NB-Public/user_saml
14
0
Fork 0
mirror of https://github.com/netzbegruenung/user_saml.git synced 2024-05-04 10:03:42 +02:00
Code Issues Projects Releases Wiki Activity
664 commits 27 branches 58 tags 9.4 MiB
Commit graph

56 commits

Author SHA1 Message Date
Roeland Jago Douma 1365bf820d
Load a timezone file if no timezone is set 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-05-27 08:39:22 +02:00
Björn Schiessle 577f612267
Merge pull request #286 from nextcloud/fix-268 
always create user in the SAML back-end and update the attributes
 2019-01-24 14:58:11 +01:00
Arthur Schiwon ec593bce13
user might be already known, but was not mapped yet. init on first login. 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2019-01-22 13:38:56 +01:00
rakekniven 4e82b97055
Fixed typo. 
Reported at Transifex.

Signed-off-by: Mark Ziegler <mark.ziegler@rakekniven.de>
 2019-01-19 22:30:10 +01:00
Björn Schiessle 0b0bfe94a2
create user in the SAML back-end and update the attributes when 
the user was found on another back-end during login

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-12-18 16:54:27 +01:00
Daniel Klaffenbach 624d1a23b9 Implement mapping of user's home directory 
Signed-off-by: Daniel Klaffenbach <daniel.klaffenbach@hrz.tu-chemnitz.de>
 2018-11-22 09:45:08 +01:00
Björn Schiessle 0aeaa0401a
Merge pull request #271 from nextcloud/better-error-messages 
improve error messages in case SAML is not configured properly
 2018-11-21 17:11:56 +01:00
Björn Schiessle 9790fbcb56
improve error messages in case SAML is not configured properly 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-11-20 17:34:46 +01:00
Björn Schiessle 087efb7359
content doesn't have to be a array, e.g. for category=type, content is 'saml' 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-11-19 12:25:12 +01:00
Björn Schiessle e38a46eb64
first check if it is an array and that the key exists, to avoid error messages in the log file 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-11-19 12:17:35 +01:00
Björn Schiessle 69c0c5f479
log IDP parameters in debug mode 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-11-16 16:46:31 +01:00
Robin Appelman f20252a5f4 log provisioning errors during sso environment login 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2018-11-14 15:05:44 +01:00
Björn Schiessle fadb3a1e4a
add a combobox instead of buttons to select the login method if more then 4 different IDPs are configured 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-11-09 14:46:38 +01:00
Björn Schiessle 860ffb24ad
make global scale setup more robust 
If this server acts as a global scale master and the user is not
a local admin of the server we just create the user and continue
no need to update additional attributes.
But for local users, e.g. the admins of the global scale master
we should complete the user setup with all attributes

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-10-24 14:06:27 +02:00
Roeland Jago Douma 140100b23e
Actually add error page 
* The base route now has a function as well so it is not just some empty
route
* We now actually have an error page

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-11 11:56:55 +02:00
Björn Schiessle 425173365e
adjust Nextcloud app to php-saml 3.0 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-10-09 22:08:33 +02:00
Björn Schiessle b80b94e408
we need to store some basic user information, even in the global scale scenario 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-10-09 16:57:03 +02:00
Björn Schiessle 53fe18a99f
allow redirect to the logout if it comes from the same server 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-09-25 15:56:36 +02:00
Björn Schiessle 4f852af4ce
don't auto provision the user on a global scale setup 
with global scale the authentication happens on the master node
and then the user is forward to the node they are located.
Therefore no user should be created on the master node after the
authentication at the idp was successful

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-09-25 15:51:22 +02:00
Jean-Baptiste PIN 3f3cd68ef4
added redirection to originalUrl when using SSO 
Signed-off-by: Jean-Baptiste PIN <jeanbaptiste@idruide.com>
 2018-08-17 16:14:19 +02:00
Jean-Baptiste 0828185832
Added copyright 
Signed-off-by: Jean-Baptiste <jibet.pin@gmail.com>
 2018-08-17 16:14:09 +02:00
Björn Schiessle 2ac9adaf79
add missing parameter to function call 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-08-13 17:06:54 +02:00
Björn Schiessle 73ae008f6c
fix documentation 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-08-03 18:31:14 +02:00
Björn Schiessle d055a0dafb
fix property name 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-08-03 12:43:20 +02:00
Björn Schiessle 2d62533eac
fix unit tests 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-08-03 12:43:20 +02:00
Julius Härtl 00711b8fbb
Fix attribute mapping config fetching 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2018-08-03 12:43:19 +02:00
Björn Schiessle 20757e9f0e
make sure to always use the right idp config 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-08-03 12:43:19 +02:00
Björn Schiessle dafaf016a6
skip the 'type' if we build the settings page 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-08-03 12:43:19 +02:00
Julius Härtl da69ddd5e3
Fix missing config values when switching idp 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2018-08-03 12:43:19 +02:00
Björn Schiessle e378f22d10
always read the right idp config 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-08-03 12:43:19 +02:00
Björn Schiessle 39b3d52746
make sure to redirect to correct idp 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-08-03 12:43:19 +02:00
Björn Schiessle afeee8beaa
show all configured IdP's on the login screen 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-08-03 12:43:19 +02:00
Julius Härtl 174234a14e
Fix issue when removing and adding the first idp 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2018-08-03 12:42:09 +02:00
Julius Härtl 1b4b4ee188
Add controller method to delete all idp config keys 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2018-08-03 12:42:08 +02:00
Julius Härtl ee5308382b
Allow to configure multiple SAML providers 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2018-08-03 12:42:06 +02:00
Roeland Jago Douma b6531dbca7
Follow the redirect url on direct login 
This makes sure the auth flow also works with the direct login.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-07-11 13:35:15 +02:00
Roeland Jago Douma 82102c6f18
Merge pull request #196 from nextcloud/multiple-user-back-ends 
Multiple user back ends
 2018-03-19 14:01:07 +01:00
Björn Schiessle 02cde8030b
fix function documentation 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-03-19 12:51:39 +01:00
Björn Schiessle 8bc343da6f
make display name of SSO identity provider configurable 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-03-19 12:51:38 +01:00
Björn Schiessle 7daab97ace
add landing page to chose between SSO and direct login 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-03-19 12:51:30 +01:00
Arthur Schiwon bed32b460f
try to lookup a user if the uid does not resolve and autoprov is disabled 
it might well may be that the user exists but is not yet known to the
specific backend in Nextcloud and need to be mapped first.

This assumes that searching for the uid will actually find the user. This
is not necessarily given by the backend configuration.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2018-03-14 17:53:07 +01:00
Björn Schiessle 4b8558522b
detect disabled user and show a appropriated error message 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-03-13 19:06:41 +01:00
Björn Schiessle b9d5f56d25
add a meaningful error message in case a empty uid is given 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-01-16 12:14:21 +01:00
Roeland Jago Douma f05649f554
Use @NoSameSiteCookieRequired annotation 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-09-26 15:36:20 +02:00
Lukas Reschke cbc0ecd918
Read appname out of variable 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-09-21 17:13:20 +02:00
Lukas Reschke 6a00897841
More logging for debugging 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-09-21 17:08:17 +02:00
Lukas Reschke 082ae7ffd7
Redirect to / if CSRF check does not pass 
Some IDPs redirect to the SLS page after pressing the logout link. While this is a questionable behaviour it is unlikely we can change that, so let's work around this by forcing a proper redirect.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-08-30 17:02:11 +02:00
Lukas Reschke 940bcd30a3
Redirect users to previous page 
This change ensures that users will be sent to the previous page.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-08-18 13:58:03 +02:00
Lukas Reschke a1986b46b0
Also update timestamp for environment variable auth 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-08-04 18:19:34 +02:00
Lukas Reschke 3a3eb261aa
Fix order of session actions 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-08-04 17:24:01 +02:00