mirror of
https://github.com/EGroupware/egroupware.git
synced 2025-01-13 09:28:29 +01:00
* OpenIDConnect: allow to show as button on login page to use together with regular password login
also fix/hack not working social icons and SAML button on login page
This commit is contained in:
parent
684d509d03
commit
c6d14a5f6e
@ -21,7 +21,8 @@ catch (exception){
|
||||
}
|
||||
|
||||
// listen to egw-is-created object to make sure egw object is ready
|
||||
document.addEventListener('egw-is-created', function(){
|
||||
//document.addEventListener('egw-is-created', function(){
|
||||
window.setTimeout(() => {
|
||||
egw_ready.then(function()
|
||||
{
|
||||
jQuery(document).ready(function()
|
||||
@ -73,9 +74,9 @@ document.addEventListener('egw-is-created', function(){
|
||||
}
|
||||
});
|
||||
// or optional SAML login with a button for a single IdP
|
||||
jQuery('input[type="submit"][name="auth=saml"]').on('click', function(){
|
||||
jQuery('input[type="submit"][name^="auth="]').on('click', function(){
|
||||
this.form.method = 'get';
|
||||
jQuery(this.form).append('<input type="hidden" name="auth" value="saml"/>');
|
||||
jQuery(this.form).append('<input type="hidden" name="auth" value="'+this.name.split('=')[1]+'"/>');
|
||||
});
|
||||
// prefer [Login] button below over maybe existing SAML login button above
|
||||
jQuery('input').on('keypress', function(e)
|
||||
@ -104,4 +105,4 @@ document.addEventListener('egw-is-created', function(){
|
||||
console.log('Service worker registration failed, error:', error);
|
||||
});
|
||||
}
|
||||
});
|
||||
}, 500);
|
@ -71,7 +71,7 @@ $setup_info['api']['hooks']['vfs_rmdir'] = 'EGroupware\\Api\\Vfs\\Sharing::vfsUp
|
||||
|
||||
// hook to update SimpleSAMLphp config
|
||||
$setup_info['api']['hooks']['setup_config'] = [\EGroupware\Api\Auth\Saml::class.'::setupConfig', \EGroupware\Api\Accounts\Import::class.'::setupConfig'];
|
||||
$setup_info['api']['hooks']['login_discovery'] = \EGroupware\Api\Auth\Saml::class.'::discovery';
|
||||
$setup_info['api']['hooks']['login_discovery'] = [\EGroupware\Api\Auth\Saml::class.'::discovery', \EGroupware\Api\Auth\Openidconnect::class.'::discovery'];
|
||||
|
||||
// installation checks
|
||||
$setup_info['api']['check_install'] = array(
|
||||
|
@ -178,7 +178,7 @@ class Auth
|
||||
Session::egw_setcookie(Session::EGW_SESSION_NAME, session_id());
|
||||
}
|
||||
|
||||
$backend = self::backend($type ?? null, false);
|
||||
$backend = self::backend($type ?? null, !empty($type));
|
||||
|
||||
return $backend instanceof Auth\BackendSSO ? $backend->login() : null;
|
||||
}
|
||||
|
@ -28,6 +28,9 @@ class Openidconnect implements BackendSSO
|
||||
$this->client = new OpenIDConnectClient($GLOBALS['egw_info']['server']['oic_provider'],
|
||||
$GLOBALS['egw_info']['server']['oic_client_id'],
|
||||
$GLOBALS['egw_info']['server']['oic_client_secret']);
|
||||
|
||||
// add scopes we are processing ('openid' is added automatic)
|
||||
$this->client->addScope(['email', 'profile']);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -53,9 +56,9 @@ class Openidconnect implements BackendSSO
|
||||
try {
|
||||
$user_info = $this->client->requestUserInfo();
|
||||
$GLOBALS['auto_create_acct'] = [
|
||||
'firstname' => $user_info['given_name'],
|
||||
'lastname' => $user_info['family_name'],
|
||||
'email' => $user_info['email'],
|
||||
'firstname' => $user_info->given_name,
|
||||
'lastname' => $user_info->family_name,
|
||||
'email' => $user_info->email,
|
||||
// not (yet) used supported keys
|
||||
//'primary_group' => '',
|
||||
//'add_group' => '',
|
||||
@ -77,6 +80,22 @@ class Openidconnect implements BackendSSO
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Display a IdP selection / discovery
|
||||
*
|
||||
* Will be displayed if IdP(s) are added in setup and a discovery label is specified.
