dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Typo (Thx Soisik ;-)

Browse Source
This commit is contained in:
Christophe Maudoux 2020-01-10 21:29:11 +01:00
parent a310438a87
commit 2481a1922c
6 changed files with 221 additions and 321 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lemonldap-ng-manager/MANIFEST
View File

@ -224,7 +224,7 @@ t/03-HTML-forms.t
t/04-2F-api.t
t/04-providers-api.t
t/05-rest-api.t
t/06-rest-api.t
t/06-rest-api-RSA.t
t/07-utf8.t
t/10-save-unchanged-conf.t
t/11-save-appCat-changed-conf.t

18
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/2F.pm
View File

@ -1,5 +1,6 @@
package Lemonldap::NG::Manager::Api::2F;
our $VERSION = '2.0.7';
our $VERSION = '2.0.8';
package Lemonldap::NG::Manager::Api;
@ -146,7 +147,7 @@ sub _get2F {
$psessions = $self->_getSessions2F( $self->_getPersistentMod, 'Persistent',
'_session_uid', $uid );
foreach ( keys %{$psessions} ) {
foreach ( keys %$psessions ) {
my $devices =
from_json( $psessions->{$_}->{_2fDevices}, { allow_nonref => 1 } );
foreach my $device ( @{$devices} ) {
@ -195,12 +196,12 @@ sub _getSessions2F {
Lemonldap::NG::Common::Apache::Session->searchOn( $mod->{options}, $key,
$uid,
( '_session_kind', '_session_uid', '_session_id', '_2fDevices' ) );
foreach ( keys %{$sessions} ) {
foreach ( keys %$sessions ) {
delete $sessions->{$_}
unless ( $sessions->{$_}->{_session_kind} eq $kind );
}
$self->logger->debug( "Found "
. scalar( keys %{$sessions} )
. scalar( keys %$sessions )
. " $kind sessions for uid $uid." );
return $sessions;
@ -224,7 +225,7 @@ sub _delete2FFromSessions {
my ( $sessions, $session, $devices, @keep, $removed,
$total, $module, $localStorage );
$sessions = $self->_getSessions2F( $mod, $kind, $key, $uid );
foreach ( keys %{$sessions} ) {
foreach ( keys %$sessions ) {
$session = $self->_getSession2F( $_, $mod )
or return { res => 'ko', code => 500, msg => $@ };
@ -263,8 +264,8 @@ sub _delete2FFromSessions {
. ( $total - scalar @keep )
. " 2F device(s) attached to sessionId $_ ..." );
$session->data->{_2fDevices} = to_json( \@keep );
$session->update( \%{ $session->data } );
$session->update( $session->data );
# Delete from local cache
if ( $session->{options}->{localStorage} ) {
$module = $session->{options}->{localStorage};
@ -289,7 +290,6 @@ sub _delete2FFromSessions {
$self->logger->debug(
"No 2F devices attached to sessionId $_ were found.");
}
}
return { res => 'ok', removed => $removed };
@ -317,7 +317,7 @@ sub _delete2F {
# merge results
$removed = { %$removed, %{ $res->{removed} } };
$count = scalar( keys %{$removed} );
$count = scalar( keys %$removed );
return {
res => 'ok',

46
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Common.pm
View File

@ -1,5 +1,6 @@
package Lemonldap::NG::Manager::Api::Common;
our $VERSION = '2.0.7';
our $VERSION = '2.0.8';
package Lemonldap::NG::Manager::Api;
@ -10,14 +11,12 @@ use Lemonldap::NG::Manager::Build::CTrees;
sub _isSimpleKeyValueHash {
my ( $self, $hash ) = @_;
if ( ref($hash) ne "HASH" ) {
return 0;
}
foreach ( keys %{$hash} ) {
if ( ref( $hash->{$_} ) ne '' || ref($_) ne '' ) {
return 0;
}
return 0 if ( ref($hash) ne "HASH" );
foreach ( keys %$hash ) {
return 0 if ( ref( $hash->{$_} ) ne '' || ref($_) ne '' );
}
return 1;
}
@ -28,11 +27,9 @@ sub _setDefaultValues {
foreach $attr (@allAttrs) {
unless ( defined $attrs->{$attr} ) {
if ( defined $defaultAttrs->{$attr}
&& defined $defaultAttrs->{$attr}->{default} )
{
$attrs->{$attr} = $defaultAttrs->{$attr}->{default};
}
$attrs->{$attr} = $defaultAttrs->{$attr}->{default}
if ( defined $defaultAttrs->{$attr}
&& defined $defaultAttrs->{$attr}->{default} );
}
}
@ -41,7 +38,6 @@ sub _setDefaultValues {
sub _hasAllowedAttributes {
my ( $self, $attributes, $rootNode ) = @_;
my @allowedAttributes = $self->_listAttributes($rootNode);
foreach $attribute ( keys %{$attributes} ) {
@ -64,30 +60,18 @@ sub _hasAllowedAttributes {
sub _listAttributes {
my ( $self, $rootNode ) = @_;
my $mainTree = Lemonldap::NG::Manager::Build::CTrees::cTrees();
my $mainTree = Lemonldap::NG::Manager::Build::CTrees::cTrees();
my $rootNodes = [ grep { ref($_) eq "HASH" } @{ $mainTree->{$rootNode} } ];
my @attributes = map { $self->_listNodeAttributes($_) } @$rootNodes;
my @attributes;
foreach $node ( @{$rootNodes} ) {
push @attributes, $self->_listNodeAttributes($node);
}
return @attributes;
}
sub _listNodeAttributes {
my ( $self, $node ) = @_;
my @attributes;
foreach $child ( @{ $node->{nodes} } ) {
if ( ref($child) eq "HASH" ) {
push( @attributes, $self->_listNodeAttributes($child) );
}
else {
push( @attributes, $child );
}
}
my @attributes =
map { ref($_) eq "HASH" ? $self->_listNodeAttributes($_) : $_ }
@{ $node->{nodes} };
return @attributes;
}

202
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/OidcRp.pm
View File

@ -1,5 +1,6 @@
package Lemonldap::NG::Manager::Api::Providers::OidcRp;
our $VERSION = '2.0.7';
our $VERSION = '2.0.8';
package Lemonldap::NG::Manager::Api;
@ -23,10 +24,9 @@ sub getOidcRpByConfKey {
my $oidcRp = $self->_getOidcRpByConfKey( $conf, $confKey );
# Return 404 if not found
unless ( defined $oidcRp ) {
return $self->sendError( $req,
"OIDC relying party '$confKey' not found", 404 );
}
return $self->sendError( $req,
"OIDC relying party '$confKey' not found", 404 )
unless ( defined $oidcRp );
return $self->sendJSONresponse( $req, $oidcRp );
}
@ -40,10 +40,8 @@ sub findOidcRpByConfKey {
: ( defined $req->params('pattern') ? $req->params('pattern') : undef )
);
unless ( defined $pattern ) {
return $self->sendError( $req, 'Invalid input: pattern is missing',
405 );
}
return $self->sendError( $req, 'Invalid input: pattern is missing', 405 )
unless ( defined $pattern );
$self->logger->debug(
"[API] Find OIDC RPs by confKey regexp $pattern requested");
@ -51,13 +49,9 @@ sub findOidcRpByConfKey {
# Get latest configuration
my $conf = $self->_confAcc->getConf;
my @oidcRps;
foreach ( keys %{ $conf->{oidcRPMetaDataOptions} } ) {
if ( $_ =~ $pattern ) {
push @oidcRps, $self->_getOidcRpByConfKey( $conf, $_ );
}
}
my @oidcRps =
map { $_ =~ $pattern ? $self->_getOidcRpByConfKey( $conf, $_ ) : () }
keys %{ $conf->{oidcRPMetaDataOptions} };
return $self->sendJSONresponse( $req, [@oidcRps] );
}
@ -73,10 +67,8 @@ sub findOidcRpByClientId {
)
);
unless ( defined $clientId ) {
return $self->sendError( $req, 'Invalid input: clientId is missing',
405 );
}
return $self->sendError( $req, 'Invalid input: clientId is missing', 405 )
unless ( defined $clientId );
$self->logger->debug("[API] Find OIDC RPs by clientId $clientId requested");
@ -84,66 +76,52 @@ sub findOidcRpByClientId {
my $conf = $self->_confAcc->getConf;
my $oidcRp = $self->_getOidcRpByClientId( $conf, $clientId );
unless ( defined $oidcRp ) {
return $self->sendError( $req,
"OIDC relying party with clientId '$clientId' not found", 404 );
}
return $self->sendError( $req,
"OIDC relying party with clientId '$clientId' not found", 404 )
unless ( defined $oidcRp );
return $self->sendJSONresponse( $req, $oidcRp );
