full control over multiple SPs blocks

conf/manager.conf.in

@@ -11,12 +11,23 @@ templates_dir = @templatesdir@
 templates_theme = edugain
 accounts_file = /var/lib/access-check/accounts.php
 
-[federations]
-list = edugain
+[groups]
+list = self, renater, edugain
+
+[self]
+type = organization
+label = my own organization
+
+[renater]
+type = metadata
+file = /var/lib/access-check/renater.xml
+label = fédération Education-Recherche
 
 [edugain]
-metadata = /var/lib/access-check/edugain.xml
+type = link
+url = https://access-check.edugain.org
 label = eduGAIN
+message = eduGAIN Access Check
 
 [logger]
 file = /var/log/access-check/manager.log

lib/AccountManager/App.pm

@@ -112,7 +112,7 @@ sub new {
         );
     }
 
-    if (!$self->{configuration}->{federations}->{list}) {
+    if (!$self->{configuration}->{groups}->{list}) {
         $self->{logger}->fatal(
             "No federations defined in configuration, aborting"
         );
@@ -202,8 +202,6 @@ sub respond {
         $theme_templates_dir  :
         $default_templates_dir;
 
-    $Template::Stash::PRIVATE = undef;
-
     my $tt2 = Template->new({
         ENCODING     => 'utf8',
         PRE_CHOMP    => CHOMP_ONE,
@@ -255,18 +253,17 @@ sub req_select_sp {
     $self->check_authentication(action => 'select_sp')
         if $self->{configuration}->{app}->{login_url};
 
-    my @federations = split(/, */, $self->{configuration}->{federations}->{list});
-
     my @groups;
-    my @self_entities;
-    foreach my $federation (@federations) {
-        if ($self->{configuration}->{$federation}->{metadata}) {
-            my $file = $self->get_metadata_file(federation => $federation);
+    my @organization_entities;
+
+    foreach my $id (split(/, */, $self->{configuration}->{groups}->{list})) {
+        my $spec = $self->{configuration}->{$id};
+        if ($spec->{type} eq 'metadata') {
 
             my $metadata;
             eval {
                 $metadata = AccountManager::Metadata->new(
-                    file => $file
+                    file => $spec->{file}
                 );
             };
             $self->abort(
@@ -276,13 +273,14 @@ sub req_select_sp {
 
             my $entities = $metadata->parse(type => 'sp');
             push @groups, {
-                id       => $federation,
-                label    => $self->{configuration}->{$federation}->{label},
+                id       => $id,
+                label    => $spec->{label},
+                type     => 'list',
                 entities => [
                     map { {
                         id         => $_->{entityid},
                         name       => $_->{display_name},
-                        federation => $federation
+                        federation => $id
                      } } @$entities
                 ]
             };
@@ -297,36 +295,37 @@ sub req_select_sp {
                     $self->{logger}->debugf(
                         "idp %s found in federation %s metadata with organization %s",
                         $ENV{HTTP_SHIB_IDENTITY_PROVIDER},
-                        $federation,
+                        $id,
                         $organization
                     );
-                    push @self_entities,
+                    push @organization_entities,
                         map { {
                             id         => $_->{entityid},
                             name       => $_->{display_name},
-                            federation => $federation
+                            federation => $id
                         } }
                         grep { $_->{organization} eq $organization }
                         @$entities;
                 }
             }
-        } elsif ($self->{configuration}->{$federation}->{link}) {
+        } elsif ($spec->{type} eq 'organization') {
+            push @groups, {
+                id       => $id,
+                label    => $spec->{label},
+                type     => 'list',
+                entities => \@organization_entities,
+            };
+        } elsif ($spec->{type} eq 'link') {
             push @groups, {
-                id    => $federation,
-                label => $self->{configuration}->{$federation}->{label},
-                link  => $self->{configuration}->{$federation}->{link},
+                id      => $id,
+                label   => $spec->{label},
+                type    => 'link',
+                url     => $spec->{url},
+                message => $spec->{message},
             };
         }
     }
 
-    if (@self_entities) {
-        unshift @groups, {
-            id       => '_self',
-            label    => $self->{lh}->maketext("My organization"),
-            entities => \@self_entities,
-        };
-    }
-
     $self->respond(
         template => 'select_sp.tt2.html',
         data     => {

templates/web/edugain/select_sp.tt2.html

@@ -15,22 +15,22 @@
             [% lh.maketext("You must be an administrator of that service to continue afterwards.") %]
         </p>
 
-        [% FOREACH group IN groups() %]
+[% FOREACH group IN groups() %]
         <fieldset>
-            [% IF group.entities %]
             <legend>[% group.label %]</legend>
+    [% SWITCH group.type %]
+        [% CASE 'list' %]
             <select id="[% group.id %]" name="[% group.id %]">
                 <option value=""></option>
             [% FOREACH entity IN group.entities.sort('name') %]
                 <option value="[% entity.id %]" data-federation="[% entity.federation %]">[% entity.name %]</option>
             [% END %]
             </select>
-            [% END %]
-            [% IF group.link %]
-            <a class="button" href="[% group.link %]">[% group.label %]</a>
-            [% END %]
+        [% CASE 'link' %]
+            <a class="button" href="[% group.url %]">[% group.label %]</a>
+    [% END %]
         </fieldset>
-        [% END %]
+[% END %]
         <input type="hidden" id="federation" name="federation"/>
         <input type="hidden" id="entityid" name="entityid"/>
 

templates/web/renater/select_sp.tt2.html

@@ -15,22 +15,22 @@
             [% lh.maketext("You must be an administrator of that service to continue afterwards.") %]
         </p>
 
-        [% FOREACH group IN groups %]
+[% FOREACH group IN groups %]
         <fieldset>
-            [% IF group.entities %]
             <legend>[% group.label %]</legend>
+    [% SWITCH group.type %]
+        [% CASE 'list' %]
             <select id="[% group.id %]" name="[% group.id %]">
                 <option value=""></option>
                 [% FOREACH entity IN group.entities.sort('name') %]
                 <option value="[% entity.id %]" data-federation="[% entity.federation %]">[% entity.name %]</option>
                 [% END %]
             </select>
-            [% END %]
-            [% IF group.link %]
-            <a class="button" href="[% group.link %]">[% group.label %]</a>
-            [% END %]
+        [% CASE 'link' %]
+            <a class="button" href="[% group.url %]">[% group.message %]</a>
+    [% END %]
         </fieldset>
-        [% END %]
+[% END %]
         <input type="hidden" id="federation" name="federation"/>
         <input type="hidden" id="entityid" name="entityid"/>