Typo (Thx Soisik ;-)
This commit is contained in:
parent
a310438a87
commit
2481a1922c
|
@ -224,7 +224,7 @@ t/03-HTML-forms.t
|
|||
t/04-2F-api.t
|
||||
t/04-providers-api.t
|
||||
t/05-rest-api.t
|
||||
t/06-rest-api.t
|
||||
t/06-rest-api-RSA.t
|
||||
t/07-utf8.t
|
||||
t/10-save-unchanged-conf.t
|
||||
t/11-save-appCat-changed-conf.t
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
package Lemonldap::NG::Manager::Api::2F;
|
||||
our $VERSION = '2.0.7';
|
||||
|
||||
our $VERSION = '2.0.8';
|
||||
|
||||
package Lemonldap::NG::Manager::Api;
|
||||
|
||||
|
@ -146,7 +147,7 @@ sub _get2F {
|
|||
$psessions = $self->_getSessions2F( $self->_getPersistentMod, 'Persistent',
|
||||
'_session_uid', $uid );
|
||||
|
||||
foreach ( keys %{$psessions} ) {
|
||||
foreach ( keys %$psessions ) {
|
||||
my $devices =
|
||||
from_json( $psessions->{$_}->{_2fDevices}, { allow_nonref => 1 } );
|
||||
foreach my $device ( @{$devices} ) {
|
||||
|
@ -195,12 +196,12 @@ sub _getSessions2F {
|
|||
Lemonldap::NG::Common::Apache::Session->searchOn( $mod->{options}, $key,
|
||||
$uid,
|
||||
( '_session_kind', '_session_uid', '_session_id', '_2fDevices' ) );
|
||||
foreach ( keys %{$sessions} ) {
|
||||
foreach ( keys %$sessions ) {
|
||||
delete $sessions->{$_}
|
||||
unless ( $sessions->{$_}->{_session_kind} eq $kind );
|
||||
}
|
||||
$self->logger->debug( "Found "
|
||||
. scalar( keys %{$sessions} )
|
||||
. scalar( keys %$sessions )
|
||||
. " $kind sessions for uid $uid." );
|
||||
|
||||
return $sessions;
|
||||
|
@ -224,7 +225,7 @@ sub _delete2FFromSessions {
|
|||
my ( $sessions, $session, $devices, @keep, $removed,
|
||||
$total, $module, $localStorage );
|
||||
$sessions = $self->_getSessions2F( $mod, $kind, $key, $uid );
|
||||
foreach ( keys %{$sessions} ) {
|
||||
foreach ( keys %$sessions ) {
|
||||
|
||||
$session = $self->_getSession2F( $_, $mod )
|
||||
or return { res => 'ko', code => 500, msg => $@ };
|
||||
|
@ -263,8 +264,8 @@ sub _delete2FFromSessions {
|
|||
. ( $total - scalar @keep )
|
||||
. " 2F device(s) attached to sessionId $_ ..." );
|
||||
$session->data->{_2fDevices} = to_json( \@keep );
|
||||
$session->update( \%{ $session->data } );
|
||||
|
||||
$session->update( $session->data );
|
||||
|
||||
# Delete from local cache
|
||||
if ( $session->{options}->{localStorage} ) {
|
||||
$module = $session->{options}->{localStorage};
|
||||
|
@ -289,7 +290,6 @@ sub _delete2FFromSessions {
|
|||
$self->logger->debug(
|
||||
"No 2F devices attached to sessionId $_ were found.");
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
return { res => 'ok', removed => $removed };
|
||||
|
@ -317,7 +317,7 @@ sub _delete2F {
|
|||
|
||||
# merge results
|
||||
$removed = { %$removed, %{ $res->{removed} } };
|
||||
$count = scalar( keys %{$removed} );
|
||||
$count = scalar( keys %$removed );
|
||||
|
||||
return {
|
||||
res => 'ok',
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
package Lemonldap::NG::Manager::Api::Common;
|
||||
our $VERSION = '2.0.7';
|
||||
|
||||
our $VERSION = '2.0.8';
|
||||
|
||||
package Lemonldap::NG::Manager::Api;
|
||||
|
||||
|
@ -10,14 +11,12 @@ use Lemonldap::NG::Manager::Build::CTrees;
|
|||
|
||||
sub _isSimpleKeyValueHash {
|
||||
my ( $self, $hash ) = @_;
|
||||
if ( ref($hash) ne "HASH" ) {
|
||||
return 0;
|
||||
}
|
||||
foreach ( keys %{$hash} ) {
|
||||
if ( ref( $hash->{$_} ) ne '' || ref($_) ne '' ) {
|
||||
return 0;
|
||||
}
|
||||
return 0 if ( ref($hash) ne "HASH" );
|
||||
|
||||
foreach ( keys %$hash ) {
|
||||
return 0 if ( ref( $hash->{$_} ) ne '' || ref($_) ne '' );
|
||||
}
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
@ -28,11 +27,9 @@ sub _setDefaultValues {
|
|||
|
||||
foreach $attr (@allAttrs) {
|
||||
unless ( defined $attrs->{$attr} ) {
|
||||
if ( defined $defaultAttrs->{$attr}
|
||||
&& defined $defaultAttrs->{$attr}->{default} )
|
||||
{
|
||||
$attrs->{$attr} = $defaultAttrs->{$attr}->{default};
|
||||
}
|
||||
$attrs->{$attr} = $defaultAttrs->{$attr}->{default}
|
||||
if ( defined $defaultAttrs->{$attr}
|
||||
&& defined $defaultAttrs->{$attr}->{default} );
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -41,7 +38,6 @@ sub _setDefaultValues {
|
|||
|
||||
sub _hasAllowedAttributes {
|
||||
my ( $self, $attributes, $rootNode ) = @_;
