diff options
author | Lukas Reschke <lukas@statuscode.ch> | 2016-08-10 17:25:25 +0300 |
---|---|---|
committer | Arthur Schiwon <blizzz@arthur-schiwon.de> | 2016-08-17 12:47:14 +0300 |
commit | 157dd1df28283a0b6c52a4caec36ff75b51717cf (patch) | |
tree | b39c3acd193d91667cf7ffe9d79128bb2d5de960 /lib | |
parent | 17b463014f9948dad836161aa618f78a34a21da6 (diff) |
Backport of #29 to stable10
Use new admin page module
Makes this page a single page as implemented in https://github.com/nextcloud/server/pull/796
specify namespace for autoloader
IAdmin is now ISettings
Diffstat (limited to 'lib')
-rw-r--r-- | lib/Settings/Admin.php | 111 | ||||
-rw-r--r-- | lib/Settings/Section.php | 57 | ||||
-rw-r--r-- | lib/controller/settingscontroller.php | 48 |
3 files changed, 168 insertions, 48 deletions
diff --git a/lib/Settings/Admin.php b/lib/Settings/Admin.php new file mode 100644 index 00000000..2143ce8a --- /dev/null +++ b/lib/Settings/Admin.php @@ -0,0 +1,111 @@ +<?php +/** + * @copyright Copyright (c) 2016 Lukas Reschke <lukas@statuscode.ch> + * + * @author Lukas Reschke <lukas@statuscode.ch> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCA\User_SAML\Settings; + +use OCP\AppFramework\Http\TemplateResponse; +use OCP\IL10N; +use OCP\IURLGenerator; +use OCP\Settings\ISettings; + +class Admin implements ISettings { + /** @var IL10N */ + private $l10n; + + /** @var IURLGenerator */ + private $urlGenerator; + + /** + * @param IL10N $l10n + * @param IURLGenerator $urlGenerator + */ + public function __construct(IL10N $l10n, + IURLGenerator $urlGenerator) { + $this->l10n = $l10n; + $this->urlGenerator = $urlGenerator; + } + + /** + * @return TemplateResponse + */ + public function getForm() { + $serviceProviderFields = [ + 'x509cert' => $this->l10n->t('X.509 certificate of the Service Provider'), + 'privateKey' => $this->l10n->t('Private key of the Service Provider'), + ]; + $securityOfferFields = [ + 'nameIdEncrypted' => $this->l10n->t('Indicates that the nameID of the <samlp:logoutRequest> sent by this SP will be encrypted.'), + 'authnRequestsSigned' => $this->l10n->t('Indicates whether the <samlp:AuthnRequest> messages sent by this SP will be signed. [Metadata of the SP will offer this info]'), + 'logoutRequestSigned' => $this->l10n->t('Indicates whether the <samlp:logoutRequest> messages sent by this SP will be signed.'), + 'logoutResponseSigned' => $this->l10n->t('Indicates whether the <samlp:logoutResponse> messages sent by this SP will be signed.'), + 'signMetadata' => $this->l10n->t('Whether the metadata should be signed.'), + ]; + $securityRequiredFields = [ + 'wantMessagesSigned' => $this->l10n->t('Indicates a requirement for the <samlp:Response>, <samlp:LogoutRequest> and <samlp:LogoutResponse> elements received by this SP to be signed.'), + 'wantAssertionsSigned' => $this->l10n->t('Indicates a requirement for the <saml:Assertion> elements received by this SP to be signed. [Metadata of the SP will offer this info]'), + 'wantAssertionsEncrypted' => $this->l10n->t('Indicates a requirement for the <saml:Assertion> elements received by this SP to be encrypted.'), + 'wantNameId' => $this->l10n->t(' Indicates a requirement for the NameID element on the SAMLResponse received by this SP to be present.'), + 'wantNameIdEncrypted' => $this->l10n->t('Indicates a requirement for the NameID received by this SP to be encrypted.'), + 'wantXMLValidation' => $this->l10n->t('Indicates if the SP will validate all received XMLs.'), + ]; + $generalSettings = [ + 'uid_mapping' => [ + 'text' => $this->l10n->t('Attribute to map the UID to.'), + 'type' => 'line', + 'required' => true, + ], + 'require_provisioned_account' => [ + 'text' => $this->l10n->t('Only allow authentication if an account is existent on some other backend. (e.g. LDAP)'), + 'type' => 'checkbox', + ], + ]; + + $params = [ + 'sp' => $serviceProviderFields, + 'security-offer' => $securityOfferFields, + 'security-required' => $securityRequiredFields, + 'general' => $generalSettings, + ]; + + return new TemplateResponse('user_saml', 'admin', $params); + } + + /** + * @return string the section ID, e.g. 