OpenID black/white lists

2016-01-03 16:57:30 +00:00 · 2016-01-03 16:57:30 +00:00 · 53fa84e74f
commit 53fa84e74f
parent ace5da1302
3 changed files with 33 additions and 3 deletions
--- a/lemonldap-ng-manager/TODO.md
+++ b/lemonldap-ng-manager/TODO.md
@ -12,7 +12,6 @@

 * default values: TODO, deliver a "0" conf when no conf is available
 * Forms:
-  * OpenID white/black list
  * POST replay fields

 ### REST API:
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf.pm
@ -472,8 +472,8 @@ sub authChoiceModules {
    }
 }

-## @method PSGI-JSON-response $grantSessionRules($req)
-#Respond to `/conf/:cfgNum` requests by sending configuration metadatas
+## @method PSGI-JSON-response grantSessionRules($req)
+# Split grantSessionRules key=>value into 3 elements
 #
 #@param $req Lemonldap::NG::PSGI::Request
 #@return PSGI JSON response
@ -507,6 +507,19 @@ sub grantSessionRules {
    return $self->sendJSONresponse( $req, \@res );
 }

+##method PSGI-JSON-response openIdIDPList($req)
+# Split openIdIDPList parameter into 2 elements
+sub openIdIDPList {
+    my ( $self, $req, $key ) = @_;
+    return $self->sendError( 'Subkeys forbidden for openIdIDPList', 400 )
+      if ($key);
+    my $value = $self->getConfKey( $req, 'openIdIDPList' );
+    $value //= '0;';
+    my ( $type, $v ) = split /;/, $value;
+    $v //= '';
+    return $self->sendJSONresponse( $req, { value => [ $type, $v ] } );
+}
+
 ## @method PSGI-JSON-response metadatas($req)
 #Respond to `/conf/:cfgNum` requests by sending configuration metadatas
 #
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/ConfParser.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/ConfParser.pm
@ -475,6 +475,24 @@ sub _scanNodes {
            next;
        }

+        # openIdIDPList: data is splitted by Conf.pm into a boolean and a
+        # string
+        elsif ( $name eq 'openIdIDPList' ) {
+            hdebug('openIdIDPList');
+            if ( $leaf->{data} ) {
+                unless ( ref $leaf->{data} eq 'ARRAY' ) {
+                    push @{ $self->{errors} },
+                      { message => 'Malformed openIdIDPList ' . $leaf->{data} };
+                    return 0;
+                }
+                $self->set( $name, join( ';', @{ $leaf->{data} } ) );
+            }
+            else {
+                $self->set( $name, undef );
+            }
+            next;
+        }
+
        ####################
        # Other hash nodes #
        ####################