From 9c0be579fe6ce476ee4809321b63b0f215551fb4 Mon Sep 17 00:00:00 2001 From: Jonathan Druart Date: Thu, 11 Jan 2018 15:43:42 -0300 Subject: [PATCH] Bug 19160: Isolate CAS code into its own module Signed-off-by: Katrin Fischer Signed-off-by: Kyle M Hall Signed-off-by: Jonathan Druart --- C4/Auth.pm | 16 ---------------- C4/Auth_with_cas.pm | 36 ++++++++++++++++++++++++++---------- opac/opac-user.pl | 11 +++-------- 3 files changed, 29 insertions(+), 34 deletions(-) diff --git a/C4/Auth.pm b/C4/Auth.pm index a8b1ea305a..876fec541a 100644 --- a/C4/Auth.pm +++ b/C4/Auth.pm @@ -905,22 +905,6 @@ sub checkauth { } } } - elsif ($logout && $cas) { - # We got a cas single logout request from a cas server; - my $ticket = $query->param('cas_ticket'); - # We've been called as part of the single logout destroy the session associated with the cas ticket - my $params = _get_session_params(); - my $success = CGI::Session->find( $params->{dsn}, sub {delete_cas_session(@_, $ticket)}, $params->{dsn_args} ); - - sub delete_cas_session { - my $session = shift; - my $ticket = shift; - if ($session->param('cas_ticket') && $session->param('cas_ticket') eq $ticket ) { - $session->delete; - $session->flush; - } - } - } unless ( $userid || $sessionID ) { #we initiate a session prior to checking for a username to allow for anonymous sessions... my $session = get_session("") or die "Auth ERROR: Cannot get_session()"; diff --git a/C4/Auth_with_cas.pm b/C4/Auth_with_cas.pm index 1459bca8d4..08ff75f2d8 100644 --- a/C4/Auth_with_cas.pm +++ b/C4/Auth_with_cas.pm @@ -228,21 +228,37 @@ sub _url_with_get_params { return $uri_base_part . $uri_params_part; } -sub logout_required { +# CAS single logout +sub logout_if_required { my ( $query ) = @_; # Check we havent been hit by a logout call my $xml = $query->param('logoutRequest'); - if ($xml) { - my $dom = XML::LibXML->load_xml(string => $xml); - my $ticket; - foreach my $node ($dom->findnodes('/samlp:LogoutRequest')){ - $ticket = $node->findvalue('./samlp:SessionIndex'); + return 0 unless $xml; + + my $dom = XML::LibXML->load_xml(string => $xml); + my $ticket; + foreach my $node ($dom->findnodes('/samlp:LogoutRequest')){ + # We got a cas single logout request from a cas server; + $ticket = $node->findvalue('./samlp:SessionIndex'); + } + + return 0 unless $ticket; + + # We've been called as part of the single logout destroy the session associated with the cas ticket + my $params = C4::Auth::_get_session_params(); + my $success = CGI::Session->find( $params->{dsn}, sub {delete_cas_session(@_, $ticket)}, $params->{dsn_args} ); + + sub delete_cas_session { + my $session = shift; + my $ticket = shift; + if ($session->param('cas_ticket') && $session->param('cas_ticket') eq $ticket ) { + $session->delete; + $session->flush; } - $query->param(-name =>'logout.x', -value => 1); - $query->param(-name =>'cas_ticket', -value => $ticket); - return 1; } - return 0; + + print $query->header; + exit; } 1; diff --git a/opac/opac-user.pl b/opac/opac-user.pl index a247ed795d..317ba6af27 100755 --- a/opac/opac-user.pl +++ b/opac/opac-user.pl @@ -62,8 +62,9 @@ BEGIN { } } -my $cas_logout_required = C4::Context->preference('casAuthentication') - and C4::Auth_with_ldap::logout_required($query); +# CAS single logout handling +# Will print header and exit +C4::Context->preference('casAuthentication') and C4::Auth_with_ldap::logout_if_required($query); my ( $template, $borrowernumber, $cookie ) = get_template_and_user( { @@ -75,12 +76,6 @@ my ( $template, $borrowernumber, $cookie ) = get_template_and_user( } ); -if ($cas_logout_required){ - print $query->header; - exit; -} - - my %renewed = map { $_ => 1 } split( ':', $query->param('renewed') ); my $show_priority; -- 2.39.5