From 57027644115df634749e846ccba74eb92af305ab Mon Sep 17 00:00:00 2001 From: Denis Leemann Date: Tue, 15 Jun 2021 14:28:03 +0200 Subject: [PATCH 1/6] [ADD] auth_saml_enviroment --- auth_saml_environment/README.rst | 118 +++++ auth_saml_environment/__init__.py | 2 + auth_saml_environment/__manifest__.py | 20 + auth_saml_environment/controllers/__init__.py | 1 + auth_saml_environment/controllers/main.py | 16 + .../i18n/auth_saml_environment.pot | 49 ++ auth_saml_environment/models/__init__.py | 1 + .../models/auth_saml_provider.py | 44 ++ auth_saml_environment/readme/CONFIGURE.rst | 18 + auth_saml_environment/readme/CONTRIBUTORS.rst | 2 + auth_saml_environment/readme/DESCRIPTION.rst | 1 + auth_saml_environment/readme/INSTALL.rst | 2 + auth_saml_environment/readme/ROADMAP.rst | 2 + auth_saml_environment/readme/USAGE.rst | 6 + .../static/description/icon.png | Bin 0 -> 9455 bytes .../static/description/index.html | 458 ++++++++++++++++++ auth_saml_environment/tests/__init__.py | 1 + .../tests/test_environment_variable.py | 35 ++ .../views/saml_provider_view.xml | 26 + 19 files changed, 802 insertions(+) create mode 100644 auth_saml_environment/README.rst create mode 100644 auth_saml_environment/__init__.py create mode 100644 auth_saml_environment/__manifest__.py create mode 100644 auth_saml_environment/controllers/__init__.py create mode 100644 auth_saml_environment/controllers/main.py create mode 100644 auth_saml_environment/i18n/auth_saml_environment.pot create mode 100644 auth_saml_environment/models/__init__.py create mode 100644 auth_saml_environment/models/auth_saml_provider.py create mode 100644 auth_saml_environment/readme/CONFIGURE.rst create mode 100644 auth_saml_environment/readme/CONTRIBUTORS.rst create mode 100644 auth_saml_environment/readme/DESCRIPTION.rst create mode 100644 auth_saml_environment/readme/INSTALL.rst create mode 100644 auth_saml_environment/readme/ROADMAP.rst create mode 100644 auth_saml_environment/readme/USAGE.rst create mode 100644 auth_saml_environment/static/description/icon.png create mode 100644 auth_saml_environment/static/description/index.html create mode 100644 auth_saml_environment/tests/__init__.py create mode 100644 auth_saml_environment/tests/test_environment_variable.py create mode 100644 auth_saml_environment/views/saml_provider_view.xml diff --git a/auth_saml_environment/README.rst b/auth_saml_environment/README.rst new file mode 100644 index 0000000..93125a3 --- /dev/null +++ b/auth_saml_environment/README.rst @@ -0,0 +1,118 @@ +====================== +Auth SAML environement +====================== + +.. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + !! This file is generated by oca-gen-addon-readme !! + !! changes will be overwritten. !! + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + +.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png + :target: https://odoo-community.org/page/development-status + :alt: Beta +.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png + :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html + :alt: License: AGPL-3 +.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--env-lightgray.png?logo=github + :target: https://github.com/OCA/server-env/tree/14.0/auth_saml_environment + :alt: OCA/server-env +.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png + :target: https://translation.odoo-community.org/projects/server-env-14-0/server-env-14-0-auth_saml_environment + :alt: Translate me on Weblate +.. |badge5| image:: https://img.shields.io/badge/runbot-Try%20me-875A7B.png + :target: https://runbot.odoo-community.org/runbot/254/14.0 + :alt: Try me on Runbot + +|badge1| |badge2| |badge3| |badge4| |badge5| + +This module allows to use server env for SAML configuration + +**Table of contents** + +.. contents:: + :local: + +Installation +============ + +To install this module, you need to have the following modules installed and +properly configured: `server_environment module` `auth_saml` + +Configuration +============= + +To configure this module, you need to: + +Create a module server_environment_file with a cfg file or set the environment variable +SERVER_ENV_CONFIG with the following section: + +[auth_saml_provider.] + +Where is optional and must be equal to the name field you defined in Odoo for the IDP. + + +Example of configuration + +[auth_saml_provider.my_idp] + +idp_metadata=<...> +sp_baseurl=https://odoo-community.org +sp_pem_public_path=/data/cert.pem +sp_pem_private_path=/data/key.pem + +Usage +===== + +Once configured, Odoo will read the Auth SAML Providers values from the +configuration. + +Note that visibility of login button for SAML is changed and differs from `auth_saml` module, +instead of relying on which fields are filled or not, all providers will be displayed as long +as their configuration in Odoo are set to active. + +Known issues / Roadmap +====================== + +* Due to the special nature of this addon, you cannot test it on the OCA + runbot. + +Bug Tracker +=========== + +Bugs are tracked on `GitHub Issues `_. +In case of trouble, please check there if your issue has already been reported. +If you spotted it first, help us smashing it by providing a detailed and welcomed +`feedback `_. + +Do not contact contributors directly about support or help with technical issues. + +Credits +======= + +Authors +~~~~~~~ + +* Camptocamp SA + +Contributors +~~~~~~~~~~~~ + +* Denis Leemann +* Yannick Vaucher + +Maintainers +~~~~~~~~~~~ + +This module is maintained by the OCA. + +.. image:: https://odoo-community.org/logo.png + :alt: Odoo Community Association + :target: https://odoo-community.org + +OCA, or the Odoo Community Association, is a nonprofit organization whose +mission is to support the collaborative development of Odoo features and +promote its widespread use. + +This module is part of the `OCA/server-env `_ project on GitHub. + +You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute. diff --git a/auth_saml_environment/__init__.py b/auth_saml_environment/__init__.py new file mode 100644 index 0000000..f7209b1 --- /dev/null +++ b/auth_saml_environment/__init__.py @@ -0,0 +1,2 @@ +from . import models +from . import controllers diff --git a/auth_saml_environment/__manifest__.py b/auth_saml_environment/__manifest__.py new file mode 100644 index 0000000..fc30a3b --- /dev/null +++ b/auth_saml_environment/__manifest__.py @@ -0,0 +1,20 @@ +# Copyright 2021 Camptocamp SA (http://www.camptocamp.ch) +# License AGPL-3 - See http://www.gnu.org/licenses/agpl-3.0.html + +{ + "name": "Auth SAML environement", + "summary": "Allows system administrator to authenticate with any account", + "version": "14.0.1.0.0", + "category": "base", + "author": "Camptocamp SA,Odoo Community Association (OCA)", + "website": "https://github.com/OCA/server-env", + "license": "AGPL-3", + "depends": [ + "auth_saml", + "server_environment", + ], + "data": [ + "views/saml_provider_view.xml", + ], + "installable": True, +} diff --git a/auth_saml_environment/controllers/__init__.py b/auth_saml_environment/controllers/__init__.py new file mode 100644 index 0000000..12a7e52 --- /dev/null +++ b/auth_saml_environment/controllers/__init__.py @@ -0,0 +1 @@ +from . import main diff --git a/auth_saml_environment/controllers/main.py b/auth_saml_environment/controllers/main.py new file mode 100644 index 0000000..3bed7b2 --- /dev/null +++ b/auth_saml_environment/controllers/main.py @@ -0,0 +1,16 @@ +# Copyright 2021 Camptocamp SA +# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl) +from odoo.addons.auth_saml.controllers.main import SAMLLogin + + +class SAMLLoginEnv(SAMLLogin): + def _list_saml_providers_domain(self): + """OVERWRITE domain to return all active IDP + + The configuration of an IDP doesn't rely anymore on + sp_pem_public and sp_pem_private as those could be + set through sp_pem_private_path and sp_pem_public_path. + + Keeping it simple by relying only on the active field. + """ + return [] diff --git a/auth_saml_environment/i18n/auth_saml_environment.pot b/auth_saml_environment/i18n/auth_saml_environment.pot new file mode 100644 index 0000000..9040eff --- /dev/null +++ b/auth_saml_environment/i18n/auth_saml_environment.pot @@ -0,0 +1,49 @@ +# Translation of Odoo Server. +# This file contains the translation of the following modules: +# * auth_saml_environment +# +msgid "" +msgstr "" +"Project-Id-Version: Odoo Server 14.0\n" +"Report-Msgid-Bugs-To: \n" +"Last-Translator: \n" +"Language-Team: \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: \n" +"Plural-Forms: \n" + +#. module: auth_saml_environment +#: model:ir.model.fields,field_description:auth_saml_environment.field_auth_saml_provider__display_name +msgid "Display