fixed saml scripts and added auto generation certs script

admin/src/moodle_saml.py

@@ -82,10 +82,25 @@ class MoodleSaml():
 
         log.info('Written SP file on moodledata.')
 
-        self.activate_saml_plugin()
+        try:
-        self.set_moodle_saml_plugin()
+            self.activate_saml_plugin()
-        self.delete_keycloak_moodle_saml_plugin()
+        except:
-        self.add_keycloak_moodle_saml()
+            print('Error activating saml on moodle')
+        
+        try:
+            self.set_moodle_saml_plugin()
+        except:
+            print('Error setting saml on moodle')
+        
+        try:
+            self.delete_keycloak_moodle_saml_plugin()
+        except:
+            print('Error deleting saml on keycloak')
+        
+        try:
+            self.add_keycloak_moodle_saml()
+        except:
+            print('Error adding saml on keycloak')
 
     def activate_saml_plugin(self):
         ## After you need to purge moodle caches: /var/www/html # php admin/cli/purge_caches.php
@@ -121,7 +136,7 @@ class MoodleSaml():
                 'saml_role_manager_map': 'manager',
                 'field_map_email': 'email',
                 'field_map_firstname': 'givenName',
-                'field_map_lastname': 'surname'}
+                'field_map_lastname': 'sn'}
         for name in config.keys():
             self.pg.update("""UPDATE "mdl_config_plugins" SET value = '%s' WHERE "plugin" = 'auth_saml2' AND "name" = '%s'""" % (config[name],name))
             self.pg.update("""INSERT INTO "mdl_auth_saml2_idps" ("metadataurl", "entityid", "activeidp", "defaultidp", "adminidp", "defaultname", "displayname", "logo", "alias", "whitelist") VALUES
@@ -151,7 +166,7 @@ class MoodleSaml():
             "protocol" : "saml",
             "attributes" : {
             "saml.force.post.binding" : True,
-            "saml.encrypt" : True,
+            "saml.encrypt" : False,
             "saml_assertion_consumer_url_post" : "https://moodle."+os.environ['DOMAIN']+"/auth/saml2/sp/saml2-acs.php/moodle."+os.environ['DOMAIN']+"",
             "saml.server.signature" : True,
             "saml.server.signature.keyinfo.ext" : False,
@@ -159,7 +174,7 @@ class MoodleSaml():
             "saml_single_logout_service_url_redirect" : "https://moodle."+os.environ['DOMAIN']+"/auth/saml2/sp/saml2-logout.php/moodle."+os.environ['DOMAIN']+"",
             "saml.signature.algorithm" : "RSA_SHA256",
             "saml_force_name_id_format" : False,
-            "saml.client.signature" : False,
+            "saml.client.signature" : True,
             "saml.encryption.certificate" : app['config']['SP_PEM'],
             "saml.authnstatement" : True,
             "saml_name_id_format" : "username",
@@ -170,14 +185,14 @@ class MoodleSaml():
             "nodeReRegistrationTimeout" : -1,
             "protocolMappers" : [ {
             "id" : "9296daa3-4fc4-4b80-b007-5070f546ae13",
-            "name" : "X500 surname",
+            "name" : "X500 sn",
             "protocol" : "saml",
             "protocolMapper" : "saml-user-property-mapper",
             "consentRequired" : False,
             "config" : {
                 "attribute.nameformat" : "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
                 "user.attribute" : "lastName",
-                "friendly.name" : "surname",
+                "friendly.name" : "sn",
                 "attribute.name" : "urn:oid:2.5.4.4"
             }
             }, {
@@ -230,4 +245,4 @@ class MoodleSaml():
         keycloak=None
 
 
-m=MoodleSaml()
+m=MoodleSaml()

admin/src/nextcloud_gencerts.sh

@@ -0,0 +1,4 @@
+cd saml_certs
+openssl req  -nodes -new -x509  -keyout private.key -out public.cert
+cd ..
+echo "Now run the python nextcloud script"