|
||||
|
||||
my @allowedAttributes = $self->_listAttributes($rootNode);
|
||||
|
||||
foreach $attribute ( keys %{$attributes} ) {
|
||||
|
@ -64,30 +60,18 @@ sub _hasAllowedAttributes {
|
|||
|
||||
sub _listAttributes {
|
||||
my ( $self, $rootNode ) = @_;
|
||||
|
||||
my $mainTree = Lemonldap::NG::Manager::Build::CTrees::cTrees();
|
||||
|
||||
my $mainTree = Lemonldap::NG::Manager::Build::CTrees::cTrees();
|
||||
my $rootNodes = [ grep { ref($_) eq "HASH" } @{ $mainTree->{$rootNode} } ];
|
||||
my @attributes = map { $self->_listNodeAttributes($_) } @$rootNodes;
|
||||
|
||||
my @attributes;
|
||||
foreach $node ( @{$rootNodes} ) {
|
||||
push @attributes, $self->_listNodeAttributes($node);
|
||||
}
|
||||
return @attributes;
|
||||
}
|
||||
|
||||
sub _listNodeAttributes {
|
||||
my ( $self, $node ) = @_;
|
||||
|
||||
my @attributes;
|
||||
foreach $child ( @{ $node->{nodes} } ) {
|
||||
if ( ref($child) eq "HASH" ) {
|
||||
push( @attributes, $self->_listNodeAttributes($child) );
|
||||
}
|
||||
else {
|
||||
push( @attributes, $child );
|
||||
}
|
||||
}
|
||||
my @attributes =
|
||||
map { ref($_) eq "HASH" ? $self->_listNodeAttributes($_) : $_ }
|
||||
@{ $node->{nodes} };
|
||||
|
||||
return @attributes;
|
||||
}
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
package Lemonldap::NG::Manager::Api::Providers::OidcRp;
|
||||
our $VERSION = '2.0.7';
|
||||
|
||||
our $VERSION = '2.0.8';
|
||||
|
||||
package Lemonldap::NG::Manager::Api;
|
||||
|
||||
|
@ -23,10 +24,9 @@ sub getOidcRpByConfKey {
|
|||
my $oidcRp = $self->_getOidcRpByConfKey( $conf, $confKey );
|
||||
|
||||
# Return 404 if not found
|
||||
unless ( defined $oidcRp ) {
|
||||
return $self->sendError( $req,
|
||||
"OIDC relying party '$confKey' not found", 404 );
|
||||
}
|
||||
return $self->sendError( $req,
|
||||
"OIDC relying party '$confKey' not found", 404 )
|
||||
unless ( defined $oidcRp );
|
||||
|
||||
return $self->sendJSONresponse( $req, $oidcRp );
|
||||
}
|
||||
|
@ -40,10 +40,8 @@ sub findOidcRpByConfKey {
|
|||
: ( defined $req->params('pattern') ? $req->params('pattern') : undef )
|
||||
);
|
||||
|
||||
unless ( defined $pattern ) {
|
||||
return $self->sendError( $req, 'Invalid input: pattern is missing',
|
||||
405 );
|
||||
}
|
||||
return $self->sendError( $req, 'Invalid input: pattern is missing', 405 )
|
||||
unless ( defined $pattern );
|
||||
|
||||
$self->logger->debug(
|
||||
"[API] Find OIDC RPs by confKey regexp $pattern requested");
|
||||
|
@ -51,13 +49,9 @@ sub findOidcRpByConfKey {
|
|||
# Get latest configuration
|
||||
my $conf = $self->_confAcc->getConf;
|
||||
|
||||
my @oidcRps;
|
||||
|
||||
foreach ( keys %{ $conf->{oidcRPMetaDataOptions} } ) {
|
||||
if ( $_ =~ $pattern ) {
|
||||
push @oidcRps, $self->_getOidcRpByConfKey( $conf, $_ );
|
||||
}
|
||||
}
|
||||
my @oidcRps =
|
||||
map { $_ =~ $pattern ? $self->_getOidcRpByConfKey( $conf, $_ ) : () }
|
||||
keys %{ $conf->{oidcRPMetaDataOptions} };
|
||||
|
||||
return $self->sendJSONresponse( $req, [@oidcRps] );
|
||||
}
|
||||
|
@ -73,10 +67,8 @@ sub findOidcRpByClientId {
|
|||
)
|
||||
);
|
||||
|
||||
unless ( defined $clientId ) {
|
||||
return $self->sendError( $req, 'Invalid input: clientId is missing',
|
||||
405 );
|
||||
}
|
||||
return $self->sendError( $req, 'Invalid input: clientId is missing', 405 )
|
||||
unless ( defined $clientId );
|
||||
|
||||
$self->logger->debug("[API] Find OIDC RPs by clientId $clientId requested");
|
||||
|
||||
|
@ -84,66 +76,52 @@ sub findOidcRpByClientId {
|
|||
my $conf = $self->_confAcc->getConf;
|
||||
|
||||
my $oidcRp = $self->_getOidcRpByClientId( $conf, $clientId );
|
||||
|
||||
unless ( defined $oidcRp ) {
|
||||
return $self->sendError( $req,
|
||||
"OIDC relying party with clientId '$clientId' not found", 404 );
|
||||
}
|
||||
return $self->sendError( $req,
|
||||
"OIDC relying party with clientId '$clientId' not found", 404 )
|
||||
unless ( defined $oidcRp );
|
||||
|
||||
return $self->sendJSONresponse( $req, $oidcRp );
|
||||
}
|
||||
|
||||
sub addOidcRp {
|
||||
my ( $self, $req ) = @_;
|
||||
|
||||
my $add = $req->jsonBodyToObj;
|
||||
|
||||
unless ($add) {
|
||||
return $self->sendError( $req, "Invalid input: " . $req->error, 405 );
|
||||
}
|
||||
