dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add manager option for additional audiences (#2177)

Browse Source
This commit is contained in:
Maxime Besson 2020-04-24 10:31:26 +02:00
parent ada6e9f056
commit 00e9e2ec57
15 changed files with 34 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm
View File

@ -27,7 +27,7 @@ our $specialNodeKeys = '(?:(?:(?:saml(?:ID|S)|oidc[OR])P|cas(?:App|Srv))MetaData
our $casAppMetaDataNodeKeys = 'casAppMetaData(?:Options(?:UserAttribut|Servic|Rul)e|(?:ExportedVar|Macro)s)';
our $casSrvMetaDataNodeKeys = 'casSrvMetaData(?:Options(?:ProxiedServices|DisplayName|SortNumber|Gateway|Renew|Icon|Url)|ExportedVars)';
our $oidcOPMetaDataNodeKeys = 'oidcOPMetaData(?:Options(?:C(?:lient(?:Secret|ID)|heckJWTSignature|onfigurationURI)|S(?:toreIDToken|ortNumber|cope)|TokenEndpointAuthMethod|(?:JWKSTimeou|Promp)t|I(?:DTokenMaxAge|con)|U(?:iLocales|seNonce)|Display(?:Name)?|AcrValues|MaxAge)|ExportedVars|J(?:SON|WKS))';
our $oidcRPMetaDataNodeKeys = 'oidcRPMetaData(?:Options(?:A(?:(?:uthorizationCode|ccessToken)Expiration|llow(?:PasswordGrant|Offline))|I(?:DToken(?:ForceClaims|Expiration|SignAlg)|con)|R(?:e(?:directUris|freshToken|quirePKCE)|ule)|Logout(?:SessionRequired|Type|Url)|P(?:ostLogoutRedirectUris|ublic)|OfflineSessionExpiration|Client(?:Secret|ID)|BypassConsent|DisplayName|ExtraClaims|UserIDAttr)|(?:ExportedVar|Macro)s)';
our $oidcRPMetaDataNodeKeys = 'oidcRPMetaData(?:Options(?:A(?:(?:uthorizationCode|ccessToken)Expiration|llow(?:PasswordGrant|Offline)|dditionalAudiences)|I(?:DToken(?:ForceClaims|Expiration|SignAlg)|con)|R(?:e(?:directUris|freshToken|quirePKCE)|ule)|Logout(?:SessionRequired|Type|Url)|P(?:ostLogoutRedirectUris|ublic)|OfflineSessionExpiration|Client(?:Secret|ID)|BypassConsent|DisplayName|ExtraClaims|UserIDAttr)|(?:ExportedVar|Macro)s)';
our $samlIDPMetaDataNodeKeys = 'samlIDPMetaData(?:Options(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|EncryptionMod|UserAttribut|DisplayNam)e|S(?:ignS[LS]OMessage|toreSAMLToken|[LS]OBinding|ortNumber)|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Re(?:questedAuthnContext|solutionRule|layStateURL)|Force(?:Authn|UTF8)|I(?:sPassive|con)|NameIDFormat)|ExportedAttributes|XML)';
our $samlSPMetaDataNodeKeys = 'samlSPMetaData(?:Options(?:N(?:ameID(?:SessionKey|Format)|otOnOrAfterTimeout)|S(?:essionNotOnOrAfterTimeout|ignS[LS]OMessage)|(?:CheckS[LS]OMessageSignatur|OneTimeUs|Rul)e|En(?:ableIDPInitiatedURL|cryptionMode)|ForceUTF8)|(?:ExportedAttribute|Macro)s|XML)';
our $virtualHostKeys = '(?:vhost(?:A(?:uthnLevel|liases)|(?:Maintenanc|Typ)e|ServiceTokenTTL|Https|Port)|(?:exportedHeader|locationRule)s|post)';

3
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
View File

@ -2126,6 +2126,9 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
'oidcRPMetaDataOptionsAccessTokenExpiration' => {
'type' => 'int'
},
'oidcRPMetaDataOptionsAdditionalAudiences' => {
'type' => 'text'
},
'oidcRPMetaDataOptionsAllowOffline' => {
'default' => 0,
'type' => 'bool'

