providers/saml: add modal to show metadata without download

2020-02-18 10:57:43 +01:00 · 2020-02-18 10:57:43 +01:00 · fbd4bdef33
parent 5b22f9b6c3
commit fbd4bdef33
3 changed files with 64 additions and 7 deletions
--- a/passbook/providers/saml/models.py
+++ b/passbook/providers/saml/models.py
@ -106,6 +106,16 @@ class SAMLProvider(Provider):
        except Provider.application.RelatedObjectDoesNotExist:
            return None

+    def html_metadata_view(self, request):
+        """return template and context modal with to view Metadata without downloading it"""
+        from passbook.providers.saml.views import DescriptorDownloadView
+
+        metadata = DescriptorDownloadView.get_metadata(request, self)
+        return (
+            "saml/idp/admin_metadata_modal.html",
+            {"provider": self, "metadata": metadata,},
+        )
+
    class Meta:

        verbose_name = _("SAML Provider")
--- a/passbook/providers/saml/templates/saml/idp/admin_metadata_modal.html
+++ b/passbook/providers/saml/templates/saml/idp/admin_metadata_modal.html
@ -0,0 +1,41 @@
+{% load i18n %}
+{% load static %}
+
+<script src="{% static 'codemirror/lib/codemirror.js' %}"></script>
+<script src="{% static 'codemirror/addon/display/autorefresh.js' %}"></script>
+<link rel="stylesheet" href="{% static 'codemirror/lib/codemirror.css' %}">
+<link rel="stylesheet" href="{% static 'codemirror/theme/monokai.css' %}">
+<script src="{% static 'codemirror/mode/xml/xml.js' %}"></script>
+
+<button class="btn btn-default btn-sm" data-toggle="modal" data-target="#{{ provider.pk }}">{% trans 'View Metadata' %}</button>
+<div class="modal fade" id="{{ provider.pk }}" tabindex="-1" role="dialog" aria-labelledby="{{ provider.pk }}Label" aria-hidden="true">
+  <div class="modal-dialog modal-lg">
+    <div class="modal-content">
+      <div class="modal-header">
+        <button type="button" class="close" data-dismiss="modal" aria-hidden="true" aria-label="Close">
+          <span class="pficon pficon-close"></span>
+        </button>
+        <h4 class="modal-title" id="{{ provider.pk }}Label">{% trans 'Metadata' %}</h4>
+      </div>
+      <div class="modal-body">
+        <form class="form-horizontal">
+          <textarea class="codemirror" id="{{ provider.pk }}-textarea">
+{{ metadata }}
+          </textarea>
+        </form>
+      </div>
+      <div class="modal-footer">
+        <button type="button" class="btn btn-primary" data-dismiss="modal">{% trans 'Close' %}</button>
+      </div>
+    </div>
+  </div>
+</div>
+<script>
+  CodeMirror.fromTextArea(document.getElementById("{{ provider.pk }}-textarea"), {
+    mode: 'xml',
+    theme: 'monokai',
+    lineNumbers: false,
+    readOnly: true,
+    autoRefresh: true,
+  });
+</script>
--- a/passbook/providers/saml/views.py
+++ b/passbook/providers/saml/views.py
@ -219,22 +219,23 @@ class SLOLogout(CSRFExemptMixin, AccessRequiredView):
 class DescriptorDownloadView(AccessRequiredView):
    """Replies with the XML Metadata IDSSODescriptor."""

-    def get(self, request: HttpRequest, application: str) -> HttpResponse:
-        """Replies with the XML Metadata IDSSODescriptor."""
-        entity_id = self.provider.issuer
+    @staticmethod
+    def get_metadata(request: HttpRequest, provider: SAMLProvider) -> str:
+        """Return rendered XML Metadata"""
+        entity_id = provider.issuer
        slo_url = request.build_absolute_uri(
            reverse(
                "passbook_providers_saml:saml-logout",
-                kwargs={"application": application},
+                kwargs={"application": provider.application},
            )
        )
        sso_url = request.build_absolute_uri(
            reverse(
                "passbook_providers_saml:saml-login",
-                kwargs={"application": application},
+                kwargs={"application": provider.application},
            )
        )
-        pubkey = strip_pem_header(self.provider.signing_cert.replace("\r", "")).replace(
+        pubkey = strip_pem_header(provider.signing_cert.replace("\r", "")).replace(
            "\n", ""
        )
        ctx = {
@ -243,7 +244,12 @@ class DescriptorDownloadView(AccessRequiredView):
            "slo_url": slo_url,
            "sso_url": sso_url,
        }
-        metadata = render_to_string("saml/xml/metadata.xml", ctx)
+        return render_to_string("saml/xml/metadata.xml", ctx)
+
+    # pylint: disable=unused-argument
+    def get(self, request: HttpRequest, application: str) -> HttpResponse:
+        """Replies with the XML Metadata IDSSODescriptor."""
+        metadata = DescriptorDownloadView.get_metadata(request, self.provider)
        response = HttpResponse(metadata, content_type="application/xml")
        response["Content-Disposition"] = (
            'attachment; filename="' '%s_passbook_meta.xml"' % self.provider.name