Merge remote-tracking branch 'arosier/idpsort' into v2.0

lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm

@@ -26,9 +26,9 @@ our $simpleHashKeys = '(?:(?:l(?:o(?:calSessionStorageOption|goutService)|dapExp
 our $specialNodeKeys = '(?:(?:(?:saml(?:ID|S)|oidc[OR])P|cas(?:App|Srv))MetaDataNode|virtualHost)s';
 our $casAppMetaDataNodeKeys = 'casAppMetaData(?:Options(?:Servic|Rul)e|ExportedVars)';
 our $casSrvMetaDataNodeKeys = 'casSrvMetaData(?:Options(?:ProxiedServices|DisplayName|Gateway|Renew|Icon|Url)|ExportedVars)';
-our $oidcOPMetaDataNodeKeys = 'oidcOPMetaData(?:Options(?:C(?:lient(?:Secret|ID)|heckJWTSignature|onfigurationURI)|TokenEndpointAuthMethod|(?:JWKSTimeou|Promp)t|I(?:DTokenMaxAge|con)|S(?:toreIDToken|cope)|U(?:iLocales|seNonce)|Display(?:Name)?|AcrValues|MaxAge)|ExportedVars|J(?:SON|WKS))';
+our $oidcOPMetaDataNodeKeys = 'oidcOPMetaData(?:Options(?:C(?:lient(?:Secret|ID)|heckJWTSignature|onfigurationURI)|S(?:toreIDToken|ortNumber|cope)|TokenEndpointAuthMethod|(?:JWKSTimeou|Promp)t|I(?:DTokenMaxAge|con)|U(?:iLocales|seNonce)|Display(?:Name)?|AcrValues|MaxAge)|ExportedVars|J(?:SON|WKS))';
 our $oidcRPMetaDataNodeKeys = 'oidcRPMetaData(?:Options(?:(?:PostLogoutRedirectUri|ExtraClaim)s|I(?:DToken(?:Expiration|SignAlg)|con)|Logout(?:SessionRequired|Type|Url)|AccessTokenExpiration|R(?:edirectUris|ule)|Client(?:Secret|ID)|BypassConsent|DisplayName|UserIDAttr)|ExportedVars)';
-our $samlIDPMetaDataNodeKeys = 'samlIDPMetaData(?:Options(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|EncryptionMod|UserAttribut|DisplayNam)e|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Re(?:questedAuthnContext|solutionRule|layStateURL)|S(?:ignS[LS]OMessage|toreSAMLToken|[LS]OBinding)|Force(?:Authn|UTF8)|I(?:sPassive|con)|NameIDFormat)|ExportedAttributes|XML)';
+our $samlIDPMetaDataNodeKeys = 'samlIDPMetaData(?:Options(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|EncryptionMod|UserAttribut|DisplayNam)e|S(?:ignS[LS]OMessage|toreSAMLToken|[LS]OBinding|ortNumber)|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Re(?:questedAuthnContext|solutionRule|layStateURL)|Force(?:Authn|UTF8)|I(?:sPassive|con)|NameIDFormat)|ExportedAttributes|XML)';
 our $samlSPMetaDataNodeKeys = 'samlSPMetaData(?:Options(?:N(?:ameID(?:SessionKey|Format)|otOnOrAfterTimeout)|S(?:essionNotOnOrAfterTimeout|ignS[LS]OMessage)|(?:CheckS[LS]OMessageSignatur|OneTimeUs|Rul)e|En(?:ableIDPInitiatedURL|cryptionMode)|ForceUTF8)|ExportedAttributes|XML)';
 our $virtualHostKeys = '(?:vhost(?:A(?:uthnLevel|liases)|(?:Maintenanc|Typ)e|Https|Port)|(?:exportedHeader|locationRule)s|post)';
 

