| #!/bin/sh |
| |
| # Licensed to the Apache Software Foundation (ASF) under one |
| # or more contributor license agreements. See the NOTICE file |
| # distributed with this work for additional information |
| # regarding copyright ownership. The ASF licenses this file |
| # to you under the Apache License, Version 2.0 (the |
| # "License"); you may not use this file except in compliance |
| # with the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, |
| # software distributed under the License is distributed on an |
| # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| # KIND, either express or implied. See the License for the |
| # specific language governing permissions and limitations |
| # under the License. |
| |
| # Generate an OpenID Step2 server conf |
| here=`echo "import os; print os.path.realpath('$0')" | python`; here=`dirname $here` |
| mkdir -p $1 |
| root=`echo "import os; print os.path.realpath('$1')" | python` |
| |
| conf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-conf"` |
| host=`echo $conf | awk '{ print $6 }'` |
| |
| sslconf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-ssl-conf"` |
| if [ "$sslconf" = "" ]; then |
| sslsuffix="" |
| else |
| sslsuffix="-ssl" |
| fi |
| |
| # Configure HTTPD to serve OpenID XRDS and LRDD documents |
| cat >>$root/conf/locauth$sslsuffix.conf <<EOF |
| # Generated by: openid-step2-conf $* |
| # Serve OpenID XRDS document |
| Alias /openid $root/conf/openid.xrds |
| <Location /openid> |
| ForceType application/xrds+xml |
| </Location> |
| |
| # Serve OpenID LRDD document |
| Alias /.well-known/host-meta $root/conf/openid.lrdd |
| <Location /.well-known/host-meta> |
| ForceType text/plain |
| </Location> |
| |
| EOF |
| |
| cat >>$root/conf/pubauth$sslsuffix.conf <<EOF |
| # Generated by: openid-step2-conf $* |
| # Allow access to /.well-known/host-meta location |
| <Location /.well-known/host-meta> |
| AuthType None |
| Require all granted |
| </Location> |
| |
| EOF |
| |
| # Generate OpenID XRDS document |
| cat >$root/conf/openid.xrds <<EOF |
| <?xml version="1.0" encoding="UTF-8"?> |
| <xrds:XRDS xmlns:xrds="xri://\$xrds" xmlns="xri://\$xrd*(\$v*2.0)"> |
| <XRD> |
| <CanonicalID>$host</CanonicalID> |
| <Service priority="0"> |
| <Type>http://specs.openid.net/auth/2.0/server</Type> |
| <Type>http://specs.openid.net/auth/2.0/signon</Type> |
| <Type>http://openid.net/srv/ax/1.0</Type> |
| <Type>http://specs.openid.net/extensions/ui/1.0/mode/popup</Type> |
| <Type>http://specs.openid.net/extensions/ui/1.0/icon</Type> |
| <Type>http://specs.openid.net/extensions/pape/1.0</Type> |
| <URI>https://www.google.com/a/$host/o8/ud?be=o8</URI> |
| </Service> |
| </XRD> |
| </xrds:XRDS> |
| EOF |
| |
| # Generate OpenID LRDD document |
| cat >$root/conf/openid.lrdd <<EOF |
| Link: <https://www.google.com/accounts/o8/site-xrds?hd=$host>; rel="describedby http://reltype.google.com/openid/xrd-op"; type="application/xrds+xml" |
| EOF |
| |