df218717c7
Cover UserChangedEvent in unit tests
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-04-11 10:14:20 +00:00
b08656ef6c
displayname switch to eventdispatcher
...
Signed-off-by: Sebastian Biller <s.biller@tu-braunschweig.de>
2022-04-11 10:14:20 +00:00
24a632588c
Add regex routes requirement to providerId
...
Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
2022-04-07 20:29:03 +00:00
be6a8e97fe
Move SAML configurations to a table of their own
...
- adds user_saml_configurations table and migrates existing configuration
- Controller methods are added since appconfig endpoints cannot be used
anymore. THIS IS A BREAKING CHANGE.
- Frontend code is adjusted to use new endpoints.
- security-sloWebServerDecode was changed from global to provider specific
setting. It being global seemed to be unintended. A migration path is yet
missing.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2022-04-07 20:29:03 +00:00
4510f70ff7
cs:fix
...
Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
2021-12-10 09:28:16 +01:00
c4cb5cad48
Avoid duplicate attempt to decode guid
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-10-21 13:13:01 +02:00
59bf8dc6fb
use system email address getter if available
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-09-01 15:15:29 +02:00
e9e55a1da1
improve performance by reusing existing sessions
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-01-26 19:03:03 +01:00
b13a9983e2
adjust to recent merged changes
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-01-26 19:03:03 +01:00
a7aabdd71f
introduces a single point of saml attribute interpretations
...
- solved code duplication on uid mapping attribute determiniation
- a single point for user id normalization
- slightly reduces logic in the Controller
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-01-26 14:32:19 +01:00
9672ed6ca5
make testEncodedObjectGUID more robust against false positives
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-01-20 17:05:17 +01:00
9f53230eb6
fixes provisioning of userids from encoded (objectguid) values
...
- is more tolerate when decoding, uuid structure is still tested later
- ensures the uid is resolved on getCurrentId()
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-11-24 00:08:16 +01:00
8888d5a9ad
Add counting to the user backend
...
This will allow reporting to also list the number of SAML users on the
instance.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-28 15:20:03 +01:00
f81d18c816
don't expose method for no reason
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-09-23 12:43:14 +02:00
c839dc1e73
decode objectGUID to their ASCII representation if
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-09-19 14:07:06 +02:00
3737d92d4b
prevent confirmation dialogs for passwordless users
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-06-28 18:29:36 +02:00
8b5733828e
Merge pull request #319 from nextcloud/fix/noid/user-search-parity
...
user search parity as with local users
2019-05-06 11:42:15 +02:00
Björn Schiessle
eb9f3ffb02
add additional debug output when reading attributes from the IDP
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2019-04-25 13:36:46 +02:00
12e8767baa
user search parity as with local users
...
* also take displayname and email into account
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-04-12 17:07:23 +02:00
Björn Schiessle
0b0bfe94a2
create user in the SAML back-end and update the attributes when
...
the user was found on another back-end during login
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-12-18 16:54:27 +01:00
3b930d8628
Add sanity checks for user home directory
...
When the mapped user home is not a fully qualified path name we'll fall
back to setting the mapped home below the server's datadirectory. This
provides consistent behavior with the "user_ldap" app which uses the same
fallback/safety mechanism.
Signed-off-by: Daniel Klaffenbach <daniel.klaffenbach@hrz.tu-chemnitz.de>
2018-11-26 09:39:21 +01:00
624d1a23b9
Implement mapping of user's home directory
...
Signed-off-by: Daniel Klaffenbach <daniel.klaffenbach@hrz.tu-chemnitz.de>
2018-11-22 09:45:08 +01:00
Björn Schiessle
e148d9f8d1
add missing use clause
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-04 15:19:55 +02:00
Björn Schiessle
179e4d5b76
fix error message
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-09-25 15:56:36 +02:00
Björn Schiessle
8e95292198
get both the raw data from the IDP and the formated ones according to the configured parameter mapping
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-09-25 15:56:36 +02:00
Björn Schiessle
4cbd3e0fe6
format user data before sending it to the client node
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-09-25 15:51:22 +02:00
Björn Schiessle
0d020c048a
add method to get the user data from the idp
...
This is needed in the global scale setup to forward the user data
from the master node (where the login happens) to the client node
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-09-25 15:51:22 +02:00
Björn Schiessle
20757e9f0e
make sure to always use the right idp config
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-08-03 12:43:19 +02:00
ce6e825b0f
Create skeleton and dispatch first login event
...
Code taken from 'regular' login method do create skeleton and dispatch event of the user creation.
A better idea would be to directly use the `prepareUserLogin()` method of `lib/private/User/Session.php`, but as it is private...
2018-06-18 16:21:28 +02:00
423a76a843
Add and remove user groups with SAML
...
Based on PR #95 , however:
- Also removes groups based on the group attribute(s).
- Supports groups with spaces (which the previous PR didn't).
- Includes unit test
Signed-off-by: Sérgio Faria <sergio.faria@is4health.com>
2018-03-19 16:07:42 +00:00
18aa824206
first version for group-mapping. groups are added and user assigned to groups. until now no group removal
...
Signed-off-by: bne86 <b.von.st.vieth@fz-juelich.de>
2018-03-19 16:07:33 +00:00
ee38ad3a17
when attribute from saml_response is of type array, return all valies with space as separator
...
Signed-off-by: bne86 <b.von.st.vieth@fz-juelich.de>
2018-03-19 14:03:05 +00:00
Björn Schiessle
742ae5e80d
set quota to 'default' if no quota parameter is given or quota was set to ''
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-03-15 16:19:24 +01:00
9bf0d3eb3d
Add support for mapping the quota
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-03-14 21:15:04 +01:00
Björn Schiessle
d34e216e9d
update the display name in accounts table
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-12-07 17:14:33 +01:00
54804783c2
Add logout attribute for < 12.0.3
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-09-18 14:11:43 +02:00
2d4aad3487
Implement new SLO URL API
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-18 12:29:49 +02:00
bae5f79cbd
Use static variable for storing backends
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-04 18:16:54 +02:00
5a4d327c0a
Perform logic in ACS
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-04 16:55:01 +02:00
bc98b466bd
Set last login after successful login operation
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-04 12:54:59 +02:00
4691870887
Don't advertise ability to change display name
...
Otherwise users can change their display name and email address which is in a SAML scenario undesired.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-31 16:58:51 +02:00
a5a406fb1f
Backend also supports setting a displayname
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-31 16:28:31 +02:00
d9245ae533
Follow PSR file naming
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-31 16:28:31 +02:00
Julius Härtl
Björn Schiessle