Commit 5c8f42bd authored by Clément OUDOT's avatar Clément OUDOT

Configuration for SAML Discovery Protocol (#1478)

parent d6e462d6
......@@ -65,7 +65,7 @@ our $issuerParameters = {
issuerDBOpenIDConnect => [qw(issuerDBOpenIDConnectActivation issuerDBOpenIDConnectPath issuerDBOpenIDConnectRule)],
issuerDBSAML => [qw(issuerDBSAMLActivation issuerDBSAMLPath issuerDBSAMLRule)],
};
our $samlServiceParameters = [qw(samlEntityID samlServicePrivateKeySig samlServicePrivateKeySigPwd samlServicePublicKeySig samlServicePrivateKeyEnc samlServicePrivateKeyEncPwd samlServicePublicKeyEnc samlServiceUseCertificateInResponse samlServiceSignatureMethod samlNameIDFormatMapEmail samlNameIDFormatMapX509 samlNameIDFormatMapWindows samlNameIDFormatMapKerberos samlAuthnContextMapPassword samlAuthnContextMapPasswordProtectedTransport samlAuthnContextMapTLSClient samlAuthnContextMapKerberos samlOrganizationDisplayName samlOrganizationName samlOrganizationURL samlSPSSODescriptorAuthnRequestsSigned samlSPSSODescriptorWantAssertionsSigned samlSPSSODescriptorSingleLogoutServiceHTTPRedirect samlSPSSODescriptorSingleLogoutServiceHTTPPost samlSPSSODescriptorSingleLogoutServiceSOAP samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact samlSPSSODescriptorAssertionConsumerServiceHTTPPost samlSPSSODescriptorArtifactResolutionServiceArtifact samlIDPSSODescriptorWantAuthnRequestsSigned samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect samlIDPSSODescriptorSingleSignOnServiceHTTPPost samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect samlIDPSSODescriptorSingleLogoutServiceHTTPPost samlIDPSSODescriptorSingleLogoutServiceSOAP samlIDPSSODescriptorArtifactResolutionServiceArtifact samlAttributeAuthorityDescriptorAttributeServiceSOAP samlIdPResolveCookie samlMetadataForceUTF8 samlStorage samlStorageOptions samlRelayStateTimeout samlUseQueryStringSpecific samlCommonDomainCookieActivation samlCommonDomainCookieDomain samlCommonDomainCookieReader samlCommonDomainCookieWriter)];
our $samlServiceParameters = [qw(samlEntityID samlServicePrivateKeySig samlServicePrivateKeySigPwd samlServicePublicKeySig samlServicePrivateKeyEnc samlServicePrivateKeyEncPwd samlServicePublicKeyEnc samlServiceUseCertificateInResponse samlServiceSignatureMethod samlNameIDFormatMapEmail samlNameIDFormatMapX509 samlNameIDFormatMapWindows samlNameIDFormatMapKerberos samlAuthnContextMapPassword samlAuthnContextMapPasswordProtectedTransport samlAuthnContextMapTLSClient samlAuthnContextMapKerberos samlOrganizationDisplayName samlOrganizationName samlOrganizationURL samlSPSSODescriptorAuthnRequestsSigned samlSPSSODescriptorWantAssertionsSigned samlSPSSODescriptorSingleLogoutServiceHTTPRedirect samlSPSSODescriptorSingleLogoutServiceHTTPPost samlSPSSODescriptorSingleLogoutServiceSOAP samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact samlSPSSODescriptorAssertionConsumerServiceHTTPPost samlSPSSODescriptorArtifactResolutionServiceArtifact samlIDPSSODescriptorWantAuthnRequestsSigned samlIDPSSODescriptorSingleSignOnServiceHTTPRedirect samlIDPSSODescriptorSingleSignOnServiceHTTPPost samlIDPSSODescriptorSingleSignOnServiceHTTPArtifact samlIDPSSODescriptorSingleLogoutServiceHTTPRedirect samlIDPSSODescriptorSingleLogoutServiceHTTPPost samlIDPSSODescriptorSingleLogoutServiceSOAP samlIDPSSODescriptorArtifactResolutionServiceArtifact samlAttributeAuthorityDescriptorAttributeServiceSOAP samlIdPResolveCookie samlMetadataForceUTF8 samlStorage samlStorageOptions samlRelayStateTimeout samlUseQueryStringSpecific samlCommonDomainCookieActivation samlCommonDomainCookieDomain samlCommonDomainCookieReader samlCommonDomainCookieWriter samlDiscoveryProtocolActivation samlDiscoveryProtocolURL samlDiscoveryProtocolPolicy samlDiscoveryProtocolIsPassive)];
our $oidcServiceParameters = [qw(oidcServiceMetaDataIssuer oidcServiceMetaDataAuthorizeURI oidcServiceMetaDataTokenURI oidcServiceMetaDataUserInfoURI oidcServiceMetaDataJWKSURI oidcServiceMetaDataRegistrationURI oidcServiceMetaDataEndSessionURI oidcServiceMetaDataCheckSessionURI oidcServiceMetaDataFrontChannelURI oidcServiceMetaDataBackChannelURI oidcServiceMetaDataAuthnContext oidcServicePrivateKeySig oidcServicePublicKeySig oidcServiceKeyIdSig oidcServiceAllowDynamicRegistration oidcServiceAllowAuthorizationCodeFlow oidcServiceAllowImplicitFlow oidcServiceAllowHybridFlow oidcStorage oidcStorageOptions)];
1;
......@@ -2455,6 +2455,22 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
'samlCommonDomainCookieWriter' => {
'msgFail' => '__badUrl__',
'test' =>
qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/,
'type' => 'text'
},
'samlDiscoveryProtocolActivation' => {
'default' => 0,
'type' => 'bool'
},
'samlDiscoveryProtocolIsPassive' => {
'type' => 'bool'
},
'samlDiscoveryProtocolPolicy' => {
'type' => 'text'
},
'samlDiscoveryProtocolURL' => {
'msgFail' => '__badUrl__',
'test' =>
qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/,
'type' => 'text'
},
......@@ -3008,19 +3024,19 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
'default' => 0,
'select' => [
{
'k' => '0',
'k' => 0,
'v' => 'unsecuredCookie'
},
{
'k' => '1',
'k' => 1,
'v' => 'securedCookie'
},
{
'k' => '2',
'k' => 2,
'v' => 'doubleCookie'
},
{
'k' => '3',
'k' => 3,
'v' => 'doubleCookieForSingleSession'
}
],
......
......@@ -1834,6 +1834,25 @@ sub attributes {
test => $url,
msgFail => '__badUrl__',
},
samlDiscoveryProtocolActivation => {
default => 0,
type => 'bool',
documentation => 'SAML Discovery Protocol activation',
},
samlDiscoveryProtocolURL => {
type => 'text',
test => $url,
msgFail => '__badUrl__',
documentation => 'SAML Discovery Protocol EndPoint URL',
},
samlDiscoveryProtocolPolicy => {
type => 'text',
documentation => 'SAML Discovery Protocol Policy',
},
samlDiscoveryProtocolIsPassive => {
type => 'bool',
documentation => 'SAML Discovery Protocol Is Passive',
},
samlRelayStateTimeout => {
type => 'int',
default => 600,
......
......@@ -940,6 +940,16 @@ sub tree {
'samlCommonDomainCookieReader',
'samlCommonDomainCookieWriter'
]
},
{
title => 'samlDiscoveryProtocol',
form => 'simpleInputContainer',
nodes => [
'samlDiscoveryProtocolActivation',
'samlDiscoveryProtocolURL',
'samlDiscoveryProtocolPolicy',
'samlDiscoveryProtocolIsPassive'
]
}
]
}
......
......@@ -816,6 +816,11 @@
"saml":"SAML",
"samlAttribute":"خاصيات SAML",
"samlDiscoveryProtocol":"Discovery Protocol",
"samlDiscoveryProtocolActivation":"Activation",
"samlDiscoveryProtocolIsPassive":"Is Passive",
"samlDiscoveryProtocolPolicy":"Policy",
"samlDiscoveryProtocolURL":"EndPoint URL",
"samlNameIDFormatMap":"صيغة معرف الاسم",
"samlNameIDFormatMapEmail":"البريد الإلكتروني",
"samlNameIDFormatMapX509":"X509",
......
......@@ -816,6 +816,11 @@
"saml":"SAML",
"samlAttribute":"SAML attribute",
"samlDiscoveryProtocol":"Discovery Protocol",
"samlDiscoveryProtocolActivation":"Activation",
"samlDiscoveryProtocolIsPassive":"Is Passive",
"samlDiscoveryProtocolPolicy":"Policy",
"samlDiscoveryProtocolURL":"EndPoint URL",
"samlNameIDFormatMap":"NameID formats",
"samlNameIDFormatMapEmail":"Email",
"samlNameIDFormatMapX509":"X509",
......
......@@ -816,6 +816,11 @@
"saml":"SAML",
"samlAttribute":"Attribut SAML",
"samlDiscoveryProtocol":"Protocole de découverte",
"samlDiscoveryProtocolActivation":"Activation",
"samlDiscoveryProtocolIsPassive":"Est passif",
"samlDiscoveryProtocolPolicy":"Politique",
"samlDiscoveryProtocolURL":"Adresse du point d'accès",
"samlNameIDFormatMap":"Formats de NameID",
"samlNameIDFormatMapEmail":"Email",
"samlNameIDFormatMapX509":"X509",
......
......@@ -816,6 +816,11 @@
"saml":"SAML",
"samlAttribute":"Attributo SAML",
"samlDiscoveryProtocol":"Discovery Protocol",
"samlDiscoveryProtocolActivation":"Activation",
"samlDiscoveryProtocolIsPassive":"Is Passive",
"samlDiscoveryProtocolPolicy":"Policy",
"samlDiscoveryProtocolURL":"EndPoint URL",
"samlNameIDFormatMap":"Formati NameID",
"samlNameIDFormatMapEmail":"E-mail",
"samlNameIDFormatMapX509":"X509",
......
......@@ -816,6 +816,11 @@
"saml":"SAML",
"samlAttribute":"thuộc tính SAML",
"samlDiscoveryProtocol":"Discovery Protocol",
"samlDiscoveryProtocolActivation":"Activation",
"samlDiscoveryProtocolIsPassive":"Is Passive",
"samlDiscoveryProtocolPolicy":"Policy",
"samlDiscoveryProtocolURL":"EndPoint URL",
"samlNameIDFormatMap":"Định dạng NameID",
"samlNameIDFormatMapEmail":"Email",
"samlNameIDFormatMapX509":"X509",
......
This source diff could not be displayed because it is too large. You can view the blob instead.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment