Class: HttpdConfigmapGenerator::Saml

Inherits:

Base

• Object
• Base
• HttpdConfigmapGenerator::Saml

Defined in:

lib/httpd_configmap_generator/saml.rb

Constant Summary

MELLON_CREATE_METADATA_COMMAND =

"/usr/libexec/mod_auth_mellon/mellon_create_metadata.sh".freeze

SAML2_CONFIG_DIRECTORY =

"/etc/httpd/saml2".freeze

MIQSP_METADATA_FILE =

"#{SAML2_CONFIG_DIRECTORY}/miqsp-metadata.xml".freeze

IDP_METADATA_FILE =

"#{SAML2_CONFIG_DIRECTORY}/idp-metadata.xml".freeze

AUTH =

{
  :type    => "saml",
  :subtype => "saml"
}.freeze

Constants inherited from Base

Base::APACHE_USER, Base::HOSTNAME_COMMAND, Base::HTTP_KEYTAB, Base::IPA_COMMAND, Base::KERBEROS_CONFIG_FILE, Base::LDAP_ATTRS, Base::PAM_CONFIG, Base::SSSD_CONFIG, Base::TIMESTAMP_FORMAT

Instance Attribute Summary

Attributes inherited from Base

#opts

Instance Method Summary

• #configure(opts) ⇒ Object
• #configured? ⇒ Boolean
• #optional_options ⇒ Object
• #persistent_files ⇒ Object
• #required_options ⇒ Object
• #unconfigure ⇒ Object

Methods inherited from Base

#command_run, #command_run!, #config_file_backup, #configure_pam, #cp_template, #create_target_directory, #debug_msg, #delete_target_file, #domain, #domain_from_host, #enable_kerberos_dns_lookups, #err_msg, #fetch_network_file, #file_binary?, #host_reachable?, #info_msg, #initialize, #log_command_error, #path_join, #realm, #rm_file, #run_configure, #template_directory, #update_hostname

Constructor Details

This class inherits a constructor from HttpdConfigmapGenerator::Base

Instance Method Details

#configure(opts) ⇒ Object

# File 'lib/httpd_configmap_generator/saml.rb', line 35

def configure(opts)
  update_hostname(opts[:host])
  Dir.mkdir(SAML2_CONFIG_DIRECTORY)
  Dir.chdir(SAML2_CONFIG_DIRECTORY) do
    command_run!(MELLON_CREATE_METADATA_COMMAND,
                 :params => [
                   "https://#{opts[:host]}",
                   "https://#{opts[:host]}/saml2"
                 ])
    rename_mellon_configfiles
    fetch_idp_metadata
  end
  config_map = ConfigMap.new(opts)
  config_map.generate(AUTH[:type], realm, persistent_files)
  config_map.save(opts[:output])
rescue => err
  log_command_error(err)
  raise err
end

#configured? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/httpd_configmap_generator/saml.rb', line 55

def configured?
  File.exist?(MIQSP_METADATA_FILE)
end

#optional_options ⇒ Object

# File 'lib/httpd_configmap_generator/saml.rb', line 16

def optional_options
  super.merge(
    :keycloak_add_metadata => { :description => "Download and add the Keycloak metadata file",
                                :default     => false },
    :keycloak_server       => { :description => "Keycloak Server FQDN or IP" },
    :keycloak_realm        => { :description => "Keycloak Realm for this client"}
  )
end

#persistent_files ⇒ Object

# File 'lib/httpd_configmap_generator/saml.rb', line 25

def persistent_files
  file_list = %w(
    /etc/httpd/saml2/miqsp-key.key
    /etc/httpd/saml2/miqsp-cert.cert
    /etc/httpd/saml2/miqsp-metadata.xml
  )
  file_list += [IDP_METADATA_FILE] if opts[:keycloak_add_metadata]
  file_list
end

#required_options ⇒ Object

# File 'lib/httpd_configmap_generator/saml.rb', line 12

def required_options
  super
end

#unconfigure ⇒ Object

# File 'lib/httpd_configmap_generator/saml.rb', line 59

def unconfigure
  return unless configured?
  FileUtils.rm_rf(SAML2_CONFIG_DIRECTORY) if Dir.exist?(SAML2_CONFIG_DIRECTORY)
end