Skip to content
Snippets Groups Projects
Verified Commit c49bfd80 authored by Pavel Břoušek's avatar Pavel Břoušek
Browse files

feat: realm option for GetMfaTokensPrivacyIDEA

allows service account in non-default realm
parent b4d04d9b
No related branches found
No related tags found
1 merge request!31Improvements for problematic situations
...@@ -38,6 +38,7 @@ Use this filter to read user mfa tokens from PrivacyIDEA server to state attribu ...@@ -38,6 +38,7 @@ Use this filter to read user mfa tokens from PrivacyIDEA server to state attribu
'tokens_Attr' => 'privacyIDEATokens', 'tokens_Attr' => 'privacyIDEATokens',
'privacy_idea_username' => 'admin', 'privacy_idea_username' => 'admin',
'privacy_idea_passwd' => 'secret', 'privacy_idea_passwd' => 'secret',
//'privacy_idea_realm' => 'superadminrealm', // optional
'privacy_idea_domain' => 'https://mfa.id.muni.cz', 'privacy_idea_domain' => 'https://mfa.id.muni.cz',
'tokens_type' => [ 'tokens_type' => [
'TOTP', 'TOTP',
......
...@@ -22,6 +22,8 @@ class GetMfaTokensPrivacyIDEA extends \SimpleSAML\Auth\ProcessingFilter ...@@ -22,6 +22,8 @@ class GetMfaTokensPrivacyIDEA extends \SimpleSAML\Auth\ProcessingFilter
private $privacy_idea_passwd; private $privacy_idea_passwd;
private $privacy_idea_realm;
private $privacy_idea_domain; private $privacy_idea_domain;
private $tokens_type = ['TOTP', 'WebAuthn']; private $tokens_type = ['TOTP', 'WebAuthn'];
...@@ -42,6 +44,7 @@ class GetMfaTokensPrivacyIDEA extends \SimpleSAML\Auth\ProcessingFilter ...@@ -42,6 +44,7 @@ class GetMfaTokensPrivacyIDEA extends \SimpleSAML\Auth\ProcessingFilter
$this->tokens_attr = $config->getString('tokens_Attr', $this->tokens_attr); $this->tokens_attr = $config->getString('tokens_Attr', $this->tokens_attr);
$this->privacy_idea_username = $config->getString('privacy_idea_username'); $this->privacy_idea_username = $config->getString('privacy_idea_username');
$this->privacy_idea_passwd = $config->getString('privacy_idea_passwd'); $this->privacy_idea_passwd = $config->getString('privacy_idea_passwd');
$this->privacy_idea_realm = $config->getString('privacy_idea_realm', null);
$this->privacy_idea_domain = $config->getString('privacy_idea_domain'); $this->privacy_idea_domain = $config->getString('privacy_idea_domain');
$this->tokens_type = $config->getArray('tokens_type', $this->tokens_type); $this->tokens_type = $config->getArray('tokens_type', $this->tokens_type);
$this->user_attribute = $config->getString('user_attribute', $this->user_attribute); $this->user_attribute = $config->getString('user_attribute', $this->user_attribute);
...@@ -98,6 +101,9 @@ class GetMfaTokensPrivacyIDEA extends \SimpleSAML\Auth\ProcessingFilter ...@@ -98,6 +101,9 @@ class GetMfaTokensPrivacyIDEA extends \SimpleSAML\Auth\ProcessingFilter
'username' => $this->privacy_idea_username, 'username' => $this->privacy_idea_username,
'password' => $this->privacy_idea_passwd, 'password' => $this->privacy_idea_passwd,
]; ];
if (null !== $this->privacy_idea_realm) {
$data['realm'] = $this->privacy_idea_realm;
}
$ch = curl_init(); $ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $this->privacy_idea_domain . '/auth'); curl_setopt($ch, CURLOPT_URL, $this->privacy_idea_domain . '/auth');
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment