diff --git a/lib/manageiq/appliance_console/saml_authentication.rb b/lib/manageiq/appliance_console/saml_authentication.rb index 37e8d18c..3de9b3cd 100644 --- a/lib/manageiq/appliance_console/saml_authentication.rb +++ b/lib/manageiq/appliance_console/saml_authentication.rb @@ -90,13 +90,21 @@ def fetch_idp_metadata def copy_apache_saml_configfiles debug_msg("Copying Apache SAML Config files ...") - copy_template(HTTPD_CONFIG_DIRECTORY, "manageiq-remote-user.conf") + # introduced manageiq-remote-user-saml.conf in 4.7.1. + # this File.exist? will no longer be needed after 4.7.2 + if File.exist?(File.join(HTTPD_CONFIG_DIRECTORY, "manageiq-remote-user-saml.conf")) + copy_template(HTTPD_CONFIG_DIRECTORY, "manageiq-remote-user-saml.conf") + else + copy_template(HTTPD_CONFIG_DIRECTORY, "manageiq-remote-user.conf") + end copy_template(HTTPD_CONFIG_DIRECTORY, "manageiq-external-auth-saml.conf") end def remove_apache_saml_configfiles debug_msg("Removing Apache SAML Config files ...") + # legacy systems may still have it stored as the old name remove_file(HTTPD_CONFIG_DIRECTORY.join("manageiq-remote-user.conf")) + remove_file(HTTPD_CONFIG_DIRECTORY.join("manageiq-remote-user-saml.conf")) remove_file(HTTPD_CONFIG_DIRECTORY.join("manageiq-external-auth-saml.conf")) end diff --git a/spec/saml_authentication_spec.rb b/spec/saml_authentication_spec.rb index e97ecc69..c0868e19 100644 --- a/spec/saml_authentication_spec.rb +++ b/spec/saml_authentication_spec.rb @@ -35,6 +35,7 @@ downloaded_idp_metadata = "/tmp/downloaded_idp_metadata.xml" subject = described_class.new(:saml_idp_metadata => downloaded_idp_metadata) + expect(File).to receive(:exist?).with("#{described_class::HTTPD_CONFIG_DIRECTORY}/manageiq-remote-user-saml.conf").and_return(true) expect(File).to receive(:exist?).with(downloaded_idp_metadata).and_return(true) expect(FileUtils).to receive(:cp).with(downloaded_idp_metadata, described_class::IDP_METADATA_FILE).and_return(true) allow(Dir).to receive(:chdir).with(described_class::SAML2_CONFIG_DIRECTORY).and_yield @@ -43,7 +44,7 @@ :params => ["https://#{client_host}", "https://#{client_host}/saml2"]) allow(subject).to receive(:copy_template) - expect(subject).to receive(:copy_template).with(described_class::HTTPD_CONFIG_DIRECTORY, "manageiq-remote-user.conf").and_return(true) + expect(subject).to receive(:copy_template).with(described_class::HTTPD_CONFIG_DIRECTORY, "manageiq-remote-user-saml.conf").and_return(true) expect(subject).to receive(:copy_template).with(described_class::HTTPD_CONFIG_DIRECTORY, "manageiq-external-auth-saml.conf").and_return(true) expect(subject).to receive(:say).with("Setting Appliance Authentication Settings to SAML ...") @@ -69,13 +70,14 @@ idp_metadata_url = "http://idp.example.com/idp_metadata.xml" subject = described_class.new(:saml_idp_metadata => idp_metadata_url) + expect(File).to receive(:exist?).with("#{described_class::HTTPD_CONFIG_DIRECTORY}/manageiq-remote-user-saml.conf").and_return(true) allow(Dir).to receive(:chdir).with(described_class::SAML2_CONFIG_DIRECTORY).and_yield expect(AwesomeSpawn).to receive(:run!).with(described_class::MELLON_CREATE_METADATA_COMMAND, :chdir => described_class::SAML2_CONFIG_DIRECTORY, :params => ["https://#{client_host}", "https://#{client_host}/saml2"]) allow(subject).to receive(:copy_template) - expect(subject).to receive(:copy_template).with(described_class::HTTPD_CONFIG_DIRECTORY, "manageiq-remote-user.conf").and_return(true) + expect(subject).to receive(:copy_template).with(described_class::HTTPD_CONFIG_DIRECTORY, "manageiq-remote-user-saml.conf").and_return(true) expect(subject).to receive(:copy_template).with(described_class::HTTPD_CONFIG_DIRECTORY, "manageiq-external-auth-saml.conf").and_return(true) expect(subject).to receive(:download_network_file).with(idp_metadata_url, described_class::IDP_METADATA_FILE).and_return(true) @@ -105,6 +107,7 @@ :saml_enable_sso => true) expect(File).to receive(:exist?).with(downloaded_idp_metadata).and_return(true) + expect(File).to receive(:exist?).with("#{described_class::HTTPD_CONFIG_DIRECTORY}/manageiq-remote-user-saml.conf").and_return(true) allow(Dir).to receive(:chdir).with(described_class::SAML2_CONFIG_DIRECTORY).and_yield expect(AwesomeSpawn).to receive(:run!).with(described_class::MELLON_CREATE_METADATA_COMMAND, :chdir => described_class::SAML2_CONFIG_DIRECTORY, @@ -113,7 +116,7 @@ expect(FileUtils).to receive(:cp).with(downloaded_idp_metadata, described_class::IDP_METADATA_FILE).and_return(true) allow(subject).to receive(:copy_template) - expect(subject).to receive(:copy_template).with(described_class::HTTPD_CONFIG_DIRECTORY, "manageiq-remote-user.conf").and_return(true) + expect(subject).to receive(:copy_template).with(described_class::HTTPD_CONFIG_DIRECTORY, "manageiq-remote-user-saml.conf").and_return(true) expect(subject).to receive(:copy_template).with(described_class::HTTPD_CONFIG_DIRECTORY, "manageiq-external-auth-saml.conf").and_return(true) expect(subject).to receive(:say).with("Setting Appliance Authentication Settings to SAML ...") @@ -138,6 +141,7 @@ allow(subject).to receive(:remove_file) expect(subject).to receive(:remove_file).with(described_class::HTTPD_CONFIG_DIRECTORY.join("manageiq-external-auth-saml.conf")).and_return(true) expect(subject).to receive(:remove_file).with(described_class::HTTPD_CONFIG_DIRECTORY.join("manageiq-remote-user.conf")).and_return(true) + expect(subject).to receive(:remove_file).with(described_class::HTTPD_CONFIG_DIRECTORY.join("manageiq-remote-user-saml.conf")).and_return(true) expect(subject).to receive(:say).with(/Unconfiguring SAML Authentication .../) expect(subject).to receive(:say).with(/Setting Appliance Authentication Settings to Database .../)