}
sub addOidcRp {
my ( $self, $req ) = @_;
my $add = $req->jsonBodyToObj;
unless ($add) {
return $self->sendError( $req, "Invalid input: " . $req->error, 405 );
}
return $self->sendError( $req, "Invalid input: " . $req->error, 405 )
unless ($add);
unless ( defined $add->{confKey} ) {
return $self->sendError( $req, 'Invalid input: confKey is missing',
405 );
}
return $self->sendError( $req, 'Invalid input: confKey is missing', 405 )
unless ( defined $add->{confKey} );
unless ( defined $add->{clientId} ) {
return $self->sendError( $req, 'Invalid input: clientId is missing',
405 );
}
return $self->sendError( $req, 'Invalid input: clientId is missing', 405 )
unless ( defined $add->{clientId} );
$self->logger->debug(
"[API] Add OIDC RP with confKey $add->{confKey} and clientId $add->{clientId} requested"
);
# Get latest configuration
my $conf = $self->_confAcc->getConf({ noCache => 1 });
my $conf = $self->_confAcc->getConf( { noCache => 1 } );
if ( defined $self->_getOidcRpByConfKey( $conf, $add->{confKey} ) ) {
return $self->sendError(
$req,
"Invalid input: An OIDC RP with confKey $add->{confKey} already exists",
405
);
}
return $self->sendError(
$req,
"Invalid input: An OIDC RP with confKey $add->{confKey} already exists",
405
) if ( defined $self->_getOidcRpByConfKey( $conf, $add->{confKey} ) );
if ( defined $self->_getOidcRpByClientId( $conf, $add->{clientId} ) ) {
return $self->sendError(
$req,
return $self->sendError(
$req,
"Invalid input: An OIDC RP with clientId $add->{clientId} already exists",
405
);
}
405
) if ( defined $self->_getOidcRpByClientId( $conf, $add->{clientId} ) );
unless ( defined $add->{options} ) {
$add->{options} = {};
}
$add->{options} = {} unless ( defined $add->{options} );
$add->{options}->{oidcRPMetaDataOptionsClientID} = $add->{clientId};
my $res = $self->_pushOidcRp( $conf, $add->{confKey}, $add, 1 );
unless ( $res->{res} eq 'ok' ) {
return $self->sendError( $req, $res->{msg}, 405 );
}
return $self->sendError( $req, $res->{msg}, 405 )
unless ( $res->{res} eq 'ok' );
return $self->sendJSONresponse( $req,
{ message => "Successful operation" } );
@ -151,85 +129,75 @@ sub addOidcRp {
sub updateOidcRp {
my ( $self, $req ) = @_;
my $confKey = $req->params('confKey')
or return $self->sendError( $req, 'confKey is missing', 400 );
my $update = $req->jsonBodyToObj;
unless ($update) {
return $self->sendError( $req, "Invalid input: " . $req->error, 405 );
}
return $self->sendError( $req, "Invalid input: " . $req->error, 405 )
unless ($update);
$self->logger->debug(
"[API] OIDC RP $confKey configuration update requested");
# Get latest configuration
my $conf = $self->_confAcc->getConf({ noCache => 1 });
my $conf = $self->_confAcc->getConf( { noCache => 1 } );
my $current = $self->_getOidcRpByConfKey( $conf, $confKey );
# Return 404 if not found
unless ( defined $current ) {
return $self->sendError( $req,
"OIDC relying party '$confKey' not found", 404 );
}
return $self->sendError( $req,
"OIDC relying party '$confKey' not found", 404 )
unless ( defined $current );
# check if new clientID exists already
my $res = $self->_isNewOidcRpClientIdUnique( $conf, $confKey, $update );
unless ( $res->{res} eq 'ok' ) {
return $self->sendError( $req, $res->{msg}, 405 );
}
return $self->sendError( $req, $res->{msg}, 405 )
unless ( $res->{res} eq 'ok' );
$res = $self->_pushOidcRp( $conf, $confKey, $update, 0 );
unless ( $res->{res} eq 'ok' ) {
return $self->sendError( $req, $res->{msg}, 405 );
}
