From 4ff20f2d765d30f88de97da32a916bc34d4dc3eb Mon Sep 17 00:00:00 2001 From: maudoux Date: Tue, 9 Apr 2019 23:40:16 +0200 Subject: [PATCH 01/32] Fix Yubikey userLogger (#1702) --- .../lib/Lemonldap/NG/Portal/2F/Register/Yubikey.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/Yubikey.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/Yubikey.pm index 1a8b4f02c..6a47de3a6 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/Yubikey.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/Yubikey.pm @@ -128,7 +128,7 @@ sub run { $self->p->updatePersistentSession( $req, { _2fDevices => to_json($_2fDevices) } ); $self->userLogger->notice( - "Yubikey registration of $keyName succeeds for $user"); + "Yubikey registration of $UBKName succeeds for $user"); return $self->p->sendHtml( $req, 'error', From af707c5b1f7fa6c508455fad85d58c9aaeb4f2cc Mon Sep 17 00:00:00 2001 From: Xavier Date: Wed, 10 Apr 2019 07:14:36 +0200 Subject: [PATCH 02/32] Clear pdata on lmerror access --- lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm index 72bdf4553..959fabfb6 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm @@ -878,6 +878,7 @@ sub lmError { LOGOUT_URL => $self->conf->{portal} . "?logout=1", URL => $req->{urldc}, ); + $req->pdata( {} ); # Error code $templateParams{"ERROR$_"} = ( $httpError == $_ ? 1 : 0 ) @@ -889,8 +890,8 @@ sub rebuildCookies { my ( $self, $req ) = @_; my @tmp; for ( my $i = 0 ; $i < @{ $req->{respHeaders} } ; $i += 2 ) { - push @tmp, $req->respHeaders->[0], $req->respHeaders->[1] - unless ( $req->respHeaders->[0] eq 'Set-Cookie' ); + push @tmp, $req->respHeaders->[$i], $req->respHeaders->[ $i + 1 ] + unless ( $req->respHeaders->[$i] eq 'Set-Cookie' ); } $req->{respHeaders} = \@tmp; $self->buildCookie($req); From 6352dc6ac8053adf0c0322421a83cb321541dc9a Mon Sep 17 00:00:00 2001 From: Antoine ROSIER Date: Wed, 10 Apr 2019 08:53:25 +0200 Subject: [PATCH 03/32] Sort idp and op (#1704) --- .../lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm | 3 +++ lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm | 3 +++ 2 files changed, 6 insertions(+) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm index 9479f79c7..945ffc247 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm @@ -72,6 +72,9 @@ sub init { oidcServiceMetaDataFrontChannelURI => 'frontLogout', oidcServiceMetaDataBackChannelURI => 'backLogout', ); + @list = sort { $a->{name} cmp $b->{name} or + $a->{val} cmp $b->{val} + } @list; $self->opList( [@list] ); return 1; } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm index d08c25e4b..b84e2c6cf 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm @@ -965,6 +965,9 @@ sub extractFormInfo { icon => $img_src, }; } + @list = sort { $a->{name} cmp $b->{name} or + $a->{val} cmp $b->{val} + } @list; $req->data->{list} = \@list; $req->data->{confirmRemember} = 1; From 413cc98fbaad88d21f6ae58b792a5c905efd288c Mon Sep 17 00:00:00 2001 From: Christophe Maudoux Date: Wed, 10 Apr 2019 09:21:55 +0200 Subject: [PATCH 04/32] perltidy --- .../lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm | 7 +++---- .../lib/Lemonldap/NG/Portal/Auth/SAML.pm | 11 ++++------- 2 files changed, 7 insertions(+), 11 deletions(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm index 945ffc247..6cd145a00 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm @@ -16,7 +16,7 @@ extends 'Lemonldap::NG::Portal::Main::Auth', # INTERFACE -has opList => ( is => 'rw', default => sub { [] } ); +has opList => ( is => 'rw', default => sub { [] } ); has opNumber => ( is => 'rw', default => 0 ); has path => ( is => 'rw', default => 'oauth2' ); @@ -72,9 +72,8 @@ sub init { oidcServiceMetaDataFrontChannelURI => 'frontLogout', oidcServiceMetaDataBackChannelURI => 'backLogout', ); - @list = sort { $a->{name} cmp $b->{name} or - $a->{val} cmp $b->{val} - } @list; + @list = + sort { $a->{name} cmp $b->{name} or $a->{val} cmp $b->{val} } @list; $self->opList( [@list] ); return 1; } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm index b84e2c6cf..998770e3d 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm @@ -893,12 +893,10 @@ sub extractFormInfo { $self->logger->debug( "Will try to use SAML Discovery Protocol for IDP resolution"); - if ($req->urldc) { - $req->pdata->{_url} = encode_base64($req->urldc, ''); + if ( $req->urldc ) { + $req->pdata->{_url} = encode_base64( $req->urldc, '' ); } - my $disco_url = $self->conf->{samlDiscoveryProtocolURL}; - my $portal = $self->conf->{portal}; $disco_url .= ( $disco_url =~ /\?/ ? '&' : '?' ) . build_urlencoded( @@ -965,9 +963,8 @@ sub extractFormInfo { icon => $img_src, }; } - @list = sort { $a->{name} cmp $b->{name} or - $a->{val} cmp $b->{val} - } @list; + @list = + sort { $a->{name} cmp $b->{name} or $a->{val} cmp $b->{val} } @list; $req->data->{list} = \@list; $req->data->{confirmRemember} = 1; From ae3a728378f218477f8bf5d46952fb1ba1ab58b8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= Date: Wed, 10 Apr 2019 15:42:58 +0200 Subject: [PATCH 05/32] Manage template inclusion when file is not in configured portal theme (#1653) --- .../lib/Lemonldap/NG/Common/PSGI.pm | 3 ++- .../lib/Lemonldap/NG/Portal/Lib/SMTP.pm | 8 +++++--- .../lib/Lemonldap/NG/Portal/Main/Init.pm | 2 ++ .../lib/Lemonldap/NG/Portal/Main/Run.pm | 18 ++++++++---------- 4 files changed, 17 insertions(+), 14 deletions(-) diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm index 934b98979..4cf7ab29f 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm @@ -17,7 +17,7 @@ has languages => ( is => 'rw', isa => 'Str', default => 'en' ); has logLevel => ( is => 'rw', isa => 'Str', default => 'info' ); has portal => ( is => 'rw', isa => 'Str' ); has staticPrefix => ( is => 'rw', isa => 'Str' ); -has templateDir => ( is => 'rw', isa => 'Str' ); +has templateDir => ( is => 'rw', isa => 'Str|ArrayRef' ); has links => ( is => 'rw', isa => 'ArrayRef' ); has menuLinks => ( is => 'rw', isa => 'ArrayRef' ); has logger => ( is => 'rw' ); @@ -250,6 +250,7 @@ sub sendHtml { $htpl = HTML::Template->new( filehandle => IO::File->new($template), path => $self->templateDir, + search_path_on_include => 1, die_on_bad_params => 0, die_on_missing_include => 1, cache => 0, diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SMTP.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SMTP.pm index e8c8c9ead..a7f5b2446 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SMTP.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SMTP.pm @@ -15,7 +15,7 @@ use Email::Sender::Transport::SMTP qw(); use MIME::Base64; use Encode; -our $VERSION = '2.0.2'; +our $VERSION = '2.0.3'; our $transport; @@ -184,8 +184,10 @@ sub send_mail { foreach ( keys %cid ) { $message->attach( Type => "image/" . ( $cid{$_} =~ m/\.(\w+)/ )[0], - Id => $_, - Path => $self->p->{templateDir} . "/" . $cid{$_}, + Id => $_, + Path => $self->conf->{templateDir} . "/" + . $self->conf->{portalSkin} . "/" + . $cid{$_}, ); } } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm index f529fc5f5..63a8bc3cc 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm @@ -194,6 +194,8 @@ sub reloadConf { $self->error("Template dir $self->{templateDir} doesn't exist"); return $self->fail; } + $self->templateDir( + [ $self->{templateDir}, $self->conf->{templateDir} . '/bootstrap' ] ); $self->{staticPrefix} = $self->conf->{staticPrefix} || '/static'; $self->{languages} = $self->conf->{languages} || '/'; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm index 959fabfb6..6d875d622 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm @@ -743,6 +743,7 @@ sub sendHtml { my ( $self, $req, $template, %args ) = @_; my $templateDir = $self->conf->{templateDir} . '/' . $self->getSkin($req); + $self->templateDir( [ $templateDir, @{ $self->templateDir } ] ); # Check template $args{templateDir} = $templateDir; @@ -1004,17 +1005,14 @@ sub _sumUpSession { sub loadTemplate { my ( $self, $name, %prm ) = @_; $name .= '.tpl'; - my $file = - $self->conf->{templateDir} . '/' - . $self->conf->{portalSkin} . '/' - . $name; - $file = $self->conf->{templateDir} . '/common/' . $name - unless ( -e $file ); - unless ( -e $file ) { - die "Unable to find $name in $self->conf->{templateDir}"; - } my $tpl = HTML::Template->new( - filename => $file, + filename => $name, + path => [ + $self->conf->{templateDir} . '/' . $self->conf->{portalSkin}, + $self->conf->{templateDir} . '/bootstrap/', + $self->conf->{templateDir} . '/common/' + ], + search_path_on_include => 1, die_on_bad_params => 0, die_on_missing_include => 1, cache => 1, From 8636da45be66b34c1883cf4f8c39658291ef0e46 Mon Sep 17 00:00:00 2001 From: Antoine ROSIER Date: Wed, 10 Apr 2019 16:14:49 +0200 Subject: [PATCH 06/32] Sorting SAML idp (#1704) --- .../Lemonldap/NG/Common/Conf/ReConstants.pm | 2 +- lemonldap-ng-manager/MANIFEST | 1 + .../lib/Lemonldap/NG/Manager/Attributes.pm | 79 +- .../Lemonldap/NG/Manager/Build/Attributes.pm | 1 + .../lib/Lemonldap/NG/Manager/Build/CTrees.pm | 3 +- .../site/htdocs/static/js/conftree.js | 6 + .../site/htdocs/static/js/conftree.min.js | 2 +- .../site/htdocs/static/languages/ar.json | 1 + .../site/htdocs/static/languages/de.json | 1 + .../site/htdocs/static/languages/en.json | 1 + .../site/htdocs/static/languages/es.json | 987 ++++++++++++++++++ .../site/htdocs/static/languages/fr.json | 1 + .../site/htdocs/static/languages/it.json | 1 + .../site/htdocs/static/languages/vi.json | 1 + .../site/htdocs/static/languages/zh.json | 1 + .../lib/Lemonldap/NG/Portal/Auth/SAML.pm | 12 +- .../lib/Lemonldap/NG/Portal/Lib/SAML.pm | 3 + 17 files changed, 1057 insertions(+), 46 deletions(-) create mode 100644 lemonldap-ng-manager/site/htdocs/static/languages/es.json diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm index 3e91e3150..bdcdcbc60 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm @@ -28,7 +28,7 @@ our $casAppMetaDataNodeKeys = 'casAppMetaData(?:Options(?:Servic|Rul)e|ExportedV our $casSrvMetaDataNodeKeys = 'casSrvMetaData(?:Options(?:ProxiedServices|DisplayName|Gateway|Renew|Icon|Url)|ExportedVars)'; our $oidcOPMetaDataNodeKeys = 'oidcOPMetaData(?:Options(?:C(?:lient(?:Secret|ID)|heckJWTSignature|onfigurationURI)|TokenEndpointAuthMethod|(?:JWKSTimeou|Promp)t|I(?:DTokenMaxAge|con)|S(?:toreIDToken|cope)|U(?:iLocales|seNonce)|Display(?:Name)?|AcrValues|MaxAge)|ExportedVars|J(?:SON|WKS))'; our $oidcRPMetaDataNodeKeys = 'oidcRPMetaData(?:Options(?:(?:PostLogoutRedirectUri|ExtraClaim)s|I(?:DToken(?:Expiration|SignAlg)|con)|Logout(?:SessionRequired|Type|Url)|AccessTokenExpiration|R(?:edirectUris|ule)|Client(?:Secret|ID)|BypassConsent|DisplayName|UserIDAttr)|ExportedVars)'; -our $samlIDPMetaDataNodeKeys = 'samlIDPMetaData(?:Options(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|EncryptionMod|UserAttribut|DisplayNam)e|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Re(?:questedAuthnContext|solutionRule|layStateURL)|S(?:ignS[LS]OMessage|toreSAMLToken|[LS]OBinding)|Force(?:Authn|UTF8)|I(?:sPassive|con)|NameIDFormat)|ExportedAttributes|XML)'; +our $samlIDPMetaDataNodeKeys = 'samlIDPMetaData(?:Options(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|EncryptionMod|UserAttribut|DisplayNam)e|S(?:ignS[LS]OMessage|toreSAMLToken|[LS]OBinding|ortNumber)|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Re(?:questedAuthnContext|solutionRule|layStateURL)|Force(?:Authn|UTF8)|I(?:sPassive|con)|NameIDFormat)|ExportedAttributes|XML)'; our $samlSPMetaDataNodeKeys = 'samlSPMetaData(?:Options(?:N(?:ameID(?:SessionKey|Format)|otOnOrAfterTimeout)|S(?:essionNotOnOrAfterTimeout|ignS[LS]OMessage)|(?:CheckS[LS]OMessageSignatur|OneTimeUs|Rul)e|En(?:ableIDPInitiatedURL|cryptionMode)|ForceUTF8)|ExportedAttributes|XML)'; our $virtualHostKeys = '(?:vhost(?:A(?:uthnLevel|liases)|(?:Maintenanc|Typ)e|Https|Port)|(?:exportedHeader|locationRule)s|post)'; diff --git a/lemonldap-ng-manager/MANIFEST b/lemonldap-ng-manager/MANIFEST index 55b75b6c4..52f64fefe 100644 --- a/lemonldap-ng-manager/MANIFEST +++ b/lemonldap-ng-manager/MANIFEST @@ -167,6 +167,7 @@ site/htdocs/static/js/viewer.min.js site/htdocs/static/languages/ar.json site/htdocs/static/languages/de.json site/htdocs/static/languages/en.json +site/htdocs/static/languages/es.json site/htdocs/static/languages/fr.json site/htdocs/static/languages/it.json site/htdocs/static/languages/vi.json diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm index db4043db1..ef4f33906 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm @@ -8,17 +8,17 @@ sub types { 'array' => { 'test' => sub { 1; - } + } }, 'authParamsText' => { 'test' => sub { 1; - } + } }, 'blackWhiteList' => { 'test' => sub { 1; - } + } }, 'bool' => { 'msgFail' => '__notABoolean__', @@ -36,17 +36,17 @@ sub types { split( /\n/, $@, 0 ) ) ); return $err ? ( 1, "__badExpression__: $err" ) : 1; - } + } }, 'catAndAppList' => { 'test' => sub { 1; - } + } }, 'file' => { 'test' => sub { 1; - } + } }, 'hostname' => { 'form' => 'text', @@ -80,48 +80,48 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a- if $_ =~ /exportedvars$/i and defined $conf->{$_}{$val}; } return 1, "__unknownAttrOrMacro__: $val"; - } + } }, 'longtext' => { 'test' => sub { 1; - } + } }, 'menuApp' => { 'test' => sub { 1; - } + } }, 'menuCat' => { 'test' => sub { 1; - } + } }, 'oidcmetadatajson' => { 'test' => sub { 1; - } + } }, 'oidcmetadatajwks' => { 'test' => sub { 1; - } + } }, 'oidcOPMetaDataNode' => { 'test' => sub { 1; - } + } }, 'oidcRPMetaDataNode' => { 'test' => sub { 1; - } + } }, 'password' => { 'msgFail' => '__malformedValue__', 'test' => sub { 1; - } + } }, 'pcre' => { 'form' => 'text', @@ -132,7 +132,7 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a- } }; return $@ ? ( 0, "__badRegexp__: $@" ) : 1; - } + } }, 'PerlModule' => { 'form' => 'text', @@ -142,17 +142,17 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a- 'portalskin' => { 'test' => sub { 1; - } + } }, 'portalskinbackground' => { 'test' => sub { 1; - } + } }, 'post' => { 'test' => sub { 1; - } + } }, 'RSAPrivateKey' => { 'test' => sub { @@ -160,7 +160,7 @@ qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a- m[^(?:(?:\-+\s*BEGIN\s+(?:RSA\s+)?PRIVATE\s+KEY\s*\-+\r?\n)?(?:Proc-Type:.*\r?\nDEK-Info:.*\r?\n[\r\n]*)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+(?:RSA\s+)PRIVATE\s+KEY\s*\-+)?[\r\n]*)?$]s ? 1 : ( 1, '__badPemEncoding__' ); - } + } }, 'RSAPublicKey' => { 'test' => sub { @@ -168,7 +168,7 @@ m[^(?:(?:\-+\s*BEGIN\s+(?:RSA\s+)?PRIVATE\s+KEY\s*\-+\r?\n)?(?:Proc-Type:.*\r?\n m[^(?:(?:\-+\s*BEGIN\s+PUBLIC\s+KEY\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+PUBLIC\s+KEY\s*\-+)?[\r\n]*)?$]s ? 1 : ( 1, '__badPemEncoding__' ); - } + } }, 'RSAPublicKeyOrCertificate' => { 'test' => sub { @@ -176,37 +176,37 @@ m[^(?:(?:\-+\s*BEGIN\s+PUBLIC\s+KEY\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\ m[^(?:(?:\-+\s*BEGIN\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\n]+={0,2}(?:\r?\n\-+\s*END\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+)?[\r\n]*)?$]s ? 1 : ( 1, '__badPemEncoding__' ); - } + } }, 'rule' => { 'test' => sub { 1; - } + } }, 'samlAssertion' => { 'test' => sub { 1; - } + } }, 'samlAttribute' => { 'test' => sub { 1; - } + } }, 'samlIDPMetaDataNode' => { 'test' => sub { 1; - } + } }, 'samlService' => { 'test' => sub { 1; - } + } }, 'samlSPMetaDataNode' => { 'test' => sub { 1; - } + } }, 'select' => { 'test' => sub { @@ -216,19 +216,19 @@ m[^(?:(?:\-+\s*BEGIN\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\ return $test ? 1 : ( 1, "Invalid value '$_[0]' for this select" ); - } + } }, 'subContainer' => { 'keyTest' => qr/\w/, 'test' => sub { 1; - } + } }, 'text' => { 'msgFail' => '__malformedValue__', 'test' => sub { 1; - } + } }, 'trool' => { 'msgFail' => '__authorizedValues__: -1, 0, 1', @@ -1081,7 +1081,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][ split( /\n/, $@, 0 ) ) ); return $err ? ( 1, "__badExpression__: $err" ) : 1; - } + } }, 'type' => 'keyTextContainer' }, @@ -1300,7 +1300,7 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0- and defined $conf->{$_}{$val}; } return 1, "__unknownAttrOrMacro__: $val"; - } + } }, 'type' => 'doubleHash' }, @@ -1586,7 +1586,7 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][ split( /\n/, $@, 0 ) ) ); return $err ? ( 1, "__badExpression__: $err" ) : 1; - } + } }, 'type' => 'ruleContainer' }, @@ -2796,6 +2796,9 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.] ], 'type' => 'select' }, + 'samlIDPMetaDataOptionsSortNumber' => { + 'type' => 'int' + }, 'samlIDPMetaDataOptionsSSOBinding' => { 'default' => '', 'select' => [ { @@ -3160,19 +3163,19 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.] 'securedCookie' => { 'default' => 0, 'select' => [ { - 'k' => '0', + 'k' => 0, 'v' => 'unsecuredCookie' }, { - 'k' => '1', + 'k' => 1, 'v' => 'securedCookie' }, { - 'k' => '2', + 'k' => 2, 'v' => 'doubleCookie' }, { - 'k' => '3', + 'k' => 3, 'v' => 'doubleCookieForSingleSession' } ], diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm index f0a8b5d6e..36db4d5cd 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm @@ -2298,6 +2298,7 @@ sub attributes { samlIDPMetaDataOptionsUserAttribute => { type => 'text', }, samlIDPMetaDataOptionsDisplayName => { type => 'text', }, samlIDPMetaDataOptionsIcon => { type => 'text', }, + samlIDPMetaDataOptionsSortNumber => { type => 'int', }, # SP keys samlSPMetaDataExportedAttributes => { diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm index 7e7c2d84d..f7781a061 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm @@ -94,7 +94,8 @@ sub cTrees { form => 'simpleInputContainer', nodes => [ "samlIDPMetaDataOptionsDisplayName", - "samlIDPMetaDataOptionsIcon" + "samlIDPMetaDataOptionsIcon", + "samlIDPMetaDataOptionsSortNumber" ] } ], diff --git a/lemonldap-ng-manager/site/htdocs/static/js/conftree.js b/lemonldap-ng-manager/site/htdocs/static/js/conftree.js index 2fdee5629..5e8133dad 100644 --- a/lemonldap-ng-manager/site/htdocs/static/js/conftree.js +++ b/lemonldap-ng-manager/site/htdocs/static/js/conftree.js @@ -859,6 +859,12 @@ function templates(tpl,key) { "get" : tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIcon", "id" : tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIcon", "title" : "samlIDPMetaDataOptionsIcon" + }, + { + "get" : tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSortNumber", + "id" : tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSortNumber", + "title" : "samlIDPMetaDataOptionsSortNumber", + "type" : "int" } ], "id" : "samlIDPMetaDataOptionsDisplay", diff --git a/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js b/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js index 5319f738f..fc59866de 100644 --- a/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js +++ b/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js @@ -1 +1 @@ -function templates(tpl,key){var ind;var scalarTemplate=function(r){return{id:tpl+"s/"+ind++,title:r,get:tpl+"s/"+key+"/"+r}};switch(tpl){case"casAppMetaDataNode":return[{_nodes:[{get:tpl+"s/"+key+"/"+"casAppMetaDataOptionsService",id:tpl+"s/"+key+"/"+"casAppMetaDataOptionsService",title:"casAppMetaDataOptionsService"},{get:tpl+"s/"+key+"/"+"casAppMetaDataOptionsRule",id:tpl+"s/"+key+"/"+"casAppMetaDataOptionsRule",title:"casAppMetaDataOptionsRule"}],id:"casAppMetaDataOptions",title:"casAppMetaDataOptions",type:"simpleInputContainer"},{cnodes:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars",default:[{data:"cn",id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars",title:"casAppMetaDataExportedVars",type:"keyTextContainer"}];case"casSrvMetaDataNode":return[{cnodes:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars",default:[{data:"cn",id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars",title:"casSrvMetaDataExportedVars",type:"keyTextContainer"},{cnodes:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsProxiedServices",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsProxiedServices",title:"casSrvMetaDataOptionsProxiedServices",type:"keyTextContainer"},{_nodes:[{get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsUrl",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsUrl",title:"casSrvMetaDataOptionsUrl"},{default:0,get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsRenew",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsRenew",title:"casSrvMetaDataOptionsRenew",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsGateway",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsGateway",title:"casSrvMetaDataOptionsGateway",type:"bool"}],id:"casSrvMetaDataOptions",title:"casSrvMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsDisplayName",title:"casSrvMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsIcon",title:"casSrvMetaDataOptionsIcon"}],id:"casSrvMetaDataOptionsDisplay",title:"casSrvMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"oidcOPMetaDataNode":return[{get:tpl+"s/"+key+"/"+"oidcOPMetaDataJSON",id:tpl+"s/"+key+"/"+"oidcOPMetaDataJSON",title:"oidcOPMetaDataJSON",type:"file"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataJWKS",id:tpl+"s/"+key+"/"+"oidcOPMetaDataJWKS",title:"oidcOPMetaDataJWKS",type:"file"},{cnodes:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars",default:[{data:"name",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"email",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"family_name",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/sn",title:"sn",type:"keyText"},{data:"sub",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars",title:"oidcOPMetaDataExportedVars",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsConfigurationURI",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsConfigurationURI",title:"oidcOPMetaDataOptionsConfigurationURI"},{default:0,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsJWKSTimeout",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsJWKSTimeout",title:"oidcOPMetaDataOptionsJWKSTimeout",type:"int"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientID",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientID",title:"oidcOPMetaDataOptionsClientID"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientSecret",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientSecret",title:"oidcOPMetaDataOptionsClientSecret",type:"password"},{default:0,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsStoreIDToken",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsStoreIDToken",title:"oidcOPMetaDataOptionsStoreIDToken",type:"bool"}],id:"oidcOPMetaDataOptionsConfiguration",title:"oidcOPMetaDataOptionsConfiguration",type:"simpleInputContainer"},{_nodes:[{default:"openid profile",get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsScope",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsScope",title:"oidcOPMetaDataOptionsScope"},{default:"",get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplay",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplay",select:[{k:"",v:""},{k:"page",v:"page"},{k:"popup",v:"popup"},{k:"touch",v:"touch"},{k:"wap",v:"wap"}],title:"oidcOPMetaDataOptionsDisplay",type:"select"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsPrompt",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsPrompt",title:"oidcOPMetaDataOptionsPrompt"},{default:0,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsMaxAge",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsMaxAge",title:"oidcOPMetaDataOptionsMaxAge",type:"int"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUiLocales",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUiLocales",title:"oidcOPMetaDataOptionsUiLocales"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsAcrValues",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsAcrValues",title:"oidcOPMetaDataOptionsAcrValues"},{default:"client_secret_post",get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsTokenEndpointAuthMethod",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsTokenEndpointAuthMethod",select:[{k:"client_secret_post",v:"client_secret_post"},{k:"client_secret_basic",v:"client_secret_basic"}],title:"oidcOPMetaDataOptionsTokenEndpointAuthMethod",type:"select"},{default:1,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsCheckJWTSignature",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsCheckJWTSignature",title:"oidcOPMetaDataOptionsCheckJWTSignature",type:"bool"},{default:30,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIDTokenMaxAge",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIDTokenMaxAge",title:"oidcOPMetaDataOptionsIDTokenMaxAge",type:"int"},{default:1,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUseNonce",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUseNonce",title:"oidcOPMetaDataOptionsUseNonce",type:"bool"}],id:"oidcOPMetaDataOptionsProtocol",title:"oidcOPMetaDataOptionsProtocol",type:"simpleInputContainer"}],id:"oidcOPMetaDataOptions",title:"oidcOPMetaDataOptions"},{_nodes:[{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplayName",title:"oidcOPMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIcon",title:"oidcOPMetaDataOptionsIcon"}],id:"oidcOPMetaDataOptionsDisplayParams",title:"oidcOPMetaDataOptionsDisplayParams",type:"simpleInputContainer"}];case"oidcRPMetaDataNode":return[{cnodes:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars",default:[{data:"mail",id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars/email",title:"email",type:"keyText"},{data:"sn",id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars/family_name",title:"family_name",type:"keyText"},{data:"cn",id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars/name",title:"name",type:"keyText"}],id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars",title:"oidcRPMetaDataExportedVars",type:"keyTextContainer"},{cnodes:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsExtraClaims",default:[],id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsExtraClaims",title:"oidcRPMetaDataOptionsExtraClaims",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientID",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientID",title:"oidcRPMetaDataOptionsClientID"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientSecret",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientSecret",title:"oidcRPMetaDataOptionsClientSecret",type:"password"}],id:"oidcRPMetaDataOptionsAuthentication",title:"oidcRPMetaDataOptionsAuthentication",type:"simpleInputContainer"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsUserIDAttr",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsUserIDAttr",title:"oidcRPMetaDataOptionsUserIDAttr"},{default:"HS512",get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenSignAlg",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenSignAlg",select:[{k:"none",v:"None"},{k:"HS256",v:"HS256"},{k:"HS384",v:"HS384"},{k:"HS512",v:"HS512"},{k:"RS256",v:"RS256"},{k:"RS384",v:"RS384"},{k:"RS512",v:"RS512"}],title:"oidcRPMetaDataOptionsIDTokenSignAlg",type:"select"},{default:3600,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenExpiration",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenExpiration",title:"oidcRPMetaDataOptionsIDTokenExpiration",type:"int"},{default:3600,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsAccessTokenExpiration",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsAccessTokenExpiration",title:"oidcRPMetaDataOptionsAccessTokenExpiration",type:"int"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRedirectUris",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRedirectUris",title:"oidcRPMetaDataOptionsRedirectUris"},{default:0,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsBypassConsent",help:"openidconnectclaims.html",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsBypassConsent",title:"oidcRPMetaDataOptionsBypassConsent",type:"bool"},{_nodes:[{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsPostLogoutRedirectUris",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsPostLogoutRedirectUris",title:"oidcRPMetaDataOptionsPostLogoutRedirectUris"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutUrl",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutUrl",title:"oidcRPMetaDataOptionsLogoutUrl"},{default:"front",get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutType",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutType",select:[{k:"front",v:"Front Channel"},{k:"back",v:"Back Channel"}],title:"oidcRPMetaDataOptionsLogoutType",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutSessionRequired",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutSessionRequired",title:"oidcRPMetaDataOptionsLogoutSessionRequired",type:"bool"}],id:"logout",title:"logout",type:"simpleInputContainer"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRule",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRule",title:"oidcRPMetaDataOptionsRule"}],id:"oidcRPMetaDataOptions",title:"oidcRPMetaDataOptions"},{_nodes:[{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsDisplayName",title:"oidcRPMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIcon",title:"oidcRPMetaDataOptionsIcon"}],id:"oidcRPMetaDataOptionsDisplay",title:"oidcRPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlIDPMetaDataNode":return[{get:tpl+"s/"+key+"/"+"samlIDPMetaDataXML",id:tpl+"s/"+key+"/"+"samlIDPMetaDataXML",title:"samlIDPMetaDataXML",type:"file"},{cnodes:tpl+"s/"+key+"/"+"samlIDPMetaDataExportedAttributes",default:[],help:"authsaml.html#exported_attributes",id:tpl+"s/"+key+"/"+"samlIDPMetaDataExportedAttributes",title:"samlIDPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAdaptSessionUtime",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAdaptSessionUtime",title:"samlIDPMetaDataOptionsAdaptSessionUtime",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceUTF8",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceUTF8",title:"samlIDPMetaDataOptionsForceUTF8",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsStoreSAMLToken",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsStoreSAMLToken",title:"samlIDPMetaDataOptionsStoreSAMLToken",type:"bool"},{get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsUserAttribute",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsUserAttribute",title:"samlIDPMetaDataOptionsUserAttribute"}],id:"samlIDPMetaDataOptionsSession",title:"samlIDPMetaDataOptionsSession",type:"simpleInputContainer"},{_nodes:[{default:-1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSSOMessage",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSSOMessage",title:"samlIDPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSSOMessageSignature",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSSOMessageSignature",title:"samlIDPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSLOMessage",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSLOMessage",title:"samlIDPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSLOMessageSignature",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSLOMessageSignature",title:"samlIDPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlIDPMetaDataOptionsSignature",title:"samlIDPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSSOBinding",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSSOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"artifact-get",v:"Artifact GET"}],title:"samlIDPMetaDataOptionsSSOBinding",type:"select"},{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSLOBinding",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSLOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"http-soap",v:"SOAP"}],title:"samlIDPMetaDataOptionsSLOBinding",type:"select"}],id:"samlIDPMetaDataOptionsBinding",title:"samlIDPMetaDataOptionsBinding",type:"simpleInputContainer"},{_nodes:[{default:"none",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsEncryptionMode",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlIDPMetaDataOptionsEncryptionMode",type:"select"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckTime",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckTime",title:"samlIDPMetaDataOptionsCheckTime",type:"bool"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckAudience",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckAudience",title:"samlIDPMetaDataOptionsCheckAudience",type:"bool"}],id:"samlIDPMetaDataOptionsSecurity",title:"samlIDPMetaDataOptionsSecurity",type:"simpleInputContainer"},{_nodes:[{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsResolutionRule",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsResolutionRule",title:"samlIDPMetaDataOptionsResolutionRule",type:"longtext"},{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsNameIDFormat",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlIDPMetaDataOptionsNameIDFormat",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceAuthn",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceAuthn",title:"samlIDPMetaDataOptionsForceAuthn",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIsPassive",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIsPassive",title:"samlIDPMetaDataOptionsIsPassive",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowProxiedAuthn",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowProxiedAuthn",title:"samlIDPMetaDataOptionsAllowProxiedAuthn",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowLoginFromIDP",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowLoginFromIDP",title:"samlIDPMetaDataOptionsAllowLoginFromIDP",type:"bool"},{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRequestedAuthnContext",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRequestedAuthnContext",select:[{k:"",v:""},{k:"kerberos",v:"Kerberos"},{k:"password-protected-transport",v:"Password protected transport"},{k:"password",v:"Password"},{k:"tls-client",v:"TLS client certificate"}],title:"samlIDPMetaDataOptionsRequestedAuthnContext",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRelayStateURL",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRelayStateURL",title:"samlIDPMetaDataOptionsRelayStateURL",type:"bool"}],help:"authsaml.html#options",id:"samlIDPMetaDataOptions",title:"samlIDPMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsDisplayName",title:"samlIDPMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIcon",title:"samlIDPMetaDataOptionsIcon"}],id:"samlIDPMetaDataOptionsDisplay",title:"samlIDPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlSPMetaDataNode":return[{get:tpl+"s/"+key+"/"+"samlSPMetaDataXML",id:tpl+"s/"+key+"/"+"samlSPMetaDataXML",title:"samlSPMetaDataXML",type:"file"},{cnodes:tpl+"s/"+key+"/"+"samlSPMetaDataExportedAttributes",default:[],help:"idpsaml.html#exported_attributes",id:tpl+"s/"+key+"/"+"samlSPMetaDataExportedAttributes",title:"samlSPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{_nodes:[{default:"",get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDFormat",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlSPMetaDataOptionsNameIDFormat",type:"select"},{get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDSessionKey",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDSessionKey",title:"samlSPMetaDataOptionsNameIDSessionKey"},{default:0,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsOneTimeUse",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsOneTimeUse",title:"samlSPMetaDataOptionsOneTimeUse",type:"bool"},{default:72e3,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",type:"int"},{default:72e3,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNotOnOrAfterTimeout",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsNotOnOrAfterTimeout",type:"int"},{default:1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsForceUTF8",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsForceUTF8",title:"samlSPMetaDataOptionsForceUTF8",type:"bool"}],id:"samlSPMetaDataOptionsAuthnResponse",title:"samlSPMetaDataOptionsAuthnResponse",type:"simpleInputContainer"},{_nodes:[{default:-1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSSOMessage",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSSOMessage",title:"samlSPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSSOMessageSignature",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSSOMessageSignature",title:"samlSPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSLOMessage",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSLOMessage",title:"samlSPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSLOMessageSignature",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSLOMessageSignature",title:"samlSPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlSPMetaDataOptionsSignature",title:"samlSPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"none",get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEncryptionMode",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlSPMetaDataOptionsEncryptionMode",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEnableIDPInitiatedURL",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEnableIDPInitiatedURL",title:"samlSPMetaDataOptionsEnableIDPInitiatedURL",type:"bool"},{get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsRule",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsRule",title:"samlSPMetaDataOptionsRule"}],id:"samlSPMetaDataOptionsSecurity",title:"samlSPMetaDataOptionsSecurity",type:"simpleInputContainer"}],help:"idpsaml.html#options",id:"samlSPMetaDataOptions",title:"samlSPMetaDataOptions"}];case"virtualHost":return[{cnodes:tpl+"s/"+key+"/"+"locationRules",default:[{data:"deny",id:tpl+"s/"+key+"/"+"locationRules/default",re:"default",title:"default",type:"rule"}],help:"writingrulesand_headers.html#rules",id:tpl+"s/"+key+"/"+"locationRules",title:"locationRules",type:"ruleContainer"},{cnodes:tpl+"s/"+key+"/"+"exportedHeaders",help:"writingrulesand_headers.html#headers",id:tpl+"s/"+key+"/"+"exportedHeaders",title:"exportedHeaders",type:"keyTextContainer"},{cnodes:tpl+"s/"+key+"/"+"post",help:"formreplay.html",id:tpl+"s/"+key+"/"+"post",title:"post",type:"postContainer"},{_nodes:[{default:-1,get:tpl+"s/"+key+"/"+"vhostPort",id:tpl+"s/"+key+"/"+"vhostPort",title:"vhostPort",type:"int"},{default:-1,get:tpl+"s/"+key+"/"+"vhostHttps",id:tpl+"s/"+key+"/"+"vhostHttps",title:"vhostHttps",type:"trool"},{default:0,get:tpl+"s/"+key+"/"+"vhostMaintenance",id:tpl+"s/"+key+"/"+"vhostMaintenance",title:"vhostMaintenance",type:"bool"},{get:tpl+"s/"+key+"/"+"vhostAliases",id:tpl+"s/"+key+"/"+"vhostAliases",title:"vhostAliases"},{default:"Main",get:tpl+"s/"+key+"/"+"vhostType",id:tpl+"s/"+key+"/"+"vhostType",select:[{k:"Main",v:"Main"},{k:"Zimbra",v:"ZimbraPreAuth"},{k:"AuthBasic",v:"AuthBasic"},{k:"SecureToken",v:"SecureToken"},{k:"CDA",v:"CDA"},{k:"DevOps",v:"DevOps"},{k:"DevOpsST",v:"DevOpsST"},{k:"ServiceToken",v:"ServiceToken"}],title:"vhostType",type:"select"},{get:tpl+"s/"+key+"/"+"vhostAuthnLevel",id:tpl+"s/"+key+"/"+"vhostAuthnLevel",title:"vhostAuthnLevel",type:"int"}],help:"configvhost.html#options",id:"vhostOptions",title:"vhostOptions",type:"simpleInputContainer"}];default:return[]}}function setScopeVars(scope){scope.portal=scope.data[0]._nodes[0]._nodes[0];scope.getKey(scope.portal);scope.domain=scope.data[0]._nodes[4]._nodes[1];scope.getKey(scope.domain)} +function templates(tpl,key){var ind;var scalarTemplate=function(r){return{id:tpl+"s/"+ind++,title:r,get:tpl+"s/"+key+"/"+r}};switch(tpl){case"casAppMetaDataNode":return[{_nodes:[{get:tpl+"s/"+key+"/"+"casAppMetaDataOptionsService",id:tpl+"s/"+key+"/"+"casAppMetaDataOptionsService",title:"casAppMetaDataOptionsService"},{get:tpl+"s/"+key+"/"+"casAppMetaDataOptionsRule",id:tpl+"s/"+key+"/"+"casAppMetaDataOptionsRule",title:"casAppMetaDataOptionsRule"}],id:"casAppMetaDataOptions",title:"casAppMetaDataOptions",type:"simpleInputContainer"},{cnodes:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars",default:[{data:"cn",id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars",title:"casAppMetaDataExportedVars",type:"keyTextContainer"}];case"casSrvMetaDataNode":return[{cnodes:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars",default:[{data:"cn",id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars",title:"casSrvMetaDataExportedVars",type:"keyTextContainer"},{cnodes:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsProxiedServices",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsProxiedServices",title:"casSrvMetaDataOptionsProxiedServices",type:"keyTextContainer"},{_nodes:[{get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsUrl",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsUrl",title:"casSrvMetaDataOptionsUrl"},{default:0,get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsRenew",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsRenew",title:"casSrvMetaDataOptionsRenew",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsGateway",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsGateway",title:"casSrvMetaDataOptionsGateway",type:"bool"}],id:"casSrvMetaDataOptions",title:"casSrvMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsDisplayName",title:"casSrvMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsIcon",title:"casSrvMetaDataOptionsIcon"}],id:"casSrvMetaDataOptionsDisplay",title:"casSrvMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"oidcOPMetaDataNode":return[{get:tpl+"s/"+key+"/"+"oidcOPMetaDataJSON",id:tpl+"s/"+key+"/"+"oidcOPMetaDataJSON",title:"oidcOPMetaDataJSON",type:"file"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataJWKS",id:tpl+"s/"+key+"/"+"oidcOPMetaDataJWKS",title:"oidcOPMetaDataJWKS",type:"file"},{cnodes:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars",default:[{data:"name",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"email",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"family_name",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/sn",title:"sn",type:"keyText"},{data:"sub",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars",title:"oidcOPMetaDataExportedVars",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsConfigurationURI",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsConfigurationURI",title:"oidcOPMetaDataOptionsConfigurationURI"},{default:0,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsJWKSTimeout",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsJWKSTimeout",title:"oidcOPMetaDataOptionsJWKSTimeout",type:"int"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientID",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientID",title:"oidcOPMetaDataOptionsClientID"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientSecret",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientSecret",title:"oidcOPMetaDataOptionsClientSecret",type:"password"},{default:0,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsStoreIDToken",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsStoreIDToken",title:"oidcOPMetaDataOptionsStoreIDToken",type:"bool"}],id:"oidcOPMetaDataOptionsConfiguration",title:"oidcOPMetaDataOptionsConfiguration",type:"simpleInputContainer"},{_nodes:[{default:"openid profile",get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsScope",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsScope",title:"oidcOPMetaDataOptionsScope"},{default:"",get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplay",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplay",select:[{k:"",v:""},{k:"page",v:"page"},{k:"popup",v:"popup"},{k:"touch",v:"touch"},{k:"wap",v:"wap"}],title:"oidcOPMetaDataOptionsDisplay",type:"select"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsPrompt",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsPrompt",title:"oidcOPMetaDataOptionsPrompt"},{default:0,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsMaxAge",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsMaxAge",title:"oidcOPMetaDataOptionsMaxAge",type:"int"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUiLocales",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUiLocales",title:"oidcOPMetaDataOptionsUiLocales"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsAcrValues",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsAcrValues",title:"oidcOPMetaDataOptionsAcrValues"},{default:"client_secret_post",get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsTokenEndpointAuthMethod",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsTokenEndpointAuthMethod",select:[{k:"client_secret_post",v:"client_secret_post"},{k:"client_secret_basic",v:"client_secret_basic"}],title:"oidcOPMetaDataOptionsTokenEndpointAuthMethod",type:"select"},{default:1,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsCheckJWTSignature",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsCheckJWTSignature",title:"oidcOPMetaDataOptionsCheckJWTSignature",type:"bool"},{default:30,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIDTokenMaxAge",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIDTokenMaxAge",title:"oidcOPMetaDataOptionsIDTokenMaxAge",type:"int"},{default:1,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUseNonce",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUseNonce",title:"oidcOPMetaDataOptionsUseNonce",type:"bool"}],id:"oidcOPMetaDataOptionsProtocol",title:"oidcOPMetaDataOptionsProtocol",type:"simpleInputContainer"}],id:"oidcOPMetaDataOptions",title:"oidcOPMetaDataOptions"},{_nodes:[{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplayName",title:"oidcOPMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIcon",title:"oidcOPMetaDataOptionsIcon"}],id:"oidcOPMetaDataOptionsDisplayParams",title:"oidcOPMetaDataOptionsDisplayParams",type:"simpleInputContainer"}];case"oidcRPMetaDataNode":return[{cnodes:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars",default:[{data:"mail",id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars/email",title:"email",type:"keyText"},{data:"sn",id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars/family_name",title:"family_name",type:"keyText"},{data:"cn",id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars/name",title:"name",type:"keyText"}],id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars",title:"oidcRPMetaDataExportedVars",type:"keyTextContainer"},{cnodes:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsExtraClaims",default:[],id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsExtraClaims",title:"oidcRPMetaDataOptionsExtraClaims",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientID",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientID",title:"oidcRPMetaDataOptionsClientID"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientSecret",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientSecret",title:"oidcRPMetaDataOptionsClientSecret",type:"password"}],id:"oidcRPMetaDataOptionsAuthentication",title:"oidcRPMetaDataOptionsAuthentication",type:"simpleInputContainer"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsUserIDAttr",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsUserIDAttr",title:"oidcRPMetaDataOptionsUserIDAttr"},{default:"HS512",get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenSignAlg",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenSignAlg",select:[{k:"none",v:"None"},{k:"HS256",v:"HS256"},{k:"HS384",v:"HS384"},{k:"HS512",v:"HS512"},{k:"RS256",v:"RS256"},{k:"RS384",v:"RS384"},{k:"RS512",v:"RS512"}],title:"oidcRPMetaDataOptionsIDTokenSignAlg",type:"select"},{default:3600,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenExpiration",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenExpiration",title:"oidcRPMetaDataOptionsIDTokenExpiration",type:"int"},{default:3600,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsAccessTokenExpiration",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsAccessTokenExpiration",title:"oidcRPMetaDataOptionsAccessTokenExpiration",type:"int"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRedirectUris",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRedirectUris",title:"oidcRPMetaDataOptionsRedirectUris"},{default:0,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsBypassConsent",help:"openidconnectclaims.html",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsBypassConsent",title:"oidcRPMetaDataOptionsBypassConsent",type:"bool"},{_nodes:[{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsPostLogoutRedirectUris",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsPostLogoutRedirectUris",title:"oidcRPMetaDataOptionsPostLogoutRedirectUris"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutUrl",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutUrl",title:"oidcRPMetaDataOptionsLogoutUrl"},{default:"front",get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutType",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutType",select:[{k:"front",v:"Front Channel"},{k:"back",v:"Back Channel"}],title:"oidcRPMetaDataOptionsLogoutType",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutSessionRequired",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutSessionRequired",title:"oidcRPMetaDataOptionsLogoutSessionRequired",type:"bool"}],id:"logout",title:"logout",type:"simpleInputContainer"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRule",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRule",title:"oidcRPMetaDataOptionsRule"}],id:"oidcRPMetaDataOptions",title:"oidcRPMetaDataOptions"},{_nodes:[{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsDisplayName",title:"oidcRPMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIcon",title:"oidcRPMetaDataOptionsIcon"}],id:"oidcRPMetaDataOptionsDisplay",title:"oidcRPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlIDPMetaDataNode":return[{get:tpl+"s/"+key+"/"+"samlIDPMetaDataXML",id:tpl+"s/"+key+"/"+"samlIDPMetaDataXML",title:"samlIDPMetaDataXML",type:"file"},{cnodes:tpl+"s/"+key+"/"+"samlIDPMetaDataExportedAttributes",default:[],help:"authsaml.html#exported_attributes",id:tpl+"s/"+key+"/"+"samlIDPMetaDataExportedAttributes",title:"samlIDPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAdaptSessionUtime",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAdaptSessionUtime",title:"samlIDPMetaDataOptionsAdaptSessionUtime",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceUTF8",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceUTF8",title:"samlIDPMetaDataOptionsForceUTF8",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsStoreSAMLToken",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsStoreSAMLToken",title:"samlIDPMetaDataOptionsStoreSAMLToken",type:"bool"},{get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsUserAttribute",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsUserAttribute",title:"samlIDPMetaDataOptionsUserAttribute"}],id:"samlIDPMetaDataOptionsSession",title:"samlIDPMetaDataOptionsSession",type:"simpleInputContainer"},{_nodes:[{default:-1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSSOMessage",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSSOMessage",title:"samlIDPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSSOMessageSignature",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSSOMessageSignature",title:"samlIDPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSLOMessage",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSLOMessage",title:"samlIDPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSLOMessageSignature",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSLOMessageSignature",title:"samlIDPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlIDPMetaDataOptionsSignature",title:"samlIDPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSSOBinding",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSSOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"artifact-get",v:"Artifact GET"}],title:"samlIDPMetaDataOptionsSSOBinding",type:"select"},{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSLOBinding",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSLOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"http-soap",v:"SOAP"}],title:"samlIDPMetaDataOptionsSLOBinding",type:"select"}],id:"samlIDPMetaDataOptionsBinding",title:"samlIDPMetaDataOptionsBinding",type:"simpleInputContainer"},{_nodes:[{default:"none",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsEncryptionMode",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlIDPMetaDataOptionsEncryptionMode",type:"select"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckTime",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckTime",title:"samlIDPMetaDataOptionsCheckTime",type:"bool"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckAudience",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckAudience",title:"samlIDPMetaDataOptionsCheckAudience",type:"bool"}],id:"samlIDPMetaDataOptionsSecurity",title:"samlIDPMetaDataOptionsSecurity",type:"simpleInputContainer"},{_nodes:[{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsResolutionRule",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsResolutionRule",title:"samlIDPMetaDataOptionsResolutionRule",type:"longtext"},{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsNameIDFormat",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlIDPMetaDataOptionsNameIDFormat",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceAuthn",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceAuthn",title:"samlIDPMetaDataOptionsForceAuthn",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIsPassive",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIsPassive",title:"samlIDPMetaDataOptionsIsPassive",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowProxiedAuthn",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowProxiedAuthn",title:"samlIDPMetaDataOptionsAllowProxiedAuthn",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowLoginFromIDP",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowLoginFromIDP",title:"samlIDPMetaDataOptionsAllowLoginFromIDP",type:"bool"},{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRequestedAuthnContext",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRequestedAuthnContext",select:[{k:"",v:""},{k:"kerberos",v:"Kerberos"},{k:"password-protected-transport",v:"Password protected transport"},{k:"password",v:"Password"},{k:"tls-client",v:"TLS client certificate"}],title:"samlIDPMetaDataOptionsRequestedAuthnContext",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRelayStateURL",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRelayStateURL",title:"samlIDPMetaDataOptionsRelayStateURL",type:"bool"}],help:"authsaml.html#options",id:"samlIDPMetaDataOptions",title:"samlIDPMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsDisplayName",title:"samlIDPMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIcon",title:"samlIDPMetaDataOptionsIcon"},{get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSortNumber",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSortNumber",title:"samlIDPMetaDataOptionsSortNumber",type:"int"}],id:"samlIDPMetaDataOptionsDisplay",title:"samlIDPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlSPMetaDataNode":return[{get:tpl+"s/"+key+"/"+"samlSPMetaDataXML",id:tpl+"s/"+key+"/"+"samlSPMetaDataXML",title:"samlSPMetaDataXML",type:"file"},{cnodes:tpl+"s/"+key+"/"+"samlSPMetaDataExportedAttributes",default:[],help:"idpsaml.html#exported_attributes",id:tpl+"s/"+key+"/"+"samlSPMetaDataExportedAttributes",title:"samlSPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{_nodes:[{default:"",get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDFormat",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlSPMetaDataOptionsNameIDFormat",type:"select"},{get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDSessionKey",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDSessionKey",title:"samlSPMetaDataOptionsNameIDSessionKey"},{default:0,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsOneTimeUse",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsOneTimeUse",title:"samlSPMetaDataOptionsOneTimeUse",type:"bool"},{default:72e3,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",type:"int"},{default:72e3,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNotOnOrAfterTimeout",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsNotOnOrAfterTimeout",type:"int"},{default:1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsForceUTF8",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsForceUTF8",title:"samlSPMetaDataOptionsForceUTF8",type:"bool"}],id:"samlSPMetaDataOptionsAuthnResponse",title:"samlSPMetaDataOptionsAuthnResponse",type:"simpleInputContainer"},{_nodes:[{default:-1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSSOMessage",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSSOMessage",title:"samlSPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSSOMessageSignature",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSSOMessageSignature",title:"samlSPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSLOMessage",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSLOMessage",title:"samlSPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSLOMessageSignature",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSLOMessageSignature",title:"samlSPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlSPMetaDataOptionsSignature",title:"samlSPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"none",get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEncryptionMode",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlSPMetaDataOptionsEncryptionMode",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEnableIDPInitiatedURL",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEnableIDPInitiatedURL",title:"samlSPMetaDataOptionsEnableIDPInitiatedURL",type:"bool"},{get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsRule",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsRule",title:"samlSPMetaDataOptionsRule"}],id:"samlSPMetaDataOptionsSecurity",title:"samlSPMetaDataOptionsSecurity",type:"simpleInputContainer"}],help:"idpsaml.html#options",id:"samlSPMetaDataOptions",title:"samlSPMetaDataOptions"}];case"virtualHost":return[{cnodes:tpl+"s/"+key+"/"+"locationRules",default:[{data:"deny",id:tpl+"s/"+key+"/"+"locationRules/default",re:"default",title:"default",type:"rule"}],help:"writingrulesand_headers.html#rules",id:tpl+"s/"+key+"/"+"locationRules",title:"locationRules",type:"ruleContainer"},{cnodes:tpl+"s/"+key+"/"+"exportedHeaders",help:"writingrulesand_headers.html#headers",id:tpl+"s/"+key+"/"+"exportedHeaders",title:"exportedHeaders",type:"keyTextContainer"},{cnodes:tpl+"s/"+key+"/"+"post",help:"formreplay.html",id:tpl+"s/"+key+"/"+"post",title:"post",type:"postContainer"},{_nodes:[{default:-1,get:tpl+"s/"+key+"/"+"vhostPort",id:tpl+"s/"+key+"/"+"vhostPort",title:"vhostPort",type:"int"},{default:-1,get:tpl+"s/"+key+"/"+"vhostHttps",id:tpl+"s/"+key+"/"+"vhostHttps",title:"vhostHttps",type:"trool"},{default:0,get:tpl+"s/"+key+"/"+"vhostMaintenance",id:tpl+"s/"+key+"/"+"vhostMaintenance",title:"vhostMaintenance",type:"bool"},{get:tpl+"s/"+key+"/"+"vhostAliases",id:tpl+"s/"+key+"/"+"vhostAliases",title:"vhostAliases"},{default:"Main",get:tpl+"s/"+key+"/"+"vhostType",id:tpl+"s/"+key+"/"+"vhostType",select:[{k:"Main",v:"Main"},{k:"Zimbra",v:"ZimbraPreAuth"},{k:"AuthBasic",v:"AuthBasic"},{k:"SecureToken",v:"SecureToken"},{k:"CDA",v:"CDA"},{k:"DevOps",v:"DevOps"},{k:"DevOpsST",v:"DevOpsST"},{k:"ServiceToken",v:"ServiceToken"}],title:"vhostType",type:"select"},{get:tpl+"s/"+key+"/"+"vhostAuthnLevel",id:tpl+"s/"+key+"/"+"vhostAuthnLevel",title:"vhostAuthnLevel",type:"int"}],help:"configvhost.html#options",id:"vhostOptions",title:"vhostOptions",type:"simpleInputContainer"}];default:return[]}}function setScopeVars(scope){scope.portal=scope.data[0]._nodes[0]._nodes[0];scope.getKey(scope.portal);scope.domain=scope.data[0]._nodes[4]._nodes[1];scope.getKey(scope.domain)} diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json index b0c8463c6..379a1af57 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json @@ -894,6 +894,7 @@ "samlIDPMetaDataOptionsDisplayParams":"عرض", "samlIDPMetaDataOptionsIcon":"Logo", "samlIDPMetaDataOptionsSecurity":"الحماية", +"samlIDPMetaDataOptionsSortNumber":"Order", "samlIDPMetaDataOptionsStoreSAMLToken":"حفظ SAML توكن", "samlIDPMetaDataOptionsRelayStateURL":"السماح بعنوان اليو آر إل ك RelayState", "samlIDPMetaDataOptionsUserAttribute":"Attribute containing user identifier", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/de.json b/lemonldap-ng-manager/site/htdocs/static/languages/de.json index 1ea9c0d48..e4db8bd41 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/de.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/de.json @@ -894,6 +894,7 @@ "samlIDPMetaDataOptionsDisplayParams":"Display", "samlIDPMetaDataOptionsIcon":"Logo", "samlIDPMetaDataOptionsSecurity":"Security", +"samlIDPMetaDataOptionsSortNumber":"Order", "samlIDPMetaDataOptionsStoreSAMLToken":"Store SAML Token", "samlIDPMetaDataOptionsRelayStateURL":"Allow URL as RelayState", "samlIDPMetaDataOptionsUserAttribute":"Attribute containing user identifier", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/en.json b/lemonldap-ng-manager/site/htdocs/static/languages/en.json index 4a57cca0c..d204ba196 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/en.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/en.json @@ -894,6 +894,7 @@ "samlIDPMetaDataOptionsDisplayParams":"Display", "samlIDPMetaDataOptionsIcon":"Logo", "samlIDPMetaDataOptionsSecurity":"Security", +"samlIDPMetaDataOptionsSortNumber":"Order", "samlIDPMetaDataOptionsStoreSAMLToken":"Store SAML Token", "samlIDPMetaDataOptionsRelayStateURL":"Allow URL as RelayState", "samlIDPMetaDataOptionsUserAttribute":"Attribute containing user identifier", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/es.json b/lemonldap-ng-manager/site/htdocs/static/languages/es.json new file mode 100644 index 000000000..d204ba196 --- /dev/null +++ b/lemonldap-ng-manager/site/htdocs/static/languages/es.json @@ -0,0 +1,987 @@ +{ +"/doc/":"/doc/", +"_auth":"Authentication", +"_authChoice":"Authentication choice", +"_idp":"IDP EntityID", +"_idpConfKey":"IDP configuration key", +"_issuerDB":"Issuer", +"_lassoIdentityDump":"Lasso identity dump", +"_lassoSessionDump":"Lasso session dump", +"_lastAuthnUTime":"Authentication timestamp", +"_lastSeen":"Last activity timestamp", +"_loginHistory":"Login history", +"_oidc_access_token":"Access Token", +"_oidc_id_token":"ID Token", +"_oidc_OP":"Provider key", +"_password":"Password", +"_passwordDB":"Password", +"_samlToken":"SAML token", +"_session_id":"Session identifier", +"_startTime":"Creation date", +"_timezone":"Time zone", +"_updateTime":"Update date", +"_user":"Login", +"_userDB":"User", +"_url":"Origin URL", +"_utime":"Session timestamp", +"2faSessions":"2ndFA sessions explorer", +"2ndFA":"Second Factors", +"actives":"Enabled", +"activeTimer":"Auto accept time", +"addAppCasPartner":"Add CAS application", +"addIDPSamlPartner":"Add SAML IDP", +"addOidcOp":"Add OpenID Connect Provider", +"addOidcRp":"Add OpenID Relying Party", +"addSamlAttribute":"Add attribute", +"addSPSamlPartner":"Add SAML SP", +"addSrvCasPartner":"Add CAS server", +"addU2FKey":"Add U2F key", +"addTOTPKey":"Add TOTP key", +"addVhost":"Add virtualhost", +"adParams":"Active Directory parameters", +"ADPwdExpireWarning":"Password expire warning", +"ADPwdMaxAge":"Password max age", +"advancedParams":"Advanced parameters", +"allowedMarkups":"Allowed markups:", +"apacheParams":"Apache parameters", +"apacheAuthnLevel":"Authentication level", +"application":"Application", +"applicationDisplay":"Display application", +"applicationList":"Categories and applications", +"applyResult":"Apply result", +"appsInThisCat":"Applications in this category", +"attributesAndMacros":"Attributes and macros", +"authAndUserdb":"Authz and user DB", +"authChain":"Authentication chain", +"authChoice":"Authentication choice", +"authChoiceModules":"Allowed modules", +"authChoiceParam":"URL parameter", +"authentication":"Authentication module", +"authenticationNeeded":"Authentication needed", +"authenticationLevel":"Authentication level", +"authenticationTitle":"Authentication", +"AuthLDAPFilter":"Authentication filter", +"authOnly":"Authentication only", +"author":"Author", +"authorIPAddress":"Author IP address", +"authorizedValues":"Authorized values", +"authParams":"Authentication parameters", +"auto":"Automatic", +"autoSignin":"Auto Signin", +"autoSigninRules":"Rules", +"backtoportal":"Back to portal", +"badCasProxyId":"Bad CAS proxied service identifier", +"badChoiceKey":"Bad key name in Choice menu", +"badCookieName":"Bad cookie name", +"badCustomFuncName":"Bad custom function name", +"badDomainName":"Bad domain name", +"badEncoding":"Bad encoding", +"badExpression":"Bad expression", +"badHeaderName":"Bad header name", +"badHostname":"Bad hostname", +"badLdapUri":"Bad LDAP URI", +"badKeyName":"Bad key name", +"badIPv4Address":"Bad IPv4 address", +"badMacroName":"Bad macro name", +"badMetadataName":"Bad metadata name", +"badPemEncoding":"Bad PEM encoding", +"badPerlPackageName":"Bad Perl package name", +"badRegexp":"Bad regular expression", +"badRequest":"Bad request", +"badSkinRule":"Bad skin rule", +"badUrl":"Bad URL", +"badValue":"Bad value", +"badVariableName":"Bad variable name", +"blackList":"Black list", +"browse":"Browse", +"browserIdAuthnLevel":"Authentication level", +"browserIdAutoLogin":"Automatic login", +"browserIdBackgroundColor":"Background color", +"browseridParams":"BrowserIDParams", +"browserIdSiteLogo":"Site Logo", +"browserIdSiteName":"Site name", +"browserIdVerificationURL":"Verification URL", +"browseTree":"Browse tree", +"bruteForceProtection":"Brute-force attack protection", +"cancel":"Cancel", +"captcha_login_enabled":"Activation in login form", +"captcha_mail_enabled":"Activation in password reset by mail form", +"captcha_register_enabled":"Activation in register form", +"captcha_size":"Size", +"casAuthnLevel":"Authentication level", +"casAccessControlPolicy":"Access control policy", +"casApp":"CAS Application", +"casAppMetaDataExportedVars":"Exported attributes", +"casAppMetaDataNodes":"CAS Applications", +"casAppMetaDataOptions":"Options", +"casAppMetaDataOptionsService":"Service URL", +"casAppMetaDataOptionsRule":"Rule", +"casAppName":"CAS App Name", +"casAttr":"CAS login", +"casAttributes":"CAS exported attributes", +"casParams":"CAS parameters", +"casServiceMetadata":"CAS Service", +"casSrv":"CAS Server", +"casSrvMetaDataExportedVars":"Exported attributes", +"casSrvMetaDataOptions":"Options", +"casSrvMetaDataOptionsDisplay":"Display", +"casSrvMetaDataOptionsDisplayName":"Name to display", +"casSrvMetaDataOptionsGateway":"Gateway authentication", +"casSrvMetaDataOptionsIcon":"Icon path", +"casSrvMetaDataOptionsRenew":"Renew authentication", +"casSrvMetaDataOptionsProxiedServices":"Proxied services", +"casSrvMetaDataOptionsUrl":"Server URL", +"casSrvMetaDataNodes":"CAS Servers", +"casSrvName":"CAS Server Name", +"casStorage":"CAS sessions module name", +"casStorageOptions":"CAS sessions module options", +"categoryName":"Category name", +"cda":"Multiple domains", +"contentSecurityPolicy":"Content security policy", +"cspDefault":"Default value", +"cspFormAction":"Form destinations", +"cspImg":"Image source", +"cspScript":"Script source", +"cspStyle":"Style source", +"cspConnect":"Ajax destinations", +"cspFont":"Font source", +"cfgLog":"Resume", +"cfgVersion":"Configuration version", +"checkXSS":"Check XSS attacks", +"clickHereToForce":"Click here to force", +"checkState":"Activation", +"checkStateSecret":"Shared secret", +"checkUsers":"SSO profile Check", +"checkUser":"Activation", +"checkUserIdRule":"Identities use rule", +"checkUserHiddenAttributes":"Hidden attributes", +"checkUserDisplayPersistentInfo":"Display persistent session", +"checkUserDisplayEmptyValues":"Display empty values", +"choiceParams":"Choice parameters", +"chooseLogo":"Choose logo", +"chooseSkin":"Choose skin", +"combination":"Combination", +"combinationParams":"Combination parameters", +"combineMods":"Combination of modules", +"combModules":"Module list", +"comment":"Comment", +"comments":"Comments", +"condition":"Condition", +"conf":"Configuration", +"Configuration":"Configuration", +"confirmFormMethod":"Method for confirm form", +"confModuledeprecated":"This module has been deprecated, set \"forceUpload=1\" in lemonldap-ng.ini to use it", +"confNotChanged":"No change detected, saving aborted", +"confSaved":"Configuration saved", +"confWasChanged":"Configuration has been changed", +"connectionTitle":"Connection", +"cookieExpiration":"Cookie expiration time", +"cookieName":"Cookie Name", +"cookieParams":"Cookies", +"create":"Create", +"currentConfiguration":"Current configuration", +"customAddParams":"Additional parameters", +"customAuth":"Custom authentication module", +"customFunctions":"Custom functions", +"customModule":"Custom module", +"customParams":"Custom module names", +"customPassword":"Custom password module", +"customPortalSkin":"Custom portal skin", +"customRegister":"Custom register module", +"customUserDB":"Custom user DB module", +"date":"Date", +"dbiAuthChain":"Chain", +"dbiAuthLoginCol":"Login field name", +"dbiAuthnLevel":"Authentication level", +"dbiAuthPassword":"Password", +"dbiAuthPasswordCol":"Password field name", +"dbiAuthPasswordHash":"Hash scheme", +"dbiDynamicHash":"dynamic hashing", +"dbiDynamicHashEnabled":"dynamic hash activation", +"dbiDynamicHashValidSchemes":"Supported non-salted schemes", +"dbiDynamicHashValidSaltedSchemes":"Supported salted schemes", +"dbiDynamicHashNewPasswordScheme":"Dynamic hash scheme for new passwords", +"dbiAuthTable":"Authentication table", +"dbiAuthUser":"User", +"dbiConnection":"Connection", +"dbiExportedVars":"Exported variables", +"dbiParams":"DBI parameters", +"dbiPassword":"Password", +"dbiPasswordMailCol":"Mail field name", +"dbiSchema":"Schema", +"dbiUserTable":"User table", +"default":"Default", +"defaultRule":"Default rule", +"demoModeOn":"This manager runs in demo mode", +"deleteEntry":"Delete", +"deleteNotification":"Delete", +"deleteSession":"Delete session", +"deleteU2FKey":"Delete U2F key", +"deleteTOTPKey":"Delete TOTP key", +"demoExportedVars":"Exported variables", +"demoParams":"Demonstration parameters", +"description":"Description", +"diffViewer":"Difference viewer", +"diffWithPrevious":"difference with previous", +"disabled":"Disabled", +"done":"done", +"dones":"Done", +"down":"Move up", +"doubleCookie":"Double cookie (HTTP and HTTPS)", +"doubleCookieForSingleSession":"Double cookie for a single session", +"databaseLocked":"Database locked by another process", +"dateTitle":"Dates", +"dn":"DN", +"domain":"Domain", +"download":"Download", +"downloadIt":"Download it", +"duplicate":"Duplicate", +"edit":"Edit", +"editContent":"Edit content", +"emptyConf":"Empty configuration", +"emptyValueNotAllowed":"Empty value not allowed", +"enabled":"Enabled", +"enterPassword":"Enter password (optional)", +"error":"Error", +"errors":"ERRORS", +"exportedAttr":"SOAP/REST exported attributes", +"exportedHeaders":"Exported headers", +"exportedVars":"Exported Variables", +"external2f":"External second factor", +"ext2fActivation":"Activation", +"ext2fCodeActivation":"Code regex", +"ext2fAuthnLevel":"Authentication level", +"ext2fLogo":"Logo", +"ext2FSendCommand":"Send comand", +"ext2FValidateCommand":"Validation command", +"facebookAppId":"Facebook application ID", +"facebookAppSecret":"Facebook application secret", +"facebookAuthnLevel":"Authentication level", +"facebookExportedVars":"Exported variables", +"facebookParams":"Facebook parameters", +"facebookUserField":"Field containing user identifier", +"failedLoginNumber":"Number of registered failed logins", +"fileToUpload":"File to upload", +"forbidden":"You're not authorized to show this page", +"forceSave":"Force save", +"format":"Format", +"formReplay":"Form replay", +"formTimeout":"Form timeout", +"forms":"Forms", +"friendlyName":"Friendly name", +"generalParameters":"General Parameters", +"globalStorage":"Apache::Session module", +"globalStorageOptions":"Apache::Session module parameters", +"gpgAuthnLevel":"Authentication level", +"gpgDb":"GPG database", +"gpgParams":"GPG parameters", +"grantSessionRules":"Opening conditions", +"groups":"Groups", +"hashkey":"Key", +"headers":"HTTP Headers", +"hGroups":"Groups (HashRef)", +"hostname":"Hostname", +"hiddenAttributes":"Hidden attributes", +"hide":"Hide", +"hideHelp":"Hide help", +"hideOldPassword":"Hide old password", +"hideTree":"Hide tree", +"httpOnly":"Javascript protection", +"https":"HTTPS", +"impersonation":"Impersonation", +"impersonationRule":"Use rule", +"impersonationIdRule":"Identities use rule", +"impersonationHiddenAttributes":"Hidden attributes", +"impersonationMergeSSOgroups":"Merge spoofed and real SSO groups", +"impersonationPrefix":"Real attributes prefix", +"impersonationSkipEmptyValues":"Skip empty values", +"incompleteForm":"Required fields are missing", +"index":"Index", +"infoFormMethod":"Method for info form", +"invalidSessionData":"Invalid session data", +"internalReference":"Internal reference", +"ipAddr":"IP address", +"ipAddresses":"IP addresses", +"issuerDBGet":"GET", +"issuerDBGetActivation":"Activation", +"issuerDBGetParameters":"GET parameters", +"issuerDBGetPath":"Path", +"issuerDBGetRule":"Use rule", +"issuerDBSAML":"SAML", +"issuerDBSAMLActivation":"Activation", +"issuerDBSAMLPath":"Path", +"issuerDBSAMLRule":"Use rule", +"issuerDBCAS":"CAS", +"issuerDBCASActivation":"Activation", +"issuerDBCASPath":"Path", +"issuerDBCASRule":"Use rule", +"issuerDBCASOptions":"Options", +"issuerDBOpenID":"OpenID", +"issuerDBOpenIDActivation":"Activation", +"issuerDBOpenIDPath":"Path", +"issuerDBOpenIDRule":"Use rule", +"issuerDBOpenIDOptions":"Options", +"issuerDBOpenIDConnect":"OpenID Connect", +"issuerDBOpenIDConnectActivation":"Activation", +"issuerDBOpenIDConnectPath":"Path", +"issuerDBOpenIDConnectRule":"Use rule", +"issuerParams":"Issuer modules", +"jsRedirect":"Redirection message", +"jqueryButtonSelector":"jQuery button selector (optional)", +"jqueryFormSelector":"jQuery form selector (optional)", +"jqueryUrl":"jQuery URL (optional)", +"key":"Encryption key", +"keys":"Keys", +"keyname":"Key name", +"keyPassword":"Key password", +"krbAuthnLevel":"Kerberos authn level", +"krbByJs":"Use Ajax request", +"krbKeytab":"keytab file", +"krbRemoveDomain":"Remove domain from Kerberos username", +"kerberosParams":"Kerberos parameters", +"languages":"Languages", +"latest":"Latest", +"ldap":"LDAP", +"ldapAllowResetExpiredPassword":"Allow to reset an expired password", +"ldapAuthnLevel":"Authentication level", +"ldapBase":"Users search base", +"ldapChangePasswordAsUser":"Change as user", +"ldapConnection":"Connection", +"ldapExportedVars":"Exported variables", +"ldapFilters":"Filters", +"LDAPFilter":"Default filter", +"ldapGroupAttributeName":"Target attribute", +"ldapGroupAttributeNameGroup":"Group source attribute", +"ldapGroupAttributeNameSearch":"Searched attributes", +"ldapGroupAttributeNameUser":"User source attribute", +"ldapGroupBase":"Search base", +"ldapGroupDecodeSearchedValue":"Decode searched value", +"ldapGroupObjectClass":"Object class", +"ldapGroupRecursive":"Recursive", +"ldapGroups":"Groups", +"ldapParams":"LDAP parameters", +"ldapPassword":"Password", +"ldapPasswordResetAttribute":"Reset attribute", +"ldapPasswordResetAttributeValue":"Reset value", +"ldapPpolicyControl":"Password policy control", +"ldapPort":"Server port", +"ldapPwdEnc":"LDAP password encoding", +"ldapRaw":"Binary attributes", +"ldapSearchDeref":"Alias dereference", +"ldapServer":"Server host", +"ldapSetPassword":"Password modify extended operation", +"ldapTimeout":"Timeout", +"ldapUsePasswordResetAttribute":"Use reset attribute", +"ldapVersion":"Version", +"linkedInAuthnLevel":"Authentication level", +"linkedInClientID":"Client ID", +"linkedInClientSecret":"Client secret", +"linkedInFields":"Searched fields", +"linkedinParams":"LinkedIn Parameters", +"linkedInScope":"Scope", +"linkedInUserField":"Field containing user identifier", +"load":"Load", +"loadedConfiguration":"Loaded configuration", +"loadFromUrl":"Load from URL", +"localSessionStorage":"Cache module", +"localSessionStorageOptions":"Cache module options", +"locationRules":"Access rule", +"loginHistory":"Login history", +"loginHistoryEnabled":"Activation", +"logo":"Logo", +"logout":"Logout", +"logoutServices":"Logout forward", +"logParams":"Logs", +"lwpOpts":"Options for server requests", +"lwpSslOpts":"SSL options for server requests", +"macros":"Macros", +"mail2f":"Mail second factor", +"mail2fActivation":"Activation", +"mail2fCodeRegex":"Code regex", +"mail2fTimeout":"Code timeout", +"mail2fSubject":"Mail subject", +"mail2fBody":"Mail body", +"mail2fAuthnLevel":"Authentication level", +"mail2fLogo":"Logo", +"mailBody":"Success mail content", +"mailCharset":"Charset", +"mailConfirmBody":"Confirmation mail content", +"mailConfirmSubject":"Confirmation mail subject", +"mailContent":"Password reset mail content", +"mailFrom":"Mail sender", +"mailHeaders":"Mail headers", +"mailLDAPFilter":"Mail filter", +"mailOnPasswordChange":"Send a mail when password is changed", +"mailOther":"Other", +"mailReplyTo":"Reply address", +"mailSessionKey":"Session key containing mail address", +"mailSubject":"Success mail subject", +"mailTimeout":"Validity time of a password reset request", +"mailUrl":"Reset page URL", +"maintenance":"Maintenance mode", +"malformedValue":"Malformed value", +"managerDn":"Account", +"managerPassword":"Password", +"mandatory":"Mandatory", +"markAsDone":"Mark as done", +"memberOfSSOGroups":"Member of SSO groups", +"menu":"Menu", +"message":"Message", +"messages":"Messages", +"menuCategory":"Menu category", +"modulesTitle":"Used modules", +"multiIp":"Multi IP", +"multipleSessions":"Multiple sessions", +"multiValuesSeparator":"Separator", +"name":"Name", +"needConfirmation":"A new configuration is available. To force saving this one, click on the check box near the 'save' button", +"networkProblem":"Network problem", +"newApp":"New application", +"newChain":"New chain", +"newCat":"New category", +"newCfgAvailable":"A new configuration is available", +"newCmbMod":"New module", +"newCmbOver":"New parameter", +"newEntry":"New entry", +"newGrantRule":"New grant rule", +"newHost":"New host", +"newPost":"New form replay", +"newPostVar":"New variable", +"newRSAKey":"New keys", +"newRule":"New rule", +"newValue":"New value", +"next":"Next", +"nginxCustomHandlers":"Custom Nginx handlers", +"noAjaxHook":"Keep redirections for Ajax", +"noDatas":"No datas to display", +"notABoolean":"Not a boolean", +"notAnInteger":"Not an integer", +"notAValidPerlExpression":"Not a valid Perl expression", +"notification":"Activation", +"notifications":"Notifications", +"notificationServer":"Notification server", +"notificationCreated":"Notification has been created", +"notificationDeleted":"Notification deleted", +"notificationDone":"notification done", +"notificationsDone":"notifications done", +"notificationNotCreated":"The notification was not created", +"notificationNotDeleted":"The notification was not marked as done", +"notificationNotFound":"The notification was not found", +"notificationNotPurged":"The notification was not definitely removed", +"notificationPurged":"Notification has been definitely removed", +"notificationStorage":"Storage module", +"notificationStorageOptions":"Storage module parameters", +"notificationWildcard":"Wildcard for all users", +"notificationXSLTfile":"Custom XSLT file", +"notifyDeleted":"Display deleted sessions", +"notifyOther":"Display other sessions", +"nullAuthnLevel":"Authentication level", +"nullParams":"Null parameters", +"number":"Number", +"off":"Off", +"oldValue":"Old value", +"on":"On", +"oidcAuthnLevel":"Authentication level", +"oidcConsents":"OpenID Connect Consents", +"oidcOP":"OpenID Connect Provider", +"oidcOPMetaDataExportedVars":"Exported attributes", +"oidcOPMetaDataJSON":"Metadata", +"oidcOPMetaDataJWKS":"JWKS data", +"oidcOPMetaDataNode":"OpenID Connect Providers", +"oidcOPMetaDataOptions":"Options", +"oidcRPMetaDataOptionsAuthentication":"Authentication", +"oidcOPMetaDataOptionsCheckJWTSignature":"Check JWT signature", +"oidcOPMetaDataOptionsClientID":"Client ID", +"oidcOPMetaDataOptionsClientSecret":"Client secret", +"oidcOPMetaDataOptionsConfiguration":"Configuration", +"oidcOPMetaDataOptionsConfigurationURI":"Configuration endpoint", +"oidcOPMetaDataOptionsDisplay":"Display", +"oidcOPMetaDataOptionsDisplayName":"Display name", +"oidcOPMetaDataOptionsDisplayParams":"Display", +"oidcOPMetaDataOptionsIcon":"Logo", +"oidcOPMetaDataOptionsJWKSTimeout":"JWKS data timeout", +"oidcRPMetaDataOptionsLogoutSessionRequired":"Session required", +"oidcRPMetaDataOptionsLogoutType":"Type", +"oidcRPMetaDataOptionsLogoutUrl":"URL", +"oidcOPMetaDataOptionsProtocol":"Protocol", +"oidcRPMetaDataOptionsRule":"Access rule", +"oidcOPMetaDataOptionsScope":"Scope", +"oidcOPMetaDataOptionsStoreIDToken":"Store ID Token", +"oidcOPMetaDataOptionsTokenEndpointAuthMethod":"Token endpoint authentication method", +"oidcOPName":"OpenID Connect Provider Name", +"oidcParams":"OpenID Connect parameters", +"oidcRP":"OpenID Connect Relying Party", +"oidcRPCallbackGetParam":"Callback GET parameter", +"oidcRPMetaDataExportedVars":"Exported attributes", +"oidcRPMetaDataNode":"OpenID Connect Relying Parties", +"oidcRPMetaDataOptions":"Options", +"oidcRPMetaDataOptionsAccessTokenExpiration":"Access token expiration", +"oidcRPMetaDataOptionsBypassConsent":"Bypass consent", +"oidcRPMetaDataOptionsClientID":"Client ID", +"oidcRPMetaDataOptionsClientSecret":"Client secret", +"oidcRPMetaDataOptionsDisplay":"Display", +"oidcRPMetaDataOptionsDisplayName":"Display name", +"oidcRPMetaDataOptionsIcon":"Logo", +"oidcRPMetaDataOptionsIDTokenExpiration":"ID Token expiration", +"oidcRPMetaDataOptionsIDTokenSignAlg":"ID Token signature algorithm", +"oidcRPMetaDataOptionsUserIDAttr":"User