dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Possibility to force session key use to fill NameID (#657)

Browse Source
This commit is contained in:
Clément Oudot 2014-02-10 09:14:06 +00:00
parent 36f79f4e40
commit 2ee3f6d5a6
3 changed files with 22 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_Struct.pm
View File

@ -201,12 +201,14 @@ sub cstruct {
samlSPMetaDataOptionsAuthnResponse => { samlSPMetaDataOptionsAuthnResponse => {
_nodes => [ _nodes => [
qw(samlSPMetaDataOptionsNameIDFormat samlSPMetaDataOptionsOneTimeUse) qw(samlSPMetaDataOptionsNameIDFormat samlSPMetaDataOptionsNameIDSessionKey samlSPMetaDataOptionsOneTimeUse)
], ],
samlSPMetaDataOptionsNameIDFormat => samlSPMetaDataOptionsNameIDFormat =>
"text:/samlSPMetaDataOptions/$k2/samlSPMetaDataOptionsNameIDFormat" "text:/samlSPMetaDataOptions/$k2/samlSPMetaDataOptionsNameIDFormat"
. ":samlSPOptions:nameIdFormatParams", . ":samlSPOptions:nameIdFormatParams",
samlSPMetaDataOptionsNameIDSessionKey =>
"text:/samlSPMetaDataOptions/$k2/samlSPMetaDataOptionsNameIDSessionKey",
samlSPMetaDataOptionsOneTimeUse => samlSPMetaDataOptionsOneTimeUse =>
"bool:/samlSPMetaDataOptions/$k2/samlSPMetaDataOptionsOneTimeUse", "bool:/samlSPMetaDataOptions/$k2/samlSPMetaDataOptionsOneTimeUse",
}, },

17
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_i18n.pm
View File

@ -454,13 +454,14 @@ sub en {
samlSPMetaDataOptionsSecurity => 'Security', samlSPMetaDataOptionsSecurity => 'Security',
samlSPMetaDataOptionsEnableIDPInitiatedURL => samlSPMetaDataOptionsEnableIDPInitiatedURL =>
'Enable use of IDP initiated URL', 'Enable use of IDP initiated URL',
samlServiceMetaData => 'SAML 2 Service', samlSPMetaDataOptionsNameIDSessionKey => 'Force NameID session key',
samlEntityID => 'Entity Identifier', samlServiceMetaData => 'SAML 2 Service',
samlOrganization => 'Organization', samlEntityID => 'Entity Identifier',
samlOrganizationDisplayName => 'Display Name', samlOrganization => 'Organization',
samlOrganizationName => 'Name', samlOrganizationDisplayName => 'Display Name',
samlOrganizationURL => 'URL', samlOrganizationName => 'Name',
samlSPSSODescriptor => 'Service Provider', samlOrganizationURL => 'URL',
samlSPSSODescriptor => 'Service Provider',
samlSPSSODescriptorAuthnRequestsSigned => samlSPSSODescriptorAuthnRequestsSigned =>
'Signed Authentication Request', 'Signed Authentication Request',
samlSPSSODescriptorWantAssertionsSigned => 'Want Assertions Signed', samlSPSSODescriptorWantAssertionsSigned => 'Want Assertions Signed',
@ -941,6 +942,8 @@ sub fr {
samlSPMetaDataOptionsSecurity => 'Sécurité', samlSPMetaDataOptionsSecurity => 'Sécurité',
samlSPMetaDataOptionsEnableIDPInitiatedURL => samlSPMetaDataOptionsEnableIDPInitiatedURL =>
'Enable use of IDP initiated URL', 'Enable use of IDP initiated URL',
samlSPMetaDataOptionsNameIDSessionKey =>
"Forcer la clé de session NameID",
samlServiceMetaData => 'Service SAML 2', samlServiceMetaData => 'Service SAML 2',
samlEntityID => 'Identifiant d\'entité', samlEntityID => 'Identifiant d\'entité',
samlOrganization => 'Organisation', samlOrganization => 'Organisation',

9
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBSAML.pm
View File

@ -1521,6 +1521,15 @@ sub issuerForAuthUser {
my $nameIDSessionKey = my $nameIDSessionKey =
$self->{ $nameIDFormatConfiguration->{$nameIDFormat} }; $self->{ $nameIDFormatConfiguration->{$nameIDFormat} };
# Override default NameID Mapping
if ( $self->{samlSPMetaDataOptions}->{$spConfKey}
->{samlSPMetaDataOptionsNameIDSessionKey} )
{
$nameIDSessionKey =
$self->{samlSPMetaDataOptions}->{$spConfKey}
->{samlSPMetaDataOptionsNameIDSessionKey};
}
my $nameIDContent; my $nameIDContent;
if ( defined $self->{sessionInfo}->{$nameIDSessionKey} ) { if ( defined $self->{sessionInfo}->{$nameIDSessionKey} ) {
$nameIDContent = $nameIDContent =