From 32c0d51d4bcd29dcdfcc827cf4d534ba49427b68 Mon Sep 17 00:00:00 2001
From: Xavier Guimard <xavier.guimard@laposte.net>
Date: Fri, 18 Mar 2016 17:13:47 +0000
Subject: [PATCH] Store authParams keys (#967)

---
 .../lib/Lemonldap/NG/Manager/Build.pm         |  28 +++-
 .../lib/Lemonldap/NG/Manager/Constants.pm     | 157 +++++++++++++++++-
 2 files changed, 182 insertions(+), 3 deletions(-)

diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm
index 331b29b6f..57a798c0e 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm
@@ -34,6 +34,7 @@ my $ignoreKeys;
 my $mainTree;
 my @sessionTypes;
 my @simpleHashKeys;
+my $authParams;
 
 my $attributes = Lemonldap::NG::Manager::Build::Attributes::attributes();
 my $jsonEnc    = JSON->new()->allow_nonref;
@@ -149,7 +150,7 @@ sub run {
     my $exportedVars =
         '$'
       . join( 'Keys $', 'simpleHash', 'specialNode', sort keys %cnodesRe )
-      . 'Keys $specialNodeHash @sessionTypes';
+      . 'Keys $specialNodeHash @sessionTypes $authParameters';
     print F <<EOF;
 # This file is generated by $module. Don't modify it by hand
 package Lemonldap::NG::Manager::Constants;
@@ -189,6 +190,10 @@ EOF
         print F "our \$${_}Keys = '$cnodesRe{$_}';\n";
     }
 
+    $tmp = Dumper($authParams);
+    $tmp =~ s/VAR1/authParameters/s;
+    print F "\nour $tmp\n";
+
     print F "\n1;\n";
     close F;
     print STDERR "done\n";
@@ -403,7 +408,12 @@ sub scanTree {
                     $jleaf->{"_$n"} = [];
                     $self->scanTree( $leaf->{$n}, $jleaf->{"_$n"}, $prefix,
                         "$path.$nodeName\[$ord\]" );
-                    if ( $n eq 'nodes_cond' ) {
+                    if ( $leaf->{title} eq 'authParams' and $n eq 'nodes_cond' ) {
+                        foreach my $sn (@{$leaf->{$n}}) {
+                            my @cn = $self->scanLeaf( $sn->{nodes} );
+                            $authParams->{$sn->{title}} = \@cn;
+                        }
+                        print STDERR Dumper($authParams);
                         foreach my $sn ( @{ $jleaf->{"_$n"} } ) {
                             $sn->{show} = 'false';
                         }
@@ -483,6 +493,20 @@ sub scanTree {
     }
 }
 
+sub scanLeaf {
+    my($self,$tree)=@_;
+    my @res;
+    foreach my $k (@$tree) {
+        if(ref $k) {
+            push @res, $self->scanLeaf($k->{nodes});
+        }
+        else {
+            push @res, $k;
+        }
+    }
+    return @res;
+}
+
 1;
 __END__
 
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Constants.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Constants.pm
index 2adba2857..49afc8f0f 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Constants.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Constants.pm
@@ -7,7 +7,7 @@ use base qw(Exporter);
 
 our $VERSION = '2.0.0';
 
-our %EXPORT_TAGS = ( 'all' => [qw($simpleHashKeys $specialNodeKeys $oidcOPMetaDataNodeKeys $oidcRPMetaDataNodeKeys $samlIDPMetaDataNodeKeys $samlSPMetaDataNodeKeys $virtualHostKeys $specialNodeHash @sessionTypes)] );
+our %EXPORT_TAGS = ( 'all' => [qw($simpleHashKeys $specialNodeKeys $oidcOPMetaDataNodeKeys $oidcRPMetaDataNodeKeys $samlIDPMetaDataNodeKeys $samlSPMetaDataNodeKeys $virtualHostKeys $specialNodeHash @sessionTypes $authParameters)] );
 our @EXPORT_OK   = ( @{ $EXPORT_TAGS{'all'} } );
 our @EXPORT      = ( @{ $EXPORT_TAGS{'all'} } );
 
@@ -29,4 +29,159 @@ our $samlIDPMetaDataNodeKeys = 'samlIDPMetaData(?:Options(?:A(?:llow(?:LoginFrom
 our $samlSPMetaDataNodeKeys = 'samlSPMetaData(?:Options(?:N(?:ameID(?:SessionKey|Format)|otOnOrAfterTimeout)|S(?:essionNotOnOrAfterTimeout|ignS[LS]OMessage)|(?:CheckS[LS]OMessageSignatur|OneTimeUs)e|En(?:ableIDPInitiatedURL|cryptionMode))|ExportedAttributes|XML)';
 our $virtualHostKeys = '(?:vhost(?:(?:Aliase|Http)s|Maintenance|Port)|(?:exportedHeader|locationRule)s|post)';
 
+our $authParameters = {
+          'adParams' => [
+                          'ADPwdMaxAge',
+                          'ADPwdExpireWarning'
+                        ],
+          'apacheParams' => [
+                              'apacheAuthnLevel'
+                            ],
+          'browseridParams' => [
+                                 'browserIdAuthnLevel',
+                                 'browserIdAutoLogin',
+                                 'browserIdVerificationURL',
+                                 'browserIdSiteName',
+                                 'browserIdSiteLogo',
+                                 'browserIdBackgroundColor'
+                               ],
+          'casParams' => [
+                           'CAS_authnLevel',
+                           'CAS_url',
+                           'CAS_CAFile',
+                           'CAS_renew',
+                           'CAS_gateway',
+                           'CAS_pgtFile',
+                           'CAS_proxiedServices'
+                         ],
+          'choiceParams' => [
+                              'authChoiceParam',
+                              'authChoiceModules'
+                            ],
+          'dbiParams' => [
+                           'dbiAuthnLevel',
+                           'dbiExportedVars',
+                           'dbiAuthChain',
+                           'dbiAuthUser',
+                           'dbiAuthPassword',
+                           'dbiUserChain',
+                           'dbiUserUser',
+                           'dbiUserPassword',
+                           'dbiAuthTable',
+                           'dbiUserTable',
+                           'dbiAuthLoginCol',
+                           'dbiAuthPasswordCol',
+                           'dbiPasswordMailCol',
+                           'userPivot',
+                           'dbiAuthPasswordHash'
+                         ],
+          'demoParams' => [
+                            'demoExportedVars'
+                          ],
+          'facebookParams' => [
+                                'facebookAuthnLevel',
+                                'facebookExportedVars',
+                                'facebookAppId',
+                                'facebookAppSecret'
+                              ],
+          'googleParams' => [
+                              'googleAuthnLevel',
+                              'googleExportedVars'
+                            ],
+          'ldapParams' => [
+                            'ldapAuthnLevel',
+                            'ldapExportedVars',
+                            'ldapServer',
+                            'ldapPort',
+                            'ldapBase',
+                            'managerDn',
+                            'managerPassword',
+                            'ldapTimeout',
+                            'ldapVersion',
+                            'ldapRaw',
+                            'LDAPFilter',
+                            'AuthLDAPFilter',
+                            'mailLDAPFilter',
+                            'ldapSearchDeref',
+                            'ldapGroupBase',
+                            'ldapGroupObjectClass',
+                            'ldapGroupAttributeName',
+                            'ldapGroupAttributeNameUser',
+                            'ldapGroupAttributeNameSearch',
+                            'ldapGroupRecursive',
+                            'ldapGroupAttributeNameGroup',
+                            'ldapPpolicyControl',
+                            'ldapSetPassword',
+                            'ldapChangePasswordAsUser',
+                            'ldapPwdEnc',
+                            'ldapUsePasswordResetAttribute',
+                            'ldapPasswordResetAttribute',
+                            'ldapPasswordResetAttributeValue'
+                          ],
+          'multiParams' => [
+                             'multiAuthStack',
+                             'multiUserDBStack'
+                           ],
+          'nullParams' => [
+                            'nullAuthnLevel'
+                          ],
+          'oidcParams' => [
+                            'oidcAuthnLevel',
+                            'oidcRPCallbackGetParam',
+                            'oidcRPStateTimeout'
+                          ],
+          'openidParams' => [
+                              'openIdAuthnLevel',
+                              'openIdExportedVars',
+                              'openIdSecret',
+                              'openIdIDPList'
+                            ],
+          'proxyParams' => [
+                             'soapAuthService',
+                             'remoteCookieName',
+                             'soapSessionService'
+                           ],
+          'radiusParams' => [
+                              'radiusAuthnLevel',
+                              'radiusSecret',
+                              'radiusServer'
+                            ],
+          'remoteParams' => [
+                              'remotePortal',
+                              'remoteCookieName',
+                              'remoteGlobalStorage',
+                              'remoteGlobalStorageOptions'
+                            ],
+          'slaveParams' => [
+                             'slaveAuthnLevel',
+                             'slaveExportedVars',
+                             'slaveUserHeader',
+                             'slaveMasterIP',
+                             'slaveHeaderName',
+                             'slaveHeaderContent'
+                           ],
+          'sslParams' => [
+                           'SSLAuthnLevel',
+                           'SSLVar'
+                         ],
+          'twitterParams' => [
+                               'twitterAuthnLevel',
+                               'twitterKey',
+                               'twitterSecret',
+                               'twitterAppName'
+                             ],
+          'webiDParams' => [
+                             'webIDAuthnLevel',
+                             'webIDExportedVars',
+                             'webIDWhitelist'
+                           ],
+          'yubikeyParams' => [
+                               'yubikeyAuthnLevel',
+                               'yubikeyClientID',
+                               'yubikeySecretKey',
+                               'yubikeyPublicIDSize'
+                             ]
+        };
+
+
 1;