Configuration endpoint (#184)
This commit is contained in:
parent
45ed174666
commit
cf4dfef9fb
3
Makefile
3
Makefile
|
@ -353,6 +353,7 @@ install_portal_site: install_conf_dir
|
||||||
@cp -pR -f ${SRCPORTALDIR}/example/index_skin.pl ${RPORTALDIR}/index.pl
|
@cp -pR -f ${SRCPORTALDIR}/example/index_skin.pl ${RPORTALDIR}/index.pl
|
||||||
@cp -pR -f ${SRCPORTALDIR}/example/mail.pl ${RPORTALDIR}
|
@cp -pR -f ${SRCPORTALDIR}/example/mail.pl ${RPORTALDIR}
|
||||||
@cp -pR -f ${SRCPORTALDIR}/example/metadata.pl ${RPORTALDIR}
|
@cp -pR -f ${SRCPORTALDIR}/example/metadata.pl ${RPORTALDIR}
|
||||||
|
@cp -pR -f ${SRCPORTALDIR}/example/openid-configuration.pl ${RPORTALDIR}
|
||||||
@cp -pR -f ${SRCPORTALDIR}/example/cdc.pl ${RPORTALDIR}
|
@cp -pR -f ${SRCPORTALDIR}/example/cdc.pl ${RPORTALDIR}
|
||||||
@cp -pR -f ${SRCPORTALDIR}/example/register.pl ${RPORTALDIR}
|
@cp -pR -f ${SRCPORTALDIR}/example/register.pl ${RPORTALDIR}
|
||||||
@tar -cf - -C ${SRCPORTALDIR}/example/skins/ $$(ls ${SRCPORTALDIR}/example/skins/) |tar -xf - -C $(RPORTALSKINSDIR)
|
@tar -cf - -C ${SRCPORTALDIR}/example/skins/ $$(ls ${SRCPORTALDIR}/example/skins/) |tar -xf - -C $(RPORTALSKINSDIR)
|
||||||
|
@ -653,6 +654,7 @@ debian-diff:
|
||||||
@$(DIFF) lemonldap-ng-portal/example/index_skin.pl $(DIFFPREFIX)/var/lib/lemonldap-ng/portal/index.pl ||true
|
@$(DIFF) lemonldap-ng-portal/example/index_skin.pl $(DIFFPREFIX)/var/lib/lemonldap-ng/portal/index.pl ||true
|
||||||
@$(DIFF) lemonldap-ng-portal/example/mail.pl $(DIFFPREFIX)/var/lib/lemonldap-ng/portal/mail.pl ||true
|
@$(DIFF) lemonldap-ng-portal/example/mail.pl $(DIFFPREFIX)/var/lib/lemonldap-ng/portal/mail.pl ||true
|
||||||
@$(DIFF) lemonldap-ng-portal/example/metadata.pl $(DIFFPREFIX)/var/lib/lemonldap-ng/portal/metadata.pl ||true
|
@$(DIFF) lemonldap-ng-portal/example/metadata.pl $(DIFFPREFIX)/var/lib/lemonldap-ng/portal/metadata.pl ||true
|
||||||
|
@$(DIFF) lemonldap-ng-portal/example/openid-configuration.pl $(DIFFPREFIX)/var/lib/lemonldap-ng/portal/openid-configuration.pl ||true
|
||||||
@$(DIFF) lemonldap-ng-portal/example/cdc.pl $(DIFFPREFIX)/var/lib/lemonldap-ng/portal/cdc.pl ||true
|
@$(DIFF) lemonldap-ng-portal/example/cdc.pl $(DIFFPREFIX)/var/lib/lemonldap-ng/portal/cdc.pl ||true
|
||||||
@$(DIFF) lemonldap-ng-portal/example/register.pl $(DIFFPREFIX)/var/lib/lemonldap-ng/portal/register.pl ||true
|
@$(DIFF) lemonldap-ng-portal/example/register.pl $(DIFFPREFIX)/var/lib/lemonldap-ng/portal/register.pl ||true
|
||||||
@# Handler
|
@# Handler
|
||||||
|
@ -685,6 +687,7 @@ default-diff:
|
||||||
@$(DIFF) lemonldap-ng-portal/example/mail.pl $(LMPREFIX)/htdocs/portal/mail.pl ||true
|
@$(DIFF) lemonldap-ng-portal/example/mail.pl $(LMPREFIX)/htdocs/portal/mail.pl ||true
|
||||||
@$(DIFF) lemonldap-ng-portal/example/register.pl $(LMPREFIX)/htdocs/portal/register.pl ||true
|
@$(DIFF) lemonldap-ng-portal/example/register.pl $(LMPREFIX)/htdocs/portal/register.pl ||true
|
||||||
@$(DIFF) lemonldap-ng-portal/example/metadata.pl $(LMPREFIX)/htdocs/portal/metadata.pl ||true
|
@$(DIFF) lemonldap-ng-portal/example/metadata.pl $(LMPREFIX)/htdocs/portal/metadata.pl ||true
|
||||||
|
@$(DIFF) lemonldap-ng-portal/example/openid-configuration.pl $(LMPREFIX)/htdocs/portal/openid-configuration.pl ||true
|
||||||
@$(DIFF) lemonldap-ng-portal/example/cdc.pl $(LMPREFIX)/htdocs/portal/cdc.pl ||true
|
@$(DIFF) lemonldap-ng-portal/example/cdc.pl $(LMPREFIX)/htdocs/portal/cdc.pl ||true
|
||||||
@# Handler
|
@# Handler
|
||||||
@$(DIFF) lemonldap-ng-handler/lib/Lemonldap/NG/Handler /usr/local/share/perl/$(PERLVERSION)/Lemonldap/NG/Handler ||true
|
@$(DIFF) lemonldap-ng-handler/lib/Lemonldap/NG/Handler /usr/local/share/perl/$(PERLVERSION)/Lemonldap/NG/Handler ||true
|
||||||
|
|
|
@ -75,6 +75,7 @@
|
||||||
<IfModule mod_rewrite.c>
|
<IfModule mod_rewrite.c>
|
||||||
RewriteEngine On
|
RewriteEngine On
|
||||||
RewriteRule ^/oauth2/.* /index.pl
|
RewriteRule ^/oauth2/.* /index.pl
|
||||||
|
RewriteRule ^/.well-known/openid-configuration$ /openid-configuration.pl
|
||||||
</IfModule>
|
</IfModule>
|
||||||
|
|
||||||
<Location />
|
<Location />
|
||||||
|
|
|
@ -69,6 +69,7 @@
|
||||||
<IfModule mod_rewrite.c>
|
<IfModule mod_rewrite.c>
|
||||||
RewriteEngine On
|
RewriteEngine On
|
||||||
RewriteRule ^/oauth2/.* /index.pl
|
RewriteRule ^/oauth2/.* /index.pl
|
||||||
|
RewriteRule ^/.well-known/openid-configuration$ /openid-configuration.pl
|
||||||
</IfModule>
|
</IfModule>
|
||||||
|
|
||||||
<Location />
|
<Location />
|
||||||
|
|
|
@ -74,6 +74,7 @@
|
||||||
<IfModule mod_rewrite.c>
|
<IfModule mod_rewrite.c>
|
||||||
RewriteEngine On
|
RewriteEngine On
|
||||||
RewriteRule ^/oauth2/.* /index.pl
|
RewriteRule ^/oauth2/.* /index.pl
|
||||||
|
RewriteRule ^/.well-known/openid-configuration$ /openid-configuration.pl
|
||||||
</IfModule>
|
</IfModule>
|
||||||
|
|
||||||
<Location />
|
<Location />
|
||||||
|
|
|
@ -8,6 +8,7 @@ example/index_skin.pl
|
||||||
example/mail.pl
|
example/mail.pl
|
||||||
example/metadata.pl
|
example/metadata.pl
|
||||||
example/oauth2.pl
|
example/oauth2.pl
|
||||||
|
example/openid-configuration.pl
|
||||||
example/PortalStatus.pl
|
example/PortalStatus.pl
|
||||||
example/register.pl
|
example/register.pl
|
||||||
example/scripts/buildPortalWSDL
|
example/scripts/buildPortalWSDL
|
||||||
|
|
56
lemonldap-ng-portal/example/openid-configuration.pl
Executable file
56
lemonldap-ng-portal/example/openid-configuration.pl
Executable file
|
@ -0,0 +1,56 @@
|
||||||
|
#!/usr/bin/perl
|
||||||
|
|
||||||
|
use Lemonldap::NG::Portal::SharedConf;
|
||||||
|
use JSON;
|
||||||
|
use strict;
|
||||||
|
|
||||||
|
my $portal = Lemonldap::NG::Portal::SharedConf->new();
|
||||||
|
|
||||||
|
my $issuerDBOpenIDConnectPath = $portal->{issuerDBOpenIDConnectPath};
|
||||||
|
my $authorize_uri = $portal->{oidcServiceMetaDataAuthorizeURI};
|
||||||
|
my $token_uri = $portal->{oidcServiceMetaDataTokenURI};
|
||||||
|
my $userinfo_uri = $portal->{oidcServiceMetaDataUserInfoURI};
|
||||||
|
|
||||||
|
my ($path) = ( $issuerDBOpenIDConnectPath =~ /(\w+)/ );
|
||||||
|
my $issuer = $portal->{oidcServiceMetaDataIssuer};
|
||||||
|
|
||||||
|
# Create OpenID configuration hash;
|
||||||
|
my $configuration = {};
|
||||||
|
$configuration->{issuer} = $issuer;
|
||||||
|
$configuration->{authorization_endpoint} =
|
||||||
|
$issuer . $path . "/" . $authorize_uri;
|
||||||
|
$configuration->{token_endpoint} = $issuer . $path . "/" . $token_uri;
|
||||||
|
$configuration->{userinfo_endpoint} = $issuer . $path . "/" . $userinfo_uri;
|
||||||
|
|
||||||
|
# MANDATORY # $configuration->{jwks_uri}
|
||||||
|
# RECOMMENDED # $configuration->{registration_endpoint}
|
||||||
|
$configuration->{scopes_supported} = [qw/openid profile email address phone/];
|
||||||
|
$configuration->{response_types_supported} = [
|
||||||
|
"code",
|
||||||
|
"id_token",
|
||||||
|
"id_token token",
|
||||||
|
"code id_token",
|
||||||
|
"code token",
|
||||||
|
"code id_token token"
|
||||||
|
];
|
||||||
|
|
||||||
|
# $configuration->{response_modes_supported}
|
||||||
|
$configuration->{grant_types_supported} =
|
||||||
|
[qw/authorization_code implicit hybrid/];
|
||||||
|
|
||||||
|
# $configuration->{acr_values_supported}
|
||||||
|
# REQUIRED # $configuration->{subject_types_supported}
|
||||||
|
$configuration->{id_token_signing_alg_values_supported} =
|
||||||
|
[qw/none RS256 RS384 RS512/];
|
||||||
|
|
||||||
|
# $configuration->{id_token_encryption_alg_values_supported}
|
||||||
|
# $configuration->{id_token_encryption_enc_values_supported}
|
||||||
|
# $configuration->{userinfo_encryption_alg_values_supported}
|
||||||
|
# $configuration->{userinfo_encryption_enc_values_supported}
|
||||||
|
# $configuration->{request_object_signing_alg_values_supported}
|
||||||
|
# $configuration->{request_object_encryption_alg_values_supported}
|
||||||
|
|
||||||
|
my $json = encode_json $configuration;
|
||||||
|
|
||||||
|
print $portal->header('application/json; charset=utf-8');
|
||||||
|
print $json;
|
Loading…
Reference in New Issue
Block a user