Append issuersTimeout option (#1916)
This commit is contained in:
Christophe Maudoux
parent
0642d7aa2f
commit
56ed8a5724
|
|
@ -102,6 +102,7 @@ sub defaultValues {
|
||||||
'issuerDBOpenIDRule' => 1,
|
'issuerDBOpenIDRule' => 1,
|
||||||
'issuerDBSAMLPath' => '^/saml/',
|
'issuerDBSAMLPath' => '^/saml/',
|
||||||
'issuerDBSAMLRule' => 1,
|
'issuerDBSAMLRule' => 1,
|
||||||
|
'issuersTimeout' => 120,
|
||||||
'jsRedirect' => 0,
|
'jsRedirect' => 0,
|
||||||
'krbAuthnLevel' => 3,
|
'krbAuthnLevel' => 3,
|
||||||
'krbRemoveDomain' => 1,
|
'krbRemoveDomain' => 1,
|
||||||
|
|
|
||||||
|
|
@ -65,6 +65,7 @@ our $issuerParameters = {
|
||||||
issuerDBOpenID => [qw(issuerDBOpenIDActivation issuerDBOpenIDPath issuerDBOpenIDRule openIdIssuerSecret openIdAttr openIdSPList openIdSreg_fullname openIdSreg_nickname openIdSreg_language openIdSreg_postcode openIdSreg_timezone openIdSreg_country openIdSreg_gender openIdSreg_email openIdSreg_dob)],
|
issuerDBOpenID => [qw(issuerDBOpenIDActivation issuerDBOpenIDPath issuerDBOpenIDRule openIdIssuerSecret openIdAttr openIdSPList openIdSreg_fullname openIdSreg_nickname openIdSreg_language openIdSreg_postcode openIdSreg_timezone openIdSreg_country openIdSreg_gender openIdSreg_email openIdSreg_dob)],
|
||||||
issuerDBOpenIDConnect => [qw(issuerDBOpenIDConnectActivation issuerDBOpenIDConnectPath issuerDBOpenIDConnectRule)],
|
issuerDBOpenIDConnect => [qw(issuerDBOpenIDConnectActivation issuerDBOpenIDConnectPath issuerDBOpenIDConnectRule)],
|
||||||
issuerDBSAML => [qw(issuerDBSAMLActivation issuerDBSAMLPath issuerDBSAMLRule)],
|
issuerDBSAML => [qw(issuerDBSAMLActivation issuerDBSAMLPath issuerDBSAMLRule)],
|
||||||
|
issuerOptions => [qw(issuersTimeout)],
|
||||||
};
|
};
|
||||||
our $samlServiceParameters = [qw(samlEntityID samlServicePrivateKeySig samlServicePrivateKeySigPwd samlServicePublicKeySig samlServicePrivateKeyEnc samlServicePrivateKeyEncPwd samlServicePublicKeyEnc samlServiceUseCertificateInResponse samlServiceSignatureMethod samlNameIDFormatMapEmail samlNameIDFormatMapX509 samlNameIDFormatMapWindows samlNameIDFormatMapKerberos samlAuthnContextMapPassword samlAuthnContextMapPasswordProtectedTransport samlAuthnContextMapTLSClient samlAuthnContextMapKerberos samlOrganizationDisplayName samlOrganizationName samlOrganizationURL samlSPSSODescriptorAuthnRequestsSigned samlSPSSODescriptorWantAssertionsSigned samlSPSSODescriptorSingleLogoutServiceHTTPRedirect samlSPSSODescriptorSingleLogoutServiceHTTPPost samlSPSSODescriptorSingleLogoutServiceSOAP samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact samlSPSSODescriptorAssertionConsumerServiceHTTPPost samlSPSSODescriptorArtifactResolutionServiceArtifact samlIDPSSODescriptorWantAuthnRequestsSigned samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect samlIDPSSODescriptorSingleSignOnServiceHTTPPost samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect samlIDPSSODescriptorSingleLogoutServiceHTTPPost samlIDPSSODescriptorSingleLogoutServiceSOAP