Bug with samlIDPMetaDataOptions upload and use make tidy
This commit is contained in:
Clément Oudot
parent
ce8d8ee84e
commit
44aeddbc5c
|
|
@ -187,37 +187,37 @@ sub getLocalConf {
|
||||||
# First, search if this file has been parsed
|
# First, search if this file has been parsed
|
||||||
unless ( $cfg = $configFiles->{$file} ) {
|
unless ( $cfg = $configFiles->{$file} ) {
|
||||||
|
|
||||||
# If default configuration cannot be read
|
# If default configuration cannot be read
|
||||||
# - Error if configuration section is requested
|
# - Error if configuration section is requested
|
||||||
# - Silent exit for other section requests
|
# - Silent exit for other section requests
|
||||||
unless ( -r $file ) {
|
unless ( -r $file ) {
|
||||||
if ( $section eq CONFSECTION ) {
|
if ( $section eq CONFSECTION ) {
|
||||||
$msg =
|
$msg =
|
||||||
"Cannot read $file to get configuration access parameters.";
|
"Cannot read $file to get configuration access parameters.";
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
# Parse ini file
|
# Parse ini file
|
||||||
$cfg = Config::IniFiles->new( -file => $file, -allowcontinue => 1 );
|
$cfg = Config::IniFiles->new( -file => $file, -allowcontinue => 1 );
|
||||||
|
|
||||||
unless ( defined $cfg ) {
|
unless ( defined $cfg ) {
|
||||||
$msg = "Local config error: " . @Config::IniFiles::errors;
|
$msg = "Local config error: " . @Config::IniFiles::errors;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
# Check if default section exists
|
# Check if default section exists
|
||||||
unless ( $cfg->SectionExists(DEFAULTSECTION) ) {
|
unless ( $cfg->SectionExists(DEFAULTSECTION) ) {
|
||||||
$msg = "Default section (" . DEFAULTSECTION . ") is missing.";
|
$msg = "Default section (" . DEFAULTSECTION . ") is missing.";
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
# Check if configuration section exists
|
# Check if configuration section exists
|
||||||
if ( $section eq CONFSECTION and !$cfg->SectionExists(CONFSECTION) ) {
|
if ( $section eq CONFSECTION and !$cfg->SectionExists(CONFSECTION) ) {
|
||||||
$msg = "Configuration section (" . CONFSECTION . ") is missing.";
|
$msg = "Configuration section (" . CONFSECTION . ") is missing.";
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
$configFiles->{$file} = $cfg;
|
$configFiles->{$file} = $cfg;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -37,7 +37,7 @@ our @EXPORT;
|
||||||
|
|
||||||
# Shared variables
|
# Shared variables
|
||||||
our (
|
our (
|
||||||
$locationRegexp, $locationCondition, $defaultCondition,
|
$locationRegexp, $locationCondition, $defaultCondition,
|
||||||
$locationProtection, $defaultProtection, $forgeHeaders,
|
$locationProtection, $defaultProtection, $forgeHeaders,
|
||||||
$apacheRequest, $locationCount, $cookieName,
|
$apacheRequest, $locationCount, $cookieName,
|
||||||
$datas, $globalStorage, $globalStorageOptions,
|
$datas, $globalStorage, $globalStorageOptions,
|
||||||
|
|
@ -567,12 +567,12 @@ sub conditionSub {
|
||||||
eval 'use Apache2::Filter' unless ( $INC{"Apache2/Filter.pm"} );
|
eval 'use Apache2::Filter' unless ( $INC{"Apache2/Filter.pm"} );
|
||||||
return (
|
return (
|
||||||
sub {
|
sub {
|
||||||
$apacheRequest->add_output_filter(
|
$apacheRequest->add_output_filter(
|
||||||
sub {
|
sub {
|
||||||
return $class->redirectFilter( $u, @_ );
|
return $class->redirectFilter( $u, @_ );
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
1;
|
1;
|
||||||
},
|
},
|
||||||
1
|
1
|
||||||
);
|
);
|
||||||
|
|
@ -582,18 +582,18 @@ sub conditionSub {
|
||||||
my $u = $1 || $class->portal();
|
my $u = $1 || $class->portal();
|
||||||
return (
|
return (
|
||||||
sub {
|
sub {
|
||||||
$class->localUnlog;
|
$class->localUnlog;
|
||||||
$apacheRequest->add_output_filter(
|
$apacheRequest->add_output_filter(
|
||||||
sub {
|
sub {
|
||||||
return $class->redirectFilter(
|
return $class->redirectFilter(
|
||||||
$class->portal() . "?url="
|
$class->portal() . "?url="
|
||||||
. $class->encodeUrl($u)
|
. $class->encodeUrl($u)
|
||||||
. "&logout=1",
|
. "&logout=1",
|
||||||
@_
|
@_
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
1;
|
1;
|
||||||
},
|
},
|
||||||
1
|
1
|
||||||
);
|
);
|
||||||
|
|
|
||||||
|
|
@ -139,10 +139,13 @@ sub confUpload {
|
||||||
} # END LOOP
|
} # END LOOP
|
||||||
|
|
||||||
# 1.4 Loading unchanged parameters (ajax nodes not open)
|
# 1.4 Loading unchanged parameters (ajax nodes not open)
|
||||||
|
$self->lmLog( "Save unchanged parameters", 'debug' );
|
||||||
foreach ( @{ $result->getChildrenByTagName('ignore') } ) {
|
foreach ( @{ $result->getChildrenByTagName('ignore') } ) {
|
||||||
my $node = $_->getAttribute('value');
|
my $node = $_->getAttribute('value');
|
||||||
$node =~ s/^.*node=(.*?)(?:&.*)?\}$/$1/;
|
$node =~ s/^.*node=(.*?)(?:&.*)?\}$/$1/;
|
||||||
|
$self->lmLog( "Unchanged node $node", 'debug' );
|
||||||
foreach my $k ( $self->findAllConfKeys( $self->corresp($node) ) ) {
|
foreach my $k ( $self->findAllConfKeys( $self->corresp($node) ) ) {
|
||||||
|
$self->lmLog( "Unchanged key $k (node $node)", 'debug' );
|
||||||
my $v = $self->keyToH( $k, $self->conf );
|
my $v = $self->keyToH( $k, $self->conf );
|
||||||
$v = $self->keyToH( $k, $self->defaultConf ) unless ( defined $v );
|
$v = $self->keyToH( $k, $self->defaultConf ) unless ( defined $v );
|
||||||
if ( defined $v ) {
|
if ( defined $v ) {
|
||||||
|
|
@ -307,6 +310,7 @@ sub findAllConfKeys {
|
||||||
}
|
}
|
||||||
foreach my $n ( @{ $h->{_nodes} } ) {
|
foreach my $n ( @{ $h->{_nodes} } ) {
|
||||||
$n =~ s/^.*?:(.*?)(?:\:.*)?$/$1/;
|
$n =~ s/^.*?:(.*?)(?:\:.*)?$/$1/;
|
||||||
|
$self->lmLog( "findAllConfKey: got node $n", 'debug' );
|
||||||
if ( ref( $h->{$n} ) ) {
|
if ( ref( $h->{$n} ) ) {
|
||||||
push @res, $self->findAllConfKeys( $h->{$n} );
|
push @res, $self->findAllConfKeys( $h->{$n} );
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -294,9 +294,9 @@ sub struct {
|
||||||
_nodes => [
|
_nodes => [
|
||||||
'nhash:/samlIDPMetaDataExportedAttributes:samlIDPMetaDataNode:samlMetaData'
|
'nhash:/samlIDPMetaDataExportedAttributes:samlIDPMetaDataNode:samlMetaData'
|
||||||
],
|
],
|
||||||
_upload => ['/samlIDPMetaDataXML'],
|
_upload => [ '/samlIDPMetaDataXML', '/samlIDPMetaDataOptions' ],
|
||||||
_help => 'default',
|
_help => 'default',
|
||||||
_call => '$(\'#newsamlmetadatab\').show();',
|
_call => '$(\'#newsamlmetadatab\').show();',
|
||||||
},
|
},
|
||||||
|
|
||||||
samlServiceMetaData => {
|
samlServiceMetaData => {
|
||||||
|
|
@ -818,6 +818,16 @@ sub defaultConf {
|
||||||
samlIDPMetaDataXML => { 'authentic' => {} },
|
samlIDPMetaDataXML => { 'authentic' => {} },
|
||||||
samlIDPMetaDataExportedAttributes =>
|
samlIDPMetaDataExportedAttributes =>
|
||||||
{ 'authentic' => { 'uid' => '0;uid;;' } },
|
{ 'authentic' => { 'uid' => '0;uid;;' } },
|
||||||
|
samlIDPMetaDataOptions => {
|
||||||
|
'authentic' => {
|
||||||
|
'samlIDPMetaDataOptionsNameIDFormat' => '',
|
||||||
|
'samlIDPMetaDataOptionsForceAuthn' => '0',
|
||||||
|
'samlIDPMetaDataOptionsAllowProxiedAuthn' => '1',
|
||||||
|
'samlIDPMetaDataOptionsSSOBinding' => '',
|
||||||
|
'samlIDPMetaDataOptionsSLOBinding' => '',
|
||||||
|
'samlIDPMetaDataOptionsResolutionRule' => '',
|
||||||
|
}
|
||||||
|
},
|
||||||
samlServicePrivateKey => '',
|
samlServicePrivateKey => '',
|
||||||
samlEntityID => 'http://auth.example.com/saml/metadata',
|
samlEntityID => 'http://auth.example.com/saml/metadata',
|
||||||
samlOrganizationDisplayName => 'Example',
|
samlOrganizationDisplayName => 'Example',
|
||||||
|
|
|
||||||
|
|
@ -125,12 +125,12 @@ sub en {
|
||||||
virtualHosts => 'Virtual Hosts',
|
virtualHosts => 'Virtual Hosts',
|
||||||
whatToTrace => "REMOTE_USER environment variable",
|
whatToTrace => "REMOTE_USER environment variable",
|
||||||
|
|
||||||
saml => 'SAML',
|
saml => 'SAML',
|
||||||
samlServicePrivateKey => 'Private Key',
|
samlServicePrivateKey => 'Private Key',
|
||||||
samlIDPMetaDataNode => 'Identity providers',
|
samlIDPMetaDataNode => 'Identity providers',
|
||||||
samlIDPMetaDataXML => 'Metadata XML',
|
samlIDPMetaDataXML => 'Metadata XML',
|
||||||
samlIDPMetaDataExportedAttributes => 'Exported attributes',
|
samlIDPMetaDataExportedAttributes => 'Exported attributes',
|
||||||
samlIDPMetaDataOptions => 'Options',
|
samlIDPMetaDataOptions => 'Options',
|
||||||
samlIDPMetaDataOptionsNameIDFormat => 'NameID format',
|
samlIDPMetaDataOptionsNameIDFormat => 'NameID format',
|
||||||
samlIDPMetaDataOptionsForceAuthn => 'Force authentication',
|
samlIDPMetaDataOptionsForceAuthn => 'Force authentication',
|
||||||
samlIDPMetaDataOptionsAllowProxiedAuthn =>
|
samlIDPMetaDataOptionsAllowProxiedAuthn =>
|
||||||
|
|
@ -138,13 +138,13 @@ sub en {
|
||||||
samlIDPMetaDataOptionsSSOBinding => 'SSO binding',
|
samlIDPMetaDataOptionsSSOBinding => 'SSO binding',
|
||||||
samlIDPMetaDataOptionsSLOBinding => 'SLO binding',
|
samlIDPMetaDataOptionsSLOBinding => 'SLO binding',
|
||||||
samlIDPMetaDataOptionsResolutionRule => 'Resolution rule',
|
samlIDPMetaDataOptionsResolutionRule => 'Resolution rule',
|
||||||
samlServiceMetaData => 'SAML 2 Service',
|
samlServiceMetaData => 'SAML 2 Service',
|
||||||
samlEntityID => 'Entity Identifier',
|
samlEntityID => 'Entity Identifier',
|
||||||
samlOrganization => 'Organization',
|
samlOrganization => 'Organization',
|
||||||
samlOrganizationDisplayName => 'Display Name',
|
samlOrganizationDisplayName => 'Display Name',
|
||||||
samlOrganizationName => 'Name',
|
samlOrganizationName => 'Name',
|
||||||
samlOrganizationURL => 'URL',
|
samlOrganizationURL => 'URL',
|
||||||
samlSPSSODescriptor => 'Service Provider',
|
samlSPSSODescriptor => 'Service Provider',
|
||||||
samlSPSSODescriptorAuthnRequestsSigned =>
|
samlSPSSODescriptorAuthnRequestsSigned =>
|
||||||
'Signed Authentication Request',
|
'Signed Authentication Request',
|
||||||
samlSPSSODescriptorProtocolSupportEnumeration => 'Protocol',
|
samlSPSSODescriptorProtocolSupportEnumeration => 'Protocol',
|
||||||
|
|
@ -270,12 +270,12 @@ sub fr {
|
||||||
virtualHosts => 'Hôtes virtuels',
|
virtualHosts => 'Hôtes virtuels',
|
||||||
whatToTrace => "Variable d'environnement REMOTE_USER",
|
whatToTrace => "Variable d'environnement REMOTE_USER",
|