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm

@@ -1866,6 +1866,9 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
             'default' => 'openid profile',
             'type'    => 'text'
         },
+        'oidcOPMetaDataOptionsSortNumber' => {
+            'type' => 'int'
+        },
         'oidcOPMetaDataOptionsStoreIDToken' => {
             'default' => 0,
             'type'    => 'bool'
@@ -2796,6 +2799,9 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
             ],
             'type' => 'select'
         },
+        'samlIDPMetaDataOptionsSortNumber' => {
+            'type' => 'int'
+        },
         'samlIDPMetaDataOptionsSSOBinding' => {
             'default' => '',
             'select'  => [ {

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm

@@ -2298,6 +2298,7 @@ sub attributes {
         samlIDPMetaDataOptionsUserAttribute => { type => 'text', },
         samlIDPMetaDataOptionsDisplayName   => { type => 'text', },
         samlIDPMetaDataOptionsIcon          => { type => 'text', },
+        samlIDPMetaDataOptionsSortNumber    => { type => 'int', },
 
         # SP keys
         samlSPMetaDataExportedAttributes => {
@@ -3342,6 +3343,7 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
         oidcOPMetaDataOptionsDisplayName  => { type => 'text', },
         oidcOPMetaDataOptionsIcon         => { type => 'text', },
         oidcOPMetaDataOptionsStoreIDToken => { type => 'bool', default => 0 },
+        oidcOPMetaDataOptionsSortNumber   => { type => 'int', },
 
         oidcRPMetaDataOptionsRule => {
             type          => 'text',

lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm

@@ -94,7 +94,8 @@ sub cTrees {
                 form  => 'simpleInputContainer',
                 nodes => [
                     "samlIDPMetaDataOptionsDisplayName",
-                    "samlIDPMetaDataOptionsIcon"
+                    "samlIDPMetaDataOptionsIcon",
+                    "samlIDPMetaDataOptionsSortNumber"
                 ]
             }
         ],
@@ -178,7 +179,8 @@ sub cTrees {
                 form  => 'simpleInputContainer',
                 nodes => [
                     'oidcOPMetaDataOptionsDisplayName',
-                    'oidcOPMetaDataOptionsIcon'
+                    'oidcOPMetaDataOptionsIcon',
+                    'oidcOPMetaDataOptionsSortNumber'
                 ]
             },
         ],

lemonldap-ng-manager/site/htdocs/static/js/conftree.js

@@ -336,6 +336,12 @@ function templates(tpl,key) {
             "get" : tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIcon",
             "id" : tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIcon",
             "title" : "oidcOPMetaDataOptionsIcon"
+         },
+         {
+            "get" : tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsSortNumber",
+            "id" : tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsSortNumber",
+            "title" : "oidcOPMetaDataOptionsSortNumber",
+            "type" : "int"
          }
       ],
       "id" : "oidcOPMetaDataOptionsDisplayParams",
@@ -859,6 +865,12 @@ function templates(tpl,key) {
             "get" : tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIcon",
             "id" : tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIcon",
             "title" : "samlIDPMetaDataOptionsIcon"
+         },
+         {
+            "get" : tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSortNumber",
+            "id" : tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSortNumber",
+            "title" : "samlIDPMetaDataOptionsSortNumber",
+            "type" : "int"
          }
       ],
       "id" : "samlIDPMetaDataOptionsDisplay",

lemonldap-ng-manager/site/htdocs/static/languages/ar.json

@@ -499,6 +499,7 @@
 "oidcOPMetaDataOptionsDisplayName":"عرض الاسم",
 "oidcOPMetaDataOptionsDisplayParams":"عرض",
 "oidcOPMetaDataOptionsIcon":"شعار",
+"oidcOPMetaDataOptionsSortNumber":"Order",
 "oidcOPMetaDataOptionsJWKSTimeout":"مهلة بيانات JWKS",
 "oidcRPMetaDataOptionsLogoutSessionRequired":"جلسة مطلوب",
 "oidcRPMetaDataOptionsLogoutType":"نوع",
@@ -894,6 +895,7 @@
 "samlIDPMetaDataOptionsDisplayParams":"عرض",
 "samlIDPMetaDataOptionsIcon":"Logo",
 "samlIDPMetaDataOptionsSecurity":"الحماية",
+"samlIDPMetaDataOptionsSortNumber":"Order",
 "samlIDPMetaDataOptionsStoreSAMLToken":"حفظ SAML توكن",
 "samlIDPMetaDataOptionsRelayStateURL":"السماح بعنوان اليو آر إل ك RelayState",
 "samlIDPMetaDataOptionsUserAttribute":"Attribute containing user identifier",

lemonldap-ng-manager/site/htdocs/static/languages/de.json

@@ -499,6 +499,7 @@
 "oidcOPMetaDataOptionsDisplayName":"Display name",
 "oidcOPMetaDataOptionsDisplayParams":"Display",
 "oidcOPMetaDataOptionsIcon":"Logo",
+"oidcOPMetaDataOptionsSortNumber":"Order",
 "oidcOPMetaDataOptionsJWKSTimeout":"JWKS data timeout",
 "oidcRPMetaDataOptionsLogoutSessionRequired":"Session required",
 "oidcRPMetaDataOptionsLogoutType":"Type",
@@ -894,6 +895,7 @@
 "samlIDPMetaDataOptionsDisplayParams":"Display",
 "samlIDPMetaDataOptionsIcon":"Logo",
 "samlIDPMetaDataOptionsSecurity":"Security",
+"samlIDPMetaDataOptionsSortNumber":"Order",
 "samlIDPMetaDataOptionsStoreSAMLToken":"Store SAML Token",
 "samlIDPMetaDataOptionsRelayStateURL":"Allow URL as RelayState",
 "samlIDPMetaDataOptionsUserAttribute":"Attribute containing user identifier",

lemonldap-ng-manager/site/htdocs/static/languages/en.json

@@ -499,6 +499,7 @@
 "oidcOPMetaDataOptionsDisplayName":"Display name",
 "oidcOPMetaDataOptionsDisplayParams":"Display",
 "oidcOPMetaDataOptionsIcon":"Logo",
+"oidcOPMetaDataOptionsSortNumber":"Order",
 "oidcOPMetaDataOptionsJWKSTimeout":"JWKS data timeout",
 "oidcRPMetaDataOptionsLogoutSessionRequired":"Session required",
 "oidcRPMetaDataOptionsLogoutType":"Type",
@@ -894,6 +895,7 @@
 "samlIDPMetaDataOptionsDisplayParams":"Display",
 "samlIDPMetaDataOptionsIcon":"Logo",
 "samlIDPMetaDataOptionsSecurity":"Security",
+"samlIDPMetaDataOptionsSortNumber":"Order",
 "samlIDPMetaDataOptionsStoreSAMLToken":"Store SAML Token",
 "samlIDPMetaDataOptionsRelayStateURL":"Allow URL as RelayState",
 "samlIDPMetaDataOptionsUserAttribute":"Attribute containing user identifier",

lemonldap-ng-manager/site/htdocs/static/languages/fr.json

@@ -499,6 +499,7 @@
 "oidcOPMetaDataOptionsDisplayName":"Nom d'affichage",
 "oidcOPMetaDataOptionsDisplayParams":"Affichage",
 "oidcOPMetaDataOptionsIcon":"Logo",
+"oidcOPMetaDataOptionsSortNumber":"Ordre",
 "oidcOPMetaDataOptionsJWKSTimeout":"Durée de vie des données JWKS",
 "oidcRPMetaDataOptionsLogoutSessionRequired":"Session requise",
 "oidcRPMetaDataOptionsLogoutType":"Type",
@@ -894,6 +895,7 @@
 "samlIDPMetaDataOptionsDisplayParams":"Affichage",
 "samlIDPMetaDataOptionsIcon":"Logo",
 "samlIDPMetaDataOptionsSecurity":"Sécurité",
+"samlIDPMetaDataOptionsSortNumber":"Ordre",
 "samlIDPMetaDataOptionsStoreSAMLToken":"Conserver le jeton SAML",
 "samlIDPMetaDataOptionsRelayStateURL":"Pemettre une URL dans le RelayState",
 "samlIDPMetaDataOptionsUserAttribute":"Attribut contenant l'identité de l'utilisateur",

lemonldap-ng-manager/site/htdocs/static/languages/it.json

@@ -499,6 +499,7 @@
 "oidcOPMetaDataOptionsDisplayName":"Visualizza nome",
 "oidcOPMetaDataOptionsDisplayParams":"Visualizza",
 "oidcOPMetaDataOptionsIcon":"Logo",
+"oidcOPMetaDataOptionsSortNumber":"Order",
 "oidcOPMetaDataOptionsJWKSTimeout":"Timeout dei dati di JWKS",
 "oidcRPMetaDataOptionsLogoutSessionRequired":"Sessione necessaria",
 "oidcRPMetaDataOptionsLogoutType":"Tipo",
@@ -894,6 +895,7 @@
 "samlIDPMetaDataOptionsDisplayParams":"Display",
 "samlIDPMetaDataOptionsIcon":"Logo",
 "samlIDPMetaDataOptionsSecurity":"Sicurezza",
+"samlIDPMetaDataOptionsSortNumber":"Order",
 "samlIDPMetaDataOptionsStoreSAMLToken":"Store SAML Token",
 "samlIDPMetaDataOptionsRelayStateURL":"Consenti l'URL come RelayState",
 "samlIDPMetaDataOptionsUserAttribute":"Attributo che contiene l'identificatore dell'utente",

lemonldap-ng-manager/site/htdocs/static/languages/vi.json

@@ -499,6 +499,7 @@
 "oidcOPMetaDataOptionsDisplayName":"Tên hiển thị",
 "oidcOPMetaDataOptionsDisplayParams":"Hiển thị",
 "oidcOPMetaDataOptionsIcon":"Logo",
+"oidcOPMetaDataOptionsSortNumber":"Order",
 "oidcOPMetaDataOptionsJWKSTimeout":"Thời gian chờ của dữ liệu JWKS",
 "oidcRPMetaDataOptionsLogoutSessionRequired":"Phiên yêu cầu",
 "oidcRPMetaDataOptionsLogoutType":"Loại",
@@ -894,6 +895,7 @@
 "samlIDPMetaDataOptionsDisplayParams":"Display",
 "samlIDPMetaDataOptionsIcon":"Logo",
 "samlIDPMetaDataOptionsSecurity":"Bảo mật",
+"samlIDPMetaDataOptionsSortNumber":"Order",
 "samlIDPMetaDataOptionsStoreSAMLToken":"Lưu trữ token SAML",
 "samlIDPMetaDataOptionsRelayStateURL":"Cho phép URL như RelayState",
 "samlIDPMetaDataOptionsUserAttribute":"Attribute containing user identifier",

lemonldap-ng-manager/site/htdocs/static/languages/zh.json

@@ -499,6 +499,7 @@
 "oidcOPMetaDataOptionsDisplayName":"Display name",
 "oidcOPMetaDataOptionsDisplayParams":"Display",
 "oidcOPMetaDataOptionsIcon":"Logo",
+"oidcOPMetaDataOptionsSortNumber":"Order",
 "oidcOPMetaDataOptionsJWKSTimeout":"JWKS data timeout",
 "oidcRPMetaDataOptionsLogoutSessionRequired":"Session required",
 "oidcRPMetaDataOptionsLogoutType":"Type",
@@ -894,6 +895,7 @@
 "samlIDPMetaDataOptionsDisplayParams":"Display",
 "samlIDPMetaDataOptionsIcon":"Logo",
 "samlIDPMetaDataOptionsSecurity":"Security",
+"samlIDPMetaDataOptionsSortNumber":"Order",
 "samlIDPMetaDataOptionsStoreSAMLToken":"Store SAML Token",
 "samlIDPMetaDataOptionsRelayStateURL":"Allow URL as RelayState",
 "samlIDPMetaDataOptionsUserAttribute":"Attribute containing user identifier",

lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm

@@ -16,7 +16,7 @@ extends 'Lemonldap::NG::Portal::Main::Auth',
 
 # INTERFACE
 
-has opList => ( is => 'rw', default => sub { [] } );
+has opList   => ( is => 'rw', default => sub { [] } );
 has opNumber => ( is => 'rw', default => 0 );
 has path     => ( is => 'rw', default => 'oauth2' );
 
@@ -45,6 +45,8 @@ sub init {
           ->{oidcOPMetaDataOptionsDisplayName};
         my $icon = $self->conf->{oidcOPMetaDataOptions}->{$_}
           ->{oidcOPMetaDataOptionsIcon};
+        my $order = $self->conf->{oidcOPMetaDataOptions}->{$_}
+          ->{oidcOPMetaDataOptionsSortNumber};
         my $img_src;
 
         if ($icon) {
@@ -60,6 +62,7 @@ sub init {
             name  => $name,
             icon  => $img_src,
             class => "openidconnect",
+            order => $order
           };
     }
     $self->addRouteFromConf(
@@ -73,7 +76,11 @@ sub init {
         oidcServiceMetaDataBackChannelURI  => 'backLogout',
     );
     @list =
-      sort { $a->{name} cmp $b->{name} or $a->{val} cmp $b->{val} } @list;
+      sort {
+             $a->{order} <=> $b->{order}
+          or $a->{name} cmp $b->{name}
+          or $a->{val} cmp $b->{val}
+      } @list;
     $self->opList( [@list] );
     return 1;
 }

lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm

@@ -897,7 +897,7 @@ sub extractFormInfo {
             $req->pdata->{_url} = encode_base64( $req->urldc, '' );
         }
         my $disco_url = $self->conf->{samlDiscoveryProtocolURL};
-        my $portal = $self->conf->{portal};
+        my $portal    = $self->conf->{portal};
         $disco_url .= ( $disco_url =~ /\?/ ? '&' : '?' )
           . build_urlencoded(
             entityID      => $self->getMetaDataURL( 'samlEntityID', 0, 1 ),
@@ -945,6 +945,7 @@ sub extractFormInfo {
             $idpName = $self->{idpList}->{$_}->{displayName}
               if $self->{idpList}->{$_}->{displayName};
             my $icon    = $self->{idpList}->{$_}->{icon};
+            my $order   = $self->{idpList}->{$_}->{order};
             my $img_src = '';
 
             if ($icon) {
@@ -955,16 +956,22 @@ sub extractFormInfo {
             }
             $self->logger->debug( "IDP "
                   . $self->{idpList}->{$_}->{name}
-                  . " -> DisplayName : $idpName with Icon : $img_src" );
+                  . " -> DisplayName : $idpName with Icon : $img_src at order : $order"
+            );
             push @list,
               {
-                val  => $_,
-                name => $idpName,
-                icon => $img_src,
+                val   => $_,
+                name  => $idpName,
+                icon  => $img_src,
+                order => $order,
               };
         }
         @list =
-          sort { $a->{name} cmp $b->{name} or $a->{val} cmp $b->{val} } @list;
+          sort {
+                 $a->{order} <=> $b->{order}
+              or $a->{name} cmp $b->{name}
+              or $a->{val} cmp $b->{val}
+          } @list;
         $req->data->{list}            = \@list;
         $req->data->{confirmRemember} = 1;
 

lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm

@@ -186,7 +186,7 @@ sub loadService {
 
     # Create Lasso server with service metadata
     my $server = $self->createServer(
-        $service_metadata->serviceToXML( $self->conf, ''),
+        $service_metadata->serviceToXML( $self->conf, '' ),
         $self->conf->{samlServicePrivateKeySig},
         $self->conf->{samlServicePrivateKeySigPwd},
 
@@ -295,6 +295,9 @@ sub loadIDPs {
         $self->idpList->{$entityID}->{icon} =
           $self->conf->{samlIDPMetaDataOptions}->{$_}
           ->{samlIDPMetaDataOptionsIcon};
+        $self->idpList->{$entityID}->{order} =
+          $self->conf->{samlIDPMetaDataOptions}->{$_}
+          ->{samlIDPMetaDataOptionsSortNumber};
 
         # Set rule
         my $cond = $self->conf->{samlIDPMetaDataOptions}->{$_}