diff options
| author | Markus Krogh <markus@nordu.net> | 2017-10-02 14:20:48 +0200 |
|---|---|---|
| committer | Markus Krogh <markus@nordu.net> | 2017-10-02 14:20:48 +0200 |
| commit | aab254a9894c8d04679e7aeffcab22f35eeadf7d (patch) | |
| tree | 5462a2124adf3d4de99b107835b53ea3fd53d172 | |
| parent | 818063992c86ac7e6f6b085e6d97886a23af5512 (diff) | |
Rearange template files. Start on templating
| -rw-r--r-- | idp/Dockerfile | 7 | ||||
| -rwxr-xr-x | idp/shib-entrypoint.sh | 20 | ||||
| -rw-r--r-- | idp/templates/config/README.md (renamed from idp/template-config/README.md) | 0 | ||||
| -rw-r--r-- | idp/templates/config/attribute-filter.xml (renamed from idp/template-config/attribute-filter.xml) | 0 | ||||
| -rw-r--r-- | idp/templates/config/attribute-resolver.xml (renamed from idp/template-config/attribute-resolver.xml) | 0 | ||||
| -rw-r--r-- | idp/templates/config/edupersontargetdid.xml.add (renamed from idp/template-config/edupersontargetdid.xml.add) | 0 | ||||
| -rw-r--r-- | idp/templates/config/logback.xml (renamed from idp/template-config/logback.xml) | 0 | ||||
| -rw-r--r-- | idp/templates/config/metadata-providers.xml (renamed from idp/template-config/metadata-providers.xml) | 0 | ||||
| -rw-r--r-- | idp/templates/edit-webapp/css/NORDUnet.css | 302 | ||||
| -rw-r--r-- | idp/templates/edit-webapp/images/nordunet.png | bin | 0 -> 20823 bytes | |||
| -rw-r--r-- | idp/templates/views/layout.vm | 32 | ||||
| -rw-r--r-- | idp/templates/views/login.vm | 116 |
12 files changed, 472 insertions, 5 deletions
diff --git a/idp/Dockerfile b/idp/Dockerfile index ce4c0a9..b110812 100644 --- a/idp/Dockerfile +++ b/idp/Dockerfile @@ -7,7 +7,7 @@ COPY install.properties /opt/ COPY nordu-ldap.properties /opt/ COPY shibboleth-identity-provider-${IDP_VERSION}.tar.gz.sha256 /opt/ COPY shibboleth-identity-provider-${IDP_VERSION}.tar.gz /opt/ -COPY template-config/ /opt/template-config +COPY templates /opt/templates WORKDIR /opt RUN echo $(id) && apk --no-cache add bash apache-ant curl && \ #curl -O https://shibboleth.net/downloads/identity-provider/${IDP_VERSION}/shibboleth-identity-provider-${IDP_VERSION}.tar.gz && \ @@ -15,9 +15,12 @@ RUN echo $(id) && apk --no-cache add bash apache-ant curl && \ tar xf shibboleth-identity-provider-$IDP_VERSION.tar.gz && \ mv shibboleth-identity-provider-$IDP_VERSION shibboleth-identity-provider && \ ./shibboleth-identity-provider/bin/install.sh -propertyfile install.properties && \ + cp -a /opt/templates/edit-webapp/* /opt/shibboleth-idp/edit-webapp/ && \ + ./shibboleth-idp/bin/build.sh && \ apk --no-cache del apache-ant && \ cp -a /opt/shibboleth-idp/conf /opt/org-conf && \ - cp /opt/template-config/*.xml /opt/shibboleth-idp/conf && \ + cp /opt/templates/config/*.xml /opt/shibboleth-idp/conf && \ + cp -a /opt/templates/views/* /opt/shibboleth-idp/views/ && \ sed -i '/p:postAuthenticationFlows=/ s/p:postAuthenticationFlows="attribute-release" //' /opt/shibboleth-idp/conf/relying-party.xml && \ rm -rf shibboleth-identity-provider* install.properties nordu-ldap.properties ADD https://mds.swamid.se/md/md-signer2.crt /opt/shibboleth-idp/credentials/ diff --git a/idp/shib-entrypoint.sh b/idp/shib-entrypoint.sh index 7803c11..56ce16c 100755 --- a/idp/shib-entrypoint.sh +++ b/idp/shib-entrypoint.sh @@ -48,13 +48,15 @@ if [ -n "$IDP_PERSISTENTID_SALT" ]; then -e "/idp.persistentId.salt/ s/changethistosomethingrandom/$IDP_PERSISTENTID_SALT/" /opt/shibboleth-idp/conf/saml-nameid.properties # add xml conf to attribute-resolver if ! grep "%{idp.persistentId.sourceAttribute}" /opt/shibboleth-idp/conf/attribute-resolver.xml ; then - sed -i '/<!-- eduPersonTargetdID placeholder -->/r /opt/template-config/edupersontargetdid.xml.add' /opt/shibboleth-idp/conf/attribute-resolver.xml + sed -i '/<!-- eduPersonTargetdID placeholder -->/r /opt/templates/config/edupersontargetdid.xml.add' /opt/shibboleth-idp/conf/attribute-resolver.xml fi fi if [ -n "$IDP_DEBUG" ]; then - echo "idp.loglevel.messages=DEBUG" >> $IDP_PROPERTIES - echo "idp.loglevel.encryption=DEBUG" >> $IDP_PROPERTIES + if ! grep "idp.loglevel.messages=DEBUG" $IDP_PROPERTIES ; then + echo "idp.loglevel.messages=DEBUG" >> $IDP_PROPERTIES + echo "idp.loglevel.encryption=DEBUG" >> $IDP_PROPERTIES + fi fi DATADIR=/opt/data @@ -64,8 +66,20 @@ if [ -f ${DATADIR}/credentials/idp-signing.key -a -f ${DATADIR}/credentials/idp- cp ${DATADIR}/credentials/idp-signing.crt /opt/shibboleth-idp/credentials/idp-signing.crt fi +if [ -e ${DATADIR}/messages ]; then + cp $DATADIR/messages/* /opt/shibboleth-idp/messages/ +fi + if [ $IDP_DEBUG ]; then sed -i -e '/idp.loglevel.messages/ s/INFO/DEBUG/' -e '/idp.loglevel.encryption/ s/INFO/DEBUG/' /opt/shibboleth-idp/conf/logback.xml fi +# Styling/view properties +IDP_MESSAGES=/opt/shibboleth-idp/messages/messages.properties +if [ -n "$IDP_FOOTER" ]; then + if ! grep "idp.footer" $IDP_PROPERTIES; then + echo "idp.footer=$IDP_FOOTER" >> $IDP_PROPERTIES + fi +fi + /docker-entrypoint.sh java -jar /usr/local/jetty/start.jar $JAVA_OPTIONS diff --git a/idp/template-config/README.md b/idp/templates/config/README.md index 6002238..6002238 100644 --- a/idp/template-config/README.md +++ b/idp/templates/config/README.md diff --git a/idp/template-config/attribute-filter.xml b/idp/templates/config/attribute-filter.xml index 3514282..3514282 100644 --- a/idp/template-config/attribute-filter.xml +++ b/idp/templates/config/attribute-filter.xml diff --git a/idp/template-config/attribute-resolver.xml b/idp/templates/config/attribute-resolver.xml index 92fb1bb..92fb1bb 100644 --- a/idp/template-config/attribute-resolver.xml +++ b/idp/templates/config/attribute-resolver.xml diff --git a/idp/template-config/edupersontargetdid.xml.add b/idp/templates/config/edupersontargetdid.xml.add index 8601da6..8601da6 100644 --- a/idp/template-config/edupersontargetdid.xml.add +++ b/idp/templates/config/edupersontargetdid.xml.add diff --git a/idp/template-config/logback.xml b/idp/templates/config/logback.xml index 6afa4ef..6afa4ef 100644 --- a/idp/template-config/logback.xml +++ b/idp/templates/config/logback.xml diff --git a/idp/template-config/metadata-providers.xml b/idp/templates/config/metadata-providers.xml index d813c06..d813c06 100644 --- a/idp/template-config/metadata-providers.xml +++ b/idp/templates/config/metadata-providers.xml diff --git a/idp/templates/edit-webapp/css/NORDUnet.css b/idp/templates/edit-webapp/css/NORDUnet.css new file mode 100644 index 0000000..f7c3ef2 --- /dev/null +++ b/idp/templates/edit-webapp/css/NORDUnet.css @@ -0,0 +1,302 @@ +#wrapper { + width: 100%; + font-family: Arial, Helvetica, sans-serif; + font-size: 12px; + color: #000; + // background: #fff url('images/pipes_back.jpg') repeat-y top left; +} + +#top { + display: block; + width: 100%; + background: #00B2E4 url('images/top_back.gif') repeat-x bottom left; + overflow: hidden; + +} +#top_table { + margin:0; + padding:0; + margin-top: 33px; + width: 900px; + border-collapse: collapse; + margin-bottom: -1px; + + +} + +#top_table