Bug with samlIDPMetaDataOptions upload and use make tidy
This commit is contained in:
parent
ce8d8ee84e
commit
44aeddbc5c
|
@ -187,37 +187,37 @@ sub getLocalConf {
|
|||
# First, search if this file has been parsed
|
||||
unless ( $cfg = $configFiles->{$file} ) {
|
||||
|
||||
# If default configuration cannot be read
|
||||
# - Error if configuration section is requested
|
||||
# - Silent exit for other section requests
|
||||
unless ( -r $file ) {
|
||||
if ( $section eq CONFSECTION ) {
|
||||
# If default configuration cannot be read
|
||||
# - Error if configuration section is requested
|
||||
# - Silent exit for other section requests
|
||||
unless ( -r $file ) {
|
||||
if ( $section eq CONFSECTION ) {
|
||||
$msg =
|
||||
"Cannot read $file to get configuration access parameters.";
|
||||
return 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
# Parse ini file
|
||||
# Parse ini file
|
||||
$cfg = Config::IniFiles->new( -file => $file, -allowcontinue => 1 );
|
||||
|
||||
unless ( defined $cfg ) {
|
||||
$msg = "Local config error: " . @Config::IniFiles::errors;
|
||||
return 0;
|
||||
}
|
||||
unless ( defined $cfg ) {
|
||||
$msg = "Local config error: " . @Config::IniFiles::errors;
|
||||
return 0;
|
||||
}
|
||||
|
||||
# Check if default section exists
|
||||
unless ( $cfg->SectionExists(DEFAULTSECTION) ) {
|
||||
# Check if default section exists
|
||||
unless ( $cfg->SectionExists(DEFAULTSECTION) ) {
|
||||
$msg = "Default section (" . DEFAULTSECTION . ") is missing.";
|
||||
return 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
# Check if configuration section exists
|
||||
if ( $section eq CONFSECTION and !$cfg->SectionExists(CONFSECTION) ) {
|
||||
# Check if configuration section exists
|
||||
if ( $section eq CONFSECTION and !$cfg->SectionExists(CONFSECTION) ) {
|
||||
$msg = "Configuration section (" . CONFSECTION . ") is missing.";
|
||||
return 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
$configFiles->{$file} = $cfg;
|
||||
}
|
||||
|
||||
|
|
|
@ -37,7 +37,7 @@ our @EXPORT;
|
|||
|
||||
# Shared variables
|
||||
our (
|
||||
$locationRegexp, $locationCondition, $defaultCondition,
|
||||
$locationRegexp, $locationCondition, $defaultCondition,
|
||||
$locationProtection, $defaultProtection, $forgeHeaders,
|
||||
$apacheRequest, $locationCount, $cookieName,
|
||||
$datas, $globalStorage, $globalStorageOptions,
|
||||
|
@ -567,12 +567,12 @@ sub conditionSub {
|
|||
eval 'use Apache2::Filter' unless ( $INC{"Apache2/Filter.pm"} );
|
||||
return (
|
||||
sub {
|
||||
$apacheRequest->add_output_filter(
|
||||
sub {
|
||||
return $class->redirectFilter( $u, @_ );
|
||||
}
|
||||
);
|
||||
1;
|
||||
$apacheRequest->add_output_filter(
|
||||
sub {
|
||||
return $class->redirectFilter( $u, @_ );
|
||||
}
|
||||
);
|
||||
1;
|
||||
},
|
||||
1
|
||||
);
|
||||
|
@ -582,18 +582,18 @@ sub conditionSub {
|
|||
my $u = $1 || $class->portal();
|
||||
return (
|
||||
sub {
|
||||
$class->localUnlog;
|
||||
$apacheRequest->add_output_filter(
|
||||
sub {
|
||||
return $class->redirectFilter(
|
||||
$class->portal() . "?url="
|
||||
. $class->encodeUrl($u)
|
||||
. "&logout=1",
|
||||
@_
|
||||
);
|
||||
}
|
||||
);
|
||||
1;
|
||||
$class->localUnlog;
|
||||
$apacheRequest->add_output_filter(
|
||||
sub {
|
||||
return $class->redirectFilter(
|
||||
$class->portal() . "?url="
|
||||
. $class->encodeUrl($u)
|
||||
. "&logout=1",
|
||||
@_
|
||||
);
|
||||
}
|
||||
);
|
||||
1;
|
||||
},
|
||||
1
|
||||
);
|
||||
|
|
|
@ -139,10 +139,13 @@ sub confUpload {
|
|||
} # END LOOP
|
||||
|
||||
# 1.4 Loading unchanged parameters (ajax nodes not open)
|
||||
$self->lmLog( "Save unchanged parameters", 'debug' );
|
||||
foreach ( @{ $result->getChildrenByTagName('ignore') } ) {
|
||||
my $node = $_->getAttribute('value');
|
||||
$node =~ s/^.*node=(.*?)(?:&.*)?\}$/$1/;
|
||||
$self->lmLog( "Unchanged node $node", 'debug' );
|
||||
foreach my $k ( $self->findAllConfKeys( $self->corresp($node) ) ) {
|
||||
$self->lmLog( "Unchanged key $k (node $node)", 'debug' );
|
||||
my $v = $self->keyToH( $k, $self->conf );
|
||||
$v = $self->keyToH( $k, $self->defaultConf ) unless ( defined $v );
|
||||
if ( defined $v ) {
|
||||
|
@ -307,6 +310,7 @@ sub findAllConfKeys {
|
|||
}
|
||||
foreach my $n ( @{ $h->{_nodes} } ) {
|
||||
$n =~ s/^.*?:(.*?)(?:\:.*)?$/$1/;
|
||||
$self->lmLog( "findAllConfKey: got node $n", 'debug' );
|
||||
if ( ref( $h->{$n} ) ) {
|
||||
push @res, $self->findAllConfKeys( $h->{$n} );
|
||||
}
|
||||
|
|
|
@ -294,9 +294,9 @@ sub struct {
|
|||
_nodes => [
|
||||
'nhash:/samlIDPMetaDataExportedAttributes:samlIDPMetaDataNode:samlMetaData'
|
||||
],
|
||||
_upload => ['/samlIDPMetaDataXML'],
|
||||
_upload => [ '/samlIDPMetaDataXML', '/samlIDPMetaDataOptions' ],
|
||||
_help => 'default',
|
||||
_call => '$(\'#newsamlmetadatab\').show();',
|
||||
_call => '$(\'#newsamlmetadatab\').show();',
|
||||
},
|
||||
|
||||
samlServiceMetaData => {
|
||||
|
@ -818,6 +818,16 @@ sub defaultConf {
|
|||
samlIDPMetaDataXML => { 'authentic' => {} },
|
||||
samlIDPMetaDataExportedAttributes =>
|
||||
{ 'authentic' => { 'uid' => '0;uid;;' } },
|
||||
samlIDPMetaDataOptions => {
|
||||
'authentic' => {
|
||||
'samlIDPMetaDataOptionsNameIDFormat' => '',
|
||||
'samlIDPMetaDataOptionsForceAuthn' => '0',
|
||||
'samlIDPMetaDataOptionsAllowProxiedAuthn' => '1',
|
||||
'samlIDPMetaDataOptionsSSOBinding' => '',
|
||||
'samlIDPMetaDataOptionsSLOBinding' => '',
|
||||
'samlIDPMetaDataOptionsResolutionRule' => '',
|
||||
}
|
||||
},
|
||||
samlServicePrivateKey => '',
|
||||
samlEntityID => 'http://auth.example.com/saml/metadata',
|
||||
samlOrganizationDisplayName => 'Example',
|
||||
|
|
|
@ -125,12 +125,12 @@ sub en {
|
|||
virtualHosts => 'Virtual Hosts',
|
||||
whatToTrace => "REMOTE_USER environment variable",
|
||||
|
||||
saml => 'SAML',
|
||||
samlServicePrivateKey => 'Private Key',
|
||||
samlIDPMetaDataNode => 'Identity providers',
|
||||
samlIDPMetaDataXML => 'Metadata XML',
|
||||
samlIDPMetaDataExportedAttributes => 'Exported attributes',
|
||||
samlIDPMetaDataOptions => 'Options',
|
||||
saml => 'SAML',
|
||||
samlServicePrivateKey => 'Private Key',
|
||||
samlIDPMetaDataNode => 'Identity providers',
|
||||
samlIDPMetaDataXML => 'Metadata XML',
|
||||
samlIDPMetaDataExportedAttributes => 'Exported attributes',
|
||||
samlIDPMetaDataOptions => 'Options',
|
||||
samlIDPMetaDataOptionsNameIDFormat => 'NameID format',
|
||||
samlIDPMetaDataOptionsForceAuthn => 'Force authentication',
|
||||
samlIDPMetaDataOptionsAllowProxiedAuthn =>
|
||||
|
@ -138,13 +138,13 @@ sub en {
|
|||
samlIDPMetaDataOptionsSSOBinding => 'SSO binding',
|
||||
samlIDPMetaDataOptionsSLOBinding => 'SLO binding',
|
||||
samlIDPMetaDataOptionsResolutionRule => 'Resolution rule',
|
||||
samlServiceMetaData => 'SAML 2 Service',
|
||||
samlEntityID => 'Entity Identifier',
|
||||
samlOrganization => 'Organization',
|
||||
samlOrganizationDisplayName => 'Display Name',
|
||||
samlOrganizationName => 'Name',
|
||||
samlOrganizationURL => 'URL',
|
||||
samlSPSSODescriptor => 'Service Provider',
|
||||
samlServiceMetaData => 'SAML 2 Service',
|
||||
samlEntityID => 'Entity Identifier',
|
||||
samlOrganization => 'Organization',
|
||||
samlOrganizationDisplayName => 'Display Name',
|
||||
samlOrganizationName => 'Name',
|
||||
samlOrganizationURL => 'URL',
|
||||
samlSPSSODescriptor => 'Service Provider',
|
||||
samlSPSSODescriptorAuthnRequestsSigned =>
|
||||
'Signed Authentication Request',
|
||||
samlSPSSODescriptorProtocolSupportEnumeration => 'Protocol',
|
||||
|
@ -270,12 +270,12 @@ sub fr {
|
|||
virtualHosts => 'Hôtes virtuels',
|
||||
whatToTrace => "Variable d'environnement REMOTE_USER",
|
||||
|
||||
saml => 'SAML',
|
||||
samlServicePrivateKey => 'Clé privée',
|
||||
samlIDPMetaDataNode => 'Fournisseurs d\'identités',
|
||||
samlIDPMetaDataXML => 'XML Metadata',
|
||||
samlIDPMetaDataExportedAttributes => 'Attributs exportés',
|
||||
samlIDPMetaDataOptions => 'Options',
|
||||
saml => 'SAML',
|
||||
samlServicePrivateKey => 'Clé privée',
|
||||
samlIDPMetaDataNode => 'Fournisseurs d\'identités',
|
||||
samlIDPMetaDataXML => 'XML Metadata',
|
||||
samlIDPMetaDataExportedAttributes => 'Attributs exportés',
|
||||
samlIDPMetaDataOptions => 'Options',
|
||||
samlIDPMetaDataOptionsNameIDFormat => 'Format NameID',
|
||||
samlIDPMetaDataOptionsForceAuthn => 'Authentification forcée',
|
||||
samlIDPMetaDataOptionsAllowProxiedAuthn =>
|
||||
|
@ -283,13 +283,13 @@ sub fr {
|
|||
samlIDPMetaDataOptionsSSOBinding => 'Méthode SSO',
|
||||
samlIDPMetaDataOptionsSLOBinding => 'Méthode SLO',
|
||||
samlIDPMetaDataOptionsResolutionRule => 'Règle de résolution',
|
||||
samlServiceMetaData => 'Service SAML 2',
|
||||
samlEntityID => 'Identifiant d\'entité',
|
||||
samlOrganization => 'Organisation',
|
||||
samlOrganizationDisplayName => 'Nom affiché',
|
||||
samlOrganizationName => 'Nom',
|
||||
samlOrganizationURL => 'URL',
|
||||
samlSPSSODescriptor => 'Fournisseur de service',
|
||||
samlServiceMetaData => 'Service SAML 2',
|
||||
samlEntityID => 'Identifiant d\'entité',
|
||||
samlOrganization => 'Organisation',
|
||||
samlOrganizationDisplayName => 'Nom affiché',
|
||||
samlOrganizationName => 'Nom',
|
||||
samlOrganizationURL => 'URL',
|
||||
samlSPSSODescriptor => 'Fournisseur de service',
|
||||
samlSPSSODescriptorAuthnRequestsSigned =>
|
||||
'Requête d\'authentification signé',
|
||||
samlSPSSODescriptorProtocolSupportEnumeration => 'Protocole',
|
||||
|
|
|
@ -855,7 +855,7 @@ sub extractFormInfo {
|
|||
my $nameIDFormat =
|
||||
$self->{samlIDPMetaDataOptions}->{$idp}
|
||||
->{samlIDPMetaDataOptionsNameIDFormat};
|
||||
$nameIDFormat ||= "transient"; # Default to transient
|
||||
$nameIDFormat ||= "transient"; # Default to transient
|
||||
$nameIDFormat = $self->getNameIDFormat($nameIDFormat) if $nameIDFormat;
|
||||
|
||||
# IDP HTTP method
|
||||
|
@ -1027,7 +1027,7 @@ sub authenticate {
|
|||
# Logout SP
|
||||
# @return nothing
|
||||
sub authLogout {
|
||||
my $self = shift;
|
||||
my $self = shift;
|
||||
my $idp = $self->{sessionInfo}->{_idp};
|
||||
my $IDPentityID = $self->{sessionInfo}->{_idpEntityID};
|
||||
my $method;
|
||||
|
|
Loading…
Reference in New Issue
Block a user