Commit 310896e6 authored by Yadd's avatar Yadd
Browse files

Don't store default values for sub parameters

parent 6c7e797a
......@@ -35,7 +35,6 @@ sub defaultValues {
'CASAuthnLevel' => 1,
'CASpgtFile' => '/tmp/pgt.txt',
'cda' => 0,
'cfgNum' => 0,
'checkXSS' => 1,
'confirmFormMethod' => 'post',
'cookieName' => 'lemonldap',
......@@ -143,43 +142,18 @@ sub defaultValues {
'notificationStorageOptions' => {
'dirName' => '/var/lib/lemonldap-ng/notifications'
},
'notificationWildcard' => 'allusers',
'notifyDeleted' => 1,
'notifyOther' => 0,
'nullAuthnLevel' => 2,
'oidcAuthnLevel' => 1,
'oidcOPMetaDataExportedVars' => {
'cn' => 'name',
'mail' => 'email',
'sn' => 'family_name',
'uid' => 'sub'
},
'oidcOPMetaDataOptionsCheckJWTSignature' => 1,
'oidcOPMetaDataOptionsDisplay' => '',
'oidcOPMetaDataOptionsIDTokenMaxAge' => 30,
'oidcOPMetaDataOptionsJWKSTimeout' => 0,
'oidcOPMetaDataOptionsMaxAge' => 0,
'oidcOPMetaDataOptionsScope' => 'openid profile',
'oidcOPMetaDataOptionsStoreIDToken' => 0,
'oidcOPMetaDataOptionsTokenEndpointAuthMethod' => 'client_secret_post',
'oidcOPMetaDataOptionsUseNonce' => 1,
'oidcRPCallbackGetParam' => 'openidconnectcallback',
'oidcRPMetaDataExportedVars' => {
'email' => 'mail',
'family_name' => 'sn',
'name' => 'cn'
},
'oidcRPMetaDataOptionsAccessTokenExpiration' => 3600,
'oidcRPMetaDataOptionsBypassConsent' => 0,
'oidcRPMetaDataOptionsExtraClaims' => {},
'oidcRPMetaDataOptionsIDTokenExpiration' => 3600,
'oidcRPMetaDataOptionsIDTokenSignAlg' => 'HS512',
'oidcRPStateTimeout' => 600,
'oidcServiceAllowAuthorizationCodeFlow' => 1,
'oidcServiceAllowDynamicRegistration' => 0,
'oidcServiceAllowHybridFlow' => 0,
'oidcServiceAllowImplicitFlow' => 0,
'oidcServiceMetaDataAuthnContext' => {
'notificationWildcard' => 'allusers',
'notifyDeleted' => 1,
'notifyOther' => 0,
'nullAuthnLevel' => 2,
'oidcAuthnLevel' => 1,
'oidcRPCallbackGetParam' => 'openidconnectcallback',
'oidcRPStateTimeout' => 600,
'oidcServiceAllowAuthorizationCodeFlow' => 1,
'oidcServiceAllowDynamicRegistration' => 0,
'oidcServiceAllowHybridFlow' => 0,
'oidcServiceAllowImplicitFlow' => 0,
'oidcServiceMetaDataAuthnContext' => {
'loa-1' => 1,
'loa-2' => 2,
'loa-3' => 3,
......@@ -219,7 +193,6 @@ sub defaultValues {
'portalRequireOldPassword' => 1,
'portalSkin' => 'bootstrap',
'portalUserAttr' => '_user',
'protection' => 'none',
'radiusAuthnLevel' => 3,
'randomPasswordRegexp' => '[A-Z]{3}[a-z]{5}.\\d{2}',
'redirectFormMethod' => 'get',
......@@ -242,29 +215,8 @@ sub defaultValues {
'samlAuthnContextMapPasswordProtectedTransport' => 3,
'samlAuthnContextMapTLSClient' => 5,
'samlCommonDomainCookieActivation' => 0,
'samlEntityID' => '#PORTAL#/saml/metadata',
'samlIDPMetaDataExportedAttributes' => {},
'samlIDPMetaDataOptionsAdaptSessionUtime' => 0,
'samlIDPMetaDataOptionsAllowLoginFromIDP' => 0,
'samlIDPMetaDataOptionsAllowProxiedAuthn' => 0,
'samlIDPMetaDataOptionsCheckAudience' => 1,
'samlIDPMetaDataOptionsCheckSLOMessageSignature' => 1,
'samlIDPMetaDataOptionsCheckSSOMessageSignature' => 1,
'samlIDPMetaDataOptionsCheckTime' => 1,
'samlIDPMetaDataOptionsEncryptionMode' => 'none',
'samlIDPMetaDataOptionsForceAuthn' => 0,
'samlIDPMetaDataOptionsForceUTF8' => 0,
'samlIDPMetaDataOptionsIsPassive' => 0,
'samlIDPMetaDataOptionsNameIDFormat' => '',
'samlIDPMetaDataOptionsRelayStateURL' => 0,
'samlIDPMetaDataOptionsRequestedAuthnContext' => '',
'samlIDPMetaDataOptionsResolutionRule' => '',
'samlIDPMetaDataOptionsSignSLOMessage' => -1,
'samlIDPMetaDataOptionsSignSSOMessage' => -1,
'samlIDPMetaDataOptionsSLOBinding' => '',
'samlIDPMetaDataOptionsSSOBinding' => '',
'samlIDPMetaDataOptionsStoreSAMLToken' => 0,
'samlIdPResolveCookie' => 'lemonldapidp',
'samlEntityID' => '#PORTAL#/saml/metadata',
'samlIdPResolveCookie' => 'lemonldapidp',
'samlIDPSSODescriptorArtifactResolutionServiceArtifact' =>
'1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact',
'samlIDPSSODescriptorSingleLogoutServiceHTTPPost' =>
......@@ -291,24 +243,7 @@ sub defaultValues {
'samlOrganizationName' => 'Example',
'samlOrganizationURL' => 'http://www.example.com',
'samlRelayStateTimeout' => 600,
'samlServicePrivateKeyEnc' => '',
'samlServicePrivateKeySig' => '',
'samlServicePrivateKeySigPwd' => '',
'samlServicePublicKeyEnc' => '',
'samlServicePublicKeySig' => '',
'samlServiceUseCertificateInResponse' => 0,
'samlSPMetaDataExportedAttributes' => {},
'samlSPMetaDataOptionsCheckSLOMessageSignature' => 1,
'samlSPMetaDataOptionsCheckSSOMessageSignature' => 1,
'samlSPMetaDataOptionsEnableIDPInitiatedURL' => 0,
'samlSPMetaDataOptionsEncryptionMode' => 'none',
'samlSPMetaDataOptionsForceUTF8' => 1,
'samlSPMetaDataOptionsNameIDFormat' => '',
'samlSPMetaDataOptionsNotOnOrAfterTimeout' => 72000,
'samlSPMetaDataOptionsOneTimeUse' => 0,
'samlSPMetaDataOptionsSessionNotOnOrAfterTimeout' => 72000,
'samlSPMetaDataOptionsSignSLOMessage' => -1,
'samlSPMetaDataOptionsSignSSOMessage' => -1,
'samlSPSSODescriptorArtifactResolutionServiceArtifact' =>
'1;0;urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/artifact',
'samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact' =>
......@@ -353,9 +288,6 @@ sub defaultValues {
'useRedirectOnError' => 1,
'useRedirectOnForbidden' => 0,
'useSafeJail' => 1,
'vhostHttps' => -1,
'vhostMaintenance' => 0,
'vhostPort' => -1,
'webIDAuthnLevel' => 1,
'webIDExportedVars' => {},
'whatToTrace' => 'uid',
......
......@@ -40,6 +40,7 @@ my $authParameters;
my $issuerParameters;
my $samlServiceParameters;
my $oidcServiceParameters;
my $defaultValues;
my $attributes = Lemonldap::NG::Manager::Build::Attributes::attributes();
my $jsonEnc = JSON->new()->allow_nonref;
......@@ -124,6 +125,9 @@ sub run {
$ignoreKeys = $ra->as_string;
$reIgnoreKeys = $ra->re;
# Reinitialize $defaultValues
$defaultValues = {};
# 2. struct.json
printf STDERR $format, $self->structFile;
$mainTree = Lemonldap::NG::Manager::Build::Tree::tree();
......@@ -221,13 +225,7 @@ EOF
print STDERR "done\n";
printf STDERR $format, $self->defaultValuesFile;
my $defaultValues = {
map {
defined $attributes->{$_}->{default}
? ( $_ => $attributes->{$_}->{default} )
: ()
} keys(%$attributes)
};
$defaultValues->{locationRules} = $attributes->{locationRules}->{default};
my $defaultAttr = mydump( $defaultValues, 'defaultValues' );
$defaultAttr = "# This file is generated by $module. Don't modify it by hand
package Lemonldap::NG::Common::Conf::DefaultValues;
......@@ -507,23 +505,26 @@ sub scanTree {
foreach my $w (qw(default help select get template)) {
$jleaf->{$w} = $attr->{$w} if ( defined $attr->{$w} );
}
if ( $jleaf->{default} and ref( $jleaf->{default} ) ) {
$jleaf->{default} = [];
my $type = $attr->{type};
$type =~ s/Container//;
foreach my $k ( sort keys( %{ $attr->{default} } ) ) {
push @{ $jleaf->{default} },
{
id => "$prefix$leaf/$k",
title => $k,
type => $type,
data => $attr->{default}->{$k},
(
$type eq 'rule'
? ( re => $k )
: ()
),
};
if ( defined $jleaf->{default} ) {
$defaultValues->{$leaf} = $jleaf->{default};
if ( ref( $jleaf->{default} ) ) {
$jleaf->{default} = [];
my $type = $attr->{type};
$type =~ s/Container//;
foreach my $k ( sort keys( %{ $attr->{default} } ) ) {
push @{ $jleaf->{default} },
{
id => "$prefix$leaf/$k",
title => $k,
type => $type,
data => $attr->{default}->{$k},
(
$type eq 'rule'
? ( re => $k )
: ()
),
};
}
}
}
if ($prefix) {
......
......@@ -648,7 +648,14 @@ sub tree {
]
},
'logoutServices',
'multiValuesSeparator'
'multiValuesSeparator',
{
title => 'forms',
nodes => [
'infoFormMethod', 'confirmFormMethod',
'redirectFormMethod', 'activeTimer',
]
}
]
}
]
......
......@@ -21,6 +21,7 @@
"_lassoSessionDump": "Lasso session dump",
"_lassoIdentityDump": "Lasso identity dump",
"actives": "Actives",
"activeTimer": "Auto accept time",
"addSamlAttribute": "Add attribute",
"addIDPSamlPartner": "Add SAML IDP",
"addSPSamlPartner": "Add SAML SP",
......@@ -120,6 +121,7 @@
"condition": "Condition",
"conf": "Configuration",
"Configuration": "Configuration",
"confirmFormMethod": "Method for confirm form",
"confModuledeprecated": "This module has been deprecated, set \"forceUpload=1\" in lemonldap-ng.ini to use it",
"confNotChanged": "No change detected, saving aborted",
"confSaved": "Configuration saved",
......@@ -193,6 +195,7 @@
"forceSave": "Force save",
"format": "Format",
"formReplay": "Form replay",
"forms": "Forms",
"friendlyName": "Friendly name",
"generalParameters": "General Parameters",
"globalStorage": "Apache::Session module",
......@@ -215,6 +218,7 @@
"https": "HTTPS",
"incompleteForm": "Required fields are missing",
"index": "Index",
"infoFormMethod": "Method for info form",
"invalidSessionData": "Invalid session data",
"internalReference": "Internal reference",
"ipAddr": "IP address",
......@@ -520,6 +524,7 @@
"radiusSecret": "Shared secret",
"radiusServer": "Server hostname",
"randomPasswordRegexp": "Regexp for password generation",
"redirectFormMethod": "Method for redirect form",
"redirection": "Handler redirections",
"reference": "Reference",
"regexp": "Regular expression",
......
......@@ -21,6 +21,7 @@
"_lassoSessionDump": " Dump session Lasso ",
"_lassoIdentityDump": "Dump identité Lasso",
"actives": "Actives",
"activeTimer": "Délai d'acceptation automatique",
"addSamlAttribute": "Ajouter un attribut",
"addIDPSamlPartner": "Ajouter un IDP SAML",
"addSPSamlPartner": "Ajouter un SP SAML",
......@@ -120,6 +121,7 @@
"condition": "Condition",
"conf": "Configuration",
"Configuration": "Configuration",
"confirmFormMethod": "Méthode du formulaire de confirmation",
"confModuledeprecated": "Ce module est obsolète, indiquez «forceUpload=1» dans le fichier lemonldap-ng.ini pour l'utiliser",
"confNotChanged": "Aucun changement détecté, sauvegarde abandonnée",
"confSaved": "Configuration sauvegardée",
......@@ -193,6 +195,7 @@
"forceSave": "Forcer la sauvegarde",
"format": "Format",
"formReplay": "Rejeu de formulaires",
"forms": "Formulaires",
"friendlyName": "Nom alternatif",
"generalParameters": "Paramètres généraux",
"globalStorage": "Module Apache::Session",
......@@ -215,6 +218,7 @@
"https": "HTTPS",
"incompleteForm": "Des champs requis manquent",
"index": "Index",
"infoFormMethod": "Méthode du formulaire d'information",
"invalidSessionData": "Donnée de session invalide",
"internalReference": "Référence interne ",
"ipAddr": "Adresse IP",
......@@ -520,6 +524,7 @@
"radiusSecret": "Secret partagé",
"radiusServer": "Nom d'hôte du serveur",
"randomPasswordRegexp": "Expression regulière pour la génération des mots de passe",
"redirectFormMethod": "Méthode du formulaire de redirection",
"redirection": "Redirections du Handler",
"reference": "Référence",
"regexp": "Expression régulière",
......
......@@ -27,9 +27,6 @@ my @notManagedAttributes = (
# HTML template parameter (for PSGI) (must be set in lemonldap-ng.ini)
'staticPrefix',
# Menu display parameters
'redirectFormMethod', 'infoFormMethod', 'activeTimer', 'confirmFormMethod',
# PSGI/CGI protection (must be set in lemonldap-ng.ini)
'protection',
);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment