Add manager UI for per-service macros (#2042)
This commit is contained in:
parent
a410793122
commit
bbef316754
|
@ -23,7 +23,7 @@ use constant HANDLERSECTION => "handler";
|
|||
use constant MANAGERSECTION => "manager";
|
||||
use constant SESSIONSEXPLORERSECTION => "sessionsExplorer";
|
||||
use constant APPLYSECTION => "apply";
|
||||
our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|facebook|webID)ExportedVa|exported(?:Heade|Va)|issuerDBGetParamete)r|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|macro)s|o(?:idc(?:RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node)|S(?:erviceMetaDataAuthnContext|torageOptions))|penIdExportedVars)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars|fExtra)|c(?:as(?:S(?:rvMetaData(?:(?:ExportedVar|Option)s|Node)|torageOptions)|A(?:ppMetaData(?:(?:ExportedVar|Option)s|Node)|ttributes))|(?:ustom(?:Plugins|Add)Param|ombModule)s)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|a(?:ut(?:hChoiceMod|oSigninR)ules|pplicationList)|v(?:hostOptions|irtualHost)|S(?:MTPTLSOpts|SLVarIf))$/;
|
||||
our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|facebook|webID)ExportedVa|exported(?:Heade|Va)|issuerDBGetParamete)r|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|macro)s|o(?:idc(?:RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar|Macro)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node)|S(?:erviceMetaDataAuthnContext|torageOptions))|penIdExportedVars)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option|Macro)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars|fExtra)|c(?:as(?:A(?:ppMetaData(?:(?:ExportedVar|Option|Macro)s|Node)|ttributes)|S(?:rvMetaData(?:(?:ExportedVar|Option)s|Node)|torageOptions))|(?:ustom(?:Plugins|Add)Param|ombModule)s)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|a(?:ut(?:hChoiceMod|oSigninR)ules|pplicationList)|v(?:hostOptions|irtualHost)|S(?:MTPTLSOpts|SLVarIf))$/;
|
||||
our $boolKeys = qr/^(?:s(?:aml(?:IDP(?:MetaDataOptions(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|IsPassiv)e|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Force(?:Authn|UTF8)|StoreSAMLToken|RelayStateURL)|SSODescriptorWantAuthnRequestsSigned)|S(?:P(?:MetaDataOptions(?:(?:CheckS[LS]OMessageSignatur|OneTimeUs)e|EnableIDPInitiatedURL|ForceUTF8)|SSODescriptor(?:WantAssertion|AuthnRequest)sSigned)|erviceUseCertificateInResponse)|DiscoveryProtocol(?:Activation|IsPassive)|CommonDomainCookieActivation|UseQueryStringSpecific|MetadataForceUTF8)|ingle(?:Session(?:UserByIP)?|(?:UserBy)?IP)|oap(?:Session|Config)Server|t(?:ayConnecte|orePasswor)d|kipRenewConfirmation|fRemovedUseNotif|laveDisplayLogo|howLanguages|slByAjax)|o(?:idc(?:RPMetaDataOptions(?:Re(?:freshToken|quirePKCE)|LogoutSessionRequired|IDTokenForceClaims|BypassConsent|AllowOffline|Public)|ServiceAllow(?:(?:AuthorizationCode|Implicit|Hybrid)Flow|DynamicRegistration)|OPMetaDataOptions(?:(?:CheckJWTSignatur|UseNonc)e|StoreIDToken))|ldNotifFormat)|p(?:ortal(?:Display(?:Re(?:setPassword|gister)|GeneratePassword|PasswordPolicy)|ErrorOn(?:ExpiredSession|MailNotFound)|(?:CheckLogin|Statu)s|OpenLinkInNewWindow|RequireOldPassword|ForceAuthn|AntiFrame)|roxyUseSoap)|c(?:a(?:ptcha_(?:register|login|mail)_enabled|sSrvMetaDataOptions(?:Gateway|Renew))|heck(?:User(?:Display(?:PersistentInfo|EmptyValues))?|State|XSS)|o(?:ntextSwitchingStopWithLogout|rsEnabled)|da)|l(?:dap(?:(?:Group(?:DecodeSearchedValu|Recursiv)|UsePasswordResetAttribut)e|(?:AllowResetExpired|Set)Password|ChangePasswordAsUser|PpolicyControl|ITDS)|oginHistoryEnabled)|i(?:ssuerDB(?:OpenID(?:Connect)?|SAML|CAS|Get)Activation|mpersonationSkipEmptyValues)|no(?:tif(?:ication(?:Server(?:(?:POS|GE)T|DELETE)?)?|y(?:Deleted|Other))|AjaxHook)|to(?:tp2f(?:UserCan(?:Chang|Remov)eKey|DisplayExistingSecret)|kenUseGlobalStorage)|u(?:se(?:RedirectOn(?:Forbidden|Error)|SafeJail)|2fUserCanRemoveKey|pgradeSession)|re(?:st(?:(?:Session|Config)Server|ExportSecretKeys)|freshSessions)|d(?:isablePersistentStorage|biDynamicHashEnabled|ontCompactConf)|(?:mai(?:lOnPasswordChang|ntenanc)|vhostMaintenanc)e|br(?:owsersDontStorePassword|uteForceProtection)|(?:(?:globalLogout|active)Tim|wsdlServ)er|h(?:ideOldPassword|ttpOnly)|yubikey2fUserCanRemoveKey|krb(?:RemoveDomain|ByJs))$/;
|
||||
|
||||
our @sessionTypes = ( 'remoteGlobal', 'global', 'localSession', 'persistent', 'saml', 'oidc', 'cas' );
|
||||
|
|
|
@ -269,7 +269,9 @@ sub _samlMetaDataNodes {
|
|||
my ( $id, $resp ) = ( 1, [] );
|
||||
|
||||
# Return all exported attributes if asked
|
||||
if ( $query =~ /^saml${type}MetaDataExportedAttributes$/ ) {
|
||||
if ( $query =~
|
||||
/^saml${type}MetaDataExportedAttributes|samlSPMetaDataMacros$/ )
|
||||
{
|
||||
my $pk =
|
||||
eval { $self->getConfKey( $req, $query )->{$partner} } // {};
|
||||
return $self->sendError( $req, undef, 400 ) if ( $req->error );
|
||||
|
@ -380,7 +382,7 @@ sub _oidcMetaDataNodes {
|
|||
|
||||
# Return all exported attributes if asked
|
||||
if ( $query =~
|
||||
/^(?:oidc${type}MetaDataExportedVars|oidcRPMetaDataOptionsExtraClaims)$/
|
||||
/^(?:oidc${type}MetaDataExportedVars|oidcRPMetaDataOptionsExtraClaims|oidcRPMetaDataMacros)$/
|
||||
)
|
||||
{
|
||||
my $pk = eval { $self->getConfKey( $req, $query )->{$partner} } // {};
|
||||
|
@ -478,7 +480,7 @@ sub _casMetaDataNodes {
|
|||
|
||||
# Return all exported attributes if asked
|
||||
if ( $query =~
|
||||
/^(?:cas${type}MetaDataExportedVars|casSrvMetaDataOptionsProxiedServices)$/
|
||||
/^(?:cas${type}MetaDataExportedVars|casSrvMetaDataOptionsProxiedServices|casAppMetaDataMacros)$/
|
||||
)
|
||||
{
|
||||
my $pk = eval { $self->getConfKey( $req, $query )->{$partner} } // {};
|
||||
|
@ -549,7 +551,8 @@ sub authChoiceModules {
|
|||
if ($@) {
|
||||
$self->logger->error(
|
||||
"Bad value in choice over parameters, deleted ($@)");
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
$data->[5] = [ map { [ $_, $over->{$_} ] } keys %{$over} ];
|
||||
}
|
||||
}
|
||||
|
|
|
@ -14,22 +14,22 @@ our @EXPORT = ( @{ $EXPORT_TAGS{'all'} } );
|
|||
our $specialNodeHash = {
|
||||
virtualHosts => [qw(exportedHeaders locationRules post vhostOptions)],
|
||||
samlIDPMetaDataNodes => [qw(samlIDPMetaDataXML samlIDPMetaDataExportedAttributes samlIDPMetaDataOptions)],
|
||||
samlSPMetaDataNodes => [qw(samlSPMetaDataXML samlSPMetaDataExportedAttributes samlSPMetaDataOptions)],
|
||||
samlSPMetaDataNodes => [qw(samlSPMetaDataXML samlSPMetaDataExportedAttributes samlSPMetaDataOptions samlSPMetaDataMacros)],
|
||||
oidcOPMetaDataNodes => [qw(oidcOPMetaDataJSON oidcOPMetaDataJWKS oidcOPMetaDataOptions oidcOPMetaDataExportedVars)],
|
||||
oidcRPMetaDataNodes => [qw(oidcRPMetaDataOptions oidcRPMetaDataExportedVars oidcRPMetaDataOptionsExtraClaims)],
|
||||
oidcRPMetaDataNodes => [qw(oidcRPMetaDataOptions oidcRPMetaDataExportedVars oidcRPMetaDataOptionsExtraClaims oidcRPMetaDataMacros)],
|
||||
casSrvMetaDataNodes => [qw(casSrvMetaDataOptions casSrvMetaDataExportedVars)],
|
||||
casAppMetaDataNodes => [qw(casAppMetaDataOptions casAppMetaDataExportedVars)],
|
||||
casAppMetaDataNodes => [qw(casAppMetaDataOptions casAppMetaDataExportedVars casAppMetaDataMacros)],
|
||||
};
|
||||
|
||||
our $doubleHashKeys = 'issuerDBGetParameters';
|
||||
