openstack/charm-keystone-saml-mellon
Code Issues Proposed changes

Add "idp-discovery-service-url" option

Browse Source 
Allow the usage of an IDP discovery service for multiple IDPs.
Make use of "MellonDiscoveryURL" option in "mod_auth_mellon"
Apache module.

Change-Id: I2eed6dc3c57a51ed12f8ca4b31b46a13bc8fa911
Signed-off-by: Yanos Angelopoulos <yanos@admin.grnet.gr>
This commit is contained in:
Yanos Angelopoulos 2019-10-23 15:36:31 +03:00 committed by Yanos Angelopoulos
parent 0947cb7f86
commit e2a2ca2152
2 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/config.yaml
View File

@ -62,3 +62,10 @@ options:
description: |
Indicates a requirement for the <saml:Assertion> elements received
by this service provider to be signed.
idp-discovery-service-url:
type: string
default:
description: |
IDP discovery service URL. If set to "" (default) no discovery
service will be used. If used, the resource "idp-metadata" must
be an XML file containing descriptors for multiple IDPs

9
src/templates/apache-mellon-location.conf
View File

@ -3,6 +3,9 @@
MellonSPPrivateKeyFile {{ options.sp_private_key_file }}
MellonSPMetadataFile {{ options.sp_metadata_file }}
MellonIdPMetadataFile {{ options.idp_metadata_file }}
{% if options.idp_discovery_service_url -%}
MellonDiscoveryURL {{ options.idp_discovery_service_url }}
{%- endif %}
MellonEndpointPath {{ options.mellon_endpoint_path }}
MellonIdP "IDP"
AuthType "Mellon"
@ -19,6 +22,9 @@
MellonSPPrivateKeyFile {{ options.sp_private_key_file }}
MellonSPMetadataFile {{ options.sp_metadata_file }}
MellonIdPMetadataFile {{ options.idp_metadata_file }}
{% if options.idp_discovery_service_url -%}
MellonDiscoveryURL {{ options.idp_discovery_service_url }}
{%- endif %}
MellonEndpointPath {{ options.mellon_endpoint_path }}
MellonIdP "IDP"
AuthType "Mellon"
@ -35,6 +41,9 @@
MellonSPPrivateKeyFile {{ options.sp_private_key_file }}
MellonSPMetadataFile {{ options.sp_metadata_file }}
MellonIdPMetadataFile {{ options.idp_metadata_file }}
{% if options.idp_discovery_service_url -%}
MellonDiscoveryURL {{ options.idp_discovery_service_url }}
{%- endif %}
MellonEndpointPath {{ options.mellon_endpoint_path }}
MellonIdP "IDP"
AuthType "Mellon"