Class: HttpdConfigmapGenerator::Saml

Inherits:
Base
  • Object
show all
Defined in:
lib/httpd_configmap_generator/saml.rb

Constant Summary collapse

MELLON_CREATE_METADATA_COMMAND = 
"/usr/libexec/mod_auth_mellon/mellon_create_metadata.sh".freeze
SAML2_CONFIG_DIRECTORY = 
"/etc/httpd/saml2".freeze
SP_METADATA_FILE = 
"#{SAML2_CONFIG_DIRECTORY}/sp-metadata.xml".freeze
IDP_METADATA_FILE = 
"#{SAML2_CONFIG_DIRECTORY}/idp-metadata.xml".freeze
AUTH = 
{
  :type    => "saml",
  :subtype => "saml"
}.freeze

Constants inherited from Base

Base::APACHE_USER, Base::HTTP_KEYTAB, Base::IPA_COMMAND, Base::KERBEROS_CONFIG_FILE, Base::LDAP_ATTRS, Base::PAM_CONFIG, Base::SSSD_CONFIG, Base::TIMESTAMP_FORMAT

Constants included from Base::Network

Base::Network::HOSTNAME_COMMAND

Instance Attribute Summary

Attributes inherited from Base

#opts

Instance Method Summary collapse

Methods inherited from Base

#debug_msg, #err_msg, #info_msg, #initialize, #run_configure

Methods included from Base::Pam

#configure_pam

Methods included from Base::Network

#domain, #domain_from_host, #fetch_network_file, #host_reachable?, #realm, #update_hostname

Methods included from Base::Kerberos

#enable_kerberos_dns_lookups

Methods included from Base::FileHelper

#cp_template, #create_target_directory, #delete_target_file, #file_binary?, #path_join, #rm_file, #template_directory

Methods included from Base::ConfigHelper

#config_file_backup

Methods included from Base::Command

#command_run, #command_run!, #log_command_error

Constructor Details

This class inherits a constructor from HttpdConfigmapGenerator::Base

Instance Method Details

#configure(opts) ⇒ Object 



37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
 
# File 'lib/httpd_configmap_generator/saml.rb', line 37

def configure(opts)
  update_hostname(opts[:host])
  Dir.mkdir(SAML2_CONFIG_DIRECTORY)
  Dir.chdir(SAML2_CONFIG_DIRECTORY) do
    command_run!(MELLON_CREATE_METADATA_COMMAND,
                 :params => [
                   "https://#{opts[:host]}",
                   "https://#{opts[:host]}/saml2"
                 ])
    rename_mellon_configfiles
    fetch_idp_metadata
  end
  config_map = ConfigMap.new(opts)
  config_map.generate(AUTH[:type], realm, persistent_files)
  config_map.save(opts[:output])
rescue => err
  log_command_error(err)
  raise err
end

#configured?Boolean

Returns:

  • (Boolean) 


57
58
59
 
# File 'lib/httpd_configmap_generator/saml.rb', line 57

def configured?
  File.exist?(SP_METADATA_FILE)
end

#optional_optionsObject 



18
19
20
21
22
23
24
25
 
# File 'lib/httpd_configmap_generator/saml.rb', line 18

def optional_options
  super.merge(
    :keycloak_add_metadata => { :description => "Download and add the Keycloak metadata file",
                                :default     => false },
    :keycloak_server       => { :description => "Keycloak Server FQDN or IP" },
    :keycloak_realm        => { :description => "Keycloak Realm for this client"}
  )
end

#persistent_filesObject 



27
28
29
30
31
32
33
34
35
 
# File 'lib/httpd_configmap_generator/saml.rb', line 27

def persistent_files
  file_list = %w(
    /etc/httpd/saml2/sp-key.key
    /etc/httpd/saml2/sp-cert.cert
    /etc/httpd/saml2/sp-metadata.xml
  )
  file_list += [IDP_METADATA_FILE] if opts[:keycloak_add_metadata]
  file_list
end

#required_optionsObject 



12
13
14
15
16
 
# File 'lib/httpd_configmap_generator/saml.rb', line 12

def required_options
  super.merge(
    :host => { :description => "Application Domain", :short => "-h" },
  )
end

#unconfigureObject 



61
62
63
64
 
# File 'lib/httpd_configmap_generator/saml.rb', line 61

def unconfigure
  return unless configured?
  FileUtils.rm_rf(SAML2_CONFIG_DIRECTORY) if Dir.exist?(SAML2_CONFIG_DIRECTORY)
end