providers/saml: add modal to show metadata without download

This commit is contained in:
Jens Langhammer 2020-02-18 10:57:43 +01:00
parent 5b22f9b6c3
commit fbd4bdef33
3 changed files with 64 additions and 7 deletions

View file

@ -106,6 +106,16 @@ class SAMLProvider(Provider):
except Provider.application.RelatedObjectDoesNotExist: except Provider.application.RelatedObjectDoesNotExist:
return None return None
def html_metadata_view(self, request):
"""return template and context modal with to view Metadata without downloading it"""
from passbook.providers.saml.views import DescriptorDownloadView
metadata = DescriptorDownloadView.get_metadata(request, self)
return (
"saml/idp/admin_metadata_modal.html",
{"provider": self, "metadata": metadata,},
)
class Meta: class Meta:
verbose_name = _("SAML Provider") verbose_name = _("SAML Provider")

View file

@ -0,0 +1,41 @@
{% load i18n %}
{% load static %}
<script src="{% static 'codemirror/lib/codemirror.js' %}"></script>
<script src="{% static 'codemirror/addon/display/autorefresh.js' %}"></script>
<link rel="stylesheet" href="{% static 'codemirror/lib/codemirror.css' %}">
<link rel="stylesheet" href="{% static 'codemirror/theme/monokai.css' %}">
<script src="{% static 'codemirror/mode/xml/xml.js' %}"></script>
<button class="btn btn-default btn-sm" data-toggle="modal" data-target="#{{ provider.pk }}">{% trans 'View Metadata' %}</button>
<div class="modal fade" id="{{ provider.pk }}" tabindex="-1" role="dialog" aria-labelledby="{{ provider.pk }}Label" aria-hidden="true">
<div class="modal-dialog modal-lg">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true" aria-label="Close">
<span class="pficon pficon-close"></span>
</button>
<h4 class="modal-title" id="{{ provider.pk }}Label">{% trans 'Metadata' %}</h4>
</div>
<div class="modal-body">
<form class="form-horizontal">
<textarea class="codemirror" id="{{ provider.pk }}-textarea">
{{ metadata }}
</textarea>
</form>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-primary" data-dismiss="modal">{% trans 'Close' %}</button>
</div>
</div>
</div>
</div>
<script>
CodeMirror.fromTextArea(document.getElementById("{{ provider.pk }}-textarea"), {
mode: 'xml',
theme: 'monokai',
lineNumbers: false,
readOnly: true,
autoRefresh: true,
});
</script>

View file

@ -219,22 +219,23 @@ class SLOLogout(CSRFExemptMixin, AccessRequiredView):
class DescriptorDownloadView(AccessRequiredView): class DescriptorDownloadView(AccessRequiredView):
"""Replies with the XML Metadata IDSSODescriptor.""" """Replies with the XML Metadata IDSSODescriptor."""
def get(self, request: HttpRequest, application: str) -> HttpResponse: @staticmethod
"""Replies with the XML Metadata IDSSODescriptor.""" def get_metadata(request: HttpRequest, provider: SAMLProvider) -> str:
entity_id = self.provider.issuer """Return rendered XML Metadata"""
entity_id = provider.issuer
slo_url = request.build_absolute_uri( slo_url = request.build_absolute_uri(
reverse( reverse(
"passbook_providers_saml:saml-logout", "passbook_providers_saml:saml-logout",
kwargs={"application": application}, kwargs={"application": provider.application},
) )
) )
sso_url = request.build_absolute_uri( sso_url = request.build_absolute_uri(
reverse( reverse(
"passbook_providers_saml:saml-login", "passbook_providers_saml:saml-login",
kwargs={"application": application}, kwargs={"application": provider.application},
) )
) )
pubkey = strip_pem_header(self.provider.signing_cert.replace("\r", "")).replace( pubkey = strip_pem_header(provider.signing_cert.replace("\r", "")).replace(
"\n", "" "\n", ""
) )
ctx = { ctx = {
@ -243,7 +244,12 @@ class DescriptorDownloadView(AccessRequiredView):
"slo_url": slo_url, "slo_url": slo_url,
"sso_url": sso_url, "sso_url": sso_url,
} }
metadata = render_to_string("saml/xml/metadata.xml", ctx) return render_to_string("saml/xml/metadata.xml", ctx)
# pylint: disable=unused-argument
def get(self, request: HttpRequest, application: str) -> HttpResponse:
"""Replies with the XML Metadata IDSSODescriptor."""
metadata = DescriptorDownloadView.get_metadata(request, self.provider)
response = HttpResponse(metadata, content_type="application/xml") response = HttpResponse(metadata, content_type="application/xml")
response["Content-Disposition"] = ( response["Content-Disposition"] = (
'attachment; filename="' '%s_passbook_meta.xml"' % self.provider.name 'attachment; filename="' '%s_passbook_meta.xml"' % self.provider.name