attribute", +"oidcRPName":"OpenID Connect RP Name", +"oidcRPStateTimeout":"State session timeout", +"oidcServiceMetaData":"OpenID Connect Service", +"oidcServiceMetaDataAuthorizeURI":"Authorization", +"oidcServiceMetaDataBackChannelURI":"Back-Channel URI", +"oidcServiceMetaDataEndPoints":"End points", +"oidcServiceMetaDataFrontChannelURI":"Front-Channel URI", +"oidcServiceMetaDataJWKSURI":"JWKS", +"oidcServiceMetaDataKeys":"Keys", +"oidcServiceMetaDataRegistrationURI":"Registration", +"oidcServiceMetaDataSecurity":"Security", +"oidcServiceMetaDataEndSessionURI":"End of session", +"oidcServiceMetaDataAuthnContext":"Authentication context", +"oidcServiceMetaDataSessions":"Sessions", +"oidcServicePrivateKeySig":"Signing private key", +"oidcServicePublicKeySig":"Signing public key", +"oidcServiceKeyIdSig":"Signing key ID", +"oidcStorage":"Sessions module name", +"oidcStorageOptions":"Sessions module options", +"oidcOPMetaDataNodes":"OpenID Connect Providers", +"oidcRPMetaDataNodes":"OpenID Connect Relying Parties", +"oidcOPMetaDataOptionsPrompt":"Prompt", +"oidcOPMetaDataOptionsMaxAge":"Max age", +"oidcOPMetaDataOptionsUiLocales":"Locales UI", +"oidcOPMetaDataOptionsAcrValues":"ACR values", +"oidcOPMetaDataOptionsIDTokenMaxAge":"ID Token max age", +"oidcOPMetaDataOptionsUseNonce":"Use nonce", +"oidcRPMetaDataOptionsRedirectUris":"Allowed redirection addresses for login", +"oidcRPMetaDataOptionsPostLogoutRedirectUris":"Allowed redirection addresses for logout", +"oidcRPMetaDataOptionsExtraClaims":"Extra claims", +"oidcServiceMetaDataIssuer":"Issuer identifier", +"oidcServiceMetaDataTokenURI":"Token", +"oidcServiceMetaDataUserInfoURI":"User Info", +"oidcServiceMetaDataCheckSessionURI":"Check Session", +"oidcServiceAllowDynamicRegistration":"Dynamic Registration", +"oidcServiceAllowAuthorizationCodeFlow":"Authorization Code Flow", +"oidcServiceAllowImplicitFlow":"Implicit Flow", +"oidcServiceAllowHybridFlow":"Hybrid Flow", +"ok":"OK", +"oldNotifFormat":"Use old XML format", +"openIdAttr":"OpenID login", +"openIdAuthnLevel":"Authentication level", +"openIdExportedVars":"Exported variables", +"openIdIDPList":"Authorized domains", +"openIdIssuerSecret":"Secret token", +"openidParams":"OpenID parameters", +"openIdSecret":"Secret token", +"openIdSreg":"SREG mapping", +"openIdSreg_fullname":"Full name", +"openIdSreg_nickname":"Nick name", +"openIdSreg_language":"Language", +"openIdSreg_postcode":"Postal code", +"openIdSreg_timezone":"Timezone", +"openIdSreg_country":"Country", +"openIdSreg_gender":"Gender", +"openIdSreg_email":"Email", +"openIdSreg_dob":"Date of birth", +"openIdSPList":"Authorized domains", +"OpenIDConnect":"OpenID Connect", +"OptionalTitle":"Optional title", +"overPrm":"Overloaded parameters", +"pamAuthnLevel":"Authentication level", +"pamParams":"PAM parameters", +"pamService":"PAM service", +"password":"Password", +"passwordDB":"Password module", +"passwordManagement":"Password management", +"passwordResetAllowedRetries":"Max reset password retries", +"persistent":"Persistent", +"persistentSessions":"Persistent sessions", +"persistentStorage":"Apache::Session module", +"persistentStorageOptions":"Apache::Session module parameters", +"plugins":"Plugins", +"port":"Port", +"portal":"URL", +"portalAntiFrame":"Anti iFrame protection", +"portalButtons":"Buttons on login page", +"portalCaptcha":"Captcha", +"portalCheckLogins":"Check last logins", +"portalCustomization":"Customization", +"portalDisplayAppslist":"Applications list", +"portalDisplayChangePassword":"Password change", +"portalDisplayLoginHistory":"Login History", +"portalDisplayLogout":"Logout", +"portalDisplayOidcConsents":"OIDC Consents", +"portalDisplayRegister":"Register new account", +"portalDisplayResetPassword":"Reset password", +"portalErrorOnExpiredSession":"Show error on expired session", +"portalErrorOnMailNotFound":"Show error on mail not found", +"portalForceAuthn":"Force authentication", +"portalForceAuthnInterval":"Force authentication interval", +"portalMenu":"Menu", +"portalModules":"Modules activation", +"portalOpenLinkInNewWindow":"New window", +"portalOther":"Other", +"portalParams":"Portal", +"portalPingInterval":"Ping Interval", +"portalRedirection":"Portal redirections", +"portalRequireOldPassword":"Require old password", +"portalServers":"Portal servers", +"portalSkin":"Default Skin", +"portalSkinBackground":"Skin background", +"portalSkinRules":"Skin display rules", +"portalMainLogo":"Main Logo", +"portalStatus":"Publish portal status", +"portalUserAttr":"User attribute", +"post":"Form replay", +"postedVars":"Variables to post", +"postUrl":"Form URL", +"postTargetUrl":"Form target URL (optional)", +"previous":"Previous", +"privateKey":"Private key", +"proxyAuthnLevel":"Authentication level", +"proxyAuthService":"Internal portal URL", +"proxySessionService":"Session service URL", +"proxyParams":"Proxy parameters", +"proxyUseSoap":"Use SOAP instead of REST", +"publicKey":"Public key", +"purgeNotification":"Delete notification definitely", +"radiusAuthnLevel":"Authentication level", +"radiusParams":"Radius parameters", +"radiusSecret":"Shared secret", +"radiusServer":"Server hostname", +"randomPasswordRegexp":"Regexp for password generation", +"readOnlyMode":"Read-Only mode", +"redirectFormMethod":"Method for redirect form", +"redirection":"Handler redirections", +"reference":"Reference", +"regexp":"Regular expression", +"regexps":"Regular expressions", +"register":"Register new account", +"registerConfirmSubject":"Subject for confirmation mail", +"registerDB":"Register module", +"registerDoneSubject":"Subject for done mail", +"registerTimeout":"Validity time of a register request", +"registerUrl":"Register page URL", +"reloadParams":"Configuration reload", +"reloadTimeout":"Reload timeout", +"reloadUrls":"Reload URLs", +"remoteCookieName":"Cookie name", +"remoteGlobalStorage":"Sessions module", +"remoteGlobalStorageOptions":"Sessions module options", +"remoteParams":"Remote parameters", +"remotePortal":"Portal URL", +"replaceByFile":"Replace by file", +"requireToken":"Require token for forms", +"restAuthnLevel":"Authentication level", +"restAuthUrl":"Authentication URL", +"restConfigServer":"REST configuration server", +"restore":"Restore", +"restoreConf":"Restore configuration", +"rest2f":"REST second factor", +"rest2fActivation":"Activation", +"rest2fAuthnLevel":"Authentication level", +"rest2fInitArgs":"Init Arguments", +"rest2fInitUrl":"Init URL", +"rest2fLogo":"Logo", +"rest2fVerifyArgs":"Verify Arguments", +"rest2fVerifyUrl":"Verify URL", +"restParams":"REST parameters", +"restPwdConfirmUrl":"Password confirmation URL", +"restPwdModifyUrl":"Password change URL", +"restSessionServer":"REST session server", +"restUserDBUrl":"User data URL", +"returnUrl":"Return URL", +"rp":"Relying Party", +"rule":"Rule", +"rules":"Rules", +"Same":"Same", +"save":"Save", +"saveReport":"Save report", +"savingConfirmation":"Saving confirmation", +"scope":"Scope", +"search":"Search ...", +"secondFactors":"Second factors", +"securedCookie":"Secured Cookie (SSL)", +"security":"Security", +"serverError":"Server error", +"session":"session", +"sessions":"Sessions", +"session_s":"session(s)", +"sessionDataToRemember":"Session data to store", +"sessionDeleted":"The session was deleted", +"sessionParams":"Sessions", +"sessionStartedAt":"Session started on", +"sessionStorage":"Sessions Storage", +"sessionTitle":"Session content", +"sfaTitle":"Second Factors Authentication", +"sfRequired":"Require 2FA", +"show":"Show", +"showHelp":"Show help", +"showLanguages":"Show languages choice", +"singleIP":"One IP only by user", +"singleSession":"One session only by user", +"singleUserByIP":"One user by IP address", +"singleSessionUserByIP":"One session by IP address", +"skipRenewConfirmation":"Skip re-auth confirmation", +"slaveAuthnLevel":"Authentication level", +"slaveExportedVars":"Exported variables", +"slaveMasterIP":"Master's IP address", +"slaveParams":"Slave parameters", +"slaveUserHeader":"Header for user login", +"slaveHeaderName":"Control header name", +"slaveHeaderContent":"Control header content", +"SMTP":"SMTP", +"SMTPAuthPass":"SMTP password", +"SMTPAuthUser":"SMTP user", +"SMTPPort":"SMTP port", +"SMTPServer":"SMTP server", +"SMTPTLS":"SSL/TLS protocol", +"SMTPTLSOpts":"SSL/TLS options", +"soapConfigServer":"SOAP configuration server", +"soapSessionServer":"SOAP session server", +"specialRule":"Special rule", +"SSLAuthnLevel":"Authentication level", +"sslByAjax":"Use Ajax request", +"sslHost":"Ajax SSL URL", +"sslParams":"SSL parameters", +"SSLVar":"Extracted certificate field", +"SSLVarIf":"Conditional extracted certificate field", +"ssoSessions":"SSO sessions", +"stateCheck":"State Check", +"stayConnected":"Persistent connections", +"successfullySaved":"Successfully saved", +"storePassword":"Store user password in session datas", +"successLoginNumber":"Number of registered logins", +"sympaHandler":"Sympa", +"sympaMailKey":"Mail session key", +"sympaSecret":"Shared secret", +"syntaxError":"Syntax Error", +"syslog":"Syslog facility", +"timeout":"Sessions timeout", +"timeoutActivity":"Sessions activity timeout", +"timeoutActivityInterval":"Sessions update interval", +"tokenUseGlobalStorage":"Use global storage", +"totp":"TOTP", +"totp2fActivation":"Activation", +"totp2fAuthnLevel":"TOTP authentication level", +"totp2fDigits":"Number of digits", +"totp2fDisplayExistingSecret":"Display existing secret", +"totp2fInterval":"Interval", +"totp2fIssuer":"TOTP Issuer name", +"totp2fRange":"Range of attempts", +"totp2fSelfRegistration":"Self registration", +"totp2fUserCanChangeKey":"Change existing secret", +"totp2fUserCanRemoveKey":"Authorize user to remove TOTP", +"trustedDomains":"Trusted domains", +"trustedProxies":"Trusted proxies IP", +"twitterAppName":"Application name", +"twitterAuthnLevel":"Authentication level", +"twitterKey":"API key", +"twitterParams":"Twitter parameters", +"twitterSecret":"API secret", +"twitterUserField":"Field containing user identifier", +"type":"Type", +"u2f":"U2F", +"u2fActivation":"Activation", +"u2fAuthnLevel":"U2F authentication level", +"u2fUserCanRemoveKey":"Authorize user to remove U2F key", +"u2fSelfRegistration":"Self registration", +"uid":"Identifier", +"unknownAttrOrMacro":"Unknown attribute or macro", +"unknownError":"Unknown error", +"unknownKey":"Unknown key", +"unsecuredCookie":"Unsecured cookie", +"up":"Move up", +"uploadDenied":"Upload denied", +"upgradeSession":"Session upgrade", +"uri":"URI", +"url":"URL", +"use":"Use", +"user":"user", +"users":"Users", +"userDB":"Users module", +"userdbOnly":"User DB only", +"userControl":"Username control", +"userPivot":"Login field name in user table", +"useRedirectOnError":"Redirect on error", +"useRedirectOnForbidden":"Redirect on forbidden", +"useSafeJail":"Use Safe jail", +"utotp2f":"TOTP-or-U2F", +"utotp2fActivation":"Activation", +"utotp2fAuthnLevel":"Authentication level", +"value":"Value", +"values":"Values", +"variables":"Variables", +"verifyU2FKey":"Verify U2F key", +"verifyTOTPKey":"Verify TOTP key", +"version":"Version", +"vhostAliases":"Aliases", +"vhostAuthnLevel":"Required authentication level", +"vhostHttps":"HTTPS", +"vhostMaintenance":"Maintenance mode", +"vhostOptions":"Options", +"vhostPort":"Port", +"vhostType":"Type", +"view":"View", +"viewer":"Viewer", +"virtualHost":"Virtual Host", +"virtualHostName":"Virtual host hostname", +"virtualHosts":"Virtual Hosts", +"warning":"Warning", +"warnings":"Warnings", +"waitingForDatas":"Waiting for datas", +"webIDAuthnLevel":"Authentication level", +"webIDExportedVars":"Exported variables", +"webidParams":"WebID parameters", +"webIDWhitelist":"WebID whitelist", +"waitOrF5":"Wait for redirection or press F5", +"whatToTrace":"REMOTE_USER", +"whiteList":"White list", +"wsdlServer":"WSDL server", +"XMLcontent":"XML content", +"yubikey2f":"Yubikey", +"yubikey2fActivation":"Activation", +"yubikey2fAuthnLevel":"Authentication level", +"yubikey2fClientID":"API client ID", +"yubikey2fNonce":"Nonce", +"yubikey2fPublicIDSize":"OTP public ID part size", +"yubikey2fSecretKey":"API secret key", +"yubikey2fSelfRegistration":"Self registration", +"yubikey2fUrl":"Service URL", +"yubikey2fUserCanRemoveKey":"Authorize user to remove Yubikey", +"zeroConfExplanations":"Server has no configuration. Use template to save the first.", + +"saml":"SAML", +"samlAttribute":"SAML attribute", +"samlDiscoveryProtocol":"Discovery Protocol", +"samlDiscoveryProtocolActivation":"Activation", +"samlDiscoveryProtocolIsPassive":"Is Passive", +"samlDiscoveryProtocolPolicy":"Policy", +"samlDiscoveryProtocolURL":"EndPoint URL", +"samlNameIDFormatMap":"NameID formats", +"samlNameIDFormatMapEmail":"Email", +"samlNameIDFormatMapX509":"X509", +"samlNameIDFormatMapWindows":"Windows", +"samlNameIDFormatMapKerberos":"Kerberos", +"samlIDP":"SAML identity provider", +"samlIDPMetaDataNodes":"SAML Identity Providers", +"samlIDPMetaDataXML":"Metadata", +"samlIDPMetaDataExportedAttributes":"Exported attributes", +"samlIDPMetaDataOptions":"Options", +"samlIDPMetaDataOptionsNameIDFormat":"NameID format", +"samlIDPMetaDataOptionsForceAuthn":"Force authentication", +"samlIDPMetaDataOptionsIsPassive":"Passive authentication", +"samlIDPMetaDataOptionsAllowProxiedAuthn":"Allow proxied authentication", +"samlIDPMetaDataOptionsAllowLoginFromIDP":"Allow login from IDP", +"samlIDPMetaDataOptionsAdaptSessionUtime":"Adapt session lifetime", +"samlIDPMetaDataOptionsSignSSOMessage":"Sign SSO message", +"samlIDPMetaDataOptionsCheckSSOMessageSignature":"Check SSO message signature", +"samlIDPMetaDataOptionsSignSLOMessage":"Sign SLO message", +"samlIDPMetaDataOptionsCheckSLOMessageSignature":"Check SLO message signature", +"samlIDPMetaDataOptionsSSOBinding":"SSO binding", +"samlIDPMetaDataOptionsSLOBinding":"SLO binding", +"samlIDPMetaDataOptionsResolutionRule":"Resolution rule", +"samlIDPMetaDataOptionsRequestedAuthnContext":"Requested authentication context", +"samlIDPMetaDataOptionsForceUTF8":"Force UTF-8", +"samlIDPMetaDataOptionsEncryptionMode":"Encryption mode", +"samlIDPMetaDataOptionsCheckTime":"Check time conditions", +"samlIDPMetaDataOptionsCheckAudience":"Check audience conditions", +"samlIDPMetaDataOptionsAuthnRequest":"Authentication request", +"samlIDPMetaDataOptionsSession":"Session", +"samlIDPMetaDataOptionsSignature":"Signature", +"samlIDPMetaDataOptionsBinding":"Binding", +"samlIDPMetaDataOptionsDisplay":"Display", +"samlIDPMetaDataOptionsDisplayName":"Display name", +"samlIDPMetaDataOptionsDisplayParams":"Display", +"samlIDPMetaDataOptionsIcon":"Logo", +"samlIDPMetaDataOptionsSecurity":"Security", +"samlIDPMetaDataOptionsSortNumber":"Order", +"samlIDPMetaDataOptionsStoreSAMLToken":"Store SAML Token", +"samlIDPMetaDataOptionsRelayStateURL":"Allow URL as RelayState", +"samlIDPMetaDataOptionsUserAttribute":"Attribute containing user identifier", +"samlSPMetaDataNodes":"SAML Service Providers", +"samlSPMetaDataXML":"Metadata", +"samlSPMetaDataExportedAttributes":"Exported attributes", +"samlSPMetaDataOptions":"Options", +"samlSPMetaDataOptionsNameIDFormat":"Default NameID format", +"samlSPMetaDataOptionsOneTimeUse":"One time use", +"samlSPMetaDataOptionsSignSSOMessage":"Sign SSO message", +"samlSPMetaDataOptionsCheckSSOMessageSignature":"Check SSO message signature", +"samlSPMetaDataOptionsSignSLOMessage":"Sign SLO message", +"samlSPMetaDataOptionsCheckSLOMessageSignature":"Check SLO message signature", +"samlSPMetaDataOptionsEncryptionMode":"Encryption mode", +"samlSPMetaDataOptionsAuthnResponse":"Authentication response", +"samlSPMetaDataOptionsSignature":"Signature", +"samlSPMetaDataOptionsSecurity":"Security", +"samlSPMetaDataOptionsEnableIDPInitiatedURL":"Enable use of IDP initiated URL", +"samlSPMetaDataOptionsNameIDSessionKey":"Force NameID session key", +"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout":"sessionNotOnOrAfter duration", +"samlSPMetaDataOptionsNotOnOrAfterTimeout":"notOnOrAfter duration", +"samlSPMetaDataOptionsForceUTF8":"Force UTF-8", +"samlSPMetaDataOptionsRule":"Access rule", +"samlIDPName":"SAML IDP Name", +"samlServiceMetaData":"SAML2 Service", +"samlEntityID":"Entity Identifier", +"samlOrganization":"Organization", +"samlOrganizationDisplayName":"Display Name", +"samlOrganizationName":"Name", +"samlOrganizationURL":"URL", +"samlSP":"SAML Service Provider", +"samlSPName":"SAML Service Provider Name", +"samlSPSSODescriptor":"Service Provider", +"samlSPSSODescriptorAuthnRequestsSigned":"Signed Authentication Request", +"samlSPSSODescriptorWantAssertionsSigned":"Want Assertions Signed", +"samlSPSSODescriptorSingleLogoutService":"Single Logout", +"samlSPSSODescriptorSingleLogoutServiceHTTPRedirect":"HTTP Redirect", +"samlSPSSODescriptorSingleLogoutServiceHTTPPost":"HTTP POST", +"samlSPSSODescriptorSingleLogoutServiceSOAP":"SOAP", +"samlSPSSODescriptorAssertionConsumerService":"Assertion Consumer", +"samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact":"HTTP Artifact", +"samlSPSSODescriptorAssertionConsumerServiceHTTPPost":"HTTP POST", +"samlSPSSODescriptorArtifactResolutionService":"Artifact Resolution", +"samlSPSSODescriptorArtifactResolutionServiceArtifact":"Artifact Service", +"samlIDPSSODescriptor":"Identity Provider", +"samlIDPSSODescriptorWantAuthnRequestsSigned":"Want Authentication Request Signed", +"samlIDPSSODescriptorSingleSignOnService":"Single Sign On", +"samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect":"HTTP Redirect", +"samlIDPSSODescriptorSingleSignOnServiceHTTPPost":"HTTP POST", +"samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact":"HTTP Artifact", +"samlIDPSSODescriptorSingleLogoutService":"Single Logout", +"samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect":"HTTP Redirect", +"samlIDPSSODescriptorSingleLogoutServiceHTTPPost":"HTTP POST", +"samlIDPSSODescriptorSingleLogoutServiceSOAP":"SOAP", +"samlIDPSSODescriptorArtifactResolutionService":"Artifact Resolution", +"samlIDPSSODescriptorArtifactResolutionServiceArtifact":"Artifact Service", +"samlAttributeAuthorityDescriptor":"Attribute Authority", +"samlAttributeAuthorityDescriptorAttributeService":"Attribute Service", +"samlAttributeAuthorityDescriptorAttributeServiceSOAP":"SOAP", +"samlServiceSecurity":"Security parameters", +"samlServiceSecuritySig":"Signature", +"samlServiceSecurityEnc":"Encryption", +"samlServicePrivateKeySig":"Private key", +"samlServicePrivateKeySigPwd":"Private key password", +"samlServicePublicKeySig":"Public key", +"samlServicePrivateKeyEnc":"Private key", +"samlServicePrivateKeyEncPwd":"Private key password", +"samlServicePublicKeyEnc":"Public key", +"samlServiceSignatureMethod":"Signature method", +"samlServiceUseCertificateInResponse":"Use certificate in responses", +"samlAdvanced":"Advanced", +"samlIdPResolveCookie":"IDP resolution cookie name", +"samlPartnerName":"Name of SAML partner", +"samlMetadataForceUTF8":"UTF8 metadata conversion", +"samlStorage":"SAML sessions module name", +"samlStorageOptions":"SAML sessions module options", +"samlAuthnContextMap":"Authentication contexts", +"samlAuthnContextMapPassword":"Password", +"samlAuthnContextMapPasswordProtectedTransport":"Password protected transport", +"samlAuthnContextMapTLSClient":"TLS client", +"samlAuthnContextMapKerberos":"Kerberos", +"samlCommonDomainCookie":"Common Domain Cookie", +"samlCommonDomainCookieActivation":"Activation", +"samlCommonDomainCookieDomain":"Common domain", +"samlCommonDomainCookieReader":"Reader URL", +"samlCommonDomainCookieWriter":"Writer URL", +"samlRelayStateTimeout":"RelayState session timeout", +"samlUseQueryStringSpecific":"Use specific query_string method", +"samlOverrideIDPEntityID": "Override Entity ID when acting as IDP" +} diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json index f3a91f58e..eda316cf7 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json @@ -894,6 +894,7 @@ "samlIDPMetaDataOptionsDisplayParams":"Affichage", "samlIDPMetaDataOptionsIcon":"Logo", "samlIDPMetaDataOptionsSecurity":"Sécurité", +"samlIDPMetaDataOptionsSortNumber":"Ordre", "samlIDPMetaDataOptionsStoreSAMLToken":"Conserver le jeton SAML", "samlIDPMetaDataOptionsRelayStateURL":"Pemettre une URL dans le RelayState", "samlIDPMetaDataOptionsUserAttribute":"Attribut contenant l'identité de l'utilisateur", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/it.json b/lemonldap-ng-manager/site/htdocs/static/languages/it.json index b29f6d357..4fe4c5cad 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/it.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/it.json @@ -894,6 +894,7 @@ "samlIDPMetaDataOptionsDisplayParams":"Display", "samlIDPMetaDataOptionsIcon":"Logo", "samlIDPMetaDataOptionsSecurity":"Sicurezza", +"samlIDPMetaDataOptionsSortNumber":"Order", "samlIDPMetaDataOptionsStoreSAMLToken":"Store SAML Token", "samlIDPMetaDataOptionsRelayStateURL":"Consenti l'URL come RelayState", "samlIDPMetaDataOptionsUserAttribute":"Attributo che contiene l'identificatore dell'utente", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json index bf1e35c4f..1291384e0 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json @@ -894,6 +894,7 @@ "samlIDPMetaDataOptionsDisplayParams":"Display", "samlIDPMetaDataOptionsIcon":"Logo", "samlIDPMetaDataOptionsSecurity":"Bảo mật", +"samlIDPMetaDataOptionsSortNumber":"Order", "samlIDPMetaDataOptionsStoreSAMLToken":"Lưu trữ token SAML", "samlIDPMetaDataOptionsRelayStateURL":"Cho phép URL như RelayState", "samlIDPMetaDataOptionsUserAttribute":"Attribute containing user identifier", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json index f2acd1a31..48cbc1fd5 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json @@ -894,6 +894,7 @@ "samlIDPMetaDataOptionsDisplayParams":"Display", "samlIDPMetaDataOptionsIcon":"Logo", "samlIDPMetaDataOptionsSecurity":"Security", +"samlIDPMetaDataOptionsSortNumber":"Order", "samlIDPMetaDataOptionsStoreSAMLToken":"Store SAML Token", "samlIDPMetaDataOptionsRelayStateURL":"Allow URL as RelayState", "samlIDPMetaDataOptionsUserAttribute":"Attribute containing user identifier", diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm index 998770e3d..46c9e6418 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm @@ -945,6 +945,7 @@ sub extractFormInfo { $idpName = $self->{idpList}->{$_}->{displayName} if $self->{idpList}->{$_}->{displayName}; my $icon = $self->{idpList}->{$_}->{icon}; + my $order = $self->{idpList}->{$_}->{order}; my $img_src = ''; if ($icon) { @@ -955,16 +956,17 @@ sub extractFormInfo { } $self->logger->debug( "IDP " . $self->{idpList}->{$_}->{name} - . " -> DisplayName : $idpName with Icon : $img_src" ); + . " -> DisplayName : $idpName with Icon : $img_src at order : $order" ); push @list, { - val => $_, - name => $idpName, - icon => $img_src, + val => $_, + name => $idpName, + icon => $img_src, + order => $order, }; } @list = - sort { $a->{name} cmp $b->{name} or $a->{val} cmp $b->{val} } @list; + sort { $a->{order} <=> $b->{order} or $a->{name} cmp $b->{name} or $a->{val} cmp $b->{val} } @list; $req->data->{list} = \@list; $req->data->{confirmRemember} = 1; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm index 7f4239296..a143a3dae 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm @@ -295,6 +295,9 @@ sub loadIDPs { $self->idpList->{$entityID}->{icon} = $self->conf->{samlIDPMetaDataOptions}->{$_} ->{samlIDPMetaDataOptionsIcon}; + $self->idpList->{$entityID}->{order} = + $self->conf->{samlIDPMetaDataOptions}->{$_} + ->{samlIDPMetaDataOptionsSortNumber}; # Set rule my $cond = $self->conf->{samlIDPMetaDataOptions}->{$_} From f7b296b032afc4185ba924917695a07bb739496c Mon Sep 17 00:00:00 2001 From: Antoine ROSIER Date: Wed, 10 Apr 2019 16:37:39 +0200 Subject: [PATCH 07/32] Sorting OIDc (#1704) --- .../lib/Lemonldap/NG/Common/Conf/ReConstants.pm | 2 +- lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm | 3 +++ .../lib/Lemonldap/NG/Manager/Build/Attributes.pm | 1 + .../lib/Lemonldap/NG/Manager/Build/CTrees.pm | 3 ++- lemonldap-ng-manager/site/htdocs/static/js/conftree.js | 6 ++++++ lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js | 2 +- lemonldap-ng-manager/site/htdocs/static/languages/ar.json | 1 + lemonldap-ng-manager/site/htdocs/static/languages/de.json | 1 + lemonldap-ng-manager/site/htdocs/static/languages/en.json | 1 + lemonldap-ng-manager/site/htdocs/static/languages/es.json | 1 + lemonldap-ng-manager/site/htdocs/static/languages/fr.json | 1 + lemonldap-ng-manager/site/htdocs/static/languages/it.json | 1 + lemonldap-ng-manager/site/htdocs/static/languages/vi.json | 1 + lemonldap-ng-manager/site/htdocs/static/languages/zh.json | 1 + .../lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm | 5 ++++- 15 files changed, 26 insertions(+), 4 deletions(-) diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm index bdcdcbc60..bbffa3a6a 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm @@ -26,7 +26,7 @@ our $simpleHashKeys = '(?:(?:l(?:o(?:calSessionStorageOption|goutService)|dapExp our $specialNodeKeys = '(?:(?:(?:saml(?:ID|S)|oidc[OR])P|cas(?:App|Srv))MetaDataNode|virtualHost)s'; our $casAppMetaDataNodeKeys = 'casAppMetaData(?:Options(?:Servic|Rul)e|ExportedVars)'; our $casSrvMetaDataNodeKeys = 'casSrvMetaData(?:Options(?:ProxiedServices|DisplayName|Gateway|Renew|Icon|Url)|ExportedVars)'; -our $oidcOPMetaDataNodeKeys = 'oidcOPMetaData(?:Options(?:C(?:lient(?:Secret|ID)|heckJWTSignature|onfigurationURI)|TokenEndpointAuthMethod|(?:JWKSTimeou|Promp)t|I(?:DTokenMaxAge|con)|S(?:toreIDToken|cope)|U(?:iLocales|seNonce)|Display(?:Name)?|AcrValues|MaxAge)|ExportedVars|J(?:SON|WKS))'; +our $oidcOPMetaDataNodeKeys = 'oidcOPMetaData(?:Options(?:C(?:lient(?:Secret|ID)|heckJWTSignature|onfigurationURI)|S(?:toreIDToken|ortNumber|cope)|TokenEndpointAuthMethod|(?:JWKSTimeou|Promp)t|I(?:DTokenMaxAge|con)|U(?:iLocales|seNonce)|Display(?:Name)?|AcrValues|MaxAge)|ExportedVars|J(?:SON|WKS))'; our $oidcRPMetaDataNodeKeys = 'oidcRPMetaData(?:Options(?:(?:PostLogoutRedirectUri|ExtraClaim)s|I(?:DToken(?:Expiration|SignAlg)|con)|Logout(?:SessionRequired|Type|Url)|AccessTokenExpiration|R(?:edirectUris|ule)|Client(?:Secret|ID)|BypassConsent|DisplayName|UserIDAttr)|ExportedVars)'; our $samlIDPMetaDataNodeKeys = 'samlIDPMetaData(?:Options(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|EncryptionMod|UserAttribut|DisplayNam)e|S(?:ignS[LS]OMessage|toreSAMLToken|[LS]OBinding|ortNumber)|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Re(?:questedAuthnContext|solutionRule|layStateURL)|Force(?:Authn|UTF8)|I(?:sPassive|con)|NameIDFormat)|ExportedAttributes|XML)'; our $samlSPMetaDataNodeKeys = 'samlSPMetaData(?:Options(?:N(?:ameID(?:SessionKey|Format)|otOnOrAfterTimeout)|S(?:essionNotOnOrAfterTimeout|ignS[LS]OMessage)|(?:CheckS[LS]OMessageSignatur|OneTimeUs|Rul)e|En(?:ableIDPInitiatedURL|cryptionMode)|ForceUTF8)|ExportedAttributes|XML)'; diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm index ef4f33906..218188fbb 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm @@ -1866,6 +1866,9 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][ 'default' => 'openid profile', 'type' => 'text' }, + 'oidcOPMetaDataOptionsSortNumber' => { + 'type' => 'int' + }, 'oidcOPMetaDataOptionsStoreIDToken' => { 'default' => 0, 'type' => 'bool' diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm index 36db4d5cd..e06077485 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm @@ -3343,6 +3343,7 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: oidcOPMetaDataOptionsDisplayName => { type => 'text', }, oidcOPMetaDataOptionsIcon => { type => 'text', }, oidcOPMetaDataOptionsStoreIDToken => { type => 'bool', default => 0 }, + oidcOPMetaDataOptionsSortNumber => { type => 'int', }, oidcRPMetaDataOptionsRule => { type => 'text', diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm index f7781a061..14e207a1f 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm @@ -179,7 +179,8 @@ sub cTrees { form => 'simpleInputContainer', nodes => [ 'oidcOPMetaDataOptionsDisplayName', - 'oidcOPMetaDataOptionsIcon' + 'oidcOPMetaDataOptionsIcon', + 'oidcOPMetaDataOptionsSortNumber' ] }, ], diff --git a/lemonldap-ng-manager/site/htdocs/static/js/conftree.js b/lemonldap-ng-manager/site/htdocs/static/js/conftree.js index 5e8133dad..fa2ff55d4 100644 --- a/lemonldap-ng-manager/site/htdocs/static/js/conftree.js +++ b/lemonldap-ng-manager/site/htdocs/static/js/conftree.js @@ -336,6 +336,12 @@ function templates(tpl,key) { "get" : tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIcon", "id" : tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIcon", "title" : "oidcOPMetaDataOptionsIcon" + }, + { + "get" : tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsSortNumber", + "id" : tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsSortNumber", + "title" : "oidcOPMetaDataOptionsSortNumber", + "type" : "int" } ], "id" : "oidcOPMetaDataOptionsDisplayParams", diff --git a/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js b/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js index fc59866de..423894fa5 100644 --- a/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js +++ b/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js @@ -1 +1 @@ -function templates(tpl,key){var ind;var scalarTemplate=function(r){return{id:tpl+"s/"+ind++,title:r,get:tpl+"s/"+key+"/"+r}};switch(tpl){case"casAppMetaDataNode":return[{_nodes:[{get:tpl+"s/"+key+"/"+"casAppMetaDataOptionsService",id:tpl+"s/"+key+"/"+"casAppMetaDataOptionsService",title:"casAppMetaDataOptionsService"},{get:tpl+"s/"+key+"/"+"casAppMetaDataOptionsRule",id:tpl+"s/"+key+"/"+"casAppMetaDataOptionsRule",title:"casAppMetaDataOptionsRule"}],id:"casAppMetaDataOptions",title:"casAppMetaDataOptions",type:"simpleInputContainer"},{cnodes:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars",default:[{data:"cn",id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars",title:"casAppMetaDataExportedVars",type:"keyTextContainer"}];case"casSrvMetaDataNode":return[{cnodes:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars",default:[{data:"cn",id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars",title:"casSrvMetaDataExportedVars",type:"keyTextContainer"},{cnodes:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsProxiedServices",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsProxiedServices",title:"casSrvMetaDataOptionsProxiedServices",type:"keyTextContainer"},{_nodes:[{get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsUrl",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsUrl",title:"casSrvMetaDataOptionsUrl"},{default:0,get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsRenew",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsRenew",title:"casSrvMetaDataOptionsRenew",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsGateway",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsGateway",title:"casSrvMetaDataOptionsGateway",type:"bool"}],id:"casSrvMetaDataOptions",title:"casSrvMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsDisplayName",title:"casSrvMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsIcon",title:"casSrvMetaDataOptionsIcon"}],id:"casSrvMetaDataOptionsDisplay",title:"casSrvMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"oidcOPMetaDataNode":return[{get:tpl+"s/"+key+"/"+"oidcOPMetaDataJSON",id:tpl+"s/"+key+"/"+"oidcOPMetaDataJSON",title:"oidcOPMetaDataJSON",type:"file"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataJWKS",id:tpl+"s/"+key+"/"+"oidcOPMetaDataJWKS",title:"oidcOPMetaDataJWKS",type:"file"},{cnodes:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars",default:[{data:"name",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"email",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"family_name",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/sn",title:"sn",type:"keyText"},{data:"sub",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars",title:"oidcOPMetaDataExportedVars",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsConfigurationURI",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsConfigurationURI",title:"oidcOPMetaDataOptionsConfigurationURI"},{default:0,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsJWKSTimeout",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsJWKSTimeout",title:"oidcOPMetaDataOptionsJWKSTimeout",type:"int"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientID",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientID",title:"oidcOPMetaDataOptionsClientID"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientSecret",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientSecret",title:"oidcOPMetaDataOptionsClientSecret",type:"password"},{default:0,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsStoreIDToken",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsStoreIDToken",title:"oidcOPMetaDataOptionsStoreIDToken",type:"bool"}],id:"oidcOPMetaDataOptionsConfiguration",title:"oidcOPMetaDataOptionsConfiguration",type:"simpleInputContainer"},{_nodes:[{default:"openid profile",get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsScope",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsScope",title:"oidcOPMetaDataOptionsScope"},{default:"",get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplay",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplay",select:[{k:"",v:""},{k:"page",v:"page"},{k:"popup",v:"popup"},{k:"touch",v:"touch"},{k:"wap",v:"wap"}],title:"oidcOPMetaDataOptionsDisplay",type:"select"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsPrompt",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsPrompt",title:"oidcOPMetaDataOptionsPrompt"},{default:0,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsMaxAge",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsMaxAge",title:"oidcOPMetaDataOptionsMaxAge",type:"int"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUiLocales",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUiLocales",title:"oidcOPMetaDataOptionsUiLocales"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsAcrValues",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsAcrValues",title:"oidcOPMetaDataOptionsAcrValues"},{default:"client_secret_post",get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsTokenEndpointAuthMethod",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsTokenEndpointAuthMethod",select:[{k:"client_secret_post",v:"client_secret_post"},{k:"client_secret_basic",v:"client_secret_basic"}],title:"oidcOPMetaDataOptionsTokenEndpointAuthMethod",type:"select"},{default:1,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsCheckJWTSignature",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsCheckJWTSignature",title:"oidcOPMetaDataOptionsCheckJWTSignature",type:"bool"},{default:30,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIDTokenMaxAge",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIDTokenMaxAge",title:"oidcOPMetaDataOptionsIDTokenMaxAge",type:"int"},{default:1,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUseNonce",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUseNonce",title:"oidcOPMetaDataOptionsUseNonce",type:"bool"}],id:"oidcOPMetaDataOptionsProtocol",title:"oidcOPMetaDataOptionsProtocol",type:"simpleInputContainer"}],id:"oidcOPMetaDataOptions",title:"oidcOPMetaDataOptions"},{_nodes:[{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplayName",title:"oidcOPMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIcon",title:"oidcOPMetaDataOptionsIcon"}],id:"oidcOPMetaDataOptionsDisplayParams",title:"oidcOPMetaDataOptionsDisplayParams",type:"simpleInputContainer"}];case"oidcRPMetaDataNode":return[{cnodes:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars",default:[{data:"mail",id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars/email",title:"email",type:"keyText"},{data:"sn",id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars/family_name",title:"family_name",type:"keyText"},{data:"cn",id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars/name",title:"name",type:"keyText"}],id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars",title:"oidcRPMetaDataExportedVars",type:"keyTextContainer"},{cnodes:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsExtraClaims",default:[],id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsExtraClaims",title:"oidcRPMetaDataOptionsExtraClaims",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientID",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientID",title:"oidcRPMetaDataOptionsClientID"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientSecret",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientSecret",title:"oidcRPMetaDataOptionsClientSecret",type:"password"}],id:"oidcRPMetaDataOptionsAuthentication",title:"oidcRPMetaDataOptionsAuthentication",type:"simpleInputContainer"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsUserIDAttr",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsUserIDAttr",title:"oidcRPMetaDataOptionsUserIDAttr"},{default:"HS512",get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenSignAlg",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenSignAlg",select:[{k:"none",v:"None"},{k:"HS256",v:"HS256"},{k:"HS384",v:"HS384"},{k:"HS512",v:"HS512"},{k:"RS256",v:"RS256"},{k:"RS384",v:"RS384"},{k:"RS512",v:"RS512"}],title:"oidcRPMetaDataOptionsIDTokenSignAlg",type:"select"},{default:3600,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenExpiration",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenExpiration",title:"oidcRPMetaDataOptionsIDTokenExpiration",type:"int"},{default:3600,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsAccessTokenExpiration",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsAccessTokenExpiration",title:"oidcRPMetaDataOptionsAccessTokenExpiration",type:"int"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRedirectUris",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRedirectUris",title:"oidcRPMetaDataOptionsRedirectUris"},{default:0,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsBypassConsent",help:"openidconnectclaims.html",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsBypassConsent",title:"oidcRPMetaDataOptionsBypassConsent",type:"bool"},{_nodes:[{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsPostLogoutRedirectUris",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsPostLogoutRedirectUris",title:"oidcRPMetaDataOptionsPostLogoutRedirectUris"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutUrl",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutUrl",title:"oidcRPMetaDataOptionsLogoutUrl"},{default:"front",get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutType",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutType",select:[{k:"front",v:"Front Channel"},{k:"back",v:"Back Channel"}],title:"oidcRPMetaDataOptionsLogoutType",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutSessionRequired",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutSessionRequired",title:"oidcRPMetaDataOptionsLogoutSessionRequired",type:"bool"}],id:"logout",title:"logout",type:"simpleInputContainer"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRule",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRule",title:"oidcRPMetaDataOptionsRule"}],id:"oidcRPMetaDataOptions",title:"oidcRPMetaDataOptions"},{_nodes:[{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsDisplayName",title:"oidcRPMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIcon",title:"oidcRPMetaDataOptionsIcon"}],id:"oidcRPMetaDataOptionsDisplay",title:"oidcRPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlIDPMetaDataNode":return[{get:tpl+"s/"+key+"/"+"samlIDPMetaDataXML",id:tpl+"s/"+key+"/"+"samlIDPMetaDataXML",title:"samlIDPMetaDataXML",type:"file"},{cnodes:tpl+"s/"+key+"/"+"samlIDPMetaDataExportedAttributes",default:[],help:"authsaml.html#exported_attributes",id:tpl+"s/"+key+"/"+"samlIDPMetaDataExportedAttributes",title:"samlIDPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAdaptSessionUtime",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAdaptSessionUtime",title:"samlIDPMetaDataOptionsAdaptSessionUtime",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceUTF8",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceUTF8",title:"samlIDPMetaDataOptionsForceUTF8",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsStoreSAMLToken",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsStoreSAMLToken",title:"samlIDPMetaDataOptionsStoreSAMLToken",type:"bool"},{get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsUserAttribute",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsUserAttribute",title:"samlIDPMetaDataOptionsUserAttribute"}],id:"samlIDPMetaDataOptionsSession",title:"samlIDPMetaDataOptionsSession",type:"simpleInputContainer"},{_nodes:[{default:-1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSSOMessage",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSSOMessage",title:"samlIDPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSSOMessageSignature",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSSOMessageSignature",title:"samlIDPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSLOMessage",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSLOMessage",title:"samlIDPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSLOMessageSignature",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSLOMessageSignature",title:"samlIDPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlIDPMetaDataOptionsSignature",title:"samlIDPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSSOBinding",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSSOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"artifact-get",v:"Artifact