dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add manager UI for per-service macros (#2042)

Browse Source
This commit is contained in:
Maxime Besson 2019-10-29 15:20:57 +01:00
parent a410793122
commit bbef316754
18 changed files with 150 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Constants.pm
View File

@ -23,7 +23,7 @@ use constant HANDLERSECTION => "handler";
use constant MANAGERSECTION => "manager";
use constant SESSIONSEXPLORERSECTION => "sessionsExplorer";
use constant APPLYSECTION => "apply";
our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|facebook|webID)ExportedVa|exported(?:Heade|Va)|issuerDBGetParamete)r|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|macro)s|o(?:idc(?:RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node)|S(?:erviceMetaDataAuthnContext|torageOptions))|penIdExportedVars)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars|fExtra)|c(?:as(?:S(?:rvMetaData(?:(?:ExportedVar|Option)s|Node)|torageOptions)|A(?:ppMetaData(?:(?:ExportedVar|Option)s|Node)|ttributes))|(?:ustom(?:Plugins|Add)Param|ombModule)s)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|a(?:ut(?:hChoiceMod|oSigninR)ules|pplicationList)|v(?:hostOptions|irtualHost)|S(?:MTPTLSOpts|SLVarIf))$/;
our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|facebook|webID)ExportedVa|exported(?:Heade|Va)|issuerDBGetParamete)r|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|macro)s|o(?:idc(?:RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar|Macro)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node)|S(?:erviceMetaDataAuthnContext|torageOptions))|penIdExportedVars)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option|Macro)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars|fExtra)|c(?:as(?:A(?:ppMetaData(?:(?:ExportedVar|Option|Macro)s|Node)|ttributes)|S(?:rvMetaData(?:(?:ExportedVar|Option)s|Node)|torageOptions))|(?:ustom(?:Plugins|Add)Param|ombModule)s)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|a(?:ut(?:hChoiceMod|oSigninR)ules|pplicationList)|v(?:hostOptions|irtualHost)|S(?:MTPTLSOpts|SLVarIf))$/;
our $boolKeys = qr/^(?:s(?:aml(?:IDP(?:MetaDataOptions(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|IsPassiv)e|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Force(?:Authn|UTF8)|StoreSAMLToken|RelayStateURL)|SSODescriptorWantAuthnRequestsSigned)|S(?:P(?:MetaDataOptions(?:(?:CheckS[LS]OMessageSignatur|OneTimeUs)e|EnableIDPInitiatedURL|ForceUTF8)|SSODescriptor(?:WantAssertion|AuthnRequest)sSigned)|erviceUseCertificateInResponse)|DiscoveryProtocol(?:Activation|IsPassive)|CommonDomainCookieActivation|UseQueryStringSpecific|MetadataForceUTF8)|ingle(?:Session(?:UserByIP)?|(?:UserBy)?IP)|oap(?:Session|Config)Server|t(?:ayConnecte|orePasswor)d|kipRenewConfirmation|fRemovedUseNotif|laveDisplayLogo|howLanguages|slByAjax)|o(?:idc(?:RPMetaDataOptions(?:Re(?:freshToken|quirePKCE)|LogoutSessionRequired|IDTokenForceClaims|BypassConsent|AllowOffline|Public)|ServiceAllow(?:(?:AuthorizationCode|Implicit|Hybrid)Flow|DynamicRegistration)|OPMetaDataOptions(?:(?:CheckJWTSignatur|UseNonc)e|StoreIDToken))|ldNotifFormat)|p(?:ortal(?:Display(?:Re(?:setPassword|gister)|GeneratePassword|PasswordPolicy)|ErrorOn(?:ExpiredSession|MailNotFound)|(?:CheckLogin|Statu)s|OpenLinkInNewWindow|RequireOldPassword|ForceAuthn|AntiFrame)|roxyUseSoap)|c(?:a(?:ptcha_(?:register|login|mail)_enabled|sSrvMetaDataOptions(?:Gateway|Renew))|heck(?:User(?:Display(?:PersistentInfo|EmptyValues))?|State|XSS)|o(?:ntextSwitchingStopWithLogout|rsEnabled)|da)|l(?:dap(?:(?:Group(?:DecodeSearchedValu|Recursiv)|UsePasswordResetAttribut)e|(?:AllowResetExpired|Set)Password|ChangePasswordAsUser|PpolicyControl|ITDS)|oginHistoryEnabled)|i(?:ssuerDB(?:OpenID(?:Connect)?|SAML|CAS|Get)Activation|mpersonationSkipEmptyValues)|no(?:tif(?:ication(?:Server(?:(?:POS|GE)T|DELETE)?)?|y(?:Deleted|Other))|AjaxHook)|to(?:tp2f(?:UserCan(?:Chang|Remov)eKey|DisplayExistingSecret)|kenUseGlobalStorage)|u(?:se(?:RedirectOn(?:Forbidden|Error)|SafeJail)|2fUserCanRemoveKey|pgradeSession)|re(?:st(?:(?:Session|Config)Server|ExportSecretKeys)|freshSessions)|d(?:isablePersistentStorage|biDynamicHashEnabled|ontCompactConf)|(?:mai(?:lOnPasswordChang|ntenanc)|vhostMaintenanc)e|br(?:owsersDontStorePassword|uteForceProtection)|(?:(?:globalLogout|active)Tim|wsdlServ)er|h(?:ideOldPassword|ttpOnly)|yubikey2fUserCanRemoveKey|krb(?:RemoveDomain|ByJs))$/;
our @sessionTypes = ( 'remoteGlobal', 'global', 'localSession', 'persistent', 'saml', 'oidc', 'cas' );

