You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 

120 lines
3.9 KiB

<?php
/**
* @copyright Copyright (c) 2018 Julius Härtl <jus@bitgrid.net>
*
* @author Julius Härtl <jus@bitgrid.net>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCA\User_SAML\Controller;
use OCA\User_SAML\Settings\Admin;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http\Response;
use OCP\IConfig;
use OCP\IRequest;
class SettingsController extends Controller {
/** @var IConfig */
private $config;
/** @var Admin */
private $admin;
public function __construct($appName,
IRequest $request,
IConfig $config,
Admin $admin) {
parent::__construct($appName, $request);
$this->config = $config;
$this->admin = $admin;
}
/**
* @param $providerId
* @return array of categories containing entries for each config parameter with their value
*/
public function getSamlProviderSettings($providerId) {
/**
* This uses the list of available config parameters from the admin section
* and extends it with fields that are not coming from \OCA\User_SAML\Settings\Admin
*/
$params = $this->admin->getForm()->getParams();
$params['idp'] = [
'singleLogoutService.url' => ['required' => false],
'singleLogoutService.responseUrl' => ['required' => false],
'singleSignOnService.url' => ['required' => false],
'entityId' => ['required' => false],
'x509cert' => ['required' => false],
];
/* Fetch all config values for the given providerId */
$settings = [];
foreach ($params as $category => $content) {
if (empty($content) || $category === 'providers' || $category === 'type') {
continue;
}
foreach ($content as $setting => $details) {
$prefix = $providerId === '1' ? '' : $providerId . '-';
/* use security as category instead of security-* */
if (strpos($category, 'security-') === 0) {
$category = 'security';
}
// make sure we properly fetch the attribute mapping
// as this is the only category that has the saml- prefix on config keys
if (strpos($category, 'attribute-mapping') === 0) {
$category = 'attribute-mapping';
$key = $prefix . 'saml-attribute-mapping' . '-' . $setting;
} else {
$key = $prefix . $category . '-' . $setting;
}
$settings[$category][$setting] = $this->config->getAppValue('user_saml', $key, '');
}
}
return $settings;
}
public function deleteSamlProviderSettings($providerId) {
$params = $this->admin->getForm()->getParams();
$params['idp'] = [
'singleLogoutService.url' => null,
'singleLogoutService.responseUrl' => null,
'singleSignOnService.url' => null,
'idp-entityId' => null,
];
/* Fetch all config values for the given providerId */
foreach ($params as $category => $content) {
if (!is_array($content) || $category === 'providers') {
continue;
}
foreach ($content as $setting => $details) {
if (isset($details['global']) && $details['global'] === true) {
continue;
}
$prefix = $providerId === '1' ? '' : $providerId . '-';
$key = $prefix . $category . '-' . $setting;
/* use security as category instead of security-* */
if (strpos($category, 'security-') === 0) {
$category = 'security';
}
$this->config->deleteAppValue('user_saml', $key);
}
}
return new Response();
}
}