GET"}],title:"samlIDPMetaDataOptionsSSOBinding",type:"select"},{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSLOBinding",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSLOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"http-soap",v:"SOAP"}],title:"samlIDPMetaDataOptionsSLOBinding",type:"select"}],id:"samlIDPMetaDataOptionsBinding",title:"samlIDPMetaDataOptionsBinding",type:"simpleInputContainer"},{_nodes:[{default:"none",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsEncryptionMode",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlIDPMetaDataOptionsEncryptionMode",type:"select"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckTime",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckTime",title:"samlIDPMetaDataOptionsCheckTime",type:"bool"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckAudience",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckAudience",title:"samlIDPMetaDataOptionsCheckAudience",type:"bool"}],id:"samlIDPMetaDataOptionsSecurity",title:"samlIDPMetaDataOptionsSecurity",type:"simpleInputContainer"},{_nodes:[{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsResolutionRule",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsResolutionRule",title:"samlIDPMetaDataOptionsResolutionRule",type:"longtext"},{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsNameIDFormat",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlIDPMetaDataOptionsNameIDFormat",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceAuthn",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceAuthn",title:"samlIDPMetaDataOptionsForceAuthn",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIsPassive",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIsPassive",title:"samlIDPMetaDataOptionsIsPassive",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowProxiedAuthn",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowProxiedAuthn",title:"samlIDPMetaDataOptionsAllowProxiedAuthn",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowLoginFromIDP",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowLoginFromIDP",title:"samlIDPMetaDataOptionsAllowLoginFromIDP",type:"bool"},{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRequestedAuthnContext",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRequestedAuthnContext",select:[{k:"",v:""},{k:"kerberos",v:"Kerberos"},{k:"password-protected-transport",v:"Password protected transport"},{k:"password",v:"Password"},{k:"tls-client",v:"TLS client certificate"}],title:"samlIDPMetaDataOptionsRequestedAuthnContext",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRelayStateURL",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRelayStateURL",title:"samlIDPMetaDataOptionsRelayStateURL",type:"bool"}],help:"authsaml.html#options",id:"samlIDPMetaDataOptions",title:"samlIDPMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsDisplayName",title:"samlIDPMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIcon",title:"samlIDPMetaDataOptionsIcon"},{get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSortNumber",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSortNumber",title:"samlIDPMetaDataOptionsSortNumber",type:"int"}],id:"samlIDPMetaDataOptionsDisplay",title:"samlIDPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlSPMetaDataNode":return[{get:tpl+"s/"+key+"/"+"samlSPMetaDataXML",id:tpl+"s/"+key+"/"+"samlSPMetaDataXML",title:"samlSPMetaDataXML",type:"file"},{cnodes:tpl+"s/"+key+"/"+"samlSPMetaDataExportedAttributes",default:[],help:"idpsaml.html#exported_attributes",id:tpl+"s/"+key+"/"+"samlSPMetaDataExportedAttributes",title:"samlSPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{_nodes:[{default:"",get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDFormat",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlSPMetaDataOptionsNameIDFormat",type:"select"},{get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDSessionKey",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDSessionKey",title:"samlSPMetaDataOptionsNameIDSessionKey"},{default:0,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsOneTimeUse",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsOneTimeUse",title:"samlSPMetaDataOptionsOneTimeUse",type:"bool"},{default:72e3,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",type:"int"},{default:72e3,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNotOnOrAfterTimeout",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsNotOnOrAfterTimeout",type:"int"},{default:1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsForceUTF8",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsForceUTF8",title:"samlSPMetaDataOptionsForceUTF8",type:"bool"}],id:"samlSPMetaDataOptionsAuthnResponse",title:"samlSPMetaDataOptionsAuthnResponse",type:"simpleInputContainer"},{_nodes:[{default:-1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSSOMessage",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSSOMessage",title:"samlSPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSSOMessageSignature",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSSOMessageSignature",title:"samlSPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSLOMessage",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSLOMessage",title:"samlSPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSLOMessageSignature",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSLOMessageSignature",title:"samlSPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlSPMetaDataOptionsSignature",title:"samlSPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"none",get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEncryptionMode",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlSPMetaDataOptionsEncryptionMode",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEnableIDPInitiatedURL",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEnableIDPInitiatedURL",title:"samlSPMetaDataOptionsEnableIDPInitiatedURL",type:"bool"},{get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsRule",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsRule",title:"samlSPMetaDataOptionsRule"}],id:"samlSPMetaDataOptionsSecurity",title:"samlSPMetaDataOptionsSecurity",type:"simpleInputContainer"}],help:"idpsaml.html#options",id:"samlSPMetaDataOptions",title:"samlSPMetaDataOptions"}];case"virtualHost":return[{cnodes:tpl+"s/"+key+"/"+"locationRules",default:[{data:"deny",id:tpl+"s/"+key+"/"+"locationRules/default",re:"default",title:"default",type:"rule"}],help:"writingrulesand_headers.html#rules",id:tpl+"s/"+key+"/"+"locationRules",title:"locationRules",type:"ruleContainer"},{cnodes:tpl+"s/"+key+"/"+"exportedHeaders",help:"writingrulesand_headers.html#headers",id:tpl+"s/"+key+"/"+"exportedHeaders",title:"exportedHeaders",type:"keyTextContainer"},{cnodes:tpl+"s/"+key+"/"+"post",help:"formreplay.html",id:tpl+"s/"+key+"/"+"post",title:"post",type:"postContainer"},{_nodes:[{default:-1,get:tpl+"s/"+key+"/"+"vhostPort",id:tpl+"s/"+key+"/"+"vhostPort",title:"vhostPort",type:"int"},{default:-1,get:tpl+"s/"+key+"/"+"vhostHttps",id:tpl+"s/"+key+"/"+"vhostHttps",title:"vhostHttps",type:"trool"},{default:0,get:tpl+"s/"+key+"/"+"vhostMaintenance",id:tpl+"s/"+key+"/"+"vhostMaintenance",title:"vhostMaintenance",type:"bool"},{get:tpl+"s/"+key+"/"+"vhostAliases",id:tpl+"s/"+key+"/"+"vhostAliases",title:"vhostAliases"},{default:"Main",get:tpl+"s/"+key+"/"+"vhostType",id:tpl+"s/"+key+"/"+"vhostType",select:[{k:"Main",v:"Main"},{k:"Zimbra",v:"ZimbraPreAuth"},{k:"AuthBasic",v:"AuthBasic"},{k:"SecureToken",v:"SecureToken"},{k:"CDA",v:"CDA"},{k:"DevOps",v:"DevOps"},{k:"DevOpsST",v:"DevOpsST"},{k:"ServiceToken",v:"ServiceToken"}],title:"vhostType",type:"select"},{get:tpl+"s/"+key+"/"+"vhostAuthnLevel",id:tpl+"s/"+key+"/"+"vhostAuthnLevel",title:"vhostAuthnLevel",type:"int"}],help:"configvhost.html#options",id:"vhostOptions",title:"vhostOptions",type:"simpleInputContainer"}];default:return[]}}function setScopeVars(scope){scope.portal=scope.data[0]._nodes[0]._nodes[0];scope.getKey(scope.portal);scope.domain=scope.data[0]._nodes[4]._nodes[1];scope.getKey(scope.domain)} +function templates(tpl,key){var ind;var scalarTemplate=function(r){return{id:tpl+"s/"+ind++,title:r,get:tpl+"s/"+key+"/"+r}};switch(tpl){case"casAppMetaDataNode":return[{_nodes:[{get:tpl+"s/"+key+"/"+"casAppMetaDataOptionsService",id:tpl+"s/"+key+"/"+"casAppMetaDataOptionsService",title:"casAppMetaDataOptionsService"},{get:tpl+"s/"+key+"/"+"casAppMetaDataOptionsRule",id:tpl+"s/"+key+"/"+"casAppMetaDataOptionsRule",title:"casAppMetaDataOptionsRule"}],id:"casAppMetaDataOptions",title:"casAppMetaDataOptions",type:"simpleInputContainer"},{cnodes:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars",default:[{data:"cn",id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars",title:"casAppMetaDataExportedVars",type:"keyTextContainer"}];case"casSrvMetaDataNode":return[{cnodes:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars",default:[{data:"cn",id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars",title:"casSrvMetaDataExportedVars",type:"keyTextContainer"},{cnodes:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsProxiedServices",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsProxiedServices",title:"casSrvMetaDataOptionsProxiedServices",type:"keyTextContainer"},{_nodes:[{get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsUrl",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsUrl",title:"casSrvMetaDataOptionsUrl"},{default:0,get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsRenew",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsRenew",title:"casSrvMetaDataOptionsRenew",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsGateway",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsGateway",title:"casSrvMetaDataOptionsGateway",type:"bool"}],id:"casSrvMetaDataOptions",title:"casSrvMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsDisplayName",title:"casSrvMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsIcon",title:"casSrvMetaDataOptionsIcon"}],id:"casSrvMetaDataOptionsDisplay",title:"casSrvMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"oidcOPMetaDataNode":return[{get:tpl+"s/"+key+"/"+"oidcOPMetaDataJSON",id:tpl+"s/"+key+"/"+"oidcOPMetaDataJSON",title:"oidcOPMetaDataJSON",type:"file"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataJWKS",id:tpl+"s/"+key+"/"+"oidcOPMetaDataJWKS",title:"oidcOPMetaDataJWKS",type:"file"},{cnodes:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars",default:[{data:"name",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"email",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"family_name",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/sn",title:"sn",type:"keyText"},{data:"sub",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars",title:"oidcOPMetaDataExportedVars",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsConfigurationURI",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsConfigurationURI",title:"oidcOPMetaDataOptionsConfigurationURI"},{default:0,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsJWKSTimeout",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsJWKSTimeout",title:"oidcOPMetaDataOptionsJWKSTimeout",type:"int"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientID",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientID",title:"oidcOPMetaDataOptionsClientID"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientSecret",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientSecret",title:"oidcOPMetaDataOptionsClientSecret",type:"password"},{default:0,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsStoreIDToken",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsStoreIDToken",title:"oidcOPMetaDataOptionsStoreIDToken",type:"bool"}],id:"oidcOPMetaDataOptionsConfiguration",title:"oidcOPMetaDataOptionsConfiguration",type:"simpleInputContainer"},{_nodes:[{default:"openid profile",get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsScope",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsScope",title:"oidcOPMetaDataOptionsScope"},{default:"",get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplay",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplay",select:[{k:"",v:""},{k:"page",v:"page"},{k:"popup",v:"popup"},{k:"touch",v:"touch"},{k:"wap",v:"wap"}],title:"oidcOPMetaDataOptionsDisplay",type:"select"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsPrompt",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsPrompt",title:"oidcOPMetaDataOptionsPrompt"},{default:0,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsMaxAge",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsMaxAge",title:"oidcOPMetaDataOptionsMaxAge",type:"int"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUiLocales",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUiLocales",title:"oidcOPMetaDataOptionsUiLocales"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsAcrValues",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsAcrValues",title:"oidcOPMetaDataOptionsAcrValues"},{default:"client_secret_post",get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsTokenEndpointAuthMethod",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsTokenEndpointAuthMethod",select:[{k:"client_secret_post",v:"client_secret_post"},{k:"client_secret_basic",v:"client_secret_basic"}],title:"oidcOPMetaDataOptionsTokenEndpointAuthMethod",type:"select"},{default:1,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsCheckJWTSignature",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsCheckJWTSignature",title:"oidcOPMetaDataOptionsCheckJWTSignature",type:"bool"},{default:30,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIDTokenMaxAge",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIDTokenMaxAge",title:"oidcOPMetaDataOptionsIDTokenMaxAge",type:"int"},{default:1,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUseNonce",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUseNonce",title:"oidcOPMetaDataOptionsUseNonce",type:"bool"}],id:"oidcOPMetaDataOptionsProtocol",title:"oidcOPMetaDataOptionsProtocol",type:"simpleInputContainer"}],id:"oidcOPMetaDataOptions",title:"oidcOPMetaDataOptions"},{_nodes:[{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplayName",title:"oidcOPMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIcon",title:"oidcOPMetaDataOptionsIcon"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsSortNumber",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsSortNumber",title:"oidcOPMetaDataOptionsSortNumber",type:"int"}],id:"oidcOPMetaDataOptionsDisplayParams",title:"oidcOPMetaDataOptionsDisplayParams",type:"simpleInputContainer"}];case"oidcRPMetaDataNode":return[{cnodes:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars",default:[{data:"mail",id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars/email",title:"email",type:"keyText"},{data:"sn",id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars/family_name",title:"family_name",type:"keyText"},{data:"cn",id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars/name",title:"name",type:"keyText"}],id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars",title:"oidcRPMetaDataExportedVars",type:"keyTextContainer"},{cnodes:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsExtraClaims",default:[],id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsExtraClaims",title:"oidcRPMetaDataOptionsExtraClaims",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientID",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientID",title:"oidcRPMetaDataOptionsClientID"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientSecret",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientSecret",title:"oidcRPMetaDataOptionsClientSecret",type:"password"}],id:"oidcRPMetaDataOptionsAuthentication",title:"oidcRPMetaDataOptionsAuthentication",type:"simpleInputContainer"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsUserIDAttr",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsUserIDAttr",title:"oidcRPMetaDataOptionsUserIDAttr"},{default:"HS512",get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenSignAlg",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenSignAlg",select:[{k:"none",v:"None"},{k:"HS256",v:"HS256"},{k:"HS384",v:"HS384"},{k:"HS512",v:"HS512"},{k:"RS256",v:"RS256"},{k:"RS384",v:"RS384"},{k:"RS512",v:"RS512"}],title:"oidcRPMetaDataOptionsIDTokenSignAlg",type:"select"},{default:3600,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenExpiration",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenExpiration",title:"oidcRPMetaDataOptionsIDTokenExpiration",type:"int"},{default:3600,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsAccessTokenExpiration",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsAccessTokenExpiration",title:"oidcRPMetaDataOptionsAccessTokenExpiration",type:"int"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRedirectUris",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRedirectUris",title:"oidcRPMetaDataOptionsRedirectUris"},{default:0,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsBypassConsent",help:"openidconnectclaims.html",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsBypassConsent",title:"oidcRPMetaDataOptionsBypassConsent",type:"bool"},{_nodes:[{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsPostLogoutRedirectUris",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsPostLogoutRedirectUris",title:"oidcRPMetaDataOptionsPostLogoutRedirectUris"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutUrl",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutUrl",title:"oidcRPMetaDataOptionsLogoutUrl"},{default:"front",get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutType",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutType",select:[{k:"front",v:"Front Channel"},{k:"back",v:"Back Channel"}],title:"oidcRPMetaDataOptionsLogoutType",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutSessionRequired",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutSessionRequired",title:"oidcRPMetaDataOptionsLogoutSessionRequired",type:"bool"}],id:"logout",title:"logout",type:"simpleInputContainer"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRule",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRule",title:"oidcRPMetaDataOptionsRule"}],id:"oidcRPMetaDataOptions",title:"oidcRPMetaDataOptions"},{_nodes:[{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsDisplayName",title:"oidcRPMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIcon",title:"oidcRPMetaDataOptionsIcon"}],id:"oidcRPMetaDataOptionsDisplay",title:"oidcRPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlIDPMetaDataNode":return[{get:tpl+"s/"+key+"/"+"samlIDPMetaDataXML",id:tpl+"s/"+key+"/"+"samlIDPMetaDataXML",title:"samlIDPMetaDataXML",type:"file"},{cnodes:tpl+"s/"+key+"/"+"samlIDPMetaDataExportedAttributes",default:[],help:"authsaml.html#exported_attributes",id:tpl+"s/"+key+"/"+"samlIDPMetaDataExportedAttributes",title:"samlIDPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAdaptSessionUtime",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAdaptSessionUtime",title:"samlIDPMetaDataOptionsAdaptSessionUtime",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceUTF8",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceUTF8",title:"samlIDPMetaDataOptionsForceUTF8",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsStoreSAMLToken",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsStoreSAMLToken",title:"samlIDPMetaDataOptionsStoreSAMLToken",type:"bool"},{get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsUserAttribute",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsUserAttribute",title:"samlIDPMetaDataOptionsUserAttribute"}],id:"samlIDPMetaDataOptionsSession",title:"samlIDPMetaDataOptionsSession",type:"simpleInputContainer"},{_nodes:[{default:-1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSSOMessage",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSSOMessage",title:"samlIDPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSSOMessageSignature",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSSOMessageSignature",title:"samlIDPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSLOMessage",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSLOMessage",title:"samlIDPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSLOMessageSignature",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSLOMessageSignature",title:"samlIDPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlIDPMetaDataOptionsSignature",title:"samlIDPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSSOBinding",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSSOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"artifact-get",v:"Artifact GET"}],title:"samlIDPMetaDataOptionsSSOBinding",type:"select"},{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSLOBinding",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSLOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"http-soap",v:"SOAP"}],title:"samlIDPMetaDataOptionsSLOBinding",type:"select"}],id:"samlIDPMetaDataOptionsBinding",title:"samlIDPMetaDataOptionsBinding",type:"simpleInputContainer"},{_nodes:[{default:"none",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsEncryptionMode",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlIDPMetaDataOptionsEncryptionMode",type:"select"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckTime",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckTime",title:"samlIDPMetaDataOptionsCheckTime",type:"bool"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckAudience",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckAudience",title:"samlIDPMetaDataOptionsCheckAudience",type:"bool"}],id:"samlIDPMetaDataOptionsSecurity",title:"samlIDPMetaDataOptionsSecurity",type:"simpleInputContainer"},{_nodes:[{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsResolutionRule",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsResolutionRule",title:"samlIDPMetaDataOptionsResolutionRule",type:"longtext"},{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsNameIDFormat",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlIDPMetaDataOptionsNameIDFormat",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceAuthn",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceAuthn",title:"samlIDPMetaDataOptionsForceAuthn",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIsPassive",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIsPassive",title:"samlIDPMetaDataOptionsIsPassive",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowProxiedAuthn",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowProxiedAuthn",title:"samlIDPMetaDataOptionsAllowProxiedAuthn",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowLoginFromIDP",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowLoginFromIDP",title:"samlIDPMetaDataOptionsAllowLoginFromIDP",type:"bool"},{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRequestedAuthnContext",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRequestedAuthnContext",select:[{k:"",v:""},{k:"kerberos",v:"Kerberos"},{k:"password-protected-transport",v:"Password protected transport"},{k:"password",v:"Password"},{k:"tls-client",v:"TLS client certificate"}],title:"samlIDPMetaDataOptionsRequestedAuthnContext",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRelayStateURL",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRelayStateURL",title:"samlIDPMetaDataOptionsRelayStateURL",type:"bool"}],help:"authsaml.html#options",id:"samlIDPMetaDataOptions",title:"samlIDPMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsDisplayName",title:"samlIDPMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIcon",title:"samlIDPMetaDataOptionsIcon"},{get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSortNumber",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSortNumber",title:"samlIDPMetaDataOptionsSortNumber",type:"int"}],id:"samlIDPMetaDataOptionsDisplay",title:"samlIDPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlSPMetaDataNode":return[{get:tpl+"s/"+key+"/"+"samlSPMetaDataXML",id:tpl+"s/"+key+"/"+"samlSPMetaDataXML",title:"samlSPMetaDataXML",type:"file"},{cnodes:tpl+"s/"+key+"/"+"samlSPMetaDataExportedAttributes",default:[],help:"idpsaml.html#exported_attributes",id:tpl+"s/"+key+"/"+"samlSPMetaDataExportedAttributes",title:"samlSPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{_nodes:[{default:"",get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDFormat",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlSPMetaDataOptionsNameIDFormat",type:"select"},{get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDSessionKey",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDSessionKey",title:"samlSPMetaDataOptionsNameIDSessionKey"},{default:0,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsOneTimeUse",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsOneTimeUse",title:"samlSPMetaDataOptionsOneTimeUse",type:"bool"},{default:72e3,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",type:"int"},{default:72e3,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNotOnOrAfterTimeout",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsNotOnOrAfterTimeout",type:"int"},{default:1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsForceUTF8",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsForceUTF8",title:"samlSPMetaDataOptionsForceUTF8",type:"bool"}],id:"samlSPMetaDataOptionsAuthnResponse",title:"samlSPMetaDataOptionsAuthnResponse",type:"simpleInputContainer"},{_nodes:[{default:-1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSSOMessage",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSSOMessage",title:"samlSPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSSOMessageSignature",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSSOMessageSignature",title:"samlSPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSLOMessage",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSLOMessage",title:"samlSPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSLOMessageSignature",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSLOMessageSignature",title:"samlSPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlSPMetaDataOptionsSignature",title:"samlSPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"none",get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEncryptionMode",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlSPMetaDataOptionsEncryptionMode",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEnableIDPInitiatedURL",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEnableIDPInitiatedURL",title:"samlSPMetaDataOptionsEnableIDPInitiatedURL",type:"bool"},{get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsRule",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsRule",title:"samlSPMetaDataOptionsRule"}],id:"samlSPMetaDataOptionsSecurity",title:"samlSPMetaDataOptionsSecurity",type:"simpleInputContainer"}],help:"idpsaml.html#options",id:"samlSPMetaDataOptions",title:"samlSPMetaDataOptions"}];case"virtualHost":return[{cnodes:tpl+"s/"+key+"/"+"locationRules",default:[{data:"deny",id:tpl+"s/"+key+"/"+"locationRules/default",re:"default",title:"default",type:"rule"}],help:"writingrulesand_headers.html#rules",id:tpl+"s/"+key+"/"+"locationRules",title:"locationRules",type:"ruleContainer"},{cnodes:tpl+"s/"+key+"/"+"exportedHeaders",help:"writingrulesand_headers.html#headers",id:tpl+"s/"+key+"/"+"exportedHeaders",title:"exportedHeaders",type:"keyTextContainer"},{cnodes:tpl+"s/"+key+"/"+"post",help:"formreplay.html",id:tpl+"s/"+key+"/"+"post",title:"post",type:"postContainer"},{_nodes:[{default:-1,get:tpl+"s/"+key+"/"+"vhostPort",id:tpl+"s/"+key+"/"+"vhostPort",title:"vhostPort",type:"int"},{default:-1,get:tpl+"s/"+key+"/"+"vhostHttps",id:tpl+"s/"+key+"/"+"vhostHttps",title:"vhostHttps",type:"trool"},{default:0,get:tpl+"s/"+key+"/"+"vhostMaintenance",id:tpl+"s/"+key+"/"+"vhostMaintenance",title:"vhostMaintenance",type:"bool"},{get:tpl+"s/"+key+"/"+"vhostAliases",id:tpl+"s/"+key+"/"+"vhostAliases",title:"vhostAliases"},{default:"Main",get:tpl+"s/"+key+"/"+"vhostType",id:tpl+"s/"+key+"/"+"vhostType",select:[{k:"Main",v:"Main"},{k:"Zimbra",v:"ZimbraPreAuth"},{k:"AuthBasic",v:"AuthBasic"},{k:"SecureToken",v:"SecureToken"},{k:"CDA",v:"CDA"},{k:"DevOps",v:"DevOps"},{k:"DevOpsST",v:"DevOpsST"},{k:"ServiceToken",v:"ServiceToken"}],title:"vhostType",type:"select"},{get:tpl+"s/"+key+"/"+"vhostAuthnLevel",id:tpl+"s/"+key+"/"+"vhostAuthnLevel",title:"vhostAuthnLevel",type:"int"}],help:"configvhost.html#options",id:"vhostOptions",title:"vhostOptions",type:"simpleInputContainer"}];default:return[]}}function setScopeVars(scope){scope.portal=scope.data[0]._nodes[0]._nodes[0];scope.getKey(scope.portal);scope.domain=scope.data[0]._nodes[4]._nodes[1];scope.getKey(scope.domain)} diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json index 379a1af57..225156788 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json @@ -499,6 +499,7 @@ "oidcOPMetaDataOptionsDisplayName":"عرض الاسم", "oidcOPMetaDataOptionsDisplayParams":"عرض", "oidcOPMetaDataOptionsIcon":"شعار", +"oidcOPMetaDataOptionsSortNumber":"Order", "oidcOPMetaDataOptionsJWKSTimeout":"مهلة بيانات JWKS", "oidcRPMetaDataOptionsLogoutSessionRequired":"جلسة مطلوب", "oidcRPMetaDataOptionsLogoutType":"نوع", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/de.json b/lemonldap-ng-manager/site/htdocs/static/languages/de.json index e4db8bd41..cee961ee6 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/de.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/de.json @@ -499,6 +499,7 @@ "oidcOPMetaDataOptionsDisplayName":"Display name", "oidcOPMetaDataOptionsDisplayParams":"Display", "oidcOPMetaDataOptionsIcon":"Logo", +"oidcOPMetaDataOptionsSortNumber":"Order", "oidcOPMetaDataOptionsJWKSTimeout":"JWKS data timeout", "oidcRPMetaDataOptionsLogoutSessionRequired":"Session required", "oidcRPMetaDataOptionsLogoutType":"Type", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/en.json b/lemonldap-ng-manager/site/htdocs/static/languages/en.json index d204ba196..0d586099d 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/en.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/en.json @@ -499,6 +499,7 @@ "oidcOPMetaDataOptionsDisplayName":"Display name", "oidcOPMetaDataOptionsDisplayParams":"Display", "oidcOPMetaDataOptionsIcon":"Logo", +"oidcOPMetaDataOptionsSortNumber":"Order", "oidcOPMetaDataOptionsJWKSTimeout":"JWKS data timeout", "oidcRPMetaDataOptionsLogoutSessionRequired":"Session required", "oidcRPMetaDataOptionsLogoutType":"Type", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/es.json b/lemonldap-ng-manager/site/htdocs/static/languages/es.json index d204ba196..0d586099d 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/es.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/es.json @@ -499,6 +499,7 @@ "oidcOPMetaDataOptionsDisplayName":"Display name", "oidcOPMetaDataOptionsDisplayParams":"Display", "oidcOPMetaDataOptionsIcon":"Logo", +"oidcOPMetaDataOptionsSortNumber":"Order", "oidcOPMetaDataOptionsJWKSTimeout":"JWKS data timeout", "oidcRPMetaDataOptionsLogoutSessionRequired":"Session required", "oidcRPMetaDataOptionsLogoutType":"Type", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json index eda316cf7..7276eb4d1 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json @@ -499,6 +499,7 @@ "oidcOPMetaDataOptionsDisplayName":"Nom d'affichage", "oidcOPMetaDataOptionsDisplayParams":"Affichage", "oidcOPMetaDataOptionsIcon":"Logo", +"oidcOPMetaDataOptionsSortNumber":"Ordre", "oidcOPMetaDataOptionsJWKSTimeout":"Durée de vie des données JWKS", "oidcRPMetaDataOptionsLogoutSessionRequired":"Session requise", "oidcRPMetaDataOptionsLogoutType":"Type", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/it.json b/lemonldap-ng-manager/site/htdocs/static/languages/it.json index 4fe4c5cad..127cf30e4 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/it.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/it.json @@ -499,6 +499,7 @@ "oidcOPMetaDataOptionsDisplayName":"Visualizza nome", "oidcOPMetaDataOptionsDisplayParams":"Visualizza", "oidcOPMetaDataOptionsIcon":"Logo", +"oidcOPMetaDataOptionsSortNumber":"Order", "oidcOPMetaDataOptionsJWKSTimeout":"Timeout dei dati di JWKS", "oidcRPMetaDataOptionsLogoutSessionRequired":"Sessione necessaria", "oidcRPMetaDataOptionsLogoutType":"Tipo", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json index 1291384e0..1fede8b3d 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json @@ -499,6 +499,7 @@ "oidcOPMetaDataOptionsDisplayName":"Tên hiển thị", "oidcOPMetaDataOptionsDisplayParams":"Hiển thị", "oidcOPMetaDataOptionsIcon":"Logo", +"oidcOPMetaDataOptionsSortNumber":"Order", "oidcOPMetaDataOptionsJWKSTimeout":"Thời gian chờ của dữ liệu JWKS", "oidcRPMetaDataOptionsLogoutSessionRequired":"Phiên yêu cầu", "oidcRPMetaDataOptionsLogoutType":"Loại", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json index 48cbc1fd5..6c1278391 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json @@ -499,6 +499,7 @@ "oidcOPMetaDataOptionsDisplayName":"Display name", "oidcOPMetaDataOptionsDisplayParams":"Display", "oidcOPMetaDataOptionsIcon":"Logo", +"oidcOPMetaDataOptionsSortNumber":"Order", "oidcOPMetaDataOptionsJWKSTimeout":"JWKS data timeout", "oidcRPMetaDataOptionsLogoutSessionRequired":"Session required", "oidcRPMetaDataOptionsLogoutType":"Type", diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm index 6cd145a00..980c34613 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm @@ -45,6 +45,8 @@ sub init { ->{oidcOPMetaDataOptionsDisplayName}; my $icon = $self->conf->{oidcOPMetaDataOptions}->{$_} ->{oidcOPMetaDataOptionsIcon}; + my $order = $self->conf->{oidcOPMetaDataOptions}->{$_} + ->{oidcOPMetaDataOptionsSortNumber}; my $img_src; if ($icon) { @@ -60,6 +62,7 @@ sub init { name => $name, icon => $img_src, class => "openidconnect", + order => $order }; } $self->addRouteFromConf( @@ -73,7 +76,7 @@ sub init { oidcServiceMetaDataBackChannelURI => 'backLogout', ); @list = - sort { $a->{name} cmp $b->{name} or $a->{val} cmp $b->{val} } @list; + sort { $a->{order} <=> $b->{order} or $a->{name} cmp $b->{name} or $a->{val} cmp $b->{val} } @list; $self->opList( [@list] ); return 1; } From 8875a4e98578018a648bd71e9e14e57dd6c55038 Mon Sep 17 00:00:00 2001 From: Antoine ROSIER Date: Wed, 10 Apr 2019 17:21:33 +0200 Subject: [PATCH 08/32] perltidy --- .../lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm | 6 +++++- .../lib/Lemonldap/NG/Portal/Auth/SAML.pm | 13 +++++++++---- .../lib/Lemonldap/NG/Portal/Lib/SAML.pm | 2 +- 3 files changed, 15 insertions(+), 6 deletions(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm index 980c34613..a94b0ca1b 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm @@ -76,7 +76,11 @@ sub init { oidcServiceMetaDataBackChannelURI => 'backLogout', ); @list = - sort { $a->{order} <=> $b->{order} or $a->{name} cmp $b->{name} or $a->{val} cmp $b->{val} } @list; + sort { + $a->{order} <=> $b->{order} + or $a->{name} cmp $b->{name} + or $a->{val} cmp $b->{val} + } @list; $self->opList( [@list] ); return 1; } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm index 46c9e6418..4f45fed8d 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm @@ -791,7 +791,7 @@ sub extractFormInfo { my $res = $self->p->deleteSession($req); return ( $res eq PE_LOGOUT_OK ? PE_SENDRESPONSE : $res ); - } + } ] ); @@ -897,7 +897,7 @@ sub extractFormInfo { $req->pdata->{_url} = encode_base64( $req->urldc, '' ); } my $disco_url = $self->conf->{samlDiscoveryProtocolURL}; - my $portal = $self->conf->{portal}; + my $portal = $self->conf->{portal}; $disco_url .= ( $disco_url =~ /\?/ ? '&' : '?' ) . build_urlencoded( entityID => $self->getMetaDataURL( 'samlEntityID', 0, 1 ), @@ -956,7 +956,8 @@ sub extractFormInfo { } $self->logger->debug( "IDP " . $self->{idpList}->{$_}->{name} - . " -> DisplayName : $idpName with Icon : $img_src at order : $order" ); + . " -> DisplayName : $idpName with Icon : $img_src at order : $order" + ); push @list, { val => $_, @@ -966,7 +967,11 @@ sub extractFormInfo { }; } @list = - sort { $a->{order} <=> $b->{order} or $a->{name} cmp $b->{name} or $a->{val} cmp $b->{val} } @list; + sort { + $a->{order} <=> $b->{order} + or $a->{name} cmp $b->{name} + or $a->{val} cmp $b->{val} + } @list; $req->data->{list} = \@list; $req->data->{confirmRemember} = 1; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm index a143a3dae..2ecf010bc 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm @@ -186,7 +186,7 @@ sub loadService { # Create Lasso server with service metadata my $server = $self->createServer( - $service_metadata->serviceToXML( $self->conf, ''), + $service_metadata->serviceToXML( $self->conf, '' ), $self->conf->{samlServicePrivateKeySig}, $self->conf->{samlServicePrivateKeySigPwd}, From fabcb97ad24e9bbd87198fc3064003a215235f44 Mon Sep 17 00:00:00 2001 From: Xavier Date: Wed, 10 Apr 2019 20:29:24 +0200 Subject: [PATCH 09/32] make documentation --- .../current/applications/img/icons.png | 4 +-- .../current/applications/img/loader.gif | 4 +-- .../current/authopenidconnect.html | 4 ++- doc/pages/documentation/current/authsaml.html | 4 ++- .../current/browseablesessionbackend.html | 29 ++++++++++--------- .../documentation/current/contribute.html | 9 ++++-- doc/pages/documentation/current/dos | 4 +-- doc/pages/documentation/current/exploit | 4 +-- doc/pages/documentation/current/mitm | 4 +-- .../documentation/current/performances.html | 14 ++++----- .../documentation/current/portalcustom.html | 24 +++++++-------- doc/pages/documentation/current/stayconnected | 4 +-- 12 files changed, 59 insertions(+), 49 deletions(-) diff --git a/doc/pages/documentation/current/applications/img/icons.png b/doc/pages/documentation/current/applications/img/icons.png index 1991f9e1b..01383576f 100644 --- a/doc/pages/documentation/current/applications/img/icons.png +++ b/doc/pages/documentation/current/applications/img/icons.png @@ -90,7 +90,7 @@ +
    • @@ -262,7 +262,7 @@ You've followed a link to a topic that doesn't exist yet. If permissio -
    +
    diff --git a/doc/pages/documentation/current/applications/img/loader.gif b/doc/pages/documentation/current/applications/img/loader.gif index 95da33c45..7d27c4dab 100644 --- a/doc/pages/documentation/current/applications/img/loader.gif +++ b/doc/pages/documentation/current/applications/img/loader.gif @@ -90,7 +90,7 @@ +
    • @@ -262,7 +262,7 @@ You've followed a link to a topic that doesn't exist yet. If permissio -
    +
    diff --git a/doc/pages/documentation/current/authopenidconnect.html b/doc/pages/documentation/current/authopenidconnect.html index 0bca1fd42..01c377ddf 100644 --- a/doc/pages/documentation/current/authopenidconnect.html +++ b/doc/pages/documentation/current/authopenidconnect.html @@ -4,7 +4,7 @@ documentation:2.0:authopenidconnect - + @@ -433,6 +433,8 @@ So you can define for example:
  • Logo: Logo of the application
    • +
  • Order: Number to sort buttons
    +
    • diff --git a/doc/pages/documentation/current/authsaml.html b/doc/pages/documentation/current/authsaml.html index 6c86cba20..666185cde 100644 --- a/doc/pages/documentation/current/authsaml.html +++ b/doc/pages/documentation/current/authsaml.html @@ -4,7 +4,7 @@ documentation:2.0:authsaml - + @@ -311,6 +311,8 @@ Used only if you have more than 1
    Logo: Logo of the IDP
    +
  • Order: Number to sort IDP display
    +
    • The chosen logo must be in Portal icons directory (portal/static/common/icons/). You can set a custom icon by setting the icon file name directly in the field and copy the logo file in portal icons directory
    diff --git a/doc/pages/documentation/current/browseablesessionbackend.html b/doc/pages/documentation/current/browseablesessionbackend.html index d22a70216..8097c28c5 100644 --- a/doc/pages/documentation/current/browseablesessionbackend.html +++ b/doc/pages/documentation/current/browseablesessionbackend.html @@ -4,7 +4,7 @@ documentation:2.0:browseablesessionbackend - + @@ -103,8 +103,11 @@ The following table list fields to index depending on the feature you want to in Session restrictions _session_kind ipAddr WHATTOTRACE + + Password reset by email user +
    - +

    See Apache::Session::Browseable::* man page to see how use indexes.

    @@ -113,7 +116,7 @@ See Apache::Session::Browseable::* man page to see how use indexes.
    Documentation below explains how set index on ipAddr and _whatToTrace. Adapt it to configure the index you need.
    - +

    Browseable NoSQL

    @@ -140,15 +143,15 @@ You then just have to add the Index parameter in General par Index Index _whatToTrace ipAddr
    - + - +

    Browseable SQL

    This documentation concerns PostgreSQL. Some adaptations are needed with other databases.
    - +

    Prepare database

    @@ -182,7 +185,7 @@ CREATE INDEX ip1 ON sessions USING BTREE (ipAddr);
    With new Apache::Session::Browseable::PgHstore and PgJSON, you don't need to declare indexes in CREATE TABLE since “json” and “hstore” type are browseable. You should anyway add some indexes (see manpage).
    - +

    Manager

    @@ -211,14 +214,14 @@ Go in the Manager and set the session module ( Index Index _whatToTrace ipAddr _session_kind _utime
    -
    Apache::Session::Browseable::MySQL doesn't use locks so performances are keeped. +
    Apache::Session::Browseable::MySQL doesn't use locks so performances are keeped.

    For databases like PostgreSQL, don't forget to add “Commit” with a value of 1

    - +

    Browseable LDAP

    @@ -272,9 +275,9 @@ You need to add the Index field and can also configure the ld ldapAttributeIndex Attribute storing index ou
    - + - +

    Security

    @@ -287,7 +290,7 @@ You can also use different user/password for your servers by overriding paramete

    - +

    Performances

    @@ -329,6 +332,6 @@ CREATE INDEX _u1 ON sessions (_utime); CREATE INDEX ip1 ON sessions (ipAddr) USING BTREE;
    - + diff --git a/doc/pages/documentation/current/contribute.html b/doc/pages/documentation/current/contribute.html index 79c01fbf1..78f9b5704 100644 --- a/doc/pages/documentation/current/contribute.html +++ b/doc/pages/documentation/current/contribute.html @@ -183,8 +183,13 @@ aptitude install apache2 libapache2-mod-fcgid libapache2-mod-perl2 # install Ap aptitude install nginx nginx-extras # install Nginx aptitude install perltidy +

    + SAML : +

    +
    aptitude install liblasso-perl libglib-perl
    + - +

    Working Project

    make test # or manager_test, portal_test, ... to launch unit tests
@@ -200,6 +205,6 @@ make tidy # to magnify perl files (perl best pratices)
 cd lemonldap-ng-portal && prove t/XXXX # To launch specific unit test
    - + diff --git a/doc/pages/documentation/current/dos b/doc/pages/documentation/current/dos index d1d1db393..8658698d3 100644 --- a/doc/pages/documentation/current/dos +++ b/doc/pages/documentation/current/dos @@ -90,7 +90,7 @@     +
    • @@ -262,7 +262,7 @@ You've followed a link to a topic that doesn't exist yet. If permissio -
    +
    diff --git a/doc/pages/documentation/current/exploit b/doc/pages/documentation/current/exploit index 83391fc50..0823f6ebe 100644 --- a/doc/pages/documentation/current/exploit +++ b/doc/pages/documentation/current/exploit @@ -90,7 +90,7 @@ +
    • @@ -262,7 +262,7 @@ You've followed a link to a topic that doesn't exist yet. If permissio -
    +
    diff --git a/doc/pages/documentation/current/mitm b/doc/pages/documentation/current/mitm index 8b6bc6444..75b824074 100644 --- a/doc/pages/documentation/current/mitm +++ b/doc/pages/documentation/current/mitm @@ -90,7 +90,7 @@ +
    • @@ -262,7 +262,7 @@ You've followed a link to a topic that doesn't exist yet. If permissio -
    +
    diff --git a/doc/pages/documentation/current/performances.html b/doc/pages/documentation/current/performances.html index 4dd7b6678..431a3732d 100644 --- a/doc/pages/documentation/current/performances.html +++ b/doc/pages/documentation/current/performances.html @@ -4,7 +4,7 @@ documentation:2.0:performances - + @@ -367,7 +367,7 @@ Analysis:

    -LDAP server can be a brake when you use LDAP groups recovery. You can avoid this by setting “memberOf” fields in your LDAP scheme: +LDAP server can slow you down when you use LDAP groups retrieval. You can avoid this by setting “memberOf” fields in your LDAP scheme: 

    dn: uid=foo,dmdName=people,dc=example,dc=com
 ...
@@ -375,7 +375,7 @@ LDAP server can be a brake when you use LDAP groups recovery. You can avoid this
 memberOf: cn=su,dmdName=groups,dc=example,dc=com

    -So instead of using LDAP groups recovery, you just have to store “memberOf” field in your exported variables. With OpenLDAP, you can use the memberof overlay to do it automatically. +So instead of using LDAP groups retrieval, you just have to store “memberOf” field in your exported variables. With OpenLDAP, you can use the memberof overlay to do it automatically.

    Don't forget to create an index on the field used to find users (uid by default)
    To avoid having group dn stored in sessions datas, you can use a macro to rewrite memberOf:
      @@ -399,12 +399,12 @@ Now ldapgroups contains “admin su”
    - +

    Manager performances

    - +

    Disable unused modules

    @@ -415,7 +415,7 @@ In lemonldap-ng.ini, set only modules that you will use. By default, configurati enabledModules = conf, sessions
    - +

    Use static HTML files

    @@ -442,6 +442,6 @@ So manager HTML templates will be

    -
    + diff --git a/doc/pages/documentation/current/portalcustom.html b/doc/pages/documentation/current/portalcustom.html index 39c4a20dd..6ecc6c9ad 100644 --- a/doc/pages/documentation/current/portalcustom.html +++ b/doc/pages/documentation/current/portalcustom.html @@ -4,7 +4,7 @@ documentation:2.0:portalcustom - + @@ -214,8 +214,7 @@ Then create symbolic links on template files, as you might not want to rewrite a 

    cd /usr/share/lemonldap-ng/portal/templates/
 mkdir myskin
-cd myskin/
-ln -s ../bootstrap/*.tpl .
    +cd myskin/

    We include some template files that can be customized: @@ -234,10 +233,9 @@ We include some template files that can be customized:

    -To use custom files, delete links and copy them into your skin folder: +To use custom files, copy them into your skin folder:

    -
    rm -f custom*
-cp ../bootstrap/custom* .
    +
    cp ../bootstrap/custom* .

    Then you can add your media to myskin/images, you will be able to use them in HTML template with this code: @@ -265,7 +263,7 @@ To configure your new skin in Manager, select the custom skin, and enter your sk 

    /usr/share/lemonldap-ng/bin/lemonldap-ng-cli -yes 1 set portalSkin 'myskin' portalSkinBackground ''
    - +

    Messages

    @@ -316,7 +314,7 @@ You can also create a file called all.json to override messages in

    - +
    @@ -332,7 +330,7 @@ This will allow one to display the tab directly with this +

    Template parameters

    @@ -360,7 +358,7 @@ You can also display environment variables, with the prefix env_: 
    Your IP is <TMPL_VAR NAME="env_REMOTE_ADDR">
    - +

    Buttons

    @@ -377,7 +375,7 @@ This node allows one to enable/disable buttons on the login page:
    - +

    Password management

      @@ -390,7 +388,7 @@ This node allows one to enable/disable buttons on the login page:
    - +

    Other parameters

      @@ -409,6 +407,6 @@ This node allows one to enable/disable buttons on the login page:
    -
    + diff --git a/doc/pages/documentation/current/stayconnected b/doc/pages/documentation/current/stayconnected index d57d0cdf0..2e46572ce 100644 --- a/doc/pages/documentation/current/stayconnected +++ b/doc/pages/documentation/current/stayconnected @@ -90,7 +90,7 @@ +
    • @@ -262,7 +262,7 @@ You've followed a link to a topic that doesn't exist yet. If permissio -
    +
    From 7aafb418d4b392e8c0fb118993387f7e789ff202 Mon Sep 17 00:00:00 2001 From: Xavier Date: Wed, 10 Apr 2019 20:46:02 +0200 Subject: [PATCH 10/32] make doc --- .../current/applications/img/icons.png | 4 ++-- .../current/applications/img/loader.gif | 4 ++-- .../documentation/current/contribute.html | 21 +++++++++++++------ doc/pages/documentation/current/dos | 4 ++-- doc/pages/documentation/current/exploit | 4 ++-- doc/pages/documentation/current/mitm | 4 ++-- doc/pages/documentation/current/stayconnected | 4 ++-- 7 files changed, 27 insertions(+), 18 deletions(-) diff --git a/doc/pages/documentation/current/applications/img/icons.png b/doc/pages/documentation/current/applications/img/icons.png index 01383576f..9405780a8 100644 --- a/doc/pages/documentation/current/applications/img/icons.png +++ b/doc/pages/documentation/current/applications/img/icons.png @@ -90,7 +90,7 @@ +
    • @@ -262,7 +262,7 @@ You've followed a link to a topic that doesn't exist yet. If permissio -
    +
    diff --git a/doc/pages/documentation/current/applications/img/loader.gif b/doc/pages/documentation/current/applications/img/loader.gif index 7d27c4dab..7b8e422a6 100644 --- a/doc/pages/documentation/current/applications/img/loader.gif +++ b/doc/pages/documentation/current/applications/img/loader.gif @@ -90,7 +90,7 @@ +
    • @@ -262,7 +262,7 @@ You've followed a link to a topic that doesn't exist yet. If permissio -
    +
    diff --git a/doc/pages/documentation/current/contribute.html b/doc/pages/documentation/current/contribute.html index 78f9b5704..7d690f29f 100644 --- a/doc/pages/documentation/current/contribute.html +++ b/doc/pages/documentation/current/contribute.html @@ -58,7 +58,7 @@
  • Configure Git
    • -
  • Import Project
    • +
  • Import Project and using Git
  • Install dependencies
    • @@ -140,7 +140,7 @@ git config --list
    -

    Import Project

    +

    Import Project and using Git

    @@ -157,6 +157,15 @@ git fetch upstream # import branch git checkout v2.0 # to change branch git fetch upstream +

    +import version branch +on linux station : +

    +
    git checkout v2.0
+git fetch upstream --all
+git rebase upstream/v2.0 # to align to parent project remote branch
+git push # to push to working remote branch
    +

    on gitlab, create working branch, one per thematic on linux station : @@ -164,9 +173,9 @@ git fetch upstream 

    git checkout workingbranch
 git log
 git status
-git merge upstream/v2.0  # merge branch 2.0 in working branch
 git commit -am "explanations (#number gitlab ticket)"
 git commit --amend file(s) # to modify a commit
+git rebase v2.0 # align local working branch to local 2.0
 git checkout -- file(s) # revert
 git push # to send on remote working branch
    @@ -175,7 +184,7 @@ On gitlab, submit merge request when tests are corrects.

    - +

    Install dependencies

    aptitude install libapache-session-perl libcache-cache-perl libclone-perl libconfig-inifiles-perl libconvert-pem-perl libcrypt-openssl-bignum-perl libcrypt-openssl-rsa-perl libcrypt-openssl-x509-perl libcrypt-rijndael-perl libdbi-perl libdigest-hmac-perl libemail-sender-perl libgd-securityimage-perl libhtml-template-perl libio-string-perl libjson-perl libmime-tools-perl libmouse-perl libnet-ldap-perl libplack-perl libregexp-assemble-perl libregexp-common-perl libsoap-lite-perl libstring-random-perl libunicode-string-perl liburi-perl libwww-perl libxml-simple-perl libxml-libxslt-perl libcrypt-urandom-perl libconvert-base32-perl
@@ -189,7 +198,7 @@ aptitude install perltidy
    aptitude install liblasso-perl libglib-perl
    - +

    Working Project

    make test # or manager_test, portal_test, ... to launch unit tests
@@ -205,6 +214,6 @@ make tidy # to magnify perl files (perl best pratices)
 cd lemonldap-ng-portal && prove t/XXXX # To launch specific unit test
    - + diff --git a/doc/pages/documentation/current/dos b/doc/pages/documentation/current/dos index 8658698d3..33d2f5511 100644 --- a/doc/pages/documentation/current/dos +++ b/doc/pages/documentation/current/dos @@ -90,7 +90,7 @@ +
    • @@ -262,7 +262,7 @@ You've followed a link to a topic that doesn't exist yet. If permissio -
    +
    diff --git a/doc/pages/documentation/current/exploit b/doc/pages/documentation/current/exploit index 0823f6ebe..5583e0d2c 100644 --- a/doc/pages/documentation/current/exploit +++ b/doc/pages/documentation/current/exploit @@ -90,7 +90,7 @@ +
    • @@ -262,7 +262,7 @@ You've followed a link to a topic that doesn't exist yet. If permissio -
    +
    diff --git a/doc/pages/documentation/current/mitm b/doc/pages/documentation/current/mitm index 75b824074..849a59024 100644 --- a/doc/pages/documentation/current/mitm +++ b/doc/pages/documentation/current/mitm @@ -90,7 +90,7 @@ +
    • @@ -262,7 +262,7 @@ You've followed a link to a topic that doesn't exist yet. If permissio -
    +
    diff --git a/doc/pages/documentation/current/stayconnected b/doc/pages/documentation/current/stayconnected index 2e46572ce..8360ff65f 100644 --- a/doc/pages/documentation/current/stayconnected +++ b/doc/pages/documentation/current/stayconnected @@ -90,7 +90,7 @@ +
    • @@ -262,7 +262,7 @@ You've followed a link to a topic that doesn't exist yet. If permissio -
    +
    From 4a21e96426fe7445a94cec56bbfb825b4e655470 Mon Sep 17 00:00:00 2001 From: Xavier Date: Wed, 10 Apr 2019 21:54:03 +0200 Subject: [PATCH 11/32] Fix warning --- lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm index 5fd9c0693..127b0d994 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm @@ -945,7 +945,7 @@ sub extractFormInfo { $idpName = $self->{idpList}->{$_}->{displayName} if $self->{idpList}->{$_}->{displayName}; my $icon = $self->{idpList}->{$_}->{icon}; - my $order = $self->{idpList}->{$_}->{order}; + my $order = $self->{idpList}->{$_}->{order} // 0; my $img_src = ''; if ($icon) { From 1d08372a8ca6f5aacefc02789991ea9871f75707 Mon Sep 17 00:00:00 2001 From: maudoux Date: Wed, 10 Apr 2019 21:58:28 +0200 Subject: [PATCH 12/32] Sort CAS servers & update langs (#1704) --- .../lib/Lemonldap/NG/Common/Conf/ReConstants.pm | 2 +- .../lib/Lemonldap/NG/Manager/Attributes.pm | 3 +++ .../lib/Lemonldap/NG/Manager/Build/Attributes.pm | 5 ++++- .../lib/Lemonldap/NG/Manager/Build/CTrees.pm | 1 + lemonldap-ng-manager/site/htdocs/static/js/conftree.js | 6 ++++++ .../site/htdocs/static/js/conftree.min.js | 2 +- .../site/htdocs/static/languages/ar.json | 1 + .../site/htdocs/static/languages/de.json | 1 + .../site/htdocs/static/languages/en.json | 1 + .../site/htdocs/static/languages/fr.json | 1 + .../site/htdocs/static/languages/it.json | 1 + .../site/htdocs/static/languages/vi.json | 1 + .../site/htdocs/static/languages/zh.json | 1 + .../lib/Lemonldap/NG/Portal/Auth/CAS.pm | 10 +++++++++- 14 files changed, 32 insertions(+), 4 deletions(-) diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm index bbffa3a6a..b152ba8f0 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm @@ -25,7 +25,7 @@ our $doubleHashKeys = 'issuerDBGetParameters'; our $simpleHashKeys = '(?:(?:l(?:o(?:calSessionStorageOption|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|c(?:as(?:StorageOption|Attribute)|ustomAddParam|ombModule)|(?:(?:d(?:emo|bi)|facebook|webID)E|e)xportedVar|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|p(?:ersistentStorageOption|ortalSkinRule)|macro)s|o(?:idcS(?:erviceMetaDataAuthnContext|torageOptions)|penIdExportedVars)|s(?:(?:amlStorageOption|laveExportedVar)s|essionDataToRemember)|a(?:ut(?:hChoiceMod|oSigninR)ules|pplicationList)|S(?:MTPTLSOpts|SLVarIf))'; our $specialNodeKeys = '(?:(?:(?:saml(?:ID|S)|oidc[OR])P|cas(?:App|Srv))MetaDataNode|virtualHost)s'; our $casAppMetaDataNodeKeys = 'casAppMetaData(?:Options(?:Servic|Rul)e|ExportedVars)'; -our $casSrvMetaDataNodeKeys = 'casSrvMetaData(?:Options(?:ProxiedServices|DisplayName|Gateway|Renew|Icon|Url)|ExportedVars)'; +our $casSrvMetaDataNodeKeys = 'casSrvMetaData(?:Options(?:ProxiedServices|DisplayName|SortNumber|Gateway|Renew|Icon|Url)|ExportedVars)'; our $oidcOPMetaDataNodeKeys = 'oidcOPMetaData(?:Options(?:C(?:lient(?:Secret|ID)|heckJWTSignature|onfigurationURI)|S(?:toreIDToken|ortNumber|cope)|TokenEndpointAuthMethod|(?:JWKSTimeou|Promp)t|I(?:DTokenMaxAge|con)|U(?:iLocales|seNonce)|Display(?:Name)?|AcrValues|MaxAge)|ExportedVars|J(?:SON|WKS))'; our $oidcRPMetaDataNodeKeys = 'oidcRPMetaData(?:Options(?:(?:PostLogoutRedirectUri|ExtraClaim)s|I(?:DToken(?:Expiration|SignAlg)|con)|Logout(?:SessionRequired|Type|Url)|AccessTokenExpiration|R(?:edirectUris|ule)|Client(?:Secret|ID)|BypassConsent|DisplayName|UserIDAttr)|ExportedVars)'; our $samlIDPMetaDataNodeKeys = 'samlIDPMetaData(?:Options(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|EncryptionMod|UserAttribut|DisplayNam)e|S(?:ignS[LS]OMessage|toreSAMLToken|[LS]OBinding|ortNumber)|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Re(?:questedAuthnContext|solutionRule|layStateURL)|Force(?:Authn|UTF8)|I(?:sPassive|con)|NameIDFormat)|ExportedAttributes|XML)'; diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm index da1b8c0a5..f0fdca584 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm @@ -721,6 +721,9 @@ sub attributes { 'default' => 0, 'type' => 'bool' }, + 'casSrvMetaDataOptionsSortNumber' => { + 'type' => 'int' + }, 'casSrvMetaDataOptionsUrl' => { 'msgFail' => '__badUrl__', 'test' => diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm index e06077485..9078472f6 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm @@ -2770,6 +2770,10 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: type => 'text', documentation => 'Path of CAS Server Icon', }, + casSrvMetaDataOptionsSortNumber => { + type => 'int', + documentation => 'Number to sort buttons', + }, # Fake attribute: used by manager REST API to agglomerate all nodes # related to a CAS IDP partner @@ -3344,7 +3348,6 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: oidcOPMetaDataOptionsIcon => { type => 'text', }, oidcOPMetaDataOptionsStoreIDToken => { type => 'bool', default => 0 }, oidcOPMetaDataOptionsSortNumber => { type => 'int', }, - oidcRPMetaDataOptionsRule => { type => 'text', test => $perlExpr, diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm index 5a9cccade..cbcd5ec0d 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm @@ -243,6 +243,7 @@ sub cTrees { nodes => [ 'casSrvMetaDataOptionsDisplayName', 'casSrvMetaDataOptionsIcon', + 'casSrvMetaDataOptionsSortNumber', ] }, ], diff --git a/lemonldap-ng-manager/site/htdocs/static/js/conftree.js b/lemonldap-ng-manager/site/htdocs/static/js/conftree.js index fa2ff55d4..f7446427e 100644 --- a/lemonldap-ng-manager/site/htdocs/static/js/conftree.js +++ b/lemonldap-ng-manager/site/htdocs/static/js/conftree.js @@ -126,6 +126,12 @@ function templates(tpl,key) { "get" : tpl+"s/"+key+"/"+"casSrvMetaDataOptionsIcon", "id" : tpl+"s/"+key+"/"+"casSrvMetaDataOptionsIcon", "title" : "casSrvMetaDataOptionsIcon" + }, + { + "get" : tpl+"s/"+key+"/"+"casSrvMetaDataOptionsSortNumber", + "id" : tpl+"s/"+key+"/"+"casSrvMetaDataOptionsSortNumber", + "title" : "casSrvMetaDataOptionsSortNumber", + "type" : "int" } ], "id" : "casSrvMetaDataOptionsDisplay", diff --git a/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js b/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js index 423894fa5..41f04118a 100644 --- a/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js +++ b/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js @@ -1 +1 @@ -function templates(tpl,key){var ind;var scalarTemplate=function(r){return{id:tpl+"s/"+ind++,title:r,get:tpl+"s/"+key+"/"+r}};switch(tpl){case"casAppMetaDataNode":return[{_nodes:[{get:tpl+"s/"+key+"/"+"casAppMetaDataOptionsService",id:tpl+"s/"+key+"/"+"casAppMetaDataOptionsService",title:"casAppMetaDataOptionsService"},{get:tpl+"s/"+key+"/"+"casAppMetaDataOptionsRule",id:tpl+"s/"+key+"/"+"casAppMetaDataOptionsRule",title:"casAppMetaDataOptionsRule"}],id:"casAppMetaDataOptions",title:"casAppMetaDataOptions",type:"simpleInputContainer"},{cnodes:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars",default:[{data:"cn",id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars",title:"casAppMetaDataExportedVars",type:"keyTextContainer"}];case"casSrvMetaDataNode":return[{cnodes:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars",default:[{data:"cn",id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars",title:"casSrvMetaDataExportedVars",type:"keyTextContainer"},{cnodes:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsProxiedServices",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsProxiedServices",title:"casSrvMetaDataOptionsProxiedServices",type:"keyTextContainer"},{_nodes:[{get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsUrl",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsUrl",title:"casSrvMetaDataOptionsUrl"},{default:0,get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsRenew",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsRenew",title:"casSrvMetaDataOptionsRenew",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsGateway",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsGateway",title:"casSrvMetaDataOptionsGateway",type:"bool"}],id:"casSrvMetaDataOptions",title:"casSrvMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsDisplayName",title:"casSrvMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsIcon",title:"casSrvMetaDataOptionsIcon"}],id:"casSrvMetaDataOptionsDisplay",title:"casSrvMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"oidcOPMetaDataNode":return[{get:tpl+"s/"+key+"/"+"oidcOPMetaDataJSON",id:tpl+"s/"+key+"/"+"oidcOPMetaDataJSON",title:"oidcOPMetaDataJSON",type:"file"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataJWKS",id:tpl+"s/"+key+"/"+"oidcOPMetaDataJWKS",title:"oidcOPMetaDataJWKS",type:"file"},{cnodes:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars",default:[{data:"name",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"email",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"family_name",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/sn",title:"sn",type:"keyText"},{data:"sub",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars",title:"oidcOPMetaDataExportedVars",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsConfigurationURI",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsConfigurationURI",title:"oidcOPMetaDataOptionsConfigurationURI"},{default:0,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsJWKSTimeout",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsJWKSTimeout",title:"oidcOPMetaDataOptionsJWKSTimeout",type:"int"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientID",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientID",title:"oidcOPMetaDataOptionsClientID"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientSecret",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientSecret",title:"oidcOPMetaDataOptionsClientSecret",type:"password"},{default:0,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsStoreIDToken",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsStoreIDToken",title:"oidcOPMetaDataOptionsStoreIDToken",type:"bool"}],id:"oidcOPMetaDataOptionsConfiguration",title:"oidcOPMetaDataOptionsConfiguration",type:"simpleInputContainer"},{_nodes:[{default:"openid profile",get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsScope",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsScope",title:"oidcOPMetaDataOptionsScope"},{default:"",get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplay",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplay",select:[{k:"",v:""},{k:"page",v:"page"},{k:"popup",v:"popup"},{k:"touch",v:"touch"},{k:"wap",v:"wap"}],title:"oidcOPMetaDataOptionsDisplay",type:"select"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsPrompt",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsPrompt",title:"oidcOPMetaDataOptionsPrompt"},{default:0,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsMaxAge",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsMaxAge",title:"oidcOPMetaDataOptionsMaxAge",type:"int"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUiLocales",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUiLocales",title:"oidcOPMetaDataOptionsUiLocales"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsAcrValues",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsAcrValues",title:"oidcOPMetaDataOptionsAcrValues"},{default:"client_secret_post",get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsTokenEndpointAuthMethod",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsTokenEndpointAuthMethod",select:[{k:"client_secret_post",v:"client_secret_post"},{k:"client_secret_basic",v:"client_secret_basic"}],title:"oidcOPMetaDataOptionsTokenEndpointAuthMethod",type:"select"},{default:1,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsCheckJWTSignature",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsCheckJWTSignature",title:"oidcOPMetaDataOptionsCheckJWTSignature",type:"bool"},{default:30,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIDTokenMaxAge",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIDTokenMaxAge",title:"oidcOPMetaDataOptionsIDTokenMaxAge",type:"int"},{default:1,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUseNonce",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUseNonce",title:"oidcOPMetaDataOptionsUseNonce",type:"bool"}],id:"oidcOPMetaDataOptionsProtocol",title:"oidcOPMetaDataOptionsProtocol",type:"simpleInputContainer"}],id:"oidcOPMetaDataOptions",title:"oidcOPMetaDataOptions"},{_nodes:[{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplayName",title:"oidcOPMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIcon",title:"oidcOPMetaDataOptionsIcon"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsSortNumber",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsSortNumber",title:"oidcOPMetaDataOptionsSortNumber",type:"int"}],id:"oidcOPMetaDataOptionsDisplayParams",title:"oidcOPMetaDataOptionsDisplayParams",type:"simpleInputContainer"}];case"oidcRPMetaDataNode":return[{cnodes:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars",default:[{data:"mail",id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars/email",title:"email",type:"keyText"},{data:"sn",id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars/family_name",title:"family_name",type:"keyText"},{data:"cn",id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars/name",title:"name",type:"keyText"}],id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars",title:"oidcRPMetaDataExportedVars",type:"keyTextContainer"},{cnodes:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsExtraClaims",default:[],id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsExtraClaims",title:"oidcRPMetaDataOptionsExtraClaims",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientID",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientID",title:"oidcRPMetaDataOptionsClientID"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientSecret",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientSecret",title:"oidcRPMetaDataOptionsClientSecret",type:"password"}],id:"oidcRPMetaDataOptionsAuthentication",title:"oidcRPMetaDataOptionsAuthentication",type:"simpleInputContainer"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsUserIDAttr",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsUserIDAttr",title:"oidcRPMetaDataOptionsUserIDAttr"},{default:"HS512",get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenSignAlg",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenSignAlg",select:[{k:"none",v:"None"},{k:"HS256",v:"HS256"},{k:"HS384",v:"HS384"},{k:"HS512",v:"HS512"},{k:"RS256",v:"RS256"},{k:"RS384",v:"RS384"},{k:"RS512",v:"RS512"}],title:"oidcRPMetaDataOptionsIDTokenSignAlg",type:"select"},{default:3600,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenExpiration",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenExpiration",title:"oidcRPMetaDataOptionsIDTokenExpiration",type:"int"},{default:3600,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsAccessTokenExpiration",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsAccessTokenExpiration",title:"oidcRPMetaDataOptionsAccessTokenExpiration",type:"int"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRedirectUris",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRedirectUris",title:"oidcRPMetaDataOptionsRedirectUris"},{default:0,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsBypassConsent",help:"openidconnectclaims.html",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsBypassConsent",title:"oidcRPMetaDataOptionsBypassConsent",type:"bool"},{_nodes:[{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsPostLogoutRedirectUris",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsPostLogoutRedirectUris",title:"oidcRPMetaDataOptionsPostLogoutRedirectUris"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutUrl",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutUrl",title:"oidcRPMetaDataOptionsLogoutUrl"},{default:"front",get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutType",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutType",select:[{k:"front",v:"Front Channel"},{k:"back",v:"Back Channel"}],title:"oidcRPMetaDataOptionsLogoutType",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutSessionRequired",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutSessionRequired",title:"oidcRPMetaDataOptionsLogoutSessionRequired",type:"bool"}],id:"logout",title:"logout",type:"simpleInputContainer"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRule",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRule",title:"oidcRPMetaDataOptionsRule"}],id:"oidcRPMetaDataOptions",title:"oidcRPMetaDataOptions"},{_nodes:[{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsDisplayName",title:"oidcRPMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIcon",title:"oidcRPMetaDataOptionsIcon"}],id:"oidcRPMetaDataOptionsDisplay",title:"oidcRPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlIDPMetaDataNode":return[{get:tpl+"s/"+key+"/"+"samlIDPMetaDataXML",id:tpl+"s/"+key+"/"+"samlIDPMetaDataXML",title:"samlIDPMetaDataXML",type:"file"},{cnodes:tpl+"s/"+key+"/"+"samlIDPMetaDataExportedAttributes",default:[],help:"authsaml.html#exported_attributes",id:tpl+"s/"+key+"/"+"samlIDPMetaDataExportedAttributes",title:"samlIDPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAdaptSessionUtime",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAdaptSessionUtime",title:"samlIDPMetaDataOptionsAdaptSessionUtime",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceUTF8",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceUTF8",title:"samlIDPMetaDataOptionsForceUTF8",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsStoreSAMLToken",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsStoreSAMLToken",title:"samlIDPMetaDataOptionsStoreSAMLToken",type:"bool"},{get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsUserAttribute",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsUserAttribute",title:"samlIDPMetaDataOptionsUserAttribute"}],id:"samlIDPMetaDataOptionsSession",title:"samlIDPMetaDataOptionsSession",type:"simpleInputContainer"},{_nodes:[{default:-1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSSOMessage",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSSOMessage",title:"samlIDPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSSOMessageSignature",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSSOMessageSignature",title:"samlIDPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSLOMessage",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSLOMessage",title:"samlIDPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSLOMessageSignature",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSLOMessageSignature",title:"samlIDPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlIDPMetaDataOptionsSignature",title:"samlIDPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSSOBinding",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSSOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"artifact-get",v:"Artifact GET"}],title:"samlIDPMetaDataOptionsSSOBinding",type:"select"},{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSLOBinding",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSLOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"http-soap",v:"SOAP"}],title:"samlIDPMetaDataOptionsSLOBinding",type:"select"}],id:"samlIDPMetaDataOptionsBinding",title:"samlIDPMetaDataOptionsBinding",type:"simpleInputContainer"},{_nodes:[{default:"none",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsEncryptionMode",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlIDPMetaDataOptionsEncryptionMode",type:"select"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckTime",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckTime",title:"samlIDPMetaDataOptionsCheckTime",type:"bool"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckAudience",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckAudience",title:"samlIDPMetaDataOptionsCheckAudience",type:"bool"}],id:"samlIDPMetaDataOptionsSecurity",title:"samlIDPMetaDataOptionsSecurity",type:"simpleInputContainer"},{_nodes:[{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsResolutionRule",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsResolutionRule",title:"samlIDPMetaDataOptionsResolutionRule",type:"longtext"},{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsNameIDFormat",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlIDPMetaDataOptionsNameIDFormat",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceAuthn",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceAuthn",title:"samlIDPMetaDataOptionsForceAuthn",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIsPassive",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIsPassive",title:"samlIDPMetaDataOptionsIsPassive",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowProxiedAuthn",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowProxiedAuthn",title:"samlIDPMetaDataOptionsAllowProxiedAuthn",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowLoginFromIDP",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowLoginFromIDP",title:"samlIDPMetaDataOptionsAllowLoginFromIDP",type:"bool"},{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRequestedAuthnContext",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRequestedAuthnContext",select:[{k:"",v:""},{k:"kerberos",v:"Kerberos"},{k:"password-protected-transport",v:"Password protected transport"},{k:"password",v:"Password"},{k:"tls-client",v:"TLS client certificate"}],title:"samlIDPMetaDataOptionsRequestedAuthnContext",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRelayStateURL",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRelayStateURL",title:"samlIDPMetaDataOptionsRelayStateURL",type:"bool"}],help:"authsaml.html#options",id:"samlIDPMetaDataOptions",title:"samlIDPMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsDisplayName",title:"samlIDPMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIcon",title:"samlIDPMetaDataOptionsIcon"},{get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSortNumber",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSortNumber",title:"samlIDPMetaDataOptionsSortNumber",type:"int"}],id:"samlIDPMetaDataOptionsDisplay",title:"samlIDPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlSPMetaDataNode":return[{get:tpl+"s/"+key+"/"+"samlSPMetaDataXML",id:tpl+"s/"+key+"/"+"samlSPMetaDataXML",title:"samlSPMetaDataXML",type:"file"},{cnodes:tpl+"s/"+key+"/"+"samlSPMetaDataExportedAttributes",default:[],help:"idpsaml.html#exported_attributes",id:tpl+"s/"+key+"/"+"samlSPMetaDataExportedAttributes",title:"samlSPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{_nodes:[{default:"",get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDFormat",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlSPMetaDataOptionsNameIDFormat",type:"select"},{get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDSessionKey",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDSessionKey",title:"samlSPMetaDataOptionsNameIDSessionKey"},{default:0,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsOneTimeUse",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsOneTimeUse",title:"samlSPMetaDataOptionsOneTimeUse",type:"bool"},{default:72e3,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",type:"int"},{default:72e3,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNotOnOrAfterTimeout",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsNotOnOrAfterTimeout",type:"int"},{default:1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsForceUTF8",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsForceUTF8",title:"samlSPMetaDataOptionsForceUTF8",type:"bool"}],id:"samlSPMetaDataOptionsAuthnResponse",title:"samlSPMetaDataOptionsAuthnResponse",type:"simpleInputContainer"},{_nodes:[{default:-1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSSOMessage",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSSOMessage",title:"samlSPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSSOMessageSignature",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSSOMessageSignature",title:"samlSPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSLOMessage",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSLOMessage",title:"samlSPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSLOMessageSignature",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSLOMessageSignature",title:"samlSPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlSPMetaDataOptionsSignature",title:"samlSPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"none",get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEncryptionMode",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlSPMetaDataOptionsEncryptionMode",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEnableIDPInitiatedURL",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEnableIDPInitiatedURL",title:"samlSPMetaDataOptionsEnableIDPInitiatedURL",type:"bool"},{get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsRule",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsRule",title:"samlSPMetaDataOptionsRule"}],id:"samlSPMetaDataOptionsSecurity",title:"samlSPMetaDataOptionsSecurity",type:"simpleInputContainer"}],help:"idpsaml.html#options",id:"samlSPMetaDataOptions",title:"samlSPMetaDataOptions"}];case"virtualHost":return[{cnodes:tpl+"s/"+key+"/"+"locationRules",default:[{data:"deny",id:tpl+"s/"+key+"/"+"locationRules/default",re:"default",title:"default",type:"rule"}],help:"writingrulesand_headers.html#rules",id:tpl+"s/"+key+"/"+"locationRules",title:"locationRules",type:"ruleContainer"},{cnodes:tpl+"s/"+key+"/"+"exportedHeaders",help:"writingrulesand_headers.html#headers",id:tpl+"s/"+key+"/"+"exportedHeaders",title:"exportedHeaders",type:"keyTextContainer"},{cnodes:tpl+"s/"+key+"/"+"post",help:"formreplay.html",id:tpl+"s/"+key+"/"+"post",title:"post",type:"postContainer"},{_nodes:[{default:-1,get:tpl+"s/"+key+"/"+"vhostPort",id:tpl+"s/"+key+"/"+"vhostPort",title:"vhostPort",type:"int"},{default:-1,get:tpl+"s/"+key+"/"+"vhostHttps",id:tpl+"s/"+key+"/"+"vhostHttps",title:"vhostHttps",type:"trool"},{default:0,get:tpl+"s/"+key+"/"+"vhostMaintenance",id:tpl+"s/"+key+"/"+"vhostMaintenance",title:"vhostMaintenance",type:"bool"},{get:tpl+"s/"+key+"/"+"vhostAliases",id:tpl+"s/"+key+"/"+"vhostAliases",title:"vhostAliases"},{default:"Main",get:tpl+"s/"+key+"/"+"vhostType",id:tpl+"s/"+key+"/"+"vhostType",select:[{k:"Main",v:"Main"},{k:"Zimbra",v:"ZimbraPreAuth"},{k:"AuthBasic",v:"AuthBasic"},{k:"SecureToken",v:"SecureToken"},{k:"CDA",v:"CDA"},{k:"DevOps",v:"DevOps"},{k:"DevOpsST",v:"DevOpsST"},{k:"ServiceToken",v:"ServiceToken"}],title:"vhostType",type:"select"},{get:tpl+"s/"+key+"/"+"vhostAuthnLevel",id:tpl+"s/"+key+"/"+"vhostAuthnLevel",title:"vhostAuthnLevel",type:"int"}],help:"configvhost.html#options",id:"vhostOptions",title:"vhostOptions",type:"simpleInputContainer"}];default:return[]}}function setScopeVars(scope){scope.portal=scope.data[0]._nodes[0]._nodes[0];scope.getKey(scope.portal);scope.domain=scope.data[0]._nodes[4]._nodes[1];scope.getKey(scope.domain)} +function templates(tpl,key){var ind;var scalarTemplate=function(r){return{id:tpl+"s/"+ind++,title:r,get:tpl+"s/"+key+"/"+r}};switch(tpl){case"casAppMetaDataNode":return[{_nodes:[{get:tpl+"s/"+key+"/"+"casAppMetaDataOptionsService",id:tpl+"s/"+key+"/"+"casAppMetaDataOptionsService",title:"casAppMetaDataOptionsService"},{get:tpl+"s/"+key+"/"+"casAppMetaDataOptionsRule",id:tpl+"s/"+key+"/"+"casAppMetaDataOptionsRule",title:"casAppMetaDataOptionsRule"}],id:"casAppMetaDataOptions",title:"casAppMetaDataOptions",type:"simpleInputContainer"},{cnodes:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars",default:[{data:"cn",id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:tpl+"s/"+key+"/"+"casAppMetaDataExportedVars",title:"casAppMetaDataExportedVars",type:"keyTextContainer"}];case"casSrvMetaDataNode":return[{cnodes:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars",default:[{data:"cn",id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:tpl+"s/"+key+"/"+"casSrvMetaDataExportedVars",title:"casSrvMetaDataExportedVars",type:"keyTextContainer"},{cnodes:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsProxiedServices",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsProxiedServices",title:"casSrvMetaDataOptionsProxiedServices",type:"keyTextContainer"},{_nodes:[{get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsUrl",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsUrl",title:"casSrvMetaDataOptionsUrl"},{default:0,get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsRenew",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsRenew",title:"casSrvMetaDataOptionsRenew",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsGateway",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsGateway",title:"casSrvMetaDataOptionsGateway",type:"bool"}],id:"casSrvMetaDataOptions",title:"casSrvMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsDisplayName",title:"casSrvMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsIcon",title:"casSrvMetaDataOptionsIcon"},{get:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsSortNumber",id:tpl+"s/"+key+"/"+"casSrvMetaDataOptionsSortNumber",title:"casSrvMetaDataOptionsSortNumber",type:"int"}],id:"casSrvMetaDataOptionsDisplay",title:"casSrvMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"oidcOPMetaDataNode":return[{get:tpl+"s/"+key+"/"+"oidcOPMetaDataJSON",id:tpl+"s/"+key+"/"+"oidcOPMetaDataJSON",title:"oidcOPMetaDataJSON",type:"file"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataJWKS",id:tpl+"s/"+key+"/"+"oidcOPMetaDataJWKS",title:"oidcOPMetaDataJWKS",type:"file"},{cnodes:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars",default:[{data:"name",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"email",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"family_name",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/sn",title:"sn",type:"keyText"},{data:"sub",id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:tpl+"s/"+key+"/"+"oidcOPMetaDataExportedVars",title:"oidcOPMetaDataExportedVars",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsConfigurationURI",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsConfigurationURI",title:"oidcOPMetaDataOptionsConfigurationURI"},{default:0,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsJWKSTimeout",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsJWKSTimeout",title:"oidcOPMetaDataOptionsJWKSTimeout",type:"int"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientID",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientID",title:"oidcOPMetaDataOptionsClientID"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientSecret",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsClientSecret",title:"oidcOPMetaDataOptionsClientSecret",type:"password"},{default:0,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsStoreIDToken",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsStoreIDToken",title:"oidcOPMetaDataOptionsStoreIDToken",type:"bool"}],id:"oidcOPMetaDataOptionsConfiguration",title:"oidcOPMetaDataOptionsConfiguration",type:"simpleInputContainer"},{_nodes:[{default:"openid profile",get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsScope",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsScope",title:"oidcOPMetaDataOptionsScope"},{default:"",get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplay",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplay",select:[{k:"",v:""},{k:"page",v:"page"},{k:"popup",v:"popup"},{k:"touch",v:"touch"},{k:"wap",v:"wap"}],title:"oidcOPMetaDataOptionsDisplay",type:"select"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsPrompt",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsPrompt",title:"oidcOPMetaDataOptionsPrompt"},{default:0,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsMaxAge",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsMaxAge",title:"oidcOPMetaDataOptionsMaxAge",type:"int"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUiLocales",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUiLocales",title:"oidcOPMetaDataOptionsUiLocales"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsAcrValues",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsAcrValues",title:"oidcOPMetaDataOptionsAcrValues"},{default:"client_secret_post",get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsTokenEndpointAuthMethod",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsTokenEndpointAuthMethod",select:[{k:"client_secret_post",v:"client_secret_post"},{k:"client_secret_basic",v:"client_secret_basic"}],title:"oidcOPMetaDataOptionsTokenEndpointAuthMethod",type:"select"},{default:1,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsCheckJWTSignature",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsCheckJWTSignature",title:"oidcOPMetaDataOptionsCheckJWTSignature",type:"bool"},{default:30,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIDTokenMaxAge",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIDTokenMaxAge",title:"oidcOPMetaDataOptionsIDTokenMaxAge",type:"int"},{default:1,get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUseNonce",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsUseNonce",title:"oidcOPMetaDataOptionsUseNonce",type:"bool"}],id:"oidcOPMetaDataOptionsProtocol",title:"oidcOPMetaDataOptionsProtocol",type:"simpleInputContainer"}],id:"oidcOPMetaDataOptions",title:"oidcOPMetaDataOptions"},{_nodes:[{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsDisplayName",title:"oidcOPMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsIcon",title:"oidcOPMetaDataOptionsIcon"},{get:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsSortNumber",id:tpl+"s/"+key+"/"+"oidcOPMetaDataOptionsSortNumber",title:"oidcOPMetaDataOptionsSortNumber",type:"int"}],id:"oidcOPMetaDataOptionsDisplayParams",title:"oidcOPMetaDataOptionsDisplayParams",type:"simpleInputContainer"}];case"oidcRPMetaDataNode":return[{cnodes:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars",default:[{data:"mail",id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars/email",title:"email",type:"keyText"},{data:"sn",id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars/family_name",title:"family_name",type:"keyText"},{data:"cn",id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars/name",title:"name",type:"keyText"}],id:tpl+"s/"+key+"/"+"oidcRPMetaDataExportedVars",title:"oidcRPMetaDataExportedVars",type:"keyTextContainer"},{cnodes:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsExtraClaims",default:[],id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsExtraClaims",title:"oidcRPMetaDataOptionsExtraClaims",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientID",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientID",title:"oidcRPMetaDataOptionsClientID"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientSecret",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsClientSecret",title:"oidcRPMetaDataOptionsClientSecret",type:"password"}],id:"oidcRPMetaDataOptionsAuthentication",title:"oidcRPMetaDataOptionsAuthentication",type:"simpleInputContainer"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsUserIDAttr",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsUserIDAttr",title:"oidcRPMetaDataOptionsUserIDAttr"},{default:"HS512",get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenSignAlg",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenSignAlg",select:[{k:"none",v:"None"},{k:"HS256",v:"HS256"},{k:"HS384",v:"HS384"},{k:"HS512",v:"HS512"},{k:"RS256",v:"RS256"},{k:"RS384",v:"RS384"},{k:"RS512",v:"RS512"}],title:"oidcRPMetaDataOptionsIDTokenSignAlg",type:"select"},{default:3600,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenExpiration",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIDTokenExpiration",title:"oidcRPMetaDataOptionsIDTokenExpiration",type:"int"},{default:3600,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsAccessTokenExpiration",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsAccessTokenExpiration",title:"oidcRPMetaDataOptionsAccessTokenExpiration",type:"int"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRedirectUris",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRedirectUris",title:"oidcRPMetaDataOptionsRedirectUris"},{default:0,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsBypassConsent",help:"openidconnectclaims.html",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsBypassConsent",title:"oidcRPMetaDataOptionsBypassConsent",type:"bool"},{_nodes:[{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsPostLogoutRedirectUris",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsPostLogoutRedirectUris",title:"oidcRPMetaDataOptionsPostLogoutRedirectUris"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutUrl",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutUrl",title:"oidcRPMetaDataOptionsLogoutUrl"},{default:"front",get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutType",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutType",select:[{k:"front",v:"Front Channel"},{k:"back",v:"Back Channel"}],title:"oidcRPMetaDataOptionsLogoutType",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutSessionRequired",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutSessionRequired",title:"oidcRPMetaDataOptionsLogoutSessionRequired",type:"bool"}],id:"logout",title:"logout",type:"simpleInputContainer"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRule",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsRule",title:"oidcRPMetaDataOptionsRule"}],id:"oidcRPMetaDataOptions",title:"oidcRPMetaDataOptions"},{_nodes:[{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsDisplayName",title:"oidcRPMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsIcon",title:"oidcRPMetaDataOptionsIcon"}],id:"oidcRPMetaDataOptionsDisplay",title:"oidcRPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlIDPMetaDataNode":return[{get:tpl+"s/"+key+"/"+"samlIDPMetaDataXML",id:tpl+"s/"+key+"/"+"samlIDPMetaDataXML",title:"samlIDPMetaDataXML",type:"file"},{cnodes:tpl+"s/"+key+"/"+"samlIDPMetaDataExportedAttributes",default:[],help:"authsaml.html#exported_attributes",id:tpl+"s/"+key+"/"+"samlIDPMetaDataExportedAttributes",title:"samlIDPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAdaptSessionUtime",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAdaptSessionUtime",title:"samlIDPMetaDataOptionsAdaptSessionUtime",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceUTF8",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceUTF8",title:"samlIDPMetaDataOptionsForceUTF8",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsStoreSAMLToken",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsStoreSAMLToken",title:"samlIDPMetaDataOptionsStoreSAMLToken",type:"bool"},{get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsUserAttribute",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsUserAttribute",title:"samlIDPMetaDataOptionsUserAttribute"}],id:"samlIDPMetaDataOptionsSession",title:"samlIDPMetaDataOptionsSession",type:"simpleInputContainer"},{_nodes:[{default:-1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSSOMessage",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSSOMessage",title:"samlIDPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSSOMessageSignature",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSSOMessageSignature",title:"samlIDPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSLOMessage",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSignSLOMessage",title:"samlIDPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSLOMessageSignature",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckSLOMessageSignature",title:"samlIDPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlIDPMetaDataOptionsSignature",title:"samlIDPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSSOBinding",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSSOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"artifact-get",v:"Artifact GET"}],title:"samlIDPMetaDataOptionsSSOBinding",type:"select"},{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSLOBinding",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSLOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"http-soap",v:"SOAP"}],title:"samlIDPMetaDataOptionsSLOBinding",type:"select"}],id:"samlIDPMetaDataOptionsBinding",title:"samlIDPMetaDataOptionsBinding",type:"simpleInputContainer"},{_nodes:[{default:"none",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsEncryptionMode",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlIDPMetaDataOptionsEncryptionMode",type:"select"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckTime",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckTime",title:"samlIDPMetaDataOptionsCheckTime",type:"bool"},{default:1,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckAudience",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsCheckAudience",title:"samlIDPMetaDataOptionsCheckAudience",type:"bool"}],id:"samlIDPMetaDataOptionsSecurity",title:"samlIDPMetaDataOptionsSecurity",type:"simpleInputContainer"},{_nodes:[{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsResolutionRule",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsResolutionRule",title:"samlIDPMetaDataOptionsResolutionRule",type:"longtext"},{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsNameIDFormat",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlIDPMetaDataOptionsNameIDFormat",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceAuthn",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsForceAuthn",title:"samlIDPMetaDataOptionsForceAuthn",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIsPassive",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIsPassive",title:"samlIDPMetaDataOptionsIsPassive",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowProxiedAuthn",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowProxiedAuthn",title:"samlIDPMetaDataOptionsAllowProxiedAuthn",type:"bool"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowLoginFromIDP",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsAllowLoginFromIDP",title:"samlIDPMetaDataOptionsAllowLoginFromIDP",type:"bool"},{default:"",get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRequestedAuthnContext",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRequestedAuthnContext",select:[{k:"",v:""},{k:"kerberos",v:"Kerberos"},{k:"password-protected-transport",v:"Password protected transport"},{k:"password",v:"Password"},{k:"tls-client",v:"TLS client certificate"}],title:"samlIDPMetaDataOptionsRequestedAuthnContext",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRelayStateURL",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsRelayStateURL",title:"samlIDPMetaDataOptionsRelayStateURL",type:"bool"}],help:"authsaml.html#options",id:"samlIDPMetaDataOptions",title:"samlIDPMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsDisplayName",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsDisplayName",title:"samlIDPMetaDataOptionsDisplayName"},{get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIcon",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsIcon",title:"samlIDPMetaDataOptionsIcon"},{get:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSortNumber",id:tpl+"s/"+key+"/"+"samlIDPMetaDataOptionsSortNumber",title:"samlIDPMetaDataOptionsSortNumber",type:"int"}],id:"samlIDPMetaDataOptionsDisplay",title:"samlIDPMetaDataOptionsDisplay",type:"simpleInputContainer"}];case"samlSPMetaDataNode":return[{get:tpl+"s/"+key+"/"+"samlSPMetaDataXML",id:tpl+"s/"+key+"/"+"samlSPMetaDataXML",title:"samlSPMetaDataXML",type:"file"},{cnodes:tpl+"s/"+key+"/"+"samlSPMetaDataExportedAttributes",default:[],help:"idpsaml.html#exported_attributes",id:tpl+"s/"+key+"/"+"samlSPMetaDataExportedAttributes",title:"samlSPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{_nodes:[{default:"",get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDFormat",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlSPMetaDataOptionsNameIDFormat",type:"select"},{get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDSessionKey",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNameIDSessionKey",title:"samlSPMetaDataOptionsNameIDSessionKey"},{default:0,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsOneTimeUse",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsOneTimeUse",title:"samlSPMetaDataOptionsOneTimeUse",type:"bool"},{default:72e3,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",type:"int"},{default:72e3,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNotOnOrAfterTimeout",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsNotOnOrAfterTimeout",type:"int"},{default:1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsForceUTF8",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsForceUTF8",title:"samlSPMetaDataOptionsForceUTF8",type:"bool"}],id:"samlSPMetaDataOptionsAuthnResponse",title:"samlSPMetaDataOptionsAuthnResponse",type:"simpleInputContainer"},{_nodes:[{default:-1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSSOMessage",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSSOMessage",title:"samlSPMetaDataOptionsSignSSOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSSOMessageSignature",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSSOMessageSignature",title:"samlSPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{default:-1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSLOMessage",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsSignSLOMessage",title:"samlSPMetaDataOptionsSignSLOMessage",type:"trool"},{default:1,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSLOMessageSignature",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsCheckSLOMessageSignature",title:"samlSPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlSPMetaDataOptionsSignature",title:"samlSPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{default:"none",get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEncryptionMode",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlSPMetaDataOptionsEncryptionMode",type:"select"},{default:0,get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEnableIDPInitiatedURL",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsEnableIDPInitiatedURL",title:"samlSPMetaDataOptionsEnableIDPInitiatedURL",type:"bool"},{get:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsRule",id:tpl+"s/"+key+"/"+"samlSPMetaDataOptionsRule",title:"samlSPMetaDataOptionsRule"}],id:"samlSPMetaDataOptionsSecurity",title:"samlSPMetaDataOptionsSecurity",type:"simpleInputContainer"}],help:"idpsaml.html#options",id:"samlSPMetaDataOptions",title:"samlSPMetaDataOptions"}];case"virtualHost":return[{cnodes:tpl+"s/"+key+"/"+"locationRules",default:[{data:"deny",id:tpl+"s/"+key+"/"+"locationRules/default",re:"default",title:"default",type:"rule"}],help:"writingrulesand_headers.html#rules",id:tpl+"s/"+key+"/"+"locationRules",title:"locationRules",type:"ruleContainer"},{cnodes:tpl+"s/"+key+"/"+"exportedHeaders",help:"writingrulesand_headers.html#headers",id:tpl+"s/"+key+"/"+"exportedHeaders",title:"exportedHeaders",type:"keyTextContainer"},{cnodes:tpl+"s/"+key+"/"+"post",help:"formreplay.html",id:tpl+"s/"+key+"/"+"post",title:"post",type:"postContainer"},{_nodes:[{default:-1,get:tpl+"s/"+key+"/"+"vhostPort",id:tpl+"s/"+key+"/"+"vhostPort",title:"vhostPort",type:"int"},{default:-1,get:tpl+"s/"+key+"/"+"vhostHttps",id:tpl+"s/"+key+"/"+"vhostHttps",title:"vhostHttps",type:"trool"},{default:0,get:tpl+"s/"+key+"/"+"vhostMaintenance",id:tpl+"s/"+key+"/"+"vhostMaintenance",title:"vhostMaintenance",type:"bool"},{get:tpl+"s/"+key+"/"+"vhostAliases",id:tpl+"s/"+key+"/"+"vhostAliases",title:"vhostAliases"},{default:"Main",get:tpl+"s/"+key+"/"+"vhostType",id:tpl+"s/"+key+"/"+"vhostType",select:[{k:"Main",v:"Main"},{k:"Zimbra",v:"ZimbraPreAuth"},{k:"AuthBasic",v:"AuthBasic"},{k:"SecureToken",v:"SecureToken"},{k:"CDA",v:"CDA"},{k:"DevOps",v:"DevOps"},{k:"DevOpsST",v:"DevOpsST"},{k:"ServiceToken",v:"ServiceToken"}],title:"vhostType",type:"select"},{get:tpl+"s/"+key+"/"+"vhostAuthnLevel",id:tpl+"s/"+key+"/"+"vhostAuthnLevel",title:"vhostAuthnLevel",type:"int"}],help:"configvhost.html#options",id:"vhostOptions",title:"vhostOptions",type:"simpleInputContainer"}];default:return[]}}function setScopeVars(scope){scope.portal=scope.data[0]._nodes[0]._nodes[0];scope.getKey(scope.portal);scope.domain=scope.data[0]._nodes[4]._nodes[1];scope.getKey(scope.domain)} diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json index 225156788..eb9304a97 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json @@ -128,6 +128,7 @@ "casSrvMetaDataOptionsDisplayName":"الاسم المطلوب عرضه", "casSrvMetaDataOptionsGateway":"بوابة إثبات الهوية", "casSrvMetaDataOptionsIcon":"مسارالأيقونة", +"casSrvMetaDataOptionsSortNumber":"Order", "casSrvMetaDataOptionsRenew":"تجديد إثبات الهوية", "casSrvMetaDataOptionsProxiedServices":"خدمات البروكسي", "casSrvMetaDataOptionsUrl":" يو أر ل الخادم", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/de.json b/lemonldap-ng-manager/site/htdocs/static/languages/de.json index cee961ee6..ba57ff182 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/de.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/de.json @@ -128,6 +128,7 @@ "casSrvMetaDataOptionsDisplayName":"Angezeigter Name", "casSrvMetaDataOptionsGateway":"Gateway authentication", "casSrvMetaDataOptionsIcon":"Icon path", +"casSrvMetaDataOptionsSortNumber":"Order", "casSrvMetaDataOptionsRenew":"Renew authentication", "casSrvMetaDataOptionsProxiedServices":"Proxied services", "casSrvMetaDataOptionsUrl":"Server URL", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/en.json b/lemonldap-ng-manager/site/htdocs/static/languages/en.json index 0d586099d..d60cca61d 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/en.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/en.json @@ -128,6 +128,7 @@ "casSrvMetaDataOptionsDisplayName":"Name to display", "casSrvMetaDataOptionsGateway":"Gateway authentication", "casSrvMetaDataOptionsIcon":"Icon path", +"casSrvMetaDataOptionsSortNumber":"Order", "casSrvMetaDataOptionsRenew":"Renew authentication", "casSrvMetaDataOptionsProxiedServices":"Proxied services", "casSrvMetaDataOptionsUrl":"Server URL", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json index 7276eb4d1..328a0fbd2 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json @@ -128,6 +128,7 @@ "casSrvMetaDataOptionsDisplayName":"Nom à afficher", "casSrvMetaDataOptionsGateway":"Authentification transparente", "casSrvMetaDataOptionsIcon":"Chemin de l'icône", +"casSrvMetaDataOptionsSortNumber":"Ordre", "casSrvMetaDataOptionsRenew":"Renouveller l'authentification", "casSrvMetaDataOptionsProxiedServices":"Services mandatés", "casSrvMetaDataOptionsUrl":"URL du serveur", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/it.json b/lemonldap-ng-manager/site/htdocs/static/languages/it.json index 127cf30e4..45b3fb473 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/it.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/it.json @@ -128,6 +128,7 @@ "casSrvMetaDataOptionsDisplayName":"Nome da visualizzare", "casSrvMetaDataOptionsGateway":"Autenticazione gateway", "casSrvMetaDataOptionsIcon":"Path icona", +"casSrvMetaDataOptionsSortNumber":"Order", "casSrvMetaDataOptionsRenew":"Rinnova l'autenticazione", "casSrvMetaDataOptionsProxiedServices":"Servizi Proxied", "casSrvMetaDataOptionsUrl":"URL del server", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json index 1fede8b3d..9b989c49f 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json @@ -128,6 +128,7 @@ "casSrvMetaDataOptionsDisplayName":"Tên để hiển thị", "casSrvMetaDataOptionsGateway":"Xác thực Gateway", "casSrvMetaDataOptionsIcon":"Đường dẫn Icon", +"casSrvMetaDataOptionsSortNumber":"Order", "casSrvMetaDataOptionsRenew":"Gia hạn chứng thực", "casSrvMetaDataOptionsProxiedServices":"Dịch vụ proxy", "casSrvMetaDataOptionsUrl":"URL máy chủ", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json index 6c1278391..8f07c908c 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json @@ -128,6 +128,7 @@ "casSrvMetaDataOptionsDisplayName":"显示名称", "casSrvMetaDataOptionsGateway":"网关认证", "casSrvMetaDataOptionsIcon":"图标路径", +"casSrvMetaDataOptionsSortNumber":"Order", "casSrvMetaDataOptionsRenew":"Renew authentication", "casSrvMetaDataOptionsProxiedServices":"代理服务", "casSrvMetaDataOptionsUrl":"服务器 URL", diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/CAS.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/CAS.pm index 2847f7767..f06f1227b 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/CAS.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/CAS.pm @@ -44,6 +44,8 @@ sub init { ->{casSrvMetaDataOptionsDisplayName}; my $icon = $self->conf->{casSrvMetaDataOptions}->{$_} ->{casSrvMetaDataOptionsIcon}; + my $order = $self->conf->{casSrvMetaDataOptions}->{$_} + ->{casSrvMetaDataOptionsSortNumber}; my $img_src; if ($icon) { @@ -52,15 +54,21 @@ sub init { ? $icon : $portalPath . $self->p->staticPrefix . "/common/" . $icon; } - push @list, { val => $_, name => $name, icon => $img_src, + order => $order, class => "openidconnect", }; } + @list = + sort { + $a->{order} <=> $b->{order} + or $a->{name} cmp $b->{name} + or $a->{val} cmp $b->{val} + } @list; $self->srvList( \@list ); return 1; } From 026fcd9f760c102613f3d00ce9274b5a5b0be24a Mon Sep 17 00:00:00 2001 From: maudoux Date: Wed, 10 Apr 2019 22:14:46 +0200 Subject: [PATCH 13/32] Fix warnings (#1704) --- .../lib/Lemonldap/NG/Portal/Auth/CAS.pm | 8 ++++++-- .../lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm | 10 +++++++--- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/CAS.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/CAS.pm index f06f1227b..fc5753362 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/CAS.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/CAS.pm @@ -40,12 +40,16 @@ sub init { $portalPath =~ s#^https?://[^/]+/?#/#; foreach (@tab) { - my $name = $self->conf->{casSrvMetaDataOptions}->{$_} + my $name = $_; + $name = + $self->conf->{casSrvMetaDataOptions}->{$_} + ->{casSrvMetaDataOptionsDisplayName} + if $self->conf->{casSrvMetaDataOptions}->{$_} ->{casSrvMetaDataOptionsDisplayName}; my $icon = $self->conf->{casSrvMetaDataOptions}->{$_} ->{casSrvMetaDataOptionsIcon}; my $order = $self->conf->{casSrvMetaDataOptions}->{$_} - ->{casSrvMetaDataOptionsSortNumber}; + ->{casSrvMetaDataOptionsSortNumber} // 0; my $img_src; if ($icon) { diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm index b212a7fba..607564f9f 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/OpenIDConnect.pm @@ -16,7 +16,7 @@ extends 'Lemonldap::NG::Portal::Main::Auth', # INTERFACE -has opList => ( is => 'rw', default => sub { [] } ); +has opList => ( is => 'rw', default => sub { [] } ); has opNumber => ( is => 'rw', default => 0 ); has path => ( is => 'rw', default => 'oauth2' ); @@ -41,12 +41,16 @@ sub init { #$portalPath =~ s#^https?://[^/]+/?#/#; foreach (@tab) { - my $name = $self->conf->{oidcOPMetaDataOptions}->{$_} + my $name = $_; + $name = + $self->conf->{oidcOPMetaDataOptions}->{$_} + ->{oidcOPMetaDataOptionsDisplayName} + if $self->conf->{oidcOPMetaDataOptions}->{$_} ->{oidcOPMetaDataOptionsDisplayName}; my $icon = $self->conf->{oidcOPMetaDataOptions}->{$_} ->{oidcOPMetaDataOptionsIcon}; my $order = $self->conf->{oidcOPMetaDataOptions}->{$_} - ->{oidcOPMetaDataOptionsSortNumber}; + ->{oidcOPMetaDataOptionsSortNumber} // 0; my $img_src; if ($icon) { From 74a3b4a2422b9153367a57c896e61520fec347d6 Mon Sep 17 00:00:00 2001 From: maudoux Date: Wed, 10 Apr 2019 22:50:34 +0200 Subject: [PATCH 14/32] Improve unit test (#1704) --- .../t/30-Auth-SAML-with-choice.t | 36 +++++++++++++++++-- 1 file changed, 34 insertions(+), 2 deletions(-) diff --git a/lemonldap-ng-portal/t/30-Auth-SAML-with-choice.t b/lemonldap-ng-portal/t/30-Auth-SAML-with-choice.t index 0403148aa..0176ac9b5 100644 --- a/lemonldap-ng-portal/t/30-Auth-SAML-with-choice.t +++ b/lemonldap-ng-portal/t/30-Auth-SAML-with-choice.t @@ -12,7 +12,7 @@ BEGIN { require 't/saml-lib.pm'; } -my $maintests = 20; +my $maintests = 23; my $debug = 'error'; my %handlerOR = ( issuer => [], sp => [] ); @@ -64,6 +64,12 @@ SKIP: { or explain( $res->[1], 'Set-Cookie => lemonldapidp=0; domain=.sp.com; path=/; expires=-1d' ); ( $host, $url, $query ) = expectForm( $res, undef, undef, 'confirm', ); + + # IDP must be sorted + my @idp = map /val="http:\/\/(.+?)\/saml\/metadata">/g, $res->[2]->[0]; + ok( $idp[0] eq 'auth.idp2.com', ) or print STDERR Dumper( \@idp ); + ok( $idp[1] eq 'auth.idp3.com', ) or print STDERR Dumper( \@idp ); + ok( $idp[2] eq 'auth.idp.com', ) or print STDERR Dumper( \@idp ); ok( $res->[2]->[0] =~ m%IDP2%, @@ -248,6 +254,11 @@ sub sp { uid => "1;uid", cn => "0;cn" }, + idp3 => { + mail => "0;mail;;", + uid => "1;uid", + cn => "0;cn" + }, }, samlIDPMetaDataOptions => { idp => { @@ -259,6 +270,7 @@ sub sp { samlIDPMetaDataOptionsCheckSSOMessageSignature => 1, samlIDPMetaDataOptionsCheckSLOMessageSignature => 1, samlIDPMetaDataOptionsForceUTF8 => 1, + samlIDPMetaDataOptionsSortNumber => 2, samlIDPMetaDataOptionsDisplayName => 'idp_Test_DisplayName', @@ -274,6 +286,18 @@ sub sp { samlIDPMetaDataOptionsForceUTF8 => 1, samlIDPMetaDataOptionsIcon => 'icons/sfa_manager.png', }, + idp3 => { + samlIDPMetaDataOptionsEncryptionMode => 'none', + samlIDPMetaDataOptionsSSOBinding => 'post', + samlIDPMetaDataOptionsSLOBinding => 'post', + samlIDPMetaDataOptionsSignSSOMessage => 1, + samlIDPMetaDataOptionsSignSLOMessage => 1, + samlIDPMetaDataOptionsCheckSSOMessageSignature => 1, + samlIDPMetaDataOptionsCheckSLOMessageSignature => 1, + samlIDPMetaDataOptionsForceUTF8 => 1, + samlIDPMetaDataOptionsSortNumber => 1, + samlIDPMetaDataOptionsDisplayName => 'Test_Sort', + }, }, samlIDPMetaDataExportedAttributes => { idp => { @@ -284,6 +308,10 @@ sub sp { "uid" => "0;uid;;", "cn" => "1;cn;;", }, + idp3 => { + "uid" => "0;uid;;", + "cn" => "1;cn;;", + }, }, samlIDPMetaDataXML => { idp => { @@ -293,7 +321,11 @@ sub sp { idp2 => { samlIDPMetaDataXML => samlIDPMetaDataXML( 'idp2', 'HTTP-POST' ) - } + }, + idp3 => { + samlIDPMetaDataXML => + samlIDPMetaDataXML( 'idp3', 'HTTP-POST' ) + }, }, samlOrganizationDisplayName => "SP", samlOrganizationName => "SP", From 41c40cec02b202e849a8bf2a75eabe974742b2e1 Mon Sep 17 00:00:00 2001 From: maudoux Date: Wed, 10 Apr 2019 23:03:17 +0200 Subject: [PATCH 15/32] Improve unit test (#1704) --- .../t/30-Auth-SAML-with-choice.t | 33 ++++++++++++++++--- 1 file changed, 29 insertions(+), 4 deletions(-) diff --git a/lemonldap-ng-portal/t/30-Auth-SAML-with-choice.t b/lemonldap-ng-portal/t/30-Auth-SAML-with-choice.t index 0176ac9b5..545eef18a 100644 --- a/lemonldap-ng-portal/t/30-Auth-SAML-with-choice.t +++ b/lemonldap-ng-portal/t/30-Auth-SAML-with-choice.t @@ -12,7 +12,7 @@ BEGIN { require 't/saml-lib.pm'; } -my $maintests = 23; +my $maintests = 24; my $debug = 'error'; my %handlerOR = ( issuer => [], sp => [] ); @@ -67,9 +67,11 @@ SKIP: { # IDP must be sorted my @idp = map /val="http:\/\/(.+?)\/saml\/metadata">/g, $res->[2]->[0]; - ok( $idp[0] eq 'auth.idp2.com', ) or print STDERR Dumper( \@idp ); - ok( $idp[1] eq 'auth.idp3.com', ) or print STDERR Dumper( \@idp ); - ok( $idp[2] eq 'auth.idp.com', ) or print STDERR Dumper( \@idp ); + ok( $idp[0] eq 'auth.idp2.com', '1st = idp2' ) or print STDERR Dumper( \@idp ); + ok( $idp[1] eq 'auth.z_idp2.com', '2nd = z_idp2' ) or print STDERR Dumper( \@idp ); + ok( $idp[2] eq 'auth.idp3.com', '3rd = idp3' ) or print STDERR Dumper( \@idp ); + ok( $idp[3] eq 'auth.idp.com', '4th= idp' ) or print STDERR Dumper( \@idp ); + ok( $res->[2]->[0] =~ m%IDP2%, @@ -259,6 +261,11 @@ sub sp { uid => "1;uid", cn => "0;cn" }, + z_idp2 => { + mail => "0;mail;;", + uid => "1;uid", + cn => "0;cn" + }, }, samlIDPMetaDataOptions => { idp => { @@ -298,6 +305,16 @@ sub sp { samlIDPMetaDataOptionsSortNumber => 1, samlIDPMetaDataOptionsDisplayName => 'Test_Sort', }, + z_idp2 => { + samlIDPMetaDataOptionsEncryptionMode => 'none', + samlIDPMetaDataOptionsSSOBinding => 'post', + samlIDPMetaDataOptionsSLOBinding => 'post', + samlIDPMetaDataOptionsSignSSOMessage => 1, + samlIDPMetaDataOptionsSignSLOMessage => 1, + samlIDPMetaDataOptionsCheckSSOMessageSignature => 1, + samlIDPMetaDataOptionsCheckSLOMessageSignature => 1, + samlIDPMetaDataOptionsForceUTF8 => 1, + }, }, samlIDPMetaDataExportedAttributes => { idp => { @@ -312,6 +329,10 @@ sub sp { "uid" => "0;uid;;", "cn" => "1;cn;;", }, + z_idp2 => { + "uid" => "0;uid;;", + "cn" => "1;cn;;", + }, }, samlIDPMetaDataXML => { idp => { @@ -326,6 +347,10 @@ sub sp { samlIDPMetaDataXML => samlIDPMetaDataXML( 'idp3', 'HTTP-POST' ) }, + z_idp2 => { + samlIDPMetaDataXML => + samlIDPMetaDataXML( 'z_idp2', 'HTTP-POST' ) + }, }, samlOrganizationDisplayName => "SP", samlOrganizationName => "SP", From 38b7ed08e1400a61cd4835a0b3c8d988db2f0b85 Mon Sep 17 00:00:00 2001 From: Xavier Date: Thu, 11 Apr 2019 06:30:54 +0200 Subject: [PATCH 16/32] Update old changelog --- changelog | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/changelog b/changelog index f2940b027..42a56403c 100644 --- a/changelog +++ b/changelog @@ -11,8 +11,8 @@ lemonldap-ng (2.0.2) bionic; urgency=medium * #1618: Version in server signature is wrong * #1623: ADPwdExpireWarning and ADPwdMaxAge parameters are missing in Manager * #1627: Display issue with GrantSession plugin - * #1628: GrantSession plugin discloses its message to unlogged users - * #1630: SSO cookie is sent to protected applications with Nginx-based ReverseProxy + * #1628: [Security:minor] GrantSession plugin discloses its message to unlogged users + * #1630: [Security:minor] SSO cookie is sent to protected applications with Nginx-based ReverseProxy * #1636: SSL and Kerberos Auth Modules don t work with choice * #1639: User must change password on AD is broken * #1642: Unable to select skin from URL From dbfd1f14f7c7a2cb6cb12d6ef040cbaec97effca Mon Sep 17 00:00:00 2001 From: Xavier Guimard Date: Thu, 11 Apr 2019 09:24:47 +0200 Subject: [PATCH 17/32] Update doc --- .../current/applications/img/icons.png | 4 +- .../current/applications/img/loader.gif | 4 +- doc/pages/documentation/current/authcas.html | 4 +- .../current/authcombination.html | 37 ++++++++++++------- doc/pages/documentation/current/dos | 4 +- doc/pages/documentation/current/exploit | 4 +- doc/pages/documentation/current/mitm | 4 +- doc/pages/documentation/current/stayconnected | 4 +- 8 files changed, 38 insertions(+), 27 deletions(-) diff --git a/doc/pages/documentation/current/applications/img/icons.png b/doc/pages/documentation/current/applications/img/icons.png index 9405780a8..600317d42 100644 --- a/doc/pages/documentation/current/applications/img/icons.png +++ b/doc/pages/documentation/current/applications/img/icons.png @@ -90,7 +90,7 @@ +
    • @@ -262,7 +262,7 @@ You've followed a link to a topic that doesn't exist yet. If permissio -
    +
    diff --git a/doc/pages/documentation/current/applications/img/loader.gif b/doc/pages/documentation/current/applications/img/loader.gif index 7b8e422a6..1cd4ad2eb 100644 --- a/doc/pages/documentation/current/applications/img/loader.gif +++ b/doc/pages/documentation/current/applications/img/loader.gif @@ -90,7 +90,7 @@ +
    • @@ -262,7 +262,7 @@ You've followed a link to a topic that doesn't exist yet. If permissio -
    +
    diff --git a/doc/pages/documentation/current/authcas.html b/doc/pages/documentation/current/authcas.html index bccdd6064..cf4e290f5 100644 --- a/doc/pages/documentation/current/authcas.html +++ b/doc/pages/documentation/current/authcas.html @@ -4,7 +4,7 @@ documentation:2.0:authcas - + @@ -122,6 +122,8 @@ Then create the list of CAS
  • Icon: Path to CAS Server icon. Used only if you have more than 1 CAS server declared
    • +
  • Order: Number to sort CAS Servers display
    +
  • Proxied services: list of services for which a proxy ticket is requested:
    • Key: Service ID
      diff --git a/doc/pages/documentation/current/authcombination.html b/doc/pages/documentation/current/authcombination.html index 5ae186af9..9b2d2c3f2 100644 --- a/doc/pages/documentation/current/authcombination.html +++ b/doc/pages/documentation/current/authcombination.html @@ -4,7 +4,7 @@ documentation:2.0:authcombination - + @@ -159,11 +159,20 @@ For example:

    • -Usually, you can't declare two modules of the same type if they don't have the same parameters. For example, usually you can't declare a MySQL DBI and a PostgreSQL DBI, because there is no extra field for PostgreSQL parameters. Now with Combination, you can declare some overloaded parameters. For example, if DBI is configured to use PostgreSQL but DB2 is a MySQL DB, you can override the “dbiChain” parameter. +Usually, you can't declare two modules of the same type if they don't have the same parameters. For example, usually you can't declare a MySQL DBI and a PostgreSQL DBI, because there is no extra field for PostgreSQL parameters. Now with Combination, you can declare some overloaded parameters.

    +

    +For example, if DBI is configured to use PostgreSQL but DB2 is a MySQL DB, you can override the “dbiChain” parameter. +

    + +

    +You can also override a complex key like ldapExportedVars, by setting a JSON value: +

    +
    {"cn" => "cn", "uid" => "sAMAccounName", "mail" => "mail"}
    + - +

    Rule chain

    @@ -212,7 +221,7 @@ Remember that schemes in rules are the names declared above. [mySSL and myLDAP, myLDAP ] Use mySSL and myLDAP to authentify, myLDAP to get user
    -
    Note that “or” can't be used inside a scheme. +
    Note that “or” can't be used inside a scheme. If you think to “[mySSL or myLDAP, myLDAP]”, you must write [mySSL, myLDAP] or [myLDAP, myLDAP]
    @@ -228,7 +237,7 @@ If you think to “[mySSL or myLDAP, myLDAP]”, you must write [mySSL, my
    [myDBI1] and [myDBI2] or [myLDAP] and [myDBI2] Try myDBI1 and myDBI2, if it fails, try myLDAP and myDBI2
    -
    You can't use brackets in a boolean expression and “and” has precedence on “or”. +
    You can't use brackets in a boolean expression and “and” has precedence on “or”.

    If you think to “( [myLDAP] or [myDBI1] ) and [myDBI2]”, you must write [myLDAP] and [myDBI2] or [myDBI1] and [myDBI2]

    @@ -255,7 +264,7 @@ Test can use only the $env variable. It contains the FastCGI enviro if($env->{REMOTE_ADDR} =~ /^10\./) then [myLDAP] else if($env->{REMOTE_ADDR} =~ /^192/) then [myDBI1] else [myDBI2] Chain tests
    -
    Note that brackets can't be used except to enclose test. +
    Note that brackets can't be used except to enclose test.

    If you wants to write if(...) then if..., you must write if(not ...) then ... else if(...)...

    @@ -275,7 +284,7 @@ The following rule is valid:

    - +

    Combine second factor

    @@ -300,7 +309,7 @@ Now if you want to authenticate users either by LDAP or LDAP+U2F (to have 2
    - +

    Display multiple forms

    @@ -311,12 +320,12 @@ Combination module returns the form corresponding to the first authentication sc combinationForms = standardform, openidform
    - +

    Known problems

    - +

    Federation protocols

    @@ -336,9 +345,9 @@ Combination module returns the form corresponding to the first authentication sc [SAML] and [LDAP] or [LDAP] [SAML, SAML and LDAP] or [LDAP] Authentication is done by SAML or LDAP but user must match an LDAP entry
    - +
    - +

    Auth::Apache authentication

    @@ -356,7 +365,7 @@ To bypass this, follow the documentation of +

    SSL authentication

    @@ -365,6 +374,6 @@ To chain SSL, you have to set “SSLRequire optional” in Apache configuration,

    -
    +
    diff --git a/doc/pages/documentation/current/dos b/doc/pages/documentation/current/dos index 33d2f5511..31e174c2c 100644 --- a/doc/pages/documentation/current/dos +++ b/doc/pages/documentation/current/dos @@ -90,7 +90,7 @@ +
    • @@ -262,7 +262,7 @@ You've followed a link to a topic that doesn't exist yet. If permissio -
    +
    diff --git a/doc/pages/documentation/current/exploit b/doc/pages/documentation/current/exploit index 5583e0d2c..870055030 100644 --- a/doc/pages/documentation/current/exploit +++ b/doc/pages/documentation/current/exploit @@ -90,7 +90,7 @@ +
    • @@ -262,7 +262,7 @@ You've followed a link to a topic that doesn't exist yet. If permissio -
    +
    diff --git a/doc/pages/documentation/current/mitm b/doc/pages/documentation/current/mitm index 849a59024..eacfe4863 100644 --- a/doc/pages/documentation/current/mitm +++ b/doc/pages/documentation/current/mitm @@ -90,7 +90,7 @@ +
    • @@ -262,7 +262,7 @@ You've followed a link to a topic that doesn't exist yet. If permissio -
    +
    diff --git a/doc/pages/documentation/current/stayconnected b/doc/pages/documentation/current/stayconnected index 8360ff65f..42cb373fc 100644 --- a/doc/pages/documentation/current/stayconnected +++ b/doc/pages/documentation/current/stayconnected @@ -90,7 +90,7 @@ +
    • @@ -262,7 +262,7 @@ You've followed a link to a topic that doesn't exist yet. If permissio -
    +
    From a9c85df1cbab62fba7202f3e8cdd615ae8798193 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= Date: Thu, 11 Apr 2019 09:47:52 +0200 Subject: [PATCH 18/32] Update combination doc --- .../current/authcombination.html | 27 ++++++++++--------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/doc/pages/documentation/current/authcombination.html b/doc/pages/documentation/current/authcombination.html index 9b2d2c3f2..945583cc4 100644 --- a/doc/pages/documentation/current/authcombination.html +++ b/doc/pages/documentation/current/authcombination.html @@ -170,9 +170,10 @@ For example, if DBI is configured to use You can also override a complex key like ldapExportedVars, by setting a JSON value: 

    {"cn" => "cn", "uid" => "sAMAccounName", "mail" => "mail"}
    - +
    If your JSON is corrupted, LLNG will use it as string and just report a warning in logs.
    - +
    +

    Rule chain

    @@ -221,7 +222,7 @@ Remember that schemes in rules are the names declared above. [mySSL and myLDAP, myLDAP ] Use mySSL and myLDAP to authentify, myLDAP to get user
    -
    Note that “or” can't be used inside a scheme. +
    Note that “or” can't be used inside a scheme. If you think to “[mySSL or myLDAP, myLDAP]”, you must write [mySSL, myLDAP] or [myLDAP, myLDAP]
    @@ -237,7 +238,7 @@ If you think to “[mySSL or myLDAP, myLDAP]”, you must write [mySSL, my
    [myDBI1] and [myDBI2] or [myLDAP] and [myDBI2] Try myDBI1 and myDBI2, if it fails, try myLDAP and myDBI2
    -
    You can't use brackets in a boolean expression and “and” has precedence on “or”. +
    You can't use brackets in a boolean expression and “and” has precedence on “or”.

    If you think to “( [myLDAP] or [myDBI1] ) and [myDBI2]”, you must write [myLDAP] and [myDBI2] or [myDBI1] and [myDBI2]

    @@ -264,7 +265,7 @@ Test can use only the $env variable. It contains the FastCGI enviro if($env->{REMOTE_ADDR} =~ /^10\./) then [myLDAP] else if($env->{REMOTE_ADDR} =~ /^192/) then [myDBI1] else [myDBI2] Chain tests
    -
    Note that brackets can't be used except to enclose test. +
    Note that brackets can't be used except to enclose test.

    If you wants to write if(...) then if..., you must write if(not ...) then ... else if(...)...

    @@ -284,7 +285,7 @@ The following rule is valid:

    - +

    Combine second factor

    @@ -309,7 +310,7 @@ Now if you want to authenticate users either by LDAP or LDAP+U2F (to have 2
    - +

    Display multiple forms

    @@ -320,12 +321,12 @@ Combination module returns the form corresponding to the first authentication sc combinationForms = standardform, openidform
    - +

    Known problems

    - +

    Federation protocols

    @@ -345,9 +346,9 @@ Combination module returns the form corresponding to the first authentication sc [SAML] and [LDAP] or [LDAP] [SAML, SAML and LDAP] or [LDAP] Authentication is done by SAML or LDAP but user must match an LDAP entry
    - +
    - +

    Auth::Apache authentication

    @@ -365,7 +366,7 @@ To bypass this, follow the documentation of +

    SSL authentication

    @@ -374,6 +375,6 @@ To chain SSL, you have to set “SSLRequire optional” in Apache configuration,

    -
    +
    From cea93c4c2b542dd07b4f4c27d9fca53de88377a4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= Date: Thu, 11 Apr 2019 10:11:16 +0200 Subject: [PATCH 19/32] Update changelog --- changelog | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) diff --git a/changelog b/changelog index 42a56403c..6be91103e 100644 --- a/changelog +++ b/changelog @@ -1,3 +1,54 @@ +lemonldap-ng (2.0.3) bionic; urgency=medium + + * Bugs: + * #1543: Redirection lost with CAS RP -> Choice -> SAML Discovery Protocol -> SAML IDP + * #1654: Password must change on AD still not fully working + * #1656: No IP shown in history logon + * #1667: [Security:medium] Option userControl is not applied anymore in standard login process + * #1671: Error in SP-initiated saml logout with multiple SP + * #1672: In SAML Issuer, environment variables to store current SP are not filled + * #1673: Application list display and specific rules + * #1675: [Security:minor] Using /logout instead of /?logout=1 does not work + * #1676: Active Directory connection information not saved + * #1679: Default jQuery URL in form replay has changed + * #1680: In form replay, POST data keys are not URL encoded + * #1682: LinkedIn OAuth2 authentication is not available in combination modules list + * #1683: Changing configuration option cspScript has no effect + * #1684: UI manager: boolean values do not appears in configuration forms with Yaml config format + * #1686: SOAP Portal WSDL file is invalid + * #1691: Password policy can't display messages + * #1692: Parameter base64 is ignored in setHiddenFormValue + * #1693: Information is not displayed in logout process + * #1698: Invalid pdata causes SAML login to fail after logout + * #1703: Fix faulty headers on a null value + * #1708: lmerror page loops on url parameter + + * New features: + * #1632: Optionally let Ext2F module handle code generation + * #1658: CheckUser plugin + * #1661: Configuration viewer module + * #1664: Impersonation plugin + * #1697: Command-line tool to delete session for specific user(s) + + * Improvements: + * #1549: Option to override IDP entityID + * #1595: Possibility to override message with a custom JSON file in template + * #1651: Disable cache on portal page + * #1653: Allow failback to default skin when a template is not found in custom theme + * #1660: Restore possibility to hide message in portal template + * #1666: Display errors on login form + * #1668: As IDP SAML, do not try to send SLO response if no SLO endpoint defined in SP metadata + * #1670: Display "authentication in progress" when using Ajax with Kerberos + * #1681: Change behavior with SAML mandatory/optional attributes in SAML Issuer + * #1687: Add granted log for user and connexion informations + * #1694: Disable CSRF token with AuthBasic + * #1696: Remove unnecessary antiframe protection in portal javascript + * #1699: Authentication level for REST and GPG authentication + * #1700: Update AuthBasic handler doc : REST server is required + * #1704: Append parameter to sort IDP, OP and CAS servers in Auth menu loop + + -- Clément Thu, 11 Apr 2019 10:09:35 +0200 + lemonldap-ng (2.0.2) bionic; urgency=medium * Bugs: From eaaa7de8027e90eb70fa55a3765dcf9f45e49903 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= Date: Thu, 11 Apr 2019 10:27:55 +0200 Subject: [PATCH 20/32] Update RPM spec to 2.0.3 --- rpm/lemonldap-ng.spec | 3 +++ 1 file changed, 3 insertions(+) diff --git a/rpm/lemonldap-ng.spec b/rpm/lemonldap-ng.spec index f60c13d92..ea3322a98 100644 --- a/rpm/lemonldap-ng.spec +++ b/rpm/lemonldap-ng.spec @@ -656,6 +656,9 @@ fi # Changelog #============================================================================== %changelog +* Thu Apr 11 2019 Clement Oudot - 2.0.3-1 +- Update to 2.0.3 + * Tue Feb 12 2019 Clement Oudot - 2.0.2-1 - Update to 2.0.2 From 10346000406b0b8d9502be9b96b69e2e9fc3bd54 Mon Sep 17 00:00:00 2001 From: Xavier Guimard Date: Thu, 11 Apr 2019 10:57:03 +0200 Subject: [PATCH 21/32] Update translations --- .../site/htdocs/static/languages/ar.json | 2 +- .../site/htdocs/static/languages/de.json | 2 +- .../site/htdocs/static/languages/it.json | 30 +++++++++---------- .../site/htdocs/static/languages/vi.json | 2 +- .../site/htdocs/static/languages/zh.json | 2 +- .../site/htdocs/static/languages/ar.json | 12 ++++---- .../site/htdocs/static/languages/de.json | 12 ++++---- .../site/htdocs/static/languages/en.json | 12 ++++---- .../site/htdocs/static/languages/es.json | 12 ++++---- .../site/htdocs/static/languages/it.json | 22 +++++++------- .../site/htdocs/static/languages/nl.json | 12 ++++---- .../site/htdocs/static/languages/pt.json | 12 ++++---- .../site/htdocs/static/languages/ro.json | 14 ++++----- .../site/htdocs/static/languages/vi.json | 12 ++++---- .../site/htdocs/static/languages/zh.json | 14 ++++----- .../site/templates/common/mail/ar.json | 2 +- .../site/templates/common/mail/it.json | 6 ++-- .../site/templates/common/mail/vi.json | 2 +- .../site/templates/common/mail/zh_CN.json | 2 +- 19 files changed, 92 insertions(+), 92 deletions(-) diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json index eb9304a97..c5028252b 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/ar.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/ar.json @@ -986,4 +986,4 @@ "samlRelayStateTimeout":"تناوب حالة مهلة الجلسة ", "samlUseQueryStringSpecific":"استخدام أسلوب query_string المعين", "samlOverrideIDPEntityID":"Override Entity ID when acting as IDP" -} +} \ No newline at end of file diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/de.json b/lemonldap-ng-manager/site/htdocs/static/languages/de.json index ba57ff182..86ca097f2 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/de.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/de.json @@ -986,4 +986,4 @@ "samlRelayStateTimeout":"RelayState session timeout", "samlUseQueryStringSpecific":"Use specific query_string method", "samlOverrideIDPEntityID":"Override Entity ID when acting as IDP" -} +} \ No newline at end of file diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/it.json b/lemonldap-ng-manager/site/htdocs/static/languages/it.json index 45b3fb473..0fce3d6ba 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/it.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/it.json @@ -124,7 +124,7 @@ "casSrv":"Server CAS ", "casSrvMetaDataExportedVars":"Attributi esportati", "casSrvMetaDataOptions":"Opzioni", -"casSrvMetaDataOptionsDisplay":"Display", +"casSrvMetaDataOptionsDisplay":"Visualizza ", "casSrvMetaDataOptionsDisplayName":"Nome da visualizzare", "casSrvMetaDataOptionsGateway":"Autenticazione gateway", "casSrvMetaDataOptionsIcon":"Path icona", @@ -244,7 +244,7 @@ "enabled":"Abilitato", "enterPassword":"Inserisci password (opzionale)", "error":"Errore", -"errors":"ERRORS", +"errors":"ERRORI", "exportedAttr":"Attributi di SOAP/REST esportati", "exportedHeaders":"Intestazioni esportate", "exportedVars":"Variabili esportate", @@ -274,8 +274,8 @@ "globalStorage":"Modulo Apache::Session", "globalStorageOptions":"Parametri di modulo Apache::Session", "gpgAuthnLevel":"Livello di autenticazione", -"gpgDb":"GPG database", -"gpgParams":"GPG parameters", +"gpgDb":"Database GPG", +"gpgParams":"Parametri GPG", "grantSessionRules":"Condizioni di apertura", "groups":"Gruppi", "hashkey":"Chiave", @@ -356,7 +356,7 @@ "ldapGroupAttributeNameSearch":"Attributi ricercati", "ldapGroupAttributeNameUser":"Attributo origine utente", "ldapGroupBase":"Base di ricerca", -"ldapGroupDecodeSearchedValue":"Decode searched value", +"ldapGroupDecodeSearchedValue":"Decodifica il valore cercato", "ldapGroupObjectClass":"Classe oggetto", "ldapGroupRecursive":"Ricorsivo", "ldapGroups":"Gruppi", @@ -396,12 +396,12 @@ "lwpOpts":"Opzioni per le richieste del server", "lwpSslOpts":"Opzioni SSL per le richieste del server", "macros":"Macro", -"mail2f":"Mail second factor", -"mail2fActivation":"Activation", -"mail2fCodeRegex":"Code regex", -"mail2fTimeout":"Code timeout", -"mail2fSubject":"Mail subject", -"mail2fBody":"Mail body", +"mail2f":"Mail secondo fattore", +"mail2fActivation":"Attivazione", +"mail2fCodeRegex":"Codice regex", +"mail2fTimeout":"Codice timeout", +"mail2fSubject":"Oggetto della mail", +"mail2fBody":"Corpo del messaggio", "mail2fAuthnLevel":"Livello di autenticazione", "mail2fLogo":"Logo", "mailBody":"Successo contenuto di posta", @@ -891,9 +891,9 @@ "samlIDPMetaDataOptionsSession":"Sessioni", "samlIDPMetaDataOptionsSignature":"Firma", "samlIDPMetaDataOptionsBinding":"Vincolante", -"samlIDPMetaDataOptionsDisplay":"Display", -"samlIDPMetaDataOptionsDisplayName":"Display name", -"samlIDPMetaDataOptionsDisplayParams":"Display", +"samlIDPMetaDataOptionsDisplay":" Visualizza ", +"samlIDPMetaDataOptionsDisplayName":"Nome da visualizzare", +"samlIDPMetaDataOptionsDisplayParams":" Visualizza ", "samlIDPMetaDataOptionsIcon":"Logo", "samlIDPMetaDataOptionsSecurity":"Sicurezza", "samlIDPMetaDataOptionsSortNumber":"Order", @@ -986,4 +986,4 @@ "samlRelayStateTimeout":"Timeout di sessione di RelayState", "samlUseQueryStringSpecific":"Utilizza il metodo specifico query_string", "samlOverrideIDPEntityID":"Override Entity ID when acting as IDP" -} +} \ No newline at end of file diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json index 9b989c49f..64a78ae58 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json @@ -986,4 +986,4 @@ "samlRelayStateTimeout":"Thời gian hết hạn phiên RelayState ", "samlUseQueryStringSpecific":"Sử dụng phương pháp query_string cụ thể", "samlOverrideIDPEntityID":"Override Entity ID when acting as IDP" -} +} \ No newline at end of file diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json index 8f07c908c..0d9382648 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/zh.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/zh.json @@ -986,4 +986,4 @@ "samlRelayStateTimeout":"RelayState session timeout", "samlUseQueryStringSpecific":"Use specific query_string method", "samlOverrideIDPEntityID":"Override Entity ID when acting as IDP" -} +} \ No newline at end of file diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/ar.json b/lemonldap-ng-portal/site/htdocs/static/languages/ar.json index 34f604f98..157d93b1b 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/ar.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/ar.json @@ -88,11 +88,11 @@ "PE86":"Your account is locked. You must wait 30s before authenticate again", "PE87":"You must authenticate again to access to Portal", "PE88":"Your account must have an e-mail address in order to use double factor authentication", -"PE89":"Access non granted on SAML service", -"PE90":"Access non granted on OIDC service", -"PE91":"Access non granted on OID service", -"PE92":"Access non granted on GET service", -"PE93":"Access non granted on IMPERSONATION service", +"PE89":"Access not granted on SAML service", +"PE90":"Access not granted on OIDC service", +"PE91":"Access not granted on OID service", +"PE92":"Access not granted on GET service", +"PE93":"Access not granted on IMPERSONATION service", "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.", "accept":"قبول", "accessDenied":"ليس لديك إذن بالدخول لهذا التطبيق", @@ -259,4 +259,4 @@ "yourPhone":"رقم هاتفك", "yourProfile":"ملفك الشخصي", "yourTotpKey":"Your TOTP key" -} +} \ No newline at end of file diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/de.json b/lemonldap-ng-portal/site/htdocs/static/languages/de.json index d8b11571c..21f38a83d 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/de.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/de.json @@ -88,11 +88,11 @@ "PE86":"Your account is locked. You must wait 30s before authenticate again", "PE87":"You must authenticate again to access to Portal", "PE88":"Your account must have an e-mail address in order to use double factor authentication", -"PE89":"Access non granted on SAML service", -"PE90":"Access non granted on OIDC service", -"PE91":"Access non granted on OID service", -"PE92":"Access non granted on GET service", -"PE93":"Access non granted on IMPERSONATION service", +"PE89":"Zugang zum SAML-Service nicht genehmigt", +"PE90":"Zugang zum OIDC-Service nicht genehmigt", +"PE91":"Zugang zum OID-Service nicht genehmigt", +"PE92":"Zugang zum GET-Service nicht genehmigt", +"PE93":"Access not granted on IMPERSONATION service", "2fRegRequired":"Dieser Dienst benötigt Zwei-Faktor-Authentifizierung. Bitte legen Sie ein Gerät an und gehen dann zum Portal zurück.", "accept":"Akzeptieren", "accessDenied":"Sie haben keine Zugriffsberechtigung für diese Anwendung", @@ -259,4 +259,4 @@ "yourPhone":"Ihre Telefonnummer", "yourProfile":"Ihr Profil", "yourTotpKey":"Your TOTP key" -} +} \ No newline at end of file diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/en.json b/lemonldap-ng-portal/site/htdocs/static/languages/en.json index 304d7bc86..8d04e44b7 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/en.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/en.json @@ -67,7 +67,7 @@ "PE65":"Federation forbidden by security policy", "PE66":"The confirmation mail was already sent", "PE67":"Password field must be filled", -"PE68":"Access non granted on CAS service", +"PE68":"Access not granted on CAS service", "PE69":"Please provide your mail address", "PE70":"No matching user", "PE71":"Please provide your new password", @@ -88,11 +88,11 @@ "PE86":"Your account is locked. You must wait 30s before authenticate again", "PE87":"You must authenticate again to access to Portal", "PE88":"Your account must have an e-mail address in order to use double factor authentication", -"PE89":"Access non granted on SAML service", -"PE90":"Access non granted on OIDC service", -"PE91":"Access non granted on OID service", -"PE92":"Access non granted on GET service", -"PE93":"Access non granted on IMPERSONATION service", +"PE89":"Access not granted on SAML service", +"PE90":"Access not granted on OIDC service", +"PE91":"Access not granted on OID service", +"PE92":"Access not granted on GET service", +"PE93":"Access not granted on IMPERSONATION service", "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.", "accept":"Accept", "accessDenied":"You have no access authorization for this application", diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/es.json b/lemonldap-ng-portal/site/htdocs/static/languages/es.json index 93e392116..cc2ddce2e 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/es.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/es.json @@ -88,11 +88,11 @@ "PE86":"Your account is locked. You must wait 30s before authenticate again", "PE87":"You must authenticate again to access to Portal", "PE88":"Your account must have an e-mail address in order to use double factor authentication", -"PE89":"Access non granted on SAML service", -"PE90":"Access non granted on OIDC service", -"PE91":"Access non granted on OID service", -"PE92":"Access non granted on GET service", -"PE93":"Access non granted on IMPERSONATION service", +"PE89":"Acceso no autorizado al servicio SAML", +"PE90":"Acceso no autorizado al servicio OIDC", +"PE91":"Acceso no autorizado al servicio OID", +"PE92":"Acceso no autorizado al servicio GET", +"PE93":"Access not granted on IMPERSONATION service", "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.", "accept":"Accept", "accessDenied":"You have no access authorization for this application", @@ -259,4 +259,4 @@ "yourPhone":"Your phone number", "yourProfile":"Your profile", "yourTotpKey":"Your TOTP key" -} +} \ No newline at end of file diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/it.json b/lemonldap-ng-portal/site/htdocs/static/languages/it.json index f373c5c41..24fa1fdef 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/it.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/it.json @@ -67,7 +67,7 @@ "PE65":"Federation forbidden by security policy", "PE66":"La mail di conferma è già stata inviata", "PE67":"Password mancante", -"PE68":"Accesso non autorizzato al servizio CAS", +"PE68":"Acceso no autorizado al servicio CAS", "PE69":"Inserisci il tuo indirizzo mail", "PE70":"Nessun utente corrispondente", "PE71":"Inserisci la nuova password", @@ -87,12 +87,12 @@ "PE85":"Il sito remoto richiede una sessione più recente (e il plug-in di UpgradeSession non viene caricato). Disconnetti e riprova", "PE86":"Il tuo account è bloccato. Devi attendere 30 secondi prima di autenticarti di nuovo", "PE87":"È necessario eseguire nuovamente l'autenticazione per accedere al Portale", -"PE88":"Your account must have an e-mail address in order to use double factor authentication", -"PE89":"Access non granted on SAML service", -"PE90":"Access non granted on OIDC service", -"PE91":"Access non granted on OID service", -"PE92":"Access non granted on GET service", -"PE93":"Access non granted on IMPERSONATION service", +"PE88":"Il tuo account deve avere un indirizzo e-mail per poter utilizzare l'autenticazione a doppio fattore", +"PE89":"Access not granted on SAML service", +"PE90":"Access not granted on OIDC service", +"PE91":"Access not granted on OID service", +"PE92":"Access not granted on GET service", +"PE93":"Access not granted on IMPERSONATION service", "2fRegRequired":"Questo servizio richiede un'autenticazione a doppio fattore. Registrare un dispositivo ora, quindi tornare al portale.", "accept":"Accetta", "accessDenied":"Non hai un'autorizzazione di accesso per questa applicazione", @@ -104,7 +104,7 @@ "areYouSure":"Sei sicuro?", "askToRenew":"Questa applicazione richiede un'autenticazione più recente. Vuoi reautenticare?", "askToUpgrade":"Questa applicazione richiede un livello di autenticazione superiore. Vuoi reautenticare?", -"attributes":"ATTRIBUTES", +"attributes":"ATTRIBUTI", "authPortal":"Portale di autenticazione", "authRemaining":"Rimangono ancora %s autenticazioni, modifica la password!", "autoAccept":"Accetta automaticamente in 30 secondi", @@ -117,7 +117,7 @@ "changeKey":"Genera nuova chiave", "changePwd":"Cambia la tua password", "checkLastLogins":"Controllare i miei ultimi accessi", -"checkUser":"Check user SSO profile", +"checkUser":"Controlla il profilo SSO dell'utente", "choose2f":"Scegli il tuo secondo fattore", "chooseApp":"Scegli un'applicazione alla quale ti è consentito l'accesso", "clickHere":"Per favore clicka qui", @@ -141,7 +141,7 @@ "errorMsg":"Messaggio di errore", "fillTheForm":"Compila il modulo", "firstName":"Nome", -"forbidden":"Access FORBIDDEN", +"forbidden":"Accesso VIETATO", "forgotPwd":"Password dimenticata?", "generatePwd":"Generare automaticamente la password", "gotNewMessages":"Hai dei nuovi messaggi", @@ -259,4 +259,4 @@ "yourPhone":"Numero di telefono", "yourProfile":"Il tuo profilo", "yourTotpKey":"La tua chiave TOTP" -} +} \ No newline at end of file diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/nl.json b/lemonldap-ng-portal/site/htdocs/static/languages/nl.json index 1449221e4..014e1e377 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/nl.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/nl.json @@ -88,11 +88,11 @@ "PE86":"Your account is locked. You must wait 30s before authenticate again", "PE87":"You must authenticate again to access to Portal", "PE88":"Your account must have an e-mail address in order to use double factor authentication", -"PE89":"Access non granted on SAML service", -"PE90":"Access non granted on OIDC service", -"PE91":"Access non granted on OID service", -"PE92":"Access non granted on GET service", -"PE93":"Access non granted on IMPERSONATION service", +"PE89":"Onbevoegde toegang tot de SAML-service", +"PE90":"Onbevoegde toegang tot de OIDC-service", +"PE91":"Onbevoegde toegang tot de OID-service", +"PE92":"Onbevoegde toegang tot de GET-service", +"PE93":"Access not granted on IMPERSONATION service", "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.", "accept":"Accept", "accessDenied":"You have no access authorization for this application", @@ -259,4 +259,4 @@ "yourPhone":"Your phone number", "yourProfile":"Your profile", "yourTotpKey":"Your TOTP key" -} +} \ No newline at end of file diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/pt.json b/lemonldap-ng-portal/site/htdocs/static/languages/pt.json index 8ddc38dfc..d003c9674 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/pt.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/pt.json @@ -88,11 +88,11 @@ "PE86":"Your account is locked. You must wait 30s before authenticate again", "PE87":"You must authenticate again to access to Portal", "PE88":"Your account must have an e-mail address in order to use double factor authentication", -"PE89":"Access non granted on SAML service", -"PE90":"Access non granted on OIDC service", -"PE91":"Access non granted on OID service", -"PE92":"Access non granted on GET service", -"PE93":"Access non granted on IMPERSONATION service", +"PE89":"Acesso não autorizado ao serviço SAML", +"PE90":"Acesso não autorizado ao serviço OIDC", +"PE91":"Acesso não autorizado ao serviço OID", +"PE92":"Acesso não autorizado ao serviço GET", +"PE93":"Access not granted on IMPERSONATION service", "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.", "accept":"Accept", "accessDenied":"You have no access authorization for this application", @@ -259,4 +259,4 @@ "yourPhone":"Your phone number", "yourProfile":"Your profile", "yourTotpKey":"Your TOTP key" -} +} \ No newline at end of file diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/ro.json b/lemonldap-ng-portal/site/htdocs/static/languages/ro.json index b58755c9d..857e44f1c 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/ro.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/ro.json @@ -67,7 +67,7 @@ "PE65":"Federation forbidden by security policy", "PE66":"The confirmation mail was already sent", "PE67":"Password field must be filled", -"PE68":"Access non granted on CAS service", +"PE68":"Access not granted on CAS service", "PE69":"Vă rugăm să introduceţi adresa dvs. de e-mail", "PE70":"No matching user", "PE71":"Please provide your new password", @@ -88,11 +88,11 @@ "PE86":"Your account is locked. You must wait 30s before authenticate again", "PE87":"You must authenticate again to access to Portal", "PE88":"Your account must have an e-mail address in order to use double factor authentication", -"PE89":"Access non granted on SAML service", -"PE90":"Access non granted on OIDC service", -"PE91":"Access non granted on OID service", -"PE92":"Access non granted on GET service", -"PE93":"Access non granted on IMPERSONATION service", +"PE89":"Access not granted on SAML service", +"PE90":"Access not granted on OIDC service", +"PE91":"Access not granted on OID service", +"PE92":"Access not granted on GET service", +"PE93":"Access not granted on IMPERSONATION service", "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.", "accept":"Accept", "accessDenied":"You have no access authorization for this application", @@ -259,4 +259,4 @@ "yourPhone":"Your phone number", "yourProfile":"Your profile", "yourTotpKey":"Your TOTP key" -} +} \ No newline at end of file diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/vi.json b/lemonldap-ng-portal/site/htdocs/static/languages/vi.json index 46f541ff9..7fdc2e690 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/vi.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/vi.json @@ -88,11 +88,11 @@ "PE86":"Your account is locked. You must wait 30s before authenticate again", "PE87":"You must authenticate again to access to Portal", "PE88":"Your account must have an e-mail address in order to use double factor authentication", -"PE89":"Access non granted on SAML service", -"PE90":"Access non granted on OIDC service", -"PE91":"Access non granted on OID service", -"PE92":"Access non granted on GET service", -"PE93":"Access non granted on IMPERSONATION service", +"PE89":"Truy cập không được cấp trên dịch vụ SAML", +"PE90":"Truy cập không được cấp trên dịch vụ OIDC", +"PE91":"Truy cập không được cấp trên dịch vụ OID", +"PE92":"Truy cập không được cấp trên dịch vụ GET", +"PE93":"Access not granted on IMPERSONATION service", "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.", "accept":"Chấp nhận", "accessDenied":"Bạn không có quyền truy cập vào ứng dụng này", @@ -259,4 +259,4 @@ "yourPhone":"Số điện thoại của bạn", "yourProfile":"Profile của bạn", "yourTotpKey":"Your TOTP key" -} +} \ No newline at end of file diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/zh.json b/lemonldap-ng-portal/site/htdocs/static/languages/zh.json index 3f7f6233c..cd97df643 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/zh.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/zh.json @@ -67,7 +67,7 @@ "PE65":"Federation forbidden by security policy", "PE66":"确认邮件已经发送", "PE67":"密码必须填写", -"PE68":"Access non granted on CAS service", +"PE68":"Access not granted on CAS service", "PE69":"请提供您的邮箱", "PE70":"没有匹配用户", "PE71":"请提供您的新密码", @@ -88,11 +88,11 @@ "PE86":"Your account is locked. You must wait 30s before authenticate again", "PE87":"You must authenticate again to access to Portal", "PE88":"Your account must have an e-mail address in order to use double factor authentication", -"PE89":"Access non granted on SAML service", -"PE90":"Access non granted on OIDC service", -"PE91":"Access non granted on OID service", -"PE92":"Access non granted on GET service", -"PE93":"Access non granted on IMPERSONATION service", +"PE89":"Access not granted on SAML service", +"PE90":"Access not granted on OIDC service", +"PE91":"Access not granted on OID service", +"PE92":"Access not granted on GET service", +"PE93":"Access not granted on IMPERSONATION service", "2fRegRequired":"This service requires a double factor authentication. Register a device now, then go back to the portal.", "accept":"Accept 方法", "accessDenied":"您无权访问此应用", @@ -259,4 +259,4 @@ "yourPhone":"您的电话号码", "yourProfile":"您的档案", "yourTotpKey":"Your TOTP key" -} +} \ No newline at end of file diff --git a/lemonldap-ng-portal/site/templates/common/mail/ar.json b/lemonldap-ng-portal/site/templates/common/mail/ar.json index cb8cde426..f24a6ccb2 100644 --- a/lemonldap-ng-portal/site/templates/common/mail/ar.json +++ b/lemonldap-ng-portal/site/templates/common/mail/ar.json @@ -15,4 +15,4 @@ "requestIssuedFromIP":"الطلب قد أرسل من عنوان الآي بي", "yourLoginCodeIs":"Your login code is", "yourLoginIs":"تسجيل الدخول الخاص بك هو" -} +} \ No newline at end of file diff --git a/lemonldap-ng-portal/site/templates/common/mail/it.json b/lemonldap-ng-portal/site/templates/common/mail/it.json index ccf1dcc41..9977a8825 100644 --- a/lemonldap-ng-portal/site/templates/common/mail/it.json +++ b/lemonldap-ng-portal/site/templates/common/mail/it.json @@ -4,7 +4,7 @@ "click2Register":"Clicca qui per confermare la registrazione del tuo account", "click2Reset":"Clicca qui per reimpostare la password", "hello":"Salve", -"mail2fSubject":"[LemonLDAP::NG] Your login code", +"mail2fSubject":"[LemonLDAP :: NG] Il tuo codice di accesso", "mailConfirmSubject":"Conferma reimpostazione password [LemonLDAP::NG] ", "mailSubject":"[LemonLDAP::NG] La tua nuova password", "newPwdIs":"La tua nuova password é", @@ -13,6 +13,6 @@ "registerConfirmSubject":"[LemonLDAP :: NG] Conferma registro account", "registerDoneSubject":"[LemonLDAP::NG] Il tuo nuovo account", "requestIssuedFromIP":"La richiesta è stata emessa da IP", -"yourLoginCodeIs":"Your login code is", +"yourLoginCodeIs":"Il tuo codice di accesso è", "yourLoginIs":"Il tuo login é" -} +} \ No newline at end of file diff --git a/lemonldap-ng-portal/site/templates/common/mail/vi.json b/lemonldap-ng-portal/site/templates/common/mail/vi.json index 33d9480e4..8ae1f45e8 100644 --- a/lemonldap-ng-portal/site/templates/common/mail/vi.json +++ b/lemonldap-ng-portal/site/templates/common/mail/vi.json @@ -15,4 +15,4 @@ "requestIssuedFromIP":"Yêu cầu được gửi đi từ địa chỉ IP", "yourLoginCodeIs":"Your login code is", "yourLoginIs":"Đăng nhập của bạn là" -} +} \ No newline at end of file diff --git a/lemonldap-ng-portal/site/templates/common/mail/zh_CN.json b/lemonldap-ng-portal/site/templates/common/mail/zh_CN.json index f5a1e9272..9c920f2db 100644 --- a/lemonldap-ng-portal/site/templates/common/mail/zh_CN.json +++ b/lemonldap-ng-portal/site/templates/common/mail/zh_CN.json @@ -15,4 +15,4 @@ "requestIssuedFromIP":"此请求来自IP地址", "yourLoginCodeIs":"Your login code is", "yourLoginIs":"您登陆的账户是" -} +} \ No newline at end of file From f4dcac41313cfece5d5bde131dd12a6a6181036e Mon Sep 17 00:00:00 2001 From: Xavier Guimard Date: Thu, 11 Apr 2019 11:06:36 +0200 Subject: [PATCH 22/32] Update translations --- .../site/htdocs/static/languages/it.json | 10 +++---- .../site/htdocs/static/languages/it.json | 28 +++++++++---------- 2 files changed, 19 insertions(+), 19 deletions(-) diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/it.json b/lemonldap-ng-manager/site/htdocs/static/languages/it.json index 0fce3d6ba..b8f4cb5fd 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/it.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/it.json @@ -153,11 +153,11 @@ "checkState":"Attivazione", "checkStateSecret":"Segreto condiviso", "checkUsers":"SSO profile Check", -"checkUser":"Activation", +"checkUser":"Attivazione", "checkUserIdRule":"Identities use rule", "checkUserHiddenAttributes":"Hidden attributes", "checkUserDisplayPersistentInfo":"Display persistent session", -"checkUserDisplayEmptyValues":"Display empty values", +"checkUserDisplayEmptyValues":"Mostra valori vuoti", "choiceParams":"Scelta parametri", "chooseLogo":"Scegli logo", "chooseSkin":"Scegli interfaccia", @@ -293,9 +293,9 @@ "impersonationRule":"Use rule", "impersonationIdRule":"Identities use rule", "impersonationHiddenAttributes":"Hidden attributes", -"impersonationMergeSSOgroups":"Merge spoofed and real SSO groups", -"impersonationPrefix":"Real attributes prefix", -"impersonationSkipEmptyValues":"Skip empty values", +"impersonationMergeSSOgroups":"Unisci gruppi SSO falsificati e reali", +"impersonationPrefix":"Prefisso degli attributi reali", +"impersonationSkipEmptyValues":"Salta valori vuoti", "incompleteForm":"Mancano campi obbligatori", "index":"Indice", "infoFormMethod":"Metodo per il modulo informazioni", diff --git a/lemonldap-ng-portal/site/htdocs/static/languages/it.json b/lemonldap-ng-portal/site/htdocs/static/languages/it.json index 24fa1fdef..e5d511712 100644 --- a/lemonldap-ng-portal/site/htdocs/static/languages/it.json +++ b/lemonldap-ng-portal/site/htdocs/static/languages/it.json @@ -88,18 +88,18 @@ "PE86":"Il tuo account è bloccato. Devi attendere 30 secondi prima di autenticarti di nuovo", "PE87":"È necessario eseguire nuovamente l'autenticazione per accedere al Portale", "PE88":"Il tuo account deve avere un indirizzo e-mail per poter utilizzare l'autenticazione a doppio fattore", -"PE89":"Access not granted on SAML service", -"PE90":"Access not granted on OIDC service", -"PE91":"Access not granted on OID service", -"PE92":"Access not granted on GET service", -"PE93":"Access not granted on IMPERSONATION service", +"PE89":"Accesso non concesso sul servizio SAML", +"PE90":"Accesso non concesso sul servizio OIDC", +"PE91":"Accesso non concesso sul servizio OID", +"PE92":"Accesso non concesso sul servizio GET", +"PE93":"Accesso non concesso sul servizio IMPERSONATION", "2fRegRequired":"Questo servizio richiede un'autenticazione a doppio fattore. Registrare un dispositivo ora, quindi tornare al portale.", "accept":"Accetta", "accessDenied":"Non hai un'autorizzazione di accesso per questa applicazione", "accountCreated":"Il tuo account è stato creato, la tua password temporanea è stata inviata all'indirizzo email.", "accountCreationSuccess":"Il tuo account è stato creato con successo.", "action":"Azione", -"allowed":"Access ALLOWED", +"allowed":"Accesso CONSENTITO", "anotherInformation":"Un'altra informazione:", "areYouSure":"Sei sicuro?", "askToRenew":"Questa applicazione richiede un'autenticazione più recente. Vuoi reautenticare?", @@ -147,13 +147,13 @@ "gotNewMessages":"Hai dei nuovi messaggi", "goToPortal":"Vai al portale", "gplSoft":"Software libero coperto dalla licenza GPL", -"groups_sso":"SSO GROUPS", -"headers":"HEADERS", +"groups_sso":"GRUPPI SSO", +"headers":"INTESTAZIONI", "id":"Id", "imSure":"Sono sicuro", "info":"Informazioni", "ipAddr":"Indirizzo IP", -"key":"Key", +"key":"Chiave", "lastFailedLogins":"Ultimi login non riusciti", "lastLogins":"Ultimi accessi", "lastName":"Cognome", @@ -212,7 +212,7 @@ "resetPwd":"Reimpostare la password", "rightsReloadNeedsLogout":"Le ricariche dei diritti necessitano di disconnettersi e di riconnettersi", "scope":"Ambito", -"search":"Search", +"search":"Ricerca", "selectIdP":"Seleziona il tuo provider di identità", "service":"Servizio", "sendPwd":"Inviami il link", @@ -220,7 +220,7 @@ "serviceProvidedBy":"Servizio offerto da", "sessionsDeleted":"Le sessioni seguenti sono state chiuse", "sfaManager":"2ndFA Manager", -"spoofId":"Spoofed Id", +"spoofId":"Id falsificato", "SSOSessionInactive":"Sessione SSO inattiva", "stayConnected":"Resta connesso su questo dispositivo", "submit":"Invia", @@ -238,11 +238,11 @@ "upgradeSession":"Sessione di aggiornamento", "user":"Utente", "useYubikey":"Usa la tua Yubikey", -"value":"Value", +"value":"Valore", "verify":"Verifica", -"VHnotFound":"Virtual Host not found", +"VHnotFound":"Host virtuale non trovato", "wait":"Attendere", -"waitingmessage":"Authentication in progress, please wait", +"waitingmessage":"Autenticazione in corso, attendere prego", "warning":"Avvertimento", "welcomeOnPortal":"Benvenuto sul tuo portale di autenticazione protetta.", "yesResendMail":"Sì, rinvia e-mail", From 702c72e7dcc955d76b106510de720f6dddda5108 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= Date: Thu, 11 Apr 2019 11:06:40 +0200 Subject: [PATCH 23/32] Require Plack::Test for build --- rpm/lemonldap-ng.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/rpm/lemonldap-ng.spec b/rpm/lemonldap-ng.spec index ea3322a98..2c1228fc5 100644 --- a/rpm/lemonldap-ng.spec +++ b/rpm/lemonldap-ng.spec @@ -144,6 +144,7 @@ BuildRequires: perl(Plack::Handler::FCGI) BuildRequires: perl(Plack::Middleware) BuildRequires: perl(Plack::Request) BuildRequires: perl(Plack::Runner) +BuildRequires: perl(Plack::Test) BuildRequires: perl(Plack::Util) BuildRequires: perl(Plack::Util::Accessor) BuildRequires: perl(POSIX) From 71300988f9b10c988e7ed7e618b39a2165f6f192 Mon Sep 17 00:00:00 2001 From: Christophe Maudoux Date: Thu, 11 Apr 2019 11:08:52 +0200 Subject: [PATCH 24/32] Fix route conflict (#1661) --- .../lib/Lemonldap/NG/Manager/Viewer.pm | 20 ++++++++++-------- lemonldap-ng-manager/t/70-viewer.t | 21 +++++++++++++------ .../t/71-viewer-with-no-diff.t | 12 ++++++----- 3 files changed, 33 insertions(+), 20 deletions(-) diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Viewer.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Viewer.pm index 62412ce25..ea770f262 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Viewer.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Viewer.pm @@ -59,22 +59,24 @@ sub addRoutes { ['GET'] ); } - unless ( $self->{viewerAllowBrowser} || $conf->{viewerAllowBrowser} ) { + + # Difference between confs + if ( $self->{viewerAllowDiff} ) { + $self->addRoute( + view => { diff => { ':conf1' => { ':conf2' => 'viewDiff' } } } ) + ->addRoute( 'viewDiff.html', undef, ['GET'] ); + } + unless ( $self->{viewerAllowBrowser} ) { $self->addRoute( view => { ':cfgNum' => 'rejectKey' }, ['GET'] ); } - # Difference between confs - if ( $self->{viewerAllowDiff} || $conf->{viewerAllowDiff} ) { - $self->addRoute( - view => { diff => { ':conf1' => { ':conf2' => 'viewDiff' } } } ) - ->addRoute( 'viewDiff.html', undef, ['GET'] ); - } - # Other keys - $self->addRoute( view => { ':cfgNum' => { '*' => 'getKey' } }, ['GET'] ); + else { + $self->addRoute( view => { ':cfgNum' => { '*' => 'getKey' } }, ['GET'] ); + } } sub getConfByNum { diff --git a/lemonldap-ng-manager/t/70-viewer.t b/lemonldap-ng-manager/t/70-viewer.t index b096f6708..553db18b5 100644 --- a/lemonldap-ng-manager/t/70-viewer.t +++ b/lemonldap-ng-manager/t/70-viewer.t @@ -8,6 +8,7 @@ use JSON qw(from_json); require 't/test-lib.pm'; my $struct = 't/jsonfiles/70-diff.json'; + sub body { return IO::File->new( $struct, 'r' ); } @@ -19,9 +20,11 @@ count(1); # Test that hidden key values are NOT sent $res = &client->jsonResponse('/view/1/portalDisplayLogout'); -ok( $res->{value} eq '_Hidden_', 'Key is hidden' ); +ok( $res->{value} eq '_Hidden_', 'Key is hidden' ) + or explain( $res, 'value => "_Hidden_"' ); $res = &client->jsonResponse('/view/1/samlIDPMetaDataNodes'); -ok( $res->{value} eq '_Hidden_', 'Key is hidden' ); +ok( $res->{value} eq '_Hidden_', 'Key is hidden' ) + or explain( $res, 'value => "_Hidden_"' ); count(2); # Try to display latest conf @@ -29,12 +32,17 @@ $res = &client->jsonResponse('/view/latest'); ok( $res->{cfgNum} eq '1', 'Browser is allowed' ); count(1); -ok( $res = &client->_post( '/confs/', 'cfgNum=1&force=1', &body, 'application/json' ), - "Request succeed" ); +ok( + $res = &client->_post( + '/confs/', 'cfgNum=1&force=1', &body, 'application/json' + ), + "Request succeed" +); ok( $res->[0] == 200, "Result code is 200" ); my $resBody; ok( $resBody = from_json( $res->[2]->[0] ), "Result body contains JSON text" ); count(3); + foreach my $i ( 0 .. 1 ) { ok( $resBody->{details}->{__changes__}->[$i]->{key} =~ @@ -46,10 +54,11 @@ count(2); # Try to compare confs 1 & 2 $res = &client->jsonResponse('/view/diff/1/2'); + # ok( $res->[1]->{captcha_login_enabled} eq '1', 'Key found' ); ok( $res->[1]->{captcha_mail_enabled} eq '0', 'Key found' ); -ok( 6 == keys %{ $res->[1] }, 'Right number of keys found') -or print STDERR Dumper($res); +ok( 6 == keys %{ $res->[1] }, 'Right number of keys found' ) + or print STDERR Dumper($res); count(2); # Remove new conf diff --git a/lemonldap-ng-manager/t/71-viewer-with-no-diff.t b/lemonldap-ng-manager/t/71-viewer-with-no-diff.t index 8e58345b3..8fee87c90 100644 --- a/lemonldap-ng-manager/t/71-viewer-with-no-diff.t +++ b/lemonldap-ng-manager/t/71-viewer-with-no-diff.t @@ -21,13 +21,10 @@ ok( 'Client object' ); -# Try to display latest conf -my $res = $client2->jsonResponse('/view/1'); -ok( $res->{value} eq '_Hidden_', 'Browser is NOT allowed' ); -count(2); + # Try to compare confs 1 & 2 -ok( $res = $client2->_post( '/confs/', 'cfgNum=1&force=1', &body, 'application/json' ), +ok( my $res = $client2->_post( '/confs/', 'cfgNum=1&force=1', &body, 'application/json' ), "Request succeed" ); ok( $res->[0] == 200, "Result code is 200" ); my $resBody; @@ -45,6 +42,11 @@ $res = $client2->jsonResponse('/view/diff/1/2'); ok( $res->{value} eq '_Hidden_', 'Diff is NOT allowed' ); count(1); +# Try to display latest conf +$res = $client2->jsonResponse('/view/2'); +ok( $res->{value} eq '_Hidden_', 'Browser is NOT allowed' ); +count(2); + # Remove new conf `rm -rf t/conf/lmConf-2.json`; From 7501e167af1df373c524f0240942b9a221fe8b3a Mon Sep 17 00:00:00 2001 From: Xavier Guimard Date: Thu, 11 Apr 2019 11:16:15 +0200 Subject: [PATCH 25/32] Full Itlaian translation --- .../site/htdocs/static/languages/it.json | 28 +++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/it.json b/lemonldap-ng-manager/site/htdocs/static/languages/it.json index b8f4cb5fd..069e279bb 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/it.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/it.json @@ -128,7 +128,7 @@ "casSrvMetaDataOptionsDisplayName":"Nome da visualizzare", "casSrvMetaDataOptionsGateway":"Autenticazione gateway", "casSrvMetaDataOptionsIcon":"Path icona", -"casSrvMetaDataOptionsSortNumber":"Order", +"casSrvMetaDataOptionsSortNumber":"Ordine", "casSrvMetaDataOptionsRenew":"Rinnova l'autenticazione", "casSrvMetaDataOptionsProxiedServices":"Servizi Proxied", "casSrvMetaDataOptionsUrl":"URL del server", @@ -152,11 +152,11 @@ "clickHereToForce":"Clicca qui per forzare", "checkState":"Attivazione", "checkStateSecret":"Segreto condiviso", -"checkUsers":"SSO profile Check", +"checkUsers":"Controllo del profilo SSO", "checkUser":"Attivazione", -"checkUserIdRule":"Identities use rule", -"checkUserHiddenAttributes":"Hidden attributes", -"checkUserDisplayPersistentInfo":"Display persistent session", +"checkUserIdRule":"Uso della regola delle identità", +"checkUserHiddenAttributes":"Attributi nascosti", +"checkUserDisplayPersistentInfo":"Mostra sessione persistente", "checkUserDisplayEmptyValues":"Mostra valori vuoti", "choiceParams":"Scelta parametri", "chooseLogo":"Scegli logo", @@ -250,7 +250,7 @@ "exportedVars":"Variabili esportate", "external2f":"2° fattore esterno", "ext2fActivation":"Attivazione", -"ext2fCodeActivation":"Code regex", +"ext2fCodeActivation":"Codice regex", "ext2fAuthnLevel":"Livello di autenticazione", "ext2fLogo":"Logo", "ext2FSendCommand":"Invia comando", @@ -289,10 +289,10 @@ "hideTree":"Nascondi l'albero", "httpOnly":"Protezione Javascript", "https":"HTTPS", -"impersonation":"Impersonation", -"impersonationRule":"Use rule", -"impersonationIdRule":"Identities use rule", -"impersonationHiddenAttributes":"Hidden attributes", +"impersonation":"Imitazione", +"impersonationRule":"Usa la regola", +"impersonationIdRule":"Le identità usano la regola", +"impersonationHiddenAttributes":"Attributi nascosti", "impersonationMergeSSOgroups":"Unisci gruppi SSO falsificati e reali", "impersonationPrefix":"Prefisso degli attributi reali", "impersonationSkipEmptyValues":"Salta valori vuoti", @@ -500,7 +500,7 @@ "oidcOPMetaDataOptionsDisplayName":"Visualizza nome", "oidcOPMetaDataOptionsDisplayParams":"Visualizza", "oidcOPMetaDataOptionsIcon":"Logo", -"oidcOPMetaDataOptionsSortNumber":"Order", +"oidcOPMetaDataOptionsSortNumber":"Ordine", "oidcOPMetaDataOptionsJWKSTimeout":"Timeout dei dati di JWKS", "oidcRPMetaDataOptionsLogoutSessionRequired":"Sessione necessaria", "oidcRPMetaDataOptionsLogoutType":"Tipo", @@ -651,7 +651,7 @@ "radiusSecret":"Segreto condiviso", "radiusServer":"Nome host del server", "randomPasswordRegexp":"Regex per la generazione di password", -"readOnlyMode":"Read-Only mode", +"readOnlyMode":"Modalità di sola lettura", "redirectFormMethod":"Metodo per il modulo di reindirizzamento", "redirection":"Redirezioni del gestore", "reference":"Riferimento", @@ -896,7 +896,7 @@ "samlIDPMetaDataOptionsDisplayParams":" Visualizza ", "samlIDPMetaDataOptionsIcon":"Logo", "samlIDPMetaDataOptionsSecurity":"Sicurezza", -"samlIDPMetaDataOptionsSortNumber":"Order", +"samlIDPMetaDataOptionsSortNumber":"Ordine", "samlIDPMetaDataOptionsStoreSAMLToken":"Store SAML Token", "samlIDPMetaDataOptionsRelayStateURL":"Consenti l'URL come RelayState", "samlIDPMetaDataOptionsUserAttribute":"Attributo che contiene l'identificatore dell'utente", @@ -985,5 +985,5 @@ "samlCommonDomainCookieWriter":"URL dell'autore", "samlRelayStateTimeout":"Timeout di sessione di RelayState", "samlUseQueryStringSpecific":"Utilizza il metodo specifico query_string", -"samlOverrideIDPEntityID":"Override Entity ID when acting as IDP" +"samlOverrideIDPEntityID":"Sostituisci l'ID entità quando agisce come IDP" } \ No newline at end of file From 6b2920522dd84d49f70c07751a0c12ad89c27d24 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= Date: Thu, 11 Apr 2019 11:18:22 +0200 Subject: [PATCH 26/32] Backport code to run test on CentOS 7 --- .../t/lib/Lemonldap/NG/Handler/Test.pm | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/lemonldap-ng-portal/t/lib/Lemonldap/NG/Handler/Test.pm b/lemonldap-ng-portal/t/lib/Lemonldap/NG/Handler/Test.pm index b34795415..e8f3110bd 100644 --- a/lemonldap-ng-portal/t/lib/Lemonldap/NG/Handler/Test.pm +++ b/lemonldap-ng-portal/t/lib/Lemonldap/NG/Handler/Test.pm @@ -67,11 +67,23 @@ sub run { my ( $req, $res ); $req = HTTP::Request->new( @{ JSON::from_json($_) } ); $res = $server->request($req); + my @flatten = &flatten($res); print $out JSON::to_json( - [ $res->code, [ $res->flatten ], [ $res->content ] ] ) + [ $res->code, [@flatten], [ $res->content ] ] ) . "\n"; } } +# Copy from HTTP::Headers code +sub flatten { + my ($self) = @_; + ( + map { + my $k = $_; + map { ( $k => $_ ) } $self->header($_); + } $self->header_field_names + ); +} + 1; From 4db983985011f7aeb5d187d23396441c37577619 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= Date: Thu, 11 Apr 2019 11:58:21 +0200 Subject: [PATCH 27/32] Fix some warnings in tests --- lemonldap-ng-portal/t/21-Auth-LDAP-Policy.t | 26 ++++++++++--------- .../t/37-CAS-App-to-SAML-IdP-POST-with-WAYF.t | 2 +- .../t/37-OIDC-RP-to-SAML-IdP-GET-with-WAYF.t | 4 +-- .../t/42-Register-Demo-with-captcha.t | 2 -- 4 files changed, 16 insertions(+), 18 deletions(-) diff --git a/lemonldap-ng-portal/t/21-Auth-LDAP-Policy.t b/lemonldap-ng-portal/t/21-Auth-LDAP-Policy.t index 94e900f14..10210f18b 100644 --- a/lemonldap-ng-portal/t/21-Auth-LDAP-Policy.t +++ b/lemonldap-ng-portal/t/21-Auth-LDAP-Policy.t @@ -35,6 +35,8 @@ SKIP: { 'PE_PP_PASSWORD_EXPIRED', 'PE_PASSWORD_OK', 'PE_PP_ACCOUNT_LOCKED', 'PE_PP_PASSWORD_TOO_SHORT', 'PE_PP_GRACE'; + my ( $user, $code, $postString, $match ); + # 1 - TEST PE_PP_CHANGE_AFTER_RESET AND PE_PP_PASSWORD_EXPIRED # ------------------------------------------------------------ foreach my $tpl ( @@ -42,9 +44,9 @@ SKIP: { [ 'expire', PE_PP_PASSWORD_EXPIRED ] ) { - my $user = $tpl->[0]; - my $code = $tpl->[1]; - my $postString = "user=$user&password=$user"; + $user = $tpl->[0]; + $code = $tpl->[1]; + $postString = "user=$user&password=$user"; # Try to authenticate # ------------------- @@ -56,7 +58,7 @@ SKIP: { ), 'Auth query' ); - my $match = 'trmsg="' . $code . '"'; + $match = 'trmsg="' . $code . '"'; ok( $res->[2]->[0] =~ /$match/, "Code is $code" ); #open F, '>../e2e-tests/conf/portal/result.html' or die $!; @@ -93,9 +95,9 @@ SKIP: { # 2 - TEST PE_PP_GRACE # ------------------------- - my $user = 'grace'; - my $code = "ppGrace"; - my $postString = "user=$user&password=$user"; + $user = 'grace'; + $code = "ppGrace"; + $postString = "user=$user&password=$user"; # Try to authenticate # ------------------- @@ -107,14 +109,14 @@ SKIP: { ), 'Auth query' ); - my $match = 'trmsg="' . $code . '"'; + $match = 'trmsg="' . $code . '"'; ok( $res->[2]->[0] =~ /$match/, 'Grace remaining' ); # 3 - TEST PE_PP_ACCOUNT_LOCKED # ------------------------- - my $user = 'lock'; - my $code = PE_PP_ACCOUNT_LOCKED; - my $postString = "user=$user&password=$user"; + $user = 'lock'; + $code = PE_PP_ACCOUNT_LOCKED; + $postString = "user=$user&password=$user"; # Try to authenticate # ------------------- @@ -126,7 +128,7 @@ SKIP: { ), 'Auth query' ); - my $match = 'trmsg="' . $code . '"'; + $match = 'trmsg="' . $code . '"'; ok( $res->[2]->[0] =~ /$match/, 'Account is locked' ); # Try to change anyway diff --git a/lemonldap-ng-portal/t/37-CAS-App-to-SAML-IdP-POST-with-WAYF.t b/lemonldap-ng-portal/t/37-CAS-App-to-SAML-IdP-POST-with-WAYF.t index 7eb5cdbd1..251b6cc9c 100644 --- a/lemonldap-ng-portal/t/37-CAS-App-to-SAML-IdP-POST-with-WAYF.t +++ b/lemonldap-ng-portal/t/37-CAS-App-to-SAML-IdP-POST-with-WAYF.t @@ -98,7 +98,7 @@ SKIP: { ); my $proxyPdata = 'lemonldappdata=' . expectCookie( $res, 'lemonldappdata' ); - my ( $url, $query ) = + ( $url, $query ) = expectRedirection( $res, qr#^http://discovery.example.com/# ); # Return from WAYF diff --git a/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-GET-with-WAYF.t b/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-GET-with-WAYF.t index 9bb4677b7..3e741b630 100644 --- a/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-GET-with-WAYF.t +++ b/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-GET-with-WAYF.t @@ -122,9 +122,7 @@ SKIP: { ); my $spPdata = 'lemonldappdata=' . expectCookie( $res, 'lemonldappdata' ); - - - my ( $url, $query ) = + ( $url, $query ) = expectRedirection( $res, qr#^http://discovery.example.com/# ); # Return from WAYF diff --git a/lemonldap-ng-portal/t/42-Register-Demo-with-captcha.t b/lemonldap-ng-portal/t/42-Register-Demo-with-captcha.t index a002abef4..33ffe39bd 100644 --- a/lemonldap-ng-portal/t/42-Register-Demo-with-captcha.t +++ b/lemonldap-ng-portal/t/42-Register-Demo-with-captcha.t @@ -100,14 +100,12 @@ m%[2]->[0] ); # Try to get captcha value - my ( $ts, $captcha ); ok( $ts = getCache()->get($token), ' Found token session' ); $ts = eval { JSON::from_json($ts) }; ok( $captcha = $ts->{captcha}, ' Found captcha value' ); From ac1654890e73538f36fbdbf4731760acfc36258d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= Date: Thu, 11 Apr 2019 12:36:17 +0200 Subject: [PATCH 28/32] Add llngDeleteSession script in RPM --- rpm/lemonldap-ng.spec | 3 +++ 1 file changed, 3 insertions(+) diff --git a/rpm/lemonldap-ng.spec b/rpm/lemonldap-ng.spec index 2c1228fc5..e3cd964e4 100644 --- a/rpm/lemonldap-ng.spec +++ b/rpm/lemonldap-ng.spec @@ -438,6 +438,8 @@ sed -i 's/nobody/%{lm_apacheuser}/' \ %{buildroot}%{lm_bindir}/lmConfigEditor sed -i 's/nobody/%{lm_apacheuser}/g' \ %{buildroot}%{lm_bindir}/lemonldap-ng-cli +sed -i 's/nobody/%{lm_apacheuser}/g' \ + %{buildroot}%{lm_bindir}/llngDeleteSession sed -i 's/nobody/%{lm_apacheuser}/g' \ %{buildroot}%{_sysconfdir}/default/llng-fastcgi-server @@ -593,6 +595,7 @@ fi %{lm_examplesdir}/manager %{lm_bindir}/lmConfigEditor %{lm_bindir}/lemonldap-ng-cli +%{lm_bindir}/llngDeleteSession %{_mandir}/man1/lemonldap-ng-cli* %files portal From c2a4454f93341d966354042f53547f7c0197ee84 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= Date: Thu, 11 Apr 2019 12:43:58 +0200 Subject: [PATCH 29/32] Add possibility to manually skip GPG test --- lemonldap-ng-portal/t/29-AuthGPG.t | 1 + 1 file changed, 1 insertion(+) diff --git a/lemonldap-ng-portal/t/29-AuthGPG.t b/lemonldap-ng-portal/t/29-AuthGPG.t index 7c5097a66..5a27b04c7 100644 --- a/lemonldap-ng-portal/t/29-AuthGPG.t +++ b/lemonldap-ng-portal/t/29-AuthGPG.t @@ -7,6 +7,7 @@ require 't/test-lib.pm'; my $mainTests = 5; SKIP: { + skip "Manual skip of GPG test", $mainTests if ($ENV{LLNG_SKIP_GPG_TEST}); eval "use IPC::Run 'run',"; skip "Missing dependency", $mainTests if ($@); my $gpg = `which gpg`; From 3b6492c985c49a1e050d36bb53b21c083162ea07 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= Date: Thu, 11 Apr 2019 13:13:12 +0200 Subject: [PATCH 30/32] Update Debian changelog for 2.0.3 --- debian/changelog | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/debian/changelog b/debian/changelog index 7c567cf3d..2a95b1a78 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +lemonldap-ng (2.0.3-1) unstable; urgency=medium + + * New release. See changes on our website: + https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng + + -- Clement OUDOT Thu, 11 Apr 2019 12:00:00 +0100 + lemonldap-ng (2.0.2-1) unstable; urgency=medium * New release. See changes on our website: From 651511a646fd26e6560be77f6c38185a8e77af9f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20OUDOT?= Date: Thu, 11 Apr 2019 13:26:25 +0200 Subject: [PATCH 31/32] Add llngDeleteSession script in Debian package --- debian/liblemonldap-ng-manager-perl.install | 1 + 1 file changed, 1 insertion(+) diff --git a/debian/liblemonldap-ng-manager-perl.install b/debian/liblemonldap-ng-manager-perl.install index 3df48ebea..ef352fc69 100644 --- a/debian/liblemonldap-ng-manager-perl.install +++ b/debian/liblemonldap-ng-manager-perl.install @@ -4,3 +4,4 @@ /usr/share/lemonldap-ng/bin/lemonldap-ng-cli /usr/share/lemonldap-ng/manager /usr/share/lemonldap-ng/bin/lmConfigEditor +/usr/share/lemonldap-ng/bin/llngDeleteSession From 999c43b32d93d6e1adea67f1a8f3c5be3a5053a8 Mon Sep 17 00:00:00 2001 From: Christophe Maudoux Date: Thu, 11 Apr 2019 17:43:29 +0200 Subject: [PATCH 32/32] Fix typo (#1709) --- lemonldap-ng-manager/site/templates/viewDiff.tpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lemonldap-ng-manager/site/templates/viewDiff.tpl b/lemonldap-ng-manager/site/templates/viewDiff.tpl index 011637a1b..25a11c305 100644 --- a/lemonldap-ng-manager/site/templates/viewDiff.tpl +++ b/lemonldap-ng-manager/site/templates/viewDiff.tpl @@ -112,7 +112,7 @@