|
||||
*
|
||||
* @return string|null html to display in login page or null to disable the selection
|
||||
*/
|
||||
static public function discovery()
|
||||
{
|
||||
if (empty($GLOBALS['egw_info']['server']['openidconnect_discovery']))
|
||||
{
|
||||
return null;
|
||||
}
|
||||
return Api\Html::input('auth=openidconnect', $GLOBALS['egw_info']['server']['openidconnect_discovery'], 'submit', 'formmethod="get"');
|
||||
}
|
||||
|
||||
/**
|
||||
* Logout SSO system
|
||||
*/
|
||||
|
@ -86,7 +86,10 @@ class Login
|
||||
$discovery = '';
|
||||
foreach(Api\Hooks::process('login_discovery', [], true) as $app => $data)
|
||||
{
|
||||
if (!empty($data)) $discovery .= $data;
|
||||
foreach((array)$data as $d)
|
||||
{
|
||||
if (!empty($d)) $discovery .= $d;
|
||||
}
|
||||
}
|
||||
if (!empty($discovery))
|
||||
{
|
||||
@ -437,4 +440,4 @@ class Login
|
||||
return htmlspecialchars($code);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
@ -523,6 +523,7 @@ optional, if only authentication and anonymous search is enabled setup de option
|
||||
or setup de oder
|
||||
or %1continue to the header admin%2 setup de oder %1mit der Headerverwaltung weiter machen%2
|
||||
or http://webdav.domain.com (webdav) setup de oder http://webdav.domain.com (für WebDAV)
|
||||
or leave empty and select openidconnect as authentication type above for single sign on setup de oder leer lassen und für SingleSignOn oberhalb OpenIDConnect als Art der Authentifizierung auswählen
|
||||
or leave empty and select saml as authentication type above for single sign on setup de oder leer lassen und für SingleSignOn oberhalb SAML als Art der Authentifizierung auswählen
|
||||
or we can attempt to create the database for you: setup de Oder wir können versuchen die Datenbank für Sie anzulegen:
|
||||
or you can install a previous backup. setup de Oder Sie können eine vorherige Datensicherung installieren.
|
||||
|
@ -523,6 +523,7 @@ optional, if only authentication and anonymous search is enabled setup en option
|
||||
or setup en or
|
||||
or %1continue to the header admin%2 setup en or %1Continue to the Header Admin%2
|
||||
or http://webdav.domain.com (webdav) setup en or http://webdav.domain.com (WebDAV)
|
||||
or leave empty and select openidconnect as authentication type above for single sign on setup en or leave empty and select OpenIDConnect as authentication type above for single sign on
|
||||
or leave empty and select saml as authentication type above for single sign on setup en or leave empty and select SAML as authentication type above for single sign on
|
||||
or we can attempt to create the database for you: setup en Or attempt to create the database:
|
||||
or you can install a previous backup. setup en Or install a previous backup.
|
||||
|
@ -274,7 +274,7 @@
|
||||
|
||||
<tr class="row_off">
|
||||
<td>{lang_Add_auto-created_users_to_this_group_('Default'_will_be_attempted_if_this_is_empty.)}:</td>
|
||||
<td><input name="newsettings[default_group_lid]" value="{value_default_group_lid}" /></td>
|
||||
<td><input name="newsettings[default_group_lid]" value="{value_default_group_lid}" placeholder="Default" /></td>
|
||||
</tr>
|
||||
|
||||
<tr class="row_on">
|
||||
@ -476,6 +476,10 @@
|
||||
{lang_EGroupware's_callback_URL_is_the_one_of_the_login_page}: <a href="{value_webserver_url}/login.php">{lang_Callback_URL}</a>
|
||||
</td>
|
||||
</tr>
|
||||
<tr class="row_on">
|
||||
<td>{lang_Label_to_display_as_option_on_login_page}:<br/>{lang_or_leave_empty_and_select_OpenIDConnect_as_authentication_type_above_for_single_sign_on}</td>
|
||||
<td><input name="newsettings[openidconnect_discovery]" placeholder="{lang_OpenIDConnect_Login}" value="{value_openidconnect_discovery}" size="20" /></td>
|
||||
</tr>
|
||||
<tr class="row_off">
|
||||
<td>{lang_URL_of_the_IdP_(without_path)}:</td>
|
||||
<td><input name="newsettings[oic_provider]" value="{value_oic_provider}" size="80" /></td>
|
||||
|
Loading…
Reference in New Issue
Block a user