Prepare test to verify that SAML conf is not lost (#1311)

Makefile

@@ -398,6 +398,7 @@ prepare_test_server:
 	@perl -i -pe 's/example\.com/example.com:19876/g' e2e-tests/conf/site/index.pl
 	@cp -f $(SRCMANAGERDIR)/site/htdocs/manager* e2e-tests/conf/manager
 	@cp -f $(SRCPORTALDIR)/site/htdocs/index* e2e-tests/conf/portal
+	@cp e2e-tests/saml-sp.xml e2e-tests/conf/site/saml-sp.xml
 	@for f in $$(find e2e-tests/conf -name '*.fcgi'); do \
 		perl -i -pe 'if($$.==2){print "BEGIN{\n"; print qq(use lib q('`pwd`'/lemonldap-ng-$$_/blib/lib);\n) foreach qw(common handler portal manager); print "}\n"; }' $$f; \
 	done

e2e-tests/lmConf-1.json

@@ -140,6 +140,7 @@
       "^/logout": "logout_sso",
       "^/index.pl\\?logout_app$": "logout_app http://test1.example.com:__port__/index.pl?foo=1",
       "^/index.pl\\?logout_all$": "logout_app_sso http://lemonldap-ng.org/welcome/",
+      "^/saml": "unprotect",
       "default": "accept"
     },
     "test2.example.com": {

e2e-tests/manager/10-saml-config.js

@@ -39,6 +39,18 @@ describe('Lemonldap::NG Manager', function() {
       element(by.id('t-samlOrganizationName')).click();
       element(by.id('textinput')).clear().sendKeys('Org1');
     });
+    it('should accept new SP', function() {
+      element(by.id('t-samlSPMetaDataNodes')).click();
+      element(by.css('.glyphicon-plus-sign')).click();
+      element(by.id('promptinput')).clear();
+      element(by.id('promptinput')).sendKeys('mysp');
+      element(by.id('promptok')).click();
+      element(by.id('a-samlSPMetaDataNodes/new__mysp')).click();
+      element(by.id('t-samlSPMetaDataNodes/new__mysp/samlSPMetaDataXML')).click();
+      element(by.id('urlinput')).sendKeys('http://test1.example.com:' + process.env.TESTWEBSERVERPORT + '/saml-sp.xml');
+      element(by.id('urlload')).click();
+      browser.sleep(500);
+    });
     it('should save new configuration', function() {
       element(by.id('save')).click();
       element(by.id('longtextinput')).sendKeys('Activate SAML');
@@ -47,4 +59,4 @@ describe('Lemonldap::NG Manager', function() {
       expect(element(by.id('cfgnum')).getText()).toEqual('4');
     });
   });
-});
+});

e2e-tests/saml-sp.xml

@@ -0,0 +1,172 @@
+<?xml version="1.0"?>
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
+xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+entityID="http://auth.test.com/saml/metadata">
+  <IDPSSODescriptor WantAuthnRequestsSigned="true"
+  protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+    <KeyDescriptor use="signing">
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:KeyValue>
+          <RSAKeyValue xmlns="http://www.w3.org/2000/09/xmldsig#">
+            <Modulus>
+            u4iToYAEmWQxgZDihGVzMMql1elPn37domWcvXeU2E4yt2hh5jkQHiFjgodfOlNeRIw5QJVlUBwr
+            +CQvbaKRFXd7BrOhQIDC0TZPRVB0XHarUtsCuDekN4/2GKSzHsoToKUVPWq9thsuek3xkpsJGZNX
+            7bglfEc9+QQpYTqN1rkdN1PVU0epNMokFFGho5pLRqLUV5+I/QXAL49jfTjaSxsp4UndTI8/+mGS
+            RSq+nrT2zyQRM/vkj5vR9ZVz67HO/+Wk3Mx6RAwkVcMdgMAqCq8odmbI0yCRZiTL9ybKWRKqWJoK
+            J0p5+Q2fPEBPupQZR09Jt/JPuLVSsGfCxi9Nqw==</Modulus>
+            <Exponent>AQAB</Exponent>
+          </RSAKeyValue>
+        </ds:KeyValue>
+      </ds:KeyInfo>
+    </KeyDescriptor>
+    <KeyDescriptor use="encryption">
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:KeyValue>
+          <RSAKeyValue xmlns="http://www.w3.org/2000/09/xmldsig#">
+            <Modulus>
+            sRaod2RZ8hMFBl+VhsnhyPM8l/Fj1obnBxfQIaWuHFIFfXiGe/CYHuZ5QJQLnZxHMJX6LL3Sh+Us
+            og3p0jpijpcg0QgfBSEkfopKTgReYN8DiDIll0rV1XdTni7E85Nd1YyNy3ui/ZD+UShWwqu6jLVL
+            R+QUm+/1LIKYb3OCBTvOlY7xHoP6NSU1+Mr+YzGBUacdO2vnNxe/PQhxIeP1zO0njuqGHkwEpy8r
+            UWRZbbDn31TmKjqlhgtsz5HPhbRaYEExhyepKgBiNz+RyxtYXVhuG8OrWQDoS5gYHSjdw1CTJyix
+            eJwyoqA9RGYguG5nh9zndi3LWAh7Z0lx+tIz+w==</Modulus>
+            <Exponent>AQAB</Exponent>
+          </RSAKeyValue>
+        </ds:KeyValue>
+      </ds:KeyInfo>
+    </KeyDescriptor>
+    <ArtifactResolutionService isDefault="true" index="0"
+     Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+     Location="http://auth.test.com/saml/artifact" />
+    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:POST"
+     Location="http://auth.test.com/saml/singleLogout"
+    ResponseLocation="http://auth.test.com/saml/singleLogoutReturn" />
+    <NameIDFormat>
+    urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+    <NameIDFormat>
+    urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName</NameIDFormat>
+    <NameIDFormat>
+    urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName</NameIDFormat>
+    <NameIDFormat>
+    urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos</NameIDFormat>
+    <NameIDFormat>
+    urn:oasis:names:tc:SAML:2.0:nameid-format:entity</NameIDFormat>
+    <NameIDFormat>
+    urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+    <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:POST"
+     Location="http://auth.test.com/saml/singleSignOn" />
+  </IDPSSODescriptor>
+  <SPSSODescriptor AuthnRequestsSigned="true"
+  WantAssertionsSigned="true"
+  protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+
+    <KeyDescriptor use="signing">
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:KeyValue>
+          <RSAKeyValue xmlns="http://www.w3.org/2000/09/xmldsig#">
+            <Modulus>
+            u4iToYAEmWQxgZDihGVzMMql1elPn37domWcvXeU2E4yt2hh5jkQHiFjgodfOlNeRIw5QJVlUBwr
+            +CQvbaKRFXd7BrOhQIDC0TZPRVB0XHarUtsCuDekN4/2GKSzHsoToKUVPWq9thsuek3xkpsJGZNX
+            7bglfEc9+QQpYTqN1rkdN1PVU0epNMokFFGho5pLRqLUV5+I/QXAL49jfTjaSxsp4UndTI8/+mGS
+            RSq+nrT2zyQRM/vkj5vR9ZVz67HO/+Wk3Mx6RAwkVcMdgMAqCq8odmbI0yCRZiTL9ybKWRKqWJoK
+            J0p5+Q2fPEBPupQZR09Jt/JPuLVSsGfCxi9Nqw==</Modulus>
+            <Exponent>AQAB</Exponent>
+          </RSAKeyValue>
+        </ds:KeyValue>
+      </ds:KeyInfo>
+    </KeyDescriptor>
+    <KeyDescriptor use="encryption">
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:KeyValue>
+          <RSAKeyValue xmlns="http://www.w3.org/2000/09/xmldsig#">
+            <Modulus>
+            sRaod2RZ8hMFBl+VhsnhyPM8l/Fj1obnBxfQIaWuHFIFfXiGe/CYHuZ5QJQLnZxHMJX6LL3Sh+Us
+            og3p0jpijpcg0QgfBSEkfopKTgReYN8DiDIll0rV1XdTni7E85Nd1YyNy3ui/ZD+UShWwqu6jLVL
+            R+QUm+/1LIKYb3OCBTvOlY7xHoP6NSU1+Mr+YzGBUacdO2vnNxe/PQhxIeP1zO0njuqGHkwEpy8r
+            UWRZbbDn31TmKjqlhgtsz5HPhbRaYEExhyepKgBiNz+RyxtYXVhuG8OrWQDoS5gYHSjdw1CTJyix
+            eJwyoqA9RGYguG5nh9zndi3LWAh7Z0lx+tIz+w==</Modulus>
+            <Exponent>AQAB</Exponent>
+          </RSAKeyValue>
+        </ds:KeyValue>
