mirror of
https://github.com/netzbegruenung/user_saml.git
synced 2024-05-05 02:23:42 +02:00
allow multiple user back-ends with environment variables
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
This commit is contained in:
parent
e422da803b
commit
4a85637f3e
|
@ -73,10 +73,6 @@ switch($config->getAppValue('user_saml', 'type')) {
|
|||
return;
|
||||
}
|
||||
|
||||
if ($type === 'environment-variable') {
|
||||
OC_User::handleApacheAuth();
|
||||
}
|
||||
|
||||
if($returnScript === true) {
|
||||
return;
|
||||
}
|
||||
|
@ -131,12 +127,13 @@ if($useSamlForDesktopClients === '1') {
|
|||
}
|
||||
}
|
||||
|
||||
$params = $request->getParams();
|
||||
$multipleUserBackEnds = $samlSettings->allowMultipleUserBackEnds();
|
||||
$configuredIdps = $samlSettings->getListOfIdps();
|
||||
$showLoginOptions = $multipleUserBackEnds || count($configuredIdps) > 1;
|
||||
$showLoginOptions = $showLoginOptions && !isset($params['environmentVariableLogin']);
|
||||
|
||||
if ($redirectSituation === true && $showLoginOptions) {
|
||||
$params = $request->getParams();
|
||||
$redirectUrl = '';
|
||||
if(isset($params['redirect_url'])) {
|
||||
$redirectUrl = $params['redirect_url'];
|
||||
|
@ -145,7 +142,8 @@ if ($redirectSituation === true && $showLoginOptions) {
|
|||
$targetUrl = $urlGenerator->linkToRouteAbsolute(
|
||||
'user_saml.SAML.selectUserBackEnd',
|
||||
[
|
||||
'redirectUrl' => $redirectUrl
|
||||
'redirectUrl' => $redirectUrl,
|
||||
'type' => $type
|
||||
]
|
||||
);
|
||||
header('Location: '.$targetUrl);
|
||||
|
@ -153,6 +151,10 @@ if ($redirectSituation === true && $showLoginOptions) {
|
|||
|
||||
}
|
||||
|
||||
if ($type === 'environment-variable' && !$showLoginOptions) {
|
||||
OC_User::handleApacheAuth();
|
||||
}
|
||||
|
||||
if($redirectSituation === true) {
|
||||
$params = $request->getParams();
|
||||
$originalUrl = '';
|
||||
|
|
|
@ -367,9 +367,10 @@ class SAMLController extends Controller {
|
|||
* @NoCSRFRequired
|
||||
* @OnlyUnauthenticatedUsers
|
||||
* @param string $redirectUrl
|
||||
* @param string $type
|
||||
* @return Http\TemplateResponse
|
||||
*/
|
||||
public function selectUserBackEnd($redirectUrl) {
|
||||
public function selectUserBackEnd($redirectUrl, $type) {
|
||||
|
||||
$attributes = ['loginUrls' => []];
|
||||
|
||||
|
@ -380,7 +381,11 @@ class SAMLController extends Controller {
|
|||
];
|
||||
}
|
||||
|
||||
$attributes['loginUrls']['ssoLogin'] = $this->getIdps($redirectUrl);
|
||||
if ($type === 'saml') {
|
||||
$attributes['loginUrls']['ssoLogin'] = $this->getIdps($redirectUrl);
|
||||
} else {
|
||||
$attributes['loginUrls']['ssoLogin'] = $this->getEnvVarLogin($redirectUrl);
|
||||
}
|
||||
|
||||
$attributes['useCombobox'] = count($attributes['loginUrls']['ssoLogin']) > 4 ? true : false;
|
||||
|
||||
|
@ -407,6 +412,42 @@ class SAMLController extends Controller {
|
|||
return $result;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* get the IdPs showed at the login page
|
||||
*
|
||||
* @param $redirectUrl
|
||||
* @return array
|
||||
*/
|
||||
private function getEnvVarLogin($redirectUrl) {
|
||||
|
||||
if(!empty($redirectUrl)) {
|
||||
$originalUrl = $this->urlGenerator->getAbsoluteURL($redirectUrl);
|
||||
$url = $this->urlGenerator->linkToRouteAbsolute(
|
||||
'user_saml.SAML.selectUserBackEnd',
|
||||
[
|
||||
'environmentVariableLogin' => '1',
|
||||
'redirect' => $originalUrl
|
||||
]
|
||||
);
|
||||
} else {
|
||||
$url = $this->urlGenerator->linkToRouteAbsolute(
|
||||
'user_saml.SAML.selectUserBackEnd',
|
||||
[
|
||||
'environmentVariableLogin' => '1'
|
||||
]
|
||||
);
|
||||
}
|
||||
|
||||
return [
|
||||
[
|
||||
'url' => $url,
|
||||
'display-name' => 'Kerberos Login',
|
||||
]
|
||||
];
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* get SSO URL
|
||||
*
|
||||
|
|
|
@ -82,7 +82,7 @@ class SAMLSettings {
|
|||
public function allowMultipleUserBackEnds() {
|
||||
$type = $this->config->getAppValue('user_saml', 'type');
|
||||
$setting = $this->config->getAppValue('user_saml', 'general-allow_multiple_user_back_ends', '0');
|
||||
return ($setting === '1' && $type === 'saml');
|
||||
return ($setting === '1');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
Loading…
Reference in a new issue