Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Loading status checks…
minor change to tests
@pcaskey
pcaskey committed Jun 11, 2021
1 parent 0284a75 commit 518950f
Showing 13 changed files with 794 additions and 9 deletions.
2 changes: 1 addition & 1 deletion test-compose/idp/Dockerfile
View file
@@ -17,7 +17,7 @@ ADD ${TOMCERT} /opt/certs
ADD ${TOMWWWROOT} /usr/local/tomcat/webapps/ROOT
ADD ${SHBCFG} /opt/shibboleth-idp/conf
ADD ${SHBCREDS} /opt/shibboleth-idp/credentials
#ADD ${SHBVIEWS} /opt/shibboleth-idp/views
ADD ${SHBVIEWS} /opt/shibboleth-idp/views
#ADD ${SHBEDWAPP} /opt/shibboleth-idp/edit-webapp
#ADD ${SHBMSGS} /opt/shibboleth-idp/messages
ADD ${SHBMD} /opt/shibboleth-idp/metadata
73 changes: 73 additions & 0 deletions test-compose/idp/container_files/config/shib-idp/views/admin/hello.vm
View file
@@ -0,0 +1,73 @@
##
## Velocity Template for Hello World page.
##
## Velocity context will contain the following properties
## flowRequestContext - the Spring Web Flow RequestContext
## encoder - HTMLEncoder class
## request - HttpServletRequest
## response - HttpServletResponse
## profileRequestContext - root of context tree
## subjectContext - ProfileRequestContext -> SubjectContext
## attributeContext - ProfileRequestContext -> AttributeContext
## environment - Spring Environment object for property resolution
## custom - arbitrary object injected by deployer
##
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1.0">
<title>#springMessageText("idp.title", "Web Login Service") - #springMessageText("hello-world.title", "Hello World")</title>
<link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/main.css">
</head>

<body>
<div class="wrapper">
<div class="container" style="width: 100%">
<header>
<img src="$request.getContextPath()#springMessage("idp.logo")" alt="#springMessageText("idp.logo.alt-text", "logo")">
<h3>#springMessageText("idp.title", "Web Login Service")</h3>
</header>

<div class="content">
<h4>#springMessageText("hello-world.greeting", "Greetings"), <em>$encoder.encodeForHTML($subjectContext.getPrincipalName())</em></h4>
<br/>
<h4>Authenticated By</h4>
#foreach ($result in $subjectContext.getAuthenticationResults().entrySet())
<blockquote>$encoder.encodeForHTML($result.getKey())</blockquote>
#end
<br/>
<h4>Java Principals in Subjects</h4>
#foreach ($s in $subjectContext.getSubjects())
#foreach ($p in $s.getPrincipals())
<blockquote>$encoder.encodeForHTML($p)<blockquote>
#end
#end
#if ($attributeContext && !$attributeContext.getUnfilteredIdPAttributes().isEmpty())
<br/>
<h4>Attributes:</h4>
#foreach ($a in $attributeContext.getUnfilteredIdPAttributes())
#if (!$a.getValues().isEmpty())
<br/>
<h5>$encoder.encodeForHTML($a.getId())</h5>
#foreach ($v in $a.getValues())
<blockquote>$encoder.encodeForHTML($v.getDisplayValue())</blockquote>
#end
#end
#end
#end
</div>

<header>
<h3><a href="$request.getContextPath()/profile/admin/hello">#springMessageText("hello-world.reload", "Reload the Page")</a></h3>
</header>
</div>

<footer>
<div class="container container-footer">
<p class="footer-text">#springMessageText("idp.footer", "Insert your footer text here.")</p>
</div>
</footer>
</div>
</body>
</html>
53 changes: 53 additions & 0 deletions test-compose/idp/container_files/config/shib-idp/views/client-storage/client-storage-read.vm
View file
@@ -0,0 +1,53 @@
##
## Velocity template to read from local storage.
##
## Velocity context will contain the following properties
## flowExecutionUrl - the form action location
## flowRequestContext - the Spring Web Flow RequestContext
## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
## profileRequestContext - root of context tree
## loadContext - context with details about the storage keys to load
## encoder - HTMLEncoder class
## request - HttpServletRequest
## response - HttpServletResponse
## environment - Spring Environment object for property resolution
#set ($title = $springMacroRequestContext.getMessage("idp.title", "Web Login Service"))
#set ($titleSuffix = $springMacroRequestContext.getMessage("idp.client-storage-read.suffix", "Loading Session Information"))
##
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width,initial-scale=1.0">
<title>$title - $titleSuffix</title>
<link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/main.css">
<script>
<!--
#include( "client-storage/local-storage-read.js" )
// -->
</script>
</head>
<body onload="doLoad()">
<div class="wrapper">
<div class="container">
<header>
<h3>$title - $titleSuffix</h3>
</header>
<div class="content">
$springMacroRequestContext.getMessage("idp.client-storage-read.text", "Loading login session information from the browser...")
</div>
<noscript>
<div class="content">
$springMacroRequestContext.getMessage("idp.client-storage.no-js", "Since your browser does not support JavaScript, you must press the Continue button once to proceed.")
</div>
</noscript>
#parse( "client-storage/read.vm" )
</div>
<footer>
<div class="container container-footer">
<p class="footer-text">#springMessageText("idp.footer", "Insert your footer text here.")</p>
</div>
</footer>
</div>
</body>
</html>
53 changes: 53 additions & 0 deletions ...-compose/idp/container_files/config/shib-idp/views/client-storage/client-storage-write.vm
View file
@@ -0,0 +1,53 @@
##
## Velocity template to write to local storage.
##
## Velocity context will contain the following properties
## flowExecutionUrl - the form action location
## flowRequestContext - the Spring Web Flow RequestContext
## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
## profileRequestContext - root of context tree
## saveContext - context with details about the storage data to save
## encoder - HTMLEncoder class
## request - HttpServletRequest
## response - HttpServletResponse
## environment - Spring Environment object for property resolution
#set ($title = $springMacroRequestContext.getMessage("idp.title", "Web Login Service"))
#set ($titleSuffix = $springMacroRequestContext.getMessage("idp.client-storage-write.suffix", "Saving Session Information..."))
##
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width,initial-scale=1.0">
<title>$title - $titleSuffix</title>
<link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/main.css">
<script>
<!--
#include( "client-storage/local-storage-write.js" )
// -->
</script>
</head>
<body onload="doSave()">
<div class="wrapper">
<div class="container">
<header>
<h3>$title - $titleSuffix</h3>
</header>
<div class="content">
$springMacroRequestContext.getMessage("idp.client-storage-write.text", "Saving login session information to the browser...")
</div>
<noscript>
<div class="content">
$springMacroRequestContext.getMessage("idp.client-storage.no-js", "Since your browser does not support JavaScript, you must press the Continue button once to proceed.")
</div>
</noscript>
#parse( "client-storage/write.vm" )
</div>
<footer>
<div class="container container-footer">
<p class="footer-text">#springMessageText("idp.footer", "Insert your footer text here.")</p>
</div>
</footer>
</div>
</body>
</html>
75 changes: 75 additions & 0 deletions test-compose/idp/container_files/config/shib-idp/views/error.vm
View file
@@ -0,0 +1,75 @@
##
## Velocity Template for error end-state
##
## Velocity context will contain the following properties
## flowRequestContext - the Spring Web Flow RequestContext
## profileRequestContext - root of context tree
## encoder - HTMLEncoder class
## request - HttpServletRequest
## response - HttpServletResponse
## environment - Spring Environment object for property resolution
## custom - arbitrary object injected by deployer
##
#set ($title = $springMacroRequestContext.getMessage("idp.title", "Web Login Service"))
#set ($defaultTitleSuffix = $springMacroRequestContext.getMessage("idp.title.suffix", "Error"))
##
#if ($flowRequestContext)
## This handles flow events, the most common case.
#set ($eventId = $flowRequestContext.getCurrentEvent().getId())
#set ($eventKey = $springMacroRequestContext.getMessage("$eventId", "error"))
#set ($titleSuffix = $springMacroRequestContext.getMessage("${eventKey}.title", "$defaultTitleSuffix"))
#set ($message = $springMacroRequestContext.getMessage("${eventKey}.message", "$defaultTitleSuffix: $eventId"))
#if ($eventId == "AccessDenied" or $eventId == "ContextCheckDenied")
$response.setStatus(403)
#elseif ($eventId == "AttributeReleaseRejected" || $eventId == "TermsRejected")
$response.setStatus(200)
#elseif ($eventKey == "unexpected" || $eventKey == "runtime-error" || $eventKey == "error")
$response.setStatus(500)
#else
$response.setStatus(400)
#end
#elseif ($exception)
## This handles exceptions that reach the Spring-MVC exception handler.
#set ($eventId = $exception.getClass().getSimpleName())
#set ($eventKey = $springMacroRequestContext.getMessage("$eventId", "error"))
#set ($titleSuffix = $springMacroRequestContext.getMessage("${eventKey}.title", "$defaultTitleSuffix"))
#set ($message = $springMacroRequestContext.getMessage("${eventKey}.message", "$defaultTitleSuffix: $eventId"))
$response.setStatus(500)
#else
## This is a catch-all that theoretically shouldn't happen?
#set ($titleSuffix = $defaultTitleSuffix)
#set ($message = $springMacroRequestContext.getMessage("idp.message", "An unidentified error occurred."))
$response.setStatus(500)
#end
##
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1.0">
<title>$title - $titleSuffix</title>
<link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/main.css">
</head>

<body>
<div class="wrapper">
<div class="container">
<header>
<img src="$request.getContextPath()#springMessage("idp.logo")" alt="#springMessageText("idp.logo.alt-text", "logo")">
<h3>$title - $titleSuffix</h3>
</header>

<div class="content">
#evaluate($message)
</div>
</div>

<footer>
<div class="container container-footer">
<p class="footer-text">#springMessageText("idp.footer", "Insert your footer text here.")</p>
</div>
</footer>

</div>
</body>
</html>
26 changes: 26 additions & 0 deletions test-compose/idp/container_files/config/shib-idp/views/login-error.vm
View file
@@ -0,0 +1,26 @@
## Velocity Template for login error message production, included by login.vm
##
## authenticationErrorContext - context containing error data, if available
##
#if ($authenticationErrorContext && $authenticationErrorContext.getClassifiedErrors().size() > 0)
## This handles errors that are classified by the message maps in the authentication config.
#set ($eventId = $authenticationErrorContext.getClassifiedErrors().iterator().next())
#if ($eventId != "ReselectFlow")
#set ($eventKey = $springMacroRequestContext.getMessage("$eventId", "login"))
#set ($message = $springMacroRequestContext.getMessage("${eventKey}.message", "Login Failure: $eventId"))
#end
#elseif ($authenticationErrorContext && $authenticationErrorContext.getExceptions().size() > 0)
## This handles login exceptions that are left unclassified.
#set ($loginException = $authenticationErrorContext.getExceptions().get(0))
#if ($loginException.getMessage())
#set ($message = "Login Failure: $loginException.getMessage()")
#else
#set ($message = $loginException.toString())
#end
#end

#if ($message)
<section>
<p class="form-element form-error">$encoder.encodeForHTML($message)</p>
</section>
#end
144 changes: 144 additions & 0 deletions test-compose/idp/container_files/config/shib-idp/views/login.vm
View file
@@ -0,0 +1,144 @@
##
## Velocity Template for DisplayUsernamePasswordPage view-state
##
## Velocity context will contain the following properties
## flowExecutionUrl - the form action location
## flowRequestContext - the Spring Web Flow RequestContext
## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
## profileRequestContext - root of context tree
## authenticationContext - context with authentication request information
## authenticationErrorContext - context with login error state
## authenticationWarningContext - context with login warning state
## ldapResponseContext - context with LDAP state (if using native LDAP)
## rpUIContext - the context with SP UI information from the metadata
## extendedAuthenticationFlows - collection of "extended" AuthenticationFlowDescriptor objects
## passwordPrincipals - contents of the shibboleth.authn.Password.PrincipalOverride bean
## encoder - HTMLEncoder class
## request - HttpServletRequest
## response - HttpServletResponse
## environment - Spring Environment object for property resolution
## custom - arbitrary object injected by deployer
##
#set ($rpContext = $profileRequestContext.getSubcontext('net.shibboleth.idp.profile.context.RelyingPartyContext'))
#set ($username = $authenticationContext.getSubcontext('net.shibboleth.idp.authn.context.UsernamePasswordContext', true).getUsername())
#set ($passwordEnabled = false)
#if (!$passwordPrincipals or $passwordPrincipals.isEmpty() or $authenticationContext.isAcceptable($passwordPrincipals))
#set ($passwordEnabled = true)
#end
##
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1.0">
<title>#springMessageText("idp.title", "Web Login Service")</title>
<link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/main.css">
</head>
<body>
<div class="wrapper">
<div class="container">
<header>
<img src="$request.getContextPath()#springMessage("idp.logo")" alt="#springMessageText("idp.logo.alt-text", "logo")">
</header>

<div class="content">
<div class="column one">
#parse("login-error.vm")

<form action="$flowExecutionUrl" method="post">
#parse("csrf/csrf.vm")
#set ($serviceName = $rpUIContext.serviceName)
#if ($serviceName && !$rpContext.getRelyingPartyId().contains($serviceName))
<legend>
#springMessageText("idp.login.loginTo", "Login to") $encoder.encodeForHTML($serviceName)
</legend>
#end

#if ($passwordEnabled)
<div class="form-element-wrapper">
<label for="username">#springMessageText("idp.login.username", "Username")</label>
<input class="form-element form-field" id="username" name="j_username" type="text"
value="#if($username)$encoder.encodeForHTML($username)#end" />
</div>

<div class="form-element-wrapper">
<label for="password">#springMessageText("idp.login.password", "Password")</label>
<input class="form-element form-field" id="password" name="j_password" type="password" value="" />
</div>

## You may need to modify this to taste, such as changing the flow name its checking for to authn/MFA.
#if (!$authenticationContext.getActiveResults().containsKey('authn/Password'))
<div class="form-element-wrapper">
<input type="checkbox" name="donotcache" value="1" id="donotcache">
<label for="donotcache">#springMessageText("idp.login.donotcache", "Don't Remember Login")</label>
</div>
#end

#end

<div class="form-element-wrapper">
<input id="_shib_idp_revokeConsent" type="checkbox" name="_shib_idp_revokeConsent" value="true" />
<label for="_shib_idp_revokeConsent">#springMessageText("idp.attribute-release.revoke", "Clear prior granting of permission for release of your information to this service.")</label>
</div>

#if ($passwordEnabled)
<div class="form-element-wrapper">
<button class="form-element form-button" type="submit" name="_eventId_proceed"
onClick="this.childNodes[0].nodeValue='#springMessageText("idp.login.pleasewait", "Logging in, please wait...")'"
>#springMessageText("idp.login.login", "Login")</button>
</div>
#end

#foreach ($extFlow in $extendedAuthenticationFlows)
#if ($authenticationContext.isAcceptable($extFlow) and $extFlow.test(profileRequestContext))
<div class="form-element-wrapper">
<button class="form-element form-button" type="submit" name="_eventId_$extFlow.getId()">
#springMessageText("idp.login.$extFlow.getId().replace('authn/','')", $extFlow.getId().replace('authn/',''))
</button>
</div>
#end
#end
</form>

#*
//
// SP Description & Logo (optional)
// These idpui lines will display added information (if available
// in the metadata) about the Service Provider (SP) that requested
// authentication. These idpui lines are "active" in this example
// (not commented out) - this extra SP info will be displayed.
// Remove or comment out these lines to stop the display of the
// added SP information.
//
*#
#set ($logo = $rpUIContext.getLogo())
#if ($logo)
<img src= "$encoder.encodeForHTMLAttribute($logo)"
alt="$encoder.encodeForHTMLAttribute($serviceName)">
#end
#set ($desc = $rpUIContext.getServiceDescription())
#if ($desc)
$encoder.encodeForHTML($desc)
#end

</div>
<div class="column two">
<ul class="list list-help">
#if ($passwordEnabled)
<li class="list-help-item"><a href="#springMessageText("idp.url.password.reset", '#')"><span class="item-marker">&rsaquo;</span> #springMessageText("idp.login.forgotPassword", "Forgot your password?")</a></li>
#end
<li class="list-help-item"><a href="#springMessageText("idp.url.helpdesk", '#')"><span class="item-marker">&rsaquo;</span> #springMessageText("idp.login.needHelp", "Need Help?")</a></li>
</ul>
</div>
</div>
</div>

<footer>
<div class="container container-footer">
<p class="footer-text">#springMessageText("idp.footer", "Insert your footer text here.")</p>
</div>
</footer>
</div>

</body>
</html>
67 changes: 67 additions & 0 deletions test-compose/idp/container_files/config/shib-idp/views/logout-complete.vm
View file
@@ -0,0 +1,67 @@
##
## Velocity Template for logout flow's concluding view-state (no propagation)
##
## Velocity context will contain the following properties
## flowExecutionUrl - the form action location
## flowRequestContext - the Spring Web Flow RequestContext
## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
## profileRequestContext - root of context tree
## logoutContext - context with SPSession details for logout operation
## multiRPContext - context with RelyingPartyContexts and possibly SP UI information from the metadata
## encoder - HTMLEncoder class
## request - HttpServletRequest
## response - HttpServletResponse
## environment - Spring Environment object for property resolution
## custom - arbitrary object injected by deployer
##
#set ($activeIdPSessions = $logoutContext and !$logoutContext.getIdPSessions().isEmpty())
#set ($activeSPSessions = $logoutContext and !$logoutContext.getSessionMap().isEmpty())
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1.0">
<title>#springMessageText("idp.title", "Web Login Service")</title>
<link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/main.css">
</head>

<body>
<div class="wrapper">
<div class="container">
<header>
<img src="$request.getContextPath()#springMessage("idp.logo")" alt="#springMessageText("idp.logo.alt-text", "logo")">
</header>

<div class="content">
<div class="column one">
#if ($activeIdPSessions)
<p>#springMessageText("idp.logout.cancelled", "Logout has been cancelled.")</p>
#elseif ($activeSPSessions)
<p>#springMessageText("idp.logout.local", "You elected not to log out of all the applications accessed during your session.")</p>
#else
<p>#springMessageText("idp.logout.complete", "The logout operation is complete, and no other services appear to have been accessed during this session.")</p>
#end
</div>
<div class="column two">
<ul class="list list-help">
<li class="list-help-item"><a href="#springMessageText("idp.url.password.reset", '#')"><span class="item-marker">&rsaquo;</span> #springMessageText("idp.login.forgotPassword", "Forgot your password?")</a></li>
<li class="list-help-item"><a href="#springMessageText("idp.url.helpdesk", '#')"><span class="item-marker">&rsaquo;</span> #springMessageText("idp.login.needHelp", "Need Help?")</a></li>
</ul>
</div>
</div>
</div>

<!-- If SAML logout, complete the flow by adding a hidden iframe. -->
#if ( $profileRequestContext.getProfileId().contains("saml2/logout") )
<iframe style="display:none" src="$flowExecutionUrl&_eventId=proceed"></iframe>
#end

<footer>
<div class="container container-footer">
<p class="footer-text">#springMessageText("idp.footer", "Insert your footer text here.")</p>
</div>
</footer>
</div>

</body>
</html>
58 changes: 58 additions & 0 deletions test-compose/idp/container_files/config/shib-idp/views/logout-propagate.vm
View file
@@ -0,0 +1,58 @@
##
## Velocity Template for logout flow's concluding view-state (with propagation)
##
## Velocity context will contain the following properties
## flowExecutionUrl - the form action location
## flowRequestContext - the Spring Web Flow RequestContext
## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
## profileRequestContext - root of context tree
## logoutContext - context with SPSession details for logout operation
## multiRPContext - context with RelyingPartyContexts and possibly SP UI information from the metadata
## htmlEncoder - HTMLEncoder class
## urlEncoder - urlEncoder class
## codecUtil - CodecUtil class
## request - HttpServletRequest
## response - HttpServletResponse
## environment - Spring Environment object for property resolution
## custom - arbitrary object injected by deployer
##
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1.0">
<title>#springMessageText("idp.title", "Web Login Service")</title>
<link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/main.css">
<link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/logout.css">
</head>

<body>
<div class="wrapper">
<div class="container">
<header>
<img src="$request.getContextPath()#springMessage("idp.logo")" alt="#springMessageText("idp.logo.alt-text", "logo")">
</header>

<div class="content">
<div class="column one">
<p>#springMessageText("idp.logout.attempt", "Attempting to log out of the following services:")</p>
#parse("logout/propagate.vm")
</div>
<div class="column two">
<ul class="list list-help">
<li class="list-help-item"><a href="#springMessageText("idp.url.password.reset", '#')"><span class="item-marker">&rsaquo;</span> #springMessageText("idp.login.forgotPassword", "Forgot your password?")</a></li>
<li class="list-help-item"><a href="#springMessageText("idp.url.helpdesk", '#')"><span class="item-marker">&rsaquo;</span> #springMessageText("idp.login.needHelp", "Need Help?")</a></li>
</ul>
</div>
</div>
</div>

<footer>
<div class="container container-footer">
<p class="footer-text">#springMessageText("idp.footer", "Insert your footer text here.")</p>
</div>
</footer>
</div>

</body>
</html>
131 changes: 131 additions & 0 deletions test-compose/idp/container_files/config/shib-idp/views/logout.vm
View file
@@ -0,0 +1,131 @@
##
## Velocity Template for logout flow's starting view-state
##
## Velocity context will contain the following properties
## flowExecutionUrl - the form action location
## flowRequestContext - the Spring Web Flow RequestContext
## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
## profileRequestContext - root of context tree
## logoutContext - context with SPSession details for logout operation
## multiRPContext - context with RelyingPartyContexts and possibly SP UI information from the metadata
## encoder - HTMLEncoder class
## request - HttpServletRequest
## response - HttpServletResponse
## environment - Spring Environment object for property resolution
## custom - arbitrary object injected by deployer
##
#set ($rpContext = $profileRequestContext.getSubcontext("net.shibboleth.idp.profile.context.RelyingPartyContext"))
#if ($rpContext)
#set ($rpUIContext = $rpContext.getSubcontext("net.shibboleth.idp.ui.context.RelyingPartyUIContext"))
#end
#set ($promptForIdP = $logoutContext and !$logoutContext.getIdPSessions().isEmpty())
#set ($promptForSP = $logoutContext and !$logoutContext.getSessionMap().isEmpty())
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1.0">
#if ($promptForSP)
<meta http-equiv="refresh" content="10;url=$flowExecutionUrl&_eventId=propagate">
#elseif ($promptForIdP)
<meta http-equiv="refresh" content="10;url=$flowExecutionUrl&_eventId=local">
#end
<title>#springMessageText("idp.title", "Web Login Service")</title>
<link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/main.css">
</head>

<body>
<div class="wrapper">
<div class="container">
<header>
<img src="$request.getContextPath()#springMessage("idp.logo")" alt="#springMessageText("idp.logo.alt-text", "logo")">
</header>

<div class="content">
<div class="column one">
<p>This page is displayed when a logout operation at the Identity Provider completes. This page is an example
and should be customized. It is not fully internationalized because the presentation will be a highly localized
decision, and we don't have a good suggestion for a default.</p>
<br>

#if ($rpContext)
<p>#springMessageText("idp.logout.sp-initiated", "You have been logged out of the following service:")</p>
<blockquote>
#if ($rpUIContext)
$encoder.encodeForHTML($rpUIContext.getServiceName())
#else
$encoder.encodeForHTML($rpContext.getRelyingPartyId())
#end
</blockquote>
<br>
#end

#if ($promptForIdP or $promptForSP)
<p>#springMessageText("idp.logout.prompt", "Choose one of the following, or wait a few seconds for the default.")</p>
<br>

<form id="propagate_form" method="POST" action="$flowExecutionUrl">

<div class="form-element-wrapper">
<button id="logout_local" class="form-element form-button" type="submit" name="_eventId" value="local">#springMessageText("idp.logout.idponly", "Logout Locally")</button>
<p>#springMessageText("idp.logout.idponly.caption", "End your SSO session.")</p>
</div>
#end

#if ($promptForSP)
<div class="form-element-wrapper">
<button id="logout_propagate" class="form-element form-button" type="submit" name="_eventId" value="propagate">#springMessageText("idp.logout.global", "Logout Globally")</button>
<p>#springMessageText("idp.logout.global.caption", "End your SSO session and attempt logout of services accessed during session.")</p>
<br>
<p>#springMessageText("idp.logout.contactServices", "If instructed, the system will attempt to contact the following services:")</p>
<ol>
#foreach ($sp in $logoutContext.getSessionMap().keySet())
#set ($rpCtx = $multiRPContext.getRelyingPartyContextById($sp))
#if ($rpCtx)
#set ($rpUIContext = $rpCtx.getSubcontext("net.shibboleth.idp.ui.context.RelyingPartyUIContext"))
#end
#if ($rpUIContext and $rpUIContext.getServiceName())
<li>$encoder.encodeForHTML($rpUIContext.getServiceName())</li>
#else
<li>$encoder.encodeForHTML($sp)</li>
#end
#end
</ol>
<br>
</div>
#end

#if ($promptForIdP)
<div class="form-element-wrapper">
<button id="logout_cancel" class="form-element form-button" type="submit" name="_eventId" value="end">#springMessageText("idp.logout.cancel", "Cancel")</button>
<p>#springMessageText("idp.logout.cancel.caption", "Cancel logout and retain your SSO session.")</p>
</div>
#end

#if ($promptForIdP or $promptForSP)
</form>
#else
<p><strong>#springMessageText("idp.logout.complete", "The logout operation is complete, and no other services appear to have been accessed during this session.")</strong></p>
<!-- Complete the flow by adding a hidden iframe. -->
<iframe style="display:none" src="$flowExecutionUrl&_eventId=proceed"></iframe>
#end

</div>
<div class="column two">
<ul class="list list-help">
<li class="list-help-item"><a href="#springMessageText("idp.url.password.reset", '#')"><span class="item-marker">&rsaquo;</span> #springMessageText("idp.login.forgotPassword", "Forgot your password?")</a></li>
<li class="list-help-item"><a href="#springMessageText("idp.url.helpdesk", '#')"><span class="item-marker">&rsaquo;</span> #springMessageText("idp.login.needHelp", "Need Help?")</a></li>
</ul>
</div>
</div>
</div>

<footer>
<div class="container container-footer">
<p class="footer-text">#springMessageText("idp.footer", "Insert your footer text here.")</p>
</div>
</footer>
</div>

</body>
</html>
45 changes: 45 additions & 0 deletions test-compose/idp/container_files/config/shib-idp/views/user-prefs.js
View file
@@ -0,0 +1,45 @@
"use strict";

function createCookie(name, value, seconds) {
var date = new Date();
date.setTime(date.getTime() + (seconds * 1000));
var expires = "; expires=" + date.toGMTString();

var path = '$environment.getProperty("idp.cookie.path", $request.getContextPath())';
if (path.length > 0)
path = "; path=" + path;
document.cookie = name + "=" + value + expires + path;
}

function eraseCookie(name) {
createCookie(name, "", -31536000);
}

function readCookie(name) {
var nameEQ = name + "=";
var ca = document.cookie.split(';');
for (var i = 0; i < ca.length; i++) {
var c = ca[i];
while (c.charAt(0) == ' ')
c = c.substring(1, c.length);
if (c.indexOf(nameEQ) == 0)
return c.substring(nameEQ.length, c.length);
}
return null;
}

function load(id) {
var checkbox = document.getElementById(id);
if (checkbox != null) {
var spnego = readCookie(checkbox.name);
checkbox.checked = (spnego == "1");
}
}

function check(checkbox) {
if (checkbox.checked) {
createCookie(checkbox.name, checkbox.value, $environment.getProperty("idp.cookie.maxAge","31536000"));
} else {
eraseCookie(checkbox.name);
}
}
60 changes: 60 additions & 0 deletions test-compose/idp/container_files/config/shib-idp/views/user-prefs.vm
View file
@@ -0,0 +1,60 @@
##
## Velocity Template for user preferences view
##
## Velocity context will contain the following properties
## request - HttpServletRequest
## response - HttpServletResponse
## environment - Spring Environment object for property resolution
## custom - arbitrary object injected by deployer
##
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1.0">
<title>#springMessageText("idp.userprefs.title", "Web Login Service") - #springMessageText("idp.userprefs.title.suffix", "Login Preferences")</title>
<link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/main.css">
<script language="Javascript">
<!--
#parse( "user-prefs.js" )
// -->
</script>
</head>
<body onLoad="document.getElementById('content').style.display='block'; load('spnego')">
<div class="wrapper">
<div class="container">
<header>
<img src="$request.getContextPath()#springMessage("idp.logo")" alt="#springMessageText("idp.logo.alt-text", "logo")">
<h3>#springMessageText("idp.title", "Web Login Service") - #springMessageText("idp.userprefs.title.suffix", "Login Preferences")</h3>
<p>
#springMessage("idp.userprefs.info")
</p>
</header>

<noscript>
<div id="content" class="content">
$springMacroRequestContext.getMessage("idp.userprefs.no-js", "This feature requires Javascript.")
</div>
</noscript>

<div id="content" class="content" style="display:none">
<div class="form-element-wrapper">
<h4>#springMessageText("idp.userprefs.options", "The following options are available:")</h4>
</div>

<div class="form-element-wrapper">
<input type="checkbox" id="spnego" name="_idp_spnego_autologin" value="1" onClick="check(this)">
#springMessageText("idp.userprefs.spnego", "Automatically try desktop login when available.")
</div>
</div>
</div>

<footer>
<div class="container container-footer">
<p class="footer-text">#springMessageText("idp.footer", "Insert your footer text here.")</p>
</div>
</footer>
</div>

</body>
</html>
16 changes: 8 additions & 8 deletions tests/clairscan.sh
View file
@@ -15,12 +15,12 @@ else
fi

#if needed, ensure whitelist file
if [ ! -s ./centos7-clair-whitelist.yaml ]; then
echo 'downloading whitelist file...'
curl -s -L -o ./centos7-clair-whitelist.yaml https://github.internet2.edu/raw/docker/shib-idp/4.1.2_20210607/tests/centos7-clair-whitelist.yaml
else
echo 'using existing whitelist file...'
fi
#if [ ! -s ./centos7-clair-whitelist.yaml ]; then
# echo 'downloading whitelist file...'
# curl -s -L -o ./centos7-clair-whitelist.yaml https://github.internet2.edu/raw/docker/shib-idp/4.1.2_20210607/tests/centos7-clair-whitelist.yaml
#else
# echo 'using existing whitelist file...'
#fi

#ensure DB container
echo 'ensuring a fresh clair-db container...'
@@ -54,8 +54,8 @@ echo 'sending ip addr' ${clairip} 'to clair-scan server...'

#run scan
echo 'running scan...'
./clair-scanner -w centos7-clair-whitelist.yaml --ip ${clairip} $1
#./clair-scanner --ip ${clairip} $1
#./clair-scanner -w centos7-clair-whitelist.yaml --ip ${clairip} $1
./clair-scanner --ip ${clairip} $1
retcode=$?

#eval results

0 comments on commit 518950f

Please sign in to comment.