+      </ds:KeyInfo>
+    </KeyDescriptor>
+    <ArtifactResolutionService isDefault="true" index="0"
+     Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+     Location="http://auth.test.com/saml/artifact" />
+    <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:POST"
+     Location="http://auth.test.com/saml/proxySingleLogout"
+    ResponseLocation="http://auth.test.com/saml/proxySingleLogoutReturn" />
+    <NameIDFormat>
+    urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+    <NameIDFormat>
+    urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName</NameIDFormat>
+    <NameIDFormat>
+    urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName</NameIDFormat>
+    <NameIDFormat>
+    urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos</NameIDFormat>
+    <NameIDFormat>
+    urn:oasis:names:tc:SAML:2.0:nameid-format:entity</NameIDFormat>
+    <NameIDFormat>
+    urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+    <AssertionConsumerService isDefault="true" index="0"
+     Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+     Location="http://auth.test.com/saml/proxySingleSignOnPost" />
+    <AssertionConsumerService isDefault="false" index="1"
+     Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
+     Location="http://auth.test.com/saml/proxySingleSignOnArtifact" />
+  </SPSSODescriptor>
+  <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+
+    <KeyDescriptor use="signing">
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:KeyValue>
+          <RSAKeyValue xmlns="http://www.w3.org/2000/09/xmldsig#">
+            <Modulus>
+            u4iToYAEmWQxgZDihGVzMMql1elPn37domWcvXeU2E4yt2hh5jkQHiFjgodfOlNeRIw5QJVlUBwr
+            +CQvbaKRFXd7BrOhQIDC0TZPRVB0XHarUtsCuDekN4/2GKSzHsoToKUVPWq9thsuek3xkpsJGZNX
+            7bglfEc9+QQpYTqN1rkdN1PVU0epNMokFFGho5pLRqLUV5+I/QXAL49jfTjaSxsp4UndTI8/+mGS
+            RSq+nrT2zyQRM/vkj5vR9ZVz67HO/+Wk3Mx6RAwkVcMdgMAqCq8odmbI0yCRZiTL9ybKWRKqWJoK
+            J0p5+Q2fPEBPupQZR09Jt/JPuLVSsGfCxi9Nqw==</Modulus>
+            <Exponent>AQAB</Exponent>
+          </RSAKeyValue>
+        </ds:KeyValue>
+      </ds:KeyInfo>
+    </KeyDescriptor>
+    <KeyDescriptor use="encryption">
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:KeyValue>
+          <RSAKeyValue xmlns="http://www.w3.org/2000/09/xmldsig#">
+            <Modulus>
+            sRaod2RZ8hMFBl+VhsnhyPM8l/Fj1obnBxfQIaWuHFIFfXiGe/CYHuZ5QJQLnZxHMJX6LL3Sh+Us
+            og3p0jpijpcg0QgfBSEkfopKTgReYN8DiDIll0rV1XdTni7E85Nd1YyNy3ui/ZD+UShWwqu6jLVL
+            R+QUm+/1LIKYb3OCBTvOlY7xHoP6NSU1+Mr+YzGBUacdO2vnNxe/PQhxIeP1zO0njuqGHkwEpy8r
+            UWRZbbDn31TmKjqlhgtsz5HPhbRaYEExhyepKgBiNz+RyxtYXVhuG8OrWQDoS5gYHSjdw1CTJyix
+            eJwyoqA9RGYguG5nh9zndi3LWAh7Z0lx+tIz+w==</Modulus>
+            <Exponent>AQAB</Exponent>
+          </RSAKeyValue>
+        </ds:KeyValue>
+      </ds:KeyInfo>
+    </KeyDescriptor>
+    <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+     Location="http://auth.test.com/saml/AA/SOAP" />
+    <NameIDFormat>
+    urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+    <NameIDFormat>
+    urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName</NameIDFormat>
+    <NameIDFormat>
+    urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName</NameIDFormat>
+    <NameIDFormat>
+    urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos</NameIDFormat>
+    <NameIDFormat>
+    urn:oasis:names:tc:SAML:2.0:nameid-format:entity</NameIDFormat>
+    <NameIDFormat>
+    urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+  </AttributeAuthorityDescriptor>
+  <Organization>
+    <OrganizationName xml:lang="en">TEST</OrganizationName>
+    <OrganizationDisplayName xml:lang="en">
+    TEST</OrganizationDisplayName>
+    <OrganizationURL xml:lang="en">
+    http://www.test.com</OrganizationURL>
+  </Organization>
+</EntityDescriptor>

lemonldap-ng-manager/site/htdocs/static/forms/file.html

@@ -15,7 +15,7 @@
       <label for="urlinput" id="lfu"><span trspan="loadFromUrl"></span> :</label>
       <span class="input-group">
         <input id="urlinput" aria-describedby="lfu" class="form-control" ng-model="url" />
-        <span class="input-group-addon link" trspan="load" ng-click="replaceContentByUrl(currentNode,url)"></span>
+        <span id="urlload" class="input-group-addon link" trspan="load" ng-click="replaceContentByUrl(currentNode,url)"></span>
       </span>
     </div>
   </div>