||||||
|
|
||||||
saml => 'SAML',
|
saml => 'SAML',
|
||||||
samlServicePrivateKey => 'Clé privée',
|
samlServicePrivateKey => 'Clé privée',
|
||||||
samlIDPMetaDataNode => 'Fournisseurs d\'identités',
|
samlIDPMetaDataNode => 'Fournisseurs d\'identités',
|
||||||
samlIDPMetaDataXML => 'XML Metadata',
|
samlIDPMetaDataXML => 'XML Metadata',
|
||||||
samlIDPMetaDataExportedAttributes => 'Attributs exportés',
|
samlIDPMetaDataExportedAttributes => 'Attributs exportés',
|
||||||
samlIDPMetaDataOptions => 'Options',
|
samlIDPMetaDataOptions => 'Options',
|
||||||
samlIDPMetaDataOptionsNameIDFormat => 'Format NameID',
|
samlIDPMetaDataOptionsNameIDFormat => 'Format NameID',
|
||||||
samlIDPMetaDataOptionsForceAuthn => 'Authentification forcée',
|
samlIDPMetaDataOptionsForceAuthn => 'Authentification forcée',
|
||||||
samlIDPMetaDataOptionsAllowProxiedAuthn =>
|
samlIDPMetaDataOptionsAllowProxiedAuthn =>
|
||||||
|
|
@ -283,13 +283,13 @@ sub fr {
|
||||||
samlIDPMetaDataOptionsSSOBinding => 'Méthode SSO',
|
samlIDPMetaDataOptionsSSOBinding => 'Méthode SSO',
|
||||||
samlIDPMetaDataOptionsSLOBinding => 'Méthode SLO',
|
samlIDPMetaDataOptionsSLOBinding => 'Méthode SLO',
|
||||||
samlIDPMetaDataOptionsResolutionRule => 'Règle de résolution',
|
samlIDPMetaDataOptionsResolutionRule => 'Règle de résolution',
|
||||||
samlServiceMetaData => 'Service SAML 2',
|
samlServiceMetaData => 'Service SAML 2',
|
||||||
samlEntityID => 'Identifiant d\'entité',
|
samlEntityID => 'Identifiant d\'entité',
|
||||||
samlOrganization => 'Organisation',
|
samlOrganization => 'Organisation',
|
||||||
samlOrganizationDisplayName => 'Nom affiché',
|
samlOrganizationDisplayName => 'Nom affiché',
|
||||||
samlOrganizationName => 'Nom',
|
samlOrganizationName => 'Nom',
|
||||||
samlOrganizationURL => 'URL',
|
samlOrganizationURL => 'URL',
|
||||||
samlSPSSODescriptor => 'Fournisseur de service',
|
samlSPSSODescriptor => 'Fournisseur de service',
|
||||||
samlSPSSODescriptorAuthnRequestsSigned =>
|
samlSPSSODescriptorAuthnRequestsSigned =>
|
||||||
'Requête d\'authentification signé',
|
'Requête d\'authentification signé',
|
||||||
samlSPSSODescriptorProtocolSupportEnumeration => 'Protocole',
|
samlSPSSODescriptorProtocolSupportEnumeration => 'Protocole',
|
||||||
|
|
|
||||||
|
|
@ -855,7 +855,7 @@ sub extractFormInfo {
|
||||||
my $nameIDFormat =
|
my $nameIDFormat =
|
||||||
$self->{samlIDPMetaDataOptions}->{$idp}
|
$self->{samlIDPMetaDataOptions}->{$idp}
|
||||||
->{samlIDPMetaDataOptionsNameIDFormat};
|
->{samlIDPMetaDataOptionsNameIDFormat};
|
||||||
$nameIDFormat ||= "transient"; # Default to transient
|
$nameIDFormat ||= "transient"; # Default to transient
|
||||||
$nameIDFormat = $self->getNameIDFormat($nameIDFormat) if $nameIDFormat;
|
$nameIDFormat = $self->getNameIDFormat($nameIDFormat) if $nameIDFormat;
|
||||||
|
|
||||||
# IDP HTTP method
|
# IDP HTTP method
|
||||||
|
|
@ -1027,7 +1027,7 @@ sub authenticate {
|
||||||
# Logout SP
|
# Logout SP
|
||||||
# @return nothing
|
# @return nothing
|
||||||
sub authLogout {
|
sub authLogout {
|
||||||
my $self = shift;
|
my $self = shift;
|
||||||
my $idp = $self->{sessionInfo}->{_idp};
|
my $idp = $self->{sessionInfo}->{_idp};
|
||||||
my $IDPentityID = $self->{sessionInfo}->{_idpEntityID};
|
my $IDPentityID = $self->{sessionInfo}->{_idpEntityID};
|
||||||
my $method;
|
my $method;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user