mirror of
https://github.com/netzbegruenung/user_saml.git
synced 2024-05-05 18:43:40 +02:00
Add setting to specify a different signature algorithm
Signed-off-by: Julius Härtl <jus@bitgrid.net>
This commit is contained in:
parent
02f87b6333
commit
e75809a5f7
12
js/admin.js
12
js/admin.js
|
@ -322,6 +322,18 @@ $(function() {
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
$('#user-saml-security input[type="text"], #user-saml-security textarea').change(function(e) {
|
||||||
|
var el = $(this);
|
||||||
|
$.when(el.focusout()).then(function() {
|
||||||
|
var key = $(this).attr('name');
|
||||||
|
OCA.User_SAML.Admin.setSamlConfigValue('security', key, $(this).val());
|
||||||
|
});
|
||||||
|
if (e.keyCode === 13) {
|
||||||
|
var key = $(this).attr('name');
|
||||||
|
OCA.User_SAML.Admin.setSamlConfigValue('security', key, $(this).val());
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
$('#user-saml-attribute-mapping input[type="text"], #user-saml-attribute-mapping textarea').change(function(e) {
|
$('#user-saml-attribute-mapping input[type="text"], #user-saml-attribute-mapping textarea').change(function(e) {
|
||||||
var el = $(this);
|
var el = $(this);
|
||||||
$.when(el.focusout()).then(function() {
|
$.when(el.focusout()).then(function() {
|
||||||
|
|
|
@ -119,6 +119,7 @@ class SAMLSettings {
|
||||||
'wantXMLValidation' => ($this->config->getAppValue('user_saml', $prefix . 'security-wantXMLValidation', '0') === '1') ? true : false,
|
'wantXMLValidation' => ($this->config->getAppValue('user_saml', $prefix . 'security-wantXMLValidation', '0') === '1') ? true : false,
|
||||||
'requestedAuthnContext' => false,
|
'requestedAuthnContext' => false,
|
||||||
'lowercaseUrlencoding' => ($this->config->getAppValue('user_saml', $prefix . 'security-lowercaseUrlencoding', '0') === '1') ? true : false,
|
'lowercaseUrlencoding' => ($this->config->getAppValue('user_saml', $prefix . 'security-lowercaseUrlencoding', '0') === '1') ? true : false,
|
||||||
|
'signatureAlgorithm' => $this->config->getAppValue('user_saml', $prefix . 'security-signatureAlgorithm', null)
|
||||||
],
|
],
|
||||||
'sp' => [
|
'sp' => [
|
||||||
'entityId' => $this->urlGenerator->linkToRouteAbsolute('user_saml.SAML.getMetadata'),
|
'entityId' => $this->urlGenerator->linkToRouteAbsolute('user_saml.SAML.getMetadata'),
|
||||||
|
|
|
@ -75,7 +75,7 @@ class Admin implements ISettings {
|
||||||
'authnRequestsSigned' => $this->l10n->t('Indicates whether the <samlp:AuthnRequest> messages sent by this SP will be signed. [Metadata of the SP will offer this info]'),
|
'authnRequestsSigned' => $this->l10n->t('Indicates whether the <samlp:AuthnRequest> messages sent by this SP will be signed. [Metadata of the SP will offer this info]'),
|
||||||
'logoutRequestSigned' => $this->l10n->t('Indicates whether the <samlp:logoutRequest> messages sent by this SP will be signed.'),
|
'logoutRequestSigned' => $this->l10n->t('Indicates whether the <samlp:logoutRequest> messages sent by this SP will be signed.'),
|
||||||
'logoutResponseSigned' => $this->l10n->t('Indicates whether the <samlp:logoutResponse> messages sent by this SP will be signed.'),
|
'logoutResponseSigned' => $this->l10n->t('Indicates whether the <samlp:logoutResponse> messages sent by this SP will be signed.'),
|
||||||
'signMetadata' => $this->l10n->t('Whether the metadata should be signed.'),
|
'signMetadata' => $this->l10n->t('Whether the metadata should be signed.')
|
||||||
];
|
];
|
||||||
$securityRequiredFields = [
|
$securityRequiredFields = [
|
||||||
'wantMessagesSigned' => $this->l10n->t('Indicates a requirement for the <samlp:Response>, <samlp:LogoutRequest> and <samlp:LogoutResponse> elements received by this SP to be signed.'),
|
'wantMessagesSigned' => $this->l10n->t('Indicates a requirement for the <samlp:Response>, <samlp:LogoutRequest> and <samlp:LogoutResponse> elements received by this SP to be signed.'),
|
||||||
|
@ -87,6 +87,10 @@ class Admin implements ISettings {
|
||||||
];
|
];
|
||||||
$securityGeneral = [
|
$securityGeneral = [
|
||||||
'lowercaseUrlencoding' => $this->l10n->t('ADFS URL-Encodes SAML data as lowercase, and the toolkit by default uses uppercase. Enable for ADFS compatibility on signature verification.'),
|
'lowercaseUrlencoding' => $this->l10n->t('ADFS URL-Encodes SAML data as lowercase, and the toolkit by default uses uppercase. Enable for ADFS compatibility on signature verification.'),
|
||||||
|
'signatureAlgorithm' => [
|
||||||
|
'type' => 'line',
|
||||||
|
'text' => $this->l10n->t('Algorithm that the toolkit will use on signing process.')
|
||||||
|
]
|
||||||
];
|
];
|
||||||
$generalSettings = [
|
$generalSettings = [
|
||||||
'uid_mapping' => [
|
'uid_mapping' => [
|
||||||
|
|
|
@ -177,11 +177,20 @@ style('user_saml', 'admin');
|
||||||
</p>
|
</p>
|
||||||
<?php endforeach; ?>
|
<?php endforeach; ?>
|
||||||
<h4><?php p($l->t('General')) ?></h4>
|
<h4><?php p($l->t('General')) ?></h4>
|
||||||
<?php foreach($_['security-general'] as $key => $text): ?>
|
<?php foreach($_['security-general'] as $key => $attribute): ?>
|
||||||
<p>
|
<?php if (is_array($attribute) && $attribute['type'] === 'line') { ?>
|
||||||
<input type="checkbox" id="user-saml-<?php p($key)?>" name="<?php p($key)?>" value="<?php p(\OC::$server->getConfig()->getAppValue('user_saml', 'security-'.$key, '0')) ?>" class="checkbox">
|
<?php $text = $attribute['text'] ?>
|
||||||
<label for="user-saml-<?php p($key)?>"><?php p($text) ?></label>
|
<p>
|
||||||
</p>
|
<label><?php p($attribute['text']) ?></label><br />
|
||||||
|
<input data-key="<?php p($key)?>" name="<?php p($key) ?>" value="<?php p(\OC::$server->getConfig()->getAppValue('user_saml', 'security-'.$key, '')) ?>" type="text" <?php if(isset($attribute['required']) && $attribute['required'] === true): ?>class="required"<?php endif;?> placeholder="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
|
||||||
|
</p>
|
||||||
|
<?php } else { ?>
|
||||||
|
<?php $text = $attribute ?>
|
||||||
|
<p>
|
||||||
|
<input type="checkbox" id="user-saml-<?php p($key)?>" name="<?php p($key)?>" value="<?php p(\OC::$server->getConfig()->getAppValue('user_saml', 'security-'.$key, '0')) ?>" class="checkbox">
|
||||||
|
<label for="user-saml-<?php p($key)?>"><?php p($text) ?></label><br/>
|
||||||
|
</p>
|
||||||
|
<?php } ?>
|
||||||
<?php endforeach; ?>
|
<?php endforeach; ?>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -80,6 +80,10 @@ class AdminTest extends \Test\TestCase {
|
||||||
];
|
];
|
||||||
$securityGeneral = [
|
$securityGeneral = [
|
||||||
'lowercaseUrlencoding' => 'ADFS URL-Encodes SAML data as lowercase, and the toolkit by default uses uppercase. Enable for ADFS compatibility on signature verification.',
|
'lowercaseUrlencoding' => 'ADFS URL-Encodes SAML data as lowercase, and the toolkit by default uses uppercase. Enable for ADFS compatibility on signature verification.',
|
||||||
|
'signatureAlgorithm' => [
|
||||||
|
'type' => 'line',
|
||||||
|
'text' => 'Algorithm that the toolkit will use on signing process.'
|
||||||
|
]
|
||||||
];
|
];
|
||||||
$generalSettings = [
|
$generalSettings = [
|
||||||
'idp0_display_name' => [
|
'idp0_display_name' => [
|
||||||
|
|
Loading…
Reference in a new issue