diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm index ba7db7b6d..7fcd9c495 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm @@ -27,7 +27,7 @@ our $specialNodeKeys = '(?:(?:(?:saml(?:ID|S)|oidc[OR])P|cas(?:App|Srv))MetaData our $casAppMetaDataNodeKeys = 'casAppMetaData(?:Options(?:Servic|Rul)e|ExportedVars)'; our $casSrvMetaDataNodeKeys = 'casSrvMetaData(?:Options(?:ProxiedServices|DisplayName|Gateway|Renew|Icon|Url)|ExportedVars)'; our $oidcOPMetaDataNodeKeys = 'oidcOPMetaData(?:Options(?:C(?:lient(?:Secret|ID)|heckJWTSignature|onfigurationURI)|TokenEndpointAuthMethod|(?:JWKSTimeou|Promp)t|I(?:DTokenMaxAge|con)|S(?:toreIDToken|cope)|U(?:iLocales|seNonce)|Display(?:Name)?|AcrValues|MaxAge)|ExportedVars|J(?:SON|WKS))'; -our $oidcRPMetaDataNodeKeys = 'oidcRPMetaData(?:Options(?:I(?:DToken(?:Expiration|SignAlg)|con)|Logout(?:SessionRequired|Type|Url)|AccessTokenExpiration|R(?:edirectUris|ule)|Client(?:Secret|ID)|BypassConsent|DisplayName|ExtraClaims|UserIDAttr)|ExportedVars)'; +our $oidcRPMetaDataNodeKeys = 'oidcRPMetaData(?:Options(?:(?:PostLogoutRedirectUri|ExtraClaim)s|I(?:DToken(?:Expiration|SignAlg)|con)|Logout(?:SessionRequired|Type|Url)|AccessTokenExpiration|R(?:edirectUris|ule)|Client(?:Secret|ID)|BypassConsent|DisplayName|UserIDAttr)|ExportedVars)'; our $samlIDPMetaDataNodeKeys = 'samlIDPMetaData(?:Options(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|EncryptionMod|IsPassiv)e|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Re(?:questedAuthnContext|solutionRule|layStateURL)|S(?:ignS[LS]OMessage|toreSAMLToken|[LS]OBinding)|Force(?:Authn|UTF8)|NameIDFormat)|ExportedAttributes|XML)'; our $samlSPMetaDataNodeKeys = 'samlSPMetaData(?:Options(?:N(?:ameID(?:SessionKey|Format)|otOnOrAfterTimeout)|S(?:essionNotOnOrAfterTimeout|ignS[LS]OMessage)|(?:CheckS[LS]OMessageSignatur|OneTimeUs|Rul)e|En(?:ableIDPInitiatedURL|cryptionMode)|ForceUTF8)|ExportedAttributes|XML)'; our $virtualHostKeys = '(?:vhost(?:A(?:uthnLevel|liases)|(?:Maintenanc|Typ)e|Https|Port)|(?:exportedHeader|locationRule)s|post)'; diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm index 5d97493b6..a9d66f20d 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm @@ -27,7 +27,7 @@ sub types { BEGIN { ${^WARNING_BITS} = -"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55"; +"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05"; } eval "$s $val"; my $err = join( @@ -651,7 +651,7 @@ sub attributes { BEGIN { ${^WARNING_BITS} = -"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55"; +"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05"; } eval "$s $val"; my $err = join( @@ -1004,7 +1004,7 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0- BEGIN { ${^WARNING_BITS} = -"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55"; +"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05"; } eval $s; my $err = join( @@ -1086,7 +1086,7 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0- BEGIN { ${^WARNING_BITS} = -"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55"; +"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05"; } eval "$s $val"; my $err = join( @@ -1109,7 +1109,7 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0- BEGIN { ${^WARNING_BITS} = -"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55"; +"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05"; } eval "$s $val"; my $err = join( @@ -1432,7 +1432,7 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0- BEGIN { ${^WARNING_BITS} = -"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55"; +"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05"; } eval $s; my $err = join( @@ -1469,7 +1469,7 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0- BEGIN { ${^WARNING_BITS} = -"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55"; +"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05"; } eval "$s $val"; my $err = join( @@ -1807,6 +1807,9 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0- 'oidcRPMetaDataOptionsLogoutUrl' => { 'type' => 'url' }, + 'oidcRPMetaDataOptionsPostLogoutRedirectUris' => { + 'type' => 'text' + }, 'oidcRPMetaDataOptionsRedirectUris' => { 'type' => 'text' }, @@ -1817,7 +1820,7 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0- BEGIN { ${^WARNING_BITS} = -"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55"; +"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05"; } eval "$s $val"; my $err = join( @@ -2150,7 +2153,7 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0- BEGIN { ${^WARNING_BITS} = -"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55"; +"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05"; } eval "$s $val"; my $err = join( @@ -2820,7 +2823,7 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.] BEGIN { ${^WARNING_BITS} = -"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55"; +"\x54\x55\x55\x55\x15\x55\x55\x55\x55\x55\x51\x55\x55\x55\x55\x55\x55\x05"; } eval "$s $val"; my $err = join( diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm index 9931978e8..35ffe9523 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm @@ -2690,6 +2690,7 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: { type => 'keyTextContainer', default => {} }, oidcRPMetaDataOptionsBypassConsent => { type => 'bool', help => 'openidconnectclaims.html', default => 0 }, + oidcRPMetaDataOptionsPostLogoutRedirectUris => { type => 'text', }, oidcRPMetaDataOptionsLogoutUrl => { type => 'url', documentation => 'Logout URL', diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm index acf3b1778..dac9af807 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm @@ -204,6 +204,7 @@ sub cTrees { title => 'logout', form => 'simpleInputContainer', nodes => [ + 'oidcRPMetaDataOptionsPostLogoutRedirectUris', 'oidcRPMetaDataOptionsLogoutUrl', 'oidcRPMetaDataOptionsLogoutType', 'oidcRPMetaDataOptionsLogoutSessionRequired', diff --git a/lemonldap-ng-manager/site/htdocs/static/js/conftree.js b/lemonldap-ng-manager/site/htdocs/static/js/conftree.js index b4875380c..ad12018cc 100644 --- a/lemonldap-ng-manager/site/htdocs/static/js/conftree.js +++ b/lemonldap-ng-manager/site/htdocs/static/js/conftree.js @@ -469,6 +469,11 @@ function templates(tpl,key) { }, { "_nodes" : [ + { + "get" : tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsPostLogoutRedirectUris", + "id" : tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsPostLogoutRedirectUris", + "title" : "oidcRPMetaDataOptionsPostLogoutRedirectUris" + }, { "get" : tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutUrl", "id" : tpl+"s/"+key+"/"+"oidcRPMetaDataOptionsLogoutUrl", diff --git a/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js b/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js index 19484646d..703da0050 100644 --- a/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js +++ b/lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js @@ -1 +1 @@ -function templates(b,c){var d;var a=function(e){return{id:b+"s/"+(d++),title:e,get:b+"s/"+c+"/"+e}};switch(b){case"casAppMetaDataNode":return[{_nodes:[{get:b+"s/"+c+"/casAppMetaDataOptionsService",id:b+"s/"+c+"/casAppMetaDataOptionsService",title:"casAppMetaDataOptionsService"},{get:b+"s/"+c+"/casAppMetaDataOptionsRule",id:b+"s/"+c+"/casAppMetaDataOptionsRule",title:"casAppMetaDataOptionsRule"}],id:"casAppMetaDataOptions",title:"casAppMetaDataOptions"},{cnodes:b+"s/"+c+"/casAppMetaDataExportedVars","default":[{data:"cn",id:b+"s/"+c+"/casAppMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:b+"s/"+c+"/casAppMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:b+"s/"+c+"/casAppMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:b+"s/"+c+"/casAppMetaDataExportedVars",title:"casAppMetaDataExportedVars",type:"keyTextContainer"}];case"casSrvMetaDataNode":return[{_nodes:[{get:b+"s/"+c+"/casSrvMetaDataOptionsUrl",id:b+"s/"+c+"/casSrvMetaDataOptionsUrl",title:"casSrvMetaDataOptionsUrl"},{get:b+"s/"+c+"/casSrvMetaDataOptionsRenew",id:b+"s/"+c+"/casSrvMetaDataOptionsRenew",title:"casSrvMetaDataOptionsRenew",type:"bool"},{get:b+"s/"+c+"/casSrvMetaDataOptionsGateway",id:b+"s/"+c+"/casSrvMetaDataOptionsGateway",title:"casSrvMetaDataOptionsGateway",type:"bool"},{cnodes:b+"s/"+c+"/casSrvMetaDataOptionsProxiedServices",id:b+"s/"+c+"/casSrvMetaDataOptionsProxiedServices",title:"casSrvMetaDataOptionsProxiedServices",type:"keyTextContainer"},{get:b+"s/"+c+"/casSrvMetaDataOptionsDisplayName",id:b+"s/"+c+"/casSrvMetaDataOptionsDisplayName",title:"casSrvMetaDataOptionsDisplayName"},{get:b+"s/"+c+"/casSrvMetaDataOptionsIcon",id:b+"s/"+c+"/casSrvMetaDataOptionsIcon",title:"casSrvMetaDataOptionsIcon"}],id:"casSrvMetaDataOptions",title:"casSrvMetaDataOptions"},{cnodes:b+"s/"+c+"/casSrvMetaDataExportedVars","default":[{data:"cn",id:b+"s/"+c+"/casSrvMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:b+"s/"+c+"/casSrvMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:b+"s/"+c+"/casSrvMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:b+"s/"+c+"/casSrvMetaDataExportedVars",title:"casSrvMetaDataExportedVars",type:"keyTextContainer"}];case"oidcOPMetaDataNode":return[{get:b+"s/"+c+"/oidcOPMetaDataJSON",id:b+"s/"+c+"/oidcOPMetaDataJSON",title:"oidcOPMetaDataJSON",type:"file"},{get:b+"s/"+c+"/oidcOPMetaDataJWKS",id:b+"s/"+c+"/oidcOPMetaDataJWKS",title:"oidcOPMetaDataJWKS",type:"file"},{cnodes:b+"s/"+c+"/oidcOPMetaDataExportedVars","default":[{data:"name",id:b+"s/"+c+"/oidcOPMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"email",id:b+"s/"+c+"/oidcOPMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"family_name",id:b+"s/"+c+"/oidcOPMetaDataExportedVars/sn",title:"sn",type:"keyText"},{data:"sub",id:b+"s/"+c+"/oidcOPMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:b+"s/"+c+"/oidcOPMetaDataExportedVars",title:"oidcOPMetaDataExportedVars",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:b+"s/"+c+"/oidcOPMetaDataOptionsConfigurationURI",id:b+"s/"+c+"/oidcOPMetaDataOptionsConfigurationURI",title:"oidcOPMetaDataOptionsConfigurationURI"},{"default":0,get:b+"s/"+c+"/oidcOPMetaDataOptionsJWKSTimeout",id:b+"s/"+c+"/oidcOPMetaDataOptionsJWKSTimeout",title:"oidcOPMetaDataOptionsJWKSTimeout",type:"int"},{get:b+"s/"+c+"/oidcOPMetaDataOptionsClientID",id:b+"s/"+c+"/oidcOPMetaDataOptionsClientID",title:"oidcOPMetaDataOptionsClientID"},{get:b+"s/"+c+"/oidcOPMetaDataOptionsClientSecret",id:b+"s/"+c+"/oidcOPMetaDataOptionsClientSecret",title:"oidcOPMetaDataOptionsClientSecret",type:"password"},{"default":0,get:b+"s/"+c+"/oidcOPMetaDataOptionsStoreIDToken",id:b+"s/"+c+"/oidcOPMetaDataOptionsStoreIDToken",title:"oidcOPMetaDataOptionsStoreIDToken",type:"bool"}],id:"oidcOPMetaDataOptionsConfiguration",title:"oidcOPMetaDataOptionsConfiguration",type:"simpleInputContainer"},{_nodes:[{"default":"openid profile",get:b+"s/"+c+"/oidcOPMetaDataOptionsScope",id:b+"s/"+c+"/oidcOPMetaDataOptionsScope",title:"oidcOPMetaDataOptionsScope"},{"default":"",get:b+"s/"+c+"/oidcOPMetaDataOptionsDisplay",id:b+"s/"+c+"/oidcOPMetaDataOptionsDisplay",select:[{k:"",v:""},{k:"page",v:"page"},{k:"popup",v:"popup"},{k:"touch",v:"touch"},{k:"wap",v:"wap"}],title:"oidcOPMetaDataOptionsDisplay",type:"select"},{get:b+"s/"+c+"/oidcOPMetaDataOptionsPrompt",id:b+"s/"+c+"/oidcOPMetaDataOptionsPrompt",title:"oidcOPMetaDataOptionsPrompt"},{"default":0,get:b+"s/"+c+"/oidcOPMetaDataOptionsMaxAge",id:b+"s/"+c+"/oidcOPMetaDataOptionsMaxAge",title:"oidcOPMetaDataOptionsMaxAge",type:"int"},{get:b+"s/"+c+"/oidcOPMetaDataOptionsUiLocales",id:b+"s/"+c+"/oidcOPMetaDataOptionsUiLocales",title:"oidcOPMetaDataOptionsUiLocales"},{get:b+"s/"+c+"/oidcOPMetaDataOptionsAcrValues",id:b+"s/"+c+"/oidcOPMetaDataOptionsAcrValues",title:"oidcOPMetaDataOptionsAcrValues"},{"default":"client_secret_post",get:b+"s/"+c+"/oidcOPMetaDataOptionsTokenEndpointAuthMethod",id:b+"s/"+c+"/oidcOPMetaDataOptionsTokenEndpointAuthMethod",select:[{k:"client_secret_post",v:"client_secret_post"},{k:"client_secret_basic",v:"client_secret_basic"}],title:"oidcOPMetaDataOptionsTokenEndpointAuthMethod",type:"select"},{"default":1,get:b+"s/"+c+"/oidcOPMetaDataOptionsCheckJWTSignature",id:b+"s/"+c+"/oidcOPMetaDataOptionsCheckJWTSignature",title:"oidcOPMetaDataOptionsCheckJWTSignature",type:"bool"},{"default":30,get:b+"s/"+c+"/oidcOPMetaDataOptionsIDTokenMaxAge",id:b+"s/"+c+"/oidcOPMetaDataOptionsIDTokenMaxAge",title:"oidcOPMetaDataOptionsIDTokenMaxAge",type:"int"},{"default":1,get:b+"s/"+c+"/oidcOPMetaDataOptionsUseNonce",id:b+"s/"+c+"/oidcOPMetaDataOptionsUseNonce",title:"oidcOPMetaDataOptionsUseNonce",type:"bool"}],id:"oidcOPMetaDataOptionsProtocol",title:"oidcOPMetaDataOptionsProtocol",type:"simpleInputContainer"},{_nodes:[{get:b+"s/"+c+"/oidcOPMetaDataOptionsDisplayName",id:b+"s/"+c+"/oidcOPMetaDataOptionsDisplayName",title:"oidcOPMetaDataOptionsDisplayName"},{get:b+"s/"+c+"/oidcOPMetaDataOptionsIcon",id:b+"s/"+c+"/oidcOPMetaDataOptionsIcon",title:"oidcOPMetaDataOptionsIcon"}],id:"oidcOPMetaDataOptionsDisplayParams",title:"oidcOPMetaDataOptionsDisplayParams",type:"simpleInputContainer"}],id:"oidcOPMetaDataOptions",title:"oidcOPMetaDataOptions"}];case"oidcRPMetaDataNode":return[{cnodes:b+"s/"+c+"/oidcRPMetaDataExportedVars","default":[{data:"mail",id:b+"s/"+c+"/oidcRPMetaDataExportedVars/email",title:"email",type:"keyText"},{data:"sn",id:b+"s/"+c+"/oidcRPMetaDataExportedVars/family_name",title:"family_name",type:"keyText"},{data:"cn",id:b+"s/"+c+"/oidcRPMetaDataExportedVars/name",title:"name",type:"keyText"}],id:b+"s/"+c+"/oidcRPMetaDataExportedVars",title:"oidcRPMetaDataExportedVars",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:b+"s/"+c+"/oidcRPMetaDataOptionsClientID",id:b+"s/"+c+"/oidcRPMetaDataOptionsClientID",title:"oidcRPMetaDataOptionsClientID"},{get:b+"s/"+c+"/oidcRPMetaDataOptionsClientSecret",id:b+"s/"+c+"/oidcRPMetaDataOptionsClientSecret",title:"oidcRPMetaDataOptionsClientSecret",type:"password"}],id:"oidcRPMetaDataOptionsAuthentication",title:"oidcRPMetaDataOptionsAuthentication",type:"simpleInputContainer"},{_nodes:[{get:b+"s/"+c+"/oidcRPMetaDataOptionsDisplayName",id:b+"s/"+c+"/oidcRPMetaDataOptionsDisplayName",title:"oidcRPMetaDataOptionsDisplayName"},{get:b+"s/"+c+"/oidcRPMetaDataOptionsIcon",id:b+"s/"+c+"/oidcRPMetaDataOptionsIcon",title:"oidcRPMetaDataOptionsIcon"}],id:"oidcRPMetaDataOptionsDisplay",title:"oidcRPMetaDataOptionsDisplay",type:"simpleInputContainer"},{get:b+"s/"+c+"/oidcRPMetaDataOptionsUserIDAttr",id:b+"s/"+c+"/oidcRPMetaDataOptionsUserIDAttr",title:"oidcRPMetaDataOptionsUserIDAttr"},{"default":"HS512",get:b+"s/"+c+"/oidcRPMetaDataOptionsIDTokenSignAlg",id:b+"s/"+c+"/oidcRPMetaDataOptionsIDTokenSignAlg",select:[{k:"none",v:"None"},{k:"HS256",v:"HS256"},{k:"HS384",v:"HS384"},{k:"HS512",v:"HS512"},{k:"RS256",v:"RS256"},{k:"RS384",v:"RS384"},{k:"RS512",v:"RS512"}],title:"oidcRPMetaDataOptionsIDTokenSignAlg",type:"select"},{"default":3600,get:b+"s/"+c+"/oidcRPMetaDataOptionsIDTokenExpiration",id:b+"s/"+c+"/oidcRPMetaDataOptionsIDTokenExpiration",title:"oidcRPMetaDataOptionsIDTokenExpiration",type:"int"},{"default":3600,get:b+"s/"+c+"/oidcRPMetaDataOptionsAccessTokenExpiration",id:b+"s/"+c+"/oidcRPMetaDataOptionsAccessTokenExpiration",title:"oidcRPMetaDataOptionsAccessTokenExpiration",type:"int"},{get:b+"s/"+c+"/oidcRPMetaDataOptionsRedirectUris",id:b+"s/"+c+"/oidcRPMetaDataOptionsRedirectUris",title:"oidcRPMetaDataOptionsRedirectUris"},{"default":0,get:b+"s/"+c+"/oidcRPMetaDataOptionsBypassConsent",help:"openidconnectclaims.html",id:b+"s/"+c+"/oidcRPMetaDataOptionsBypassConsent",title:"oidcRPMetaDataOptionsBypassConsent",type:"bool"},{_nodes:[{get:b+"s/"+c+"/oidcRPMetaDataOptionsLogoutUrl",id:b+"s/"+c+"/oidcRPMetaDataOptionsLogoutUrl",title:"oidcRPMetaDataOptionsLogoutUrl"},{"default":"front",get:b+"s/"+c+"/oidcRPMetaDataOptionsLogoutType",id:b+"s/"+c+"/oidcRPMetaDataOptionsLogoutType",select:[{k:"front",v:"Front Channel"},{k:"back",v:"Back Channel"}],title:"oidcRPMetaDataOptionsLogoutType",type:"select"},{get:b+"s/"+c+"/oidcRPMetaDataOptionsLogoutSessionRequired",id:b+"s/"+c+"/oidcRPMetaDataOptionsLogoutSessionRequired",title:"oidcRPMetaDataOptionsLogoutSessionRequired",type:"bool"}],id:"logout",title:"logout",type:"simpleInputContainer"},{get:b+"s/"+c+"/oidcRPMetaDataOptionsRule",id:b+"s/"+c+"/oidcRPMetaDataOptionsRule",title:"oidcRPMetaDataOptionsRule"}],id:"oidcRPMetaDataOptions",title:"oidcRPMetaDataOptions"},{cnodes:b+"s/"+c+"/oidcRPMetaDataOptionsExtraClaims","default":[],id:b+"s/"+c+"/oidcRPMetaDataOptionsExtraClaims",title:"oidcRPMetaDataOptionsExtraClaims",type:"keyTextContainer"}];case"samlIDPMetaDataNode":return[{get:b+"s/"+c+"/samlIDPMetaDataXML",id:b+"s/"+c+"/samlIDPMetaDataXML",title:"samlIDPMetaDataXML",type:"file"},{cnodes:b+"s/"+c+"/samlIDPMetaDataExportedAttributes","default":[],help:"authsaml.html#exported_attributes",id:b+"s/"+c+"/samlIDPMetaDataExportedAttributes",title:"samlIDPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{"default":"",get:b+"s/"+c+"/samlIDPMetaDataOptionsResolutionRule",id:b+"s/"+c+"/samlIDPMetaDataOptionsResolutionRule",title:"samlIDPMetaDataOptionsResolutionRule",type:"longtext"},{"default":"",get:b+"s/"+c+"/samlIDPMetaDataOptionsNameIDFormat",id:b+"s/"+c+"/samlIDPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlIDPMetaDataOptionsNameIDFormat",type:"select"},{"default":0,get:b+"s/"+c+"/samlIDPMetaDataOptionsForceAuthn",id:b+"s/"+c+"/samlIDPMetaDataOptionsForceAuthn",title:"samlIDPMetaDataOptionsForceAuthn",type:"bool"},{"default":0,get:b+"s/"+c+"/samlIDPMetaDataOptionsIsPassive",id:b+"s/"+c+"/samlIDPMetaDataOptionsIsPassive",title:"samlIDPMetaDataOptionsIsPassive",type:"bool"},{"default":0,get:b+"s/"+c+"/samlIDPMetaDataOptionsAllowProxiedAuthn",id:b+"s/"+c+"/samlIDPMetaDataOptionsAllowProxiedAuthn",title:"samlIDPMetaDataOptionsAllowProxiedAuthn",type:"bool"},{"default":0,get:b+"s/"+c+"/samlIDPMetaDataOptionsAllowLoginFromIDP",id:b+"s/"+c+"/samlIDPMetaDataOptionsAllowLoginFromIDP",title:"samlIDPMetaDataOptionsAllowLoginFromIDP",type:"bool"},{"default":"",get:b+"s/"+c+"/samlIDPMetaDataOptionsRequestedAuthnContext",id:b+"s/"+c+"/samlIDPMetaDataOptionsRequestedAuthnContext",select:[{k:"",v:""},{k:"kerberos",v:"Kerberos"},{k:"password-protected-transport",v:"Password protected transport"},{k:"password",v:"Password"},{k:"tls-client",v:"TLS client certificate"}],title:"samlIDPMetaDataOptionsRequestedAuthnContext",type:"select"},{"default":0,get:b+"s/"+c+"/samlIDPMetaDataOptionsRelayStateURL",id:b+"s/"+c+"/samlIDPMetaDataOptionsRelayStateURL",title:"samlIDPMetaDataOptionsRelayStateURL",type:"bool"}],help:"authsaml.html#options",id:"samlIDPMetaDataOptions",title:"samlIDPMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{"default":0,get:b+"s/"+c+"/samlIDPMetaDataOptionsAdaptSessionUtime",id:b+"s/"+c+"/samlIDPMetaDataOptionsAdaptSessionUtime",title:"samlIDPMetaDataOptionsAdaptSessionUtime",type:"bool"},{"default":0,get:b+"s/"+c+"/samlIDPMetaDataOptionsForceUTF8",id:b+"s/"+c+"/samlIDPMetaDataOptionsForceUTF8",title:"samlIDPMetaDataOptionsForceUTF8",type:"bool"},{"default":0,get:b+"s/"+c+"/samlIDPMetaDataOptionsStoreSAMLToken",id:b+"s/"+c+"/samlIDPMetaDataOptionsStoreSAMLToken",title:"samlIDPMetaDataOptionsStoreSAMLToken",type:"bool"}],id:"samlIDPMetaDataOptionsSession",title:"samlIDPMetaDataOptionsSession",type:"simpleInputContainer"},{_nodes:[{"default":-1,get:b+"s/"+c+"/samlIDPMetaDataOptionsSignSSOMessage",id:b+"s/"+c+"/samlIDPMetaDataOptionsSignSSOMessage",title:"samlIDPMetaDataOptionsSignSSOMessage",type:"trool"},{"default":1,get:b+"s/"+c+"/samlIDPMetaDataOptionsCheckSSOMessageSignature",id:b+"s/"+c+"/samlIDPMetaDataOptionsCheckSSOMessageSignature",title:"samlIDPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{"default":-1,get:b+"s/"+c+"/samlIDPMetaDataOptionsSignSLOMessage",id:b+"s/"+c+"/samlIDPMetaDataOptionsSignSLOMessage",title:"samlIDPMetaDataOptionsSignSLOMessage",type:"trool"},{"default":1,get:b+"s/"+c+"/samlIDPMetaDataOptionsCheckSLOMessageSignature",id:b+"s/"+c+"/samlIDPMetaDataOptionsCheckSLOMessageSignature",title:"samlIDPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlIDPMetaDataOptionsSignature",title:"samlIDPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{"default":"",get:b+"s/"+c+"/samlIDPMetaDataOptionsSSOBinding",id:b+"s/"+c+"/samlIDPMetaDataOptionsSSOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"artifact-get",v:"Artifact GET"}],title:"samlIDPMetaDataOptionsSSOBinding",type:"select"},{"default":"",get:b+"s/"+c+"/samlIDPMetaDataOptionsSLOBinding",id:b+"s/"+c+"/samlIDPMetaDataOptionsSLOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"http-soap",v:"SOAP"}],title:"samlIDPMetaDataOptionsSLOBinding",type:"select"}],id:"samlIDPMetaDataOptionsBinding",title:"samlIDPMetaDataOptionsBinding",type:"simpleInputContainer"},{_nodes:[{"default":"none",get:b+"s/"+c+"/samlIDPMetaDataOptionsEncryptionMode",id:b+"s/"+c+"/samlIDPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlIDPMetaDataOptionsEncryptionMode",type:"select"},{"default":1,get:b+"s/"+c+"/samlIDPMetaDataOptionsCheckTime",id:b+"s/"+c+"/samlIDPMetaDataOptionsCheckTime",title:"samlIDPMetaDataOptionsCheckTime",type:"bool"},{"default":1,get:b+"s/"+c+"/samlIDPMetaDataOptionsCheckAudience",id:b+"s/"+c+"/samlIDPMetaDataOptionsCheckAudience",title:"samlIDPMetaDataOptionsCheckAudience",type:"bool"}],id:"samlIDPMetaDataOptionsSecurity",title:"samlIDPMetaDataOptionsSecurity",type:"simpleInputContainer"}];case"samlSPMetaDataNode":return[{get:b+"s/"+c+"/samlSPMetaDataXML",id:b+"s/"+c+"/samlSPMetaDataXML",title:"samlSPMetaDataXML",type:"file"},{cnodes:b+"s/"+c+"/samlSPMetaDataExportedAttributes","default":[],help:"idpsaml.html#exported_attributes",id:b+"s/"+c+"/samlSPMetaDataExportedAttributes",title:"samlSPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{_nodes:[{"default":"",get:b+"s/"+c+"/samlSPMetaDataOptionsNameIDFormat",id:b+"s/"+c+"/samlSPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlSPMetaDataOptionsNameIDFormat",type:"select"},{get:b+"s/"+c+"/samlSPMetaDataOptionsNameIDSessionKey",id:b+"s/"+c+"/samlSPMetaDataOptionsNameIDSessionKey",title:"samlSPMetaDataOptionsNameIDSessionKey"},{"default":0,get:b+"s/"+c+"/samlSPMetaDataOptionsOneTimeUse",id:b+"s/"+c+"/samlSPMetaDataOptionsOneTimeUse",title:"samlSPMetaDataOptionsOneTimeUse",type:"bool"},{"default":72000,get:b+"s/"+c+"/samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",id:b+"s/"+c+"/samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",type:"int"},{"default":72000,get:b+"s/"+c+"/samlSPMetaDataOptionsNotOnOrAfterTimeout",id:b+"s/"+c+"/samlSPMetaDataOptionsNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsNotOnOrAfterTimeout",type:"int"},{"default":1,get:b+"s/"+c+"/samlSPMetaDataOptionsForceUTF8",id:b+"s/"+c+"/samlSPMetaDataOptionsForceUTF8",title:"samlSPMetaDataOptionsForceUTF8",type:"bool"}],id:"samlSPMetaDataOptionsAuthnResponse",title:"samlSPMetaDataOptionsAuthnResponse",type:"simpleInputContainer"},{_nodes:[{"default":-1,get:b+"s/"+c+"/samlSPMetaDataOptionsSignSSOMessage",id:b+"s/"+c+"/samlSPMetaDataOptionsSignSSOMessage",title:"samlSPMetaDataOptionsSignSSOMessage",type:"trool"},{"default":1,get:b+"s/"+c+"/samlSPMetaDataOptionsCheckSSOMessageSignature",id:b+"s/"+c+"/samlSPMetaDataOptionsCheckSSOMessageSignature",title:"samlSPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{"default":-1,get:b+"s/"+c+"/samlSPMetaDataOptionsSignSLOMessage",id:b+"s/"+c+"/samlSPMetaDataOptionsSignSLOMessage",title:"samlSPMetaDataOptionsSignSLOMessage",type:"trool"},{"default":1,get:b+"s/"+c+"/samlSPMetaDataOptionsCheckSLOMessageSignature",id:b+"s/"+c+"/samlSPMetaDataOptionsCheckSLOMessageSignature",title:"samlSPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlSPMetaDataOptionsSignature",title:"samlSPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{"default":"none",get:b+"s/"+c+"/samlSPMetaDataOptionsEncryptionMode",id:b+"s/"+c+"/samlSPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlSPMetaDataOptionsEncryptionMode",type:"select"},{"default":0,get:b+"s/"+c+"/samlSPMetaDataOptionsEnableIDPInitiatedURL",id:b+"s/"+c+"/samlSPMetaDataOptionsEnableIDPInitiatedURL",title:"samlSPMetaDataOptionsEnableIDPInitiatedURL",type:"bool"},{get:b+"s/"+c+"/samlSPMetaDataOptionsRule",id:b+"s/"+c+"/samlSPMetaDataOptionsRule",title:"samlSPMetaDataOptionsRule"}],id:"samlSPMetaDataOptionsSecurity",title:"samlSPMetaDataOptionsSecurity",type:"simpleInputContainer"}],help:"idpsaml.html#options",id:"samlSPMetaDataOptions",title:"samlSPMetaDataOptions"}];case"virtualHost":return[{cnodes:b+"s/"+c+"/locationRules","default":[{data:"deny",id:b+"s/"+c+"/locationRules/default",re:"default",title:"default",type:"rule"}],help:"writingrulesand_headers.html#rules",id:b+"s/"+c+"/locationRules",title:"locationRules",type:"ruleContainer"},{cnodes:b+"s/"+c+"/exportedHeaders",help:"writingrulesand_headers.html#headers",id:b+"s/"+c+"/exportedHeaders",title:"exportedHeaders",type:"keyTextContainer"},{cnodes:b+"s/"+c+"/post",help:"formreplay.html",id:b+"s/"+c+"/post",title:"post",type:"postContainer"},{_nodes:[{"default":-1,get:b+"s/"+c+"/vhostPort",id:b+"s/"+c+"/vhostPort",title:"vhostPort",type:"int"},{"default":-1,get:b+"s/"+c+"/vhostHttps",id:b+"s/"+c+"/vhostHttps",title:"vhostHttps",type:"trool"},{"default":0,get:b+"s/"+c+"/vhostMaintenance",id:b+"s/"+c+"/vhostMaintenance",title:"vhostMaintenance",type:"bool"},{get:b+"s/"+c+"/vhostAliases",id:b+"s/"+c+"/vhostAliases",title:"vhostAliases"},{"default":"Main",get:b+"s/"+c+"/vhostType",id:b+"s/"+c+"/vhostType",select:[{k:"Main",v:"Main"},{k:"Zimbra",v:"ZimbraPreAuth"},{k:"AuthBasic",v:"AuthBasic"},{k:"SecureToken",v:"SecureToken"},{k:"CDA",v:"CDA"},{k:"DevOps",v:"DevOps"},{k:"ServiceToken",v:"ServiceToken"}],title:"vhostType",type:"select"},{get:b+"s/"+c+"/vhostAuthnLevel",id:b+"s/"+c+"/vhostAuthnLevel",title:"vhostAuthnLevel",type:"int"}],help:"configvhost.html#options",id:"vhostOptions",title:"vhostOptions"}];default:return[]}}function setScopeVars(a){a.portal=a.data[0]._nodes[0]._nodes[0];a.getKey(a.portal);a.domain=a.data[0]._nodes[4]._nodes[1];a.getKey(a.domain)}; \ No newline at end of file +function templates(b,c){var d;var a=function(e){return{id:b+"s/"+(d++),title:e,get:b+"s/"+c+"/"+e}};switch(b){case"casAppMetaDataNode":return[{_nodes:[{get:b+"s/"+c+"/casAppMetaDataOptionsService",id:b+"s/"+c+"/casAppMetaDataOptionsService",title:"casAppMetaDataOptionsService"},{get:b+"s/"+c+"/casAppMetaDataOptionsRule",id:b+"s/"+c+"/casAppMetaDataOptionsRule",title:"casAppMetaDataOptionsRule"}],id:"casAppMetaDataOptions",title:"casAppMetaDataOptions"},{cnodes:b+"s/"+c+"/casAppMetaDataExportedVars","default":[{data:"cn",id:b+"s/"+c+"/casAppMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:b+"s/"+c+"/casAppMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:b+"s/"+c+"/casAppMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:b+"s/"+c+"/casAppMetaDataExportedVars",title:"casAppMetaDataExportedVars",type:"keyTextContainer"}];case"casSrvMetaDataNode":return[{_nodes:[{get:b+"s/"+c+"/casSrvMetaDataOptionsUrl",id:b+"s/"+c+"/casSrvMetaDataOptionsUrl",title:"casSrvMetaDataOptionsUrl"},{get:b+"s/"+c+"/casSrvMetaDataOptionsRenew",id:b+"s/"+c+"/casSrvMetaDataOptionsRenew",title:"casSrvMetaDataOptionsRenew",type:"bool"},{get:b+"s/"+c+"/casSrvMetaDataOptionsGateway",id:b+"s/"+c+"/casSrvMetaDataOptionsGateway",title:"casSrvMetaDataOptionsGateway",type:"bool"},{cnodes:b+"s/"+c+"/casSrvMetaDataOptionsProxiedServices",id:b+"s/"+c+"/casSrvMetaDataOptionsProxiedServices",title:"casSrvMetaDataOptionsProxiedServices",type:"keyTextContainer"},{get:b+"s/"+c+"/casSrvMetaDataOptionsDisplayName",id:b+"s/"+c+"/casSrvMetaDataOptionsDisplayName",title:"casSrvMetaDataOptionsDisplayName"},{get:b+"s/"+c+"/casSrvMetaDataOptionsIcon",id:b+"s/"+c+"/casSrvMetaDataOptionsIcon",title:"casSrvMetaDataOptionsIcon"}],id:"casSrvMetaDataOptions",title:"casSrvMetaDataOptions"},{cnodes:b+"s/"+c+"/casSrvMetaDataExportedVars","default":[{data:"cn",id:b+"s/"+c+"/casSrvMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"mail",id:b+"s/"+c+"/casSrvMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"uid",id:b+"s/"+c+"/casSrvMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:b+"s/"+c+"/casSrvMetaDataExportedVars",title:"casSrvMetaDataExportedVars",type:"keyTextContainer"}];case"oidcOPMetaDataNode":return[{get:b+"s/"+c+"/oidcOPMetaDataJSON",id:b+"s/"+c+"/oidcOPMetaDataJSON",title:"oidcOPMetaDataJSON",type:"file"},{get:b+"s/"+c+"/oidcOPMetaDataJWKS",id:b+"s/"+c+"/oidcOPMetaDataJWKS",title:"oidcOPMetaDataJWKS",type:"file"},{cnodes:b+"s/"+c+"/oidcOPMetaDataExportedVars","default":[{data:"name",id:b+"s/"+c+"/oidcOPMetaDataExportedVars/cn",title:"cn",type:"keyText"},{data:"email",id:b+"s/"+c+"/oidcOPMetaDataExportedVars/mail",title:"mail",type:"keyText"},{data:"family_name",id:b+"s/"+c+"/oidcOPMetaDataExportedVars/sn",title:"sn",type:"keyText"},{data:"sub",id:b+"s/"+c+"/oidcOPMetaDataExportedVars/uid",title:"uid",type:"keyText"}],id:b+"s/"+c+"/oidcOPMetaDataExportedVars",title:"oidcOPMetaDataExportedVars",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:b+"s/"+c+"/oidcOPMetaDataOptionsConfigurationURI",id:b+"s/"+c+"/oidcOPMetaDataOptionsConfigurationURI",title:"oidcOPMetaDataOptionsConfigurationURI"},{"default":0,get:b+"s/"+c+"/oidcOPMetaDataOptionsJWKSTimeout",id:b+"s/"+c+"/oidcOPMetaDataOptionsJWKSTimeout",title:"oidcOPMetaDataOptionsJWKSTimeout",type:"int"},{get:b+"s/"+c+"/oidcOPMetaDataOptionsClientID",id:b+"s/"+c+"/oidcOPMetaDataOptionsClientID",title:"oidcOPMetaDataOptionsClientID"},{get:b+"s/"+c+"/oidcOPMetaDataOptionsClientSecret",id:b+"s/"+c+"/oidcOPMetaDataOptionsClientSecret",title:"oidcOPMetaDataOptionsClientSecret",type:"password"},{"default":0,get:b+"s/"+c+"/oidcOPMetaDataOptionsStoreIDToken",id:b+"s/"+c+"/oidcOPMetaDataOptionsStoreIDToken",title:"oidcOPMetaDataOptionsStoreIDToken",type:"bool"}],id:"oidcOPMetaDataOptionsConfiguration",title:"oidcOPMetaDataOptionsConfiguration",type:"simpleInputContainer"},{_nodes:[{"default":"openid profile",get:b+"s/"+c+"/oidcOPMetaDataOptionsScope",id:b+"s/"+c+"/oidcOPMetaDataOptionsScope",title:"oidcOPMetaDataOptionsScope"},{"default":"",get:b+"s/"+c+"/oidcOPMetaDataOptionsDisplay",id:b+"s/"+c+"/oidcOPMetaDataOptionsDisplay",select:[{k:"",v:""},{k:"page",v:"page"},{k:"popup",v:"popup"},{k:"touch",v:"touch"},{k:"wap",v:"wap"}],title:"oidcOPMetaDataOptionsDisplay",type:"select"},{get:b+"s/"+c+"/oidcOPMetaDataOptionsPrompt",id:b+"s/"+c+"/oidcOPMetaDataOptionsPrompt",title:"oidcOPMetaDataOptionsPrompt"},{"default":0,get:b+"s/"+c+"/oidcOPMetaDataOptionsMaxAge",id:b+"s/"+c+"/oidcOPMetaDataOptionsMaxAge",title:"oidcOPMetaDataOptionsMaxAge",type:"int"},{get:b+"s/"+c+"/oidcOPMetaDataOptionsUiLocales",id:b+"s/"+c+"/oidcOPMetaDataOptionsUiLocales",title:"oidcOPMetaDataOptionsUiLocales"},{get:b+"s/"+c+"/oidcOPMetaDataOptionsAcrValues",id:b+"s/"+c+"/oidcOPMetaDataOptionsAcrValues",title:"oidcOPMetaDataOptionsAcrValues"},{"default":"client_secret_post",get:b+"s/"+c+"/oidcOPMetaDataOptionsTokenEndpointAuthMethod",id:b+"s/"+c+"/oidcOPMetaDataOptionsTokenEndpointAuthMethod",select:[{k:"client_secret_post",v:"client_secret_post"},{k:"client_secret_basic",v:"client_secret_basic"}],title:"oidcOPMetaDataOptionsTokenEndpointAuthMethod",type:"select"},{"default":1,get:b+"s/"+c+"/oidcOPMetaDataOptionsCheckJWTSignature",id:b+"s/"+c+"/oidcOPMetaDataOptionsCheckJWTSignature",title:"oidcOPMetaDataOptionsCheckJWTSignature",type:"bool"},{"default":30,get:b+"s/"+c+"/oidcOPMetaDataOptionsIDTokenMaxAge",id:b+"s/"+c+"/oidcOPMetaDataOptionsIDTokenMaxAge",title:"oidcOPMetaDataOptionsIDTokenMaxAge",type:"int"},{"default":1,get:b+"s/"+c+"/oidcOPMetaDataOptionsUseNonce",id:b+"s/"+c+"/oidcOPMetaDataOptionsUseNonce",title:"oidcOPMetaDataOptionsUseNonce",type:"bool"}],id:"oidcOPMetaDataOptionsProtocol",title:"oidcOPMetaDataOptionsProtocol",type:"simpleInputContainer"},{_nodes:[{get:b+"s/"+c+"/oidcOPMetaDataOptionsDisplayName",id:b+"s/"+c+"/oidcOPMetaDataOptionsDisplayName",title:"oidcOPMetaDataOptionsDisplayName"},{get:b+"s/"+c+"/oidcOPMetaDataOptionsIcon",id:b+"s/"+c+"/oidcOPMetaDataOptionsIcon",title:"oidcOPMetaDataOptionsIcon"}],id:"oidcOPMetaDataOptionsDisplayParams",title:"oidcOPMetaDataOptionsDisplayParams",type:"simpleInputContainer"}],id:"oidcOPMetaDataOptions",title:"oidcOPMetaDataOptions"}];case"oidcRPMetaDataNode":return[{cnodes:b+"s/"+c+"/oidcRPMetaDataExportedVars","default":[{data:"mail",id:b+"s/"+c+"/oidcRPMetaDataExportedVars/email",title:"email",type:"keyText"},{data:"sn",id:b+"s/"+c+"/oidcRPMetaDataExportedVars/family_name",title:"family_name",type:"keyText"},{data:"cn",id:b+"s/"+c+"/oidcRPMetaDataExportedVars/name",title:"name",type:"keyText"}],id:b+"s/"+c+"/oidcRPMetaDataExportedVars",title:"oidcRPMetaDataExportedVars",type:"keyTextContainer"},{_nodes:[{_nodes:[{get:b+"s/"+c+"/oidcRPMetaDataOptionsClientID",id:b+"s/"+c+"/oidcRPMetaDataOptionsClientID",title:"oidcRPMetaDataOptionsClientID"},{get:b+"s/"+c+"/oidcRPMetaDataOptionsClientSecret",id:b+"s/"+c+"/oidcRPMetaDataOptionsClientSecret",title:"oidcRPMetaDataOptionsClientSecret",type:"password"}],id:"oidcRPMetaDataOptionsAuthentication",title:"oidcRPMetaDataOptionsAuthentication",type:"simpleInputContainer"},{_nodes:[{get:b+"s/"+c+"/oidcRPMetaDataOptionsDisplayName",id:b+"s/"+c+"/oidcRPMetaDataOptionsDisplayName",title:"oidcRPMetaDataOptionsDisplayName"},{get:b+"s/"+c+"/oidcRPMetaDataOptionsIcon",id:b+"s/"+c+"/oidcRPMetaDataOptionsIcon",title:"oidcRPMetaDataOptionsIcon"}],id:"oidcRPMetaDataOptionsDisplay",title:"oidcRPMetaDataOptionsDisplay",type:"simpleInputContainer"},{get:b+"s/"+c+"/oidcRPMetaDataOptionsUserIDAttr",id:b+"s/"+c+"/oidcRPMetaDataOptionsUserIDAttr",title:"oidcRPMetaDataOptionsUserIDAttr"},{"default":"HS512",get:b+"s/"+c+"/oidcRPMetaDataOptionsIDTokenSignAlg",id:b+"s/"+c+"/oidcRPMetaDataOptionsIDTokenSignAlg",select:[{k:"none",v:"None"},{k:"HS256",v:"HS256"},{k:"HS384",v:"HS384"},{k:"HS512",v:"HS512"},{k:"RS256",v:"RS256"},{k:"RS384",v:"RS384"},{k:"RS512",v:"RS512"}],title:"oidcRPMetaDataOptionsIDTokenSignAlg",type:"select"},{"default":3600,get:b+"s/"+c+"/oidcRPMetaDataOptionsIDTokenExpiration",id:b+"s/"+c+"/oidcRPMetaDataOptionsIDTokenExpiration",title:"oidcRPMetaDataOptionsIDTokenExpiration",type:"int"},{"default":3600,get:b+"s/"+c+"/oidcRPMetaDataOptionsAccessTokenExpiration",id:b+"s/"+c+"/oidcRPMetaDataOptionsAccessTokenExpiration",title:"oidcRPMetaDataOptionsAccessTokenExpiration",type:"int"},{get:b+"s/"+c+"/oidcRPMetaDataOptionsRedirectUris",id:b+"s/"+c+"/oidcRPMetaDataOptionsRedirectUris",title:"oidcRPMetaDataOptionsRedirectUris"},{"default":0,get:b+"s/"+c+"/oidcRPMetaDataOptionsBypassConsent",help:"openidconnectclaims.html",id:b+"s/"+c+"/oidcRPMetaDataOptionsBypassConsent",title:"oidcRPMetaDataOptionsBypassConsent",type:"bool"},{_nodes:[{get:b+"s/"+c+"/oidcRPMetaDataOptionsPostLogoutRedirectUris",id:b+"s/"+c+"/oidcRPMetaDataOptionsPostLogoutRedirectUris",title:"oidcRPMetaDataOptionsPostLogoutRedirectUris"},{get:b+"s/"+c+"/oidcRPMetaDataOptionsLogoutUrl",id:b+"s/"+c+"/oidcRPMetaDataOptionsLogoutUrl",title:"oidcRPMetaDataOptionsLogoutUrl"},{"default":"front",get:b+"s/"+c+"/oidcRPMetaDataOptionsLogoutType",id:b+"s/"+c+"/oidcRPMetaDataOptionsLogoutType",select:[{k:"front",v:"Front Channel"},{k:"back",v:"Back Channel"}],title:"oidcRPMetaDataOptionsLogoutType",type:"select"},{get:b+"s/"+c+"/oidcRPMetaDataOptionsLogoutSessionRequired",id:b+"s/"+c+"/oidcRPMetaDataOptionsLogoutSessionRequired",title:"oidcRPMetaDataOptionsLogoutSessionRequired",type:"bool"}],id:"logout",title:"logout",type:"simpleInputContainer"},{get:b+"s/"+c+"/oidcRPMetaDataOptionsRule",id:b+"s/"+c+"/oidcRPMetaDataOptionsRule",title:"oidcRPMetaDataOptionsRule"}],id:"oidcRPMetaDataOptions",title:"oidcRPMetaDataOptions"},{cnodes:b+"s/"+c+"/oidcRPMetaDataOptionsExtraClaims","default":[],id:b+"s/"+c+"/oidcRPMetaDataOptionsExtraClaims",title:"oidcRPMetaDataOptionsExtraClaims",type:"keyTextContainer"}];case"samlIDPMetaDataNode":return[{get:b+"s/"+c+"/samlIDPMetaDataXML",id:b+"s/"+c+"/samlIDPMetaDataXML",title:"samlIDPMetaDataXML",type:"file"},{cnodes:b+"s/"+c+"/samlIDPMetaDataExportedAttributes","default":[],help:"authsaml.html#exported_attributes",id:b+"s/"+c+"/samlIDPMetaDataExportedAttributes",title:"samlIDPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{"default":"",get:b+"s/"+c+"/samlIDPMetaDataOptionsResolutionRule",id:b+"s/"+c+"/samlIDPMetaDataOptionsResolutionRule",title:"samlIDPMetaDataOptionsResolutionRule",type:"longtext"},{"default":"",get:b+"s/"+c+"/samlIDPMetaDataOptionsNameIDFormat",id:b+"s/"+c+"/samlIDPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlIDPMetaDataOptionsNameIDFormat",type:"select"},{"default":0,get:b+"s/"+c+"/samlIDPMetaDataOptionsForceAuthn",id:b+"s/"+c+"/samlIDPMetaDataOptionsForceAuthn",title:"samlIDPMetaDataOptionsForceAuthn",type:"bool"},{"default":0,get:b+"s/"+c+"/samlIDPMetaDataOptionsIsPassive",id:b+"s/"+c+"/samlIDPMetaDataOptionsIsPassive",title:"samlIDPMetaDataOptionsIsPassive",type:"bool"},{"default":0,get:b+"s/"+c+"/samlIDPMetaDataOptionsAllowProxiedAuthn",id:b+"s/"+c+"/samlIDPMetaDataOptionsAllowProxiedAuthn",title:"samlIDPMetaDataOptionsAllowProxiedAuthn",type:"bool"},{"default":0,get:b+"s/"+c+"/samlIDPMetaDataOptionsAllowLoginFromIDP",id:b+"s/"+c+"/samlIDPMetaDataOptionsAllowLoginFromIDP",title:"samlIDPMetaDataOptionsAllowLoginFromIDP",type:"bool"},{"default":"",get:b+"s/"+c+"/samlIDPMetaDataOptionsRequestedAuthnContext",id:b+"s/"+c+"/samlIDPMetaDataOptionsRequestedAuthnContext",select:[{k:"",v:""},{k:"kerberos",v:"Kerberos"},{k:"password-protected-transport",v:"Password protected transport"},{k:"password",v:"Password"},{k:"tls-client",v:"TLS client