return $self->sendError( $req, $res->{msg}, 405 )
unless ( $res->{res} eq 'ok' );
return $self->sendJSONresponse( $req,
{ message => "Successful operation" } );
}
sub replaceOidcRp {
my ( $self, $req ) = @_;
my $confKey = $req->params('confKey')
or return $self->sendError( $req, 'confKey is missing', 400 );
my $replace = $req->jsonBodyToObj;
unless ($replace) {
return $self->sendError( $req, "Invalid input: " . $req->error, 405 );
}
unless ( defined $replace->{clientId} ) {
return $self->sendError( $req, 'Invalid input: clientId is missing',
405 );
}
return $self->sendError( $req, "Invalid input: " . $req->error, 405 )
unless ($replace);
return $self->sendError( $req, 'Invalid input: clientId is missing', 405 )
unless ( defined $replace->{clientId} );
$self->logger->debug(
"[API] OIDC RP $confKey configuration replace requested");
# Get latest configuration
my $conf = $self->_confAcc->getConf({ noCache => 1 });
my $conf = $self->_confAcc->getConf( { noCache => 1 } );
# Return 404 if not found
unless ( defined $self->_getOidcRpByConfKey( $conf, $confKey ) ) {
return $self->sendError( $req,
"OIDC relying party '$confKey' not found", 404 );
}
return $self->sendError( $req,
"OIDC relying party '$confKey' not found", 404 )
unless ( defined $self->_getOidcRpByConfKey( $conf, $confKey ) );
# check if new clientID exists already
my $res = $self->_isNewOidcRpClientIdUnique( $conf, $confKey, $replace );
unless ( $res->{res} eq 'ok' ) {
return $self->sendError( $req, $res->{msg}, 405 );
}
return $self->sendError( $req, $res->{msg}, 405 )
unless ( $res->{res} eq 'ok' );
$res = $self->_pushOidcRp( $conf, $confKey, $replace, 1 );
unless ( $res->{res} eq 'ok' ) {
return $self->sendError( $req, $res->{msg}, 405 );
}
return $self->sendError( $req, $res->{msg}, 405 )
unless ( $res->{res} eq 'ok' );
return $self->sendJSONresponse( $req,
{ message => "Successful operation" } );
@ -237,20 +205,19 @@ sub replaceOidcRp {
sub deleteOidcRp {
my ( $self, $req ) = @_;
my $confKey = $req->params('confKey')
or return $self->sendError( $req, 'confKey is missing', 400 );
# Get latest configuration
my $conf = $self->_confAcc->getConf({ noCache => 1 });
my $conf = $self->_confAcc->getConf( { noCache => 1 } );
my $delete = $self->_getOidcRpByConfKey( $conf, $confKey );
# Return 404 if not found
unless ( defined $delete ) {
return $self->sendError( $req,
"OIDC relying party '$confKey' not found", 404 );
}
return $self->sendError( $req,
"OIDC relying party '$confKey' not found", 404 )
unless ( defined $delete );
delete $conf->{oidcRPMetaDataOptions}->{$confKey};
delete $conf->{oidcRPMetaDataExportedVars}->{$confKey};
@ -267,9 +234,7 @@ sub _getOidcRpByConfKey {
my ( $self, $conf, $confKey ) = @_;
# Check if confKey is defined
unless ( defined $conf->{oidcRPMetaDataOptions}->{$confKey} ) {
return undef;
}
return undef unless ( defined $conf->{oidcRPMetaDataOptions}->{$confKey} );
# Get Client ID
my $clientId = $conf->{oidcRPMetaDataOptions}->{$confKey}
@ -297,12 +262,11 @@ sub _getOidcRpByClientId {
my ( $self, $conf, $clientId ) = @_;
foreach ( keys %{ $conf->{oidcRPMetaDataOptions} } ) {
if ( $conf->{oidcRPMetaDataOptions}->{$_}
->{oidcRPMetaDataOptionsClientID} eq $clientId )
{
return $self->_getOidcRpByConfKey( $conf, $_ );
}
return $self->_getOidcRpByConfKey( $conf, $_ )
if ( $conf->{oidcRPMetaDataOptions}->{$_}
->{oidcRPMetaDataOptionsClientID} eq $clientId );
}
return undef;
}
@ -314,14 +278,14 @@ sub _isNewOidcRpClientIdUnique {
|| $oidcRp->{options}->{oidcRPMetaDataOptionsClientID}
|| "";
if ( $newClientId ne '' && $newClientId ne $curClientId ) {
if ( defined $self->_getOidcRpByClientId( $conf, $newClientId ) ) {
return {
res => 'ko',
msg =>
return {
res => 'ko',
msg =>
"An OIDC relying party with clientId '$newClientId' already exists"
};
}
}
if ( defined $self->_getOidcRpByClientId( $conf, $newClientId ) );
}
return { res => 'ok' };
}
@ -339,19 +303,17 @@ sub _pushOidcRp {
if ( defined $push->{options} ) {
my $res = $self->_hasAllowedAttributes( $push->{options},
'oidcRPMetaDataNode' );
unless ( $res->{res} eq 'ok' ) {
return $res;
}
return $res unless ( $res->{res} eq 'ok' );
foreach ( keys %{ $push->{options} } ) {
$conf->{oidcRPMetaDataOptions}->{$confKey}->{$_} =
$push->{options}->{$_};
}
}
if ( defined $push->{clientId} ) {
$conf->{oidcRPMetaDataOptions}->{$confKey}
->{oidcRPMetaDataOptionsClientID} = $push->{clientId};
}
$conf->{oidcRPMetaDataOptions}->{$confKey}->{oidcRPMetaDataOptionsClientID}
= $push->{clientId}
if ( defined $push->{clientId} );
if ( defined $push->{exportedVars} ) {
if ( $self->_isSimpleKeyValueHash( $push->{exportedVars} ) ) {

274
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/SamlSp.pm
View File

@ -1,5 +1,6 @@
package Lemonldap::NG::Manager::Api::Providers::SamlSp;
our $VERSION = '2.0.7';
our $VERSION = '2.0.8';
package Lemonldap::NG::Manager::Api;
@ -18,53 +19,42 @@ sub getSamlSpByConfKey {
$self->logger->debug("[API] SAML SP $confKey configuration requested");
# Get latest configuration
my $conf = $self->_confAcc->getConf;
my $conf = $self->_confAcc->getConf;
my $samlSp = $self->_getSamlSpByConfKey( $conf, $confKey );
# Check if confKey is defined
unless ( defined $samlSp ) {
return $self->sendError( $req,
"SAML service Provider '$confKey' not found", 404 );
}
return $self->sendError( $req,
"SAML service Provider '$confKey' not found", 404 )
unless ( defined $samlSp );
return $self->sendJSONresponse( $req, $samlSp );
}
sub findSamlSpByConfKey {
my ( $self, $req ) = @_;
my $pattern = (
defined $req->params('uPattern')
? $req->params('uPattern')
: ( defined $req->params('pattern') ? $req->params('pattern') : undef )
);
unless ( defined $pattern ) {
return $self->sendError( $req, 'Invalid input: pattern is missing',
405 );
}
return $self->sendError( $req, 'Invalid input: pattern is missing', 405 )
unless ( defined $pattern );
$self->logger->debug(
"[API] Find SAML SPs by confKey regexp $pattern requested");
# Get latest configuration
my $conf = $self->_confAcc->getConf;
my @samlSps;
foreach ( keys %{ $conf->{samlSPMetaDataXML} } ) {
if ( $_ =~ $pattern ) {
push @samlSps, $self->_getSamlSpByConfKey( $conf, $_ );
}
}
my @samlSps =
map { $_ =~ $pattern ? $self->_getSamlSpByConfKey( $conf, $_ ) : () }
keys %{ $conf->{samlSPMetaDataXML} };
return $self->sendJSONresponse( $req, [@samlSps] );
}
sub findSamlSpByEntityId {
my ( $self, $req ) = @_;
my $entityId = (
defined $req->params('uEntityId') ? $req->params('uEntityId')
: (
@ -73,76 +63,61 @@ sub findSamlSpByEntityId {
)
);
unless ( defined $entityId ) {
return $self->sendError( $req, 'entityId is missing', 405 );
}
return $self->sendError( $req, 'entityId is missing', 405 )
unless ( defined $entityId );
$self->logger->debug("[API] Find SAML SPs by entityId $entityId requested");
# Get latest configuration
my $conf = $self->_confAcc->getConf;
my $conf = $self->_confAcc->getConf;
my $samlSp = $self->_getSamlSpByEntityId( $conf, $entityId );
unless ( defined $samlSp ) {
return $self->sendError( $req,
"SAML service Provider with entityID '$entityId' not found", 404 );
}
return $self->sendError( $req,
"SAML service Provider with entityID '$entityId' not found", 404 )
unless ( defined $samlSp );
return $self->sendJSONresponse( $req, $samlSp );
}
sub addSamlSp {
my ( $self, $req ) = @_;
my $add = $req->jsonBodyToObj;
unless ($add) {
return $self->sendError( $req, "Invalid input: " . $req->error, 405 );
}
return $self->sendError( $req, "Invalid input: " . $req->error, 405 )
unless ($add);
unless ( defined $add->{confKey} ) {
return $self->sendError( $req, 'Invalid input: confKey is missing',
405 );
}
return $self->sendError( $req, 'Invalid input: confKey is missing', 405 )
unless ( defined $add->{confKey} );
unless ( defined $add->{metadata} ) {
return $self->sendError( $req, 'Invalid input: metadata is missing',
405 );
}
return $self->sendError( $req, 'Invalid input: metadata is missing', 405 )
unless ( defined $add->{metadata} );
my $entityId = $self->_readSamlSpEntityId( $add->{metadata} );
unless ( defined $entityId ) {
return $self->sendError( $req,
'Invalid input: entityID is missing in metadata', 405 );
}
return $self->sendError( $req,
'Invalid input: entityID is missing in metadata', 405 )
unless ( defined $entityId );
$self->logger->debug(
"[API] Add SAML SP with confKey $add->{confKey} and entityID $entityId requested"
);
# Get latest configuration
my $conf = $self->_confAcc->getConf({ noCache => 1 });
my $conf = $self->_confAcc->getConf( { noCache => 1 } );
if ( defined $self->_getSamlSpByConfKey( $conf, $add->{confKey} ) ) {
return $self->sendError(
$req,
"Invalid input: A SAML SP with confKey $add->{confKey} already exists",
405
);
}
return $self->sendError(
$req,
"Invalid input: A SAML SP with confKey $add->{confKey} already exists",
405
) if ( defined $self->_getSamlSpByConfKey( $conf, $add->{confKey} ) );
if ( defined $self->_getSamlSpByEntityId( $conf, $entityId ) ) {
return $self->sendError( $req,
"Invalid input: A SAML SP with entityID $entityId already exists",
405 );
}
return $self->sendError( $req,
"Invalid input: A SAML SP with entityID $entityId already exists", 405 )
if ( defined $self->_getSamlSpByEntityId( $conf, $entityId ) );
my $res = $self->_pushSamlSp( $conf, $add->{confKey}, $add, 1 );
unless ( $res->{res} eq 'ok' ) {
return $self->sendError( $req, $res->{msg}, 405 );
}
return $self->sendError( $req, $res->{msg}, 405 )
unless ( $res->{res} eq 'ok' );
return $self->sendJSONresponse( $req,
{ message => "Successful operation" } );
@ -156,37 +131,34 @@ sub replaceSamlSp {
my $replace = $req->jsonBodyToObj;
unless ($replace) {
return $self->sendError( $req, "Invalid input: " . $req->error, 405 );
}
return $self->sendError( $req, "Invalid input: " . $req->error, 405 )
unless ($replace);
unless ( defined $replace->{metadata} ) {
return $self->sendError( $req, 'Invalid input: metadata is missing',
405 );
}
return $self->sendError( $req, 'Invalid input: metadata is missing', 405 )
unless ( defined $replace->{metadata} );
$self->logger->debug(
"[API] SAML SP $confKey configuration replace requested");
# Get latest configuration
my $conf = $self->_confAcc->getConf({ noCache => 1 });
my $conf = $self->_confAcc->getConf( { noCache => 1 } );
# Return 404 if not found
unless ( defined $self->_getSamlSpByConfKey( $conf, $confKey ) ) {
return $self->sendError( $req,
"SAML service provider '$confKey' not found", 404 );
}
return $self->sendError( $req,
"SAML service provider '$confKey' not found", 404 )
