our
$VERSION
=
'2.0.7'
;
sub
run {
my
(
$class
,
$req
) =
@_
;
my
(
$ret
,
$session
) =
$class
->Lemonldap::NG::Handler::Main::run(
$req
);
return
$ret
unless
(
$ret
==
$class
->OK );
my
$uri
=
$req
->{env}->{REQUEST_URI};
my
$localConfig
=
$class
->localConfig;
my
$zimbraPreAuthKey
=
$localConfig
->{zimbraPreAuthKey};
my
$zimbraAccountKey
=
$localConfig
->{zimbraAccountKey} ||
'uid'
;
my
$zimbraBy
=
$localConfig
->{zimbraBy} ||
'id'
;
my
$zimbraUrl
=
$localConfig
->{zimbraUrl} ||
'/service/preauth'
;
my
$zimbraSsoUrl
=
$localConfig
->{zimbraSsoUrl} ||
'^/zimbrasso$'
;
my
$timeout
=
$localConfig
->{
'timeout'
} ||
'0'
;
$zimbraAccountKey
=~ s/\s+$//;
$zimbraBy
=~ s/\s+$//;
$zimbraUrl
=~ s/\s+$//;
$zimbraSsoUrl
=~ s/\s+$//;
$class
->logger->debug(
"zimbraPreAuthKey: $zimbraPreAuthKey"
);
$class
->logger->debug(
"zimbraAccountKey: $zimbraAccountKey"
);
$class
->logger->debug(
"zimbraBy: $zimbraBy"
);
$class
->logger->debug(
"zimbraUrl: $zimbraUrl"
);
$class
->logger->debug(
"zimbraSsoUrl: $zimbraSsoUrl"
);
$class
->logger->debug(
"timeout: $timeout"
);
return
$class
->OK
unless
(
$uri
=~
$zimbraSsoUrl
);
unless
(
$zimbraPreAuthKey
) {
$class
->logger->error(
"No Zimbra preauth key configured"
);
return
$class
->SERVER_ERROR;
}
my
$zimbra_url
=
$class
->_buildZimbraPreAuthUrl(
$req
,
$zimbraPreAuthKey
,
$zimbraUrl
,
$class
->data->{
$zimbraAccountKey
},
$zimbraBy
,
$timeout
);
$class
->set_header_out(
$req
,
'Location'
=>
$zimbra_url
);
return
$class
->REDIRECT;
}
sub
_buildZimbraPreAuthUrl {
my
(
$class
,
$req
,
$key
,
$url
,
$account
,
$by
,
$timeout
) =
@_
;
my
$expires
=
$timeout
? (
$class
->data->{_utime} +
$timeout
) * 1000 :
$timeout
;
my
$timestamp
=
time
() * 1000;
my
$computed_value
=
hmac_sha1_hex(
"$account|$by|$expires|$timestamp"
,
$key
);
$class
->logger->debug(
"Compute value $account|$by|$expires|$timestamp into $computed_value"
);
my
$zimbra_url
=
"$url?account=$account&by=$by×tamp=$timestamp&expires=$expires&preauth=$computed_value"
;
$class
->logger->debug(
"Build Zimbra URL: $zimbra_url"
);
return
$zimbra_url
;
}
1;