github.com/psyb0t/mattermost-server@v4.6.1-0.20180125161845-5503a1351abf+incompatible/app/saml.go (about) 1 // Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved. 2 // See License.txt for license information. 3 4 package app 5 6 import ( 7 "io" 8 "mime/multipart" 9 "net/http" 10 "os" 11 12 "path/filepath" 13 14 "github.com/mattermost/mattermost-server/model" 15 "github.com/mattermost/mattermost-server/utils" 16 ) 17 18 func (a *App) GetSamlMetadata() (string, *model.AppError) { 19 if a.Saml == nil { 20 err := model.NewAppError("GetSamlMetadata", "api.admin.saml.not_available.app_error", nil, "", http.StatusNotImplemented) 21 return "", err 22 } 23 24 if result, err := a.Saml.GetMetadata(); err != nil { 25 return "", model.NewAppError("GetSamlMetadata", "api.admin.saml.metadata.app_error", nil, "err="+err.Message, err.StatusCode) 26 } else { 27 return result, nil 28 } 29 } 30 31 func WriteSamlFile(fileData *multipart.FileHeader) *model.AppError { 32 filename := filepath.Base(fileData.Filename) 33 34 if filename == "." || filename == string(filepath.Separator) { 35 return model.NewAppError("AddSamlCertificate", "api.admin.add_certificate.saving.app_error", nil, "", http.StatusBadRequest) 36 } 37 38 file, err := fileData.Open() 39 if err != nil { 40 return model.NewAppError("AddSamlCertificate", "api.admin.add_certificate.open.app_error", nil, err.Error(), http.StatusInternalServerError) 41 } 42 defer file.Close() 43 44 configDir, _ := utils.FindDir("config") 45 out, err := os.Create(configDir + filename) 46 if err != nil { 47 return model.NewAppError("AddSamlCertificate", "api.admin.add_certificate.saving.app_error", nil, err.Error(), http.StatusInternalServerError) 48 } 49 defer out.Close() 50 51 io.Copy(out, file) 52 return nil 53 } 54 55 func (a *App) AddSamlPublicCertificate(fileData *multipart.FileHeader) *model.AppError { 56 if err := WriteSamlFile(fileData); err != nil { 57 return err 58 } 59 60 cfg := a.Config().Clone() 61 *cfg.SamlSettings.PublicCertificateFile = fileData.Filename 62 63 if err := cfg.IsValid(); err != nil { 64 return err 65 } 66 67 a.UpdateConfig(func(dest *model.Config) { *dest = *cfg }) 68 a.PersistConfig() 69 70 return nil 71 } 72 73 func (a *App) AddSamlPrivateCertificate(fileData *multipart.FileHeader) *model.AppError { 74 if err := WriteSamlFile(fileData); err != nil { 75 return err 76 } 77 78 cfg := a.Config().Clone() 79 *cfg.SamlSettings.PrivateKeyFile = fileData.Filename 80 81 if err := cfg.IsValid(); err != nil { 82 return err 83 } 84 85 a.UpdateConfig(func(dest *model.Config) { *dest = *cfg }) 86 a.PersistConfig() 87 88 return nil 89 } 90 91 func (a *App) AddSamlIdpCertificate(fileData *multipart.FileHeader) *model.AppError { 92 if err := WriteSamlFile(fileData); err != nil { 93 return err 94 } 95 96 cfg := a.Config().Clone() 97 *cfg.SamlSettings.IdpCertificateFile = fileData.Filename 98 99 if err := cfg.IsValid(); err != nil { 100 return err 101 } 102 103 a.UpdateConfig(func(dest *model.Config) { *dest = *cfg }) 104 a.PersistConfig() 105 106 return nil 107 } 108 109 func RemoveSamlFile(filename string) *model.AppError { 110 filename = filepath.Base(filename) 111 112 if filename == "." || filename == string(filepath.Separator) { 113 return model.NewAppError("AddSamlCertificate", "api.admin.remove_certificate.delete.app_error", nil, "", http.StatusBadRequest) 114 } 115 116 if err := os.Remove(utils.FindConfigFile(filename)); err != nil { 117 return model.NewAppError("removeCertificate", "api.admin.remove_certificate.delete.app_error", map[string]interface{}{"Filename": filename}, err.Error(), http.StatusInternalServerError) 118 } 119 120 return nil 121 } 122 123 func (a *App) RemoveSamlPublicCertificate() *model.AppError { 124 if err := RemoveSamlFile(*a.Config().SamlSettings.PublicCertificateFile); err != nil { 125 return err 126 } 127 128 cfg := a.Config().Clone() 129 *cfg.SamlSettings.PublicCertificateFile = "" 130 *cfg.SamlSettings.Encrypt = false 131 132 if err := cfg.IsValid(); err != nil { 133 return err 134 } 135 136 a.UpdateConfig(func(dest *model.Config) { *dest = *cfg }) 137 a.PersistConfig() 138 139 return nil 140 } 141 142 func (a *App) RemoveSamlPrivateCertificate() *model.AppError { 143 if err := RemoveSamlFile(*a.Config().SamlSettings.PrivateKeyFile); err != nil { 144 return err 145 } 146 147 cfg := a.Config().Clone() 148 *cfg.SamlSettings.PrivateKeyFile = "" 149 *cfg.SamlSettings.Encrypt = false 150 151 if err := cfg.IsValid(); err != nil { 152 return err 153 } 154 155 a.UpdateConfig(func(dest *model.Config) { *dest = *cfg }) 156 a.PersistConfig() 157 158 return nil 159 } 160 161 func (a *App) RemoveSamlIdpCertificate() *model.AppError { 162 if err := RemoveSamlFile(*a.Config().SamlSettings.IdpCertificateFile); err != nil { 163 return err 164 } 165 166 cfg := a.Config().Clone() 167 *cfg.SamlSettings.IdpCertificateFile = "" 168 *cfg.SamlSettings.Enable = false 169 170 if err := cfg.IsValid(); err != nil { 171 return err 172 } 173 174 a.UpdateConfig(func(dest *model.Config) { *dest = *cfg }) 175 a.PersistConfig() 176 177 return nil 178 } 179 180 func (a *App) GetSamlCertificateStatus() *model.SamlCertificateStatus { 181 status := &model.SamlCertificateStatus{} 182 183 status.IdpCertificateFile = utils.FileExistsInConfigFolder(*a.Config().SamlSettings.IdpCertificateFile) 184 status.PrivateKeyFile = utils.FileExistsInConfigFolder(*a.Config().SamlSettings.PrivateKeyFile) 185 status.PublicCertificateFile = utils.FileExistsInConfigFolder(*a.Config().SamlSettings.PublicCertificateFile) 186 187 return status 188 }