certificate"}],title:"samlIDPMetaDataOptionsRequestedAuthnContext",type:"select"},{"default":0,get:b+"s/"+c+"/samlIDPMetaDataOptionsRelayStateURL",id:b+"s/"+c+"/samlIDPMetaDataOptionsRelayStateURL",title:"samlIDPMetaDataOptionsRelayStateURL",type:"bool"}],help:"authsaml.html#options",id:"samlIDPMetaDataOptions",title:"samlIDPMetaDataOptions",type:"simpleInputContainer"},{_nodes:[{"default":0,get:b+"s/"+c+"/samlIDPMetaDataOptionsAdaptSessionUtime",id:b+"s/"+c+"/samlIDPMetaDataOptionsAdaptSessionUtime",title:"samlIDPMetaDataOptionsAdaptSessionUtime",type:"bool"},{"default":0,get:b+"s/"+c+"/samlIDPMetaDataOptionsForceUTF8",id:b+"s/"+c+"/samlIDPMetaDataOptionsForceUTF8",title:"samlIDPMetaDataOptionsForceUTF8",type:"bool"},{"default":0,get:b+"s/"+c+"/samlIDPMetaDataOptionsStoreSAMLToken",id:b+"s/"+c+"/samlIDPMetaDataOptionsStoreSAMLToken",title:"samlIDPMetaDataOptionsStoreSAMLToken",type:"bool"}],id:"samlIDPMetaDataOptionsSession",title:"samlIDPMetaDataOptionsSession",type:"simpleInputContainer"},{_nodes:[{"default":-1,get:b+"s/"+c+"/samlIDPMetaDataOptionsSignSSOMessage",id:b+"s/"+c+"/samlIDPMetaDataOptionsSignSSOMessage",title:"samlIDPMetaDataOptionsSignSSOMessage",type:"trool"},{"default":1,get:b+"s/"+c+"/samlIDPMetaDataOptionsCheckSSOMessageSignature",id:b+"s/"+c+"/samlIDPMetaDataOptionsCheckSSOMessageSignature",title:"samlIDPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{"default":-1,get:b+"s/"+c+"/samlIDPMetaDataOptionsSignSLOMessage",id:b+"s/"+c+"/samlIDPMetaDataOptionsSignSLOMessage",title:"samlIDPMetaDataOptionsSignSLOMessage",type:"trool"},{"default":1,get:b+"s/"+c+"/samlIDPMetaDataOptionsCheckSLOMessageSignature",id:b+"s/"+c+"/samlIDPMetaDataOptionsCheckSLOMessageSignature",title:"samlIDPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlIDPMetaDataOptionsSignature",title:"samlIDPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{"default":"",get:b+"s/"+c+"/samlIDPMetaDataOptionsSSOBinding",id:b+"s/"+c+"/samlIDPMetaDataOptionsSSOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"artifact-get",v:"Artifact GET"}],title:"samlIDPMetaDataOptionsSSOBinding",type:"select"},{"default":"",get:b+"s/"+c+"/samlIDPMetaDataOptionsSLOBinding",id:b+"s/"+c+"/samlIDPMetaDataOptionsSLOBinding",select:[{k:"",v:""},{k:"http-post",v:"POST"},{k:"http-redirect",v:"Redirect"},{k:"http-soap",v:"SOAP"}],title:"samlIDPMetaDataOptionsSLOBinding",type:"select"}],id:"samlIDPMetaDataOptionsBinding",title:"samlIDPMetaDataOptionsBinding",type:"simpleInputContainer"},{_nodes:[{"default":"none",get:b+"s/"+c+"/samlIDPMetaDataOptionsEncryptionMode",id:b+"s/"+c+"/samlIDPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlIDPMetaDataOptionsEncryptionMode",type:"select"},{"default":1,get:b+"s/"+c+"/samlIDPMetaDataOptionsCheckTime",id:b+"s/"+c+"/samlIDPMetaDataOptionsCheckTime",title:"samlIDPMetaDataOptionsCheckTime",type:"bool"},{"default":1,get:b+"s/"+c+"/samlIDPMetaDataOptionsCheckAudience",id:b+"s/"+c+"/samlIDPMetaDataOptionsCheckAudience",title:"samlIDPMetaDataOptionsCheckAudience",type:"bool"}],id:"samlIDPMetaDataOptionsSecurity",title:"samlIDPMetaDataOptionsSecurity",type:"simpleInputContainer"}];case"samlSPMetaDataNode":return[{get:b+"s/"+c+"/samlSPMetaDataXML",id:b+"s/"+c+"/samlSPMetaDataXML",title:"samlSPMetaDataXML",type:"file"},{cnodes:b+"s/"+c+"/samlSPMetaDataExportedAttributes","default":[],help:"idpsaml.html#exported_attributes",id:b+"s/"+c+"/samlSPMetaDataExportedAttributes",title:"samlSPMetaDataExportedAttributes",type:"samlAttributeContainer"},{_nodes:[{_nodes:[{"default":"",get:b+"s/"+c+"/samlSPMetaDataOptionsNameIDFormat",id:b+"s/"+c+"/samlSPMetaDataOptionsNameIDFormat",select:[{k:"",v:""},{k:"unspecified",v:"Unspecified"},{k:"email",v:"Email"},{k:"x509",v:"X509 certificate"},{k:"windows",v:"Windows"},{k:"kerberos",v:"Kerberos"},{k:"entity",v:"Entity"},{k:"persistent",v:"Persistent"},{k:"transient",v:"Transient"},{k:"encrypted",v:"Encrypted"}],title:"samlSPMetaDataOptionsNameIDFormat",type:"select"},{get:b+"s/"+c+"/samlSPMetaDataOptionsNameIDSessionKey",id:b+"s/"+c+"/samlSPMetaDataOptionsNameIDSessionKey",title:"samlSPMetaDataOptionsNameIDSessionKey"},{"default":0,get:b+"s/"+c+"/samlSPMetaDataOptionsOneTimeUse",id:b+"s/"+c+"/samlSPMetaDataOptionsOneTimeUse",title:"samlSPMetaDataOptionsOneTimeUse",type:"bool"},{"default":72000,get:b+"s/"+c+"/samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",id:b+"s/"+c+"/samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsSessionNotOnOrAfterTimeout",type:"int"},{"default":72000,get:b+"s/"+c+"/samlSPMetaDataOptionsNotOnOrAfterTimeout",id:b+"s/"+c+"/samlSPMetaDataOptionsNotOnOrAfterTimeout",title:"samlSPMetaDataOptionsNotOnOrAfterTimeout",type:"int"},{"default":1,get:b+"s/"+c+"/samlSPMetaDataOptionsForceUTF8",id:b+"s/"+c+"/samlSPMetaDataOptionsForceUTF8",title:"samlSPMetaDataOptionsForceUTF8",type:"bool"}],id:"samlSPMetaDataOptionsAuthnResponse",title:"samlSPMetaDataOptionsAuthnResponse",type:"simpleInputContainer"},{_nodes:[{"default":-1,get:b+"s/"+c+"/samlSPMetaDataOptionsSignSSOMessage",id:b+"s/"+c+"/samlSPMetaDataOptionsSignSSOMessage",title:"samlSPMetaDataOptionsSignSSOMessage",type:"trool"},{"default":1,get:b+"s/"+c+"/samlSPMetaDataOptionsCheckSSOMessageSignature",id:b+"s/"+c+"/samlSPMetaDataOptionsCheckSSOMessageSignature",title:"samlSPMetaDataOptionsCheckSSOMessageSignature",type:"bool"},{"default":-1,get:b+"s/"+c+"/samlSPMetaDataOptionsSignSLOMessage",id:b+"s/"+c+"/samlSPMetaDataOptionsSignSLOMessage",title:"samlSPMetaDataOptionsSignSLOMessage",type:"trool"},{"default":1,get:b+"s/"+c+"/samlSPMetaDataOptionsCheckSLOMessageSignature",id:b+"s/"+c+"/samlSPMetaDataOptionsCheckSLOMessageSignature",title:"samlSPMetaDataOptionsCheckSLOMessageSignature",type:"bool"}],id:"samlSPMetaDataOptionsSignature",title:"samlSPMetaDataOptionsSignature",type:"simpleInputContainer"},{_nodes:[{"default":"none",get:b+"s/"+c+"/samlSPMetaDataOptionsEncryptionMode",id:b+"s/"+c+"/samlSPMetaDataOptionsEncryptionMode",select:[{k:"none",v:"None"},{k:"nameid",v:"Name ID"},{k:"assertion",v:"Assertion"}],title:"samlSPMetaDataOptionsEncryptionMode",type:"select"},{"default":0,get:b+"s/"+c+"/samlSPMetaDataOptionsEnableIDPInitiatedURL",id:b+"s/"+c+"/samlSPMetaDataOptionsEnableIDPInitiatedURL",title:"samlSPMetaDataOptionsEnableIDPInitiatedURL",type:"bool"},{get:b+"s/"+c+"/samlSPMetaDataOptionsRule",id:b+"s/"+c+"/samlSPMetaDataOptionsRule",title:"samlSPMetaDataOptionsRule"}],id:"samlSPMetaDataOptionsSecurity",title:"samlSPMetaDataOptionsSecurity",type:"simpleInputContainer"}],help:"idpsaml.html#options",id:"samlSPMetaDataOptions",title:"samlSPMetaDataOptions"}];case"virtualHost":return[{cnodes:b+"s/"+c+"/locationRules","default":[{data:"deny",id:b+"s/"+c+"/locationRules/default",re:"default",title:"default",type:"rule"}],help:"writingrulesand_headers.html#rules",id:b+"s/"+c+"/locationRules",title:"locationRules",type:"ruleContainer"},{cnodes:b+"s/"+c+"/exportedHeaders",help:"writingrulesand_headers.html#headers",id:b+"s/"+c+"/exportedHeaders",title:"exportedHeaders",type:"keyTextContainer"},