td { + vertical-align:bottom; +} + +#top_table td img { + margin-bottom: 20px; + display: block; + padding-right:10px; + +} + +#main_nav { + margin:0; + padding:0; + list-style:none; + color: #fff; + height: 40px; + display: block; + +} + +#main_nav li { + display: block; + float: left; + background: url('images/main_nav_left.gif') no-repeat bottom left; + padding: 0 0 0 11px; + +} +#main_nav li#selectedPage { + background: url('images/main_nav_left_selected.gif') no-repeat bottom left; +} +#main_nav li a { + display: block; + float: left; + padding: 0 11px 0 0; + height: 40px; + color: #fff; + text-decoration: none; + outline: 0; + background: url('images/main_nav_back.gif') no-repeat bottom right; +} + +#main_nav li#selectedPage a { + background: url('images/main_nav_back_selected.jpg') no-repeat bottom right; + color: #000; + +} +#main_nav li a span { + vertical-align: middle; + display: block; + padding-top: 10px; + +} + +#left { + clear: both; + background: #fff url('images/left_back.gif') repeat-y top left; + width: 200px; + float: left; +} + +#search_form { + padding-left: 8px; + width: 200px; + margin: 10px 0 20px 0; +} + +#search_form .input_image { + + vertical-align: middle; +} + +#nav { + + width: 200px; + font-size: 12px; + clear: both; +} + +#nav #intro { + width: 179px; + background: #fff url('images/intro_top.jpg') no-repeat top left; + padding: 15px 10px 1px 10px; +} + +#nav #intro_footer { + width: 199px; + height:27px; + background: #fff url('images/intro_bottom.jpg') no-repeat top left; +} + + +#nav ul.site_tree, +#nav ul.site_tree ul, +#nav ul.site_tree li { + margin: 0; + padding: 0; + list-style: none; + +} +#nav ul.site_tree { + background: transparent url(images/subnavback.gif) no-repeat bottom left; + padding-bottom:2px; +} + +#nav ul.site_tree a { + color: #4F4E4E; + text-decoration: none; + display: block; +} + +#nav ul.site_tree a:hover { + text-decoration: none; +} + +#nav ul.site_tree strong.level1 { + color: #000; + display: block; + background-color: #59BAE7; +} + +#nav ul.site_tree li.level2 { + background: transparent url(images/subnavback.gif) no-repeat top left; +} + + +#nav ul.site_tree a.level1, +#nav ul.site_tree strong.level1 { + padding:5px 0 5px 10px; + +} + +#nav ul.site_tree li.level2 { + display:block; + padding: 5px 0 2px 15px; +} + +#nav ul.site_tree a.level2 { + +} + +#nav #nav_pic { + display: block; + margin: 0; + padding: 0; +} + + +h1 { + font-size: 20px; + color: #004788; +} + +h2 { + font-size: 18px; + color: #004788; +} + +h3 { + font-size: 16px; + color: #004788; +} + +h4 { + font-size: 14px; + color: #004788; +} + +h5 { + font-size: 12px; + color: #004788; +} + +p { + font-size: 12px; + color: #004788; + +} + +ul { + font-size: 12px; + color: #004788; + +} + +#content { + margin-left: 200px; + padding: 20px; + width: auto; + line-height: 1.5em; +} + +#content table { + border-collapse: collapse; +} + +#content th { + background-color: #f0f0f0; + padding: 5px; + color: #036; +} + +#content td { + vertical-align: middle; + padding: 5px; +} + +*html #content table { width:99%; } + +#footer { + clear: both; + width: 100%; + height: 35px; + background-color: #D8D8D8; + border-top: 1px solid #989898; + border-bottom: 1px solid #989898; +} + +#footer p { + vertical-align: middle; + margin: 12px 10px 10px 200px; + font-size: 10px; + color: #848484; +} + +#footer img { + float: left; + margin: 0px 0px 0px 2px; +} + +hr { + border: 0; + color: #696969; + background-color:#696969; + height: 1px; +} + + +#intro img{ + padding-top: 5px; + border: none; +} + +/* Open trouble tickets */ +#opentickets { + margin-left: 200px; + padding: 0 20px 20px 20px; + width: auto; +} + +.blue { +background:#004788 none repeat scroll 0 0; +} + +.text { + font-size: 12px; + color: #004788; +} + +.group_heading { +color:#004788; +font-size:12px; +font-weight:bolder; +} + +.list_info { +background-color:#D9EFFA; +color:#004788; +padding:0.6em; +} + +.whitebold { +color:#FFFFFF; +font-size:12px; +font-weight:bold; +} diff --git a/idp/templates/edit-webapp/images/nordunet.png b/idp/templates/edit-webapp/images/nordunet.png Binary files differnew file mode 100644 index 0000000..9948f66 --- /dev/null +++ b/idp/templates/edit-webapp/images/nordunet.png diff --git a/idp/templates/views/layout.vm b/idp/templates/views/layout.vm new file mode 100644 index 0000000..7dca3b5 --- /dev/null +++ b/idp/templates/views/layout.vm @@ -0,0 +1,32 @@ +#macro(layout) +<!DOCTYPE html> +<html> + <head> + <meta charset="utf-8"> + <meta name="viewport" content="width=device-width,initial-scale=1.0"> + <title>$title - $titleSuffix</title> + <link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/main.css"> + </head> + + <body> + <div class="wrapper"> + <div class="container"> + <header> + <img src="$request.getContextPath()#springMessage("idp.logo")" alt="#springMessageText("idp.logo.alt-text", "logo")"> + #if ($titleSuffix) + <h3>#springMessageText("idp.title", "Web Login Service") - $titleSuffix</h3> + #end + </header> + <div class="content"> + $!bodyContent + </div> + </div> + <footer> + <div class="contatiner container-footer"> + <p class="footer-text">#springMessageText("idp.footer", "Your footer here.")</p> + </div> + </footer> + </div> + </body> +</html> +#end diff --git a/idp/templates/views/login.vm b/idp/templates/views/login.vm new file mode 100644 index 0000000..b4f02d0 --- /dev/null +++ b/idp/templates/views/login.vm @@ -0,0 +1,116 @@ +## +## Velocity Template for DisplayUsernamePasswordPage view-state +## +## Velocity context will contain the following properties +## flowExecutionUrl - the form action location +## flowRequestContext - the Spring Web Flow RequestContext +## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl) +## profileRequestContext - root of context tree +## authenticationContext - context with authentication request information +## authenticationErrorContext - context with login error state +## authenticationWarningContext - context with login warning state +## ldapResponseContext - context with LDAP state (if using native LDAP) +## rpUIContext - the context with SP UI information from the metadata +## extendedAuthenticationFlows - collection of "extended" AuthenticationFlowDescriptor objects +## passwordPrincipals - contents of the shibboleth.authn.Password.PrincipalOverride bean +## encoder - HTMLEncoder class +## request - HttpServletRequest +## response - HttpServletResponse +## environment - Spring Environment object for property resolution +## custom - arbitrary object injected by deployer +## +#set ($rpContext = $profileRequestContext.getSubcontext('net.shibboleth.idp.profile.context.RelyingPartyContext')) +#set ($username = $authenticationContext.getSubcontext('net.shibboleth.idp.authn.context.UsernamePasswordContext', true).getUsername()) +#set ($passwordEnabled = false) +#if (!$passwordPrincipals or $passwordPrincipals.isEmpty() or $authenticationContext.isAcceptable($passwordPrincipals)) + #set ($passwordEnabled = true) +#end +## +#parse("layout.vm") + +#@layout() + <div class="column one"> + #parse("login-error.vm") + + <form action="$flowExecutionUrl" method="post"> + + #set ($serviceName = $rpUIContext.serviceName) + #if ($serviceName && !$rpContext.getRelyingPartyId().contains($serviceName)) + <legend> + #springMessageText("idp.login.loginTo", "Login to") $encoder.encodeForHTML($serviceName) + </legend> + #end + + #if ($passwordEnabled) + <div class="form-element-wrapper"> + <label for="username">#springMessageText("idp.login.username", "Username")</label> + <input class="form-element form-field" id="username" name="j_username" type="text" + value="#if($username)$encoder.encodeForHTML($username)#end"> + </div> + + <div class="form-element-wrapper"> + <label for="password">#springMessageText("idp.login.password", "Password")</label> + <input class="form-element form-field" id="password" name="j_password" type="password" value=""> + </div> + + <div class="form-element-wrapper"> + <input type="checkbox" name="donotcache" value="1" id="donotcache"> + <label for="donotcache">#springMessageText("idp.login.donotcache", "Don't Remember Login")</label> + </div> + #end + + <div class="form-element-wrapper"> + <input id="_shib_idp_revokeConsent" type="checkbox" name="_shib_idp_revokeConsent" value="true"> + <label for="_shib_idp_revokeConsent">#springMessageText("idp.attribute-release.revoke", "Clear prior granting of permission for release of your information to this service.")</label> + </div> + + #if ($passwordEnabled) + <div class="form-element-wrapper"> + <button class="form-element form-button" type="submit" name="_eventId_proceed" + onClick="this.childNodes[0].nodeValue='#springMessageText("idp.login.pleasewait", "Logging in, please wait...")'" + >#springMessageText("idp.login.login", "Login")</button> + </div> + #end + + #foreach ($extFlow in $extendedAuthenticationFlows) + #if ($authenticationContext.isAcceptable($extFlow) and $extFlow.apply(profileRequestContext)) + <div class="form-element-wrapper"> + <button class="form-element form-button" type="submit" name="_eventId_$extFlow.getId()"> + #springMessageText("idp.login.$extFlow.getId().replace('authn/','')", $extFlow.getId().replace('authn/','')) + </button> + </div> + #end + #end + </form> + + #* + // + // SP Description & Logo (optional) + // These idpui lines will display added information (if available + // in the metadata) about the Service Provider (SP) that requested + // authentication. These idpui lines are "active" in this example + // (not commented out) - this extra SP info will be displayed. + // Remove or comment out these lines to stop the display of the + // added SP information. + // + *# + #set ($logo = $rpUIContext.getLogo()) + #if ($logo) + <img src= "$encoder.encodeForHTMLAttribute($logo)" + alt="$encoder.encodeForHTMLAttribute($serviceName)"> + #end + #set ($desc = $rpUIContext.getServiceDescription()) + #if ($desc) + $encoder.encodeForHTML($desc) + #end + + </div> + <div class="column two"> + <ul class="list list-help"> + #if ($passwordEnabled) + <li class="list-help-item"><a href="#springMessageText("idp.url.password.reset", "#")"><span class="item-marker">›</span> #springMessageText("idp.login.forgotPassword", "Forgot your password?")</a></li> + #end + <li class="list-help-item"><a href="#springMessageText("idp.url.helpdesk", "#")"><span class="item-marker">›</span> #springMessageText("idp.login.needHelp", "Need Help?")</a></li> + </ul> + </div> +#end |
