Fix deserialization of array conf attributes (#2469)
This commit is contained in:
parent
cceb6f767e
commit
122512f01a
|
@ -30,6 +30,7 @@ use constant DEFAULTCONFBACKENDOPTIONS => (
|
|||
dirName => '/usr/local/lemonldap-ng/data/conf',
|
||||
);
|
||||
our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|webID)ExportedVa|exported(?:Heade|Va)|issuerDBGetParamete)r|f(?:indUser(?:Exclud|Search)ingAttribute|acebookExportedVar)|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|macro)s|o(?:idc(?:S(?:ervice(?:DynamicRegistrationEx(?:portedVar|traClaim)s|MetaDataAuthnContext)|torageOptions)|RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar|Macro)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node))|penIdExportedVars)|c(?:as(?:A(?:ppMetaData(?:(?:ExportedVar|Option|Macro)s|Node)|ttributes)|S(?:rvMetaData(?:(?:ExportedVar|Option)s|Node)|torageOptions))|(?:ustom(?:Plugins|Add)Param|heckUserHiddenHeader|ombModule)s)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option|Macro)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars|fExtra)|a(?:(?:daptativeAuthenticationLevelR|ut(?:hChoiceMod|oSigninR))ules|pplicationList)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|v(?:hostOptions|irtualHost)|S(?:MTPTLSOpts|SLVarIf))$/;
|
||||
our $arrayParameters = qr/^mySessionAuthorizedRWKeys$/;
|
||||
our $boolKeys = qr/^(?:s(?:aml(?:IDP(?:MetaDataOptions(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|IsPassiv)e|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Force(?:Authn|UTF8)|StoreSAMLToken|RelayStateURL)|SSODescriptorWantAuthnRequestsSigned)|S(?:P(?:MetaDataOptions(?:(?:CheckS[LS]OMessageSignatur|OneTimeUs)e|EnableIDPInitiatedURL|ForceUTF8)|SSODescriptor(?:WantAssertion|AuthnRequest)sSigned)|erviceUseCertificateInResponse)|DiscoveryProtocol(?:Activation|IsPassive)|CommonDomainCookieActivation|UseQueryStringSpecific|MetadataForceUTF8)|f(?:RemovedUseNotif|OnlyUpgrade)|kip(?:Upgrade|Renew)Confirmation|oap(?:Session|Config)Server|t(?:ayConnecte|orePasswor)d|laveDisplayLogo|howLanguages|slByAjax)|o(?:idc(?:RPMetaDataOptions(?:A(?:llow(?:(?:ClientCredentials|Password)Grant|Offline)|ccessToken(?:Claims|JWT))|Re(?:freshToken|quirePKCE)|LogoutSessionRequired|IDTokenForceClaims|BypassConsent|Public)|ServiceAllow(?:(?:AuthorizationCode|Implicit|Hybrid)Flow|DynamicRegistration)|OPMetaDataOptions(?:(?:CheckJWTSignatur|UseNonc)e|StoreIDToken))|ldNotifFormat)|p(?:ortal(?:Display(?:Re(?:freshMyRights|setPassword|gister)|CertificateResetByMail|GeneratePassword|PasswordPolicy)|ErrorOn(?:ExpiredSession|MailNotFound)|(?:CheckLogin|Statu)s|OpenLinkInNewWindow|ForceAuthn|AntiFrame)|roxyUseSoap)|c(?:o(?:ntextSwitching(?:Allowed2fModifications|StopWithLogout)|mpactConf|rsEnabled)|a(?:ptcha_(?:register|login|mail)_enabled|sSrvMetaDataOptions(?:Gateway|Renew))|heck(?:DevOps(?:Download)?|State|User|XSS)|da)|l(?:dap(?:(?:G(?:roup(?:DecodeSearchedValu|Recursiv)|etUserBeforePasswordChang)|UsePasswordResetAttribut)e|(?:AllowResetExpired|Set)Password|ChangePasswordAsUser|PpolicyControl|ITDS)|oginHistoryEnabled)|no(?:tif(?:ication(?:Server(?:(?:POS|GE)T|DELETE)?|sExplorer)?|y(?:Deleted|Other))|AjaxHook)|i(?:ssuerDB(?:OpenID(?:Connect)?|SAML|CAS|Get)Activation|mpersonationSkipEmptyValues)|to(?:tp2f(?:UserCan(?:Chang|Remov)eKey|DisplayExistingSecret)|kenUseGlobalStorage)|u(?:se(?:RedirectOn(?:Forbidden|Error)|SafeJail)|2fUserCanRemoveKey|pgradeSession)|re(?:st(?:(?:Password|Session|Config|Auth)Server|ExportSecretKeys)|freshSessions)|br(?:uteForceProtection(?:IncrementalTempo)?|owsersDontStorePassword)|d(?:is(?:ablePersistentStorage|playSessionId)|biDynamicHashEnabled)|(?:mai(?:lOnPasswordChang|ntenanc)|vhostMaintenanc)e|g(?:roupsBeforeMacros|lobalLogoutTimer)|a(?:voidAssignment|ctiveTimer)|h(?:ideOldPassword|ttpOnly)|yubikey2fUserCanRemoveKey|krb(?:RemoveDomain|ByJs)|(?:wsdlServ|findUs)er)$/;
