mirror of
https://github.com/netzbegruenung/user_saml.git
synced 2024-05-05 10:33:41 +02:00
show all configured IdP's on the login screen
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
This commit is contained in:
parent
ba2e04f7b8
commit
afeee8beaa
|
@ -119,9 +119,11 @@ if($useSamlForDesktopClients === '1') {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$multipleUserBackEnds = $config->getAppValue('user_saml', 'general-allow_multiple_user_back_ends', '0');
|
$multipleUserBackEnds = $samlSettings->allowMultipleUserBackEnds();
|
||||||
|
$configuredIdps = $samlSettings->getListOfIdps();
|
||||||
|
$showLoginOptions = $multipleUserBackEnds || count($configuredIdps) > 1;
|
||||||
|
|
||||||
if ($redirectSituation === true && $multipleUserBackEnds === '1') {
|
if ($redirectSituation === true && $showLoginOptions) {
|
||||||
$params = $request->getParams();
|
$params = $request->getParams();
|
||||||
$redirectUrl = '';
|
$redirectUrl = '';
|
||||||
if(isset($params['redirect_url'])) {
|
if(isset($params['redirect_url'])) {
|
||||||
|
|
|
@ -55,6 +55,8 @@ class SAMLController extends Controller {
|
||||||
private $logger;
|
private $logger;
|
||||||
/** @var IL10N */
|
/** @var IL10N */
|
||||||
private $l;
|
private $l;
|
||||||
|
/** @var SAMLSettings */
|
||||||
|
private $settings;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param string $appName
|
* @param string $appName
|
||||||
|
@ -67,6 +69,7 @@ class SAMLController extends Controller {
|
||||||
* @param IURLGenerator $urlGenerator
|
* @param IURLGenerator $urlGenerator
|
||||||
* @param IUserManager $userManager
|
* @param IUserManager $userManager
|
||||||
* @param ILogger $logger
|
* @param ILogger $logger
|
||||||
|
* @param SAMLSettings $settings
|
||||||
* @param IL10N $l
|
* @param IL10N $l
|
||||||
*/
|
*/
|
||||||
public function __construct($appName,
|
public function __construct($appName,
|
||||||
|
@ -79,6 +82,7 @@ class SAMLController extends Controller {
|
||||||
IURLGenerator $urlGenerator,
|
IURLGenerator $urlGenerator,
|
||||||
IUserManager $userManager,
|
IUserManager $userManager,
|
||||||
ILogger $logger,
|
ILogger $logger,
|
||||||
|
SAMLSettings $settings,
|
||||||
IL10N $l) {
|
IL10N $l) {
|
||||||
parent::__construct($appName, $request);
|
parent::__construct($appName, $request);
|
||||||
$this->session = $session;
|
$this->session = $session;
|
||||||
|
@ -89,6 +93,7 @@ class SAMLController extends Controller {
|
||||||
$this->urlGenerator = $urlGenerator;
|
$this->urlGenerator = $urlGenerator;
|
||||||
$this->userManager = $userManager;
|
$this->userManager = $userManager;
|
||||||
$this->logger = $logger;
|
$this->logger = $logger;
|
||||||
|
$this->settings = $settings;
|
||||||
$this->l = $l;
|
$this->l = $l;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -325,26 +330,48 @@ class SAMLController extends Controller {
|
||||||
* @return Http\TemplateResponse
|
* @return Http\TemplateResponse
|
||||||
*/
|
*/
|
||||||
public function selectUserBackEnd($redirectUrl) {
|
public function selectUserBackEnd($redirectUrl) {
|
||||||
$loginUrls = [
|
|
||||||
'directLogin' => [
|
$loginUrls = [];
|
||||||
'url' => $this->getDirectLoginUrl($redirectUrl),
|
|
||||||
|
if ($this->settings->allowMultipleUserBackEnds()) {
|
||||||
|
$loginUrls['directLogin'] = [
|
||||||
|
'url' => $this->getDirectLoginUrl(),
|
||||||
'display-name' => $this->l->t('Direct log in')
|
'display-name' => $this->l->t('Direct log in')
|
||||||
],
|
];
|
||||||
'ssoLogin' => [
|
}
|
||||||
'url' => $this->getSSOUrl($redirectUrl),
|
|
||||||
'display-name' => $this->getSSODisplayName(),
|
$loginUrls['ssoLogin'] = $this->getIdps($redirectUrl);
|
||||||
]
|
|
||||||
];
|
|
||||||
return new Http\TemplateResponse($this->appName, 'selectUserBackEnd', $loginUrls, 'guest');
|
return new Http\TemplateResponse($this->appName, 'selectUserBackEnd', $loginUrls, 'guest');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* get the IdPs showed at the login page
|
||||||
|
*
|
||||||
|
* @param $redirectUrl
|
||||||
|
* @return array
|
||||||
|
*/
|
||||||
|
private function getIdps($redirectUrl) {
|
||||||
|
$result = [];
|
||||||
|
$idps = $this->settings->getListOfIdps();
|
||||||
|
foreach ($idps as $idpId => $displayName) {
|
||||||
|
$result[] = [
|
||||||
|
'url' => $this->getSSOUrl($redirectUrl, $idpId),
|
||||||
|
'display-name' => $this->getSSODisplayName($displayName),
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
|
return $result;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* get SSO URL
|
* get SSO URL
|
||||||
*
|
*
|
||||||
* @param $redirectUrl
|
* @param $redirectUrl
|
||||||
|
* @param idp identifier
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
private function getSSOUrl($redirectUrl) {
|
private function getSSOUrl($redirectUrl, $idp) {
|
||||||
|
|
||||||
$originalUrl = '';
|
$originalUrl = '';
|
||||||
if(!empty($redirectUrl)) {
|
if(!empty($redirectUrl)) {
|
||||||
|
@ -358,6 +385,7 @@ class SAMLController extends Controller {
|
||||||
[
|
[
|
||||||
'requesttoken' => $csrfToken->getEncryptedValue(),
|
'requesttoken' => $csrfToken->getEncryptedValue(),
|
||||||
'originalUrl' => $originalUrl,
|
'originalUrl' => $originalUrl,
|
||||||
|
'idp' => $idp
|
||||||
]
|
]
|
||||||
);
|
);
|
||||||
|
|
||||||
|
@ -368,10 +396,10 @@ class SAMLController extends Controller {
|
||||||
/**
|
/**
|
||||||
* return the display name of the SSO identity provider
|
* return the display name of the SSO identity provider
|
||||||
*
|
*
|
||||||
|
* @param $displayName
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
protected function getSSODisplayName() {
|
protected function getSSODisplayName($displayName) {
|
||||||
$displayName = $this->config->getAppValue('user_saml', 'general-idp0_display_name');
|
|
||||||
if (empty($displayName)) {
|
if (empty($displayName)) {
|
||||||
$displayName = $this->l->t('SSO & SAML log in');
|
$displayName = $this->l->t('SSO & SAML log in');
|
||||||
}
|
}
|
||||||
|
|
|
@ -47,7 +47,37 @@ class SAMLSettings {
|
||||||
$this->request = $request;
|
$this->request = $request;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* get list of the configured IDPs
|
||||||
|
*
|
||||||
|
* @return array
|
||||||
|
*/
|
||||||
|
public function getListOfIdps() {
|
||||||
|
$result = [];
|
||||||
|
|
||||||
|
$providerIds = explode(',', $this->config->getAppValue('user_saml', 'providerIds', '1'));
|
||||||
|
natsort($providerIds);
|
||||||
|
|
||||||
|
foreach ($providerIds as $id) {
|
||||||
|
$prefix = $id === '1' ? '' : $id .'-';
|
||||||
|
$result[$id] = $this->config->getAppValue('user_saml', $prefix . 'general-idp0_display_name', '');
|
||||||
|
}
|
||||||
|
|
||||||
|
return $result;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* check if multiple user back ends are allowed
|
||||||
|
*
|
||||||
|
* @return bool
|
||||||
|
*/
|
||||||
|
public function allowMultipleUserBackEnds() {
|
||||||
|
$setting = $this->config->getAppValue('user_saml', 'general-allow_multiple_user_back_ends', '0');
|
||||||
|
return $setting === '1';
|
||||||
|
}
|
||||||
|
|
||||||
public function getOneLoginSettingsArray() {
|
public function getOneLoginSettingsArray() {
|
||||||
|
|
||||||
$settings = [
|
$settings = [
|
||||||
'strict' => true,
|
'strict' => true,
|
||||||
'debug' => $this->config->getSystemValue('debug', false),
|
'debug' => $this->config->getSystemValue('debug', false),
|
||||||
|
|
|
@ -9,12 +9,16 @@ style('user_saml', 'selectUserBackEnd');
|
||||||
|
|
||||||
<h1>Choose login option:</h1>
|
<h1>Choose login option:</h1>
|
||||||
|
|
||||||
|
<?php if(isset($_['directLogin'])) : ?>
|
||||||
<div class="login-option">
|
<div class="login-option">
|
||||||
<a href="<?php p($_['directLogin']['url']); ?>"><?php p($_['directLogin']['display-name']); ?></a>
|
<a href="<?php p($_['directLogin']['url']); ?>"><?php p($_['directLogin']['display-name']); ?></a>
|
||||||
</div>
|
</div>
|
||||||
|
<?php endif; ?>
|
||||||
|
|
||||||
|
<?php foreach ($_['ssoLogin'] as $idp) { ?>
|
||||||
<div class="login-option">
|
<div class="login-option">
|
||||||
<a href="<?php p($_['ssoLogin']['url']); ?>"><?php p($_['ssoLogin']['display-name']); ?></a>
|
<a href="<?php p($idp['url']); ?>"><?php p($idp['display-name']); ?></a>
|
||||||
</div>
|
</div>
|
||||||
|
<?php } ?>
|
||||||
|
|
||||||
</div>
|
</div>
|
||||||
|
|
Loading…
Reference in a new issue