Skip to content

GitLab

Commit 568eb70e authored by Yadd's avatar Yadd
Browse files

Update macros (#595)

parent 3f3ac6d7
Hide whitespace changes
Inline Side-by-side
Showing with 227 additions and 201 deletions
_example/conf/lmConf-1.json
View file @ 568eb70e
{
"applicationList": {
"1sample": {
"catname": "Sample applications",
"test1": {
"options": {
"description": "A simple application displaying authenticated user",
"display": "auto",
"logo": "demo.png",
"name": "Application Test 1",
"uri": "http://test1.__DNSDOMAIN__/"
},
"type": "application"
"applicationList" : {
"1sample" : {
"catname" : "Sample applications",
"test1" : {
"options" : {
"description" : "A simple application displaying authenticated user",
"display" : "auto",
"logo" : "demo.png",
"name" : "Application Test 1",
"uri" : "http://test1.__DNSDOMAIN__/"
},
"type" : "application"
},
"test2" : {
"options" : {
"description" : "The same simple application displaying authenticated user",
"display" : "auto",
"logo" : "thumbnail.png",
"name" : "Application Test 2",
"uri" : "http://test2.__DNSDOMAIN__/"
},
"type" : "application"
},
"type" : "category"
},
"test2": {
"options": {
"description": "The same simple application displaying authenticated user",
"display": "auto",
"logo": "thumbnail.png",
"name": "Application Test 2",
"uri": "http://test2.__DNSDOMAIN__/"
},
"type": "application"
"2administration" : {
"catname" : "Administration",
"manager" : {
"options" : {
"description" : "Configure LemonLDAP::NG WebSSO",
"display" : "auto",
"logo" : "configure.png",
"name" : "WebSSO Manager",
"uri" : "http://manager.__DNSDOMAIN__/manager.html"
},
"type" : "application"
},
"notifications" : {
"options" : {
"description" : "Explore WebSSO notifications",
"display" : "auto",
"logo" : "database.png",
"name" : "Notifications explorer",
"uri" : "http://manager.__DNSDOMAIN__/notifications.html"
},
"type" : "application"
},
"sessions" : {
"options" : {
"description" : "Explore WebSSO sessions",
"display" : "auto",
"logo" : "database.png",
"name" : "Sessions explorer",
"uri" : "http://manager.__DNSDOMAIN__/sessions.html"
},
"type" : "application"
},
"type" : "category"
},
"type": "category"
},
"2administration": {
"catname": "Administration",
"manager": {
"options": {
"description": "Configure LemonLDAP::NG WebSSO",
"display": "auto",
"logo": "configure.png",
"name": "WebSSO Manager",
"uri": "http://manager.__DNSDOMAIN__/manager.html"
},
"type": "application"
"3documentation" : {
"catname" : "Documentation",
"localdoc" : {
"options" : {
"description" : "Documentation supplied with LemonLDAP::NG",
"display" : "on",
"logo" : "help.png",
"name" : "Local documentation",
"uri" : "http://manager.__DNSDOMAIN__/doc/"
},
"type" : "application"
},
"officialwebsite" : {
"options" : {
"description" : "Official LemonLDAP::NG Website",
"display" : "on",
"logo" : "network.png",
"name" : "Offical Website",
"uri" : "http://lemonldap-ng.org/"
},
"type" : "application"
},
"type" : "category"
}
},
"authentication" : "Demo",
"cfgAuthor" : "The LemonLDAP::NG team",
"cfgNum" : 1,
"cfgVersion" : "2.0.0",
"cookieName" : "lemonldap",
"demoExportedVars" : {
"cn" : "cn",
"mail" : "mail",
"uid" : "uid"
},
"domain" : "__DNSDOMAIN__",
"exportedHeaders" : {
"test1.__DNSDOMAIN__" : {
"Auth-User" : "$uid"
},
"notifications": {
"options": {
"description": "Explore WebSSO notifications",
"display": "auto",
"logo": "database.png",
"name": "Notifications explorer",
"uri": "http://manager.__DNSDOMAIN__/notifications.html"
},
"type": "application"
"test2.__DNSDOMAIN__" : {
"Auth-User" : "$uid"
}
},
"exportedVars" : {
"UA" : "HTTP_USER_AGENT"
},
"globalStorage" : "Apache::Session::File",
"globalStorageOptions" : {
"Directory" : "__SESSIONDIR__",
"LockDirectory" : "__SESSIONDIR__/lock",
"generateModule" : "Lemonldap::NG::Common::Apache::Session::Generate::SHA256"
},
"groups" : {},
"localSessionStorage" : "Cache::FileCache",
"localSessionStorageOptions" : {
"cache_depth" : 3,
"cache_root" : "/tmp",
"default_expires_in" : 600,
"directory_umask" : "007",
"namespace" : "lemonldap-ng-sessions"
},
"locationRules" : {
"manager.__DNSDOMAIN__" : {
"(?#Configuration)^/(manager\\.html|conf/)" : "$uid eq \"dwho\"",
"(?#Notifications)/notifications" : "$uid eq \"dwho\" or $uid eq \"rtyler\"",
"(?#Sessions)/sessions" : "$uid eq \"dwho\" or $uid eq \"rtyler\"",
"default" : "$uid eq \"dwho\""
},
"sessions": {
"options": {
"description": "Explore WebSSO sessions",
"display": "auto",
"logo": "database.png",
"name": "Sessions explorer",
"uri": "http://manager.__DNSDOMAIN__/sessions.html"
},
"type": "application"
"test1.__DNSDOMAIN__" : {
"^/logout" : "logout_sso",
"default" : "accept"
},
"type": "category"
},
"3documentation": {
"catname": "Documentation",
"localdoc": {
"options": {
"description": "Documentation supplied with LemonLDAP::NG",
"display": "on",
"logo": "help.png",
"name": "Local documentation",
"uri": "http://manager.__DNSDOMAIN__/doc/"
},
"type": "application"
},
"officialwebsite": {
"options": {
"description": "Official LemonLDAP::NG Website",
"display": "on",
"logo": "network.png",
"name": "Offical Website",
"uri": "http://lemonldap-ng.org/"
},
"type": "application"
},
"type": "category"
}
},
"authentication": "Demo",
"cfgAuthor": "The LemonLDAP::NG team",
"cfgNum": 1,
"cfgVersion": "2.0.0",
"cookieName": "lemonldap",
"demoExportedVars": {
"cn": "cn",
"mail": "mail",
"uid": "uid"
},
"domain": "__DNSDOMAIN__",
"exportedHeaders": {
"test1.__DNSDOMAIN__": {
"Auth-User": "$uid"
},
"test2.__DNSDOMAIN__": {
"Auth-User": "$uid"
}
},
"exportedVars": {
"UA": "HTTP_USER_AGENT"
},
"globalStorage": "Apache::Session::File",
"globalStorageOptions": {
"Directory": "__SESSIONDIR__",
"LockDirectory": "__SESSIONDIR__/lock",
"generateModule": "Lemonldap::NG::Common::Apache::Session::Generate::SHA256"
},
"groups": {},
"localSessionStorage": "Cache::FileCache",
"localSessionStorageOptions": {
"cache_depth": 3,
"cache_root": "/tmp",
"default_expires_in": 600,
"directory_umask": "007",
"namespace": "lemonldap-ng-sessions"
},
"locationRules": {
"manager.__DNSDOMAIN__": {
"(?#Configuration)^/(manager\\.html|conf/)": "$uid eq \"dwho\"",
"(?#Notifications)^/notifications": "$uid eq \"dwho\" or $uid eq \"rtyler\"",
"(?#Sessions)^/sessions": "$uid eq \"dwho\" or $uid eq \"rtyler\"",
"default": "$uid eq \"dwho\""
},
"test1.__DNSDOMAIN__": {
"^/logout": "logout_sso",
"default": "accept"
},
"test2.__DNSDOMAIN__": {
"^/logout": "logout_sso",
"default": "accept"
}
},
"loginHistoryEnabled": 1,
"macros": {
"_whatToTrace": "$_auth eq 'SAML' ? \"$_user\\@$_idpConfKey\" : \"$_user\""
},
"mailUrl": "http://auth.__DNSDOMAIN__/resetpwd",
"notification": 1,
"notificationStorage": "File",
"notificationStorageOptions": {
"dirName": "__NOTIFICATIONDIR__"
},
"passwordDB": "Demo",
"persistentStorage": "Apache::Session::File",
"persistentStorageOptions": {
"Directory": "__PSESSIONDIR__",
"LockDirectory": "__PSESSIONDIR__/lock"
},
"portal": "http://auth.__DNSDOMAIN__/",
"portalSkin": "bootstrap",
"portalSkinBackground": "1280px-Cedar_Breaks_National_Monument_partially.jpg",
"registerDB": "Demo",
"registerUrl": "http://auth.__DNSDOMAIN__/register",
"reloadUrls": {
"reload.__DNSDOMAIN__": "http://reload.__DNSDOMAIN__/reload"
},
"securedCookie": 0,
"sessionDataToRemember": {},
"timeout": 72000,
"userDB": "Same",
"whatToTrace": "_whatToTrace"
}
\ No newline at end of file
"test2.__DNSDOMAIN__" : {
"^/logout" : "logout_sso",
"default" : "accept"
}
},
"loginHistoryEnabled" : 1,
"macros" : {
"_whatToTrace" : "$_auth eq 'SAML' ? \"$_user\\@$_idpConfKey\" : $_auth eq 'OpenIDConnect' ? \"$_user\\@$_oidcConnectedRP\" : \"$_user\""
},
"mailUrl" : "http://auth.__DNSDOMAIN__/resetpwd",
"notification" : 1,
"notificationStorage" : "File",
"notificationStorageOptions" : {
"dirName" : "__NOTIFICATIONDIR__"
},
"passwordDB" : "Demo",
"persistentStorage" : "Apache::Session::File",
"persistentStorageOptions" : {
"Directory" : "__PSESSIONDIR__",
"LockDirectory" : "__PSESSIONDIR__/lock"
},
"portal" : "http://auth.__DNSDOMAIN__/",
"portalSkin" : "bootstrap",
"portalSkinBackground" : "1280px-Cedar_Breaks_National_Monument_partially.jpg",
"registerDB" : "Demo",
"registerUrl" : "http://auth.__DNSDOMAIN__/register",
"reloadUrls" : {
"reload.__DNSDOMAIN__" : "http://reload.__DNSDOMAIN__/reload"
},
"securedCookie" : 0,
"sessionDataToRemember" : {},
"timeout" : 72000,
"userDB" : "Same",
"whatToTrace" : "_whatToTrace"
}
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm
View file @ 568eb70e
......@@ -495,6 +495,7 @@ sub scanTree {
push @sessionTypes, $1
if ( $leaf =~ /^(.*)(?<!notification)StorageOptions$/ );
my $attr = $attributes->{$leaf} or die("Missing attribute $leaf");
print STDERR "| $attr->{documentation} | $leaf |\n";
$jleaf = { id => "$prefix$leaf", title => $leaf };
unless ( $attr->{type} ) {
print STDERR "Fatal: no type: $leaf\n";
......
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
View file @ 568eb70e
......@@ -265,7 +265,7 @@ sub attributes {
default => 'get',
documentation => 'HTTP method for info page form',
},
port => { type => 'int', },
port => { type => 'int', documentation => 'Force port in redirection' },
jsRedirect => {
type => 'boolOrExpr',
default => 0,
......@@ -287,6 +287,7 @@ sub attributes {
keyTest => qr/^\w+$/,
test => qr/^[a-zA-Z][a-zA-Z0-9]*(?:::[a-zA-Z][a-zA-Z0-9]*)*$/,
msgFail => '__badPerlPackageName__',
documentation => 'Custom Nginx handler (deprecated)',
},
noAjaxHook => {
default => 0,
......@@ -318,11 +319,12 @@ sub attributes {
documentation => 'HTTP method for redirect page form',
},
reloadUrls => {
type => 'keyTextContainer',
help => 'configlocation.html#configuration_reload',
keyTest => qr/^$Regexp::Common::URI::RFC2396::host(?::\d+)?$/,
test => $url,
msgFail => '__badUrl__'
type => 'keyTextContainer',
help => 'configlocation.html#configuration_reload',
keyTest => qr/^$Regexp::Common::URI::RFC2396::host(?::\d+)?$/,
test => $url,
msgFail => '__badUrl__',
documentation => 'URL to call on reload',
},
staticPrefix => {
type => 'text',
......@@ -411,12 +413,13 @@ sub attributes {
],
},
portalSkinRules => {
type => 'keyTextContainer',
help => 'portalcustom.html',
keyTest => $perlExpr,
keyMsgFail => '__badSkinRule__',
test => qr/^\w+$/,
msgFail => '__badValue__',
type => 'keyTextContainer',
help => 'portalcustom.html',
keyTest => $perlExpr,
keyMsgFail => '__badSkinRule__',
test => qr/^\w+$/,
msgFail => '__badValue__',
documentation => 'Rules to choose portal skin',
},
# Security
......@@ -446,9 +449,10 @@ sub attributes {
documentation => 'Check XSS',
},
grantSessionRules => {
type => 'grantContainer',
keyTest => $perlExpr,
test => sub { 1 },
type => 'grantContainer',
keyTest => $perlExpr,
test => sub { 1 },
documentation => 'Rules to grant sessions',
},
hiddenAttributes => {
type => 'text',
......@@ -517,8 +521,9 @@ sub attributes {
default => '[A-Z]{3}[a-z]{5}.\d{2}',
documentation => 'Regular expression to create a random password',
},
trustedDomains => { type => 'text', },
storePassword => {
trustedDomains =>
{ type => 'text', documentation => 'Trusted domains', },
storePassword => {
default => 0,
type => 'bool',
documentation => 'Store password in session',
......@@ -631,8 +636,9 @@ sub attributes {
},
# Cookies
cookieExpiration => { type => 'text', },
cookieName => {
cookieExpiration =>
{ type => 'text', documentation => 'Cookie expiration', },
cookieName => {
type => 'text',
test => qr/^[a-zA-Z][a-zA-Z0-9_-]*$/,
msgFail => '__badCookieName__',
......@@ -667,15 +673,18 @@ sub attributes {
oldNotifFormat => {
type => 'bool',
default => 0,
documentation => 'Use old XML format',
documentation => 'Use old XML format for notifications',
},
notificationWildcard => {
type => 'text',
default => 'allusers',
documentation => 'Notification string to match all users',
},
notificationXSLTfile => { type => 'text', },
notification => {
notificationXSLTfile => {
type => 'text',
documentation => 'Custom XSLT document for notifications',
},
notification => {
default => 0,
type => 'bool',
documentation => 'Notification activation',
......@@ -765,9 +774,9 @@ sub attributes {
documentation => 'Session backend module options',
},
localSessionStorage => {
type => 'PerlModule',
default => 'Cache::FileCache',
, documentation => 'Sessions cache module',
type => 'PerlModule',
default => 'Cache::FileCache',
documentation => 'Sessions cache module',
},
localSessionStorageOptions => {
type => 'keyTextContainer',
......@@ -782,12 +791,19 @@ sub attributes {
},
# Persistent storage
persistentStorage => { type => 'PerlModule', },
persistentStorageOptions => { type => 'keyTextContainer', },
sessionDataToRemember => {
type => 'keyTextContainer',
keyTest => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/,
keyMsgFail => '__invalidSessionData__',
persistentStorage => {
type => 'PerlModule',
documentation => 'Storage module for persistent sessions'
},
persistentStorageOptions => {
type => 'keyTextContainer',
documentation => 'Options for persistent sessions storage module'
},
sessionDataToRemember => {
type => 'keyTextContainer',
keyTest => qr/^[_a-zA-Z][a-zA-Z0-9_]*$/,
keyMsgFail => '__invalidSessionData__',
documentation => 'Data to remember in login history',
},
# SAML issuer
......@@ -882,13 +898,15 @@ sub attributes {
},
# Mails
mailBody => { type => 'longtext', },
mailBody =>
{ type => 'longtext', documentation => 'Custom mail body', },
mailCharset => {
type => 'text',
default => 'utf-8',
documentation => 'Mail charset',
},
mailConfirmBody => { type => 'longtext', },
mailConfirmBody =>
{ type => 'longtext', documentation => 'Custom confirm mail body', },
mailConfirmSubject => {
type => 'text',
documentation => 'Mail subject for reset confirmation',
......@@ -898,7 +916,7 @@ sub attributes {
default => 'noreply@example.com',
documentation => 'Sender email',
},
mailReplyTo => { type => 'text', },
mailReplyTo => { type => 'text', documentation => 'Reply-To address' },
mailSessionKey => {
type => 'text',
default => 'mail',
......@@ -924,8 +942,14 @@ sub attributes {
test => qr/^(?:$Regexp::Common::URI::RFC2396::host(?::\d+)?)?$/,
documentation => 'SMTP Server',
},
SMTPAuthUser => { type => 'text', },
SMTPAuthPass => { type => 'password', },
SMTPAuthUser => {
type => 'text',
documentation => 'Login to use to send mails',
},
SMTPAuthPass => {
type => 'password',
documentation => 'Password to use to send mails',
},
# Registration
registerConfirmSubject => {
......@@ -993,8 +1017,9 @@ sub attributes {
documentation => 'Allow only one session per IP',
},
singleUserByIP => {
default => 0,
type => 'bool',
default => 0,
type => 'bool',
documentation => 'Allow only one user per IP',
},
singleSessionUserByIP => {
default => 0,
......
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Zero.pm
View file @ 568eb70e
......@@ -108,7 +108,7 @@ sub zeroConf {
},
'macros' => {
'_whatToTrace' =>
'$_auth eq \'SAML\' ? "$_user\\@$_idpConfKey" : "$_user"'
'$_auth eq \'SAML\' ? "$_user\\@$_idpConfKey" : $_auth eq \'OpenIDConnect\' ? "$_user\\@$_oidcConnectedRP" : "$_user"'
},
'notificationStorageOptions' => {
'dirName' => $notificationDir
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment