From 96beae4c2fe0525cf8141ac2bbd791195d289697 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timoth=C3=A9e=20Floure?= <timothee.floure@posteo.net>
Date: Thu, 2 Dec 2021 11:38:26 +0100
Subject: [PATCH] __matrix_synapse:add --smal2-idp-metadata-uri flag

---
 type/__matrix_synapse/files/homeserver.yaml.sh | 10 ++++++++++
 type/__matrix_synapse/manifest                 |  9 +++++++++
 type/__matrix_synapse/parameter/optional       |  1 +
 3 files changed, 20 insertions(+)

diff --git a/type/__matrix_synapse/files/homeserver.yaml.sh b/type/__matrix_synapse/files/homeserver.yaml.sh
index 5ba7d1a..caf259b 100755
--- a/type/__matrix_synapse/files/homeserver.yaml.sh
+++ b/type/__matrix_synapse/files/homeserver.yaml.sh
@@ -1711,7 +1711,17 @@ saml2_config:
     #  local: ["saml2/idp.xml"]
     #  remote:
     #    - url: https://our_idp/metadata.xml
+EOF
 
+if [ -n "$SAML2_IDP_METADATA_URL" ]; then
+	cat << EOF
+    metadata:
+      remote:
+        - url: "$SAML2_IDP_METADATA_URL"
+EOF
+fi
+
+cat << EOF
     # Allowed clock difference in seconds between the homeserver and IdP.
     #
     # Uncomment the below to increase the accepted time difference from 0 to 3 seconds.
diff --git a/type/__matrix_synapse/manifest b/type/__matrix_synapse/manifest
index dbf318f..c85e4fc 100755
--- a/type/__matrix_synapse/manifest
+++ b/type/__matrix_synapse/manifest
@@ -191,6 +191,15 @@ if [ -f "$__object/parameter/registration-allows-email-pattern" ]; then
     export RESGISTRATION_ALLOWS_EMAIL_PATTERN
 fi
 
+if [ -f "$__object/parameter/saml2-idp-metadata-url" ]; then
+    # Synapse fails to start while trying to parse IDP metadata if this package
+    # is not installed.
+    __package xmlsec1
+
+    SAML2_IDP_METADATA_URL=$(cat "$__object/parameter/saml2-idp-metadata-url")
+    export SAML2_IDP_METADATA_URL
+fi
+
 # Federation.
 ALLOW_PUBLIC_ROOMS_OVER_FEDERATION=$(get_boolean_for 'allow-public-room-over-federation')
 ALLOW_PUBLIC_ROOMS_WITHOUT_AUTH=$(get_boolean_for 'allow-public-rooms-without-auth')
diff --git a/type/__matrix_synapse/parameter/optional b/type/__matrix_synapse/parameter/optional
index 67250d7..0547e1a 100644
--- a/type/__matrix_synapse/parameter/optional
+++ b/type/__matrix_synapse/parameter/optional
@@ -36,3 +36,4 @@ background-tasks-worker
 tls-cert
 tls-private-key
 registration-shared-secret
+saml2-idp-metadata-url