our $simpleHashKeys = '(?:(?:l(?:o(?:calSessionStorageOption|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|c(?:as(?:StorageOption|Attribute)|ustom(?:Plugins|Add)Param|ombModule)|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|(?:(?:d(?:emo|bi)|facebook|webID)E|e)xportedVar|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|p(?:ersistentStorageOption|ortalSkinRule)|macro)s|o(?:idcS(?:erviceMetaDataAuthnContext|torageOptions)|penIdExportedVars)|s(?:(?:amlStorageOption|laveExportedVar)s|essionDataToRemember|fExtra)|a(?:ut(?:hChoiceMod|oSigninR)ules|pplicationList)|S(?:MTPTLSOpts|SLVarIf))';
|
||||
our $specialNodeKeys = '(?:(?:(?:saml(?:ID|S)|oidc[OR])P|cas(?:App|Srv))MetaDataNode|virtualHost)s';
|
||||
our $casAppMetaDataNodeKeys = 'casAppMetaData(?:Options(?:UserAttribut|Servic|Rul)e|ExportedVars)';
|
||||
our $casAppMetaDataNodeKeys = 'casAppMetaData(?:Options(?:UserAttribut|Servic|Rul)e|(?:ExportedVar|Macro)s)';
|
||||
our $casSrvMetaDataNodeKeys = 'casSrvMetaData(?:Options(?:ProxiedServices|DisplayName|SortNumber|Gateway|Renew|Icon|Url)|ExportedVars)';
|
||||
our $oidcOPMetaDataNodeKeys = 'oidcOPMetaData(?:Options(?:C(?:lient(?:Secret|ID)|heckJWTSignature|onfigurationURI)|S(?:toreIDToken|ortNumber|cope)|TokenEndpointAuthMethod|(?:JWKSTimeou|Promp)t|I(?:DTokenMaxAge|con)|U(?:iLocales|seNonce)|Display(?:Name)?|AcrValues|MaxAge)|ExportedVars|J(?:SON|WKS))';
|
||||
our $oidcRPMetaDataNodeKeys = 'oidcRPMetaData(?:Options(?:A(?:(?:uthorizationCode|ccessToken)Expiration|llowOffline)|I(?:DToken(?:ForceClaims|Expiration|SignAlg)|con)|R(?:e(?:directUris|freshToken|quirePKCE)|ule)|Logout(?:SessionRequired|Type|Url)|P(?:ostLogoutRedirectUris|ublic)|OfflineSessionExpiration|Client(?:Secret|ID)|BypassConsent|DisplayName|ExtraClaims|UserIDAttr)|ExportedVars)';
|
||||
our $oidcRPMetaDataNodeKeys = 'oidcRPMetaData(?:Options(?:A(?:(?:uthorizationCode|ccessToken)Expiration|llowOffline)|I(?:DToken(?:ForceClaims|Expiration|SignAlg)|con)|R(?:e(?:directUris|freshToken|quirePKCE)|ule)|Logout(?:SessionRequired|Type|Url)|P(?:ostLogoutRedirectUris|ublic)|OfflineSessionExpiration|Client(?:Secret|ID)|BypassConsent|DisplayName|ExtraClaims|UserIDAttr)|(?:ExportedVar|Macro)s)';
|
||||
our $samlIDPMetaDataNodeKeys = 'samlIDPMetaData(?:Options(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|EncryptionMod|UserAttribut|DisplayNam)e|S(?:ignS[LS]OMessage|toreSAMLToken|[LS]OBinding|ortNumber)|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Re(?:questedAuthnContext|solutionRule|layStateURL)|Force(?:Authn|UTF8)|I(?:sPassive|con)|NameIDFormat)|ExportedAttributes|XML)';
|
||||
our $samlSPMetaDataNodeKeys = 'samlSPMetaData(?:Options(?:N(?:ameID(?:SessionKey|Format)|otOnOrAfterTimeout)|S(?:essionNotOnOrAfterTimeout|ignS[LS]OMessage)|(?:CheckS[LS]OMessageSignatur|OneTimeUs|Rul)e|En(?:ableIDPInitiatedURL|cryptionMode)|ForceUTF8)|ExportedAttributes|XML)';
|
||||
our $samlSPMetaDataNodeKeys = 'samlSPMetaData(?:Options(?:N(?:ameID(?:SessionKey|Format)|otOnOrAfterTimeout)|S(?:essionNotOnOrAfterTimeout|ignS[LS]OMessage)|(?:CheckS[LS]OMessageSignatur|OneTimeUs|Rul)e|En(?:ableIDPInitiatedURL|cryptionMode)|ForceUTF8)|(?:ExportedAttribute|Macro)s|XML)';
|
||||
our $virtualHostKeys = '(?:vhost(?:A(?:uthnLevel|liases)|(?:Maintenanc|Typ)e|ServiceTokenTTL|Https|Port)|(?:exportedHeader|locationRule)s|post)';
|
||||
|
||||
our $authParameters = {
|
||||
|
|
|
@ -674,6 +674,17 @@ sub attributes {
|
|||
},
|
||||
'type' => 'keyTextContainer'
|
||||
},
|
||||
'casAppMetaDataMacros' => {
|
||||
'default' => {},
|
||||
'test' => {
|
||||
'keyMsgFail' => '__badMacroName__',
|
||||
'keyTest' => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/,
|
||||
'test' => sub {
|
||||
return perlExpr(@_);
|
||||
}
|
||||
},
|
||||
'type' => 'keyTextContainer'
|
||||
},
|
||||
'casAppMetaDataNodes' => {
|
||||
'type' => 'casAppMetaDataNodeContainer'
|
||||
},
|
||||
|
@ -1993,6 +2004,17 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
|
|||
},
|
||||
'type' => 'keyTextContainer'
|
||||
},
|
||||
'oidcRPMetaDataMacros' => {
|
||||
'default' => {},
|
||||
'test' => {
|
||||
'keyMsgFail' => '__badMacroName__',
|
||||
'keyTest' => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/,
|
||||
'test' => sub {
|
||||
return perlExpr(@_);
|
||||
}
|
||||
},
|
||||
'type' => 'keyTextContainer'
|
||||
},
|
||||
'oidcRPMetaDataNodes' => {
|
||||
'type' => 'oidcRPMetaDataNodeContainer'
|
||||
},
|
||||
|
@ -3170,6 +3192,17 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
|
|||
'test' => qr/\w/,
|
||||
'type' => 'samlAttributeContainer'
|
||||
},
|
||||
'samlSPMetaDataMacros' => {
|
||||
'default' => {},
|
||||
'test' => {
|
||||
'keyMsgFail' => '__badMacroName__',
|
||||
'keyTest' => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/,
|
||||
'test' => sub {
|
||||
return perlExpr(@_);
|
||||
}
|
||||
},
|
||||
'type' => 'keyTextContainer'
|
||||
},
|
||||
'samlSPMetaDataNodes' => {
|
||||
'type' => 'samlSPMetaDataNodeContainer'
|
||||
},
|
||||
|
|
|
@ -184,11 +184,11 @@ our \@EXPORT = ( \@{ \$EXPORT_TAGS{'all'} } );
|
|||
our \$specialNodeHash = {
|
||||
virtualHosts => [qw(exportedHeaders locationRules post vhostOptions)],
|
||||
samlIDPMetaDataNodes => [qw(samlIDPMetaDataXML samlIDPMetaDataExportedAttributes samlIDPMetaDataOptions)],
|
||||
samlSPMetaDataNodes => [qw(samlSPMetaDataXML samlSPMetaDataExportedAttributes samlSPMetaDataOptions)],
|
||||
samlSPMetaDataNodes => [qw(samlSPMetaDataXML samlSPMetaDataExportedAttributes samlSPMetaDataOptions samlSPMetaDataMacros)],
|
||||
oidcOPMetaDataNodes => [qw(oidcOPMetaDataJSON oidcOPMetaDataJWKS oidcOPMetaDataOptions oidcOPMetaDataExportedVars)],
|
||||
oidcRPMetaDataNodes => [qw(oidcRPMetaDataOptions oidcRPMetaDataExportedVars oidcRPMetaDataOptionsExtraClaims)],
|
||||
oidcRPMetaDataNodes => [qw(oidcRPMetaDataOptions oidcRPMetaDataExportedVars oidcRPMetaDataOptionsExtraClaims oidcRPMetaDataMacros)],
|
||||
casSrvMetaDataNodes => [qw(casSrvMetaDataOptions casSrvMetaDataExportedVars)],
|
||||
casAppMetaDataNodes => [qw(casAppMetaDataOptions casAppMetaDataExportedVars)],
|
||||
casAppMetaDataNodes => [qw(casAppMetaDataOptions casAppMetaDataExportedVars casAppMetaDataMacros)],
|
||||
};
|
||||
|
||||
EOF
|
||||
|
@ -277,11 +277,13 @@ $defaultAttr}
|
|||
exportedHeaders locationRules post vhostOptions
|
||||
samlIDPMetaDataXML samlIDPMetaDataExportedAttributes
|
||||
samlIDPMetaDataOptions samlSPMetaDataXML
|
||||
samlSPMetaDataExportedAttributes samlSPMetaDataOptions
|
||||
oidcOPMetaDataJSON oidcOPMetaDataJWKS oidcOPMetaDataOptions
|
||||
samlSPMetaDataExportedAttributes samlSPMetaDataMacros
|
||||
samlSPMetaDataOptions oidcOPMetaDataJSON
|
||||
oidcOPMetaDataJWKS oidcOPMetaDataOptions
|
||||
oidcOPMetaDataExportedVars oidcRPMetaDataOptions
|
||||
oidcRPMetaDataExportedVars oidcRPMetaDataOptionsExtraClaims
|
||||
casAppMetaDataExportedVars casAppMetaDataOptions
|
||||
oidcRPMetaDataMacros casAppMetaDataExportedVars
|
||||
casAppMetaDataOptions casAppMetaDataMacros
|
||||
casSrvMetaDataExportedVars casSrvMetaDataOptions
|
||||
)
|
||||
)
|
||||
|
|
|
@ -2138,6 +2138,18 @@ sub attributes {
|
|||
test => sub { return perlExpr(@_) },
|
||||
documentation => 'CAS App rule',
|
||||
},
|
||||
casAppMetaDataMacros => {
|
||||
type => 'keyTextContainer',
|
||||
help =>
|
||||
'exportedvars.html#extend_variables_using_macros_and_groups',
|
||||
test => {
|
||||
keyTest => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/,
|
||||
keyMsgFail => '__badMacroName__',
|
||||
test => sub { return perlExpr(@_) },
|
||||
},
|
||||
default => {},
|
||||
documentation => 'Macros',
|
||||
},
|
||||
|
||||
# Fake attribute: used by manager REST API to agglomerate all nodes
|
||||
# related to a CAS SP partner
|
||||
|
@ -2737,6 +2749,18 @@ sub attributes {
|
|||
test => sub { return perlExpr(@_) },
|
||||
documentation => 'Rule to grant access to this SP',
|
||||
},
|
||||
samlSPMetaDataMacros => {
|
||||
type => 'keyTextContainer',
|
||||
help =>
|
||||
'exportedvars.html#extend_variables_using_macros_and_groups',
|
||||
test => {
|
||||
keyTest => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/,
|
||||
keyMsgFail => '__badMacroName__',
|
||||
test => sub { return perlExpr(@_) },
|
||||
},
|
||||
default => {},
|
||||
documentation => 'Macros',
|
||||
},
|
||||
|
||||
# AUTH, USERDB and PASSWORD MODULES
|
||||
authentication => {
|
||||
|
@ -3828,6 +3852,18 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
|
|||
test => sub { return perlExpr(@_) },
|
||||
documentation => 'Rule to grant access to this RP',
|
||||
},
|
||||
oidcRPMetaDataMacros => {
|
||||
type => 'keyTextContainer',
|
||||
help =>
|
||||
'exportedvars.html#extend_variables_using_macros_and_groups',
|
||||
test => {
|
||||
keyTest => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/,
|
||||
keyMsgFail => '__badMacroName__',
|
||||
test => sub { return perlExpr(@_) },
|
||||
},
|
||||
default => {},
|
||||
documentation => 'Macros',
|
||||
},
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
@ -138,7 +138,8 @@ sub cTrees {
|
|||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"samlSPMetaDataMacros",
|
||||
],
|
||||
oidcOPMetaDataNode => [
|
||||
'oidcOPMetaDataJSON',
|
||||
|
@ -224,6 +225,7 @@ sub cTrees {
|
|||
'oidcRPMetaDataOptionsRule',
|
||||
]
|
||||
},
|
||||
'oidcRPMetaDataMacros',
|
||||
{
|
||||
title => 'oidcRPMetaDataOptionsDisplay',
|
||||
form => 'simpleInputContainer',
|
||||
|
@ -266,6 +268,7 @@ sub cTrees {
|
|||
'casAppMetaDataOptionsRule'
|
||||
]
|
||||
},
|
||||
'casAppMetaDataMacros',
|
||||
],
|
||||
};
|
||||
}
|
||||
|
|
|
@ -334,7 +334,7 @@ sub _scanNodes {
|
|||
hdebug(" SAML data is an array, serializing");
|
||||
$leaf->{data} = join ';', @{ $leaf->{data} };
|
||||
}
|
||||
if ( $target =~ /^saml(?:S|ID)PMetaDataExportedAttributes$/ ) {
|
||||
if ( $target =~ /^saml(?:S|ID)PMetaData(?:ExportedAttributes|Macros)$/ ) {
|
||||
if ( $leaf->{cnodes} ) {
|
||||
hdebug(" $target: unopened node");
|
||||
$self->newConf->{$target}->{$key} =
|
||||
|
@ -394,7 +394,7 @@ sub _scanNodes {
|
|||
hdebug(" $target");
|
||||
$self->set( $target, $key, $leaf->{data} );
|
||||
}
|
||||
elsif ( $target =~ /^oidc(?:O|R)PMetaDataExportedVars$/ ) {
|
||||
elsif ( $target =~ /^oidc(?:O|R)PMetaData(?:ExportedVars|Macros)$/ ) {
|
||||
hdebug(" $target");
|
||||
if ( $leaf->{cnodes} ) {
|
||||
hdebug(' unopened');
|
||||
|
@ -463,7 +463,7 @@ sub _scanNodes {
|
|||
$self->_scanNodes($subNodes);
|
||||
$self->set( $target, $key, $leaf->{title}, $leaf->{data} );
|
||||
}
|
||||
elsif ( $target =~ /^cas(?:App|Srv)MetaDataExportedVars$/ ) {
|
||||
elsif ( $target =~ /^cas(?:App|Srv)MetaData(?:ExportedVars|Macros)$/ ) {
|
||||
hdebug(" $target");
|
||||
if ( $leaf->{cnodes} ) {
|
||||
hdebug(' unopened');
|
||||
|
|
|
@ -57,6 +57,14 @@ function templates(tpl,key) {
|
|||
"id" : "casAppMetaDataOptions",
|
||||
"title" : "casAppMetaDataOptions",
|
||||
"type" : "simpleInputContainer"
|
||||
},
|
||||
{
|
||||
"cnodes" : tpl+"s/"+key+"/"+"casAppMetaDataMacros",
|
||||
"default" : [],
|
||||
"help" : "exportedvars.html#extend_variables_using_macros_and_groups",
|
||||
"id" : tpl+"s/"+key+"/"+"casAppMetaDataMacros",
|
||||
"title" : "casAppMetaDataMacros",
|
||||
"type" : "keyTextContainer"
|
||||
}
|
||||
]
|
||||
;
|
||||
|
@ -579,6 +587,14 @@ function templates(tpl,key) {
|
|||
"id" : "oidcRPMetaDataOptions",
|
||||
"title" : "oidcRPMetaDataOptions"
|
||||
},
|
||||
{
|
||||
"cnodes" : tpl+"s/"+key+"/"+"oidcRPMetaDataMacros",
|
||||
"default" : [],
|
||||
"help" : "exportedvars.html#extend_variables_using_macros_and_groups",
|
||||
"id" : tpl+"s/"+key+"/"+"oidcRPMetaDataMacros",
|
||||
"title" : "oidcRPMetaDataMacros",
|
||||
"type" : "keyTextContainer"
|
||||
},
|
||||
{
|
||||
"_nodes" : [
|
||||
{
|
||||
|
@ -1120,6 +1136,14 @@ function templates(tpl,key) {
|
|||
"help" : "idpsaml.html#options",
|
||||
"id" : "samlSPMetaDataOptions",
|
||||
"title" : "samlSPMetaDataOptions"
|
||||
},
|
||||
{
|
||||
"cnodes" : tpl+"s/"+key+"/"+"samlSPMetaDataMacros",
|
||||
"default" : [],
|
||||
"help" : "exportedvars.html#extend_variables_using_macros_and_groups",
|
||||
"id" : tpl+"s/"+key+"/"+"samlSPMetaDataMacros",
|
||||
"title" : "samlSPMetaDataMacros",
|
||||
"type" : "keyTextContainer"
|
||||
}
|
||||
]
|
||||
;
|
||||
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -118,6 +118,7 @@
|
|||
"casAppMetaDataOptions":"خيارات",
|
||||
"casAppMetaDataOptionsService":"خدمة أل يو أر ل",
|
||||
"casAppMetaDataOptionsRule":"القاعدة",
|
||||
"casAppMetaDataMacros":"ماكرو",
|
||||
"casAppMetaDataOptionsUserAttribute":"خاصّيّة المستخدم",
|
||||
"casAppName":"اسم التطبيق كاس",
|
||||
"casAttr":"تسجيل الدخول كاس",
|
||||
|
@ -556,6 +557,7 @@
|
|||
"oidcRPMetaDataOptionsPublic":"Public client",
|
||||
"oidcRPMetaDataOptionsRequirePKCE":"Require PKCE",
|
||||
"oidcRPMetaDataOptionsRule":"قاعدة الدخول",
|
||||
"oidcRPMetaDataMacros":"ماكرو",
|
||||
"oidcOPMetaDataOptionsScope":"نطاق",
|
||||
"oidcOPMetaDataOptionsStoreIDToken":"مخزن تعريف التوكن",
|
||||
"oidcOPMetaDataOptionsTokenEndpointAuthMethod":"توكن نقطة النهاية لطريقة إثبات الهوية",
|
||||
|
@ -1021,6 +1023,7 @@
|
|||
"samlSPMetaDataOptionsNotOnOrAfterTimeout":"ليس على أو بعد المدة",
|
||||
"samlSPMetaDataOptionsForceUTF8":"فرضUTF-8 ",
|
||||
"samlSPMetaDataOptionsRule":"قاعدة الدخول",
|
||||
"samlSPMetaDataMacros":"ماكرو",
|
||||
"samlIDPName":"اسم SAML IDP",
|
||||
"samlServiceMetaData":"خدمة 2 SAML",
|
||||
"samlEntityID":"معرف الكيان",
|
||||
|
@ -1086,4 +1089,4 @@
|
|||
"samlRelayStateTimeout":"تناوب حالة مهلة الجلسة ",
|
||||
"samlUseQueryStringSpecific":"استخدام أسلوب query_string المعين",
|
||||
"samlOverrideIDPEntityID":"Override Entity ID when acting as IDP"
|
||||
}
|
||||
}
|
||||
|
|
|
@ -118,6 +118,7 @@
|
|||
"casAppMetaDataOptions":"Optionen",
|
||||
"casAppMetaDataOptionsService":"Service URL",
|
||||
"casAppMetaDataOptionsRule":"Regel",
|
||||
"casAppMetaDataMacros":"Macros",
|
||||
"casAppMetaDataOptionsUserAttribute":"User attribute",
|
||||
"casAppName":"CAS App Name",
|
||||
"casAttr":"CAS login",
|
||||
|
@ -556,6 +557,7 @@
|
|||
"oidcRPMetaDataOptionsPublic":"Public client",
|
||||
"oidcRPMetaDataOptionsRequirePKCE":"Require PKCE",
|
||||
"oidcRPMetaDataOptionsRule":"Access rule",
|
||||
"oidcRPMetaDataMacros":"Macros",
|
||||
"oidcOPMetaDataOptionsScope":"Scope",
|
||||
"oidcOPMetaDataOptionsStoreIDToken":"Store ID Token",
|
||||
"oidcOPMetaDataOptionsTokenEndpointAuthMethod":"Token endpoint authentication method",
|
||||
|
@ -1021,6 +1023,7 @@
|
|||
"samlSPMetaDataOptionsNotOnOrAfterTimeout":"notOnOrAfter duration",
|
||||
"samlSPMetaDataOptionsForceUTF8":"Force UTF-8",
|
||||
"samlSPMetaDataOptionsRule":"Access rule",
|
||||
"samlSPMetaDataMacros":"Macros",
|
||||
"samlIDPName":"SAML IDP Name",
|
||||
"samlServiceMetaData":"SAML2 Service",
|
||||
"samlEntityID":"Entity Identifier",
|
||||
|
@ -1086,4 +1089,4 @@
|
|||
"samlRelayStateTimeout":"RelayState session timeout",
|
||||
"samlUseQueryStringSpecific":"Use specific query_string method",
|
||||
"samlOverrideIDPEntityID":"Override Entity ID when acting as IDP"
|
||||
}
|
||||
}
|
||||
|
|
|
@ -118,6 +118,7 @@
|
|||
"casAppMetaDataOptions":"Options",
|
||||
"casAppMetaDataOptionsService":"Service URL",
|
||||
"casAppMetaDataOptionsRule":"Rule",
|
||||
"casAppMetaDataMacros":"Macros",
|
||||
"casAppMetaDataOptionsUserAttribute":"User attribute",
|
||||
"casAppName":"CAS App Name",
|
||||
"casAttr":"CAS login",
|
||||
|
@ -556,6 +557,7 @@
|
|||
"oidcRPMetaDataOptionsPublic":"Public client",
|
||||
"oidcRPMetaDataOptionsRequirePKCE":"Require PKCE",
|
||||
"oidcRPMetaDataOptionsRule":"Access rule",
|
||||
"oidcRPMetaDataMacros":"Macros",
|
||||
"oidcOPMetaDataOptionsScope":"Scope",
|
||||
"oidcOPMetaDataOptionsStoreIDToken":"Store ID Token",
|
||||
"oidcOPMetaDataOptionsTokenEndpointAuthMethod":"Token endpoint authentication method",
|
||||
|
@ -1021,6 +1023,7 @@
|
|||
"samlSPMetaDataOptionsNotOnOrAfterTimeout":"notOnOrAfter duration",
|
||||
"samlSPMetaDataOptionsForceUTF8":"Force UTF-8",
|
||||
"samlSPMetaDataOptionsRule":"Access rule",
|
||||
"samlSPMetaDataMacros":"Macros",
|
||||
"samlIDPName":"SAML IDP Name",
|
||||
"samlServiceMetaData":"SAML2 Service",
|
||||
"samlEntityID":"Entity Identifier",
|
||||
|
|
|
@ -118,6 +118,7 @@
|
|||
"casAppMetaDataOptions":"Options",
|
||||
"casAppMetaDataOptionsService":"URL du service",
|
||||
"casAppMetaDataOptionsRule":"Règle",
|
||||
"casAppMetaDataMacros":"Macros",
|
||||
"casAppMetaDataOptionsUserAttribute":"Attribut de l'utilisateur",
|
||||
"casAppName":"Nom de l'application CAS",
|
||||
"casAttr":"Identifiant CAS",
|
||||
|
@ -556,6 +557,7 @@
|
|||
"oidcRPMetaDataOptionsPublic":"Client public",
|
||||
"oidcRPMetaDataOptionsRequirePKCE":"PKCE requis",
|
||||
"oidcRPMetaDataOptionsRule":"Règle d'accès",
|
||||
"oidcRPMetaDataMacros":"Macros",
|
||||
"oidcOPMetaDataOptionsScope":"Étendue",
|
||||
"oidcOPMetaDataOptionsStoreIDToken":"Conserver le jeton d'identité",
|
||||
"oidcOPMetaDataOptionsTokenEndpointAuthMethod":"Méthode d'authentification pour l'accès aux jetons",
|
||||
|
@ -1021,6 +1023,7 @@
|
|||
"samlSPMetaDataOptionsNotOnOrAfterTimeout":"Durée notOnOrAfter",
|
||||
"samlSPMetaDataOptionsForceUTF8":"Forcer l'UTF-8",
|
||||
"samlSPMetaDataOptionsRule":"Règle d'accès",
|
||||
"samlSPMetaDataMacros":"Macros",
|
||||
"samlIDPName":"Nom du fournisseur d'identité SAML",
|
||||
"samlServiceMetaData":"Service SAML 2",
|
||||
"samlEntityID":"Identifiant d'entité",
|
||||
|
|
|
@ -118,6 +118,7 @@
|
|||
"casAppMetaDataOptions":"Opzioni",
|
||||
"casAppMetaDataOptionsService":"URL del servizio",
|
||||
"casAppMetaDataOptionsRule":"Regola",
|
||||
"casAppMetaDataMacros":"Macro",
|
||||
"casAppMetaDataOptionsUserAttribute":"Attributo utente",
|
||||
"casAppName":"Nome App CAS",
|
||||
"casAttr":"Login CAS",
|
||||
|
@ -556,6 +557,7 @@
|
|||
"oidcRPMetaDataOptionsPublic":"Cliente pubblico",
|
||||
"oidcRPMetaDataOptionsRequirePKCE":"Richiedi PKCE",
|
||||
"oidcRPMetaDataOptionsRule":"Regola di accesso",
|
||||
"oidcRPMetaDataMacros":"Macro",
|
||||
"oidcOPMetaDataOptionsScope":"Scopo",
|
||||
"oidcOPMetaDataOptionsStoreIDToken":"Immagazzina ID Token",
|
||||
"oidcOPMetaDataOptionsTokenEndpointAuthMethod":"Metodo di autenticazione degli endpoint di token",
|
||||
|
@ -1021,6 +1023,7 @@
|
|||
"samlSPMetaDataOptionsNotOnOrAfterTimeout":"Durata di notOnOrAfter ",
|
||||
"samlSPMetaDataOptionsForceUTF8":"Forza UTF-8",
|
||||
"samlSPMetaDataOptionsRule":"Regola di accesso",
|
||||
"samlSPMetaDataMacros":"Macro",
|
||||
"samlIDPName":"Nome di SAML IDP ",
|
||||
"samlServiceMetaData":"Servizio SAML 2",
|
||||
"samlEntityID":"Identificatore dell'entità",
|
||||
|
@ -1086,4 +1089,4 @@
|
|||
"samlRelayStateTimeout":"Timeout di sessione di RelayState",
|
||||
"samlUseQueryStringSpecific":"Utilizza il metodo specifico query_string",
|
||||
"samlOverrideIDPEntityID":"Sostituisci l'ID entità quando agisce come IDP"
|
||||
}
|
||||
}
|
||||
|
|
|
@ -118,6 +118,7 @@
|
|||
"casAppMetaDataOptions":"Tùy chọn",
|
||||
"casAppMetaDataOptionsService":"Dịch vụ URL",
|
||||
"casAppMetaDataOptionsRule":"Quy tắc",
|
||||
"casAppMetaDataMacros":"Macros",
|
||||
"casAppMetaDataOptionsUserAttribute":"thuộc tính người dùng",
|
||||
"casAppName":"Tên ứng dụng CAS",
|
||||
"casAttr":"Đăng nhập CAS ",
|
||||
|
@ -556,6 +557,7 @@
|
|||
"oidcRPMetaDataOptionsPublic":"Public client",
|
||||
"oidcRPMetaDataOptionsRequirePKCE":"Require PKCE",
|
||||
"oidcRPMetaDataOptionsRule":"Quy tắc truy cập",
|
||||
"oidcRPMetaDataMacros":"Macros",
|
||||
"oidcOPMetaDataOptionsScope":"Phạm vi",
|
||||
"oidcOPMetaDataOptionsStoreIDToken":"Mã thông báo Cửa hàng",
|
||||
"oidcOPMetaDataOptionsTokenEndpointAuthMethod":"Phương pháp xác thực thiết bị đầu cuối Token",
|
||||
|
@ -1021,6 +1023,7 @@
|
|||
"samlSPMetaDataOptionsNotOnOrAfterTimeout":"Thời gian notOnOrAfter ",
|
||||
"samlSPMetaDataOptionsForceUTF8":"Bắt buộc UTF-8",
|
||||
"samlSPMetaDataOptionsRule":"Quy tắc truy cập",
|
||||
"samlSPMetaDataMacros":"Macros",
|
||||
"samlIDPName":"Tên SAML IDP ",
|
||||
"samlServiceMetaData":"Dịch vụ SAML 2",
|
||||
"samlEntityID":"Thực thể trình định danh",
|
||||
|
@ -1086,4 +1089,4 @@
|
|||
"samlRelayStateTimeout":"Thời gian hết hạn phiên RelayState ",
|
||||
"samlUseQueryStringSpecific":"Sử dụng phương pháp query_string cụ thể",
|
||||
"samlOverrideIDPEntityID":"Override Entity ID when acting as IDP"
|
||||
}
|
||||
}
|
||||
|
|
|
@ -118,6 +118,7 @@
|
|||
"casAppMetaDataOptions":"选项",
|
||||
"casAppMetaDataOptionsService":"服务 URL",
|
||||
"casAppMetaDataOptionsRule":"规则",
|
||||
"casAppMetaDataMacros":"Macros",
|
||||
"casAppMetaDataOptionsUserAttribute":"User attribute",
|
||||
"casAppName":"CAS App 名称",
|
||||
"casAttr":"CAS 登录",
|
||||
|
@ -556,6 +557,7 @@
|
|||
"oidcRPMetaDataOptionsPublic":"Public client",
|
||||
"oidcRPMetaDataOptionsRequirePKCE":"Require PKCE",
|
||||
"oidcRPMetaDataOptionsRule":"Access rule",
|
||||
"oidcRPMetaDataMacros":"Macros",
|
||||
"oidcOPMetaDataOptionsScope":"Scope",
|
||||
"oidcOPMetaDataOptionsStoreIDToken":"Store ID Token",
|
||||
"oidcOPMetaDataOptionsTokenEndpointAuthMethod":"Token endpoint authentication method",
|
||||
|
@ -1021,6 +1023,7 @@
|
|||
"samlSPMetaDataOptionsNotOnOrAfterTimeout":"notOnOrAfter duration",
|
||||
"samlSPMetaDataOptionsForceUTF8":"Force UTF-8",
|
||||
"samlSPMetaDataOptionsRule":"Access rule",
|
||||
"samlSPMetaDataMacros":"Macros",
|
||||
"samlIDPName":"SAML IDP Name",
|
||||
"samlServiceMetaData":"SAML2 Service",
|
||||
"samlEntityID":"Entity Identifier",
|
||||
|
@ -1086,4 +1089,4 @@
|
|||
"samlRelayStateTimeout":"RelayState session timeout",
|
||||
"samlUseQueryStringSpecific":"Use specific query_string method",
|
||||
"samlOverrideIDPEntityID":"Override Entity ID when acting as IDP"
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user