|
||||
|
||||
our @sessionTypes = ( 'remoteGlobal', 'global', 'localSession', 'persistent', 'saml', 'oidc', 'cas' );
|
||||
|
@ -57,6 +58,7 @@ our %EXPORT_TAGS = (
|
|||
DEFAULTCONFBACKENDOPTIONS
|
||||
NO
|
||||
$hashParameters
|
||||
$arrayParameters
|
||||
@sessionTypes
|
||||
$boolKeys
|
||||
)
|
||||
|
|
|
@ -109,6 +109,21 @@ sub unserialize {
|
|||
return $self->oldUnserialize($fields);
|
||||
}
|
||||
}
|
||||
elsif ( $k =~ $arrayParameters ) {
|
||||
unless ( utf8::is_utf8($v) ) {
|
||||
$v = encode( 'UTF-8', $v );
|
||||
}
|
||||
$conf->{$k} = (
|
||||
$v =~ /./
|
||||
? eval { from_json( $v, { allow_nonref => 1 } ) }
|
||||
: {}
|
||||
);
|
||||
if ($@) {
|
||||
$Lemonldap::NG::Common::Conf::msg .=
|
||||
"Unable to decode $k, switching to old format.\n";
|
||||
return $self->oldUnserialize($fields);
|
||||
}
|
||||
}
|
||||
else {
|
||||
$conf->{$k} = $v;
|
||||
}
|
||||
|
|
|
@ -32,6 +32,7 @@ my $module = __PACKAGE__;
|
|||
|
||||
my @angularScopeVars;
|
||||
my @bool;
|
||||
my @arrayParam;
|
||||
my @cnodesKeys;
|
||||
my %cnodesRe;
|
||||
my @ignoreKeys;
|
||||
|
@ -295,6 +296,17 @@ $defaultAttr}
|
|||
my $confConstants =
|
||||
"our \$hashParameters = qr/^" . $ra->as_string . "\$/;\n";
|
||||
$ra = Regexp::Assemble->new;
|
||||
foreach (@arrayParam) {
|
||||
$ra->add($_);
|
||||
}
|
||||
|
||||
# Not in Tree.pm
|
||||
foreach (qw(mySessionAuthorizedRWKeys)) {
|
||||
$ra->add($_);
|
||||
}
|
||||
$confConstants .=
|
||||
"our \$arrayParameters = qr/^" . $ra->as_string . "\$/;\n";
|
||||
$ra = Regexp::Assemble->new;
|
||||
foreach (@bool) {
|
||||
$ra->add($_);
|
||||
}
|
||||
|
@ -358,6 +370,7 @@ our %EXPORT_TAGS = (
|
|||
DEFAULTCONFBACKENDOPTIONS
|
||||
NO
|
||||
\$hashParameters
|
||||
\$arrayParameters
|
||||
\@sessionTypes
|
||||
\$boolKeys
|
||||
)
|
||||
|
@ -624,11 +637,11 @@ sub scanTree {
|
|||
else {
|
||||
# Get data type and build tree
|
||||
#
|
||||
# Types : PerlModule bool boolOrExpr catAndAppList file hostname int
|
||||
# keyTextContainer lmAttrOrMacro longtext openidServerList
|
||||
# oidcAttributeContainer pcre rulesContainer samlAssertion
|
||||
# samlAttributeContainer samlService select text trool url
|
||||
# virtualHostContainer word password
|
||||
# Types : PerlModule array bool boolOrExpr catAndAppList file
|
||||
# hostname int keyTextContainer lmAttrOrMacro longtext
|
||||
# openidServerList oidcAttributeContainer pcre rulesContainer
|
||||
# samlAssertion samlAttributeContainer samlService select text
|
||||
# trool url virtualHostContainer word password
|
||||
|
||||
if ( $leaf =~ s/^\*// ) {
|
||||
push @angularScopeVars, [ $leaf, "$path._nodes[$ord]" ];
|
||||
|
@ -700,6 +713,10 @@ sub scanTree {
|
|||
if ( $attr->{type} eq 'bool' ) {
|
||||
push @bool, $leaf;
|
||||
}
|
||||
if ( $attr->{type} eq 'array' ) {
|
||||
die "$leaf";
|
||||
push @arrayParam, $leaf;
|
||||
}
|
||||
}
|
||||
push @$json, $jleaf;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user