From e882b9aa12f7f93a91ee0824e09360fb545209f1 Mon Sep 17 00:00:00 2001 From: Asier Aguado Corman Date: Tue, 4 Feb 2020 14:24:43 +0100 Subject: [PATCH 1/2] Typo in oidcsettings.pp --- types/oidcsettings.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/types/oidcsettings.pp b/types/oidcsettings.pp index 4185258ac9..6993e2bdd6 100644 --- a/types/oidcsettings.pp +++ b/types/oidcsettings.pp @@ -21,7 +21,7 @@ Optional['AuthRequestParams'] => Pattern['/^[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+(&[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+)*$/'], Optional['SSLValidateServer'] => Enum['On','Off'], Optional['UserInfoRefreshInterval'] => Integer, - Optional['JWKSRefreshInterval'] => Interger, + Optional['JWKSRefreshInterval'] => Integer, Optional['UserInfoTokenMethod'] => Enum['authz_header','post_param'], Optional['ProviderAuthRequestMethod'] => Enum['GET','POST'], Optional['PublicKeyFiles'] => String, From 3d0dcbecee815249a87e1e1ad8bd67fc00651848 Mon Sep 17 00:00:00 2001 From: Asier Aguado Date: Wed, 5 Feb 2020 18:15:32 +0100 Subject: [PATCH 2/2] Remove quotes in oidcsettings regex patterns --- types/oidcsettings.pp | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/types/oidcsettings.pp b/types/oidcsettings.pp index 6993e2bdd6..bc3ce5c7da 100644 --- a/types/oidcsettings.pp +++ b/types/oidcsettings.pp @@ -10,15 +10,15 @@ Optional['ProviderJwksUri'] => Stdlib::HTTPSUrl, Optional['ProviderTokenEndpoint'] => Stdlib::HTTPSUrl, Optional['ProviderTokenEndpointAuth'] => Enum['client_secret_basic','client_secret_post','client_secret_jwt','private_key_jwt','none'], - Optional['ProviderTokenEndpointParams'] => Pattern['/^[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+(&[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+)*$/'], + Optional['ProviderTokenEndpointParams'] => Pattern[/^[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+(&[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+)*$/], Optional['ProviderUserInfoEndpoint'] => Stdlib::HTTPSUrl, Optional['ProviderCheckSessionIFrame'] => Stdlib::HTTPSUrl, Optional['ProviderEndSessionEndpoint'] => Stdlib::HTTPSUrl, Optional['ProviderRevocationEndpoint'] => Stdlib::HTTPSUrl, Optional['ProviderBackChannelLogoutSupported'] => Enum['On','Off'], Optional['ProviderRegistrationEndpointJson'] => String, - Optional['Scope'] => Pattern['/^[A-Za-z0-9\-\._\s]+$/'], - Optional['AuthRequestParams'] => Pattern['/^[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+(&[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+)*$/'], + Optional['Scope'] => Pattern[/^[A-Za-z0-9\-\._\s]+$/], + Optional['AuthRequestParams'] => Pattern[/^[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+(&[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+)*$/], Optional['SSLValidateServer'] => Enum['On','Off'], Optional['UserInfoRefreshInterval'] => Integer, Optional['JWKSRefreshInterval'] => Integer, @@ -51,15 +51,15 @@ Optional['OAuthIntrospectionEndpointCert'] => String, Optional['OAuthIntrospectionEndpointKey'] => String, Optional['OAuthIntrospectionEndpointMethod'] => Enum['POST','GET'], - Optional['OAuthIntrospectionEndpointParams'] => Pattern['/^[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+(&[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+)*$/'], + Optional['OAuthIntrospectionEndpointParams'] => Pattern[/^[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+(&[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+)*$/], Optional['OAuthIntrospectionTokenParamName'] => String, - Optional['OAuthTokenExpiryClaim'] => Pattern['/^[A-Za-z0-9\-\._]+\s(absolute|relative)\s(mandatory|optional)$/'], + Optional['OAuthTokenExpiryClaim'] => Pattern[/^[A-Za-z0-9\-\._]+\s(absolute|relative)\s(mandatory|optional)$/], Optional['OAuthSSLValidateServer'] => Enum['On','Off'], Optional['OAuthVerifySharedKeys'] => String, Optional['OAuthVerifyCertFiles'] => String, Optional['OAuthVerifyJwksUri'] => Stdlib::HTTPSUrl, Optional['OAuthRemoteUserClaim'] => String, - Optional['OAuthAcceptTokenAs'] => Pattern['/^((header|post|query|cookie\:[A-Za-z0-9\-\._]+|basic)\s?)+$/'], + Optional['OAuthAcceptTokenAs'] => Pattern[/^((header|post|query|cookie\:[A-Za-z0-9\-\._]+|basic)\s?)+$/], Optional['OAuthAccessTokenBindingPolicy'] => Enum['disabled','optional','required','enforced'], Optional['Cookie'] => String, Optional['SessionCookieChunkSize'] => Integer, @@ -67,10 +67,10 @@ Optional['CookieSameSite'] => Enum['On','Off'], Optional['PassCookies'] => String, Optional['StripCookies'] => String, - Optional['StateMaxNumberOfCookies'] => Pattern['/^[0-9]+\s(false|true)$/'], + Optional['StateMaxNumberOfCookies'] => Pattern[/^[0-9]+\s(false|true)$/], Optional['SessionInactivityTimeout'] => Integer, Optional['SessionMaxDuration'] => Integer, - Optional['SessionType'] => Pattern['/^(server-cache(:persistent)?|client-cookie(:persistent)?)$/'], + Optional['SessionType'] => Pattern[/^(server-cache(:persistent)?|client-cookie(:persistent)?)$/], Optional['SessionCacheFallbackToCookie'] => Enum['On','Off'], Optional['CacheType'] => Enum['shm','memcache','file','redis'], Optional['CacheEncrypt'] => Enum['On','Off'], @@ -83,14 +83,14 @@ Optional['DiscoverURL'] => Variant[Stdlib::HTTPSUrl,Stdlib::HttpUrl], Optional['HTMLErrorTemplate'] => String, Optional['DefaultURL'] => Variant[Stdlib::HTTPSUrl,Stdlib::HttpUrl], - Optional['PathScope'] => Pattern['/^[A-Za-z0-9\-\._\s]+$/'], - Optional['PathAuthRequestParams'] => Pattern['/^[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+(&[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+)*$/'], + Optional['PathScope'] => Pattern[/^[A-Za-z0-9\-\._\s]+$/], + Optional['PathAuthRequestParams'] => Pattern[/^[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+(&[A-Za-z0-9\-\._%]+=[A-Za-z0-9\-\._%]+)*$/], Optional['IDTokenIatSlack'] => Integer, Optional['ClaimPrefix'] => String, - Optional['ClaimDelimiter'] => Pattern['/^.$/'], + Optional['ClaimDelimiter'] => Pattern[/^.$/], Optional['RemoteUserClaim'] => String, - Optional['PassIDTokenAs'] => Pattern['/^((claims|payload|serialized)\s?)+$/'], - Optional['PassUserInfoAs'] => Pattern['/^((claims|json|jwt)\s?)+$/'], + Optional['PassIDTokenAs'] => Pattern[/^((claims|payload|serialized)\s?)+$/], + Optional['PassUserInfoAs'] => Pattern[/^((claims|json|jwt)\s?)+$/], Optional['PassClaimsAs'] => Enum['none','headers','environment','both'], Optional['AuthNHeader'] => String, Optional['HTTPTimeoutLong'] => Integer, @@ -104,9 +104,9 @@ Optional['PassRefreshToken'] => Enum['On','Off'], Optional['RequestObject'] => String, Optional['ProviderMetadataRefreshInterval'] => Integer, - Optional['InfoHook'] => Pattern['/^((iat|access_token|access_token_expires|id_token|userinfo|refresh_token|session)\s?)+$/'], + Optional['InfoHook'] => Pattern[/^((iat|access_token|access_token_expires|id_token|userinfo|refresh_token|session)\s?)+$/], Optional['BlackListedClaims'] => String, Optional['WhiteListedClaims'] => String, - Optional['RefreshAccessTokenBeforeExpiry'] => Pattern['/^[0-9]+(\slogout_on_error)?$/'], + Optional['RefreshAccessTokenBeforeExpiry'] => Pattern[/^[0-9]+(\slogout_on_error)?$/], } ]