Fix idpSSOUrl and idpSLYUrl

jorritfolmer · Apr 3, 2018 · 9844fb0 · 9844fb0
1 parent 4f9ca87
commit 9844fb0
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 2 deletions.
diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb
@@ -346,6 +346,10 @@
     it { should contain_class('splunk::installed') }
     it { should contain_package('splunk') }
     it { should contain_file('/opt/splunk/etc/apps/puppet_common_auth_saml_base/local/authentication.conf').with_content(/idpSLOUrl = https:\/\/sso.internal.corp.tld\/adfs\/ls\?wa=wsignout1.0/) }
+    it { should contain_file('/opt/splunk/etc/apps/puppet_common_auth_saml_base/local/authentication.conf').with_content(/idpSSOUrl = https:\/\/sso.internal.corp.tld\/adfs\/ls/) }
+    it { should contain_file('/opt/splunk/etc/apps/puppet_common_auth_saml_base/local/authentication.conf').with_content(/signatureAlgorithm = RSA-SHA256/) }
+    it { should contain_file('/opt/splunk/etc/apps/puppet_common_auth_saml_base/local/authentication.conf').with_content(/signAuthnRequest = true/) }
+    it { should contain_file('/opt/splunk/etc/apps/puppet_common_auth_saml_base/local/authentication.conf').with_content(/signedAssertion = true/) }
   end
 
   context 'with ldap auth' do

diff --git a/templates/puppet_common_auth_saml_base/local/authentication.conf b/templates/puppet_common_auth_saml_base/local/authentication.conf
@@ -14,8 +14,8 @@ entityId = <%= @auth['saml_entityid'] %>
 fqdn = <%= @auth['saml_fqdn'] %>
 <% end -%>
 idpCertPath = <%= @splunk_home %>/etc/auth/idpCerts
-idpSLOUrl = <%= @idpslourl %>
-idpSSOUrl = <%= @idpssourl %>
+idpSSOUrl = <%= @auth['saml_idpurl'] %>
+idpSLOUrl = <%= @auth['saml_idpurl'] %>?wa=wsignout1.0
 <% if @auth['saml_signaturealgorithm'].nil? -%>
 signatureAlgorithm = <%= @auth_defaults['saml_signaturealgorithm'] %>
 <% else -%>