Open-MSS · anshulagrawal2902 · Mar 14, 2025 · ReimarBauer · Mar 15, 2025
diff --git a/docs/samples/config/mscolab/mscolab_settings.py.sample b/docs/samples/config/mscolab/mscolab_settings.py.sample
@@ -25,6 +25,15 @@
     limitations under the License.
 """
 import os
+import logging
+import secrets
+import sys
+import warnings
+import yaml
+from saml2 import SAMLError
+from saml2.client import Saml2Client
+from saml2.config import SPConfig
+from urllib.parse import urlparse
 
 # In the unit days when Operations get archived because not used
 ARCHIVE_THRESHOLD = 30
@@ -107,3 +116,59 @@ USE_SAML2 = False
 # all users in that Group are set to the operations of that category
 # having the roles in the TexGroup
 GROUP_POSTFIX = "Group"
+
+CONFIGURED_IDPS = [
+  # configure your idps here
+  {
+      'idp_identity_name': 'localhost_test_idp',  #  make sure to use underscore for the blanks
+      'idp_data': {
+          'idp_name': 'Testing Identity Provider',  # this name is used on the Login page to connect to the Provider.
+      }
+  },
+
+]
+
+if os.path.exists(f"{SSO_DIR}/mss_saml2_backend.yaml"):
+  with open(f"{SSO_DIR}/mss_saml2_backend.yaml", encoding="utf-8") as fobj:
+      yaml_data = yaml.safe_load(fobj)
+  # go through configured IDPs and set conf file paths for particular files
+  for configured_idp in CONFIGURED_IDPS:
+      # set CRTs and metadata paths for the localhost_test_idp
+      if 'localhost_test_idp' == configured_idp['idp_identity_name']:
+          yaml_data["config"]["localhost_test_idp"]["key_file"] = \
+              f'{SSO_DIR}/key_mscolab.key'  # set path to your mscolab key file
+          yaml_data["config"]["localhost_test_idp"]["cert_file"] = \
+              f'{SSO_DIR}/crt_mscolab.crt'  # set path to your mscolab certificate file
+          yaml_data["config"]["localhost_test_idp"]["metadata"]["local"][0] = \
+              f'{SSO_DIR}/idp.xml'  # set path to your idp metadata xml file
+
+          # configuration localhost_test_idp Saml2Client
+          try:
+              if not os.path.exists(yaml_data["config"]["localhost_test_idp"]["metadata"]["local"][0]):
+                  yaml_data["config"]["localhost_test_idp"]["metadata"]["local"] = []
+                  warnings.warn("idp.xml file does not exists !\
+                                  Ignore this warning when you initialize metadata.")
+
+              localhost_test_idp = SPConfig().load(yaml_data["config"]["localhost_test_idp"])
+              sp_localhost_test_idp = Saml2Client(localhost_test_idp)
+
+              configured_idp['idp_data']['saml2client'] = sp_localhost_test_idp
+              for url_pair in (yaml_data["config"]["localhost_test_idp"]
+                                ["service"]["sp"]["endpoints"]["assertion_consumer_service"]):
+                  saml_url, binding = url_pair
+                  path = urlparse(saml_url).path
+                  configured_idp['idp_data']['assertion_consumer_endpoints'] = \
+                      configured_idp['idp_data'].get('assertion_consumer_endpoints', []) + [path]
+
+          except SAMLError:
+              warnings.warn("Invalid Saml2Client Config with localhost_test_idp ! Please configure with\
+                              valid CRTs metadata and try again.")
+              sys.exit()
+
+          # if multiple IdPs exists, development should need to implement accordingly below
+          """
+              if 'idp_2'== configured_idp['idp_identity_name']:
+                  # rest of code
+                  # set CRTs and metadata paths for the idp_2
+                  # configuration idp_2 Saml2Client
+          """
diff --git a/docs/samples/config/mscolab/setup_saml2_backend.py.sample b/docs/samples/config/mscolab/setup_saml2_backend.py.sample
diff --git a/mslib/index.py b/mslib/index.py
@@ -67,17 +67,16 @@ def file_exists(filepath=None):
 
 
 def create_app(name="", imprint=None, gdpr=None):
-    imprint_file = imprint
-    gdpr_file = gdpr
-
     if "mscolab.server" in name:
         from mslib.mscolab.app import APP, get_topmenu
+        APP.jinja_env.globals["imprint"] = APP.config['IMPRINT']
+        APP.jinja_env.globals["gdpr"] = APP.config['GDPR']
     else:
         from mslib.mswms.app import APP, get_topmenu
+        APP.jinja_env.globals["imprint"] = imprint
+        APP.jinja_env.globals["gdpr"] = gdpr
 
     APP.jinja_env.globals.update(file_exists=file_exists)
-    APP.jinja_env.globals["imprint"] = imprint_file
-    APP.jinja_env.globals["gdpr"] = gdpr_file
 
     @APP.route('/xstatic/<name>/<path:filename>')
     def files(name, filename):

diff --git a/mslib/mscolab/app/__init__.py b/mslib/mscolab/app/__init__.py
@@ -33,7 +33,6 @@
 import mslib
 
 from flask import Flask, url_for
-from mslib.mscolab.conf import mscolab_settings
 from flask_sqlalchemy import SQLAlchemy
 from mslib.utils import prefix_route, release_info
 
@@ -49,25 +48,9 @@
 # in memory database for testing
 # app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///'
 APP = Flask(__name__, template_folder=os.path.join(DOCS_SERVER_PATH, 'static', 'templates'))
-APP.config.from_object(__name__)
+APP.config.from_object('mslib.mscolab.conf.MscolabConfig')
 APP.route = prefix_route(APP.route, SCRIPT_NAME)
 
-APP.config['OPERATIONS_DATA'] = mscolab_settings.OPERATIONS_DATA
-APP.config['SQLALCHEMY_DATABASE_URI'] = mscolab_settings.SQLALCHEMY_DB_URI
-APP.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
-APP.config['SQLALCHEMY_ECHO'] = mscolab_settings.SQLALCHEMY_ECHO
-APP.config['UPLOAD_FOLDER'] = mscolab_settings.UPLOAD_FOLDER
-APP.config['MAX_CONTENT_LENGTH'] = mscolab_settings.MAX_UPLOAD_SIZE
-APP.config['SECRET_KEY'] = mscolab_settings.SECRET_KEY
-APP.config['SECURITY_PASSWORD_SALT'] = getattr(mscolab_settings, "SECURITY_PASSWORD_SALT", None)
-APP.config['MAIL_DEFAULT_SENDER'] = getattr(mscolab_settings, "MAIL_DEFAULT_SENDER", None)
-APP.config['MAIL_SERVER'] = getattr(mscolab_settings, "MAIL_SERVER", None)
-APP.config['MAIL_PORT'] = getattr(mscolab_settings, "MAIL_PORT", None)
-APP.config['MAIL_USERNAME'] = getattr(mscolab_settings, "MAIL_USERNAME", None)
-APP.config['MAIL_PASSWORD'] = getattr(mscolab_settings, "MAIL_PASSWORD", None)
-APP.config['MAIL_USE_TLS'] = getattr(mscolab_settings, "MAIL_USE_TLS", None)
-APP.config['MAIL_USE_SSL'] = getattr(mscolab_settings, "MAIL_USE_SSL", None)
-
 db = SQLAlchemy(
     metadata=sqlalchemy.MetaData(
         naming_convention={

diff --git a/mslib/mscolab/chat_manager.py b/mslib/mscolab/chat_manager.py
@@ -27,9 +27,9 @@
 import datetime
 import fs
 
-from mslib.mscolab.conf import mscolab_settings
 from mslib.mscolab.models import db, Message, MessageType
 from mslib.mscolab.utils import get_message_dict
+from mslib.mscolab.app import APP
 
 
 class ChatManager:
@@ -88,7 +88,7 @@ def delete_message(self, message_id):
         message = Message.query.filter(Message.id == message_id).first()
         if message.message_type == MessageType.IMAGE or message.message_type == MessageType.DOCUMENT:
             file_name = fs.path.basename(message.text)
-            with fs.open_fs(mscolab_settings.UPLOAD_FOLDER) as upload_dir:
+            with fs.open_fs(APP.config['UPLOAD_FOLDER']) as upload_dir:
                 upload_dir.remove(fs.path.join(str(message.op_id), file_name))
         db.session.delete(message)
         db.session.commit()