diff options
| author | Joram Wilander <jwawilander@gmail.com> | 2017-03-13 08:26:23 -0400 |
|---|---|---|
| committer | George Goldberg <george@gberg.me> | 2017-03-13 12:26:23 +0000 |
| commit | 3559fb7959cf008b038239f2e7c43e604c44cd31 (patch) | |
| tree | 159fdbb16a169926e0d142aa17d6086fcded62c4 /app/saml.go | |
| parent | fe38d6d5bb36e18ddefbe490cc21f48f4f4c8d81 (diff) | |
| download | chat-3559fb7959cf008b038239f2e7c43e604c44cd31.tar.gz chat-3559fb7959cf008b038239f2e7c43e604c44cd31.tar.bz2 chat-3559fb7959cf008b038239f2e7c43e604c44cd31.zip | |
Implement SAML endpoints for APIv4 (#5671)
* Implement SAML endpoints for APIv4
* Fix unit test
* Only disable encryption when removing puplic/private certs
Diffstat (limited to 'app/saml.go')
| -rw-r--r-- | app/saml.go | 143 |
1 files changed, 132 insertions, 11 deletions
diff --git a/app/saml.go b/app/saml.go index cc39d4540..444214302 100644 --- a/app/saml.go +++ b/app/saml.go @@ -16,21 +16,19 @@ import ( func GetSamlMetadata() (string, *model.AppError) { samlInterface := einterfaces.GetSamlInterface() - if samlInterface == nil { - err := model.NewLocAppError("GetSamlMetadata", "api.admin.saml.not_available.app_error", nil, "") - err.StatusCode = http.StatusNotImplemented + err := model.NewAppError("GetSamlMetadata", "api.admin.saml.not_available.app_error", nil, "", http.StatusNotImplemented) return "", err } if result, err := samlInterface.GetMetadata(); err != nil { - return "", model.NewLocAppError("GetSamlMetadata", "api.admin.saml.metadata.app_error", nil, "err="+err.Message) + return "", model.NewAppError("GetSamlMetadata", "api.admin.saml.metadata.app_error", nil, "err="+err.Message, http.StatusInternalServerError) } else { return result, nil } } -func AddSamlCertificate(fileData *multipart.FileHeader) *model.AppError { +func WriteSamlFile(fileData *multipart.FileHeader) *model.AppError { file, err := fileData.Open() defer file.Close() if err != nil { @@ -47,7 +45,67 @@ func AddSamlCertificate(fileData *multipart.FileHeader) *model.AppError { return nil } -func RemoveSamlCertificate(filename string) *model.AppError { +func AddSamlPublicCertificate(fileData *multipart.FileHeader) *model.AppError { + if err := WriteSamlFile(fileData); err != nil { + return err + } + + cfg := &model.Config{} + *cfg = *utils.Cfg + + *cfg.SamlSettings.PublicCertificateFile = fileData.Filename + + if err := cfg.IsValid(); err != nil { + return err + } + + utils.SaveConfig(utils.CfgFileName, cfg) + utils.LoadConfig(utils.CfgFileName) + + return nil +} + +func AddSamlPrivateCertificate(fileData *multipart.FileHeader) *model.AppError { + if err := WriteSamlFile(fileData); err != nil { + return err + } + + cfg := &model.Config{} + *cfg = *utils.Cfg + + *cfg.SamlSettings.PrivateKeyFile = fileData.Filename + + if err := cfg.IsValid(); err != nil { + return err + } + + utils.SaveConfig(utils.CfgFileName, cfg) + utils.LoadConfig(utils.CfgFileName) + + return nil +} + +func AddSamlIdpCertificate(fileData *multipart.FileHeader) *model.AppError { + if err := WriteSamlFile(fileData); err != nil { + return err + } + + cfg := &model.Config{} + *cfg = *utils.Cfg + + *cfg.SamlSettings.IdpCertificateFile = fileData.Filename + + if err := cfg.IsValid(); err != nil { + return err + } + + utils.SaveConfig(utils.CfgFileName, cfg) + utils.LoadConfig(utils.CfgFileName) + + return nil +} + +func RemoveSamlFile(filename string) *model.AppError { if err := os.Remove(utils.FindConfigFile(filename)); err != nil { return model.NewLocAppError("removeCertificate", "api.admin.remove_certificate.delete.app_error", map[string]interface{}{"Filename": filename}, err.Error()) @@ -56,12 +114,75 @@ func RemoveSamlCertificate(filename string) *model.AppError { return nil } -func GetSamlCertificateStatus() map[string]interface{} { - status := make(map[string]interface{}) +func RemoveSamlPublicCertificate() *model.AppError { + if err := RemoveSamlFile(*utils.Cfg.SamlSettings.PublicCertificateFile); err != nil { + return err + } + + cfg := &model.Config{} + *cfg = *utils.Cfg + + *cfg.SamlSettings.PublicCertificateFile = "" + *cfg.SamlSettings.Encrypt = false + + if err := cfg.IsValid(); err != nil { + return err + } + + utils.SaveConfig(utils.CfgFileName, cfg) + utils.LoadConfig(utils.CfgFileName) + + return nil +} + +func RemoveSamlPrivateCertificate() *model.AppError { + if err := RemoveSamlFile(*utils.Cfg.SamlSettings.PrivateKeyFile); err != nil { + return err + } + + cfg := &model.Config{} + *cfg = *utils.Cfg + + *cfg.SamlSettings.PrivateKeyFile = "" + *cfg.SamlSettings.Encrypt = false + + if err := cfg.IsValid(); err != nil { + return err + } + + utils.SaveConfig(utils.CfgFileName, cfg) + utils.LoadConfig(utils.CfgFileName) + + return nil +} + +func RemoveSamlIdpCertificate() *model.AppError { + if err := RemoveSamlFile(*utils.Cfg.SamlSettings.IdpCertificateFile); err != nil { + return err + } + + cfg := &model.Config{} + *cfg = *utils.Cfg + + *cfg.SamlSettings.IdpCertificateFile = "" + *cfg.SamlSettings.Enable = false + + if err := cfg.IsValid(); err != nil { + return err + } + + utils.SaveConfig(utils.CfgFileName, cfg) + utils.LoadConfig(utils.CfgFileName) + + return nil +} + +func GetSamlCertificateStatus() *model.SamlCertificateStatus { + status := &model.SamlCertificateStatus{} - status["IdpCertificateFile"] = utils.FileExistsInConfigFolder(*utils.Cfg.SamlSettings.IdpCertificateFile) - status["PrivateKeyFile"] = utils.FileExistsInConfigFolder(*utils.Cfg.SamlSettings.PrivateKeyFile) - status["PublicCertificateFile"] = utils.FileExistsInConfigFolder(*utils.Cfg.SamlSettings.PublicCertificateFile) + status.IdpCertificateFile = utils.FileExistsInConfigFolder(*utils.Cfg.SamlSettings.IdpCertificateFile) + status.PrivateKeyFile = utils.FileExistsInConfigFolder(*utils.Cfg.SamlSettings.PrivateKeyFile) + status.PublicCertificateFile = utils.FileExistsInConfigFolder(*utils.Cfg.SamlSettings.PublicCertificateFile) return status } |