Julius Härtl
df218717c7
Cover UserChangedEvent in unit tests
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-04-11 10:14:20 +00:00
Sebastian Biller
b08656ef6c
displayname switch to eventdispatcher
...
Signed-off-by: Sebastian Biller <s.biller@tu-braunschweig.de>
2022-04-11 10:14:20 +00:00
John Molakvoæ
24a632588c
Add regex routes requirement to providerId
...
Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
2022-04-07 20:29:03 +00:00
Arthur Schiwon
be6a8e97fe
Move SAML configurations to a table of their own
...
- adds user_saml_configurations table and migrates existing configuration
- Controller methods are added since appconfig endpoints cannot be used
anymore. THIS IS A BREAKING CHANGE.
- Frontend code is adjusted to use new endpoints.
- security-sloWebServerDecode was changed from global to provider specific
setting. It being global seemed to be unintended. A migration path is yet
missing.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2022-04-07 20:29:03 +00:00
John Molakvoæ
4510f70ff7
cs:fix
...
Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
2021-12-10 09:28:16 +01:00
Julius Härtl
c4cb5cad48
Avoid duplicate attempt to decode guid
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-10-21 13:13:01 +02:00
Arthur Schiwon
59bf8dc6fb
use system email address getter if available
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-09-01 15:15:29 +02:00
Arthur Schiwon
e9e55a1da1
improve performance by reusing existing sessions
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-01-26 19:03:03 +01:00
Arthur Schiwon
b13a9983e2
adjust to recent merged changes
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-01-26 19:03:03 +01:00
Arthur Schiwon
a7aabdd71f
introduces a single point of saml attribute interpretations
...
- solved code duplication on uid mapping attribute determiniation
- a single point for user id normalization
- slightly reduces logic in the Controller
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-01-26 14:32:19 +01:00
Arthur Schiwon
9672ed6ca5
make testEncodedObjectGUID more robust against false positives
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-01-20 17:05:17 +01:00
Arthur Schiwon
9f53230eb6
fixes provisioning of userids from encoded (objectguid) values
...
- is more tolerate when decoding, uuid structure is still tested later
- ensures the uid is resolved on getCurrentId()
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-11-24 00:08:16 +01:00
Roeland Jago Douma
8888d5a9ad
Add counting to the user backend
...
This will allow reporting to also list the number of SAML users on the
instance.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-28 15:20:03 +01:00
Arthur Schiwon
f81d18c816
don't expose method for no reason
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-09-23 12:43:14 +02:00
Arthur Schiwon
c839dc1e73
decode objectGUID to their ASCII representation if
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-09-19 14:07:06 +02:00
Arthur Schiwon
3737d92d4b
prevent confirmation dialogs for passwordless users
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-06-28 18:29:36 +02:00
blizzz
8b5733828e
Merge pull request #319 from nextcloud/fix/noid/user-search-parity
...
user search parity as with local users
2019-05-06 11:42:15 +02:00
Björn Schiessle
eb9f3ffb02
add additional debug output when reading attributes from the IDP
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2019-04-25 13:36:46 +02:00
Arthur Schiwon
12e8767baa
user search parity as with local users
...
* also take displayname and email into account
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-04-12 17:07:23 +02:00
Björn Schiessle
0b0bfe94a2
create user in the SAML back-end and update the attributes when
...
the user was found on another back-end during login
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-12-18 16:54:27 +01:00
Daniel Klaffenbach
3b930d8628
Add sanity checks for user home directory
...
When the mapped user home is not a fully qualified path name we'll fall
back to setting the mapped home below the server's datadirectory. This
provides consistent behavior with the "user_ldap" app which uses the same
fallback/safety mechanism.
Signed-off-by: Daniel Klaffenbach <daniel.klaffenbach@hrz.tu-chemnitz.de>
2018-11-26 09:39:21 +01:00
Daniel Klaffenbach
624d1a23b9
Implement mapping of user's home directory
...
Signed-off-by: Daniel Klaffenbach <daniel.klaffenbach@hrz.tu-chemnitz.de>
2018-11-22 09:45:08 +01:00
Björn Schiessle
e148d9f8d1
add missing use clause
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-04 15:19:55 +02:00
Björn Schiessle
179e4d5b76
fix error message
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-09-25 15:56:36 +02:00
Björn Schiessle
8e95292198
get both the raw data from the IDP and the formated ones according to the configured parameter mapping
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-09-25 15:56:36 +02:00
Björn Schiessle
4cbd3e0fe6
format user data before sending it to the client node
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-09-25 15:51:22 +02:00
Björn Schiessle
0d020c048a
add method to get the user data from the idp
...
This is needed in the global scale setup to forward the user data
from the master node (where the login happens) to the client node
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-09-25 15:51:22 +02:00
Björn Schiessle
20757e9f0e
make sure to always use the right idp config
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-08-03 12:43:19 +02:00
FGIKCM
ce6e825b0f
Create skeleton and dispatch first login event
...
Code taken from 'regular' login method do create skeleton and dispatch event of the user creation.
A better idea would be to directly use the `prepareUserLogin()` method of `lib/private/User/Session.php`, but as it is private...
2018-06-18 16:21:28 +02:00
Sérgio Faria
423a76a843
Add and remove user groups with SAML
...
Based on PR #95 , however:
- Also removes groups based on the group attribute(s).
- Supports groups with spaces (which the previous PR didn't).
- Includes unit test
Signed-off-by: Sérgio Faria <sergio.faria@is4health.com>
2018-03-19 16:07:42 +00:00
bne86
18aa824206
first version for group-mapping. groups are added and user assigned to groups. until now no group removal
...
Signed-off-by: bne86 <b.von.st.vieth@fz-juelich.de>
2018-03-19 16:07:33 +00:00
bne86
ee38ad3a17
when attribute from saml_response is of type array, return all valies with space as separator
...
Signed-off-by: bne86 <b.von.st.vieth@fz-juelich.de>
2018-03-19 14:03:05 +00:00
Björn Schiessle
742ae5e80d
set quota to 'default' if no quota parameter is given or quota was set to ''
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-03-15 16:19:24 +01:00
Roeland Jago Douma
9bf0d3eb3d
Add support for mapping the quota
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-03-14 21:15:04 +01:00
Björn Schiessle
d34e216e9d
update the display name in accounts table
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-12-07 17:14:33 +01:00
Lukas Reschke
54804783c2
Add logout attribute for < 12.0.3
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-09-18 14:11:43 +02:00
Lukas Reschke
2d4aad3487
Implement new SLO URL API
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-18 12:29:49 +02:00
Lukas Reschke
bae5f79cbd
Use static variable for storing backends
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-04 18:16:54 +02:00
Lukas Reschke
5a4d327c0a
Perform logic in ACS
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-04 16:55:01 +02:00
Lukas Reschke
bc98b466bd
Set last login after successful login operation
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-04 12:54:59 +02:00
Lukas Reschke
4691870887
Don't advertise ability to change display name
...
Otherwise users can change their display name and email address which is in a SAML scenario undesired.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-31 16:58:51 +02:00
Lukas Reschke
a5a406fb1f
Backend also supports setting a displayname
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-31 16:28:31 +02:00
Lukas Reschke
d9245ae533
Follow PSR file naming
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-31 16:28:31 +02:00