2
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
View File

@ -3958,6 +3958,8 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
oidcRPMetaDataOptionsIDTokenExpiration => { type => 'int' },
oidcRPMetaDataOptionsIDTokenForceClaims =>
{ type => 'bool', default => 0 },
oidcRPMetaDataOptionsAdditionalAudiences =>
{ type => 'text' },
oidcRPMetaDataOptionsAccessTokenExpiration => { type => 'int' },
oidcRPMetaDataOptionsAuthorizationCodeExpiration => { type => 'int' },
oidcRPMetaDataOptionsOfflineSessionExpiration => { type => 'int' },

3
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm
View File

@ -205,9 +205,10 @@ sub cTrees {
title => 'oidcRPMetaDataOptionsAdvanced',
form => 'simpleInputContainer',
nodes => [
'oidcRPMetaDataOptionsUserIDAttr',
'oidcRPMetaDataOptionsBypassConsent',
'oidcRPMetaDataOptionsUserIDAttr',
'oidcRPMetaDataOptionsIDTokenForceClaims',
'oidcRPMetaDataOptionsAdditionalAudiences',
'oidcRPMetaDataOptionsRefreshToken',
]
},

15
lemonldap-ng-manager/site/htdocs/static/js/conftree.js
View File

@ -438,11 +438,6 @@ function templates(tpl,key) {
},
{
"_nodes" : [
{
"get" : tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsUserIDAttr",
"id" : tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsUserIDAttr",
"title" : "oidcRPMetaDataOptionsUserIDAttr"
},
{
"default" : 0,
"get" : tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsBypassConsent",
@ -451,6 +446,11 @@ function templates(tpl,key) {
"title" : "oidcRPMetaDataOptionsBypassConsent",
"type" : "bool"
},
{
"get" : tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsUserIDAttr",
"id" : tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsUserIDAttr",
"title" : "oidcRPMetaDataOptionsUserIDAttr"
},
{
"default" : 0,
"get" : tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenForceClaims",
@ -458,6 +458,11 @@ function templates(tpl,key) {
"title" : "oidcRPMetaDataOptionsIDTokenForceClaims",
"type" : "bool"
},
{
"get" : tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsAdditionalAudiences",
"id" : tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsAdditionalAudiences",
"title" : "oidcRPMetaDataOptionsAdditionalAudiences"
},
{
"default" : 0,
"get" : tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRefreshToken",

2
lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js vendored
View File

File diff suppressed because one or more lines are too long

2
lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js.map
View File

File diff suppressed because one or more lines are too long

7
lemonldap-ng-manager/site/htdocs/static/languages/ar.json
View File

@ -564,9 +564,10 @@
"oidcOPMetaDataJWKS":"بيانات JWKS",
"oidcOPMetaDataNode":" أوبين أيدي كونيكت بروفيدر",
"oidcOPMetaDataOptions":"الخيارات",
"oidcRPMetaDataOptionsBasic":"Basic",
"oidcRPMetaDataOptionsAdvanced":"Advanced",
"oidcRPMetaDataOptionsTimeouts":"Timeouts",
"oidcRPMetaDataOptionsBasic":"Basique",
"oidcRPMetaDataOptionsAdditionalAudiences":"Additional audiences",
"oidcRPMetaDataOptionsAdvanced":"Avancé",
"oidcRPMetaDataOptionsTimeouts":"Expiration",
"oidcRPMetaDataOptionsAllowOffline":"Allow offline access",
"oidcOPMetaDataOptionsCheckJWTSignature":"توقيع",
"oidcOPMetaDataOptionsClientID":"معرف العميل",

1
lemonldap-ng-manager/site/htdocs/static/languages/de.json
View File

@ -565,6 +565,7 @@
"oidcOPMetaDataNode":"OpenID Connect Providers",
"oidcOPMetaDataOptions":"Optionen",
"oidcRPMetaDataOptionsBasic":"Basic",
"oidcRPMetaDataOptionsAdditionalAudiences":"Additional audiences",
"oidcRPMetaDataOptionsAdvanced":"Advanced",
"oidcRPMetaDataOptionsTimeouts":"Timeouts",
"oidcRPMetaDataOptionsAllowOffline":"Allow offline access",

