Revision 9533
Added by Chris Jones almost 9 years ago
src/perl/register-dataset.cgi | ||
---|---|---|
389 | 389 |
# None of the stages have been reached and data is not being confirmed. |
390 | 390 |
|
391 | 391 |
# check if the user is logged in... |
392 |
my $session = CGI::Session->load() or die CGI::Session->errstr(); |
|
393 |
if ( $session->is_empty ) { |
|
392 |
if ( ! validateSession() ) { |
|
394 | 393 |
|
395 | 394 |
# no session found ... redirect to login page template |
396 | 395 |
$$templateVars{'showInstructions'} = 'true'; |
... | ... | |
475 | 474 |
|
476 | 475 |
if ( !$error ) { |
477 | 476 |
|
478 |
# Login to metacat |
|
479 |
my ( $username, $password ) = getCredentials(); |
|
480 |
my $response = $metacat->login( $username, $password ); |
|
481 |
my $errorMessage = ""; |
|
477 |
# Login to metacat if there is no authentication token |
|
478 |
my $response = hasValidAuthToken(); |
|
479 |
if ( ! $response ) { |
|
480 |
my ( $username, $password ) = getCredentials(); |
|
481 |
$response = $metacat->login( $username, $password ); |
|
482 |
my $errorMessage = ""; |
|
483 |
|
|
484 |
} |
|
482 | 485 |
|
483 | 486 |
# Parameters have been validated and Create the XML document |
484 | 487 |
my $xmldoc = createXMLDocument(); |
... | ... | |
518 | 521 |
} |
519 | 522 |
} |
520 | 523 |
|
521 |
debug("A");
|
|
524 |
debug("Checking for a FORM docid.");
|
|
522 | 525 |
if ( $FORM::docid eq "" ) { |
523 |
debug("B1");
|
|
526 |
debug("No FORM docid is present. Generating one from Metacat.");
|
|
524 | 527 |
|
525 | 528 |
# document is being inserted |
526 | 529 |
my $docStatus = "INCOMPLETE"; |
... | ... | |
533 | 536 |
$xmldocWithDocID =~ s/docid/$docid/; |
534 | 537 |
debugDoc($xmldocWithDocID); |
535 | 538 |
$docStatus = insertMetadata( $xmldocWithDocID, $docid ); |
536 |
|
|
537 |
debug("B2"); |
|
538 |
|
|
539 |
|
|
539 | 540 |
} |
540 |
|
|
541 |
debug("B3"); |
|
542 |
|
|
541 |
|
|
543 | 542 |
if ( $docStatus ne "SUCCESS" ) { |
544 | 543 |
debug("NO SUCCESS"); |
545 | 544 |
debug("Message is: $docStatus"); |
... | ... | |
552 | 551 |
|
553 | 552 |
} |
554 | 553 |
else { |
555 |
debug("M1");
|
|
554 |
debug("The form has an existing docid: " . $FORM::docid);
|
|
556 | 555 |
|
557 | 556 |
# document is being modified |
558 | 557 |
$docid = incrementRevision($FORM::docid); |
... | ... | |
560 | 559 |
$xmldoc =~ s/docid/$docid/; |
561 | 560 |
debugDoc($xmldoc); |
562 | 561 |
|
562 |
debug('Updating docid: ' . $docid); |
|
563 | 563 |
my $response = $metacat->update( $docid, $xmldoc ); |
564 | 564 |
|
565 | 565 |
if ( !$response ) { |
... | ... | |
567 | 567 |
push( @errorMessages, "Failed while updating.\n" ); |
568 | 568 |
} |
569 | 569 |
|
570 |
debug("M2, $docid");
|
|
570 |
debug("Updated document with docid: $docid");
|
|
571 | 571 |
if ( scalar(@errorMessages) ) { |
572 | 572 |
debug("Errors defined in modify."); |
573 | 573 |
|
... | ... | |
682 | 682 |
|
683 | 683 |
} |
684 | 684 |
|
685 |
debug("C"); |
|
686 |
|
|
687 | 685 |
if ( scalar(@errorMessages) ) { |
688 | 686 |
debug("ErrorMessages defined."); |
689 | 687 |
$$templateVars{'docid'} = $FORM::docid; |
... | ... | |
725 | 723 |
|
726 | 724 |
debug("Trying to insert the following document"); |
727 | 725 |
my $docStatus = "SUCCESS"; |
728 |
debug("Starting insert of $docid (D1)");
|
|
726 |
debug("Starting insert of $docid"); |
|
729 | 727 |
|
730 | 728 |
my $response = $metacat->insert( $docid, $xmldoc ); |
731 | 729 |
if ( !$response ) { |
732 |
debug("Response gotten (D2)");
|
|
730 |
debug("Response gotten for docid: " . $docid);
|
|
733 | 731 |
my $errormsg = $metacat->getMessage(); |
734 |
debug( "Error is (D3): " . $errormsg );
|
|
732 |
debug( "Error is: " . $errormsg ); |
|
735 | 733 |
if ( $errormsg =~ /is already in use/ ) { |
736 | 734 |
$docStatus = "INCOMPLETE"; |
737 | 735 |
} |
... | ... | |
742 | 740 |
$docStatus = $errormsg; |
743 | 741 |
} |
744 | 742 |
} |
745 |
debug("Ending insert (D4)");
|
|
743 |
debug("Ending insert of docid: " . $docid);
|
|
746 | 744 |
|
747 | 745 |
return $docStatus; |
748 | 746 |
} |
... | ... | |
1294 | 1292 |
} |
1295 | 1293 |
|
1296 | 1294 |
# Now the file is on disk, send the object to Metacat |
1297 |
my $session = CGI::Session->load(); |
|
1298 |
if ( $session->is_empty ) { |
|
1295 |
if ( ! validateSession() ) { |
|
1299 | 1296 |
push( @errorMessages, "Must be logged in to upload files." ); |
1300 | 1297 |
debug("Not logged in, cannot upload files."); |
1301 | 1298 |
return 0; |
... | ... | |
1476 | 1473 |
sub deleteFileData { |
1477 | 1474 |
my $input = shift; |
1478 | 1475 |
my ( $docid, $fileHash ) = datafileInfo($input); |
1479 |
my $metacat = Metacat->new($metacatUrl); |
|
1476 |
my ($username, $password); |
|
1477 |
my $metacat = Metacat->new($metacatUrl); |
|
1480 | 1478 |
setAuthToken($metacat); |
1481 |
|
|
1482 |
my ( $username, $password ) = getCredentials(); |
|
1483 |
my $response = $metacat->login( $username, $password ); |
|
1479 |
|
|
1480 |
my $response = hasValidAuthToken(); |
|
1481 |
if ( ! $response ) { |
|
1482 |
( $username, $password ) = getCredentials(); |
|
1483 |
$response = $metacat->login( $username, $password ); |
|
1484 |
|
|
1485 |
} |
|
1484 | 1486 |
if ( !$response ) { |
1485 | 1487 |
my $msg = $metacat->getMessage(); |
1486 | 1488 |
push( @errorMessages, |
... | ... | |
1510 | 1512 |
my $filename = shift; |
1511 | 1513 |
|
1512 | 1514 |
debug("Upload -- Starting upload of $docid"); |
1515 |
|
|
1513 | 1516 |
my $response = $metacat->upload( $docid, $data, $filename ); |
1514 | 1517 |
if ( !$response ) { |
1515 | 1518 |
|
... | ... | |
2470 | 2473 |
my $element; |
2471 | 2474 |
my $tempfile; |
2472 | 2475 |
|
2473 |
my ( $username, $password ) = getCredentials(); |
|
2474 |
$metacat->login( $username, $password ); |
|
2476 |
if ( ! hasValidAuthToken() ) { |
|
2477 |
my ( $username, $password ) = getCredentials(); |
|
2478 |
$metacat->login( $username, $password ); |
|
2479 |
|
|
2480 |
} |
|
2475 | 2481 |
|
2476 | 2482 |
$httpMessage = $metacat->read($docid); |
2477 | 2483 |
$doc = $httpMessage->content(); |
... | ... | |
3520 | 3526 |
|
3521 | 3527 |
# Login to metacat |
3522 | 3528 |
my $errorMessage = ""; |
3523 |