samlIDPSSODescriptorArtifactResolutionServiceArtifact samlAttributeAuthorityDescriptorAttributeServiceSOAP samlIdPResolveCookie samlMetadataForceUTF8 samlStorage samlStorageOptions samlRelayStateTimeout samlUseQueryStringSpecific samlCommonDomainCookieActivation samlCommonDomainCookieDomain samlCommonDomainCookieReader samlCommonDomainCookieWriter samlDiscoveryProtocolActivation samlDiscoveryProtocolURL samlDiscoveryProtocolPolicy samlDiscoveryProtocolIsPassive samlOverrideIDPEntityID)];
|
our $samlServiceParameters = [qw(samlEntityID samlServicePrivateKeySig samlServicePrivateKeySigPwd samlServicePublicKeySig samlServicePrivateKeyEnc samlServicePrivateKeyEncPwd samlServicePublicKeyEnc samlServiceUseCertificateInResponse samlServiceSignatureMethod samlNameIDFormatMapEmail samlNameIDFormatMapX509 samlNameIDFormatMapWindows samlNameIDFormatMapKerberos samlAuthnContextMapPassword samlAuthnContextMapPasswordProtectedTransport samlAuthnContextMapTLSClient samlAuthnContextMapKerberos samlOrganizationDisplayName samlOrganizationName samlOrganizationURL samlSPSSODescriptorAuthnRequestsSigned samlSPSSODescriptorWantAssertionsSigned samlSPSSODescriptorSingleLogoutServiceHTTPRedirect samlSPSSODescriptorSingleLogoutServiceHTTPPost samlSPSSODescriptorSingleLogoutServiceSOAP samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact samlSPSSODescriptorAssertionConsumerServiceHTTPPost samlSPSSODescriptorArtifactResolutionServiceArtifact samlIDPSSODescriptorWantAuthnRequestsSigned samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect samlIDPSSODescriptorSingleSignOnServiceHTTPPost samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect samlIDPSSODescriptorSingleLogoutServiceHTTPPost samlIDPSSODescriptorSingleLogoutServiceSOAP samlIDPSSODescriptorArtifactResolutionServiceArtifact samlAttributeAuthorityDescriptorAttributeServiceSOAP samlIdPResolveCookie samlMetadataForceUTF8 samlStorage samlStorageOptions samlRelayStateTimeout samlUseQueryStringSpecific samlCommonDomainCookieActivation samlCommonDomainCookieDomain samlCommonDomainCookieReader samlCommonDomainCookieWriter samlDiscoveryProtocolActivation samlDiscoveryProtocolURL samlDiscoveryProtocolPolicy samlDiscoveryProtocolIsPassive samlOverrideIDPEntityID)];
|
||||||
our $oidcServiceParameters = [qw(oidcServiceMetaDataIssuer oidcServiceMetaDataAuthorizeURI oidcServiceMetaDataTokenURI oidcServiceMetaDataUserInfoURI oidcServiceMetaDataJWKSURI oidcServiceMetaDataRegistrationURI oidcServiceMetaDataIntrospectionURI oidcServiceMetaDataEndSessionURI oidcServiceMetaDataCheckSessionURI oidcServiceMetaDataFrontChannelURI oidcServiceMetaDataBackChannelURI oidcServiceMetaDataAuthnContext oidcServicePrivateKeySig oidcServicePublicKeySig oidcServiceKeyIdSig oidcServiceAllowDynamicRegistration oidcServiceAllowAuthorizationCodeFlow oidcServiceAllowImplicitFlow oidcServiceAllowHybridFlow oidcStorage oidcStorageOptions)];
|
our $oidcServiceParameters = [qw(oidcServiceMetaDataIssuer oidcServiceMetaDataAuthorizeURI oidcServiceMetaDataTokenURI oidcServiceMetaDataUserInfoURI oidcServiceMetaDataJWKSURI oidcServiceMetaDataRegistrationURI oidcServiceMetaDataIntrospectionURI oidcServiceMetaDataEndSessionURI oidcServiceMetaDataCheckSessionURI oidcServiceMetaDataFrontChannelURI oidcServiceMetaDataBackChannelURI oidcServiceMetaDataAuthnContext oidcServicePrivateKeySig oidcServicePublicKeySig oidcServiceKeyIdSig oidcServiceAllowDynamicRegistration oidcServiceAllowAuthorizationCodeFlow oidcServiceAllowImplicitFlow oidcServiceAllowHybridFlow oidcStorage oidcStorageOptions)];
|
||||||
|
|
|
||||||
|
|
@ -1378,6 +1378,10 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
|
||||||
'default' => 1,
|
'default' => 1,
|
||||||
'type' => 'boolOrExpr'
|
'type' => 'boolOrExpr'
|
||||||
},
|
},
|
||||||
|
'issuersTimeout' => {
|
||||||
|
'default' => 120,
|
||||||
|
'type' => 'int'
|
||||||
|
},
|
||||||
'jsRedirect' => {
|
'jsRedirect' => {
|
||||||
'default' => 0,
|
'default' => 0,
|
||||||
'type' => 'boolOrExpr'
|
'type' => 'boolOrExpr'
|
||||||
|
|
|
||||||
|
|
@ -664,6 +664,11 @@ sub attributes {
|
||||||
type => 'int',
|
type => 'int',
|
||||||
documentation => 'Token timeout for forms',
|
documentation => 'Token timeout for forms',
|
||||||
},
|
},
|
||||||
|
issuersTimeout => {
|
||||||
|
default => 120,
|
||||||
|
type => 'int',
|
||||||
|
documentation => 'Token timeout for issuers',
|
||||||
|
},
|
||||||
requireToken => {
|
requireToken => {
|
||||||
default => 1,
|
default => 1,
|
||||||
type => 'boolOrExpr',
|
type => 'boolOrExpr',
|
||||||
|
|
|
||||||
|
|
@ -493,6 +493,12 @@ sub tree {
|
||||||
'issuerDBGetParameters'
|
'issuerDBGetParameters'
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
title => 'issuerOptions',
|
||||||
|
help => 'start.html#options',
|
||||||
|
form => 'simpleInputContainer',
|
||||||
|
nodes => ['issuersTimeout']
|
||||||
|
},
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
|
@ -553,7 +559,8 @@ sub tree {
|
||||||
{
|
{
|
||||||
title => 'reloadParams',
|
title => 'reloadParams',
|
||||||
help => 'configlocation.html#configuration_reload',
|
help => 'configlocation.html#configuration_reload',
|
||||||
nodes => [ 'reloadUrls', 'reloadTimeout', 'dontCompactConf' ]
|
nodes =>
|
||||||
|
[ 'reloadUrls', 'reloadTimeout', 'dontCompactConf' ]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
title => 'plugins',
|
title => 'plugins',
|
||||||
|
|
|
||||||
|
|
@ -344,7 +344,9 @@
|
||||||
"issuerDBOpenIDConnectActivation":"تفعيل",
|
"issuerDBOpenIDConnectActivation":"تفعيل",
|
||||||
"issuerDBOpenIDConnectPath":"مسار",
|
"issuerDBOpenIDConnectPath":"مسار",
|
||||||
"issuerDBOpenIDConnectRule":"استخدام القاعدة",
|
"issuerDBOpenIDConnectRule":"استخدام القاعدة",
|
||||||
|
"issuerOptions":"Options",
|
||||||
"issuerParams":"وحدات المصدر",
|
"issuerParams":"وحدات المصدر",
|
||||||
|
"issuersTimeout":"Issuers timeout",
|
||||||
"jsRedirect":"إعادة توجيه الرسالة",
|
"jsRedirect":"إعادة توجيه الرسالة",