'sharing' + */ + public function getSection() { + return 'saml'; + } + + /** + * @return int whether the form should be rather on the top or bottom of + * the admin section. The forms are arranged in ascending order of the + * priority values. It is required to return a value between 0 and 100. + * + * keep the server setting at the top, right after "server settings" + */ + public function getPriority() { + return 0; + } + +} diff --git a/lib/Settings/Section.php b/lib/Settings/Section.php new file mode 100644 index 00000000..085462a7 --- /dev/null +++ b/lib/Settings/Section.php @@ -0,0 +1,57 @@ +<?php +/** + * @copyright Copyright (c) 2016 Lukas Reschke <lukas@statuscode.ch> + * + * @author Lukas Reschke <lukas@statuscode.ch> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCA\User_SAML\Settings; + +use OCP\IL10N; +use OCP\Settings\ISection; + +class Section implements ISection { + /** @var IL10N */ + private $l; + + public function __construct(IL10N $l) { + $this->l = $l; + } + + /** + * {@inheritdoc} + */ + public function getID() { + return 'saml'; + } + + /** + * {@inheritdoc} + */ + public function getName() { + return $this->l->t('SAML authentication'); + } + + /** + * {@inheritdoc} + */ + public function getPriority() { + return 75; + } +} diff --git a/lib/controller/settingscontroller.php b/lib/controller/settingscontroller.php index cf06f837..8ec6ce22 100644 --- a/lib/controller/settingscontroller.php +++ b/lib/controller/settingscontroller.php @@ -21,13 +21,10 @@ namespace OCA\User_SAML\Controller; -use OCA\User_SAML\SAMLSettings; use OCP\AppFramework\Controller; use OCP\AppFramework\Http; use OCP\IL10N; use OCP\IRequest; -use OCP\ISession; -use OCP\IUserSession; class SettingsController extends Controller { /** @var IL10N */ @@ -52,49 +49,4 @@ class SettingsController extends Controller { return new Http\TemplateResponse($this->appName, 'personal', [], 'blank'); } - /** - * @return Http\TemplateResponse - */ - public function displayAdminPanel() { - $serviceProviderFields = [ - 'x509cert' => $this->l10n->t('X.509 certificate of the Service Provider'), - 'privateKey' => $this->l10n->t('Private key of the Service Provider'), - ]; - $securityOfferFields = [ - 'nameIdEncrypted' => $this->l10n->t('Indicates that the nameID of the <samlp:logoutRequest> sent by this SP will be encrypted.'), - 'authnRequestsSigned' => $this->l10n->t('Indicates whether the <samlp:AuthnRequest> messages sent by this SP will be signed. [Metadata of the SP will offer this info]'), - 'logoutRequestSigned' => $this->l10n->t('Indicates whether the <samlp:logoutRequest> messages sent by this SP will be signed.'), - 'logoutResponseSigned' => $this->l10n->t('Indicates whether the <samlp:logoutResponse> messages sent by this SP will be signed.'), - 'signMetadata' => $this->l10n->t('Whether the metadata should be signed.'), - ]; - $securityRequiredFields = [ - 'wantMessagesSigned' => $this->l10n->t('Indicates a requirement for the <samlp:Response>, <samlp:LogoutRequest> and <samlp:LogoutResponse> elements received by this SP to be signed.'), - 'wantAssertionsSigned' => $this->l10n->t('Indicates a requirement for the <saml:Assertion> elements received by this SP to be signed. [Metadata of the SP will offer this info]'), - 'wantAssertionsEncrypted' => $this->l10n->t('Indicates a requirement for the <saml:Assertion> elements received by this SP to be encrypted.'), - 'wantNameId' => $this->l10n->t(' Indicates a requirement for the NameID element on the SAMLResponse received by this SP to be present.'), - 'wantNameIdEncrypted' => $this->l10n->t('Indicates a requirement for the NameID received by this SP to be encrypted.'), - 'wantXMLValidation' => $this->l10n->t('Indicates if the SP will validate all received XMLs.'), - ]; - $generalSettings = [ - 'uid_mapping' => [ - 'text' => $this->l10n->t('Attribute to map the UID to.'), - 'type' => 'line', - 'required' => true, - ], - 'require_provisioned_account' => [ - 'text' => $this->l10n->t('Only allow authentication if an account is existent on some other backend. (e.g. LDAP)'), - 'type' => 'checkbox', - ], - ]; - - $params = [ - 'sp' => $serviceProviderFields, - 'security-offer' => $securityOfferFields, - 'security-required' => $securityRequiredFields, - 'general' => $generalSettings, - ]; - - return new Http\TemplateResponse($this->appName, 'admin', $params, 'blank'); - } - } |