2017-05-09 00:43:48 +00:00
|
|
|
package service
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"context"
|
|
|
|
|
|
2017-06-22 19:50:45 +00:00
|
|
|
"github.com/kolide/fleet/server/kolide"
|
2017-05-17 15:58:40 +00:00
|
|
|
"github.com/pkg/errors"
|
2017-05-09 00:43:48 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func (mw validationMiddleware) ModifyAppConfig(ctx context.Context, p kolide.AppConfigPayload) (*kolide.AppConfig, error) {
|
2017-05-17 15:58:40 +00:00
|
|
|
existing, err := mw.ds.AppConfig()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, errors.Wrap(err, "fetching existing app config in validation")
|
|
|
|
|
}
|
2017-05-09 00:43:48 +00:00
|
|
|
invalid := &invalidArgumentError{}
|
2017-05-17 15:58:40 +00:00
|
|
|
validateSSOSettings(p, existing, invalid)
|
2017-05-09 00:43:48 +00:00
|
|
|
if invalid.HasErrors() {
|
|
|
|
|
return nil, invalid
|
|
|
|
|
}
|
|
|
|
|
return mw.Service.ModifyAppConfig(ctx, p)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func isSet(val *string) bool {
|
|
|
|
|
if val != nil {
|
|
|
|
|
return len(*val) > 0
|
|
|
|
|
}
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-17 15:58:40 +00:00
|
|
|
func validateSSOSettings(p kolide.AppConfigPayload, existing *kolide.AppConfig, invalid *invalidArgumentError) {
|
2017-05-09 00:43:48 +00:00
|
|
|
if p.SSOSettings != nil && p.SSOSettings.EnableSSO != nil {
|
|
|
|
|
if *p.SSOSettings.EnableSSO {
|
|
|
|
|
if !isSet(p.SSOSettings.Metadata) && !isSet(p.SSOSettings.MetadataURL) {
|
2017-05-17 15:58:40 +00:00
|
|
|
if existing.Metadata == "" && existing.MetadataURL == "" {
|
|
|
|
|
invalid.Append("metadata", "either metadata or metadata_url must be defined")
|
|
|
|
|
}
|
2017-05-09 00:43:48 +00:00
|
|
|
}
|
|
|
|
|
if isSet(p.SSOSettings.Metadata) && isSet(p.SSOSettings.MetadataURL) {
|
|
|
|
|
invalid.Append("metadata", "both metadata and metadata_url are defined, only one is allowed")
|
|
|
|
|
}
|
|
|
|
|
if !isSet(p.SSOSettings.EntityID) {
|
2017-05-17 15:58:40 +00:00
|
|
|
if existing.EntityID == "" {
|
|
|
|
|
invalid.Append("entity_id", "required")
|
|
|
|
|
}
|
2017-05-09 00:43:48 +00:00
|
|
|
} else {
|
|
|
|
|
if len(*p.SSOSettings.EntityID) < 5 {
|
|
|
|
|
invalid.Append("entity_id", "must be 5 or more characters")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if !isSet(p.SSOSettings.IDPName) {
|
2017-05-17 15:58:40 +00:00
|
|
|
if existing.IDPName == "" {
|
|
|
|
|
invalid.Append("idp_name", "required")
|
|
|
|
|
}
|
2017-05-09 00:43:48 +00:00
|
|
|
} else {
|
2019-09-25 17:18:30 +00:00
|
|
|
if len(*p.SSOSettings.IDPName) < 4 {
|
|
|
|
|
invalid.Append("idp_name", "must be 4 or more characters")
|
2017-05-09 00:43:48 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