return $self->sendError( $req, "Invalid input: " . $req->error, 405 )
|
||||
unless ($add);
|
||||
|
||||
unless ( defined $add->{confKey} ) {
|
||||
return $self->sendError( $req, 'Invalid input: confKey is missing',
|
||||
405 );
|
||||
}
|
||||
return $self->sendError( $req, 'Invalid input: confKey is missing', 405 )
|
||||
unless ( defined $add->{confKey} );
|
||||
|
||||
unless ( defined $add->{clientId} ) {
|
||||
return $self->sendError( $req, 'Invalid input: clientId is missing',
|
||||
405 );
|
||||
}
|
||||
return $self->sendError( $req, 'Invalid input: clientId is missing', 405 )
|
||||
unless ( defined $add->{clientId} );
|
||||
|
||||
$self->logger->debug(
|
||||
"[API] Add OIDC RP with confKey $add->{confKey} and clientId $add->{clientId} requested"
|
||||
);
|
||||
|
||||
# Get latest configuration
|
||||
my $conf = $self->_confAcc->getConf({ noCache => 1 });
|
||||
my $conf = $self->_confAcc->getConf( { noCache => 1 } );
|
||||
|
||||
if ( defined $self->_getOidcRpByConfKey( $conf, $add->{confKey} ) ) {
|
||||
return $self->sendError(
|
||||
$req,
|
||||
"Invalid input: An OIDC RP with confKey $add->{confKey} already exists",
|
||||
405
|
||||
);
|
||||
}
|
||||
return $self->sendError(
|
||||
$req,
|
||||
"Invalid input: An OIDC RP with confKey $add->{confKey} already exists",
|
||||
405
|
||||
) if ( defined $self->_getOidcRpByConfKey( $conf, $add->{confKey} ) );
|
||||
|
||||
if ( defined $self->_getOidcRpByClientId( $conf, $add->{clientId} ) ) {
|
||||
return $self->sendError(
|
||||
$req,
|
||||
return $self->sendError(
|
||||
$req,
|
||||
"Invalid input: An OIDC RP with clientId $add->{clientId} already exists",
|
||||
405
|
||||
);
|
||||
}
|
||||
405
|
||||
) if ( defined $self->_getOidcRpByClientId( $conf, $add->{clientId} ) );
|
||||
|
||||
unless ( defined $add->{options} ) {
|
||||
$add->{options} = {};
|
||||
}
|
||||
$add->{options} = {} unless ( defined $add->{options} );
|
||||
$add->{options}->{oidcRPMetaDataOptionsClientID} = $add->{clientId};
|
||||
|
||||
my $res = $self->_pushOidcRp( $conf, $add->{confKey}, $add, 1 );
|
||||
unless ( $res->{res} eq 'ok' ) {
|
||||
return $self->sendError( $req, $res->{msg}, 405 );
|
||||
}
|
||||
|
||||
return $self->sendError( $req, $res->{msg}, 405 )
|
||||
unless ( $res->{res} eq 'ok' );
|
||||
|
||||
return $self->sendJSONresponse( $req,
|
||||
{ message => "Successful operation" } );
|
||||
|
@ -151,85 +129,75 @@ sub addOidcRp {
|
|||
|
||||
sub updateOidcRp {
|
||||
my ( $self, $req ) = @_;
|
||||
|
||||
my $confKey = $req->params('confKey')
|
||||
or return $self->sendError( $req, 'confKey is missing', 400 );
|
||||
|
||||
my $update = $req->jsonBodyToObj;
|
||||
|
||||
unless ($update) {
|
||||
return $self->sendError( $req, "Invalid input: " . $req->error, 405 );
|
||||
}
|
||||
return $self->sendError( $req, "Invalid input: " . $req->error, 405 )
|
||||
unless ($update);
|
||||
|
||||
$self->logger->debug(
|
||||
"[API] OIDC RP $confKey configuration update requested");
|
||||
|
||||
# Get latest configuration
|
||||
my $conf = $self->_confAcc->getConf({ noCache => 1 });
|
||||
my $conf = $self->_confAcc->getConf( { noCache => 1 } );
|
||||
|
||||
my $current = $self->_getOidcRpByConfKey( $conf, $confKey );
|
||||
|
||||
# Return 404 if not found
|
||||
unless ( defined $current ) {
|
||||
return $self->sendError( $req,
|
||||
"OIDC relying party '$confKey' not found", 404 );
|
||||
}
|
||||
|
||||
return $self->sendError( $req,
|
||||
"OIDC relying party '$confKey' not found", 404 )
|
||||
unless ( defined $current );
|
||||
|
||||
# check if new clientID exists already
|
||||
my $res = $self->_isNewOidcRpClientIdUnique( $conf, $confKey, $update );
|
||||
unless ( $res->{res} eq 'ok' ) {
|
||||
return $self->sendError( $req, $res->{msg}, 405 );
|
||||
}
|
||||
|
||||
return $self->sendError( $req, $res->{msg}, 405 )
|
||||
unless ( $res->{res} eq 'ok' );
|
||||
|
||||
$res = $self->_pushOidcRp( $conf, $confKey, $update, 0 );
|
||||
unless ( $res->{res} eq 'ok' ) {
|
||||
return $self->sendError( $req, $res->{msg}, 405 );
|
||||
}
|
||||
|
||||
return $self->sendError( $req, $res->{msg}, 405 )
|
||||
unless ( $res->{res} eq 'ok' );
|
||||
|
||||
return $self->sendJSONresponse( $req,
|
||||
{ message => "Successful operation" } );
|
||||
}
|
||||
|
||||
sub replaceOidcRp {
|
||||
|
||||
my ( $self, $req ) = @_;
|
||||
|
||||
my $confKey = $req->params('confKey')
|
||||
or return $self->sendError( $req, 'confKey is missing', 400 );
|
||||
|
||||
my $replace = $req->jsonBodyToObj;
|
||||
|
||||
unless ($replace) {
|
||||
return $self->sendError( $req, "Invalid input: " . $req->error, 405 );
|
||||
}
|
||||
|
||||
unless ( defined $replace->{clientId} ) {
|
||||
return $self->sendError( $req, 'Invalid input: clientId is missing',
|
||||
405 );
|
||||
}
|
||||
return $self->sendError( $req, "Invalid input: " . $req->error, 405 )
|
||||
unless ($replace);
|
||||
return $self->sendError( $req, 'Invalid input: clientId is missing', 405 )
|
||||
unless ( defined $replace->{clientId} );
|
||||
|
||||
$self->logger->debug(
|
||||
"[API] OIDC RP $confKey configuration replace requested");
|
||||
|
||||
# Get latest configuration
|
||||
my $conf = $self->_confAcc->getConf({ noCache => 1 });
|
||||
my $conf = $self->_confAcc->getConf( { noCache => 1 } );
|
||||
|
||||
# Return 404 if not found
|
||||
unless ( defined $self->_getOidcRpByConfKey( $conf, $confKey ) ) {
|
||||
return $self->sendError( $req,
|
||||
"OIDC relying party '$confKey' not found", 404 );
|
||||
}
|
||||
|
||||
return $self->sendError( $req,
|
||||
"OIDC relying party '$confKey' not found", 404 )
|
||||
unless ( defined $self->_getOidcRpByConfKey( $conf, $confKey ) );
|
||||
|
||||
# check if new clientID exists already
|
||||
my $res = $self->_isNewOidcRpClientIdUnique( $conf, $confKey, $replace );
|
||||
unless ( $res->{res} eq 'ok' ) {
|
||||
return $self->sendError( $req, $res->{msg}, 405 );
|
||||
}
|
||||
return $self->sendError( $req, $res->{msg}, 405 )
|
||||
unless ( $res->{res} eq 'ok' );
|
||||
|
||||
$res = $self->_pushOidcRp( $conf, $confKey, $replace, 1 );
|
||||
unless ( $res->{res} eq 'ok' ) {
|
||||
return $self->sendError( $req, $res->{msg}, 405 );
|
||||
}
|
||||
return $self->sendError( $req, $res->{msg}, 405 )
|
||||
unless ( $res->{res} eq 'ok' );
|
||||
|
||||
return $self->sendJSONresponse( $req,
|
||||
{ message => "Successful operation" } );
|
||||
|
@ -237,20 +205,19 @@ sub replaceOidcRp {
|
|||
|
||||
sub deleteOidcRp {
|
||||
my ( $self, $req ) = @_;
|
||||
|
||||
my $confKey = $req->params('confKey')
|
||||
or return $self->sendError( $req, 'confKey is missing', 400 );
|
||||
|
||||
# Get latest configuration
|
||||
my $conf = $self->_confAcc->getConf({ noCache => 1 });
|
||||
my $conf = $self->_confAcc->getConf( { noCache => 1 } );
|
||||
|
||||
my $delete = $self->_getOidcRpByConfKey( $conf, $confKey );
|
||||
|
||||
# Return 404 if not found
|
||||
unless ( defined $delete ) {
|
||||
return $self->sendError( $req,
|
||||
"OIDC relying party '$confKey' not found", 404 );
|
||||
}
|
||||
|
||||
return $self->sendError( $req,
|
||||
"OIDC relying party '$confKey' not found", 404 )
|
||||
unless ( defined $delete );
|
||||
|
||||
delete $conf->{oidcRPMetaDataOptions}->{$confKey};
|
||||
delete $conf->{oidcRPMetaDataExportedVars}->{$confKey};
|
||||
|
@ -267,9 +234,7 @@ sub _getOidcRpByConfKey {
|
|||
my ( $self, $conf, $confKey ) = @_;
|
||||
|
||||
# Check if confKey is defined
|
||||
unless ( defined $conf->{oidcRPMetaDataOptions}->{$confKey} ) {
|
||||
return undef;
|
||||
}
|
||||
return undef unless ( defined $conf->{oidcRPMetaDataOptions}->{$confKey} );
|
||||
|
||||
# Get Client ID
|
||||
my $clientId = $conf->{oidcRPMetaDataOptions}->{$confKey}
|
||||
|
@ -297,12 +262,11 @@ sub _getOidcRpByClientId {
|
|||
my ( $self, $conf, $clientId ) = @_;
|
||||
|
||||
foreach ( keys %{ $conf->{oidcRPMetaDataOptions} } ) {
|
||||
if ( $conf->{oidcRPMetaDataOptions}->{$_}
|
||||
->{oidcRPMetaDataOptionsClientID} eq $clientId )
|
||||
{
|
||||
return $self->_getOidcRpByConfKey( $conf, $_ );
|
||||
}
|
||||
return $self->_getOidcRpByConfKey( $conf, $_ )
|
||||
if ( $conf->{oidcRPMetaDataOptions}->{$_}
|
||||
->{oidcRPMetaDataOptionsClientID} eq $clientId );
|
||||
}
|
||||
|
||||
return undef;
|
||||
}
|
||||
|
||||
|
@ -314,14 +278,14 @@ sub _isNewOidcRpClientIdUnique {
|
|||
|| $oidcRp->{options}->{oidcRPMetaDataOptionsClientID}
|
||||
|| "";
|
||||
if ( $newClientId ne '' && $newClientId ne $curClientId ) {
|
||||
if ( defined $self->_getOidcRpByClientId( $conf, $newClientId ) ) {
|
||||
return {
|
||||
res => 'ko',
|
||||
msg =>
|
||||
return {
|
||||
res => 'ko',
|
||||
msg =>
|
||||
"An OIDC relying party with clientId '$newClientId' already exists"
|
||||
};
|
||||
}
|
||||
}
|
||||
if ( defined $self->_getOidcRpByClientId( $conf, $newClientId ) );
|
||||
}
|
||||
|
||||
return { res => 'ok' };
|
||||
}
|
||||
|
||||
|
@ -339,19 +303,17 @@ sub _pushOidcRp {
|
|||
if ( defined $push->{options} ) {
|
||||
my $res = $self->_hasAllowedAttributes( $push->{options},
|
||||
'oidcRPMetaDataNode' );
|
||||
unless ( $res->{res} eq 'ok' ) {
|
||||
return $res;
|
||||
}
|
||||
return $res unless ( $res->{res} eq 'ok' );
|
||||
|
||||
foreach ( keys %{ $push->{options} } ) {
|
||||
$conf->{oidcRPMetaDataOptions}->{$confKey}->{$_} =
|
||||
$push->{options}->{$_};
|
||||
}
|
||||
}
|
||||
|
||||
if ( defined $push->{clientId} ) {
|
||||
$conf->{oidcRPMetaDataOptions}->{$confKey}
|
||||
->{oidcRPMetaDataOptionsClientID} = $push->{clientId};
|
||||
}
|
||||
$conf->{oidcRPMetaDataOptions}->{$confKey}->{oidcRPMetaDataOptionsClientID}
|
||||
= $push->{clientId}
|
||||
if ( defined $push->{clientId} );
|
||||
|
||||
if ( defined $push->{exportedVars} ) {
|
||||
if ( $self->_isSimpleKeyValueHash( $push->{exportedVars} ) ) {
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
package Lemonldap::NG::Manager::Api::Providers::SamlSp;
|
||||
our $VERSION = '2.0.7';
|
||||
|
||||
our $VERSION = '2.0.8';
|
||||
|
||||
package Lemonldap::NG::Manager::Api;
|
||||
|
||||
|
@ -18,53 +19,42 @@ sub getSamlSpByConfKey {
|
|||
$self->logger->debug("[API] SAML SP $confKey configuration requested");
|
||||
|
||||
# Get latest configuration
|
||||
my $conf = $self->_confAcc->getConf;
|
||||
|
||||
my $conf = $self->_confAcc->getConf;
|
||||
my $samlSp = $self->_getSamlSpByConfKey( $conf, $confKey );
|
||||
|
||||
# Check if confKey is defined
|
||||
unless ( defined $samlSp ) {
|
||||
return $self->sendError( $req,
|
||||
"SAML service Provider '$confKey' not found", 404 );
|
||||
}
|
||||
return $self->sendError( $req,
|
||||
"SAML service Provider '$confKey' not found", 404 )
|
||||
unless ( defined $samlSp );
|
||||
|
||||
return $self->sendJSONresponse( $req, $samlSp );
|
||||
}
|
||||
|
||||
sub findSamlSpByConfKey {
|
||||
my ( $self, $req ) = @_;
|
||||
|
||||
my $pattern = (
|
||||
defined $req->params('uPattern')
|
||||
? $req->params('uPattern')
|
||||
: ( defined $req->params('pattern') ? $req->params('pattern') : undef )
|
||||
);
|
||||
|
||||
unless ( defined $pattern ) {
|
||||
return $self->sendError( $req, 'Invalid input: pattern is missing',
|
||||
405 );
|
||||
}
|
||||
return $self->sendError( $req, 'Invalid input: pattern is missing', 405 )
|
||||
unless ( defined $pattern );
|
||||
|
||||
$self->logger->debug(
|
||||
"[API] Find SAML SPs by confKey regexp $pattern requested");
|
||||
|
||||
# Get latest configuration
|
||||
my $conf = $self->_confAcc->getConf;
|
||||
|
||||
my @samlSps;
|
||||
|
||||
foreach ( keys %{ $conf->{samlSPMetaDataXML} } ) {
|
||||
if ( $_ =~ $pattern ) {
|
||||
push @samlSps, $self->_getSamlSpByConfKey( $conf, $_ );
|
||||
}
|
||||
}
|
||||
my @samlSps =
|
||||
map { $_ =~ $pattern ? $self->_getSamlSpByConfKey( $conf, $_ ) : () }
|
||||
keys %{ $conf->{samlSPMetaDataXML} };
|
||||
|
||||
return $self->sendJSONresponse( $req, [@samlSps] );
|
||||
}
|
||||
|
||||
sub findSamlSpByEntityId {
|
||||
my ( $self, $req ) = @_;
|
||||
|
||||
my $entityId = (
|
||||
defined $req->params('uEntityId') ? $req->params('uEntityId')
|
||||
: (
|
||||
|
@ -73,76 +63,61 @@ sub findSamlSpByEntityId {
|
|||
)
|
||||
);
|
||||
|
||||
unless ( defined $entityId ) {
|
||||
return $self->sendError( $req, 'entityId is missing', 405 );
|
||||
}
|
||||
return $self->sendError( $req, 'entityId is missing', 405 )
|
||||
unless ( defined $entityId );
|
||||
|
||||
$self->logger->debug("[API] Find SAML SPs by entityId $entityId requested");
|
||||
|
||||
# Get latest configuration
|
||||
my $conf = $self->_confAcc->getConf;
|
||||
|
||||
my $conf = $self->_confAcc->getConf;
|
||||
my $samlSp = $self->_getSamlSpByEntityId( $conf, $entityId );
|
||||
|
||||
unless ( defined $samlSp ) {
|
||||
return $self->sendError( $req,
|
||||
"SAML service Provider with entityID '$entityId' not found", 404 );
|
||||
}
|
||||
|
||||
return $self->sendError( $req,
|
||||
"SAML service Provider with entityID '$entityId' not found", 404 )
|
||||
unless ( defined $samlSp );
|
||||
return $self->sendJSONresponse( $req, $samlSp );
|
||||
}
|
||||
|
||||
sub addSamlSp {
|
||||
my ( $self, $req ) = @_;
|
||||
|
||||
my $add = $req->jsonBodyToObj;
|
||||
|
||||
unless ($add) {
|
||||
return $self->sendError( $req, "Invalid input: " . $req->error, 405 );
|
||||
}
|
||||
return $self->sendError( $req, "Invalid input: " . $req->error, 405 )
|
||||
unless ($add);
|
||||
|
||||
unless ( defined $add->{confKey} ) {
|
||||
return $self->sendError( $req, 'Invalid input: confKey is missing',
|
||||
405 );
|
||||
}
|
||||
return $self->sendError( $req, 'Invalid input: confKey is missing', 405 )
|
||||
unless ( defined $add->{confKey} );
|
||||
|
||||
unless ( defined $add->{metadata} ) {
|
||||
return $self->sendError( $req, 'Invalid input: metadata is missing',
|
||||
405 );
|
||||
}
|
||||
return $self->sendError( $req, 'Invalid input: metadata is missing', 405 )
|
||||
unless ( defined $add->{metadata} );
|
||||
|
||||
my $entityId = $self->_readSamlSpEntityId( $add->{metadata} );
|
||||
|
||||
unless ( defined $entityId ) {
|
||||
return $self->sendError( $req,
|
||||
'Invalid input: entityID is missing in metadata', 405 );
|
||||
}
|
||||
return $self->sendError( $req,
|
||||
'Invalid input: entityID is missing in metadata', 405 )
|
||||
unless ( defined $entityId );
|
||||
|
||||
$self->logger->debug(
|
||||
"[API] Add SAML SP with confKey $add->{confKey} and entityID $entityId requested"
|
||||
);
|
||||
|
||||
# Get latest configuration
|
||||
my $conf = $self->_confAcc->getConf({ noCache => 1 });
|
||||
my $conf = $self->_confAcc->getConf( { noCache => 1 } );
|
||||
|
||||
if ( defined $self->_getSamlSpByConfKey( $conf, $add->{confKey} ) ) {
|
||||
return $self->sendError(
|
||||
$req,
|
||||
"Invalid input: A SAML SP with confKey $add->{confKey} already exists",
|
||||
405
|
||||
);
|
||||
}
|
||||
return $self->sendError(
|
||||
$req,
|
||||
"Invalid input: A SAML SP with confKey $add->{confKey} already exists",
|
||||
405
|
||||
) if ( defined $self->_getSamlSpByConfKey( $conf, $add->{confKey} ) );
|
||||
|
||||
if ( defined $self->_getSamlSpByEntityId( $conf, $entityId ) ) {
|
||||
return $self->sendError( $req,
|
||||
"Invalid input: A SAML SP with entityID $entityId already exists",
|
||||
405 );
|
||||
}
|
||||
return $self->sendError( $req,
|
||||
"Invalid input: A SAML SP with entityID $entityId already exists", 405 )
|
||||
if ( defined $self->_getSamlSpByEntityId( $conf, $entityId ) );
|
||||
|
||||
my $res = $self->_pushSamlSp( $conf, $add->{confKey}, $add, 1 );
|
||||
unless ( $res->{res} eq 'ok' ) {
|
||||
return $self->sendError( $req, $res->{msg}, 405 );
|
||||
}
|
||||
|
||||
return $self->sendError( $req, $res->{msg}, 405 )
|
||||
unless ( $res->{res} eq 'ok' );
|
||||
|
||||
return $self->sendJSONresponse( $req,
|
||||
{ message => "Successful operation" } );
|
||||
|
@ -156,37 +131,34 @@ sub replaceSamlSp {
|
|||
|
||||
my $replace = $req->jsonBodyToObj;
|
||||
|
||||
unless ($replace) {
|
||||
return $self->sendError( $req, "Invalid input: " . $req->error, 405 );
|
||||
}
|
||||
return $self->sendError( $req, "Invalid input: " . $req->error, 405 )
|
||||
unless ($replace);
|
||||
|
||||
unless ( defined $replace->{metadata} ) {
|
||||
return $self->sendError( $req, 'Invalid input: metadata is missing',
|
||||
405 );
|
||||
}
|
||||
return $self->sendError( $req, 'Invalid input: metadata is missing', 405 )
|
||||
unless ( defined $replace->{metadata} );
|
||||
|
||||
$self->logger->debug(
|
||||
"[API] SAML SP $confKey configuration replace requested");
|
||||
|
||||
# Get latest configuration
|
||||
my $conf = $self->_confAcc->getConf({ noCache => 1 });
|
||||
my $conf = $self->_confAcc->getConf( { noCache => 1 } );
|
||||
|
||||
# Return 404 if not found
|
||||
unless ( defined $self->_getSamlSpByConfKey( $conf, $confKey ) ) {
|
||||
return $self->sendError( $req,
|
||||
"SAML service provider '$confKey' not found", 404 );
|
||||
}
|
||||
|
||||
return $self->sendError( $req,
|
||||
"SAML service provider '$confKey' not found", 404 )
|
||||
unless ( defined $self->_getSamlSpByConfKey( $conf, $confKey ) );
|
||||
|
||||
# check if new entityId exists already
|
||||
my $res = $self->_isNewSamlSpEntityIdUnique( $conf, $confKey, $replace );
|
||||
unless ( $res->{res} eq 'ok' ) {
|
||||
return $self->sendError( $req, $res->{msg}, 405 );
|
||||
}
|
||||
|
||||
return $self->sendError( $req, $res->{msg}, 405 )
|
||||
unless ( $res->{res} eq 'ok' );
|
||||
|
||||
$res = $self->_pushSamlSp( $conf, $confKey, $replace, 1 );
|
||||
unless ( $res->{res} eq 'ok' ) {
|
||||
return $self->sendError( $req, $res->{msg}, 405 );
|
||||
}
|
||||
|
||||
return $self->sendError( $req, $res->{msg}, 405 )
|
||||
unless ( $res->{res} eq 'ok' );
|
||||
|
||||
return $self->sendJSONresponse( $req,
|
||||
{ message => "Successful operation" } );
|
||||
|
@ -194,48 +166,43 @@ sub replaceSamlSp {
|
|||
|
||||
sub updateSamlSp {
|
||||
my ( $self, $req ) = @_;
|
||||
|
||||
my $res;
|
||||
my $confKey = $req->params('confKey')
|
||||
or return $self->sendError( $req, 'confKey is missing', 400 );
|
||||
|
||||
my $update = $req->jsonBodyToObj;
|
||||
|
||||
unless ($update) {
|
||||
return $self->sendError( $req, "Invalid input: " . $req->error, 405 );
|
||||
}
|
||||
return $self->sendError( $req, "Invalid input: " . $req->error, 405 )
|
||||
unless ($update);
|
||||
|
||||
$self->logger->debug(
|
||||
"[API] SAML SP $confKey configuration update requested");
|
||||
|
||||
# Get latest configuration
|
||||
my $conf = $self->_confAcc->getConf({ noCache => 1 });
|
||||
|
||||
my $conf = $self->_confAcc->getConf( { noCache => 1 } );
|
||||
my $current = $self->_getSamlSpByConfKey( $conf, $confKey );
|
||||
|
||||
# Return 404 if not found
|
||||
unless ( defined $current ) {
|
||||
return $self->sendError( $req,
|
||||
"SAML service provider '$confKey' not found", 404 );
|
||||
}
|
||||
return $self->sendError( $req,
|
||||
"SAML service provider '$confKey' not found", 404 )
|
||||
unless ( defined $current );
|
||||
|
||||
my $res;
|
||||
if ( defined $update->{metadata} ) {
|
||||
|
||||
# check if new entityId exists already
|
||||
$res = $self->_isNewSamlSpEntityIdUnique( $conf, $confKey, $update );
|
||||
unless ( $res->{res} eq 'ok' ) {
|
||||
return $self->sendError( $req, $res->{msg}, 405 );
|
||||
}
|
||||
|
||||
return $self->sendError( $req, $res->{msg}, 405 )
|
||||
unless ( $res->{res} eq 'ok' );
|
||||
|
||||
}
|
||||
|
||||
$res = $self->_pushSamlSp( $conf, $confKey, $update, 0 );
|
||||
unless ( $res->{res} eq 'ok' ) {
|
||||
return $self->sendError( $req, $res->{msg}, 405 );
|
||||
}
|
||||
return $self->sendError( $req, $res->{msg}, 405 )
|
||||
unless ( $res->{res} eq 'ok' );
|
||||
|
||||
return $self->sendJSONresponse( $req,
|
||||
{ message => "Successful operation" } );
|
||||
|
||||
}
|
||||
|
||||
sub deleteSamlSp {
|
||||
|
@ -245,15 +212,15 @@ sub deleteSamlSp {
|
|||
or return $self->sendError( $req, 'confKey is missing', 400 );
|
||||
|
||||
# Get latest configuration
|
||||
my $conf = $self->_confAcc->getConf({ noCache => 1 });
|
||||
my $conf = $self->_confAcc->getConf( { noCache => 1 } );
|
||||
|
||||
my $delete = $self->_getSamlSpByConfKey( $conf, $confKey );
|
||||
|
||||
# Return 404 if not found
|
||||
unless ( defined $delete ) {
|
||||
return $self->sendError( $req,
|
||||
"SAML service provider '$confKey' not found", 404 );
|
||||
}
|
||||
|
||||
return $self->sendError( $req,
|
||||
"SAML service provider '$confKey' not found", 404 )
|
||||
unless ( defined $delete );
|
||||
|
||||
delete $conf->{samlSPMetaDataXML}->{$confKey};
|
||||
delete $conf->{samlSPMetaDataOptions}->{$confKey};
|
||||
|
@ -270,9 +237,7 @@ sub _getSamlSpByConfKey {
|
|||
my ( $self, $conf, $confKey ) = @_;
|
||||
|
||||
# Check if confKey is defined
|
||||
if ( !defined $conf->{samlSPMetaDataXML}->{$confKey} ) {
|
||||
return undef;
|
||||
}
|
||||
return undef unless ( defined $conf->{samlSPMetaDataXML}->{$confKey} );
|
||||
|
||||
# Get metadata
|
||||
my $metadata = $conf->{samlSPMetaDataXML}->{$confKey}->{samlSPMetaDataXML};
|
||||
|
@ -295,21 +260,18 @@ sub _getSamlSpByConfKey {
|
|||
split( /;/,
|
||||
$conf->{samlSPMetaDataExportedAttributes}->{$confKey}->{$_} );
|
||||
|
||||
$mandatory = !!$mandatory ? 'true' : 'false';
|
||||
$mandatory = !!$mandatory ? 'true' : 'false'; # ????????????
|
||||
|
||||
$samlSp->{exportedAttributes}->{$_} = {
|
||||
name => $name,
|
||||
mandatory => $mandatory
|
||||
};
|
||||
|
||||
if ( defined $friendly_name && $friendly_name ne '' ) {
|
||||
$samlSp->{exportedAttributes}->{$_}->{friendlyName} =
|
||||
$friendly_name;
|
||||
}
|
||||
$samlSp->{exportedAttributes}->{$_}->{friendlyName} = $friendly_name
|
||||
if ( defined $friendly_name && $friendly_name ne '' );
|
||||
|
||||
if ( defined $format && $format ne '' ) {
|
||||
$samlSp->{exportedAttributes}->{$_}->{format} = $format;
|
||||
}
|
||||
$samlSp->{exportedAttributes}->{$_}->{format} = $format
|
||||
if ( defined $format && $format ne '' );
|
||||
}
|
||||
|
||||
return $samlSp;
|
||||
|
@ -319,24 +281,21 @@ sub _getSamlSpByEntityId {
|
|||
my ( $self, $conf, $entityId ) = @_;
|
||||
|
||||
foreach ( keys %{ $conf->{samlSPMetaDataXML} } ) {
|
||||
if (
|
||||
return $self->_getSamlSpByConfKey( $conf, $_ )
|
||||
if (
|
||||
$self->_readSamlSpEntityId(
|
||||
$conf->{samlSPMetaDataXML}->{$_}->{samlSPMetaDataXML}
|
||||
) eq $entityId
|
||||
)
|
||||
{
|
||||
return $self->_getSamlSpByConfKey( $conf, $_ );
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
return undef;
|
||||
}
|
||||
|
||||
sub _readSamlSpEntityId {
|
||||
my ( $self, $metadata ) = @_;
|
||||
if ( $metadata =~ /entityID=['"](.+?)['"]/ ) {
|
||||
return $1;
|
||||
}
|
||||
return undef;
|
||||
|
||||
return ( $metadata =~ /entityID=['"](.+?)['"]/ ) ? $1 : undef;
|
||||
}
|
||||
|
||||
sub _readSamlSpExportedAttributes {
|
||||
|
@ -347,41 +306,38 @@ sub _readSamlSpExportedAttributes {
|
|||
"urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
|
||||
];
|
||||
foreach ( keys %{$attrs} ) {
|
||||
unless ( defined $attrs->{$_}->{name} ) {
|
||||
return { res => "ko", msg => "Exported attribute $_ has no name" };
|
||||
}
|
||||
return { res => "ko", msg => "Exported attribute $_ has no name" }
|
||||
unless ( defined $attrs->{$_}->{name} );
|
||||
my $mandatory = 0;
|
||||
my $name = $attrs->{$_}->{name};
|
||||
my $format = '';
|
||||
my $friendlyName = '';
|
||||
if ( defined $mergeWith->{$_} ) {
|
||||
( $mandatory, $name, $format, $friendlyName ) =
|
||||
split( /;/, $mergeWith->{$_} );
|
||||
}
|
||||
|
||||
( $mandatory, $name, $format, $friendlyName ) =
|
||||
split( /;/, $mergeWith->{$_} )
|
||||
if ( defined $mergeWith->{$_} );
|
||||
|
||||
if ( defined $attrs->{$_}->{mandatory} ) {
|
||||
if ( $attrs->{$_}->{mandatory} eq '1'
|
||||
or $attrs->{$_}->{mandatory} eq 'true' )
|
||||
{
|
||||
$mandatory = 1;
|
||||
}
|
||||
else {
|
||||
$mandatory = 0;
|
||||
}
|
||||
$mandatory = (
|
||||
$attrs->{$_}->{mandatory} eq '1'
|
||||
or $attrs->{$_}->{mandatory} eq 'true'
|
||||
) ? 1 : 0;
|
||||
}
|
||||
|
||||
if ( defined $attrs->{$_}->{format} ) {
|
||||
$format = $attrs->{$_}->{format};
|
||||
unless ( length( grep { /^$format$/ } @{$allowedFormats} ) ) {
|
||||
return {
|
||||
res => "ko",
|
||||
msg => "Exported attribute $_ format does not exist."
|
||||
};
|
||||
}
|
||||
}
|
||||
if ( defined $attrs->{$_}->{friendlyName} ) {
|
||||
$friendlyName = $attrs->{$_}->{friendlyName};
|
||||
return {
|
||||
res => "ko",
|
||||
msg => "Exported attribute $_ format does not exist."
|
||||
}
|
||||
unless ( length( grep { /^$format$/ } @{$allowedFormats} ) );
|
||||
}
|
||||
|
||||
$friendlyName = $attrs->{$_}->{friendlyName}
|
||||
if ( defined $attrs->{$_}->{friendlyName} );
|
||||
$mergeWith->{$_} = "$mandatory;$name;$format;$friendlyName";
|
||||
}
|
||||
|
||||
return { res => "ok", exportedAttributes => $mergeWith };
|
||||
}
|
||||
|
||||
|
@ -402,9 +358,8 @@ sub _pushSamlSp {
|
|||
if ( defined $push->{options} ) {
|
||||
my $res = $self->_hasAllowedAttributes( $push->{options},
|
||||
'samlSPMetaDataNode' );
|
||||
unless ( $res->{res} eq 'ok' ) {
|
||||
return $res;
|
||||
}
|
||||
return $res unless ( $res->{res} eq 'ok' );
|
||||
|
||||
foreach ( keys %{ $push->{options} } ) {
|
||||
$conf->{samlSPMetaDataOptions}->{$confKey}->{$_} =
|
||||
$push->{options}->{$_};
|
||||
|
@ -415,9 +370,8 @@ sub _pushSamlSp {
|
|||
my $res =
|
||||
$self->_readSamlSpExportedAttributes( $push->{exportedAttributes},
|
||||
$conf->{samlSPMetaDataExportedAttributes}->{$confKey} );
|
||||
unless ( $res->{res} eq 'ok' ) {
|
||||
return $res;
|
||||
}
|
||||
return $res unless ( $res->{res} eq 'ok' );
|
||||
|
||||
$conf->{samlSPMetaDataExportedAttributes}->{$confKey} =
|
||||
$res->{exportedAttributes};
|
||||
}
|
||||
|
@ -435,14 +389,14 @@ sub _isNewSamlSpEntityIdUnique {
|
|||
$self->_readSamlSpEntityId(
|
||||
$self->_getSamlSpByConfKey( $conf, $confKey )->{metadata} );
|
||||
if ( $newEntityId ne $curEntityId ) {
|
||||
if ( defined $self->_getSamlSpByEntityId( $conf, $newEntityId ) ) {
|
||||
return {
|
||||
res => 'ko',
|
||||
msg =>
|
||||
return {
|
||||
res => 'ko',
|
||||
msg =>
|
||||
"An SAML service provide with entityId '$newEntityId' already exists"
|
||||
};
|
||||
}
|
||||
}
|
||||
if ( defined $self->_getSamlSpByEntityId( $conf, $newEntityId ) );
|
||||
}
|
||||
|
||||
return { res => 'ok' };
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user