Commit 9a0a56b5 authored by Xavier Guimard's avatar Xavier Guimard

Prepare new CAS arch in manager (#1183)

parent dec57ba3
......@@ -23,7 +23,7 @@ use constant HANDLERSECTION => "handler";
use constant MANAGERSECTION => "manager";
use constant SESSIONSEXPLORERSECTION => "sessionsExplorer";
use constant APPLYSECTION => "apply";
our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|facebook|webID)ExportedVa|exported(?:Heade|Va))r|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|re(?:moteGlobalStorageOption|loadUrl)|macro)s|o(?:idc(?:RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node)|S(?:erviceMetaDataAuthnContext|torageOptions))|penIdExportedVars)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars)|c(?:as(?:S(?:rvMetaDataNode|torageOptions)|A(?:ppMetaDataNode|ttributes))|(?:ustomAddParam|ombModule)s)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|a(?:uthChoiceModules|pplicationList)|v(?:hostOptions|irtualHost)|S(?:MTPTLSOpts|SLVarIf))$/;
our $hashParameters = qr/^(?:(?:l(?:o(?:ca(?:lSessionStorageOption|tionRule)|goutService)|dapExportedVar|wp(?:Ssl)?Opt)|(?:(?:d(?:emo|bi)|facebook|webID)ExportedVa|exported(?:Heade|Va))r|g(?:r(?:antSessionRule|oup)|lobalStorageOption)|n(?:otificationStorageOption|ginxCustomHandler)|re(?:moteGlobalStorageOption|loadUrl)|macro)s|o(?:idc(?:RPMetaData(?:(?:Option(?:sExtraClaim)?|ExportedVar)s|Node)|OPMetaData(?:(?:ExportedVar|Option)s|J(?:SON|WKS)|Node)|S(?:erviceMetaDataAuthnContext|torageOptions))|penIdExportedVars)|s(?:aml(?:S(?:PMetaData(?:(?:ExportedAttribute|Option)s|Node|XML)|torageOptions)|IDPMetaData(?:(?:ExportedAttribute|Option)s|Node|XML))|essionDataToRemember|laveExportedVars)|c(?:as(?:S(?:rvMetaData(?:(?:ExportedVar|Option)s|Node)|torageOptions)|A(?:ppMetaData(?:(?:ExportedVar|Option)s|Node)|ttributes))|(?:ustomAddParam|ombModule)s)|p(?:ersistentStorageOptions|o(?:rtalSkinRules|st))|a(?:uthChoiceModules|pplicationList)|v(?:hostOptions|irtualHost)|S(?:MTPTLSOpts|SLVarIf))$/;
our @sessionTypes = ( 'remoteGlobal', 'cas', 'global', 'localSession', 'persistent', 'saml', 'oidc' );
......
......@@ -626,6 +626,18 @@ sub attributes {
],
'type' => 'select'
},
'casAppMetaDataExportedVars' => {
'default' => {
'cn' => 'cn',
'mail' => 'mail',
'uid' => 'uid'
},
'keyMsgFail' => '__badVariableName__',
'keyTest' => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/,
'msgFail' => '__badValue__',
'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/,
'type' => 'keyTextContainer'
},
'casAppMetaDataNodes' => {
'type' => 'casAppMetaDataNodeContainer'
},
......@@ -654,6 +666,9 @@ sub attributes {
'casSrvMetaDataNodes' => {
'type' => 'casSrvMetaDataNodeContainer'
},
'casSrvMetaDataOptions' => {
'type' => 'subContainer'
},
'casSrvMetaDataOptionsGateway' => {
'type' => 'bool'
},
......
......@@ -40,6 +40,7 @@ my $authParameters;
my $issuerParameters;
my $samlServiceParameters;
my $oidcServiceParameters;
my $casServiceParameters = [];
my $defaultValues;
my $attributes = Lemonldap::NG::Manager::Build::Attributes::attributes();
......@@ -158,7 +159,7 @@ sub run {
my $exportedVars = '$'
. join( 'Keys $',
'simpleHash', 'doubleHash', 'specialNode', sort keys %cnodesRe )
. 'Keys $specialNodeHash $authParameters $issuerParameters $samlServiceParameters $oidcServiceParameters';
. 'Keys $specialNodeHash $authParameters $issuerParameters $samlServiceParameters $oidcServiceParameters $casServiceParameters';
print F <<EOF;
# This file is generated by $module. Don't modify it by hand
package Lemonldap::NG::Common::Conf::ReConstants;
......@@ -179,6 +180,8 @@ our \$specialNodeHash = {
samlSPMetaDataNodes => [qw(samlSPMetaDataXML samlSPMetaDataExportedAttributes samlSPMetaDataOptions)],
oidcOPMetaDataNodes => [qw(oidcOPMetaDataJSON oidcOPMetaDataJWKS oidcOPMetaDataOptions oidcOPMetaDataExportedVars)],
oidcRPMetaDataNodes => [qw(oidcRPMetaDataOptions oidcRPMetaDataExportedVars oidcRPMetaDataOptionsExtraClaims)],
casSrvMetaDataNodes => [qw(casSrvMetaDataOptions casSrvMetaDataExportedVars)],
casAppMetaDataNodes => [qw(casAppMetaDataOptions casAppMetaDataExportedVars)],
};
EOF
......@@ -211,7 +214,7 @@ EOF
}
print F "$tmp};\n";
}
foreach (qw(samlServiceParameters oidcServiceParameters)) {
foreach (qw(samlServiceParameters oidcServiceParameters casServiceParameters)) {
no strict 'refs';
$tmp = "our \$$_ = [qw(" . join( ' ', @$$_ ) . ")];\n";
print F "$tmp";
......@@ -256,13 +259,17 @@ $defaultAttr}
$ra->add($_);
}
foreach (
qw(exportedHeaders locationRules post vhostOptions
qw(
exportedHeaders locationRules post vhostOptions
samlIDPMetaDataXML samlIDPMetaDataExportedAttributes
samlIDPMetaDataOptions samlSPMetaDataXML
samlSPMetaDataExportedAttributes samlSPMetaDataOptions
oidcOPMetaDataJSON oidcOPMetaDataJWKS oidcOPMetaDataOptions
oidcOPMetaDataExportedVars oidcRPMetaDataOptions
oidcRPMetaDataExportedVars oidcRPMetaDataOptionsExtraClaims)
oidcRPMetaDataExportedVars oidcRPMetaDataOptionsExtraClaims
casAppMetaDataExportedVars casAppMetaDataOptions
casSrvMetaDataExportedVars casSrvMetaDataOptions
)
)
{
$ra->add($_);
......@@ -438,7 +445,7 @@ sub scanTree {
elsif ( ref($leaf) ) {
$jleaf->{title} = $jleaf->{id} = $leaf->{title};
$jleaf->{type} = $leaf->{form} if ( $leaf->{form} );
if ( $leaf->{title} =~ /^((?:oidc|saml)Service)MetaData$/ ) {
if ( $leaf->{title} =~ /^((?:oidc|saml|cas)Service)MetaData$/ ) {
no strict 'refs';
my @tmp = $self->scanLeaf( $leaf->{nodes} );
${ $1 . 'Parameters' } = \@tmp;
......
......@@ -1481,14 +1481,15 @@ sub attributes {
samlIDPMetaDataNodes => {
type => 'samlIDPMetaDataNodeContainer',
template => 'samlIDPMetaDataNode',
help => 'authsaml.html',
},
# Fake attribute: used by manager REST API to agglomerate all nodes
# related to a SAML SP partner
samlSPMetaDataNodes => {
type => 'samlSPMetaDataNodeContainer',
help => 'authsaml.html',
template => 'samlSPMetaDataNode',
help => 'idpsaml.html',
},
# TODO: split that
......@@ -2066,6 +2067,7 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
default => { cn => 'cn', mail => 'mail', uid => 'uid', },
documentation => 'CAS exported variables',
},
casSrvMetaDataOptions => { type => 'subContainer', },
casSrvMetaDataOptionsGateway => { type => 'bool', },
casSrvMetaDataOptionsProxiedServices => {
type => 'keyTextContainer',
......@@ -2079,19 +2081,30 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
msgFail => '__badUrl__',
},
casAppMetaDataExportedVars => {
type => 'keyTextContainer',
keyTest => qr/^!?[a-zA-Z][a-zA-Z0-9_-]*$/,
keyMsgFail => '__badVariableName__',
test => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/,
msgFail => '__badValue__',
default => { cn => 'cn', mail => 'mail', uid => 'uid', },
documentation => 'CAS exported variables',
},
# Fake attribute: used by manager REST API to agglomerate all nodes
# related to a SAML IDP partner
casSrvMetaDataNodes => {
type => 'casSrvMetaDataNodeContainer',
template => 'casSrvMetaDataNode',
help => 'authcas.html',
},
# Fake attribute: used by manager REST API to agglomerate all nodes
# related to a SAML SP partner
casAppMetaDataNodes => {
type => 'casAppMetaDataNodeContainer',
help => 'authsaml.html',
template => 'casAppMetaDataNode',
help => 'idpcas.html',
},
# PAM
......
......@@ -226,7 +226,13 @@ sub cTrees {
},
'casSrvMetaDataExportedVars',
],
casAppMetaDataNode => [],
casAppMetaDataNode => [
{
title => 'casAppMetaDataOptions',
nodes => []
},
'casAppMetaDataExportedVars',
],
};
}
......
......@@ -431,7 +431,29 @@ sub _scanNodes {
elsif ( $base =~ /^cas(?:App|Srv)MetaDataNodes$/ ) {
my $optKey = $&;
hdebug('CAS');
if ( $target =~
if ( $target =~ /^cas(?:App|Srv)MetaDataOptions$/ ) {
hdebug(" $target: looking for subnodes");
$self->_scanNodes($subNodes);
$self->set( $target, $key, $leaf->{title}, $leaf->{data} );
}
elsif ( $target =~ /^cas(?:App|Srv)MetaDataExportedVars$/ ) {
hdebug(" $target");
if ( $leaf->{cnodes} ) {
hdebug(' unopened');
$self->newConf->{$target}->{$key} =
$self->refConf->{$target}->{$oldName} // {};
}
elsif ($h) {
hdebug(' opened');
$self->set( $target, $key, $leaf->{title},
$leaf->{data} );
}
else {
hdebug(" $target: looking for subnodes");
$self->_scanNodes($subNodes);
}
}
elsif ( $target =~
/^(?:$casSrvMetaDataNodeKeys|$casAppMetaDataNodeKeys)/o )
{
$self->set( $optKey, [ $oldName, $key ],
......
......@@ -9,7 +9,39 @@ function templates(tpl,key) {
};
switch(tpl){
case 'casAppMetaDataNode':
return []
return [
{
"_nodes" : [],
"id" : "casAppMetaDataOptions",
"title" : "casAppMetaDataOptions"
},
{
"cnodes" : tpl+"s/"+key+"/"+"casAppMetaDataExportedVars",
"default" : [
{
"data" : "cn",
"id" : tpl+"s/"+key+"/"+"casAppMetaDataExportedVars/cn",
"title" : "cn",
"type" : "keyText"
},
{
"data" : "mail",
"id" : tpl+"s/"+key+"/"+"casAppMetaDataExportedVars/mail",
"title" : "mail",
"type" : "keyText"
},
{
"data" : "uid",
"id" : tpl+"s/"+key+"/"+"casAppMetaDataExportedVars/uid",
"title" : "uid",
"type" : "keyText"
}
],
"id" : tpl+"s/"+key+"/"+"casAppMetaDataExportedVars",
"title" : "casAppMetaDataExportedVars",
"type" : "keyTextContainer"
}
]
;
case 'casSrvMetaDataNode':
return [
......
......@@ -19,7 +19,8 @@ my @notManagedAttributes = (
# Complex nodes
'samlSPMetaDataOptions', 'samlIDPMetaDataOptions', 'oidcRPMetaDataOptions',
'oidcOPMetaDataOptions', 'vhostOptions',
'oidcOPMetaDataOptions', 'casSrvMetaDataOptions', 'casAppMetaDataOptions',
'vhostOptions',
# Metadatas (added by manager itself)
'cfgAuthor', 'cfgAuthorIP', 'cfgNum', 'cfgDate', 'cfgLog', 'cfgVersion',
......@@ -37,6 +38,8 @@ my $doubleUsage = qr/^(?:
samlIDPMetaDataOptions|
oidcRPMetaDataOptions|
oidcOPMetaDataOptions|
casSrvMetaDataOptions|
casAppMetaDataOptions|
vhostOptions
)$/x;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment