updated sso
diff --git a/defaults/main.yml b/defaults/main.yml
index a5bde60..0e3b346 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -11,14 +11,14 @@
jwt_key_size: 2048
saml_folder: "{{ apigee_home }}/customer/application/apigee-sso/saml"
-sso_saml_service_provider_key_filename: server.key
-sso_saml_service_provider_key: "{{ saml_folder }}/{{ sso_saml_service_provider_key_filename}}"
+sso_saml_service_provider_key_file_name: server.key
+sso_saml_service_provider_key_file_path: "{{ saml_folder }}/{{ sso_saml_service_provider_key_file_name }}"
saml_private_encryption_type: aes256
saml_private_key_size: 1024
saml_cert_signing_request_file_name: server.csr
saml_cert_signing_request: "{{ saml_folder }}/{{ saml_cert_signing_request_file_name }}"
-sso_saml_service_provider_certificate_filename: server.crt
-sso_saml_service_provider_certificate: "{{ saml_folder }}/{{ sso_saml_service_provider_certificate_filename }}"
+sso_saml_service_provider_certificate_file_name: server.crt
+sso_saml_service_provider_certificate_file_path: "{{ saml_folder }}/{{ sso_saml_service_provider_certificate_file_name }}"
saml_cert_encryption_type: sha256
saml_cert_expiry_days: 365
saml_cert_subject: "/C=US/O=google/OU=apigee/CN=apigee.com"
diff --git a/tasks/create-saml-keys-cert.yml b/tasks/create-saml-keys-cert.yml
index 3459ae0..9732cd3 100644
--- a/tasks/create-saml-keys-cert.yml
+++ b/tasks/create-saml-keys-cert.yml
@@ -1,7 +1,7 @@
---
- name: Assert that service provider key file exists
stat:
- path: "{{ sso_saml_service_provider_key_filename}}"
+ path: "{{ sso_saml_service_provider_key_file_path }}"
register: key
- block:
@@ -19,7 +19,7 @@
register: passphrase
- name: Generate your private key with a passphrase
- command: "openssl genrsa -{{ saml_private_encryption_type }} -passout pass:{{ passphrase.stdout }} -out {{ sso_saml_service_provider_key_filename}} {{ saml_private_key_size }}"
+ command: "openssl genrsa -{{ saml_private_encryption_type }} -passout pass:{{ passphrase.stdout }} -out {{ sso_saml_service_provider_key_file_name}} {{ saml_private_key_size }}"
args:
chdir: "{{ saml_folder }}"
@@ -29,8 +29,8 @@
#
# - name: Generate your private key with a passphrase
# openssl_certificate:
-# path: "{{ sso_saml_service_provider_certificate_filename }}"
-# privatekey_path: "{{ sso_saml_service_provider_key_filename }}"
+# path: "{{ sso_saml_service_provider_certificate_file_name }}"
+# privatekey_path: "{{ sso_saml_service_provider_key_filepath }}"
# csr_path: "{{ saml_cert_signing_request_file_name }}"
# provider: selfsigned
# subject: "{{ saml_cert_subject }}"
@@ -39,27 +39,27 @@
- name: Prep to remove passphrase from Key
copy:
- dest: "{{ saml_folder }}/remove-passphrase-{{ sso_saml_service_provider_key_filename}}"
- src: "{{ saml_folder }}/{{ sso_saml_service_provider_key_filename}}"
+ dest: "{{ saml_folder }}/remove-passphrase-{{ sso_saml_service_provider_key_file_name}}"
+ src: "{{ sso_saml_service_provider_key_filepath}}"
remote_src: yes
- name: Remove the passphrase from the key
- shell: "openssl rsa -in remove-passphrase-{{ sso_saml_service_provider_key_filename}} -passin pass:{{ passphrase.stdout }} -out {{ sso_saml_service_provider_key_filename}}"
+ shell: "openssl rsa -in remove-passphrase-{{ sso_saml_service_provider_key_file_name}} -passin pass:{{ passphrase.stdout }} -out {{ sso_saml_service_provider_key_file_name}}"
args:
chdir: "{{ saml_folder }}"
- name: Clean up passphrase removal file
file:
- path: "{{ saml_folder }}/remove-passphrase-{{ sso_saml_service_provider_key_filename}}"
+ path: "{{ saml_folder }}/remove-passphrase-{{ sso_saml_service_provider_key_file_name}}"
state: absent
- name: Generate certificate signing request for CA
- shell: "openssl req -x509 -sha256 -new -passin pass:{{ passphrase.stdout }} -key {{ sso_saml_service_provider_key_filename}} -out {{ saml_cert_signing_request_file_name }} -subj {{ saml_cert_subject }}"
+ shell: "openssl req -x509 -sha256 -new -passin pass:{{ passphrase.stdout }} -key {{ sso_saml_service_provider_key_file_name}} -out {{ saml_cert_signing_request_file_name }} -subj {{ saml_cert_subject }}"
args:
chdir: "{{ saml_folder }}"
- name: Generate self-signed certificate with 365 days expiry-time
- shell: "openssl x509 -{{ saml_cert_encryption_type }} -days {{ saml_cert_expiry_days }} -in {{ saml_cert_signing_request_file_name }} -signkey {{ sso_saml_service_provider_key_filename}} -out {{ sso_saml_service_provider_certificate_filename }}"
+ shell: "openssl x509 -{{ saml_cert_encryption_type }} -days {{ saml_cert_expiry_days }} -in {{ saml_cert_signing_request_file_name }} -signkey {{ sso_saml_service_provider_key_file_name}} -out {{ sso_saml_service_provider_certificate_file_name }}"
args:
chdir: "{{ saml_folder }}"
diff --git a/tasks/main.yml b/tasks/main.yml
index 90645b9..ce85294 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -14,7 +14,7 @@
with_items:
- { key: 'sso_jwt_signinig_key_filepath', value: '{{ sso_jwt_signinig_key_filepath }}' }
- { key: 'sso_saml_service_provider_key', value: '{{ sso_saml_service_provider_key }}' }
- - { key: 'sso_saml_service_provider_certificate', value: '{{ sso_saml_service_provider_certificate }}' }
+ - { key: 'sso_saml_service_provider_certificate', value: '{{ sso_saml_service_provider_certificate_file_path}}' }
- { key: 'edge_sso_installation_config_filename' , value: '{{ edge_sso_installation_config_filename }}' }
- { key: 'edge_sso_installation_config_file', value: "{{ edge_sso_installation_config_file }}" }
- { key: 'saml_folder', value: "{{ saml_folder }}" }
