From ba42f5ae5e169bfbc21567f076df2f82108ce452 Mon Sep 17 00:00:00 2001
From: Serghei MIHAI <smihai@entrouvert.com>
Date: Wed, 22 Oct 2014 16:17:59 +0200
Subject: [PATCH] federation's metadata raw content can be added

Closes #5568
---
 .../sp/sp/management/commands/update-metadatas.py  | 26 +++++++++++++---------
 usr/local/univnautes/sp/sp/pfconfigxml.py          |  9 ++++++++
 .../www/services_captiveportal_saml_federation.php | 20 ++++++++++++++---
 3 files changed, 42 insertions(+), 13 deletions(-)

diff --git a/usr/local/univnautes/sp/sp/management/commands/update-metadatas.py b/usr/local/univnautes/sp/sp/management/commands/update-metadatas.py
index 7e26593..b3a3673 100644
--- a/usr/local/univnautes/sp/sp/management/commands/update-metadatas.py
+++ b/usr/local/univnautes/sp/sp/management/commands/update-metadatas.py
@@ -98,20 +98,26 @@ class Command(BaseCommand):
         federations = pfconfigxml.get_federations()
         for federation in federations:
             url = federation.get('url')
+            metadata = federation.get('metadata')
             codename = federation.get('codename')
             descr = federation.get('descr')
             signcert = federation.get('signcert')
-            try:
-                print 'download federation %s metadata from %s' % (str(codename), str(url))
-                store_metadata(codename, urllib2.urlopen(url))
-            except urllib2.HTTPError as e:
-                print 'Error loading metadata (%s)' % str(e)
-            except urllib2.URLError as e:
-                print 'Error loading metadata (%s)' % str(e)
+
+            if not metadata:
+                try:
+                    print 'download federation %s metadata from %s' % (str(codename), str(url))
+                    metadata = urllib2.urlopen(url)
+                except urllib2.HTTPError as e:
+                    print 'Error loading metadata (%s)' % str(e)
+                except urllib2.URLError as e:
+                    print 'Error loading metadata (%s)' % str(e)
             else:
-                if verify_metadata(codename, signcert):
-                    actives.add(codename)
-                    call_command('sync-metadata', metadata_filename(codename), source=codename, idp=True)
+                print "using metadata provided metadata file for %s" % str(codename)
+
+            store_metadata(codename, metadata)
+            if verify_metadata(codename, signcert):
+                actives.add(codename)
+                call_command('sync-metadata', metadata_filename(codename), source=codename, idp=True)
 
         present_in_filesystem = set(os.listdir(METADATAS_DIR))
         for codename in present_in_filesystem - actives:
diff --git a/usr/local/univnautes/sp/sp/pfconfigxml.py b/usr/local/univnautes/sp/sp/pfconfigxml.py
index ff1b0b2..420cf94 100644
--- a/usr/local/univnautes/sp/sp/pfconfigxml.py
+++ b/usr/local/univnautes/sp/sp/pfconfigxml.py
@@ -20,6 +20,7 @@ import sys
 import re
 import xml.etree.ElementTree as ET
 from operator import itemgetter
+from base64 import b64decode
 
 from django.conf import settings
 
@@ -172,6 +173,7 @@ def get_federations():
         <refid>fed_53d1161955a26</refid>
         <descr><![CDATA[Renater TEST Federation]]></descr>
         <url>https://federation.renater.fr/test/renater-test-metadata.xml</url>
+        <metadata>[base64 encoded metadata]</metadata>
         <certref>53d115fac567b</certref>
     </federation>
     """
@@ -189,6 +191,12 @@ def get_federations():
         url = xml_federation.find('url')
         if url is not None:
             url = url.text
+        metadata = xml_federation.find('metadata')
+        if metadata is not None:
+            try:
+                metadata = b64decode(metadata.text)
+            except:
+                metadata = None
         descr = xml_federation.find('descr')
         if descr is not None:
             descr = descr.text
@@ -200,6 +208,7 @@ def get_federations():
         federations.append({
             'codename': codename,
             'url': url,
+            'metadata': metadata,
             'signcert': signcert,
             'descr': descr,
             })
diff --git a/usr/local/www/services_captiveportal_saml_federation.php b/usr/local/www/services_captiveportal_saml_federation.php
index 6b0ab94..d5d638b 100755
--- a/usr/local/www/services_captiveportal_saml_federation.php
+++ b/usr/local/www/services_captiveportal_saml_federation.php
@@ -105,6 +105,7 @@ if ($act == "edit") {
 	$pconfig['codename'] = $a_federation[$id]['codename'];
 	$pconfig['descr'] = $a_federation[$id]['descr'];
 	$pconfig['url'] = $a_federation[$id]['url'];
+	$pconfig['metadata'] = base64_decode($a_federation[$id]['metadata']);
 	$pconfig['certref'] = $a_federation[$id]['certref'];
 }
 
@@ -119,11 +120,10 @@ if ($_POST) {
 	$pconfig = $_POST;
 
 	/* input validation */
-	$reqdfields = explode(" ", "codename descr url certref");
+	$reqdfields = explode(" ", "codename descr certref");
 	$reqdfieldsn = array(
 			gettext("Codename"),
 			gettext("Description"),
-			gettext("URL"),
 			gettext("Metadata Certificate"),
 			gettext("HTTPS CA Certificate"));
 
@@ -139,6 +139,13 @@ if ($_POST) {
 		$input_errors[] = gettext("The codename can only contain letters, digits, and underscores (_).");
 	}
 
+
+        if(!$_POST['metadata'] && $_POST['url'] && !is_URL($_POST['url'])) {
+            $input_errors[] = sprintf(gettext("The metadata URL must be a valid url."), $_POST['url']);
+        } elseif(!($_POST['metadata'] || $_POST['url'])) {
+            $input_errors[] = sprintf(gettext("Metadata URL or content must provided."), $_POST['metadata']);
+        }
+
 	/* save modifications */
 	if (!$input_errors) {
 
@@ -154,6 +161,7 @@ if ($_POST) {
 		$federation['codename'] = $pconfig['codename'];
 		$federation['descr'] = $pconfig['descr'];
 		$federation['url'] = $pconfig['url'];
+		$federation['metadata'] = base64_encode($pconfig['metadata']);
 		$federation['certref'] = $pconfig['certref'];
 
 		if ($_POST['enable'])
@@ -259,7 +267,13 @@ include("head.inc");
 							<td width="22%" valign="top" class="vncellreq"><?=gettext("Metadata URL");?></td>
 							<td width="78%" class="vtable">
 								<input name="url" type="text" class="formfld url" id="url" size="65" value="<?=htmlspecialchars($pconfig['url']);?>" placeholder="https://..." />
-								<br/><?=gettext("");?>
+								<br/><?=gettext("or");?>
+							</td>
+						</tr>
+						<tr>
+							<td width="22%" valign="top" class="vncellreq"><?=gettext("Metadata file content");?></td>
+							<td width="78%" class="vtable">
+								<textarea name="metadata" class="formpre" cols="75" rows="20"><?=htmlspecialchars($pconfig['metadata']);?></textarea>
 							</td>
 						</tr>
 						<tr>
-- 
2.1.1