view release on metacpan or  search on metacpan

lib/Apache2/AuthCASpbh/UserAgent.pm  view on Meta::CPAN

				my @cookie = @_;
				if ($cookie[1] eq $cookie_name &&
				    $cookie[4] =~ /\Q$domain\E$/ &&
				    $path =~ /^\Q$cookie[3]\E/) {
					$_log->l($debug_level, "found $cookie[3] $cookie[1] $cookie[4]");
					$session_cookie = \@cookie;
				}
			});
				
			last;
		}
	}

	$_log->l($debug_level, 'no matching cookies found') and	goto NO_STORE_COOKIE
		unless ref($session_cookie);

	goto NO_SET_COOKIE unless defined($cas_session);

	my $session = open_session($self->{cas_session_db}, $cas_session);
					
	$_log->l('error', "session $cas_session tie failed - $session") and goto NO_SET_COOKIE
		unless ref($session);

	my $cookie_key = "$session_cookie->[4]$session_cookie->[3]";
	if (!exists($session->{cookies}{$url_re}{$cookie_key}) ||
	    $session->{cookies}{$url_re}{$cookie_key}->[2] ne $session_cookie->[2]) {
		$_log->l($debug_level, 'storing session cookie');
		$session->{cookies}{$url_re}{$cookie_key} = $session_cookie;
		$session->{update_count}++;
	}
	else {
		$_log->l($debug_level, 'no session cookie value change');
	}

	untie(%{$session});

	NO_STORE_COOKIE:

	return $response;
}

=head1 NAME

AuthCASpbh::UserAgent - CAS proxy authentication client for Apache/mod_perl

=head1 SYNOPSIS

	use Apache2::AuthCASpbh::UserAgent;

	my $ua = Apache2::AuthCASpbh::UserAgent->new(
			apache_r => $r,
			cas_cookie_map => [ { URL_re => '^https://my\.server/cas' },
                        	            { URL_re => '^https://other\.server/ssoapp',
					      cookie_name => 'CAS_Cookie' } ]);

	my $req = HTTP::Request->new('GET', 'https://my.server/');

=head1 DESCRIPTION

AuthCASpbh::UserAgent is a derivative of L<LWP::UserAgent> that adds
transparent support for proxy CAS authentication. All of the documentation for
L<LWP::UserAgent> applies, and any method or configuration described in that
documentation is supported by an Apache2::AuthCASpbh::UserAgent object.

AuthCASpbh::UserAgent adds two configuration options to the new() method as
defined by LWP::UserAgent:

=over

=item apache_r

The Apache/mod_perl request object for the request in which
AuthCASpbh::UserAgent is being used. This parameter is mandatory.

=item cas_cookie_map

This parameter controls how AuthCASpbh handles automatically managing CAS
session cookies for requests. It takes a reference to an array, with the array
members being references to hashes with the following components:

=over

=item URL_re

A regular expression compared against the request being made to determine
whether or not this entry applies to the request. Comparisons are made are in
order beginning with the first hash reference in the array, and the first match
ends the search.

=item cookie_name

An optional value defining the name of the session cookie used by the remote
application. If no value is supplied, the value of the SessionCookieName
parameter for the calling request is used.

=back

If no C<cas_cookie_map> is supplied, no automated session management will be
performed and your application is responsible for implementing a mechanism such
that all requests made after the initial successful authentication access that
session, or else authentication will be performed on every request.

Note that if no cookie_jar was supplied and this option exists, a default
cookie_jar will be created. If the request matches one of the URL_re entries,
and a cookie with the configured name is returned, AuthCASpbh::UserAgent will
store the cookie and inject it into future requests that match the same URL_re.

=back

=head1 AVAILABILITY

AuthCASpbh is available via CPAN as well as on GitHub at

https://github.com/pbhenson/Apache2-AuthCASpbh

=head1 AUTHOR

Copyright (c) 2018-2024, Paul B. Henson <henson@acm.org>

This file is part of AuthCASpbh.