my ( $username, $password ) = getCredentials(); |
|
3524 |
my $response = $metacat->login( $username, $password ); |
|
3529 |
|
|
3530 |
my $response = hasValidAuthToken(); |
|
3531 |
if ( ! $response ) { |
|
3532 |
my ( $username, $password ) = getCredentials(); |
|
3533 |
$response = $metacat->login( $username, $password ); |
|
3534 |
|
|
3535 |
} |
|
3525 | 3536 |
|
3526 | 3537 |
if ( !$response ) { |
3527 | 3538 |
|
... | ... | |
3637 | 3648 |
|
3638 | 3649 |
# Check if a session already exists |
3639 | 3650 |
my $session = CGI::Session->load() or die CGI::Session->errstr(); |
3640 |
if ( $session->is_empty ) {
|
|
3651 |
if ( ! validateSession() ) { # tokens won't be involved in login()
|
|
3641 | 3652 |
|
3642 | 3653 |
# no session found ... check if the login is correct |
3643 | 3654 |
my $username = $FORM::username; |
3644 | 3655 |
my $password = $FORM::password; |
3645 | 3656 |
|
3646 | 3657 |
my $metacat = Metacat->new($metacatUrl); |
3647 |
setAuthToken($metacat); |
|
3648 |
my $returnVal = $metacat->login( $username, $password ); |
|
3649 |
debug( |
|
3650 |
"Login was $returnVal for login attempt to $metacatUrl, with $username" |
|
3651 |
); |
|
3658 |
|
|
3659 |
my $returnVal = $metacat->login( $username, $password ); |
|
3660 |
|
|
3661 |
debug("Login was $returnVal for login " . |
|
3662 |
"attempt to $metacatUrl, with $username"); |
|
3663 |
|
|
3652 | 3664 |
if ( $returnVal > 0 ) { |
3653 | 3665 |
|
3654 | 3666 |
# valid username and passwd |
... | ... | |
3781 | 3793 |
my $metacat = Metacat->new($metacatUrl); |
3782 | 3794 |
setAuthToken($metacat); |
3783 | 3795 |
|
3784 |
my ( $username, $password ) = getCredentials(); |
|
3785 |
$metacat->login( $username, $password ); |
|
3796 |
if ( ! hasValidAuthToken() ) { |
|
3797 |
my ( $username, $password ) = getCredentials(); |
|
3798 |
$metacat->login( $username, $password ); |
|
3799 |
|
|
3800 |
} |
|
3786 | 3801 |
|
3787 | 3802 |
my $userInfo = $metacat->getUserInfo($sessionId); |
3788 | 3803 |
|
... | ... | |
3895 | 3910 |
sub getReviewHistoryHTML { |
3896 | 3911 |
my $metacat = Metacat->new($metacatUrl); |
3897 | 3912 |
setAuthToken($metacat); |
3898 |
my ( $username, $password ) = getCredentials(); |
|
3899 |
$metacat->login( $username, $password ); |
|
3913 |
if ( ! hasValidAuthToken() ) { |
|
3914 |
my ( $username, $password ) = getCredentials(); |
|
3915 |
$metacat->login( $username, $password ); |
|
3916 |
|
|
3917 |
} |
|
3918 |
|
|
3900 | 3919 |
my $parser = XML::LibXML->new(); |
3901 | 3920 |
my $docid = $FORM::docid; |
3902 | 3921 |
my ( $x, $y, $z ) = split( /\./, $docid ); |
... | ... | |
3959 | 3978 |
my $userDN = ''; |
3960 | 3979 |
|
3961 | 3980 |
# Log into metacat |
3962 |
my $response = $metacat->login( $modUsername, $modPassword ); |
|
3981 |
my $response = hasValidAuthToken(); |
|
3982 |
if ( ! $response ) { |
|
3983 |
$response = $metacat->login( $modUsername, $modPassword ); |
|
3984 |
|
|
3985 |
} |
|
3963 | 3986 |
my $docid = $FORM::docid; |
3964 | 3987 |
|
3965 | 3988 |
if ( !$response ) { |
... | ... | |
4133 | 4156 |
my $title; |
4134 | 4157 |
|
4135 | 4158 |
