0001-federation-s-metadata-raw-content-can-be-added.patch
usr/local/univnautes/sp/sp/management/commands/update-metadatas.py | ||
---|---|---|
98 | 98 |
federations = pfconfigxml.get_federations() |
99 | 99 |
for federation in federations: |
100 | 100 |
url = federation.get('url') |
101 |
metadata = federation.get('metadata') |
|
101 | 102 |
codename = federation.get('codename') |
102 | 103 |
descr = federation.get('descr') |
103 | 104 |
signcert = federation.get('signcert') |
104 |
try: |
|
105 |
print 'download federation %s metadata from %s' % (str(codename), str(url)) |
|
106 |
store_metadata(codename, urllib2.urlopen(url)) |
|
107 |
except urllib2.HTTPError as e: |
|
108 |
print 'Error loading metadata (%s)' % str(e) |
|
109 |
except urllib2.URLError as e: |
|
110 |
print 'Error loading metadata (%s)' % str(e) |
|
105 | ||
106 |
if not metadata: |
|
107 |
try: |
|
108 |
print 'download federation %s metadata from %s' % (str(codename), str(url)) |
|
109 |
metadata = urllib2.urlopen(url) |
|
110 |
except urllib2.HTTPError as e: |
|
111 |
print 'Error loading metadata (%s)' % str(e) |
|
112 |
except urllib2.URLError as e: |
|
113 |
print 'Error loading metadata (%s)' % str(e) |
|
111 | 114 |
else: |
112 |
if verify_metadata(codename, signcert): |
|
113 |
actives.add(codename) |
|
114 |
call_command('sync-metadata', metadata_filename(codename), source=codename, idp=True) |
|
115 |
print "using metadata provided metadata file for %s" % str(codename) |
|
116 | ||
117 |
store_metadata(codename, metadata) |
|
118 |
if verify_metadata(codename, signcert): |
|
119 |
actives.add(codename) |
|
120 |
call_command('sync-metadata', metadata_filename(codename), source=codename, idp=True) |
|
115 | 121 | |
116 | 122 |
present_in_filesystem = set(os.listdir(METADATAS_DIR)) |
117 | 123 |
for codename in present_in_filesystem - actives: |
usr/local/univnautes/sp/sp/pfconfigxml.py | ||
---|---|---|
20 | 20 |
import re |
21 | 21 |
import xml.etree.ElementTree as ET |
22 | 22 |
from operator import itemgetter |
23 |
from base64 import b64decode |
|
23 | 24 | |
24 | 25 |
from django.conf import settings |
25 | 26 | |
... | ... | |
172 | 173 |
<refid>fed_53d1161955a26</refid> |
173 | 174 |
<descr><![CDATA[Renater TEST Federation]]></descr> |
174 | 175 |
<url>https://federation.renater.fr/test/renater-test-metadata.xml</url> |
176 |
<metadata>[base64 encoded metadata]</metadata> |
|
175 | 177 |
<certref>53d115fac567b</certref> |
176 | 178 |
</federation> |
177 | 179 |
""" |
... | ... | |
189 | 191 |
url = xml_federation.find('url') |
190 | 192 |
if url is not None: |
191 | 193 |
url = url.text |
194 |
metadata = xml_federation.find('metadata') |
|
195 |
if metadata is not None: |
|
196 |
try: |
|
197 |
metadata = b64decode(metadata.text) |
|
198 |
except: |
|
199 |
metadata = None |
|
192 | 200 |
descr = xml_federation.find('descr') |
193 | 201 |
if descr is not None: |
194 | 202 |
descr = descr.text |
... | ... | |
200 | 208 |
federations.append({ |
201 | 209 |
'codename': codename, |
202 | 210 |
'url': url, |
211 |
'metadata': metadata, |
|
203 | 212 |
'signcert': signcert, |
204 | 213 |
'descr': descr, |
205 | 214 |
}) |
usr/local/www/services_captiveportal_saml_federation.php | ||
---|---|---|
105 | 105 |
$pconfig['codename'] = $a_federation[$id]['codename']; |
106 | 106 |
$pconfig['descr'] = $a_federation[$id]['descr']; |
107 | 107 |
$pconfig['url'] = $a_federation[$id]['url']; |
108 |
$pconfig['metadata'] = base64_decode($a_federation[$id]['metadata']); |
|
108 | 109 |
$pconfig['certref'] = $a_federation[$id]['certref']; |
109 | 110 |
} |
110 | 111 | |
... | ... | |
119 | 120 |
$pconfig = $_POST; |
120 | 121 | |
121 | 122 |
/* input validation */ |
122 |
$reqdfields = explode(" ", "codename descr url certref");
|
|
123 |
$reqdfields = explode(" ", "codename descr certref"); |
|
123 | 124 |
$reqdfieldsn = array( |
124 | 125 |
gettext("Codename"), |
125 | 126 |
gettext("Description"), |
126 |
gettext("URL"), |
|
127 | 127 |
gettext("Metadata Certificate"), |
128 | 128 |
gettext("HTTPS CA Certificate")); |
129 | 129 | |
... | ... | |
139 | 139 |
$input_errors[] = gettext("The codename can only contain letters, digits, and underscores (_)."); |
140 | 140 |
} |
141 | 141 | |
142 | ||
143 |
if(!$_POST['metadata'] && $_POST['url'] && !is_URL($_POST['url'])) { |
|
144 |
$input_errors[] = sprintf(gettext("The metadata URL must be a valid url."), $_POST['url']); |
|
145 |
} elseif(!($_POST['metadata'] || $_POST['url'])) { |
|
146 |
$input_errors[] = sprintf(gettext("Metadata URL or content must provided."), $_POST['metadata']); |
|
147 |
} |
|
148 | ||
142 | 149 |
/* save modifications */ |
143 | 150 |
if (!$input_errors) { |
144 | 151 | |
... | ... | |
154 | 161 |
$federation['codename'] = $pconfig['codename']; |
155 | 162 |
$federation['descr'] = $pconfig['descr']; |
156 | 163 |
$federation['url'] = $pconfig['url']; |
164 |
$federation['metadata'] = base64_encode($pconfig['metadata']); |
|
157 | 165 |
$federation['certref'] = $pconfig['certref']; |
158 | 166 | |
159 | 167 |
if ($_POST['enable']) |
... | ... | |
259 | 267 |
<td width="22%" valign="top" class="vncellreq"><?=gettext("Metadata URL");?></td> |
260 | 268 |
<td width="78%" class="vtable"> |
261 | 269 |
<input name="url" type="text" class="formfld url" id="url" size="65" value="<?=htmlspecialchars($pconfig['url']);?>" placeholder="https://..." /> |
262 |
<br/><?=gettext("");?> |
|
270 |
<br/><?=gettext("or");?> |
|
271 |
</td> |
|
272 |
</tr> |
|
273 |
<tr> |
|
274 |
<td width="22%" valign="top" class="vncellreq"><?=gettext("Metadata file content");?></td> |
|
275 |
<td width="78%" class="vtable"> |
|
276 |
<textarea name="metadata" class="formpre" cols="75" rows="20"><?=htmlspecialchars($pconfig['metadata']);?></textarea> |
|
263 | 277 |
</td> |
264 | 278 |
</tr> |
265 | 279 |
<tr> |
266 |
- |