diff --git a/app/forms/main/config_cas.py b/app/forms/main/config_cas.py
index 7d7f4f7ef7..217b274f3a 100644
--- a/app/forms/main/config_cas.py
+++ b/app/forms/main/config_cas.py
@@ -31,7 +31,7 @@ Formulaires configuration Exports Apogée (codes)
from flask_wtf import FlaskForm
from wtforms import BooleanField, SubmitField
-from wtforms.fields.simple import StringField, TextAreaField
+from wtforms.fields.simple import FileField, StringField, TextAreaField
class ConfigCASForm(FlaskForm):
@@ -50,11 +50,10 @@ class ConfigCASForm(FlaskForm):
)
cas_ssl_verify = BooleanField("Vérification du certificat SSL")
- cas_ssl_certificate = TextAreaField(
+ cas_ssl_certificate_file = FileField(
label="Certificat (PEM)",
description="""Le contenu du certificat PEM
(commence typiquement par -----BEGIN CERTIFICATE-----)""",
- render_kw={"class": "form-control", "rows": 8},
)
submit = SubmitField("Valider")
diff --git a/app/static/css/scodoc.css b/app/static/css/scodoc.css
index e32ff65b53..5db529ce60 100644
--- a/app/static/css/scodoc.css
+++ b/app/static/css/scodoc.css
@@ -4539,4 +4539,10 @@ table.formation_table_recap td.heures_cours,
table.formation_table_recap td.heures_td,
table.formation_table_recap td.heures_tp {
text-align: right;
+}
+
+div.cas_etat_certif_ssl {
+ margin-top: 12px;
+ font-style: italic;
+ border: 1px dashed black;
}
\ No newline at end of file
diff --git a/app/templates/config_cas.j2 b/app/templates/config_cas.j2
index 2cccd0de46..430f1ffe8f 100644
--- a/app/templates/config_cas.j2
+++ b/app/templates/config_cas.j2
@@ -6,11 +6,18 @@
-
Le CAS...
+
Le CAS permet d'utiliser un service SSO pour connecter les utilisateurs.
-
+
{{ wtf.quick_form(form) }}
+
Certificat SSL
+ {% if cas_ssl_certificate_loaded %}
+ chargé.
+ {% else %}
+ non chargé.
+ {% endif %}
+
diff --git a/app/views/scodoc.py b/app/views/scodoc.py
index 3c3e5aba21..2aa2796877 100644
--- a/app/views/scodoc.py
+++ b/app/views/scodoc.py
@@ -75,7 +75,7 @@ from app.scodoc import sco_find_etud
from app.scodoc import sco_logos
from app.scodoc import sco_utils as scu
-from app.scodoc.sco_exceptions import AccessDenied
+from app.scodoc.sco_exceptions import AccessDenied, ScoValueError
from app.scodoc.sco_permissions import Permission
from app.views import scodoc_bp as bp
import sco_version
@@ -152,10 +152,14 @@ def config_cas():
flash("Serveur CAS enregistré")
if ScoDocSiteConfig.set("cas_ssl_verify", form.data["cas_ssl_verify"]):
flash("Vérification SSL modifiée")
- if ScoDocSiteConfig.set(
- "cas_ssl_certificate", form.data["cas_ssl_certificate"]
- ):
- flash("Certificat SSL enregistré")
+ if form.cas_ssl_certificate_file.data:
+ data = request.files[form.cas_ssl_certificate_file.name].read()
+ try:
+ data_str = data.decode("ascii")
+ except UnicodeDecodeError as exc:
+ raise ScoValueError("Fichier certificat invalide (non ASCII)") from exc
+ if ScoDocSiteConfig.set("cas_ssl_certificate", data_str):
+ flash("Certificat SSL enregistré")
set_cas_configuration()
return redirect(url_for("scodoc.configuration"))
@@ -164,11 +168,11 @@ def config_cas():
form.cas_server.data = ScoDocSiteConfig.get("cas_server")
form.cas_attribute_id.data = ScoDocSiteConfig.get("cas_attribute_id")
form.cas_ssl_verify.data = ScoDocSiteConfig.get("cas_ssl_verify")
- form.cas_ssl_certificate.data = ScoDocSiteConfig.get("cas_ssl_certificate")
return render_template(
"config_cas.j2",
form=form,
title="Configuration du Service d'Authentification Central (CAS)",
+ cas_ssl_certificate_loaded=ScoDocSiteConfig.get("cas_ssl_certificate"),
)