diff --git a/app/forms/main/config_cas.py b/app/forms/main/config_cas.py index 7d7f4f7e..217b274f 100644 --- a/app/forms/main/config_cas.py +++ b/app/forms/main/config_cas.py @@ -31,7 +31,7 @@ Formulaires configuration Exports Apogée (codes) from flask_wtf import FlaskForm from wtforms import BooleanField, SubmitField -from wtforms.fields.simple import StringField, TextAreaField +from wtforms.fields.simple import FileField, StringField, TextAreaField class ConfigCASForm(FlaskForm): @@ -50,11 +50,10 @@ class ConfigCASForm(FlaskForm): ) cas_ssl_verify = BooleanField("Vérification du certificat SSL") - cas_ssl_certificate = TextAreaField( + cas_ssl_certificate_file = FileField( label="Certificat (PEM)", description="""Le contenu du certificat PEM (commence typiquement par -----BEGIN CERTIFICATE-----)""", - render_kw={"class": "form-control", "rows": 8}, ) submit = SubmitField("Valider") diff --git a/app/static/css/scodoc.css b/app/static/css/scodoc.css index e32ff65b..5db529ce 100644 --- a/app/static/css/scodoc.css +++ b/app/static/css/scodoc.css @@ -4539,4 +4539,10 @@ table.formation_table_recap td.heures_cours, table.formation_table_recap td.heures_td, table.formation_table_recap td.heures_tp { text-align: right; +} + +div.cas_etat_certif_ssl { + margin-top: 12px; + font-style: italic; + border: 1px dashed black; } \ No newline at end of file diff --git a/app/templates/config_cas.j2 b/app/templates/config_cas.j2 index 2cccd0de..430f1ffe 100644 --- a/app/templates/config_cas.j2 +++ b/app/templates/config_cas.j2 @@ -6,11 +6,18 @@
-

Le CAS...

+

Le CAS permet d'utiliser un service SSO pour connecter les utilisateurs.

-
+
{{ wtf.quick_form(form) }} +
Certificat SSL + {% if cas_ssl_certificate_loaded %} + chargé. + {% else %} + non chargé. + {% endif %} +
diff --git a/app/views/scodoc.py b/app/views/scodoc.py index 3c3e5aba..2aa27968 100644 --- a/app/views/scodoc.py +++ b/app/views/scodoc.py @@ -75,7 +75,7 @@ from app.scodoc import sco_find_etud from app.scodoc import sco_logos from app.scodoc import sco_utils as scu -from app.scodoc.sco_exceptions import AccessDenied +from app.scodoc.sco_exceptions import AccessDenied, ScoValueError from app.scodoc.sco_permissions import Permission from app.views import scodoc_bp as bp import sco_version @@ -152,10 +152,14 @@ def config_cas(): flash("Serveur CAS enregistré") if ScoDocSiteConfig.set("cas_ssl_verify", form.data["cas_ssl_verify"]): flash("Vérification SSL modifiée") - if ScoDocSiteConfig.set( - "cas_ssl_certificate", form.data["cas_ssl_certificate"] - ): - flash("Certificat SSL enregistré") + if form.cas_ssl_certificate_file.data: + data = request.files[form.cas_ssl_certificate_file.name].read() + try: + data_str = data.decode("ascii") + except UnicodeDecodeError as exc: + raise ScoValueError("Fichier certificat invalide (non ASCII)") from exc + if ScoDocSiteConfig.set("cas_ssl_certificate", data_str): + flash("Certificat SSL enregistré") set_cas_configuration() return redirect(url_for("scodoc.configuration")) @@ -164,11 +168,11 @@ def config_cas(): form.cas_server.data = ScoDocSiteConfig.get("cas_server") form.cas_attribute_id.data = ScoDocSiteConfig.get("cas_attribute_id") form.cas_ssl_verify.data = ScoDocSiteConfig.get("cas_ssl_verify") - form.cas_ssl_certificate.data = ScoDocSiteConfig.get("cas_ssl_certificate") return render_template( "config_cas.j2", form=form, title="Configuration du Service d'Authentification Central (CAS)", + cas_ssl_certificate_loaded=ScoDocSiteConfig.get("cas_ssl_certificate"), )