1
lemonldap-ng-manager/site/htdocs/static/languages/en.json
View File

@ -565,6 +565,7 @@
"oidcOPMetaDataNode":"OpenID Connect Providers",
"oidcOPMetaDataOptions":"Options",
"oidcRPMetaDataOptionsBasic":"Basic",
"oidcRPMetaDataOptionsAdditionalAudiences":"Additional audiences",
"oidcRPMetaDataOptionsAdvanced":"Advanced",
"oidcRPMetaDataOptionsTimeouts":"Timeouts",
"oidcRPMetaDataOptionsAllowOffline":"Allow offline access",

7
lemonldap-ng-manager/site/htdocs/static/languages/fr.json
View File

@ -564,9 +564,10 @@
"oidcOPMetaDataJWKS":"Données JWKS",
"oidcOPMetaDataNode":"Fournisseurs OpenID Connect",
"oidcOPMetaDataOptions":"Options",
"oidcRPMetaDataOptionsBasic":"Basic",
"oidcRPMetaDataOptionsAdvanced":"Advanced",
"oidcRPMetaDataOptionsTimeouts":"Timeouts",
"oidcRPMetaDataOptionsBasic":"Basiques",
"oidcRPMetaDataOptionsAdvanced":"Avancées",
"oidcRPMetaDataOptionsAdditionalAudiences":"Audiences supplémentaires",
"oidcRPMetaDataOptionsTimeouts":"Expiration",
"oidcRPMetaDataOptionsAllowOffline":"Autoriser l'accès hors ligne",
"oidcOPMetaDataOptionsCheckJWTSignature":"Vérifier la signature des jetons",
"oidcOPMetaDataOptionsClientID":"Identifiant",

1
lemonldap-ng-manager/site/htdocs/static/languages/it.json
View File

@ -565,6 +565,7 @@
"oidcOPMetaDataNode":"Provider di OpenID Connect",
"oidcOPMetaDataOptions":"Opzioni",
"oidcRPMetaDataOptionsBasic":"Basic",
"oidcRPMetaDataOptionsAdditionalAudiences":"Additional audiences",
"oidcRPMetaDataOptionsAdvanced":"Advanced",
"oidcRPMetaDataOptionsTimeouts":"Timeouts",
"oidcRPMetaDataOptionsAllowOffline":"Allow offline access",

1
lemonldap-ng-manager/site/htdocs/static/languages/tr.json
View File

@ -565,6 +565,7 @@
"oidcOPMetaDataNode":"OpenID Connect Sağlayıcıları",
"oidcOPMetaDataOptions":"Seçenekler",
"oidcRPMetaDataOptionsBasic":"Basic",
"oidcRPMetaDataOptionsAdditionalAudiences":"Additional audiences",
"oidcRPMetaDataOptionsAdvanced":"Advanced",
"oidcRPMetaDataOptionsTimeouts":"Timeouts",
"oidcRPMetaDataOptionsAllowOffline":"Çevrimdışı erişime izin ver",

1
lemonldap-ng-manager/site/htdocs/static/languages/vi.json
View File

@ -565,6 +565,7 @@
"oidcOPMetaDataNode":"Nhà cung cấp Kết nối OpenID",
"oidcOPMetaDataOptions":"Tùy chọn",
"oidcRPMetaDataOptionsBasic":"Basic",
"oidcRPMetaDataOptionsAdditionalAudiences":"Additional audiences",
"oidcRPMetaDataOptionsAdvanced":"Advanced",
"oidcRPMetaDataOptionsTimeouts":"Timeouts",
"oidcRPMetaDataOptionsAllowOffline":"Allow offline access",

1
lemonldap-ng-manager/site/htdocs/static/languages/zh.json
View File

@ -565,6 +565,7 @@
"oidcOPMetaDataNode":"OpenID Connect Providers",
"oidcOPMetaDataOptions":"Options",
"oidcRPMetaDataOptionsBasic":"Basic",
"oidcRPMetaDataOptionsAdditionalAudiences":"Additional audiences",
"oidcRPMetaDataOptionsAdvanced":"Advanced",
"oidcRPMetaDataOptionsTimeouts":"Timeouts",
"oidcRPMetaDataOptionsAllowOffline":"Allow offline access",