# Log into metacat |
4136 |
my $response = $metacat->login( $modUsername, $modPassword ); |
|
4159 |
my $response = hasValidAuthToken(); |
|
4160 |
if ( ! $response ) { |
|
4161 |
$response = $metacat->login( $modUsername, $modPassword ); |
|
4162 |
|
|
4163 |
} |
|
4137 | 4164 |
|
4138 | 4165 |
if ( !$response ) { |
4139 | 4166 |
|
... | ... | |
4272 | 4299 |
my $userDN = ''; |
4273 | 4300 |
|
4274 | 4301 |
# Log into metacat |
4275 |
my $response = $metacat->login( $modUsername, $modPassword ); |
|
4302 |
my $response = hasValidAuthToken(); |
|
4303 |
if ( ! $response ) { |
|
4304 |
$response = $metacat->login( $modUsername, $modPassword ); |
|
4305 |
|
|
4306 |
} |
|
4276 | 4307 |
|
4277 | 4308 |
if ( !$response ) { |
4278 | 4309 |
|
... | ... | |
5477 | 5508 |
sub setAuthToken() { |
5478 | 5509 |
my $metacat = shift; |
5479 | 5510 |
|
5511 |
if ( $debug_enabled ) { |
|
5512 |
debug('setAuthToken() called.'); |
|
5513 |
|
|
5514 |
} |
|
5515 |
|
|
5480 | 5516 |
eval { $metacat->isa('Metacat'); }; |
5481 | 5517 |
|
5482 | 5518 |
if ( ! $@ ) { |
... | ... | |
5484 | 5520 |
if ( $ENV{'HTTP_AUTHORIZATION'}) { |
5485 | 5521 |
$metacat->set_options( |
5486 | 5522 |
auth_token_header => $ENV{'HTTP_AUTHORIZATION'}); |
5523 |
} else { |
|
5524 |
if ( $debug_enabled ) { |
|
5525 |
debug("There is no HTTP_AUTHORIZATION variable. " . |
|
5526 |
"Did not set Metacat->{'auth_token_header'}"); |
|
5527 |
|
|
5528 |
} |
|
5487 | 5529 |
} |
5488 | 5530 |
|
5489 | 5531 |
} else { |
5490 | 5532 |
debug('Not an instance of Metacat.' . |
5491 |
'Pass a Metacat object only to setAuthToken()'); |
|
5533 |
'Pass a Metacat object only to setAuthToken().');
|
|
5492 | 5534 |
} |
5493 | 5535 |
} |
5494 | 5536 |
|
... | ... | |
5499 | 5541 |
# |
5500 | 5542 |
################################################################################ |
5501 | 5543 |
sub getSigningCertificate() { |
5544 |
|
|
5545 |
if ( $debug_enabled ) { |
|
5546 |
debug('getSigningCertificate called.'); |
|
5502 | 5547 |
|
5548 |
} |
|
5549 |
|
|
5503 | 5550 |
open(my $pem_cert_file, ">", $pem_file_path) |
5504 | 5551 |
or die "\nCould not open PEM certificate file: $!\n"; |
5505 | 5552 |
|
... | ... | |
5557 | 5604 |
"-out", $der_file_path, "-outform", "DER"); |
5558 | 5605 |
system(@convert_der_args); |
5559 | 5606 |
|
5607 |
# For debugging, display the cert details |
|
5608 |
if ( $debug_enabled ) { |
|
5609 |
my @cert_info = `openssl x509 -noout -issuer -subject -dates -in $pem_file_path`; |
|
5610 |
debug("Signing certificate info: "); |
|
5611 |
for my $info_line (@cert_info) { |
|
5612 |
debug($info_line); |
|
5613 |
|
|
5614 |
} |
|
5615 |
} |
|
5560 | 5616 |
} |
5561 | 5617 |
|
5562 | 5618 |
################################################################################ |
... | ... | |
5566 | 5622 |
################################################################################ |
5567 | 5623 |
sub getTokenInfo() { |
5568 | 5624 |
# Initialize the token info hash |
5625 |
if ( $debug_enabled ) { |
|
5626 |
debug('getTokenInfo() called.'); |
|
5627 |
} |
|
5628 |
|
|
5569 | 5629 |