11
lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/RESTServer.pm
View File

@ -269,7 +269,9 @@ sub _samlMetaDataNodes {
my ( $id, $resp ) = ( 1, [] );
# Return all exported attributes if asked
if ( $query =~ /^saml${type}MetaDataExportedAttributes$/ ) {
if ( $query =~
/^saml${type}MetaDataExportedAttributes|samlSPMetaDataMacros$/ )
{
my $pk =
eval { $self->getConfKey( $req, $query )->{$partner} } // {};
return $self->sendError( $req, undef, 400 ) if ( $req->error );
@ -380,7 +382,7 @@ sub _oidcMetaDataNodes {
# Return all exported attributes if asked
if ( $query =~
/^(?:oidc${type}MetaDataExportedVars|oidcRPMetaDataOptionsExtraClaims)$/
/^(?:oidc${type}MetaDataExportedVars|oidcRPMetaDataOptionsExtraClaims|oidcRPMetaDataMacros)$/
)
{
my $pk = eval { $self->getConfKey( $req, $query )->{$partner} } // {};
@ -478,7 +480,7 @@ sub _casMetaDataNodes {
# Return all exported attributes if asked
if ( $query =~
/^(?:cas${type}MetaDataExportedVars|casSrvMetaDataOptionsProxiedServices)$/
/^(?:cas${type}MetaDataExportedVars|casSrvMetaDataOptionsProxiedServices|casAppMetaDataMacros)$/
)
{
my $pk = eval { $self->getConfKey( $req, $query )->{$partner} } // {};
@ -549,7 +551,8 @@ sub authChoiceModules {
if ($@) {
$self->logger->error(
"Bad value in choice over parameters, deleted ($@)");
} else {
}
else {
$data->[5] = [ map { [ $_, $over->{$_} ] } keys %{$over} ];
}
}

12
lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/ReConstants.pm
View File

@ -14,22 +14,22 @@ our @EXPORT = ( @{ $EXPORT_TAGS{'all'} } );
our $specialNodeHash = {
virtualHosts => [qw(exportedHeaders locationRules post vhostOptions)],
samlIDPMetaDataNodes => [qw(samlIDPMetaDataXML samlIDPMetaDataExportedAttributes samlIDPMetaDataOptions)],
samlSPMetaDataNodes => [qw(samlSPMetaDataXML samlSPMetaDataExportedAttributes samlSPMetaDataOptions)],
samlSPMetaDataNodes => [qw(samlSPMetaDataXML samlSPMetaDataExportedAttributes samlSPMetaDataOptions samlSPMetaDataMacros)],
oidcOPMetaDataNodes => [qw(oidcOPMetaDataJSON oidcOPMetaDataJWKS oidcOPMetaDataOptions oidcOPMetaDataExportedVars)],
oidcRPMetaDataNodes => [qw(oidcRPMetaDataOptions oidcRPMetaDataExportedVars oidcRPMetaDataOptionsExtraClaims)],
oidcRPMetaDataNodes => [qw(oidcRPMetaDataOptions oidcRPMetaDataExportedVars oidcRPMetaDataOptionsExtraClaims oidcRPMetaDataMacros)],
casSrvMetaDataNodes => [qw(casSrvMetaDataOptions casSrvMetaDataExportedVars)],
casAppMetaDataNodes => [qw(casAppMetaDataOptions casAppMetaDataExportedVars)],
casAppMetaDataNodes => [qw(casAppMetaDataOptions casAppMetaDataExportedVars casAppMetaDataMacros)],
};
our $doubleHashKeys = 'issuerDBGetParameters';
our $simpleHashKeys = '(?:(?:l(?:o(?:calSessionStorageOption|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|c(?:as(?:StorageOption|Attribute)|ustom(?:Plugins|Add)Param|ombModule)|re(?:moteGlobalStorageOption|st2f(?:Verify|Init)Arg|loadUrl)|(?:(?:d(?:emo|bi)|facebook|webID)E|e)xportedVar|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|p(?:ersistentStorageOption|ortalSkinRule)|macro)s|o(?:idcS(?:erviceMetaDataAuthnContext|torageOptions)|penIdExportedVars)|s(?:(?:amlStorageOption|laveExportedVar)s|essionDataToRemember|fExtra)|a(?:ut(?:hChoiceMod|oSigninR)ules|pplicationList)|S(?:MTPTLSOpts|SLVarIf))';
our $specialNodeKeys = '(?:(?:(?:saml(?:ID|S)|oidc[OR])P|cas(?:App|Srv))MetaDataNode|virtualHost)s';
our $casAppMetaDataNodeKeys = 'casAppMetaData(?:Options(?:UserAttribut|Servic|Rul)e|ExportedVars)';
our $casAppMetaDataNodeKeys = 'casAppMetaData(?:Options(?:UserAttribut|Servic|Rul)e|(?:ExportedVar|Macro)s)';
our $casSrvMetaDataNodeKeys = 'casSrvMetaData(?:Options(?:ProxiedServices|DisplayName|SortNumber|Gateway|Renew|Icon|Url)|ExportedVars)';
our $oidcOPMetaDataNodeKeys = 'oidcOPMetaData(?:Options(?:C(?:lient(?:Secret|ID)|heckJWTSignature|onfigurationURI)|S(?:toreIDToken|ortNumber|cope)|TokenEndpointAuthMethod|(?:JWKSTimeou|Promp)t|I(?:DTokenMaxAge|con)|U(?:iLocales|seNonce)|Display(?:Name)?|AcrValues|MaxAge)|ExportedVars|J(?:SON|WKS))';
our $oidcRPMetaDataNodeKeys = 'oidcRPMetaData(?:Options(?:A(?:(?:uthorizationCode|ccessToken)Expiration|llowOffline)|I(?:DToken(?:ForceClaims|Expiration|SignAlg)|con)|R(?:e(?:directUris|freshToken|quirePKCE)|ule)|Logout(?:SessionRequired|Type|Url)|P(?:ostLogoutRedirectUris|ublic)|OfflineSessionExpiration|Client(?:Secret|ID)|BypassConsent|DisplayName|ExtraClaims|UserIDAttr)|ExportedVars)';
our $oidcRPMetaDataNodeKeys = 'oidcRPMetaData(?:Options(?:A(?:(?:uthorizationCode|ccessToken)Expiration|llowOffline)|I(?:DToken(?:ForceClaims|Expiration|SignAlg)|con)|R(?:e(?:directUris|freshToken|quirePKCE)|ule)|Logout(?:SessionRequired|Type|Url)|P(?:ostLogoutRedirectUris|ublic)|OfflineSessionExpiration|Client(?:Secret|ID)|BypassConsent|DisplayName|ExtraClaims|UserIDAttr)|(?:ExportedVar|Macro)s)';
our $samlIDPMetaDataNodeKeys = 'samlIDPMetaData(?:Options(?:(?:Check(?:S[LS]OMessageSignatur|Audienc|Tim)|EncryptionMod|UserAttribut|DisplayNam)e|S(?:ignS[LS]OMessage|toreSAMLToken|[LS]OBinding|ortNumber)|A(?:llow(?:LoginFromIDP|ProxiedAuthn)|daptSessionUtime)|Re(?:questedAuthnContext|solutionRule|layStateURL)|Force(?:Authn|UTF8)|I(?:sPassive|con)|NameIDFormat)|ExportedAttributes|XML)';
our $samlSPMetaDataNodeKeys = 'samlSPMetaData(?:Options(?:N(?:ameID(?:SessionKey|Format)|otOnOrAfterTimeout)|S(?:essionNotOnOrAfterTimeout|ignS[LS]OMessage)|(?:CheckS[LS]OMessageSignatur|OneTimeUs|Rul)e|En(?:ableIDPInitiatedURL|cryptionMode)|ForceUTF8)|ExportedAttributes|XML)';
our $samlSPMetaDataNodeKeys = 'samlSPMetaData(?:Options(?:N(?:ameID(?:SessionKey|Format)|otOnOrAfterTimeout)|S(?:essionNotOnOrAfterTimeout|ignS[LS]OMessage)|(?:CheckS[LS]OMessageSignatur|OneTimeUs|Rul)e|En(?:ableIDPInitiatedURL|cryptionMode)|ForceUTF8)|(?:ExportedAttribute|Macro)s|XML)';
our $virtualHostKeys = '(?:vhost(?:A(?:uthnLevel|liases)|(?:Maintenanc|Typ)e|ServiceTokenTTL|Https|Port)|(?:exportedHeader|locationRule)s|post)';
our $authParameters = {

33
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
View File

@ -674,6 +674,17 @@ sub attributes {
},
'type' => 'keyTextContainer'
},
'casAppMetaDataMacros' => {
'default' => {},
'test' => {
'keyMsgFail' => '__badMacroName__',
'keyTest' => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/,
'test' => sub {
return perlExpr(@_);
}
},
'type' => 'keyTextContainer'
},
'casAppMetaDataNodes' => {
'type' => 'casAppMetaDataNodeContainer'
},
@ -1993,6 +2004,17 @@ qr/^(?:\*\.)?(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][
},
'type' => 'keyTextContainer'
},
'oidcRPMetaDataMacros' => {
'default' => {},
'test' => {
'keyMsgFail' => '__badMacroName__',
'keyTest' => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/,
'test' => sub {
return perlExpr(@_);
}
},
'type' => 'keyTextContainer'
},
'oidcRPMetaDataNodes' => {
'type' => 'oidcRPMetaDataNodeContainer'
},
@ -3170,6 +3192,17 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
'test' => qr/\w/,
'type' => 'samlAttributeContainer'
},
'samlSPMetaDataMacros' => {
'default' => {},
'test' => {
'keyMsgFail' => '__badMacroName__',
'keyTest' => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/,
'test' => sub {
return perlExpr(@_);
}
},
'type' => 'keyTextContainer'
},
'samlSPMetaDataNodes' => {
'type' => 'samlSPMetaDataNodeContainer'
},

14
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm
View File

@ -184,11 +184,11 @@ our \@EXPORT = ( \@{ \$EXPORT_TAGS{'all'} } );
our \$specialNodeHash = {
virtualHosts => [qw(exportedHeaders locationRules post vhostOptions)],
samlIDPMetaDataNodes => [qw(samlIDPMetaDataXML samlIDPMetaDataExportedAttributes samlIDPMetaDataOptions)],
samlSPMetaDataNodes => [qw(samlSPMetaDataXML samlSPMetaDataExportedAttributes samlSPMetaDataOptions)],
samlSPMetaDataNodes => [qw(samlSPMetaDataXML samlSPMetaDataExportedAttributes samlSPMetaDataOptions samlSPMetaDataMacros)],
oidcOPMetaDataNodes => [qw(oidcOPMetaDataJSON oidcOPMetaDataJWKS oidcOPMetaDataOptions oidcOPMetaDataExportedVars)],
oidcRPMetaDataNodes => [qw(oidcRPMetaDataOptions oidcRPMetaDataExportedVars oidcRPMetaDataOptionsExtraClaims)],
oidcRPMetaDataNodes => [qw(oidcRPMetaDataOptions oidcRPMetaDataExportedVars oidcRPMetaDataOptionsExtraClaims oidcRPMetaDataMacros)],
casSrvMetaDataNodes => [qw(casSrvMetaDataOptions casSrvMetaDataExportedVars)],
casAppMetaDataNodes => [qw(casAppMetaDataOptions casAppMetaDataExportedVars)],
casAppMetaDataNodes => [qw(casAppMetaDataOptions casAppMetaDataExportedVars casAppMetaDataMacros)],
};
EOF
@ -277,11 +277,13 @@ $defaultAttr}
exportedHeaders locationRules post vhostOptions
samlIDPMetaDataXML samlIDPMetaDataExportedAttributes
samlIDPMetaDataOptions samlSPMetaDataXML
samlSPMetaDataExportedAttributes samlSPMetaDataOptions
oidcOPMetaDataJSON oidcOPMetaDataJWKS oidcOPMetaDataOptions
samlSPMetaDataExportedAttributes samlSPMetaDataMacros
samlSPMetaDataOptions oidcOPMetaDataJSON
oidcOPMetaDataJWKS oidcOPMetaDataOptions
oidcOPMetaDataExportedVars oidcRPMetaDataOptions
oidcRPMetaDataExportedVars oidcRPMetaDataOptionsExtraClaims
casAppMetaDataExportedVars casAppMetaDataOptions
oidcRPMetaDataMacros casAppMetaDataExportedVars
casAppMetaDataOptions casAppMetaDataMacros
casSrvMetaDataExportedVars casSrvMetaDataOptions
)
)

36
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
View File

@ -2138,6 +2138,18 @@ sub attributes {
test => sub { return perlExpr(@_) },
documentation => 'CAS App rule',
},
casAppMetaDataMacros => {
type => 'keyTextContainer',
help =>
'exportedvars.html#extend_variables_using_macros_and_groups',
test => {
keyTest => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/,
keyMsgFail => '__badMacroName__',
test => sub { return perlExpr(@_) },
},
default => {},
documentation => 'Macros',
},
# Fake attribute: used by manager REST API to agglomerate all nodes
# related to a CAS SP partner
@ -2737,6 +2749,18 @@ sub attributes {
test => sub { return perlExpr(@_) },
documentation => 'Rule to grant access to this SP',
},
samlSPMetaDataMacros => {
type => 'keyTextContainer',
help =>
'exportedvars.html#extend_variables_using_macros_and_groups',
test => {
keyTest => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/,
keyMsgFail => '__badMacroName__',
test => sub { return perlExpr(@_) },
},
default => {},
documentation => 'Macros',
},
# AUTH, USERDB and PASSWORD MODULES
authentication => {
@ -3828,6 +3852,18 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
test => sub { return perlExpr(@_) },
documentation => 'Rule to grant access to this RP',
},
oidcRPMetaDataMacros => {
type => 'keyTextContainer',
help =>
'exportedvars.html#extend_variables_using_macros_and_groups',
test => {
keyTest => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/,
keyMsgFail => '__badMacroName__',
test => sub { return perlExpr(@_) },
},
default => {},
documentation => 'Macros',
},
};
}

5
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/CTrees.pm
View File

@ -138,7 +138,8 @@ sub cTrees {
]
}
]
}
},
"samlSPMetaDataMacros",
],
oidcOPMetaDataNode => [
'oidcOPMetaDataJSON',
@ -224,6 +225,7 @@ sub cTrees {
'oidcRPMetaDataOptionsRule',
]
},
'oidcRPMetaDataMacros',
{
title => 'oidcRPMetaDataOptionsDisplay',
form => 'simpleInputContainer',
@ -266,6 +268,7 @@ sub cTrees {
'casAppMetaDataOptionsRule'
]
},
'casAppMetaDataMacros',
],
};
}

6
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Parser.pm
View File

@ -334,7 +334,7 @@ sub _scanNodes {
hdebug(" SAML data is an array, serializing");
$leaf->{data} = join ';', @{ $leaf->{data} };
}
if ( $target =~ /^saml(?:S|ID)PMetaDataExportedAttributes$/ ) {
if ( $target =~ /^saml(?:S|ID)PMetaData(?:ExportedAttributes|Macros)$/ ) {
if ( $leaf->{cnodes} ) {
hdebug(" $target: unopened node");
$self->newConf->{$target}->{$key} =
@ -394,7 +394,7 @@ sub _scanNodes {
hdebug(" $target");
$self->set( $target, $key, $leaf->{data} );
}
elsif ( $target =~ /^oidc(?:O|R)PMetaDataExportedVars$/ ) {
elsif ( $target =~ /^oidc(?:O|R)PMetaData(?:ExportedVars|Macros)$/ ) {
hdebug(" $target");
if ( $leaf->{cnodes} ) {
hdebug(' unopened');
@ -463,7 +463,7 @@ sub _scanNodes {
$self->_scanNodes($subNodes);
$self->set( $target, $key, $leaf->{title}, $leaf->{data} );
}
elsif ( $target =~ /^cas(?:App|Srv)MetaDataExportedVars$/ ) {
elsif ( $target =~ /^cas(?:App|Srv)MetaData(?:ExportedVars|Macros)$/ ) {
hdebug(" $target");
if ( $leaf->{cnodes} ) {
hdebug(' unopened');

24
lemonldap-ng-manager/site/htdocs/static/js/conftree.js
View File

@ -57,6 +57,14 @@ function templates(tpl,key) {
"id" : "casAppMetaDataOptions",
"title" : "casAppMetaDataOptions",
"type" : "simpleInputContainer"
},
{
"cnodes" : tpl+"s/"+key+"/"+"casAppMetaDataMacros",
"default" : [],
"help" : "exportedvars.html#extend_variables_using_macros_and_groups",
"id" : tpl+"s/"+key+"/"+"casAppMetaDataMacros",
"title" : "casAppMetaDataMacros",
"type" : "keyTextContainer"
}
]
;
@ -579,6 +587,14 @@ function templates(tpl,key) {
"id" : "oidcRPMetaDataOptions",
"title" : "oidcRPMetaDataOptions"
},
{
"cnodes" : tpl+"s/"+key+"/"+"oidcRPMetaDataMacros",
"default" : [],
"help" : "exportedvars.html#extend_variables_using_macros_and_groups",
"id" : tpl+"s/"+key+"/"+"oidcRPMetaDataMacros",
"title" : "oidcRPMetaDataMacros",
"type" : "keyTextContainer"
},
{
"_nodes" : [
{
@ -1120,6 +1136,14 @@ function templates(tpl,key) {
"help" : "idpsaml.html#options",
"id" : "samlSPMetaDataOptions",
"title" : "samlSPMetaDataOptions"
},
{
"cnodes" : tpl+"s/"+key+"/"+"samlSPMetaDataMacros",
"default" : [],
"help" : "exportedvars.html#extend_variables_using_macros_and_groups",
"id" : tpl+"s/"+key+"/"+"samlSPMetaDataMacros",
"title" : "samlSPMetaDataMacros",
"type" : "keyTextContainer"
}
]
;

2
lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js vendored
View File

File diff suppressed because one or more lines are too long

2
lemonldap-ng-manager/site/htdocs/static/js/conftree.min.js.map
View File

File diff suppressed because one or more lines are too long

5
lemonldap-ng-manager/site/htdocs/static/languages/ar.json
View File

@ -118,6 +118,7 @@
"casAppMetaDataOptions":"خيارات",
"casAppMetaDataOptionsService":"خدمة أل يو أر ل",
"casAppMetaDataOptionsRule":"القاعدة",
"casAppMetaDataMacros":"ماكرو",
"casAppMetaDataOptionsUserAttribute":"خاصّيّة المستخدم",
"casAppName":"اسم التطبيق كاس",
"casAttr":"تسجيل الدخول كاس",
@ -556,6 +557,7 @@
"oidcRPMetaDataOptionsPublic":"Public client",
"oidcRPMetaDataOptionsRequirePKCE":"Require PKCE",
"oidcRPMetaDataOptionsRule":"قاعدة الدخول",
"oidcRPMetaDataMacros":"ماكرو",
"oidcOPMetaDataOptionsScope":"نطاق",
"oidcOPMetaDataOptionsStoreIDToken":"مخزن تعريف التوكن",
"oidcOPMetaDataOptionsTokenEndpointAuthMethod":"توكن نقطة النهاية لطريقة إثبات الهوية",
@ -1021,6 +1023,7 @@
"samlSPMetaDataOptionsNotOnOrAfterTimeout":"ليس على أو بعد المدة",
"samlSPMetaDataOptionsForceUTF8":"فرضUTF-8 ",
"samlSPMetaDataOptionsRule":"قاعدة الدخول",
"samlSPMetaDataMacros":"ماكرو",
"samlIDPName":"اسم SAML IDP",
"samlServiceMetaData":"خدمة 2 SAML",
"samlEntityID":"معرف الكيان",
@ -1086,4 +1089,4 @@
"samlRelayStateTimeout":"تناوب حالة مهلة الجلسة ",
"samlUseQueryStringSpecific":"استخدام أسلوب query_string المعين",
"samlOverrideIDPEntityID":"Override Entity ID when acting as IDP"
}
}

5
lemonldap-ng-manager/site/htdocs/static/languages/de.json
View File

@ -118,6 +118,7 @@
"casAppMetaDataOptions":"Optionen",
"casAppMetaDataOptionsService":"Service URL",
"casAppMetaDataOptionsRule":"Regel",
"casAppMetaDataMacros":"Macros",
"casAppMetaDataOptionsUserAttribute":"User attribute",
"casAppName":"CAS App Name",
"casAttr":"CAS login",
@ -556,6 +557,7 @@
"oidcRPMetaDataOptionsPublic":"Public client",
"oidcRPMetaDataOptionsRequirePKCE":"Require PKCE",
"oidcRPMetaDataOptionsRule":"Access rule",
"oidcRPMetaDataMacros":"Macros",
"oidcOPMetaDataOptionsScope":"Scope",
"oidcOPMetaDataOptionsStoreIDToken":"Store ID Token",
"oidcOPMetaDataOptionsTokenEndpointAuthMethod":"Token endpoint authentication method",
@ -1021,6 +1023,7 @@
"samlSPMetaDataOptionsNotOnOrAfterTimeout":"notOnOrAfter duration",
"samlSPMetaDataOptionsForceUTF8":"Force UTF-8",
"samlSPMetaDataOptionsRule":"Access rule",
"samlSPMetaDataMacros":"Macros",
"samlIDPName":"SAML IDP Name",
"samlServiceMetaData":"SAML2 Service",
"samlEntityID":"Entity Identifier",
@ -1086,4 +1089,4 @@
"samlRelayStateTimeout":"RelayState session timeout",
"samlUseQueryStringSpecific":"Use specific query_string method",
"samlOverrideIDPEntityID":"Override Entity ID when acting as IDP"
}
}

3
lemonldap-ng-manager/site/htdocs/static/languages/en.json
View File

@ -118,6 +118,7 @@
"casAppMetaDataOptions":"Options",
"casAppMetaDataOptionsService":"Service URL",
"casAppMetaDataOptionsRule":"Rule",
"casAppMetaDataMacros":"Macros",
"casAppMetaDataOptionsUserAttribute":"User attribute",
"casAppName":"CAS App Name",
"casAttr":"CAS login",
@ -556,6 +557,7 @@
"oidcRPMetaDataOptionsPublic":"Public client",
"oidcRPMetaDataOptionsRequirePKCE":"Require PKCE",
"oidcRPMetaDataOptionsRule":"Access rule",
"oidcRPMetaDataMacros":"Macros",
"oidcOPMetaDataOptionsScope":"Scope",
"oidcOPMetaDataOptionsStoreIDToken":"Store ID Token",
"oidcOPMetaDataOptionsTokenEndpointAuthMethod":"Token endpoint authentication method",
@ -1021,6 +1023,7 @@
"samlSPMetaDataOptionsNotOnOrAfterTimeout":"notOnOrAfter duration",
"samlSPMetaDataOptionsForceUTF8":"Force UTF-8",
"samlSPMetaDataOptionsRule":"Access rule",
"samlSPMetaDataMacros":"Macros",
"samlIDPName":"SAML IDP Name",
"samlServiceMetaData":"SAML2 Service",
"samlEntityID":"Entity Identifier",

3
lemonldap-ng-manager/site/htdocs/static/languages/fr.json
View File

@ -118,6 +118,7 @@
"casAppMetaDataOptions":"Options",
"casAppMetaDataOptionsService":"URL du service",
"casAppMetaDataOptionsRule":"Règle",
"casAppMetaDataMacros":"Macros",
"casAppMetaDataOptionsUserAttribute":"Attribut de l'utilisateur",
"casAppName":"Nom de l'application CAS",
"casAttr":"Identifiant CAS",
@ -556,6 +557,7 @@
"oidcRPMetaDataOptionsPublic":"Client public",
"oidcRPMetaDataOptionsRequirePKCE":"PKCE requis",
"oidcRPMetaDataOptionsRule":"Règle d'accès",
"oidcRPMetaDataMacros":"Macros",
"oidcOPMetaDataOptionsScope":"Étendue",
"oidcOPMetaDataOptionsStoreIDToken":"Conserver le jeton d'identité",
"oidcOPMetaDataOptionsTokenEndpointAuthMethod":"Méthode d'authentification pour l'accès aux jetons",
@ -1021,6 +1023,7 @@
"samlSPMetaDataOptionsNotOnOrAfterTimeout":"Durée notOnOrAfter",
"samlSPMetaDataOptionsForceUTF8":"Forcer l'UTF-8",
"samlSPMetaDataOptionsRule":"Règle d'accès",
"samlSPMetaDataMacros":"Macros",
"samlIDPName":"Nom du fournisseur d'identité SAML",
"samlServiceMetaData":"Service SAML 2",
"samlEntityID":"Identifiant d'entité",

5
lemonldap-ng-manager/site/htdocs/static/languages/it.json
View File

@ -118,6 +118,7 @@
"casAppMetaDataOptions":"Opzioni",
"casAppMetaDataOptionsService":"URL del servizio",
"casAppMetaDataOptionsRule":"Regola",
"casAppMetaDataMacros":"Macro",
"casAppMetaDataOptionsUserAttribute":"Attributo utente",
"casAppName":"Nome App CAS",
"casAttr":"Login CAS",
@ -556,6 +557,7 @@
"oidcRPMetaDataOptionsPublic":"Cliente pubblico",
"oidcRPMetaDataOptionsRequirePKCE":"Richiedi PKCE",
"oidcRPMetaDataOptionsRule":"Regola di accesso",
"oidcRPMetaDataMacros":"Macro",
"oidcOPMetaDataOptionsScope":"Scopo",
"oidcOPMetaDataOptionsStoreIDToken":"Immagazzina ID Token",
"oidcOPMetaDataOptionsTokenEndpointAuthMethod":"Metodo di autenticazione degli endpoint di token",
@ -1021,6 +1023,7 @@
"samlSPMetaDataOptionsNotOnOrAfterTimeout":"Durata di notOnOrAfter ",
"samlSPMetaDataOptionsForceUTF8":"Forza UTF-8",
"samlSPMetaDataOptionsRule":"Regola di accesso",
"samlSPMetaDataMacros":"Macro",
"samlIDPName":"Nome di SAML IDP ",
"samlServiceMetaData":"Servizio SAML 2",
"samlEntityID":"Identificatore dell'entità",
@ -1086,4 +1089,4 @@
"samlRelayStateTimeout":"Timeout di sessione di RelayState",
"samlUseQueryStringSpecific":"Utilizza il metodo specifico query_string",
"samlOverrideIDPEntityID":"Sostituisci l'ID entità quando agisce come IDP"
}
}

5
lemonldap-ng-manager/site/htdocs/static/languages/vi.json
View File

@ -118,6 +118,7 @@
"casAppMetaDataOptions":"Tùy chọn",
"casAppMetaDataOptionsService":"Dịch vụ URL",
"casAppMetaDataOptionsRule":"Quy tắc",
"casAppMetaDataMacros":"Macros",
"casAppMetaDataOptionsUserAttribute":"thuộc tính người dùng",
"casAppName":"Tên ứng dụng CAS",
"casAttr":"Đăng nhập CAS ",
@ -556,6 +557,7 @@
"oidcRPMetaDataOptionsPublic":"Public client",
"oidcRPMetaDataOptionsRequirePKCE":"Require PKCE",
"oidcRPMetaDataOptionsRule":"Quy tắc truy cập",
"oidcRPMetaDataMacros":"Macros",
"oidcOPMetaDataOptionsScope":"Phạm vi",
"oidcOPMetaDataOptionsStoreIDToken":"Mã thông báo Cửa hàng",
"oidcOPMetaDataOptionsTokenEndpointAuthMethod":"Phương pháp xác thực thiết bị đầu cuối Token",
@ -1021,6 +1023,7 @@
"samlSPMetaDataOptionsNotOnOrAfterTimeout":"Thời gian notOnOrAfter ",
"samlSPMetaDataOptionsForceUTF8":"Bắt buộc UTF-8",
"samlSPMetaDataOptionsRule":"Quy tắc truy cập",
"samlSPMetaDataMacros":"Macros",
"samlIDPName":"Tên SAML IDP ",
"samlServiceMetaData":"Dịch vụ SAML 2",
"samlEntityID":"Thực thể trình định danh",
@ -1086,4 +1089,4 @@
"samlRelayStateTimeout":"Thời gian hết hạn phiên RelayState ",
"samlUseQueryStringSpecific":"Sử dụng phương pháp query_string cụ thể",
"samlOverrideIDPEntityID":"Override Entity ID when acting as IDP"
}
}

5
lemonldap-ng-manager/site/htdocs/static/languages/zh.json
View File

@ -118,6 +118,7 @@
"casAppMetaDataOptions":"选项",
"casAppMetaDataOptionsService":"服务 URL",
"casAppMetaDataOptionsRule":"规则",
"casAppMetaDataMacros":"Macros",
"casAppMetaDataOptionsUserAttribute":"User attribute",
"casAppName":"CAS App 名称",
"casAttr":"CAS 登录",
@ -556,6 +557,7 @@
"oidcRPMetaDataOptionsPublic":"Public client",
"oidcRPMetaDataOptionsRequirePKCE":"Require PKCE",
"oidcRPMetaDataOptionsRule":"Access rule",
"oidcRPMetaDataMacros":"Macros",
"oidcOPMetaDataOptionsScope":"Scope",
"oidcOPMetaDataOptionsStoreIDToken":"Store ID Token",
"oidcOPMetaDataOptionsTokenEndpointAuthMethod":"Token endpoint authentication method",
@ -1021,6 +1023,7 @@
"samlSPMetaDataOptionsNotOnOrAfterTimeout":"notOnOrAfter duration",
"samlSPMetaDataOptionsForceUTF8":"Force UTF-8",
"samlSPMetaDataOptionsRule":"Access rule",
"samlSPMetaDataMacros":"Macros",
"samlIDPName":"SAML IDP Name",
"samlServiceMetaData":"SAML2 Service",
"samlEntityID":"Entity Identifier",
@ -1086,4 +1089,4 @@
"samlRelayStateTimeout":"RelayState session timeout",
"samlUseQueryStringSpecific":"Use specific query_string method",
"samlOverrideIDPEntityID":"Override Entity ID when acting as IDP"
}
}