diff --git a/bin/access-check-manager.pl.in b/bin/access-check-manager.pl.in
index c56f9dfad4bd887d86b16d431fb01a3927919aa0..35948ee990b9576866612a906eee2036ce830ecb 100755
--- a/bin/access-check-manager.pl.in
+++ b/bin/access-check-manager.pl.in
@@ -29,7 +29,7 @@ GetOptions(
'displayname=s',
'email_address=s',
'expired',
- 'sp_entityid=s',
+ 'entityid=s',
'token=s',
) or pod2usage(
-message => "unknown option, aborting\n",
@@ -83,11 +83,11 @@ sub add_account {
) unless $options{profile};
pod2usage(
- -message => "missing sp_entityid option, aborting\n",
+ -message => "missing entityid option, aborting\n",
-verbose => 0
- ) unless $options{sp_entityid};
+ ) unless $options{entityid};
- my $entity = $options{sp_entityid};
+ my $entity = $options{entityid};
my $validity_period =
$configuration->{$entity}->{account_validity_period} ||
$configuration->{service}->{account_validity_period};
@@ -96,7 +96,7 @@ sub add_account {
my $account = AccountManager::Account->new(
db => $db,
profile => $options{profile},
- sp_entityid => $options{sp_entityid},
+ entityid => $options{entityid},
scope => $configuration->{idp}->{scope},
password => $password,
password_hash => AccountManager::Tools::sha256_hash($password),
@@ -114,8 +114,8 @@ sub add_account {
sub list_accounts {
my %args;
- if ($options{sp_entityid}) {
- push @{ $args{query} }, sp_entityid => $options{sp_entityid};
+ if ($options{entityid}) {
+ push @{ $args{query} }, entityid => $options{entityid};
}
if ($options{profile}) {
@@ -172,7 +172,7 @@ sub parse_metadata {
};
die "unable to load federation metadata: $EVAL_ERROR" if $EVAL_ERROR;
- my $data = $federation_metadata->parse(id => $options{sp_entityid});
+ my $data = $federation_metadata->parse(id => $options{entityid});
printf "Document %s parsed\n",
$configuration->{setup}->{federation_metadata_file};
@@ -185,9 +185,9 @@ sub parse_metadata {
sub add_service {
pod2usage(
- -message => "missing sp_entityid option, aborting\n",
+ -message => "missing entityid option, aborting\n",
-verbose => 0
- ) unless $options{sp_entityid};
+ ) unless $options{entityid};
pod2usage(
-message => "missing contacts option, aborting\n",
@@ -197,18 +197,18 @@ sub add_service {
## Check if entry already exists in DB first
my $provider = AccountManager::Entity->new(
db => $db,
- entityid => $options{sp_entityid}
+ entityid => $options{entityid}
);
if ($provider->load(speculative => 1)) {
printf "Entry for %s already in DB; update it with new data\n",
- $options{sp_entityid};
+ $options{entityid};
$provider->contacts($options{contacts});
$provider->displayname($options{displayname}) if $options{displayname};
} else {
$provider = AccountManager::Entity->new(
db => $db,
- entityid => $options{sp_entityid},
+ entityid => $options{entityid},
contacts => $options{contacts},
displayname => $options{displayname}
);
@@ -244,8 +244,8 @@ sub list_services {
sub list_tokens {
my %args;
- if ($options{sp_entityid}) {
- push @{ $args{query} }, sp_entityid => $options{sp_entityid};
+ if ($options{entityid}) {
+ push @{ $args{query} }, entityid => $options{entityid};
}
if ($options{token}) {
push @{ $args{query} }, token => $options{token};
@@ -286,9 +286,9 @@ sub get_token {
die "No corresponding token found in DB\n"
unless $token->load();
- if ($options{sp_entityid}) {
+ if ($options{entityid}) {
die "Authentication token cannot be used for this SP\n"
- unless $token->get('sp_entityid') eq $options{sp_entityid};
+ unless $token->get('entityid') eq $options{entityid};
}
$token->print();
@@ -303,15 +303,15 @@ sub add_token {
) unless $options{email_address};
pod2usage(
- -message => "missing sp_entityid option, aborting\n",
+ -message => "missing entityid option, aborting\n",
-verbose => 0
- ) unless $options{sp_entityid};
+ ) unless $options{entityid};
# delete any previous token for the same email/service couple
my $old_token = AccountManager::Token->new(
db => $db,
email_address => $options{email_address},
- sp_entityid => $options{sp_entityid}
+ entityid => $options{entityid}
);
if ($old_token->load(speculative => 1)) {
@@ -323,7 +323,7 @@ sub add_token {
my $token = AccountManager::Token->new(
db => $db,
email_address => $options{email_address},
- sp_entityid => $options{sp_entityid},
+ entityid => $options{entityid},
creation_date => DateTime->now(),
expiration_date => DateTime->now()->add(hours => $validity_period),
token => AccountManager::Tools::generate_token()
@@ -347,25 +347,25 @@ access-check-manager.pl [options] add_account
Options:
--profile <string>
- --sp_entityid <string>
+ --entityid <string>
access-check-manager.pl [options] list_accounts
Options:
--profile <string>
- --sp_entityid <string>
+ --entityid <string>
--expired
--delete
access-check-manager.pl [options] parse_metadata
Options:
- --sp_entityid <string>
+ --entityid <string>
access-check-manager.pl [options] add_service
Options:
- --sp_entityid <string>
+ --entityid <string>
--contact <string>
--displayname <string>
@@ -377,7 +377,7 @@ access-check-manager.pl [options] list_services
access-check-manager.pl [options] list_tokens
Options:
- --sp_entityid <string>
+ --entityid <string>
--token <string>
--expired
--delete
@@ -385,13 +385,13 @@ access-check-manager.pl [options] list_tokens
access-check-manager.pl [options] get_token
Options:
- --sp_entityid <string>
+ --entityid <string>
--token <string>
access-check-manager.pl [options] add_token
Options:
- --sp_entityid <string>
+ --entityid <string>
--email_address <string>
=head1 DESCRIPTION
@@ -403,13 +403,13 @@ functions.
=head1 EXAMPLES
$> access-check-manager.pl add_account \
- --sp_entityid https://test.federation.renater.fr/test/ressource \
+ --entityid https://test.federation.renater.fr/test/ressource \
--profile student1
Adds a new test account.
$> access-check-manager.pl list_accounts \
- --sp_entityid https://test.federation.renater.fr/test/ressource \
+ --entityid https://test.federation.renater.fr/test/ressource \
--profile student1
List all test accounts. Criterias can be added to filter test accounts.
@@ -428,7 +428,7 @@ Parses the SAML metadata file, as defined by the
C<federation_metadata_file> configuration parameter.
$> access-check-manager.pl list_tokens \
- --sp_entityid https://test.federation.renater.fr/test/ressource \
+ --entityid https://test.federation.renater.fr/test/ressource \
--token dhj67sjJ
List all authentication tokens. Criterias can be added to filter tokens.
@@ -446,12 +446,12 @@ Remove all expired authentication tokens from DB.
Get informations on a token.
$> access-check-manager.pl add_token --email_address john@my.fqdn \
- --sp_entityid https://test.federation.renater.fr/test/ressource
+ --entityid https://test.federation.renater.fr/test/ressource
Adds a new test account.
$> access-check-manager.pl add_service \
- --sp_entityid https://test.federation.renater.fr/test/ressource \
+ --entityid https://test.federation.renater.fr/test/ressource \
--displayname 'Test SP' --contacts email1@dom,email2@dom
Adds a new service provider
diff --git a/conf/manager.sql b/conf/manager.sql
index 892eadeb1392ccc23516567a5815001b96dd8562..4f67405c2a294b149ac1ba49c207fd6fd9aba631 100644
--- a/conf/manager.sql
+++ b/conf/manager.sql
@@ -2,7 +2,7 @@ CREATE TABLE tokens (
id bigint(20) NOT NULL AUTO_INCREMENT,
token varchar(50) NOT NULL,
email_address varchar(200) NOT NULL,
- sp_entityid varchar(200) NOT NULL,
+ entityid varchar(200) NOT NULL,
creation_date datetime DEFAULT NULL,
expiration_date datetime DEFAULT NULL,
PRIMARY KEY (id),
@@ -31,6 +31,6 @@ CREATE TABLE accounts (
expiration_date datetime DEFAULT NULL,
profile varchar(100) NOT NULL,
scope varchar(100) NOT NULL,
- sp_entityid varchar(250) NOT NULL,
+ entityid varchar(250) NOT NULL,
PRIMARY KEY (id)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
diff --git a/lib/AccountManager/Account.pm b/lib/AccountManager/Account.pm
index 3b84a9b4e4a6341e159d42ee788a6f64b0f3f67e..15f16bade9e80d83565c4bf5ad510e0680bc2a6a 100644
--- a/lib/AccountManager/Account.pm
+++ b/lib/AccountManager/Account.pm
@@ -21,7 +21,7 @@ __PACKAGE__->meta->setup(
expiration_date => { type => 'datetime' },
profile => { type => 'varchar', length => 100, not_null => 1 },
scope => { type => 'varchar', length => 100, not_null => 1 },
- sp_entityid => { type => 'varchar', length => 250, not_null => 1 },
+ entityid => { type => 'varchar', length => 250, not_null => 1 },
],
primary_key_columns => [ 'id' ],
@@ -101,10 +101,10 @@ sub print {
$fd = \*STDOUT unless $fd;
printf $fd
- "Account ID=%s; password_hash=%s; sp_entityid=%s; profile=%s; scope=%s; creation_date=%s; expiration_date=%s\n",
+ "Account ID=%s; password_hash=%s; entityid=%s; profile=%s; scope=%s; creation_date=%s; expiration_date=%s\n",
$self->id(),
$self->password_hash(),
- $self->sp_entityid(),
+ $self->entityid(),
$self->profile(),
$self->scope(),
$self->creation_date()->strftime('%Y:%m:%d'),
@@ -174,7 +174,7 @@ sub comment {
sub associatedSP {
my ($self) = @_;
- return $self->{sp_entityid};
+ return $self->{entityid};
}
1;
diff --git a/lib/AccountManager/App.pm b/lib/AccountManager/App.pm
index bf762627f684eee2ee25a5c45366c6714becbdc8..57f1307fdc484bfa25f55f6ab2ba66c1a89e72ea 100644
--- a/lib/AccountManager/App.pm
+++ b/lib/AccountManager/App.pm
@@ -406,7 +406,7 @@ sub req_complete_challenge {
my $old_token = AccountManager::Token->new(
db => $self->{db},
email_address => $email,
- sp_entityid => $entityid,
+ entityid => $entityid,
);
if ($old_token->load(speculative => 1)) {
@@ -422,7 +422,7 @@ sub req_complete_challenge {
my $token = AccountManager::Token->new(
db => $self->{db},
email_address => $email,
- sp_entityid => $entityid,
+ entityid => $entityid,
creation_date => DateTime->now(),
expiration_date => DateTime->now()->add(hours => $validity_period),
secret => AccountManager::Tools::generate_secret(20)
@@ -584,7 +584,7 @@ sub req_create_accounts {
my $download_token = AccountManager::Token->new(
db => $self->{db},
email_address => $email,
- sp_entityid => $entityid,
+ entityid => $entityid,
creation_date => DateTime->now(),
expiration_date => DateTime->now()->add(hours => $validity_period),
secret => AccountManager::Tools::generate_secret(20)
@@ -602,7 +602,7 @@ sub req_create_accounts {
my $account = AccountManager::Account->new(
db => $self->{db},
profile => $profile,
- sp_entityid => $entityid,
+ entityid => $entityid,
scope => $self->{configuration}->{idp}->{scope},
password => $password,
password_crypt => AccountManager::Tools::encrypt($password, $key),
@@ -787,7 +787,7 @@ sub check_token {
$self->abort(
log => "Authentication token $secret cannot be used for SP $args{entityid}",
user => "wrong_token_for_sp"
- ) if $token->sp_entityid() ne $args{entityid};
+ ) if $token->entityid() ne $args{entityid};
## delete the token
unless ($token->delete()) {
diff --git a/lib/AccountManager/Token.pm b/lib/AccountManager/Token.pm
index 430fab0fe61e47e01a271b9aec12bfe3d4549598..2daba493b6177c67ce60be773e2985212d3da57e 100644
--- a/lib/AccountManager/Token.pm
+++ b/lib/AccountManager/Token.pm
@@ -14,7 +14,7 @@ __PACKAGE__->meta->setup(
id => { type => 'bigserial', not_null => 1 },
token => { type => 'varchar', length => 50, not_null => 1, alias => 'secret' },
email_address => { type => 'varchar', length => 200, not_null => 1 },
- sp_entityid => { type => 'varchar', length => 200, not_null => 1 },
+ entityid => { type => 'varchar', length => 200, not_null => 1 },
creation_date => { type => 'datetime' },
expiration_date => { type => 'datetime' },
],
@@ -23,7 +23,7 @@ __PACKAGE__->meta->setup(
unique_keys => [
[ 'token' ],
- [ 'email_address', 'sp_entityid' ],
+ [ 'email_address', 'entityid' ],
],
);
@@ -34,11 +34,11 @@ sub print {
$fd = \*STDOUT unless $fd;
printf $fd
- "Token ID=%s; secret=%s; email_address=%s; sp_entityid=%s; creation_date=%s; expiration_date=%s\n",
+ "Token ID=%s; secret=%s; email_address=%s; entityid=%s; creation_date=%s; expiration_date=%s\n",
$self->id(),
$self->secret(),
$self->email_address(),
- $self->sp_entityid(),
+ $self->entityid(),
$self->creation_date()->strftime('%Y:%m:%d %H:%M'),
$self->expiration_date()->strftime('%Y:%m:%d %H:%M');
}