TheAnachronism/docspell
1
0
Fork 0
mirror of https://github.com/TheAnachronism/docspell.git synced 2025-06-22 02:18:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Allow to skip login page if a single oidc provider is configured

Browse Source
This commit is contained in:
eikek
2022-07-08 17:09:56 +02:00
parent 275901267d
commit 3fc72cedac
12 changed files with 132 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
modules/webapp/src/main/elm/App/Update.elm
View File

@ -183,8 +183,30 @@ updateWithSub msg model =
)
LogoutResp _ ->
let
emptyLoginData =
Page.emptyLoginData
-- if oidcAutoredirect=true, then on logout either
-- goto the configured logout url or set openid=3 so
-- that the login page doesn't again redirect to the
-- oidc provider which will result in being logged in
-- again.
redirect =
case Data.Flags.oidcAutoRedirect model.flags of
Just provider ->
case provider.logoutUrl of
Just url ->
Nav.load url
Nothing ->
Page.goto (LoginPage { emptyLoginData | openid = 3 })
Nothing ->
Page.goto (LoginPage emptyLoginData)
in
( { model | loginModel = Page.Login.Data.emptyModel }
, Page.goto (LoginPage Page.emptyLoginData)
, redirect
, Sub.none
)
@ -677,8 +699,17 @@ initPage model_ page =
]
model
LoginPage _ ->
noop
LoginPage data ->
if data.openid == 0 && model.flags.account == Nothing then
case Data.Flags.oidcAutoRedirect model.flags of
Just first ->
( model, Nav.load (Api.openIdAuthLink model.flags first.provider), Sub.none )
_ ->
noop
else
noop
ManageDataPage ->
noop

17
modules/webapp/src/main/elm/Data/Flags.elm
View File

@ -12,6 +12,7 @@ module Data.Flags exposing
, getAccount
, getToken
, isAuthenticated
, oidcAutoRedirect
, withAccount
, withoutAccount
)
@ -22,6 +23,7 @@ import Api.Model.AuthResult exposing (AuthResult)
type alias OpenIdAuth =
{ provider : String
, name : String
, logoutUrl : Maybe String
}
@ -39,6 +41,7 @@ type alias Config =
, downloadAllMaxSize : Int
, openIdAuth : List OpenIdAuth
, addonsEnabled : Bool
, oidcAutoRedirect : Bool
}
@ -50,6 +53,20 @@ type alias Flags =
}
oidcAutoRedirect : Flags -> Maybe OpenIdAuth
oidcAutoRedirect flags =
if flags.config.oidcAutoRedirect then
case flags.config.openIdAuth of
first :: [] ->
Just first
_ ->
Nothing
else
Nothing
isAuthenticated : Flags -> Bool
isAuthenticated flags =
getAccount flags /= Nothing

8
modules/webapp/src/main/elm/Messages/Page/Login.elm
View File

@ -31,6 +31,7 @@ type alias Texts =
, signupLink : String
, otpCode : String
, or : String
, oidcLogoutPending : String
}
@ -50,6 +51,7 @@ gb =
, signupLink = "Sign up!"
, otpCode = "Authentication code"
, or = "Or"
, oidcLogoutPending = "You have been logged out from Docspell, but you may still be logged in at your authentication provider! Make sure to logout there as well, or login again by clicking the link below."
}
@ -69,9 +71,14 @@ de =
, signupLink = "Hier registrieren!"
, otpCode = "Authentifizierungscode"
, or = "Oder"
, oidcLogoutPending = "Du wurdest von Docspell abgemeldet, aber evtl. bist du immernoch bei deinem Authentifizierungs-Provider angemeldet! Melde dich auch dort ab, oder logge dich wieder zu Docspell ein indem du den Link unten klickst."
}
--- TODO french translation
fr : Texts
fr =
{ httpError = Messages.Comp.HttpError.fr
@ -88,4 +95,5 @@ fr =
, signupLink = "S'incrire!"
, otpCode = "Code d'authentification"
, or = "Ou"
, oidcLogoutPending = "You have been logged out from Docspell, but you may still be logged in at your authentication provider! Make sure to logout there as well, or login again by clicking the link below."
}

6
modules/webapp/src/main/elm/Page.elm
View File

@ -291,13 +291,13 @@ pageToString page =
LoginPage data ->
case data.referrer of
Just (LoginPage _) ->
"/app/login"
"/app/login?openid=" ++ String.fromInt data.openid
Just p ->
"/app/login?r=" ++ pageToString p
"/app/login?r=" ++ pageToString p ++ "&openid=" ++ String.fromInt data.openid
Nothing ->
"/app/login"
"/app/login?openid=" ++ String.fromInt data.openid
ManageDataPage ->
"/app/managedata"

1
modules/webapp/src/main/elm/Page/Login/Data.elm
View File

@ -36,6 +36,7 @@ type FormState
| AuthFailed AuthResult
| HttpError Http.Error
| FormInitial
| OidcLogoutPending
type AuthStep

12
modules/webapp/src/main/elm/Page/Login/Update.elm
View File

@ -85,13 +85,23 @@ update loginData flags msg model =
session =
Maybe.withDefault "" loginData.session
in
-- A value of 2 indicates that TOTP is required
if loginData.openid == 2 then
-- A value of 2 indicates that TOTP is required
( { model | formState = FormInitial, authStep = StepOtp session, password = "" }
, Cmd.none
, Nothing
)
else if loginData.openid == 3 then
-- A valuo of 3 indicates a logout when a single
-- openid provider is configured with
-- oidcAutoredirect=true that doesn't have a logout
-- url configured
( { model | password = "", formState = OidcLogoutPending }
, Ports.removeAccount ()
, Just empty
)
else
( { model | password = "", formState = HttpError err }
, Ports.removeAccount ()

7
modules/webapp/src/main/elm/Page/Login/View2.elm
View File

@ -95,7 +95,7 @@ openIdLinks texts flags =
div [ class "mt-3" ]
[ B.horizontalDivider
{ label = texts.or
, topCss = "w-2/3 mb-4 hidden md:inline-flex w-full"
, topCss = "w-full mb-4 hidden md:inline-flex w-full"
, labelCss = "px-4 bg-gray-200 bg-opacity-50"
, lineColor = "bg-gray-300 dark:bg-slate-600"
}
@ -267,5 +267,10 @@ resultMessage texts model =
[ text (texts.httpError err)
]
OidcLogoutPending ->
div [ class ("my-2 max-w-xs " ++ S.warnMessage) ]
[ text texts.oidcLogoutPending
]
FormInitial ->
span [ class "hidden" ] []