my $token_info = { |
5570 | 5630 |
userId => '', |
5571 | 5631 |
issuedAt => '', |
... | ... | |
5583 | 5643 |
if ( $ENV{'HTTP_AUTHORIZATION'} ) { |
5584 | 5644 |
my @token_parts = split(/ /, $ENV{'HTTP_AUTHORIZATION'}); |
5585 | 5645 |
$token = @token_parts[1]; |
5586 |
|
|
5587 | 5646 |
} |
5588 | 5647 |
|
5589 | 5648 |
my $der_cert_file; |
... | ... | |
5596 | 5655 |
} |
5597 | 5656 |
|
5598 | 5657 |
# Read the DER-encoded certificate |
5599 |
open($der_cert_file, "<", $cn . ".der")
|
|
5658 |
open($der_cert_file, "<", $der_file_path)
|
|
5600 | 5659 |
or die "\nCould not open DER certificate file: $!\n"; |
5601 | 5660 |
binmode($der_cert_file); |
5602 | 5661 |
read($der_cert_file, $signing_cert, 4096) |
... | ... | |
5604 | 5663 |
close($der_cert_file); |
5605 | 5664 |
|
5606 | 5665 |
my $cert = Crypt::X509->new(cert=>$signing_cert); |
5607 |
|
|
5666 |
|
|
5608 | 5667 |
# Decode the token using Crypt::JWT |
5609 |
eval{ $token_info = decode_jwt(token=>$token, key=>$cert); };
|
|
5668 |
eval{ $token_info = decode_jwt(token=>$token, key=>$cert) }; |
|
5610 | 5669 |
if ( ! $@ ) { |
5611 | 5670 |
$$token_info{isValid} = 1; |
5671 |
|
|
5672 |
} else { |
|
5673 |
debug($@); |
|
5674 |
|
|
5612 | 5675 |
} |
5613 | 5676 |
|
5614 | 5677 |
return $token_info; |
... | ... | |
5628 | 5691 |
debug('validateSession() called.'); |
5629 | 5692 |
} |
5630 | 5693 |
|
5631 |
my %token_info = getTokenInfo();
|
|
5694 |
my $token_info = getTokenInfo();
|
|
5632 | 5695 |
my $session = CGI::Session->load(); |
5633 | 5696 |
my $valid = 0; |
5634 |
|
|
5635 |
if ( $token_info{'isValid'} ) {
|
|
5697 |
|
|
5698 |
if ( $token_info->{"isValid"} ) {
|
|
5636 | 5699 |
$valid = 1; |
5637 | 5700 |
if ( $debug_enabled ) { |
5638 | 5701 |
debug('The auth token session is valid.'); |
... | ... | |
5654 | 5717 |
} |
5655 | 5718 |
} |
5656 | 5719 |
|
5720 |
if ( $debug_enabled ) { |
|
5721 |
while( my ($k, $v) = each %$token_info ) { |
|
5722 |
debug("$k: $v"); |
|
5723 |
} |
|
5724 |
} |
|
5725 |
|
|
5726 |
|
|
5657 | 5727 |
return $valid; |
5658 | 5728 |
} |
5729 |
|
|
5730 |
################################################################################ |
|
5731 |
# |
|
5732 |
# Determine if the current authentication token is valid |
|
5733 |
# |
|
5734 |
################################################################################ |
|
5735 |
sub hasValidAuthToken() { |
|
5736 |
|
|
5737 |
if ( $debug_enabled ) { |
|
5738 |
debug('hasValidAuthToken() called.'); |
|
5739 |
} |
|
5740 |
|
|
5741 |
my $token_info = getTokenInfo(); |
|
5742 |
|
|
5743 |
if ( $debug_enabled ) { |
|
5744 |
debug("Auth token is valid: $token_info->{'isValid'}"); |
|
5745 |
} |
|
5746 |
|
|
5747 |
return $token_info->{'isValid'}; |
|
5748 |
} |
Also available in: Unified diff
dd the hasValidAuthToken() method to determine if the current token (if any) is valid. Use this and validateSession() within the script to determine if we need to call Metacat->login() or not. Add some minor debugging to work through the code stages using auth tokens.
refs https://github.nceas.ucsb.edu/KNB/arctic-data/issues/42