diff options
| -rw-r--r-- | js/admin.js | 12 | ||||
| -rw-r--r-- | lib/SAMLSettings.php | 1 | ||||
| -rw-r--r-- | lib/Settings/Admin.php | 6 | ||||
| -rw-r--r-- | templates/admin.php | 19 | ||||
| -rw-r--r-- | tests/unit/Settings/AdminTest.php | 4 |
5 files changed, 36 insertions, 6 deletions
diff --git a/js/admin.js b/js/admin.js index 5952f4c8..c932053b 100644 --- a/js/admin.js +++ b/js/admin.js @@ -322,6 +322,18 @@ $(function() { }); }); + $('#user-saml-security input[type="text"], #user-saml-security textarea').change(function(e) { + var el = $(this); + $.when(el.focusout()).then(function() { + var key = $(this).attr('name'); + OCA.User_SAML.Admin.setSamlConfigValue('security', key, $(this).val()); + }); + if (e.keyCode === 13) { + var key = $(this).attr('name'); + OCA.User_SAML.Admin.setSamlConfigValue('security', key, $(this).val()); + } + }); + $('#user-saml-attribute-mapping input[type="text"], #user-saml-attribute-mapping textarea').change(function(e) { var el = $(this); $.when(el.focusout()).then(function() { diff --git a/lib/SAMLSettings.php b/lib/SAMLSettings.php index 0cde99a6..cee5f092 100644 --- a/lib/SAMLSettings.php +++ b/lib/SAMLSettings.php @@ -119,6 +119,7 @@ class SAMLSettings { 'wantXMLValidation' => ($this->config->getAppValue('user_saml', $prefix . 'security-wantXMLValidation', '0') === '1') ? true : false, 'requestedAuthnContext' => false, 'lowercaseUrlencoding' => ($this->config->getAppValue('user_saml', $prefix . 'security-lowercaseUrlencoding', '0') === '1') ? true : false, + 'signatureAlgorithm' => $this->config->getAppValue('user_saml', $prefix . 'security-signatureAlgorithm', null) ], 'sp' => [ 'entityId' => $this->urlGenerator->linkToRouteAbsolute('user_saml.SAML.getMetadata'), diff --git a/lib/Settings/Admin.php b/lib/Settings/Admin.php index 33771480..6a7cf874 100644 --- a/lib/Settings/Admin.php +++ b/lib/Settings/Admin.php @@ -75,7 +75,7 @@ class Admin implements ISettings { 'authnRequestsSigned' => $this->l10n->t('Indicates whether the <samlp:AuthnRequest> messages sent by this SP will be signed. [Metadata of the SP will offer this info]'), 'logoutRequestSigned' => $this->l10n->t('Indicates whether the <samlp:logoutRequest> messages sent by this SP will be signed.'), 'logoutResponseSigned' => $this->l10n->t('Indicates whether the <samlp:logoutResponse> messages sent by this SP will be signed.'), - 'signMetadata' => $this->l10n->t('Whether the metadata should be signed.'), + 'signMetadata' => $this->l10n->t('Whether the metadata should be signed.') ]; $securityRequiredFields = [ 'wantMessagesSigned' => $this->l10n->t('Indicates a requirement for the <samlp:Response>, <samlp:LogoutRequest> and <samlp:LogoutResponse> elements received by this SP to be signed.'), @@ -87,6 +87,10 @@ class Admin implements ISettings { ]; $securityGeneral = [ 'lowercaseUrlencoding' => $this->l10n->t('ADFS URL-Encodes SAML data as lowercase, and the toolkit by default uses uppercase. Enable for ADFS compatibility on signature verification.'), + 'signatureAlgorithm' => [ + 'type' => 'line', + 'text' => $this->l10n->t('Algorithm that the toolkit will use on signing process.') + ] ]; $generalSettings = [ 'uid_mapping' => [ diff --git a/templates/admin.php b/templates/admin.php index 562c86c3..2745322f 100644 --- a/templates/admin.php +++ b/templates/admin.php @@ -177,11 +177,20 @@ style('user_saml', 'admin'); </p> <?php endforeach; ?> <h4><?php p($l->t('General')) ?></h4> - <?php foreach($_['security-general'] as $key => $text): ?> - <p> - <input type="checkbox" id="user-saml-<?php p($key)?>" name="<?php p($key)?>" value="<?php p(\OC::$server->getConfig()->getAppValue('user_saml', 'security-'.$key, '0')) ?>" class="checkbox"> - <label for="user-saml-<?php p($key)?>"><?php p($text) ?></label> - </p> + <?php foreach($_['security-general'] as $key => $attribute): ?> + <?php if (is_array($attribute) && $attribute['type'] === 'line') { ?> + <?php $text = $attribute['text'] ?> + <p> + <label><?php p($attribute['text']) ?></label><br /> + <input data-key="<?php p($key)?>" name="<?php p($key) ?>" value="<?php p(\OC::$server->getConfig()->getAppValue('user_saml', 'security-'.$key, '')) ?>" type="text" <?php if(isset($attribute['required']) && $attribute['required'] === true): ?>class="required"<?php endif;?> placeholder="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> + </p> + <?php } else { ?> + <?php $text = $attribute ?> + <p> + <input type="checkbox" id="user-saml-<?php p($key)?>" name="<?php p($key)?>" value="<?php p(\OC::$server->getConfig()->getAppValue('user_saml', 'security-'.$key, '0')) ?>" class="checkbox"> + <label for="user-saml-<?php p($key)?>"><?php p($text) ?></label><br/> + </p> + <?php } ?> <?php endforeach; ?> </div> </div> diff --git a/tests/unit/Settings/AdminTest.php b/tests/unit/Settings/AdminTest.php index e061de59..38e3126f 100644 --- a/tests/unit/Settings/AdminTest.php +++ b/tests/unit/Settings/AdminTest.php @@ -80,6 +80,10 @@ class AdminTest extends \Test\TestCase { ]; $securityGeneral = [ 'lowercaseUrlencoding' => 'ADFS URL-Encodes SAML data as lowercase, and the toolkit by default uses uppercase. Enable for ADFS compatibility on signature verification.', + 'signatureAlgorithm' => [ + 'type' => 'line', + 'text' => 'Algorithm that the toolkit will use on signing process.' + ] ]; $generalSettings = [ 'idp0_display_name' => [ |