Commit a06a7c3f authored by Clément OUDOT's avatar Clément OUDOT

Manage attributes (#1503)

parent 381e9288
......@@ -41,7 +41,20 @@ if ( $opts{help} or !$opts{metadata} ) {
my $spConfKeyPrefix = $opts{spconfprefix} || "sp-";
my $idpConfKeyPrefix = $opts{spconfprefix} || "idp-";
my $spExportedAttributes = {};
# Set here attributs that are declared for your SP in the federation
# They will be set as exported attributes for all IDP
my $exportedAttributes = {
'cn' => '0;cn',
'eduPersonPrincipalName' => '0;eduPersonAffiliation',
'givenName' => '0;givenName',
'surname' => '0;surname',
'displayName' => '0;displayName',
'eduPersonAffiliation' => '0;eduPersonAffiliation',
'eduPersonPrimaryAffiliation' => '0;eduPersonPrimaryAffiliation',
'mail' => '0;mail',
'supannListeRouge' => '0;supannListeRouge',
'supannEtuCursusAnnee' => '0;supannEtuCursusAnnee',
};
my $idpCounter =
{ 'found' => 0, 'updated' => 0, 'created' => 0, rejected => 0 };
......@@ -165,11 +178,17 @@ foreach
# Check if entityID already in configuration
if ( defined $idpList->{$entityID} ) {
# Just update metadata
# Update metadata
$lastConf->{samlIDPMetaDataXML}->{ $idpList->{$entityID} }
->{samlIDPMetaDataXML} = $partner_metadata;
# Update attributes
$lastConf->{samlIDPMetaDataExportedAttributes}
->{ $idpList->{$entityID} } = $exportedAttributes;
if ( $opts{verbose} ) {
print "Update IDP $entityID metadata in configuration\n";
print
"Update IDP $entityID metadata and attributes in configuration\n";
}
$idpCounter->{updated}++;
}
......@@ -184,12 +203,8 @@ foreach
->{samlIDPMetaDataXML} = $partner_metadata;
# Attributes
# TODO: find which attributes to configure
$lastConf->{samlIDPMetaDataExportedAttributes}->{$confKey} = {
'cn' => '0;cn;;',
'mail' => '0;mail;;',
'uid' => '0;uid;;'
};
$lastConf->{samlIDPMetaDataExportedAttributes}->{$confKey} =
$exportedAttributes;
# Options
$lastConf->{samlIDPMetaDataOptions}->{$confKey} = {
......@@ -235,6 +250,47 @@ foreach
)
{
# Read requested attributes
my $requestedAttributes = {};
if (
$partner->findnodes(
'./md:SPSSODescriptor/md:AttributeConsumingService/md:RequestedAttribute'
)
)
{
foreach my $requestedAttribute (
$partner->findnodes(
'./md:SPSSODescriptor/md:AttributeConsumingService/md:RequestedAttribute'
)
)
{
my $name = $requestedAttribute->getAttribute("Name");
my $friendlyname =
$requestedAttribute->getAttribute("FriendlyName");
my $nameformat =
$requestedAttribute->getAttribute("NameFormat");
$requestedAttributes->{$friendlyname} =
"1;$name;$friendlyname;$nameformat";
if ( $opts{verbose} ) {
print
"Attribute $friendlyname ($name) requested by SP $entityID\n";
}
}
}
else {
$requestedAttributes =
{ 'cn' => '1;cn', 'uid' => '1;uid', 'mail' => '1;mail' };
}
# Remove AttributeConsumingService node
foreach (
$partner->findnodes(
'./md:SPSSODescriptor/md:AttributeConsumingService')
)
{
$_->unbindNode;
}
# Read metadata
my $partner_metadata = $partner->toString;
$partner_metadata =~ s/\n//g;
......@@ -242,11 +298,17 @@ foreach
# Check if entityID already in configuration
if ( defined $spList->{$entityID} ) {
# Just update metadata
# Update metadata
$lastConf->{samlSPPMetaDataXML}->{ $spList->{$entityID} }
->{samlSPMetaDataXML} = $partner_metadata;
# Update attributes
$lastConf->{samlSPPMetaDataExportedAttributes}
->{ $spList->{$entityID} } = $requestedAttributes;
if ( $opts{verbose} ) {
print "Update SP $entityID metadata in configuration\n";
print
"Update SP $entityID metadata and attributes in configuration\n";
}
$spCounter->{updated}++;
}
......@@ -260,12 +322,8 @@ foreach
= $partner_metadata;
# Attributes
# TODO: find which attributes to configure
$lastConf->{samlSPMetaDataExportedAttributes}->{$confKey} = {
'cn' => '1;cn;;',
'mail' => '0;mail;;',
'uid' => '1;uid;;'
};
$lastConf->{samlSPMetaDataExportedAttributes}->{$confKey} =
$requestedAttributes;
# Options
$lastConf->{samlSPMetaDataOptions}->{$confKey} = {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment