From e4f51262d1ef464dfba494d49288aa10f3f165eb Mon Sep 17 00:00:00 2001
From: Rainer Keller <mail@rainerkeller.de>
Date: Wed, 9 Oct 2024 17:03:09 +0200
Subject: [PATCH] Print SAML authentication URL for user convenience

---
 src/http.c        |  2 +-
 src/http.h        | 10 ++++++++++
 src/http_server.c | 25 +++++++++++++++++++++++++
 3 files changed, 36 insertions(+), 1 deletion(-)

diff --git a/src/http.c b/src/http.c
index 1cea951f..bf4052da 100644
--- a/src/http.c
+++ b/src/http.c
@@ -47,7 +47,7 @@
  * @param[out] dest  the buffer to write the URL-encoded string
  * @param[in]  str   the input string to be escaped
  */
-static void url_encode(char *dest, const char *str)
+void url_encode(char *dest, const char *str)
 {
 	while (*str != '\0') {
 		if (isalnum(*str) || *str == '-' || *str == '_' ||
diff --git a/src/http.h b/src/http.h
index a4a07e1b..22f7b719 100644
--- a/src/http.h
+++ b/src/http.h
@@ -31,6 +31,16 @@
 #define ERR_HTTP_PERMISSION	-6
 #define ERR_HTTP_NO_COOKIE	-7
 
+/*
+ * URL-encodes a string for HTTP requests.
+ *
+ * The dest buffer size MUST be at least strlen(str) * 3 + 1.
+ *
+ * @param[out] dest  the buffer to write the URL-encoded string
+ * @param[in]  str   the input string to be escaped
+ */
+void url_encode(char *dest, const char *str);
+
 static inline const char *err_http_str(int code)
 {
 	if (code > 0)
diff --git a/src/http_server.c b/src/http_server.c
index 5913dffa..3227fd0a 100644
--- a/src/http_server.c
+++ b/src/http_server.c
@@ -8,6 +8,31 @@
 #include "config.h"
 #include "log.h"
 #include "tunnel.h"
+#include "http.h" // for url_encode
+
+static void print_url(const struct vpn_config *cfg) {
+	char *encoded_realm = NULL;
+	char realm[] = "&realm=";
+	char *empty_string = "\0";
+
+	// Desired string is https://company.com:port/remote/saml/start?redirect=1(&realm=<str>)
+	// with the realm being optional
+	static const char *uri_pattern = "https://%s:%d/remote/saml/start?redirect=1%s%s";
+
+	if (cfg->realm[0] != '\0') {
+		encoded_realm = alloca(strlen(cfg->realm) * 3 + 1); // url_encode required three times the size
+		url_encode(encoded_realm, cfg->realm);
+	} else {
+		encoded_realm = empty_string;
+		realm[0] = 0; // Make realm appear empty when printing as string
+	}
+
+	int required_size = 1 + snprintf(NULL, 0, uri_pattern, cfg->gateway_host, cfg->gateway_port, realm, encoded_realm);
+	char *url = alloca(required_size);
+	snprintf(url, required_size, uri_pattern, cfg->gateway_host, cfg->gateway_port, realm, encoded_realm);
+
+	log_info("Authenticate at '%s'\n", url);
+}
 
 // Convenience function to send a response with a user readable status message and the
 // request URL shown for debug purposes.