @@ sub req_complete_challenge {
"Failed to delete previous authentication token with ID %s",
$old_token->id()
);
$self->respond({ errors => [ "internal" ] });
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "internal" ]
}
);
}
}
......@@ -344,7 +402,12 @@ sub req_complete_challenge {
unless ($token->save()) {
$self->{logger}->error("Failed to save authentication token");
$self->respond({ errors => [ "internal" ] });
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "internal" ]
}
);
}
my $sender = $self->{configuration}->{_}->{notice_from};
......@@ -354,7 +417,12 @@ sub req_complete_challenge {
open(my $handle, '|-', "$sendmail -f $sender $recipient") or do {
$self->{logger}->errorf("Unable to run sendmail executable: %s", $ERRNO);
$self->respond({ errors => [ "mail_notification_error" ] });
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "mail_notification_error" ]
}
);
};
my $tt2 = Template->new({
......@@ -379,7 +447,12 @@ sub req_complete_challenge {
unless ($tt2->process($template, $data, $handle)) {
$self->{logger}->errorf("Mail notification error: %s", $tt2->error());
$self->respond({ errors => [ "mail_notification_error" ] });
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "mail_notification_error" ]
}
);
}
close $handle;
......@@ -391,11 +464,14 @@ sub req_complete_challenge {
$token->token(),
);
$self->respond({
email => $self->{in}->{email},
entityid => $self->{in}->{entityid},
action => 'complete_challenge'
});
$self->respond(
template => 'index-nobanner.tt2.html',
data => {
email => $self->{in}->{email},
entityid => $self->{in}->{entityid},
action => 'complete_challenge'
}
);
}
sub req_create_accounts {
......@@ -403,7 +479,12 @@ sub req_create_accounts {
unless ($self->{in}->{entityid}) {
$self->{logger}->error("Missing parameter entityid");
$self->respond({ errors => [ "missing_entityid" ] });
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "missing_entityid" ]
}
);
}
unless ($self->{in}->{token}) {
......@@ -413,7 +494,12 @@ sub req_create_accounts {
unless ($self->{in}->{email}) {
$self->{logger}->error("Missing parameter email");
$self->respond({ errors => [ "missing_email" ] });
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "missing_email" ]
}
);
}
my $token = AccountManager::Token->new(
......@@ -427,7 +513,12 @@ sub req_create_accounts {
$self->{in}->{token},
$self->{in}->{entityid}
);
$self->respond({ errors => [ "wrong_token" ] });
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "wrong_token" ]
}
);
}
if (! $token->sp_entityid() eq $self->{in}->{entityid}) {
......@@ -436,7 +527,12 @@ sub req_create_accounts {
$self->{in}->{token},
$self->{in}->{entityid}
);
$self->respond({ errors => [ "wrong_token_for_sp" ] });
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "wrong_token_for_sp" ]
}
);
}
## delete the token
......@@ -469,9 +565,13 @@ sub req_create_accounts {
);
unless ($download_token->save()) {
push @{ $self->{out}->{errors} }, "internal";
$self->{logger}->error("Failed to save authentication token");
$self->respond();
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "internal" ]
}
);
}
my $key = AccountManager::Tools::generate_secret(10);
......@@ -499,7 +599,12 @@ sub req_create_accounts {
"Failed to create test accounts for SP with entityid %s",
$self->{in}->{entityid}
);
$self->respond({ errors => [ "accounts_creation_failed" ] });
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "accounts_creation_failed" ]
}
);
}
## Update simpleSAMLphp configuration to enable test accounts
......@@ -519,7 +624,12 @@ sub req_create_accounts {
"Failed to create simpleSAMLphp configuration file: %s",
$EVAL_ERROR
);
$self->respond({ errors => [ "accounts_creation_failed" ] });
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "accounts_creation_failed" ]
}
);
}
$self->{logger}->infof(
......@@ -528,34 +638,49 @@ sub req_create_accounts {
$self->{in}->{token}
);
$self->respond({
accounts => \@accounts,
entityid => $self->{in}->{entityid},
key => $key,
token => $download_token->token(),
action => 'create_accounts'
});
$self->respond(
template => 'index.tt2.html',
data => {
accounts => \@accounts,
entityid => $self->{in}->{entityid},
key => $key,
token => $download_token->token(),
action => 'create_accounts'
}
);
}
sub req_download_accounts {
my ($self) = @_;
unless ($self->{in}->{entityid}) {
push @{ $self->{out}->{errors} }, "missing_entityid";
$self->{logger}->error("Missing parameter entityid");
$self->respond();
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "missing_entityid" ]
}
);
}
unless ($self->{in}->{token}) {
push @{ $self->{out}->{errors} }, "missing_token";
$self->{logger}->error("Missing parameter token");
$self->respond();
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "missing_token" ]
}
);
}
unless ($self->{in}->{key}) {
push @{ $self->{out}->{errors} }, "missing_key";
$self->{logger}->error("Missing parameter key");
$self->respond();
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "missing_key" ]
}
);
}
my $token = AccountManager::Token->new(
......@@ -564,22 +689,30 @@ sub req_download_accounts {
);
if (! $token->load(speculative => 1)) {
push @{ $self->{out}->{errors} }, "wrong_token";
$self->{logger}->errorf(
"Non-existing authentication token %s",
$self->{in}->{token},
);
$self->respond();
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "wrong_token" ]
}
);
}
if (! $token->sp_entityid() eq $self->{in}->{entityid}) {
push @{ $self->{out}->{errors} }, "wrong_token_for_sp";
$self->{logger}->errorf(
"Authentication token %s cannot be used for SP %s",
$self->{in}->{token},
$self->{in}->{entityid}
);
$self->respond();
$self->respond(
template => 'index.tt2.html',
data => {
errors => [ "wrong_token_for_sp" ]
}
);
}
# delete the token
......@@ -648,9 +781,12 @@ sub req_download_accounts {
sub req_home {
my ($self) = @_;
$self->respond({
action => 'home'
});
$self->respond(
template => 'index.tt2.html',
data => {
action => 'home'
}
);
}
1;
templates/web/en/select_sp.tt2.html
+ 2
2
View file @ 8c743676
......@@ -21,7 +21,7 @@ jQuery(document).ready(function($){
form.steps("insert", 1, {
title: "Select your email address",
contentMode: "async",
contentUrl: "[% app.url %]?action=select_email&style=nobanner&entityid="+
contentUrl: "[% app.url %]?action=select_email&entityid="+
encodeURIComponent($('#entityid').val())
});
}
......@@ -34,7 +34,7 @@ jQuery(document).ready(function($){
form.steps("insert", 2, {
title: "Complete email challenge",
contentMode: "async",
contentUrl: "[% app.url %]?action=complete_challenge&style=nobanner&entityid="+
contentUrl: "[% app.url %]?action=complete_challenge&entityid="+
encodeURIComponent($('#entityid').val())+"&email="+encodeURIComponent($("input:checked[name='email']").val())
});
}
......
templates/web/fr/select_sp.tt2.html
+ 2
2
View file @ 8c743676
......@@ -21,7 +21,7 @@ jQuery(document).ready(function($){
form.steps("insert", 1, {
title: "Select your email address",
contentMode: "async",
contentUrl: "[% app.url %]?action=select_email&style=nobanner&entityid="+
contentUrl: "[% app.url %]?action=select_email&entityid="+
encodeURIComponent($('#entityid').val())
});
}
......@@ -34,7 +34,7 @@ jQuery(document).ready(function($){
form.steps("insert", 2, {
title: "Complete email challenge",
contentMode: "async",
contentUrl: "[% app.url %]?action=complete_challenge&style=nobanner&entityid="+
contentUrl: "[% app.url %]?action=complete_challenge&entityid="+
encodeURIComponent($('#entityid').val())+"&email="+encodeURIComponent($("input:checked[name='email']").val())
});
}
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment