IntenseWebs/mattermost
3
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2025-02-25 18:55:24 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
fb55d9cc7d8f157aabece5ca43bacede5616523c
mattermost/api4/saml.go
Harrison Healey fb6f2a123c PLT-5860 Updated copyright date (#6058) 
* PLT-5860 Updated copyright date in about modal

* PLT-5860 Updated copyright notice in JSX files

* PLT-5860 Updated copyright notice in go files

* Fixed misc copyright dates

* Fixed component snapshots
2017-04-12 08:27:57 -04:00

172 lines
4.8 KiB
Go
Raw Blame History

// Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved.
// See License.txt for license information.
package api4
import (
"mime/multipart"
"net/http"
l4g "github.com/alecthomas/log4go"
"github.com/mattermost/platform/app"
"github.com/mattermost/platform/model"
"github.com/mattermost/platform/utils"
)
func InitSaml() {
l4g.Debug(utils.T("api.saml.init.debug"))
BaseRoutes.SAML.Handle("/metadata", ApiHandler(getSamlMetadata)).Methods("GET")
BaseRoutes.SAML.Handle("/certificate/public", ApiSessionRequired(addSamlPublicCertificate)).Methods("POST")
BaseRoutes.SAML.Handle("/certificate/private", ApiSessionRequired(addSamlPrivateCertificate)).Methods("POST")
BaseRoutes.SAML.Handle("/certificate/idp", ApiSessionRequired(addSamlIdpCertificate)).Methods("POST")
BaseRoutes.SAML.Handle("/certificate/public", ApiSessionRequired(removeSamlPublicCertificate)).Methods("DELETE")
BaseRoutes.SAML.Handle("/certificate/private", ApiSessionRequired(removeSamlPrivateCertificate)).Methods("DELETE")
BaseRoutes.SAML.Handle("/certificate/idp", ApiSessionRequired(removeSamlIdpCertificate)).Methods("DELETE")
BaseRoutes.SAML.Handle("/certificate/status", ApiSessionRequired(getSamlCertificateStatus)).Methods("GET")
}
func getSamlMetadata(c *Context, w http.ResponseWriter, r *http.Request) {
metadata, err := app.GetSamlMetadata()
if err != nil {
c.Err = err
return
}
w.Header().Set("Content-Type", "application/xml")
w.Header().Set("Content-Disposition", "attachment; filename=\"metadata.xml\"")
w.Write([]byte(metadata))
}
func parseSamlCertificateRequest(r *http.Request) (*multipart.FileHeader, *model.AppError) {
err := r.ParseMultipartForm(*utils.Cfg.FileSettings.MaxFileSize)
if err != nil {
return nil, model.NewAppError("addSamlCertificate", "api.admin.add_certificate.no_file.app_error", nil, err.Error(), http.StatusBadRequest)
}
m := r.MultipartForm
fileArray, ok := m.File["certificate"]
if !ok {
return nil, model.NewAppError("addSamlCertificate", "api.admin.add_certificate.no_file.app_error", nil, "", http.StatusBadRequest)
}
if len(fileArray) <= 0 {
return nil, model.NewAppError("addSamlCertificate", "api.admin.add_certificate.array.app_error", nil, "", http.StatusBadRequest)
}
return fileArray[0], nil
}
func addSamlPublicCertificate(c *Context, w http.ResponseWriter, r *http.Request) {
if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
return
}
fileData, err := parseSamlCertificateRequest(r)
if err != nil {
c.Err = err
return
}
if err := app.AddSamlPublicCertificate(fileData); err != nil {
c.Err = err
return
}
ReturnStatusOK(w)
}
func addSamlPrivateCertificate(c *Context, w http.ResponseWriter, r *http.Request) {
if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
return
}
fileData, err := parseSamlCertificateRequest(r)
if err != nil {
c.Err = err
return
}
if err := app.AddSamlPrivateCertificate(fileData); err != nil {
c.Err = err
return
}
ReturnStatusOK(w)
}
func addSamlIdpCertificate(c *Context, w http.ResponseWriter, r *http.Request) {
if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
return
}
fileData, err := parseSamlCertificateRequest(r)
if err != nil {
c.Err = err
return
}
if err := app.AddSamlIdpCertificate(fileData); err != nil {
c.Err = err
return
}
ReturnStatusOK(w)
}
func removeSamlPublicCertificate(c *Context, w http.ResponseWriter, r *http.Request) {
if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
return
}
if err := app.RemoveSamlPublicCertificate(); err != nil {
c.Err = err
return
}
ReturnStatusOK(w)
}
func removeSamlPrivateCertificate(c *Context, w http.ResponseWriter, r *http.Request) {
if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
return
}
if err := app.RemoveSamlPrivateCertificate(); err != nil {
c.Err = err
return
}
ReturnStatusOK(w)
}
func removeSamlIdpCertificate(c *Context, w http.ResponseWriter, r *http.Request) {
if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
return
}
if err := app.RemoveSamlIdpCertificate(); err != nil {
c.Err = err
return
}
ReturnStatusOK(w)
}
func getSamlCertificateStatus(c *Context, w http.ResponseWriter, r *http.Request) {
if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
return
}
status := app.GetSamlCertificateStatus()
w.Write([]byte(status.ToJson()))
}
Reference in New Issue View Git Blame Copy Permalink