unless ( defined $self->_getSamlSpByConfKey( $conf, $confKey ) );
# check if new entityId exists already
my $res = $self->_isNewSamlSpEntityIdUnique( $conf, $confKey, $replace );
unless ( $res->{res} eq 'ok' ) {
return $self->sendError( $req, $res->{msg}, 405 );
}
return $self->sendError( $req, $res->{msg}, 405 )
unless ( $res->{res} eq 'ok' );
$res = $self->_pushSamlSp( $conf, $confKey, $replace, 1 );
unless ( $res->{res} eq 'ok' ) {
return $self->sendError( $req, $res->{msg}, 405 );
}
return $self->sendError( $req, $res->{msg}, 405 )
unless ( $res->{res} eq 'ok' );
return $self->sendJSONresponse( $req,
{ message => "Successful operation" } );
@ -194,48 +166,43 @@ sub replaceSamlSp {
sub updateSamlSp {
my ( $self, $req ) = @_;
my $res;
my $confKey = $req->params('confKey')
or return $self->sendError( $req, 'confKey is missing', 400 );
my $update = $req->jsonBodyToObj;
unless ($update) {
return $self->sendError( $req, "Invalid input: " . $req->error, 405 );
}
return $self->sendError( $req, "Invalid input: " . $req->error, 405 )
unless ($update);
$self->logger->debug(
"[API] SAML SP $confKey configuration update requested");
# Get latest configuration
my $conf = $self->_confAcc->getConf({ noCache => 1 });
my $conf = $self->_confAcc->getConf( { noCache => 1 } );
my $current = $self->_getSamlSpByConfKey( $conf, $confKey );
# Return 404 if not found
unless ( defined $current ) {
return $self->sendError( $req,
"SAML service provider '$confKey' not found", 404 );
}
return $self->sendError( $req,
"SAML service provider '$confKey' not found", 404 )
unless ( defined $current );
my $res;
if ( defined $update->{metadata} ) {
# check if new entityId exists already
$res = $self->_isNewSamlSpEntityIdUnique( $conf, $confKey, $update );
unless ( $res->{res} eq 'ok' ) {
return $self->sendError( $req, $res->{msg}, 405 );
}
return $self->sendError( $req, $res->{msg}, 405 )
unless ( $res->{res} eq 'ok' );
}
$res = $self->_pushSamlSp( $conf, $confKey, $update, 0 );
unless ( $res->{res} eq 'ok' ) {
return $self->sendError( $req, $res->{msg}, 405 );
}
return $self->sendError( $req, $res->{msg}, 405 )
unless ( $res->{res} eq 'ok' );
return $self->sendJSONresponse( $req,
{ message => "Successful operation" } );
}
sub deleteSamlSp {
@ -245,15 +212,15 @@ sub deleteSamlSp {
or return $self->sendError( $req, 'confKey is missing', 400 );
# Get latest configuration
my $conf = $self->_confAcc->getConf({ noCache => 1 });
my $conf = $self->_confAcc->getConf( { noCache => 1 } );
my $delete = $self->_getSamlSpByConfKey( $conf, $confKey );
# Return 404 if not found
unless ( defined $delete ) {
return $self->sendError( $req,
"SAML service provider '$confKey' not found", 404 );
}
return $self->sendError( $req,
"SAML service provider '$confKey' not found", 404 )
unless ( defined $delete );
delete $conf->{samlSPMetaDataXML}->{$confKey};
delete $conf->{samlSPMetaDataOptions}->{$confKey};
@ -270,9 +237,7 @@ sub _getSamlSpByConfKey {
my ( $self, $conf, $confKey ) = @_;
# Check if confKey is defined
if ( !defined $conf->{samlSPMetaDataXML}->{$confKey} ) {
return undef;
}
return undef unless ( defined $conf->{samlSPMetaDataXML}->{$confKey} );
# Get metadata
my $metadata = $conf->{samlSPMetaDataXML}->{$confKey}->{samlSPMetaDataXML};
@ -295,21 +260,18 @@ sub _getSamlSpByConfKey {
split( /;/,
$conf->{samlSPMetaDataExportedAttributes}->{$confKey}->{$_} );
$mandatory = !!$mandatory ? 'true' : 'false';
$mandatory = !!$mandatory ? 'true' : 'false'; # ????????????
$samlSp->{exportedAttributes}->{$_} = {
name => $name,
mandatory => $mandatory
};
if ( defined $friendly_name && $friendly_name ne '' ) {
$samlSp->{exportedAttributes}->{$_}->{friendlyName} =
$friendly_name;
}
$samlSp->{exportedAttributes}->{$_}->{friendlyName} = $friendly_name
if ( defined $friendly_name && $friendly_name ne '' );
if ( defined $format && $format ne '' ) {
$samlSp->{exportedAttributes}->{$_}->{format} = $format;
}
$samlSp->{exportedAttributes}->{$_}->{format} = $format
if ( defined $format && $format ne '' );
}
return $samlSp;
@ -319,24 +281,21 @@ sub _getSamlSpByEntityId {
my ( $self, $conf, $entityId ) = @_;
foreach ( keys %{ $conf->{samlSPMetaDataXML} } ) {
if (
return $self->_getSamlSpByConfKey( $conf, $_ )
if (
$self->_readSamlSpEntityId(
$conf->{samlSPMetaDataXML}->{$_}->{samlSPMetaDataXML}
) eq $entityId
)
{
return $self->_getSamlSpByConfKey( $conf, $_ );
}
);
}
return undef;
}
sub _readSamlSpEntityId {
my ( $self, $metadata ) = @_;
if ( $metadata =~ /entityID=['"](.+?)['"]/ ) {
return $1;
}
return undef;
return ( $metadata =~ /entityID=['"](.+?)['"]/ ) ? $1 : undef;
}
sub _readSamlSpExportedAttributes {
@ -347,41 +306,38 @@ sub _readSamlSpExportedAttributes {
"urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
];
foreach ( keys %{$attrs} ) {
unless ( defined $attrs->{$_}->{name} ) {
return { res => "ko", msg => "Exported attribute $_ has no name" };
}
return { res => "ko", msg => "Exported attribute $_ has no name" }
unless ( defined $attrs->{$_}->{name} );
my $mandatory = 0;
my $name = $attrs->{$_}->{name};
my $format = '';
my $friendlyName = '';
if ( defined $mergeWith->{$_} ) {
( $mandatory, $name, $format, $friendlyName ) =
split( /;/, $mergeWith->{$_} );
}
( $mandatory, $name, $format, $friendlyName ) =
split( /;/, $mergeWith->{$_} )
if ( defined $mergeWith->{$_} );
if ( defined $attrs->{$_}->{mandatory} ) {
if ( $attrs->{$_}->{mandatory} eq '1'
or $attrs->{$_}->{mandatory} eq 'true' )
{
$mandatory = 1;
}
else {
$mandatory = 0;
}
$mandatory = (
$attrs->{$_}->{mandatory} eq '1'
or $attrs->{$_}->{mandatory} eq 'true'
) ? 1 : 0;
}
if ( defined $attrs->{$_}->{format} ) {
$format = $attrs->{$_}->{format};
unless ( length( grep { /^$format$/ } @{$allowedFormats} ) ) {
return {
res => "ko",
msg => "Exported attribute $_ format does not exist."
};
}
}
if ( defined $attrs->{$_}->{friendlyName} ) {
$friendlyName = $attrs->{$_}->{friendlyName};
return {
res => "ko",
msg => "Exported attribute $_ format does not exist."
}
unless ( length( grep { /^$format$/ } @{$allowedFormats} ) );
}
$friendlyName = $attrs->{$_}->{friendlyName}
if ( defined $attrs->{$_}->{friendlyName} );
$mergeWith->{$_} = "$mandatory;$name;$format;$friendlyName";
}
return { res => "ok", exportedAttributes => $mergeWith };
}
@ -402,9 +358,8 @@ sub _pushSamlSp {
if ( defined $push->{options} ) {
my $res = $self->_hasAllowedAttributes( $push->{options},
'samlSPMetaDataNode' );
unless ( $res->{res} eq 'ok' ) {
return $res;
}
return $res unless ( $res->{res} eq 'ok' );
foreach ( keys %{ $push->{options} } ) {
$conf->{samlSPMetaDataOptions}->{$confKey}->{$_} =
$push->{options}->{$_};
@ -415,9 +370,8 @@ sub _pushSamlSp {
my $res =
$self->_readSamlSpExportedAttributes( $push->{exportedAttributes},
$conf->{samlSPMetaDataExportedAttributes}->{$confKey} );
unless ( $res->{res} eq 'ok' ) {
return $res;
}
return $res unless ( $res->{res} eq 'ok' );
$conf->{samlSPMetaDataExportedAttributes}->{$confKey} =
$res->{exportedAttributes};
}
@ -435,14 +389,14 @@ sub _isNewSamlSpEntityIdUnique {
$self->_readSamlSpEntityId(
$self->_getSamlSpByConfKey( $conf, $confKey )->{metadata} );
if ( $newEntityId ne $curEntityId ) {
if ( defined $self->_getSamlSpByEntityId( $conf, $newEntityId ) ) {
return {
res => 'ko',
msg =>
return {
res => 'ko',
msg =>
"An SAML service provide with entityId '$newEntityId' already exists"
};
}
}
if ( defined $self->_getSamlSpByEntityId( $conf, $newEntityId ) );
}
return { res => 'ok' };
}

0
lemonldap-ng-manager/t/06-rest-api.t → lemonldap-ng-manager/t/06-rest-api-RSA.t
View File