|
||||||
"jqueryButtonSelector":"زر التحديد ل جي كويري (اختياري)",
|
"jqueryButtonSelector":"زر التحديد ل جي كويري (اختياري)",
|
||||||
"jqueryFormSelector":"تحديد الاستمارة ل جي كويري (اختياري)",
|
"jqueryFormSelector":"تحديد الاستمارة ل جي كويري (اختياري)",
|
||||||
|
|
|
||||||
|
|
@ -344,7 +344,9 @@
|
||||||
"issuerDBOpenIDConnectActivation":"Activation",
|
"issuerDBOpenIDConnectActivation":"Activation",
|
||||||
"issuerDBOpenIDConnectPath":"Path",
|
"issuerDBOpenIDConnectPath":"Path",
|
||||||
"issuerDBOpenIDConnectRule":"Use rule",
|
"issuerDBOpenIDConnectRule":"Use rule",
|
||||||
|
"issuerOptions":"Options",
|
||||||
"issuerParams":"Issuer modules",
|
"issuerParams":"Issuer modules",
|
||||||
|
"issuersTimeout":"Issuers timeout",
|
||||||
"jsRedirect":"Redirection message",
|
"jsRedirect":"Redirection message",
|
||||||
"jqueryButtonSelector":"jQuery button selector (optional)",
|
"jqueryButtonSelector":"jQuery button selector (optional)",
|
||||||
"jqueryFormSelector":"jQuery form selector (optional)",
|
"jqueryFormSelector":"jQuery form selector (optional)",
|
||||||
|
|
|
||||||
|
|
@ -344,7 +344,9 @@
|
||||||
"issuerDBOpenIDConnectActivation":"Activation",
|
"issuerDBOpenIDConnectActivation":"Activation",
|
||||||
"issuerDBOpenIDConnectPath":"Path",
|
"issuerDBOpenIDConnectPath":"Path",
|
||||||
"issuerDBOpenIDConnectRule":"Use rule",
|
"issuerDBOpenIDConnectRule":"Use rule",
|
||||||
|
"issuerOptions":"Options",
|
||||||
"issuerParams":"Issuer modules",
|
"issuerParams":"Issuer modules",
|
||||||
|
"issuersTimeout":"Issuers timeout",
|
||||||
"jsRedirect":"Redirection message",
|
"jsRedirect":"Redirection message",
|
||||||
"jqueryButtonSelector":"jQuery button selector (optional)",
|
"jqueryButtonSelector":"jQuery button selector (optional)",
|
||||||
"jqueryFormSelector":"jQuery form selector (optional)",
|
"jqueryFormSelector":"jQuery form selector (optional)",
|
||||||
|
|
|
||||||
|
|
@ -344,7 +344,9 @@
|
||||||
"issuerDBOpenIDConnectActivation":"Activation",
|
"issuerDBOpenIDConnectActivation":"Activation",
|
||||||
"issuerDBOpenIDConnectPath":"Chemin",
|
"issuerDBOpenIDConnectPath":"Chemin",
|
||||||
"issuerDBOpenIDConnectRule":"Règle d'utilisation",
|
"issuerDBOpenIDConnectRule":"Règle d'utilisation",
|
||||||
|
"issuerOptions":"Options",
|
||||||
"issuerParams":"Modules fournisseur",
|
"issuerParams":"Modules fournisseur",
|
||||||
|
"issuersTimeout":"Délai de validation pour les fournisseurs",
|
||||||
"jsRedirect":"Message de redirection",
|
"jsRedirect":"Message de redirection",
|
||||||
"jqueryButtonSelector":"Sélecteur jQuery du bouton (optionnel)",
|
"jqueryButtonSelector":"Sélecteur jQuery du bouton (optionnel)",
|
||||||
"jqueryFormSelector":"Sélecteur jQuery du formulaire (optionnel)",
|
"jqueryFormSelector":"Sélecteur jQuery du formulaire (optionnel)",
|
||||||
|
|
|
||||||
|
|
@ -344,7 +344,9 @@
|
||||||
"issuerDBOpenIDConnectActivation":"Attivazione",
|
"issuerDBOpenIDConnectActivation":"Attivazione",
|
||||||
"issuerDBOpenIDConnectPath":"Path",
|
"issuerDBOpenIDConnectPath":"Path",
|
||||||
"issuerDBOpenIDConnectRule":"Utilizza la regola",
|
"issuerDBOpenIDConnectRule":"Utilizza la regola",
|
||||||
|
"issuerOptions":"Options",
|
||||||
"issuerParams":"Moduli emittenti",
|
"issuerParams":"Moduli emittenti",
|
||||||
|
"issuersTimeout":"Issuers timeout",
|
||||||
"jsRedirect":"Messaggio di reindirizzamento",
|
"jsRedirect":"Messaggio di reindirizzamento",
|
||||||
"jqueryButtonSelector":"Selettore del pulsante jQuery (opzionale)",
|
"jqueryButtonSelector":"Selettore del pulsante jQuery (opzionale)",
|
||||||
"jqueryFormSelector":"Selettore modulo jQuery (opzionale)",
|
"jqueryFormSelector":"Selettore modulo jQuery (opzionale)",
|
||||||
|
|
|
||||||
|
|
@ -344,7 +344,9 @@
|
||||||
"issuerDBOpenIDConnectActivation":"Kích hoạt",
|
"issuerDBOpenIDConnectActivation":"Kích hoạt",
|
||||||
"issuerDBOpenIDConnectPath":"Đường dẫn",
|
"issuerDBOpenIDConnectPath":"Đường dẫn",
|
||||||
"issuerDBOpenIDConnectRule":"Quy tắc sử dụng",
|
"issuerDBOpenIDConnectRule":"Quy tắc sử dụng",
|
||||||
|
"issuerOptions":"Options",
|
||||||
"issuerParams":"Mô-đun của nhà phát hành",
|
"issuerParams":"Mô-đun của nhà phát hành",
|
||||||
|
"issuersTimeout":"Issuers timeout",
|
||||||
"jsRedirect":"Thông báo chuyển hướng",
|
"jsRedirect":"Thông báo chuyển hướng",
|
||||||
"jqueryButtonSelector":"nút chọn jQuery (tùy chọn)",
|
"jqueryButtonSelector":"nút chọn jQuery (tùy chọn)",
|
||||||
"jqueryFormSelector":"trình đơn chọn jQuery (tùy chọn)",
|
"jqueryFormSelector":"trình đơn chọn jQuery (tùy chọn)",
|
||||||
|
|
|
||||||
|
|
@ -344,7 +344,9 @@
|
||||||
"issuerDBOpenIDConnectActivation":"激活",
|
"issuerDBOpenIDConnectActivation":"激活",
|
||||||
"issuerDBOpenIDConnectPath":"Path",
|
"issuerDBOpenIDConnectPath":"Path",
|
||||||
"issuerDBOpenIDConnectRule":"Use rule",
|
"issuerDBOpenIDConnectRule":"Use rule",
|
||||||
|
"issuerOptions":"Options",
|
||||||
"issuerParams":"Issuer modules",
|
"issuerParams":"Issuer modules",
|
||||||
|
"issuersTimeout":"Issuers timeout",
|
||||||
"jsRedirect":"Redirection message",
|
"jsRedirect":"Redirection message",
|
||||||
"jqueryButtonSelector":"jQuery 按钮选择器(可选)",
|
"jqueryButtonSelector":"jQuery 按钮选择器(可选)",
|
||||||
"jqueryFormSelector":"jQuery form selector (optional)",
|
"jqueryFormSelector":"jQuery form selector (optional)",
|
||||||
|
|
|
||||||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
|
@ -35,7 +35,8 @@ has _ott => (
|
||||||
lazy => 1,
|
lazy => 1,
|
||||||
default => sub {
|
default => sub {
|
||||||
my $ott = $_[0]->{p}->loadModule('::Lib::OneTimeToken');
|
my $ott = $_[0]->{p}->loadModule('::Lib::OneTimeToken');
|
||||||
$ott->timeout( $_[0]->{conf}->{formTimeout} );
|
my $timeout = $_[0]->{conf}->{issuersTimeout} // $_[0]->{conf}->{formTimeout};
|
||||||
|
$ott->timeout( $timeout );
|
||||||
return $ott;
|
return $ott;
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user