show all configured IdP's on the login screen
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
This commit is contained in:
parent
ba2e04f7b8
commit
afeee8beaa
|
@ -119,9 +119,11 @@ if($useSamlForDesktopClients === '1') {
|
|||
}
|
||||
}
|
||||
|
||||
$multipleUserBackEnds = $config->getAppValue('user_saml', 'general-allow_multiple_user_back_ends', '0');
|
||||
$multipleUserBackEnds = $samlSettings->allowMultipleUserBackEnds();
|
||||
$configuredIdps = $samlSettings->getListOfIdps();
|
||||
$showLoginOptions = $multipleUserBackEnds || count($configuredIdps) > 1;
|
||||
|
||||
if ($redirectSituation === true && $multipleUserBackEnds === '1') {
|
||||
if ($redirectSituation === true && $showLoginOptions) {
|
||||
$params = $request->getParams();
|
||||
$redirectUrl = '';
|
||||
if(isset($params['redirect_url'])) {
|
||||
|
|
|
@ -55,6 +55,8 @@ class SAMLController extends Controller {
|
|||
private $logger;
|
||||
/** @var IL10N */
|
||||
private $l;
|
||||
/** @var SAMLSettings */
|
||||
private $settings;
|
||||
|
||||
/**
|
||||
* @param string $appName
|
||||
|
@ -67,6 +69,7 @@ class SAMLController extends Controller {
|
|||
* @param IURLGenerator $urlGenerator
|
||||
* @param IUserManager $userManager
|
||||
* @param ILogger $logger
|
||||
* @param SAMLSettings $settings
|
||||
* @param IL10N $l
|
||||
*/
|
||||
public function __construct($appName,
|
||||
|
@ -79,6 +82,7 @@ class SAMLController extends Controller {
|
|||
IURLGenerator $urlGenerator,
|
||||
IUserManager $userManager,
|
||||
ILogger $logger,
|
||||
SAMLSettings $settings,
|
||||
IL10N $l) {
|
||||
parent::__construct($appName, $request);
|
||||
$this->session = $session;
|
||||
|
@ -89,6 +93,7 @@ class SAMLController extends Controller {
|
|||
$this->urlGenerator = $urlGenerator;
|
||||
$this->userManager = $userManager;
|
||||
$this->logger = $logger;
|
||||
$this->settings = $settings;
|
||||
$this->l = $l;
|
||||
}
|
||||
|
||||
|
@ -325,26 +330,48 @@ class SAMLController extends Controller {
|
|||
* @return Http\TemplateResponse
|
||||
*/
|
||||
public function selectUserBackEnd($redirectUrl) {
|
||||
$loginUrls = [
|
||||
'directLogin' => [
|
||||
'url' => $this->getDirectLoginUrl($redirectUrl),
|
||||
|
||||
$loginUrls = [];
|
||||
|
||||
if ($this->settings->allowMultipleUserBackEnds()) {
|
||||
$loginUrls['directLogin'] = [
|
||||
'url' => $this->getDirectLoginUrl(),
|
||||
'display-name' => $this->l->t('Direct log in')
|
||||
],
|
||||
'ssoLogin' => [
|
||||
'url' => $this->getSSOUrl($redirectUrl),
|
||||
'display-name' => $this->getSSODisplayName(),
|
||||
]
|
||||
];
|
||||
];
|
||||
}
|
||||
|
||||
$loginUrls['ssoLogin'] = $this->getIdps($redirectUrl);
|
||||
|
||||
return new Http\TemplateResponse($this->appName, 'selectUserBackEnd', $loginUrls, 'guest');
|
||||
}
|
||||
|
||||
/**
|
||||
* get the IdPs showed at the login page
|
||||
*
|
||||
* @param $redirectUrl
|
||||
* @return array
|
||||
*/
|
||||
private function getIdps($redirectUrl) {
|
||||
$result = [];
|
||||
$idps = $this->settings->getListOfIdps();
|
||||
foreach ($idps as $idpId => $displayName) {
|
||||
$result[] = [
|
||||
'url' => $this->getSSOUrl($redirectUrl, $idpId),
|
||||
'display-name' => $this->getSSODisplayName($displayName),
|
||||
];
|
||||
}
|
||||
|
||||
return $result;
|
||||
}
|
||||
|
||||
/**
|
||||
* get SSO URL
|
||||
*
|
||||
* @param $redirectUrl
|
||||
* @param idp identifier
|
||||
* @return string
|
||||
*/
|
||||
private function getSSOUrl($redirectUrl) {
|
||||
private function getSSOUrl($redirectUrl, $idp) {
|
||||
|
||||
$originalUrl = '';
|
||||
if(!empty($redirectUrl)) {
|
||||
|
@ -358,6 +385,7 @@ class SAMLController extends Controller {
|
|||
[
|
||||
'requesttoken' => $csrfToken->getEncryptedValue(),
|
||||
'originalUrl' => $originalUrl,
|
||||
'idp' => $idp
|
||||
]
|
||||
);
|
||||
|
||||
|
@ -368,10 +396,10 @@ class SAMLController extends Controller {
|
|||
/**
|
||||
* return the display name of the SSO identity provider
|
||||
*
|
||||
* @param $displayName
|
||||
* @return string
|
||||
*/
|
||||
protected function getSSODisplayName() {
|
||||
$displayName = $this->config->getAppValue('user_saml', 'general-idp0_display_name');
|
||||
protected function getSSODisplayName($displayName) {
|
||||
if (empty($displayName)) {
|
||||
$displayName = $this->l->t('SSO & SAML log in');
|
||||
}
|
||||
|
|
|
@ -47,7 +47,37 @@ class SAMLSettings {
|
|||
$this->request = $request;
|
||||
}
|
||||
|
||||
/**
|
||||
* get list of the configured IDPs
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function getListOfIdps() {
|
||||
$result = [];
|
||||
|
||||
$providerIds = explode(',', $this->config->getAppValue('user_saml', 'providerIds', '1'));
|
||||
natsort($providerIds);
|
||||
|
||||
foreach ($providerIds as $id) {
|
||||
$prefix = $id === '1' ? '' : $id .'-';
|
||||
$result[$id] = $this->config->getAppValue('user_saml', $prefix . 'general-idp0_display_name', '');
|
||||
}
|
||||
|
||||
return $result;
|
||||
}
|
||||
|
||||
/**
|
||||
* check if multiple user back ends are allowed
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
public function allowMultipleUserBackEnds() {
|
||||
$setting = $this->config->getAppValue('user_saml', 'general-allow_multiple_user_back_ends', '0');
|
||||
return $setting === '1';
|
||||
}
|
||||
|
||||
public function getOneLoginSettingsArray() {
|
||||
|
||||
$settings = [
|
||||
'strict' => true,
|
||||
'debug' => $this->config->getSystemValue('debug', false),
|
||||
|
|
|
@ -9,12 +9,16 @@ style('user_saml', 'selectUserBackEnd');
|
|||
|
||||
<h1>Choose login option:</h1>
|
||||
|
||||
<?php if(isset($_['directLogin'])) : ?>
|
||||
<div class="login-option">
|
||||
<a href="<?php p($_['directLogin']['url']); ?>"><?php p($_['directLogin']['display-name']); ?></a>
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
|
||||
<?php foreach ($_['ssoLogin'] as $idp) { ?>
|
||||
<div class="login-option">
|
||||
<a href="<?php p($_['ssoLogin']['url']); ?>"><?php p($_['ssoLogin']['display-name']); ?></a>
|
||||
<a href="<?php p($idp['url']); ?>"><?php p($idp['display-name']); ?></a>
|
||||
</div>
|
||||
<?php } ?>
|
||||
|
||||
</div>
|
||||
|
|
Loading…
Reference in New Issue