From 574fb1aa3911ed6b6a97c59821694b800da82dc4 Mon Sep 17 00:00:00 2001
From: Guillaume Rousse <guillaume.rousse@renater.fr>
Date: Thu, 6 Dec 2018 09:27:25 +0100
Subject: [PATCH] allow to link another eAC instance for a given federation
---
lib/AccountManager/App.pm | 87 +++++++++++++-----------
templates/web/renater/select_sp.tt2.html | 9 ++-
2 files changed, 54 insertions(+), 42 deletions(-)
diff --git a/lib/AccountManager/App.pm b/lib/AccountManager/App.pm
index 9b9769b..ac22f70 100644
--- a/lib/AccountManager/App.pm
+++ b/lib/AccountManager/App.pm
@@ -260,53 +260,60 @@ sub req_select_sp {
my %groups;
my @self_entities;
foreach my $federation (@federations) {
- my $file = $self->get_metadata_file(federation => $federation);
-
- my $metadata;
- eval {
- $metadata = AccountManager::Metadata->new(
- file => $file
- );
- };
- $self->abort(
- log => "Failed to load federation metadata: $EVAL_ERROR",
- user => "internal"
- ) if $EVAL_ERROR;
-
- my $entities = $metadata->parse(type => 'sp');
- $groups{$federation} = {
- label => $self->{configuration}->{$federation}->{label},
- entities => [
- map { {
- id => $_->{entityid},
- name => $_->{display_name},
- federation => $federation
- } } @$entities
- ]
- };
+ if ($self->{configuration}->{$federation}->{metadata}) {
+ my $file = $self->get_metadata_file(federation => $federation);
- # if user is authenticated, and its IdP is found in metadata,
- # push all entities with the same organization URL in a list
- if ($ENV{HTTP_SHIB_IDENTITY_PROVIDER}) {
- my $idps = $metadata->parse(id => $ENV{HTTP_SHIB_IDENTITY_PROVIDER});
- my $idp = $idps->[0];
- if ($idp) {
- my $organization = $idp->{organization};
- $self->{logger}->debugf(
- "idp %s found in federation %s metadata with organization %s",
- $ENV{HTTP_SHIB_IDENTITY_PROVIDER},
- $federation,
- $organization
+ my $metadata;
+ eval {
+ $metadata = AccountManager::Metadata->new(
+ file => $file
);
- push @self_entities,
+ };
+ $self->abort(
+ log => "Failed to load federation metadata: $EVAL_ERROR",
+ user => "internal"
+ ) if $EVAL_ERROR;
+
+ my $entities = $metadata->parse(type => 'sp');
+ $groups{$federation} = {
+ label => $self->{configuration}->{$federation}->{label},
+ entities => [
map { {
id => $_->{entityid},
name => $_->{display_name},
federation => $federation
- } }
- grep { $_->{organization} eq $organization }
- @$entities;
+ } } @$entities
+ ]
+ };
+
+ # if user is authenticated, and its IdP is found in metadata,
+ # push all entities with the same organization URL in a list
+ if ($ENV{HTTP_SHIB_IDENTITY_PROVIDER}) {
+ my $idps = $metadata->parse(id => $ENV{HTTP_SHIB_IDENTITY_PROVIDER});
+ my $idp = $idps->[0];
+ if ($idp) {
+ my $organization = $idp->{organization};
+ $self->{logger}->debugf(
+ "idp %s found in federation %s metadata with organization %s",
+ $ENV{HTTP_SHIB_IDENTITY_PROVIDER},
+ $federation,
+ $organization
+ );
+ push @self_entities,
+ map { {
+ id => $_->{entityid},
+ name => $_->{display_name},
+ federation => $federation
+ } }
+ grep { $_->{organization} eq $organization }
+ @$entities;
+ }
}
+ } elsif ($self->{configuration}->{$federation}->{link}) {
+ $groups{$federation} = {
+ label => $self->{configuration}->{$federation}->{label},
+ link => $self->{configuration}->{$federation}->{link},
+ };
}
}
diff --git a/templates/web/renater/select_sp.tt2.html b/templates/web/renater/select_sp.tt2.html
index 8bde0d2..0b318ca 100644
--- a/templates/web/renater/select_sp.tt2.html
+++ b/templates/web/renater/select_sp.tt2.html
@@ -17,13 +17,18 @@
[% FOREACH group IN groups.keys.sort() %]
<fieldset>
+ [% IF groups.$group.entities %]
<legend>[% groups.$group.label %]</legend>
<select id="[% group %]" name="[% group %]">
<option value=""></option>
- [% FOREACH entity IN groups.$group.entities.sort('name') %]
+ [% FOREACH entity IN groups.$group.entities.sort('name') %]
<option value="[% entity.id %]" data-federation="[% entity.federation %]">[% entity.name %]</option>
- [% END %]
+ [% END %]
</select>
+ [% END %]
+ [% IF groups.$group.link %]
+ <a class="button" href="[% groups.$group.link %]">[% groups.$group.label %]</a>
+ [% END %]
</fieldset>
[% END %]
<input type="hidden" id="federation" name="federation"/>
--
GitLab