__matrix_synapse: add --saml2-sp-key and --saml2-sp-cert flags
This commit is contained in:
parent
e052178122
commit
35e299a5d1
4 changed files with 33 additions and 0 deletions
|
@ -1727,6 +1727,13 @@ if [ -n "$SAML2_IDP_METADATA_URL" ]; then
|
|||
EOF
|
||||
fi
|
||||
|
||||
if [ -n "$SAML2_SP_CERT" ] || [ -n "$SAML2_SP_KEY" ]; then
|
||||
cat << EOF
|
||||
key_file: "$SAML2_SP_KEY"
|
||||
cert_file: "$SAML2_SP_CERT"
|
||||
EOF
|
||||
fi
|
||||
|
||||
cat << EOF
|
||||
# Allowed clock difference in seconds between the homeserver and IdP.
|
||||
#
|
||||
|
|
|
@ -192,6 +192,12 @@ bind-address
|
|||
saml2-idp-metadata-url
|
||||
HTTP(S) url to SAML2 Identity Provider (IdP), used for Single Sign On (SSO) logic.
|
||||
|
||||
saml2-sp-key
|
||||
Path to PEM-formatted key file for use by PySAML2.
|
||||
|
||||
saml2-sp-cert
|
||||
Path to PEM-formatted cert file for use by PySAML2.
|
||||
|
||||
extra-setting
|
||||
Arbitrary string to be added to the configuration file. Can be specified multiple times.
|
||||
|
||||
|
|
|
@ -200,6 +200,24 @@ if [ -f "$__object/parameter/saml2-idp-metadata-url" ]; then
|
|||
export SAML2_IDP_METADATA_URL
|
||||
fi
|
||||
|
||||
if [ -f "$__object/parameter/saml2-sp-key" ]; then
|
||||
SAML2_SP_KEY=$(cat "$__object/parameter/saml2-sp-key")
|
||||
export SAML2_SP_KEY
|
||||
fi
|
||||
|
||||
if [ -f "$__object/parameter/saml2-sp-cert" ]; then
|
||||
SAML2_SP_CERT=$(cat "$__object/parameter/saml2-sp-cert")
|
||||
export SAML2_SP_CERT
|
||||
fi
|
||||
|
||||
if [ -n "$SAML2_SP_KEY" ] && [ -z "$SAML2_SP_CERT" ]; then
|
||||
echo "--saml2-sp-cert must be set if --saml2-sp-key is provided." >&2
|
||||
exit 1
|
||||
elif [ -n "$SAML2_SP_CERT" ] && [ -z "$SAML2_SP_KEY" ]; then
|
||||
echo "--saml2-sp-key must be set if --saml2-sp-cert is provided." >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ -f "$__object/parameter/default-identity-server" ]; then
|
||||
DEFAULT_IDENTITY_SERVER=$(cat "$__object/parameter/default-identity-server")
|
||||
export DEFAULT_IDENTITY_SERVER
|
||||
|
|
|
@ -37,4 +37,6 @@ tls-cert
|
|||
tls-private-key
|
||||
registration-shared-secret
|
||||
saml2-idp-metadata-url
|
||||
saml2-sp-key
|
||||
saml2-sp-cert
|
||||
default-identity-server
|
||||
|
|
Loading…
Reference in a new issue