Commit 3ab6135a authored by marcus-tun's avatar marcus-tun
Browse files

Merge branch 'master' of git.scc.kit.edu:lo0018/pluto

parents ee8564cd 114eaccd
......@@ -206,6 +206,19 @@ my $cookie_jar = HTTP::Cookies->new(file => COOKIE_FILE,
$ua->cookie_jar($cookie_jar);
$headers = HTTP::Headers->new();
$response = $ua->get(CREDENTIAL_CREATION_URL);
# Make sure we do have an idp URL
if ($idpurl eq '') {
if ($idpname ne '') {
$idpurl = $idps{$idpname};
#print "assigning idpurl by name: ".$idpurl."\n";
}
}
if ($idpurl eq '') {
warn("Error: No valid IdP URL specified\n");
exit 1;
}
if ($response->is_success) {
......@@ -213,7 +226,7 @@ if ($response->is_success) {
# If we were redirected, we did not obtain our assertion and have to
# do the ECP procedure to obtain a valid assertion
if (exists($response->{'_previous'})) {
print "No existing session found => new login at ".$idpname.":\n";
print " Login at ==> ".$idpurl." <== \n";
# Make sure we do have a username for the IdP
if ($idpuser eq '') {
......@@ -231,15 +244,6 @@ if ($response->is_success) {
$idppass = readpassword();
print ("\n");
}
# Make sure we do have an idp URL
if ($idpname ne '') {
$idpurl = $idps{$idpname};
#print "assigning idpurl by name: ".$idpurl."\n";
}
if ($idpurl eq '') {
warn("Error: No valid IdP URL specified\n");
exit 1;
}
# Create the session cookie... (the lengthy code is in the subroutine)
create_valid_session_via_idp($idpurl, $idpuser, $idppass, $ua);
......@@ -266,7 +270,7 @@ if ($response->is_success) {
print FILE $response_content;
close (FILE);
print "assertion created successfully\n";
#print "assertion created successfully\n";
#print "\n##### BEGIN SP RESPONSE #####\n";
#print "$response_content \n";
#print "##### END SP RESPONSE #####\n\n";
......@@ -290,8 +294,8 @@ my $restrict='!@#$%^&*()_-=+/' ;
my $symmetric_passwd = chars(5,16,0,$restrict,0);
my $iv = chars(5,16,0,$restrict,0);
print ("symkey: ". $symmetric_passwd."\n");
print ("iv: ". $iv."\n");
#print ("symkey: ". $symmetric_passwd."\n");
#print ("iv: ". $iv."\n");
# encryption
my $cipher = new Crypt::CBC ($symmetric_passwd, 'Rijndael', -keysize=>8, -iv=>$iv, -header=>'none');
......@@ -306,33 +310,35 @@ my $perl_key = $cipher->key();
my $perl_iv = $cipher->iv();
my $package = $perl_iv.$encrypted_assertion;
print ("perl_key: ".encode_base64($perl_key)."\n");
print ("length of perl_key: ".length($perl_key),"\n");
print ("length of perl_iv: ".length($perl_iv),"\n");
print ("length of encypted assertion ".length($encrypted_assertion),"\n");
print ("length of encyption package: ".length($package),"\n");
#print ("perl_key: ".encode_base64($perl_key)."\n");
#print ("length of perl_key: ".length($perl_key),"\n");
#print ("length of perl_iv: ".length($perl_iv),"\n");
#print ("length of encypted assertion ".length($encrypted_assertion),"\n");
#print ("length of encyption package: ".length($package),"\n");
# base64 encoding
my $b64_encrypted_assertion_package=encode_base64($package);
my $hex_encrypted_assertion_package=unpack( 'H*', $package );
my $hex_perl_key = unpack ('H*', $perl_key);
# upload encrypted assertion
$response=$ua->post(CREDENTIAL_UPLOAD_URL,
[encrypted_assertion =>$b64_encrypted_assertion_package,
key => encode_base64($perl_key),
[encrypted_assertion =>$hex_encrypted_assertion_package,
#key => $hex_perl_key,
client => "perl",
client_verion => VERSION]);
client_version => VERSION]);
#print Dumper($response);
$response_content = $response->decoded_content;
use Data::Dumper;
print Dumper($response_content);
#print Dumper($response_content);
# Store the returned URL
(undef, $url_to_assertion) = split("url=", $response_content);
my $url_to_assertion_with_key = $url_to_assertion."&k=".encode_base64($perl_key);
my $url_to_assertion_with_key = $url_to_assertion."?k=".$hex_perl_key;
open (FILE, ">", $urlfile) or die $!;
print FILE $url_to_assertion_with_key;
......@@ -543,8 +549,8 @@ sub create_valid_session_via_idp {
($idpresp=~m#AssertionConsumerServiceURL=\"([^\"]*)\"#i) &&
($assertionConsumerServiceURL=$1);
if (!$assertionConsumerServiceURL) {
warn "Error: No AssertionConsumerServiceURL in response from '$idpurl'." if
(!$quiet);
#warn "Error: No AssertionConsumerServiceURL in response from '$idpurl'." if
warn "Wrong password or IdP does not support ECP? (AssertionConsumerServiceURL) " if (!$quiet);
exit 1;
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment