Projekt

Allgemein

Profil

Herunterladen (1,94 KB) Statistiken
| Zweig: | Markierung: | Revision:
package SL::Auth::HTTPHeaders;

use List::MoreUtils qw(any);

use SL::Auth::Constants qw(:all);

use strict;

my @required_config_options = qw(secret_header secret user_header client_id_header);

sub new {
my $type = shift;
my $self = {};
$self->{config} = shift;

bless $self, $type;

return $self;
}

sub reset {
my ($self) = @_;
}

sub _env_var_for_header {
my ($header) = @_;

$header =~ s{-}{_}g;
return $ENV{'HTTP_' . uc($header)};
}

sub _authenticate {
my ($self, $type) = @_;

my $secret = _env_var_for_header($self->{config}->{secret_header}) // '';
if ($secret ne $self->{config}->{secret}) {
$::lxdebug->message(LXDebug->DEBUG2(), "HTTPHeaders ${type}: bad secret sent by upstream server: $secret");
return (ERR_BACKEND);
}

my $client_id = _env_var_for_header($self->{config}->{client_id_header});
if (!$client_id) {
$::lxdebug->message(LXDebug->DEBUG2(), "HTTPHeaders ${type}: no client ID header found");
return (ERR_PASSWORD);
}

# $::auth->set_client();

my $user = _env_var_for_header($self->{config}->{user_header});
if (!$user) {
$::lxdebug->message(LXDebug->DEBUG2(), "HTTPHeaders ${type}: no user name header found");
return (ERR_PASSWORD);
}

$::lxdebug->message(LXDebug->DEBUG2(), "HTTPHeaders ${type}: OK client $client_id user $user");

return (OK, $client_id, $user);
}

sub authenticate {
my ($self) = @_;

my ($status, $client, $login) = $self->_authenticate('authenticate');

return $status;
}

sub can_change_password {
return 0;
}

sub requires_cleartext_password {
return 0;
}

sub change_password {
return ERR_BACKEND;
}

sub verify_config {
my $self = shift;
my $cfg = $self->{config};

if (!$cfg) {
die 'config/kivitendo.conf: Key "authentication/http_headers" is missing.';
}

foreach (@required_config_options) {
next if $cfg->{$_};
die 'config/kivitendo.conf: Missing parameter in "authentication/http_headers": ' . $_;
}
}

1;
(4-4/8)