{cnodes:b+"s/"+c+"/post",help:"formreplay.html",id:b+"s/"+c+"/post",title:"post",type:"postContainer"},{_nodes:[{"default":-1,get:b+"s/"+c+"/vhostPort",id:b+"s/"+c+"/vhostPort",title:"vhostPort",type:"int"},{"default":-1,get:b+"s/"+c+"/vhostHttps",id:b+"s/"+c+"/vhostHttps",title:"vhostHttps",type:"trool"},{"default":0,get:b+"s/"+c+"/vhostMaintenance",id:b+"s/"+c+"/vhostMaintenance",title:"vhostMaintenance",type:"bool"},{get:b+"s/"+c+"/vhostAliases",id:b+"s/"+c+"/vhostAliases",title:"vhostAliases"},{"default":"Main",get:b+"s/"+c+"/vhostType",id:b+"s/"+c+"/vhostType",select:[{k:"Main",v:"Main"},{k:"Zimbra",v:"ZimbraPreAuth"},{k:"AuthBasic",v:"AuthBasic"},{k:"SecureToken",v:"SecureToken"},{k:"CDA",v:"CDA"},{k:"DevOps",v:"DevOps"},{k:"ServiceToken",v:"ServiceToken"}],title:"vhostType",type:"select"},{get:b+"s/"+c+"/vhostAuthnLevel",id:b+"s/"+c+"/vhostAuthnLevel",title:"vhostAuthnLevel",type:"int"}],help:"configvhost.html#options",id:"vhostOptions",title:"vhostOptions"}];default:return[]}}function setScopeVars(a){a.portal=a.data[0]._nodes[0]._nodes[0];a.getKey(a.portal);a.domain=a.data[0]._nodes[4]._nodes[1];a.getKey(a.domain)}; \ No newline at end of file diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/en.json b/lemonldap-ng-manager/site/htdocs/static/languages/en.json index da0789f58..ae312ffc4 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/en.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/en.json @@ -499,7 +499,8 @@ "oidcOPMetaDataOptionsAcrValues": "ACR values", "oidcOPMetaDataOptionsIDTokenMaxAge": "ID Token max age", "oidcOPMetaDataOptionsUseNonce": "Use nonce", -"oidcRPMetaDataOptionsRedirectUris": "Redirection addresses", +"oidcRPMetaDataOptionsRedirectUris": "Allowed redirection addresses for login", +"oidcRPMetaDataOptionsPostLogoutRedirectUris": "Allowed redirection addresses for logout", "oidcRPMetaDataOptionsExtraClaims": "Extra claims", "oidcServiceMetaDataIssuer": "Issuer identifier", "oidcServiceMetaDataTokenURI": "Token", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json index e5865bed4..7e097b943 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/fr.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/fr.json @@ -499,7 +499,8 @@ "oidcOPMetaDataOptionsAcrValues": "Valeurs ACR", "oidcOPMetaDataOptionsIDTokenMaxAge": "Âge maximum du jeton ID", "oidcOPMetaDataOptionsUseNonce": "Utilisation du nonce", -"oidcRPMetaDataOptionsRedirectUris": "Adresses de redirection", +"oidcRPMetaDataOptionsRedirectUris": "Adresses de redirection autorisées pour la connexion", +"oidcRPMetaDataOptionsPostLogoutRedirectUris": "Adresses de redirection autorisées pour la déconnexion", "oidcRPMetaDataOptionsExtraClaims": "Déclarations (scopes/claims)", "oidcServiceMetaDataIssuer": "Identifiant du fournisseur", "oidcServiceMetaDataTokenURI": "Jeton", diff --git a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json index 1a3a3697e..150343454 100644 --- a/lemonldap-ng-manager/site/htdocs/static/languages/vi.json +++ b/lemonldap-ng-manager/site/htdocs/static/languages/vi.json @@ -499,7 +499,8 @@ "oidcOPMetaDataOptionsAcrValues": "Giá trị ACR", "oidcOPMetaDataOptionsIDTokenMaxAge": "Thời hạn ID Token", "oidcOPMetaDataOptionsUseNonce": "Sử dụng nonce", -"oidcRPMetaDataOptionsRedirectUris": "Chuyển hướng địa chỉ", +"oidcRPMetaDataOptionsRedirectUris": "Allowed redirection addresses for login", +"oidcRPMetaDataOptionsPostLogoutRedirectUris": "Allowed redirection addresses for logout", "oidcRPMetaDataOptionsExtraClaims": "Xác nhận bổ sung", "oidcServiceMetaDataIssuer": "Định danh Người phát hành", "oidcServiceMetaDataTokenURI": "Token", diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm index 64fbac633..998ec81b1 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm @@ -156,7 +156,8 @@ sub run { "Override $_ OIDC param by value present in request parameter" ); $oidc_request->{$_} = $request->{$_}; - $self->p->setHiddenFormValue( $req, $_, $request->{$_}, '' ); + $self->p->setHiddenFormValue( $req, $_, $request->{$_}, + '' ); } } @@ -794,6 +795,30 @@ qq'

The application $display_name would li if ($post_logout_redirect_uri) { + # Check redirect URI is allowed + my $redirect_uri_allowed = 0; + foreach ( keys %{ $self->conf->{oidcRPMetaDataOptions} } ) { + my $logout_rp = $_; + my $redirect_uris = + $self->conf->{oidcRPMetaDataOptions}->{$logout_rp} + ->{oidcRPMetaDataOptionsPostLogoutRedirectUris}; + + foreach ( split( /\s+/, $redirect_uris ) ) { + if ( $post_logout_redirect_uri eq $_ ) { + $self->logger->debug( +"$post_logout_redirect_uri is an allowed logout redirect URI for RP $logout_rp" + ); + $redirect_uri_allowed = 1; + } + } + } + + unless ($redirect_uri_allowed) { + $self->logger->error( + "$post_logout_redirect_uri is not allowed"); + return PE_BADURL; + } + # Build Response my $response_url = $self->buildLogoutResponse( $post_logout_redirect_uri, @@ -1168,6 +1193,29 @@ sub endSessionDone { if ($post_logout_redirect_uri) { + # Check redirect URI is allowed + my $redirect_uri_allowed = 0; + foreach ( keys %{ $self->conf->{oidcRPMetaDataOptions} } ) { + my $logout_rp = $_; + my $redirect_uris = + $self->conf->{oidcRPMetaDataOptions}->{$logout_rp} + ->{oidcRPMetaDataOptionsPostLogoutRedirectUris}; + + foreach ( split( /\s+/, $redirect_uris ) ) { + if ( $post_logout_redirect_uri eq $_ ) { + $self->logger->debug( +"$post_logout_redirect_uri is an allowed logout redirect URI for RP $logout_rp" + ); + $redirect_uri_allowed = 1; + } + } + } + + unless ($redirect_uri_allowed) { + $self->logger->error("$post_logout_redirect_uri is not allowed"); + return $self->p->login($req); + } + # Build Response my $response_url = $self->buildLogoutResponse( $post_logout_redirect_uri, $state ); diff --git a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code.t b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code.t index 4fe22d65f..82b5b5bed 100644 --- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code.t +++ b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code.t @@ -295,7 +295,8 @@ sub op { oidcRPMetaDataOptionsBypassConsent => 0, oidcRPMetaDataOptionsClientSecret => "rpsecret", oidcRPMetaDataOptionsUserIDAttr => "", - oidcRPMetaDataOptionsAccessTokenExpiration => 3600 + oidcRPMetaDataOptionsAccessTokenExpiration => 3600, + oidcRPMetaDataOptionsPostLogoutRedirectUris => "http://auth.rp.com" } }, oidcOPMetaDataOptions => {},