Name" +msgstr "" + +#. module: auth_saml_environment +#: model:ir.model.fields,field_description:auth_saml_environment.field_auth_saml_provider__id +msgid "ID" +msgstr "" + +#. module: auth_saml_environment +#: model:ir.model.fields,field_description:auth_saml_environment.field_auth_saml_provider____last_update +msgid "Last Modified on" +msgstr "" + +#. module: auth_saml_environment +#: model:ir.model,name:auth_saml_environment.model_auth_saml_provider +msgid "SAML2 provider" +msgstr "" + +#. module: auth_saml_environment +#: model:ir.model.fields,field_description:auth_saml_environment.field_auth_saml_provider__server_env_defaults +msgid "Server Env Defaults" +msgstr "" + +#. module: auth_saml_environment +#: model:ir.model.fields,field_description:auth_saml_environment.field_auth_saml_provider__sp_pem_private_path +msgid "sp_pem_private_path env config value" +msgstr "" + +#. module: auth_saml_environment +#: model:ir.model.fields,field_description:auth_saml_environment.field_auth_saml_provider__sp_pem_public_path +msgid "sp_pem_public_path env config value" +msgstr "" diff --git a/auth_saml_environment/models/__init__.py b/auth_saml_environment/models/__init__.py new file mode 100644 index 0000000..d7324d4 --- /dev/null +++ b/auth_saml_environment/models/__init__.py @@ -0,0 +1 @@ +from . import auth_saml_provider diff --git a/auth_saml_environment/models/auth_saml_provider.py b/auth_saml_environment/models/auth_saml_provider.py new file mode 100644 index 0000000..88883b3 --- /dev/null +++ b/auth_saml_environment/models/auth_saml_provider.py @@ -0,0 +1,44 @@ +# Copyright 2021 Camptocamp SA +# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl) + +from odoo import api, fields, models + + +class AuthSamlProvider(models.Model): + _name = "auth.saml.provider" + _inherit = ["auth.saml.provider", "server.env.mixin"] + + sp_pem_public_path = fields.Char( + string="sp_pem_public_path env config value", + ) + + sp_pem_private_path = fields.Char( + string="sp_pem_private_path env config value", + ) + + @property + def _server_env_fields(self): + base_fields = super()._server_env_fields + auth_saml_fields = { + "idp_metadata": {}, + "sp_baseurl": {}, + "sp_pem_public_path": {}, + "sp_pem_private_path": {}, + } + auth_saml_fields.update(base_fields) + return auth_saml_fields + + @api.model + def _server_env_global_section_name(self): + """Name of the global section in the configuration files + Can be customized in your model + """ + return "auth_saml_provider" + + def _get_cert_key_path(self, field="sp_pem_public"): + # If the setup is done in env, we want to bypass the base method + if self.sp_pem_public_path and field == "sp_pem_public": + return self.sp_pem_public_path + if self.sp_pem_private_path and field == "sp_pem_private": + return self.sp_pem_private_path + return super()._get_cert_key_path(field) diff --git a/auth_saml_environment/readme/CONFIGURE.rst b/auth_saml_environment/readme/CONFIGURE.rst new file mode 100644 index 0000000..d21de60 --- /dev/null +++ b/auth_saml_environment/readme/CONFIGURE.rst @@ -0,0 +1,18 @@ +To configure this module, you need to: + +Create a module server_environment_file with a cfg file or set the environment variable +SERVER_ENV_CONFIG with the following section: + +[auth_saml_provider.] + +Where is optional and must be equal to the name field you defined in Odoo for the IDP. + + +Example of configuration + +[auth_saml_provider.my_idp] + +idp_metadata=<...> +sp_baseurl=https://odoo-community.org +sp_pem_public_path=/data/cert.pem +sp_pem_private_path=/data/key.pem diff --git a/auth_saml_environment/readme/CONTRIBUTORS.rst b/auth_saml_environment/readme/CONTRIBUTORS.rst new file mode 100644 index 0000000..99bb39f --- /dev/null +++ b/auth_saml_environment/readme/CONTRIBUTORS.rst @@ -0,0 +1,2 @@ +* Denis Leemann +* Yannick Vaucher diff --git a/auth_saml_environment/readme/DESCRIPTION.rst b/auth_saml_environment/readme/DESCRIPTION.rst new file mode 100644 index 0000000..8c7db20 --- /dev/null +++ b/auth_saml_environment/readme/DESCRIPTION.rst @@ -0,0 +1 @@ +This module allows to use server env for SAML configuration diff --git a/auth_saml_environment/readme/INSTALL.rst b/auth_saml_environment/readme/INSTALL.rst new file mode 100644 index 0000000..8e5864e --- /dev/null +++ b/auth_saml_environment/readme/INSTALL.rst @@ -0,0 +1,2 @@ +To install this module, you need to have the following modules installed and +properly configured: `server_environment module` `auth_saml` diff --git a/auth_saml_environment/readme/ROADMAP.rst b/auth_saml_environment/readme/ROADMAP.rst new file mode 100644 index 0000000..647e064 --- /dev/null +++ b/auth_saml_environment/readme/ROADMAP.rst @@ -0,0 +1,2 @@ +* Due to the special nature of this addon, you cannot test it on the OCA + runbot. diff --git a/auth_saml_environment/readme/USAGE.rst b/auth_saml_environment/readme/USAGE.rst new file mode 100644 index 0000000..dc77d18 --- /dev/null +++ b/auth_saml_environment/readme/USAGE.rst @@ -0,0 +1,6 @@ +Once configured, Odoo will read the Auth SAML Providers values from the +configuration. + +Note that visibility of login button for SAML is changed and differs from `auth_saml` module, +instead of relying on which fields are filled or not, all providers will be displayed as long +as their configuration in Odoo are set to active. diff --git a/auth_saml_environment/static/description/icon.png b/auth_saml_environment/static/description/icon.png new file mode 100644 index 0000000000000000000000000000000000000000..3a0328b516c4980e8e44cdb63fd945757ddd132d GIT binary patch literal 9455 zcmW++2RxMjAAjx~&dlBk9S+%}OXg)AGE&Cb*&}d0jUxM@u(PQx^-s)697TX`ehR4?GS^qbkof1cslKgkU)h65qZ9Oc=ml_0temigYLJfnz{IDzUf>bGs4N!v3=Z3jMq&A#7%rM5eQ#dc?k~! zVpnB`o+K7|Al`Q_U;eD$B zfJtP*jH`siUq~{KE)`jP2|#TUEFGRryE2`i0**z#*^6~AI|YzIWy$Cu#CSLW3q=GA z6`?GZymC;dCPk~rBS%eCb`5OLr;RUZ;D`}um=H)BfVIq%7VhiMr)_#G0N#zrNH|__ zc+blN2UAB0=617@>_u;MPHN;P;N#YoE=)R#i$k_`UAA>WWCcEVMh~L_ zj--gtp&|K1#58Yz*AHCTMziU1Jzt_jG0I@qAOHsk$2}yTmVkBp_eHuY$A9)>P6o~I z%aQ?!(GqeQ-Y+b0I(m9pwgi(IIZZzsbMv+9w{PFtd_<_(LA~0H(xz{=FhLB@(1&qHA5EJw1>>=%q2f&^X>IQ{!GJ4e9U z&KlB)z(84HmNgm2hg2C0>WM{E(DdPr+EeU_N@57;PC2&DmGFW_9kP&%?X4}+xWi)( z;)z%wI5>D4a*5XwD)P--sPkoY(a~WBw;E~AW`Yue4kFa^LM3X`8x|}ZUeMnqr}>kH zG%WWW>3ml$Yez?i%)2pbKPI7?5o?hydokgQyZsNEr{a|mLdt;X2TX(#B1j35xPnPW z*bMSSOauW>o;*=kO8ojw91VX!qoOQb)zHJ!odWB}d+*K?#sY_jqPdg{Sm2HdYzdEx zOGVPhVRTGPtv0o}RfVP;Nd(|CB)I;*t&QO8h zFfekr30S!-LHmV_Su-W+rEwYXJ^;6&3|L$mMC8*bQptyOo9;>Qb9Q9`ySe3%V$A*9 zeKEe+b0{#KWGp$F+tga)0RtI)nhMa-K@JS}2krK~n8vJ=Ngm?R!9G<~RyuU0d?nz# z-5EK$o(!F?hmX*2Yt6+coY`6jGbb7tF#6nHA zuKk=GGJ;ZwON1iAfG$E#Y7MnZVmrY|j0eVI(DN_MNFJmyZ|;w4tf@=CCDZ#5N_0K= z$;R~bbk?}TpfDjfB&aiQ$VA}s?P}xPERJG{kxk5~R`iRS(SK5d+Xs9swCozZISbnS zk!)I0>t=A<-^z(cmSFz3=jZ23u13X><0b)P)^1T_))Kr`e!-pb#q&J*Q`p+B6la%C zuVl&0duN<;uOsB3%T9Fp8t{ED108<+W(nOZd?gDnfNBC3>M8WE61$So|P zVvqH0SNtDTcsUdzaMDpT=Ty0pDHHNL@Z0w$Y`XO z2M-_r1S+GaH%pz#Uy0*w$Vdl=X=rQXEzO}d6J^R6zjM1u&c9vYLvLp?W7w(?np9x1 zE_0JSAJCPB%i7p*Wvg)pn5T`8k3-uR?*NT|J`eS#_#54p>!p(mLDvmc-3o0mX*mp_ zN*AeS<>#^-{S%W<*mz^!X$w_2dHWpcJ6^j64qFBft-o}o_Vx80o0>}Du;>kLts;$8 zC`7q$QI(dKYG`Wa8#wl@V4jVWBRGQ@1dr-hstpQL)Tl+aqVpGpbSfN>5i&QMXfiZ> zaA?T1VGe?rpQ@;+pkrVdd{klI&jVS@I5_iz!=UMpTsa~mBga?1r}aRBm1WS;TT*s0f0lY=JBl66Upy)-k4J}lh=P^8(SXk~0xW=T9v*B|gzIhN z>qsO7dFd~mgxAy4V?&)=5ieYq?zi?ZEoj)&2o)RLy=@hbCRcfT5jigwtQGE{L*8<@Yd{zg;CsL5mvzfDY}P-wos_6PfprFVaeqNE%h zKZhLtcQld;ZD+>=nqN~>GvROfueSzJD&BE*}XfU|H&(FssBqY=hPCt`d zH?@s2>I(|;fcW&YM6#V#!kUIP8$Nkdh0A(bEVj``-AAyYgwY~jB zT|I7Bf@%;7aL7Wf4dZ%VqF$eiaC38OV6oy3Z#TER2G+fOCd9Iaoy6aLYbPTN{XRPz z;U!V|vBf%H!}52L2gH_+j;`bTcQRXB+y9onc^wLm5wi3-Be}U>k_u>2Eg$=k!(l@I zcCg+flakT2Nej3i0yn+g+}%NYb?ta;R?(g5SnwsQ49U8Wng8d|{B+lyRcEDvR3+`O{zfmrmvFrL6acVP%yG98X zo&+VBg@px@i)%o?dG(`T;n*$S5*rnyiR#=wW}}GsAcfyQpE|>a{=$Hjg=-*_K;UtD z#z-)AXwSRY?OPefw^iI+ z)AXz#PfEjlwTes|_{sB?4(O@fg0AJ^g8gP}ex9Ucf*@_^J(s_5jJV}c)s$`Myn|Kd z$6>}#q^n{4vN@+Os$m7KV+`}c%4)4pv@06af4-x5#wj!KKb%caK{A&Y#Rfs z-po?Dcb1({W=6FKIUirH&(yg=*6aLCekcKwyfK^JN5{wcA3nhO(o}SK#!CINhI`-I z1)6&n7O&ZmyFMuNwvEic#IiOAwNkR=u5it{B9n2sAJV5pNhar=j5`*N!Na;c7g!l$ z3aYBqUkqqTJ=Re-;)s!EOeij=7SQZ3Hq}ZRds%IM*PtM$wV z@;rlc*NRK7i3y5BETSKuumEN`Xu_8GP1Ri=OKQ$@I^ko8>H6)4rjiG5{VBM>B|%`&&s^)jS|-_95&yc=GqjNo{zFkw%%HHhS~e=s zD#sfS+-?*t|J!+ozP6KvtOl!R)@@-z24}`9{QaVLD^9VCSR2b`b!KC#o;Ki<+wXB6 zx3&O0LOWcg4&rv4QG0)4yb}7BFSEg~=IR5#ZRj8kg}dS7_V&^%#Do==#`u zpy6{ox?jWuR(;pg+f@mT>#HGWHAJRRDDDv~@(IDw&R>9643kK#HN`!1vBJHnC+RM&yIh8{gG2q zA%e*U3|N0XSRa~oX-3EAneep)@{h2vvd3Xvy$7og(sayr@95+e6~Xvi1tUqnIxoIH zVWo*OwYElb#uyW{Imam6f2rGbjR!Y3`#gPqkv57dB6K^wRGxc9B(t|aYDGS=m$&S!NmCtrMMaUg(c zc2qC=2Z`EEFMW-me5B)24AqF*bV5Dr-M5ig(l-WPS%CgaPzs6p_gnCIvTJ=Y<6!gT zVt@AfYCzjjsMEGi=rDQHo0yc;HqoRNnNFeWZgcm?f;cp(6CNylj36DoL(?TS7eU#+ z7&mfr#y))+CJOXQKUMZ7QIdS9@#-}7y2K1{8)cCt0~-X0O!O?Qx#E4Og+;A2SjalQ zs7r?qn0H044=sDN$SRG$arw~n=+T_DNdSrarmu)V6@|?1-ZB#hRn`uilTGPJ@fqEy zGt(f0B+^JDP&f=r{#Y_wi#AVDf-y!RIXU^0jXsFpf>=Ji*TeqSY!H~AMbJdCGLhC) zn7Rx+sXw6uYj;WRYrLd^5IZq@6JI1C^YkgnedZEYy<&4(z%Q$5yv#Boo{AH8n$a zhb4Y3PWdr269&?V%uI$xMcUrMzl=;w<_nm*qr=c3Rl@i5wWB;e-`t7D&c-mcQl7x! zZWB`UGcw=Y2=}~wzrfLx=uet<;m3~=8I~ZRuzvMQUQdr+yTV|ATf1Uuomr__nDf=X zZ3WYJtHp_ri(}SQAPjv+Y+0=fH4krOP@S&=zZ-t1jW1o@}z;xk8 z(Nz1co&El^HK^NrhVHa-_;&88vTU>_J33=%{if;BEY*J#1n59=07jrGQ#IP>@u#3A z;!q+E1Rj3ZJ+!4bq9F8PXJ@yMgZL;>&gYA0%_Kbi8?S=XGM~dnQZQ!yBSgcZhY96H zrWnU;k)qy`rX&&xlDyA%(a1Hhi5CWkmg(`Gb%m(HKi-7Z!LKGRP_B8@`7&hdDy5n= z`OIxqxiVfX@OX1p(mQu>0Ai*v_cTMiw4qRt3~NBvr9oBy0)r>w3p~V0SCm=An6@3n)>@z!|o-$HvDK z|3D2ZMJkLE5loMKl6R^ez@Zz%S$&mbeoqH5`Bb){Ei21q&VP)hWS2tjShfFtGE+$z zzCR$P#uktu+#!w)cX!lWN1XU%K-r=s{|j?)Akf@q#3b#{6cZCuJ~gCxuMXRmI$nGtnH+-h z+GEi!*X=AP<|fG`1>MBdTb?28JYc=fGvAi2I<$B(rs$;eoJCyR6_bc~p!XR@O-+sD z=eH`-ye})I5ic1eL~TDmtfJ|8`0VJ*Yr=hNCd)G1p2MMz4C3^Mj?7;!w|Ly%JqmuW zlIEW^Ft%z?*|fpXda>Jr^1noFZEwFgVV%|*XhH@acv8rdGxeEX{M$(vG{Zw+x(ei@ zmfXb22}8-?Fi`vo-YVrTH*C?a8%M=Hv9MqVH7H^J$KsD?>!SFZ;ZsvnHr_gn=7acz z#W?0eCdVhVMWN12VV^$>WlQ?f;P^{(&pYTops|btm6aj>_Uz+hqpGwB)vWp0Cf5y< zft8-je~nn?W11plq}N)4A{l8I7$!ks_x$PXW-2XaRFswX_BnF{R#6YIwMhAgd5F9X zGmwdadS6(a^fjHtXg8=l?Rc0Sm%hk6E9!5cLVloEy4eh(=FwgP`)~I^5~pBEWo+F6 zSf2ncyMurJN91#cJTy_u8Y}@%!bq1RkGC~-bV@SXRd4F{R-*V`bS+6;W5vZ(&+I<9$;-V|eNfLa5n-6% z2(}&uGRF;p92eS*sE*oR$@pexaqr*meB)VhmIg@h{uzkk$9~qh#cHhw#>O%)b@+(| z^IQgqzuj~Sk(J;swEM-3TrJAPCq9k^^^`q{IItKBRXYe}e0Tdr=Huf7da3$l4PdpwWDop%^}n;dD#K4s#DYA8SHZ z&1!riV4W4R7R#C))JH1~axJ)RYnM$$lIR%6fIVA@zV{XVyx}C+a-Dt8Y9M)^KU0+H zR4IUb2CJ{Hg>CuaXtD50jB(_Tcx=Z$^WYu2u5kubqmwp%drJ6 z?Fo40g!Qd<-l=TQxqHEOuPX0;^z7iX?Ke^a%XT<13TA^5`4Xcw6D@Ur&VT&CUe0d} z1GjOVF1^L@>O)l@?bD~$wzgf(nxX1OGD8fEV?TdJcZc2KoUe|oP1#=$$7ee|xbY)A zDZq+cuTpc(fFdj^=!;{k03C69lMQ(|>uhRfRu%+!k&YOi-3|1QKB z z?n?eq1XP>p-IM$Z^C;2L3itnbJZAip*Zo0aw2bs8@(s^~*8T9go!%dHcAz2lM;`yp zD=7&xjFV$S&5uDaiScyD?B-i1ze`+CoRtz`Wn+Zl&#s4&}MO{@N!ufrzjG$B79)Y2d3tBk&)TxUTw@QS0TEL_?njX|@vq?Uz(nBFK5Pq7*xj#u*R&i|?7+6# z+|r_n#SW&LXhtheZdah{ZVoqwyT{D>MC3nkFF#N)xLi{p7J1jXlmVeb;cP5?e(=f# zuT7fvjSbjS781v?7{)-X3*?>tq?)Yd)~|1{BDS(pqC zC}~H#WXlkUW*H5CDOo<)#x7%RY)A;ShGhI5s*#cRDA8YgqG(HeKDx+#(ZQ?386dv! zlXCO)w91~Vw4AmOcATuV653fa9R$fyK8ul%rG z-wfS zihugoZyr38Im?Zuh6@RcF~t1anQu7>#lPpb#}4cOA!EM11`%f*07RqOVkmX{p~KJ9 z^zP;K#|)$`^Rb{rnHGH{~>1(fawV0*Z#)}M`m8-?ZJV<+e}s9wE# z)l&az?w^5{)`S(%MRzxdNqrs1n*-=jS^_jqE*5XDrA0+VE`5^*p3CuM<&dZEeCjoz zR;uu_H9ZPZV|fQq`Cyw4nscrVwi!fE6ciMmX$!_hN7uF;jjKG)d2@aC4ropY)8etW=xJvni)8eHi`H$%#zn^WJ5NLc-rqk|u&&4Z6fD_m&JfSI1Bvb?b<*n&sfl0^t z=HnmRl`XrFvMKB%9}>PaA`m-fK6a0(8=qPkWS5bb4=v?XcWi&hRY?O5HdulRi4?fN zlsJ*N-0Qw+Yic@s0(2uy%F@ib;GjXt01Fmx5XbRo6+n|pP(&nodMoap^z{~q ziEeaUT@Mxe3vJSfI6?uLND(CNr=#^W<1b}jzW58bIfyWTDle$mmS(|x-0|2UlX+9k zQ^EX7Nw}?EzVoBfT(-LT|=9N@^hcn-_p&sqG z&*oVs2JSU+N4ZD`FhCAWaS;>|wH2G*Id|?pa#@>tyxX`+4HyIArWDvVrX)2WAOQff z0qyHu&-S@i^MS-+j--!pr4fPBj~_8({~e1bfcl0wI1kaoN>mJL6KUPQm5N7lB(ui1 zE-o%kq)&djzWJ}ob<-GfDlkB;F31j-VHKvQUGQ3sp`CwyGJk_i!y^sD0fqC@$9|jO zOqN!r!8-p==F@ZVP=U$qSpY(gQ0)59P1&t@y?5rvg<}E+GB}26NYPp4f2YFQrQtot5mn3wu_qprZ=>Ig-$ zbW26Ws~IgY>}^5w`vTB(G`PTZaDiGBo5o(tp)qli|NeV( z@H_=R8V39rt5J5YB2Ky?4eJJ#b`_iBe2ot~6%7mLt5t8Vwi^Jy7|jWXqa3amOIoRb zOr}WVFP--DsS`1WpN%~)t3R!arKF^Q$e12KEqU36AWwnCBICpH4XCsfnyrHr>$I$4 z!DpKX$OKLWarN7nv@!uIA+~RNO)l$$w}p(;b>mx8pwYvu;dD_unryX_NhT8*Tj>BTrTTL&!?O+%Rv;b?B??gSzdp?6Uug9{ zd@V08Z$BdI?fpoCS$)t4mg4rT8Q_I}h`0d-vYZ^|dOB*Q^S|xqTV*vIg?@fVFSmMpaw0qtTRbx} z({Pg?#{2`sc9)M5N$*N|4;^t$+QP?#mov zGVC@I*lBVrOU-%2y!7%)fAKjpEFsgQc4{amtiHb95KQEwvf<(3T<9-Zm$xIew#P22 zc2Ix|App^>v6(3L_MCU0d3W##AB0M~3D00EWoKZqsJYT(#@w$Y_H7G22M~ApVFTRHMI_3be)Lkn#0F*V8Pq zc}`Cjy$bE;FJ6H7p=0y#R>`}-m4(0F>%@P|?7fx{=R^uFdISRnZ2W_xQhD{YuR3t< z{6yxu=4~JkeA;|(J6_nv#>Nvs&FuLA&PW^he@t(UwFFE8)|a!R{`E`K`i^ZnyE4$k z;(749Ix|oi$c3QbEJ3b~D_kQsPz~fIUKym($a_7dJ?o+40*OLl^{=&oq$<#Q(yyrp z{J-FAniyAw9tPbe&IhQ|a`DqFTVQGQ&Gq3!C2==4x{6EJwiPZ8zub-iXoUtkJiG{} zPaR&}_fn8_z~(=;5lD-aPWD3z8PZS@AaUiomF!G8I}Mf>e~0g#BelA-5#`cj;O5>N Xviia!U7SGha1wx#SCgwmn*{w2TRX*I literal 0 HcmV?d00001 diff --git a/auth_saml_environment/static/description/index.html b/auth_saml_environment/static/description/index.html new file mode 100644 index 0000000..c21f236 --- /dev/null +++ b/auth_saml_environment/static/description/index.html @@ -0,0 +1,458 @@ + + + + + + +Auth SAML environement + + + +
+

Auth SAML environement

+ + +

Beta License: AGPL-3 OCA/server-env Translate me on Weblate Try me on Runbot

+

This module allows to use server env for SAML configuration

+

Table of contents

+ +
+

Installation

+

To install this module, you need to have the following modules installed and +properly configured: server_environment module auth_saml

+
+
+

Configuration

+

To configure this module, you need to:

+

Create a module server_environment_file with a cfg file or set the environment variable +SERVER_ENV_CONFIG with the following section:

+

[auth_saml_provider.<name>]

+

Where <name> is optional and must be equal to the name field you defined in Odoo for the IDP.

+

Example of configuration

+

[auth_saml_provider.my_idp]

+

idp_metadata=<…> +sp_baseurl=https://odoo-community.org +sp_pem_public_path=/data/cert.pem +sp_pem_private_path=/data/key.pem

+
+
+

Usage

+

Once configured, Odoo will read the Auth SAML Providers values from the +configuration.

+

Note that visibility of login button for SAML is changed and differs from auth_saml module, +instead of relying on which fields are filled or not, all providers will be displayed as long +as their configuration in Odoo are set to active.

+
+
+

Known issues / Roadmap

+
    +
  • Due to the special nature of this addon, you cannot test it on the OCA +runbot.
    • +
+
+
+

Bug Tracker

+

Bugs are tracked on GitHub Issues. +In case of trouble, please check there if your issue has already been reported. +If you spotted it first, help us smashing it by providing a detailed and welcomed +feedback.

+

Do not contact contributors directly about support or help with technical issues.

+
+
+

Credits

+
+

Authors

+
    +
  • Camptocamp SA
    • +
+
+ +
+

Maintainers

+

This module is maintained by the OCA.

+Odoo Community Association +

OCA, or the Odoo Community Association, is a nonprofit organization whose +mission is to support the collaborative development of Odoo features and +promote its widespread use.

+

This module is part of the OCA/server-env project on GitHub.

+

You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.

+
+
+
+ + diff --git a/auth_saml_environment/tests/__init__.py b/auth_saml_environment/tests/__init__.py new file mode 100644 index 0000000..120bcdf --- /dev/null +++ b/auth_saml_environment/tests/__init__.py @@ -0,0 +1 @@ +from . import test_environment_variable diff --git a/auth_saml_environment/tests/test_environment_variable.py b/auth_saml_environment/tests/test_environment_variable.py new file mode 100644 index 0000000..12600d2 --- /dev/null +++ b/auth_saml_environment/tests/test_environment_variable.py @@ -0,0 +1,35 @@ +# Copyright 2021 Camptocamp (https://www.camptocamp.com). +# License GPL-3.0 or later (http://www.gnu.org/licenses/agpl). + +from unittest.mock import patch + +from odoo.tools.config import config as odoo_config + +from odoo.addons.server_environment import server_env +from odoo.addons.server_environment.tests.common import ServerEnvironmentCase + + +@patch.dict(odoo_config.options, {"running_env": "testing"}) +class TestEnvironmentVariables(ServerEnvironmentCase): + def test_env_variables(self): + env_var = ( + "[auth_saml_provider.sample]\n" + "idp_metadata=foo\n" + "sp_baseurl=bar\n" + "sp_pem_public_path=file1.txt\n" + "sp_pem_private_path=file2.txt" + ) + with self.set_config_dir(None), self.set_env_variables(env_var): + parser = server_env._load_config() + self.assertEqual( + list(parser.keys()), ["DEFAULT", "auth_saml_provider.sample"] + ) + self.assertDictEqual( + dict(parser["auth_saml_provider.sample"].items()), + { + "idp_metadata": "foo", + "sp_baseurl": "bar", + "sp_pem_public_path": "file1.txt", + "sp_pem_private_path": "file2.txt", + }, + ) diff --git a/auth_saml_environment/views/saml_provider_view.xml b/auth_saml_environment/views/saml_provider_view.xml new file mode 100644 index 0000000..4c47d92 --- /dev/null +++ b/auth_saml_environment/views/saml_provider_view.xml @@ -0,0 +1,26 @@ + + + + + auth.saml.provider.form + auth.saml.provider + + + + + + + + + + + 1 + + + 1 + + + + + + From ad1c7cce272a2bace778c249120876876584ce3c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dept=2E=20T=C3=A9cnico?= Date: Wed, 16 Feb 2022 11:32:32 +0000 Subject: [PATCH 2/6] Added translation using Weblate (Catalan) --- auth_saml_environment/i18n/ca.po | 50 ++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 auth_saml_environment/i18n/ca.po diff --git a/auth_saml_environment/i18n/ca.po b/auth_saml_environment/i18n/ca.po new file mode 100644 index 0000000..2447c84 --- /dev/null +++ b/auth_saml_environment/i18n/ca.po @@ -0,0 +1,50 @@ +# Translation of Odoo Server. +# This file contains the translation of the following modules: +# * auth_saml_environment +# +msgid "" +msgstr "" +"Project-Id-Version: Odoo Server 14.0\n" +"Report-Msgid-Bugs-To: \n" +"Last-Translator: Automatically generated\n" +"Language-Team: none\n" +"Language: ca\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: \n" +"Plural-Forms: nplurals=2; plural=n != 1;\n" + +#. module: auth_saml_environment +#: model:ir.model.fields,field_description:auth_saml_environment.field_auth_saml_provider__display_name +msgid "Display Name" +msgstr "" + +#. module: auth_saml_environment +#: model:ir.model.fields,field_description:auth_saml_environment.field_auth_saml_provider__id +msgid "ID" +msgstr "" + +#. module: auth_saml_environment +#: model:ir.model.fields,field_description:auth_saml_environment.field_auth_saml_provider____last_update +msgid "Last Modified on" +msgstr "" + +#. module: auth_saml_environment +#: model:ir.model,name:auth_saml_environment.model_auth_saml_provider +msgid "SAML2 provider" +msgstr "" + +#. module: auth_saml_environment +#: model:ir.model.fields,field_description:auth_saml_environment.field_auth_saml_provider__server_env_defaults +msgid "Server Env Defaults" +msgstr "" + +#. module: auth_saml_environment +#: model:ir.model.fields,field_description:auth_saml_environment.field_auth_saml_provider__sp_pem_private_path +msgid "sp_pem_private_path env config value" +msgstr "" + +#. module: auth_saml_environment +#: model:ir.model.fields,field_description:auth_saml_environment.field_auth_saml_provider__sp_pem_public_path +msgid "sp_pem_public_path env config value" +msgstr "" From 90b235a37e8fca5e2f65ff9e36e9b749ecf414bc Mon Sep 17 00:00:00 2001 From: oca-ci Date: Wed, 27 Apr 2022 12:38:54 +0000 Subject: [PATCH 3/6] [UPD] Update auth_saml_environment.pot --- auth_saml_environment/i18n/auth_saml_environment.pot | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/auth_saml_environment/i18n/auth_saml_environment.pot b/auth_saml_environment/i18n/auth_saml_environment.pot index 9040eff..67c2ce2 100644 --- a/auth_saml_environment/i18n/auth_saml_environment.pot +++ b/auth_saml_environment/i18n/auth_saml_environment.pot @@ -30,7 +30,7 @@ msgstr "" #. module: auth_saml_environment #: model:ir.model,name:auth_saml_environment.model_auth_saml_provider -msgid "SAML2 provider" +msgid "SAML2 Provider" msgstr "" #. module: auth_saml_environment From 820572a53d91a077a39fc690bbe3f5840ed6d2bb Mon Sep 17 00:00:00 2001 From: OCA Transbot Date: Wed, 27 Apr 2022 12:39:03 +0000 Subject: [PATCH 4/6] Update translation files Updated by "Update PO files to match POT (msgmerge)" hook in Weblate. Translation: server-env-14.0/server-env-14.0-auth_saml_environment Translate-URL: https://translation.odoo-community.org/projects/server-env-14-0/server-env-14-0-auth_saml_environment/ --- auth_saml_environment/i18n/ca.po | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/auth_saml_environment/i18n/ca.po b/auth_saml_environment/i18n/ca.po index 2447c84..0f505d9 100644 --- a/auth_saml_environment/i18n/ca.po +++ b/auth_saml_environment/i18n/ca.po @@ -31,7 +31,7 @@ msgstr "" #. module: auth_saml_environment #: model:ir.model,name:auth_saml_environment.model_auth_saml_provider -msgid "SAML2 provider" +msgid "SAML2 Provider" msgstr "" #. module: auth_saml_environment From d60b819eca968c3f48942eaa6e122d80a848da86 Mon Sep 17 00:00:00 2001 From: Stephane Mangin Date: Tue, 25 Apr 2023 10:33:32 +0200 Subject: [PATCH 5/6] [IMP] auth_saml_environment: black, isort, prettier --- .../auth_saml_environment/odoo/addons/auth_saml_environment | 1 + setup/auth_saml_environment/setup.py | 6 ++++++ 2 files changed, 7 insertions(+) create mode 120000 setup/auth_saml_environment/odoo/addons/auth_saml_environment create mode 100644 setup/auth_saml_environment/setup.py diff --git a/setup/auth_saml_environment/odoo/addons/auth_saml_environment b/setup/auth_saml_environment/odoo/addons/auth_saml_environment new file mode 120000 index 0000000..0c7e9ca --- /dev/null +++ b/setup/auth_saml_environment/odoo/addons/auth_saml_environment @@ -0,0 +1 @@ +../../../../auth_saml_environment \ No newline at end of file diff --git a/setup/auth_saml_environment/setup.py b/setup/auth_saml_environment/setup.py new file mode 100644 index 0000000..28c57bb --- /dev/null +++ b/setup/auth_saml_environment/setup.py @@ -0,0 +1,6 @@ +import setuptools + +setuptools.setup( + setup_requires=['setuptools-odoo'], + odoo_addon=True, +) From bb4dec3ca4a2a26b0232c47d7c0b3fd018e8987c Mon Sep 17 00:00:00 2001 From: Stephane Mangin Date: Tue, 25 Apr 2023 10:57:30 +0200 Subject: [PATCH 6/6] [MIG] auth_saml_environment: Migration to 15.0 --- auth_saml_environment/README.rst | 13 +++++++------ auth_saml_environment/__manifest__.py | 2 +- .../i18n/auth_saml_environment.pot | 2 +- auth_saml_environment/readme/CONTRIBUTORS.rst | 1 + 4 files changed, 10 insertions(+), 8 deletions(-) diff --git a/auth_saml_environment/README.rst b/auth_saml_environment/README.rst index 93125a3..8101d1b 100644 --- a/auth_saml_environment/README.rst +++ b/auth_saml_environment/README.rst @@ -14,16 +14,16 @@ Auth SAML environement :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html :alt: License: AGPL-3 .. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--env-lightgray.png?logo=github - :target: https://github.com/OCA/server-env/tree/14.0/auth_saml_environment + :target: https://github.com/OCA/server-env/tree/15.0/auth_saml_environment :alt: OCA/server-env .. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png - :target: https://translation.odoo-community.org/projects/server-env-14-0/server-env-14-0-auth_saml_environment + :target: https://translation.odoo-community.org/projects/server-env-15-0/server-env-15-0-auth_saml_environment :alt: Translate me on Weblate .. |badge5| image:: https://img.shields.io/badge/runbot-Try%20me-875A7B.png - :target: https://runbot.odoo-community.org/runbot/254/14.0 + :target: https://runbot.odoo-community.org/runbot/254/15.0 :alt: Try me on Runbot -|badge1| |badge2| |badge3| |badge4| |badge5| +|badge1| |badge2| |badge3| |badge4| |badge5| This module allows to use server env for SAML configuration @@ -82,7 +82,7 @@ Bug Tracker Bugs are tracked on `GitHub Issues `_. In case of trouble, please check there if your issue has already been reported. If you spotted it first, help us smashing it by providing a detailed and welcomed -`feedback `_. +`feedback `_. Do not contact contributors directly about support or help with technical issues. @@ -99,6 +99,7 @@ Contributors * Denis Leemann * Yannick Vaucher +* Stéphane Mangin Maintainers ~~~~~~~~~~~ @@ -113,6 +114,6 @@ OCA, or the Odoo Community Association, is a nonprofit organization whose mission is to support the collaborative development of Odoo features and promote its widespread use. -This module is part of the `OCA/server-env `_ project on GitHub. +This module is part of the `OCA/server-env `_ project on GitHub. You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute. diff --git a/auth_saml_environment/__manifest__.py b/auth_saml_environment/__manifest__.py index fc30a3b..7d0868b 100644 --- a/auth_saml_environment/__manifest__.py +++ b/auth_saml_environment/__manifest__.py @@ -4,7 +4,7 @@ { "name": "Auth SAML environement", "summary": "Allows system administrator to authenticate with any account", - "version": "14.0.1.0.0", + "version": "15.0.1.0.0", "category": "base", "author": "Camptocamp SA,Odoo Community Association (OCA)", "website": "https://github.com/OCA/server-env", diff --git a/auth_saml_environment/i18n/auth_saml_environment.pot b/auth_saml_environment/i18n/auth_saml_environment.pot index 67c2ce2..cbeaf7a 100644 --- a/auth_saml_environment/i18n/auth_saml_environment.pot +++ b/auth_saml_environment/i18n/auth_saml_environment.pot @@ -4,7 +4,7 @@ # msgid "" msgstr "" -"Project-Id-Version: Odoo Server 14.0\n" +"Project-Id-Version: Odoo Server 15.0\n" "Report-Msgid-Bugs-To: \n" "Last-Translator: \n" "Language-Team: \n" diff --git a/auth_saml_environment/readme/CONTRIBUTORS.rst b/auth_saml_environment/readme/CONTRIBUTORS.rst index 99bb39f..dacc60e 100644 --- a/auth_saml_environment/readme/CONTRIBUTORS.rst +++ b/auth_saml_environment/readme/CONTRIBUTORS.rst @@ -1,2 +1,3 @@ * Denis Leemann * Yannick Vaucher +* Stéphane Mangin