Bug 19160: Isolate CAS code into its own module
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This commit is contained in:
parent
b85f8c9e2a
commit
9c0be579fe
3 changed files with 30 additions and 35 deletions
16
C4/Auth.pm
16
C4/Auth.pm
|
@ -905,22 +905,6 @@ sub checkauth {
|
|||
}
|
||||
}
|
||||
}
|
||||
elsif ($logout && $cas) {
|
||||
# We got a cas single logout request from a cas server;
|
||||
my $ticket = $query->param('cas_ticket');
|
||||
# We've been called as part of the single logout destroy the session associated with the cas ticket
|
||||
my $params = _get_session_params();
|
||||
my $success = CGI::Session->find( $params->{dsn}, sub {delete_cas_session(@_, $ticket)}, $params->{dsn_args} );
|
||||
|
||||
sub delete_cas_session {
|
||||
my $session = shift;
|
||||
my $ticket = shift;
|
||||
if ($session->param('cas_ticket') && $session->param('cas_ticket') eq $ticket ) {
|
||||
$session->delete;
|
||||
$session->flush;
|
||||
}
|
||||
}
|
||||
}
|
||||
unless ( $userid || $sessionID ) {
|
||||
#we initiate a session prior to checking for a username to allow for anonymous sessions...
|
||||
my $session = get_session("") or die "Auth ERROR: Cannot get_session()";
|
||||
|
|
|
@ -228,21 +228,37 @@ sub _url_with_get_params {
|
|||
return $uri_base_part . $uri_params_part;
|
||||
}
|
||||
|
||||
sub logout_required {
|
||||
# CAS single logout
|
||||
sub logout_if_required {
|
||||
my ( $query ) = @_;
|
||||
# Check we havent been hit by a logout call
|
||||
my $xml = $query->param('logoutRequest');
|
||||
if ($xml) {
|
||||
my $dom = XML::LibXML->load_xml(string => $xml);
|
||||
my $ticket;
|
||||
foreach my $node ($dom->findnodes('/samlp:LogoutRequest')){
|
||||
$ticket = $node->findvalue('./samlp:SessionIndex');
|
||||
}
|
||||
$query->param(-name =>'logout.x', -value => 1);
|
||||
$query->param(-name =>'cas_ticket', -value => $ticket);
|
||||
return 1;
|
||||
return 0 unless $xml;
|
||||
|
||||
my $dom = XML::LibXML->load_xml(string => $xml);
|
||||
my $ticket;
|
||||
foreach my $node ($dom->findnodes('/samlp:LogoutRequest')){
|
||||
# We got a cas single logout request from a cas server;
|
||||
$ticket = $node->findvalue('./samlp:SessionIndex');
|
||||
}
|
||||
return 0;
|
||||
|
||||
return 0 unless $ticket;
|
||||
|
||||
# We've been called as part of the single logout destroy the session associated with the cas ticket
|
||||
my $params = C4::Auth::_get_session_params();
|
||||
my $success = CGI::Session->find( $params->{dsn}, sub {delete_cas_session(@_, $ticket)}, $params->{dsn_args} );
|
||||
|
||||
sub delete_cas_session {
|
||||
my $session = shift;
|
||||
my $ticket = shift;
|
||||
if ($session->param('cas_ticket') && $session->param('cas_ticket') eq $ticket ) {
|
||||
$session->delete;
|
||||
$session->flush;
|
||||
}
|
||||
}
|
||||
|
||||
print $query->header;
|
||||
exit;
|
||||
}
|
||||
|
||||
1;
|
||||
|
|
|
@ -62,8 +62,9 @@ BEGIN {
|
|||
}
|
||||
}
|
||||
|
||||
my $cas_logout_required = C4::Context->preference('casAuthentication')
|
||||
and C4::Auth_with_ldap::logout_required($query);
|
||||
# CAS single logout handling
|
||||
# Will print header and exit
|
||||
C4::Context->preference('casAuthentication') and C4::Auth_with_ldap::logout_if_required($query);
|
||||
|
||||
my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
|
||||
{
|
||||
|
@ -75,12 +76,6 @@ my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
|
|||
}
|
||||
);
|
||||
|
||||
if ($cas_logout_required){
|
||||
print $query->header;
|
||||
exit;
|
||||
}
|
||||
|
||||
|
||||
my %renewed = map { $_ => 1 } split( ':', $query->param('renewed') );
|
||||
|
||||
my $show_priority;
|
||||
|
|
Loading…
Reference in a new issue