0001-federation-s-metadata-raw-content-can-be-added.patch
| usr/local/univnautes/sp/sp/management/commands/update-metadatas.py | ||
|---|---|---|
| 98 | 98 |
federations = pfconfigxml.get_federations() |
| 99 | 99 |
for federation in federations: |
| 100 | 100 |
url = federation.get('url')
|
| 101 |
metadata = federation.get('metadata')
|
|
| 101 | 102 |
codename = federation.get('codename')
|
| 102 | 103 |
descr = federation.get('descr')
|
| 103 | 104 |
signcert = federation.get('signcert')
|
| 104 |
try: |
|
| 105 |
print 'download federation %s metadata from %s' % (str(codename), str(url)) |
|
| 106 |
store_metadata(codename, urllib2.urlopen(url)) |
|
| 107 |
except urllib2.HTTPError as e: |
|
| 108 |
print 'Error loading metadata (%s)' % str(e) |
|
| 109 |
except urllib2.URLError as e: |
|
| 110 |
print 'Error loading metadata (%s)' % str(e) |
|
| 105 | ||
| 106 |
if not metadata: |
|
| 107 |
try: |
|
| 108 |
print 'download federation %s metadata from %s' % (str(codename), str(url)) |
|
| 109 |
metadata = urllib2.urlopen(url) |
|
| 110 |
except urllib2.HTTPError as e: |
|
| 111 |
print 'Error loading metadata (%s)' % str(e) |
|
| 112 |
except urllib2.URLError as e: |
|
| 113 |
print 'Error loading metadata (%s)' % str(e) |
|
| 111 | 114 |
else: |
| 112 |
if verify_metadata(codename, signcert): |
|
| 113 |
actives.add(codename) |
|
| 114 |
call_command('sync-metadata', metadata_filename(codename), source=codename, idp=True)
|
|
| 115 |
print "using metadata provided metadata file for %s" % str(codename) |
|
| 116 | ||
| 117 |
store_metadata(codename, metadata) |
|
| 118 |
if verify_metadata(codename, signcert): |
|
| 119 |
actives.add(codename) |
|
| 120 |
call_command('sync-metadata', metadata_filename(codename), source=codename, idp=True)
|
|
| 115 | 121 | |
| 116 | 122 |
present_in_filesystem = set(os.listdir(METADATAS_DIR)) |
| 117 | 123 |
for codename in present_in_filesystem - actives: |
| usr/local/univnautes/sp/sp/pfconfigxml.py | ||
|---|---|---|
| 20 | 20 |
import re |
| 21 | 21 |
import xml.etree.ElementTree as ET |
| 22 | 22 |
from operator import itemgetter |
| 23 |
from base64 import b64decode |
|
| 23 | 24 | |
| 24 | 25 |
from django.conf import settings |
| 25 | 26 | |
| ... | ... | |
| 172 | 173 |
<refid>fed_53d1161955a26</refid> |
| 173 | 174 |
<descr><![CDATA[Renater TEST Federation]]></descr> |
| 174 | 175 |
<url>https://federation.renater.fr/test/renater-test-metadata.xml</url> |
| 176 |
<metadata>[base64 encoded metadata]</metadata> |
|
| 175 | 177 |
<certref>53d115fac567b</certref> |
| 176 | 178 |
</federation> |
| 177 | 179 |
""" |
| ... | ... | |
| 189 | 191 |
url = xml_federation.find('url')
|
| 190 | 192 |
if url is not None: |
| 191 | 193 |
url = url.text |
| 194 |
metadata = xml_federation.find('metadata')
|
|
| 195 |
if metadata is not None: |
|
| 196 |
try: |
|
| 197 |
metadata = b64decode(metadata.text) |
|
| 198 |
except: |
|
| 199 |
metadata = None |
|
| 192 | 200 |
descr = xml_federation.find('descr')
|
| 193 | 201 |
if descr is not None: |
| 194 | 202 |
descr = descr.text |
| ... | ... | |
| 200 | 208 |
federations.append({
|
| 201 | 209 |
'codename': codename, |
| 202 | 210 |
'url': url, |
| 211 |
'metadata': metadata, |
|
| 203 | 212 |
'signcert': signcert, |
| 204 | 213 |
'descr': descr, |
| 205 | 214 |
}) |
| usr/local/www/services_captiveportal_saml_federation.php | ||
|---|---|---|
| 105 | 105 |
$pconfig['codename'] = $a_federation[$id]['codename']; |
| 106 | 106 |
$pconfig['descr'] = $a_federation[$id]['descr']; |
| 107 | 107 |
$pconfig['url'] = $a_federation[$id]['url']; |
| 108 |
$pconfig['metadata'] = base64_decode($a_federation[$id]['metadata']); |
|
| 108 | 109 |
$pconfig['certref'] = $a_federation[$id]['certref']; |
| 109 | 110 |
} |
| 110 | 111 | |
| ... | ... | |
| 119 | 120 |
$pconfig = $_POST; |
| 120 | 121 | |
| 121 | 122 |
/* input validation */ |
| 122 |
$reqdfields = explode(" ", "codename descr url certref");
|
|
| 123 |
$reqdfields = explode(" ", "codename descr certref");
|
|
| 123 | 124 |
$reqdfieldsn = array( |
| 124 | 125 |
gettext("Codename"),
|
| 125 | 126 |
gettext("Description"),
|
| 126 |
gettext("URL"),
|
|
| 127 | 127 |
gettext("Metadata Certificate"),
|
| 128 | 128 |
gettext("HTTPS CA Certificate"));
|
| 129 | 129 | |
| ... | ... | |
| 139 | 139 |
$input_errors[] = gettext("The codename can only contain letters, digits, and underscores (_).");
|
| 140 | 140 |
} |
| 141 | 141 | |
| 142 | ||
| 143 |
if(!$_POST['metadata'] && $_POST['url'] && !is_URL($_POST['url'])) {
|
|
| 144 |
$input_errors[] = sprintf(gettext("The metadata URL must be a valid url."), $_POST['url']);
|
|
| 145 |
} elseif(!($_POST['metadata'] || $_POST['url'])) {
|
|
| 146 |
$input_errors[] = sprintf(gettext("Metadata URL or content must provided."), $_POST['metadata']);
|
|
| 147 |
} |
|
| 148 | ||
| 142 | 149 |
/* save modifications */ |
| 143 | 150 |
if (!$input_errors) {
|
| 144 | 151 | |
| ... | ... | |
| 154 | 161 |
$federation['codename'] = $pconfig['codename']; |
| 155 | 162 |
$federation['descr'] = $pconfig['descr']; |
| 156 | 163 |
$federation['url'] = $pconfig['url']; |
| 164 |
$federation['metadata'] = base64_encode($pconfig['metadata']); |
|
| 157 | 165 |
$federation['certref'] = $pconfig['certref']; |
| 158 | 166 | |
| 159 | 167 |
if ($_POST['enable']) |
| ... | ... | |
| 259 | 267 |
<td width="22%" valign="top" class="vncellreq"><?=gettext("Metadata URL");?></td>
|
| 260 | 268 |
<td width="78%" class="vtable"> |
| 261 | 269 |
<input name="url" type="text" class="formfld url" id="url" size="65" value="<?=htmlspecialchars($pconfig['url']);?>" placeholder="https://..." /> |
| 262 |
<br/><?=gettext("");?>
|
|
| 270 |
<br/><?=gettext("or");?>
|
|
| 271 |
</td> |
|
| 272 |
</tr> |
|
| 273 |
<tr> |
|
| 274 |
<td width="22%" valign="top" class="vncellreq"><?=gettext("Metadata file content");?></td>
|
|
| 275 |
<td width="78%" class="vtable"> |
|
| 276 |
<textarea name="metadata" class="formpre" cols="75" rows="20"><?=htmlspecialchars($pconfig['metadata']);?></textarea> |
|
| 263 | 277 |
</td> |
| 264 | 278 |
</tr> |
| 265 | 279 |
<tr> |
| 266 |
- |
|