rooty/fab-manager
1
0
Fork 0
mirror of https://github.com/LaCasemate/fab-manager.git synced 2025-01-30 19:52:20 +01:00
Code Issues Releases Activity

(ui) add profile edition url for openid

Browse Source
This commit is contained in:
Sylvain 2022-04-13 16:23:13 +02:00
parent 0e35616710
commit 658ef20bc8
8 changed files with 41 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/api/auth_providers_controller.rb
View File

@ -84,7 +84,7 @@ class API::AuthProvidersController < API::ApiController
def provider_params
if params['auth_provider']['providable_type'] == DatabaseProvider.name
params.require(:auth_provider).permit(:name, :providable_type)
params.require(:auth_provider).permit(:name, :providable_type, providable_attributes: [:id])
elsif params['auth_provider']['providable_type'] == OAuth2Provider.name
params.require(:auth_provider)
.permit(:name, :providable_type,

21
app/frontend/src/javascript/components/authentication-provider/database-form.tsx Normal file
View File

@ -0,0 +1,21 @@
import React from 'react';
import { FormInput } from '../form/form-input';
import { UseFormRegister } from 'react-hook-form';
import { FieldValues } from 'react-hook-form/dist/types/fields';
interface DatabaseFormProps<TFieldValues> {
register: UseFormRegister<TFieldValues>,
}
/**
* Partial form to fill the settings for a new/existing database provider.
*/
export const DatabaseForm = <TFieldValues extends FieldValues>({ register }: DatabaseFormProps<TFieldValues>) => {
return (
<div className="database-form">
<FormInput id="providable_attributes.id"
register={register}
type="hidden" />
</div>
);
};

12
app/frontend/src/javascript/components/authentication-provider/openid-connect-form.tsx
View File

@ -27,7 +27,7 @@ export const OpenidConnectForm = <TFieldValues extends FieldValues, TContext ext
<FormInput id="providable_attributes.issuer"
register={register}
label={t('app.admin.authentication.openid_connect_form.issuer')}
placeholder="https://myprovider.com"
placeholder="https://sso.exemple.com"
tooltip={t('app.admin.authentication.openid_connect_form.issuer_help')}
rules={{ required: true, pattern: urlRegex }} />
<FormSelect id="providable_attributes.discovery"
@ -37,7 +37,7 @@ export const OpenidConnectForm = <TFieldValues extends FieldValues, TContext ext
{ value: true, label: t('app.admin.authentication.openid_connect_form.discovery_enabled') },
{ value: false, label: t('app.admin.authentication.openid_connect_form.discovery_disabled') }
]}
valueDefault={false}
valueDefault={true}
control={control} />
<FormSelect id="providable_attributes.client_auth_method"
label={t('app.admin.authentication.openid_connect_form.client_auth_method')}
@ -110,6 +110,12 @@ export const OpenidConnectForm = <TFieldValues extends FieldValues, TContext ext
defaultValue="sub"
placeholder="user_id"
register={register} />
<FormInput id="providable_attributes.profile_url"
register={register}
placeholder="https://sso.exemple.com/my-account"
label={t('app.admin.authentication.openid_connect_form.profile_edition_url')}
tooltip={t('app.admin.authentication.openid_connect_form.profile_edition_url_help')}
rules={{ pattern: urlRegex }} />
<h4>{t('app.admin.authentication.openid_connect_form.client_options')}</h4>
<FormInput id="providable_attributes.client__identifier"
label={t('app.admin.authentication.openid_connect_form.client__identifier')}
@ -135,7 +141,7 @@ export const OpenidConnectForm = <TFieldValues extends FieldValues, TContext ext
placeholder="/userinfo"
rules={{ required: !currentFormValues?.discovery, pattern: endpointRegex }}
register={register} />
{currentFormValues.client_auth_method === 'jwks' && <FormInput id="providable_attributes.client__jwks_uri"
{currentFormValues?.client_auth_method === 'jwks' && <FormInput id="providable_attributes.client__jwks_uri"
label={t('app.admin.authentication.openid_connect_form.client__jwks_uri')}
rules={{ required: currentFormValues.client_auth_method === 'jwks', pattern: endpointRegex }}
placeholder="/jwk"

2
app/frontend/src/javascript/components/authentication-provider/provider-form.tsx
View File

@ -13,6 +13,7 @@ import { DataMappingForm } from './data-mapping-form';
import { FabButton } from '../base/fab-button';
import AuthProviderAPI from '../../api/auth-provider';
import { OpenidConnectForm } from './openid-connect-form';
import { DatabaseForm } from './database-form';
declare const Application: IApplication;
@ -100,6 +101,7 @@ export const ProviderForm: React.FC<ProviderFormProps> = ({ action, provider, on
onChange={onProvidableTypeChange}
readOnly={action === 'update'}
rules={{ required: true }} />
{providableType === 'DatabaseProvider' && <DatabaseForm register={register} />}
{providableType === 'OAuth2Provider' && <Oauth2Form register={register} strategyName={strategyName} />}
{providableType === 'OpenIdConnectProvider' && <OpenidConnectForm register={register} control={control} currentFormValues={output.providable_attributes as OpenIdConnectProvider} />}
{providableType && providableType !== 'DatabaseProvider' && <DataMappingForm register={register} control={control} />}

3
app/frontend/src/javascript/controllers/admin/authentications.js
View File

@ -18,7 +18,8 @@
// list of supported authentication methods
const METHODS = {
DatabaseProvider: 'local_database',
OAuth2Provider: 'o_auth2'
OAuth2Provider: 'o_auth2',
OpenIdConnectProvider: 'openid_connect'
};
/**

4
app/models/open_id_connect_provider.rb
View File

@ -17,8 +17,8 @@ class OpenIdConnectProvider < ApplicationRecord
validates :prompt, inclusion: { in: %w[none login consent select_account], allow_nil: true }
validates :client_auth_method, inclusion: { in: %w[basic jwks] }
before_save :set_post_logout_redirect_uri
before_save :set_client_scheme_host_port
before_validation :set_post_logout_redirect_uri
before_validation :set_client_scheme_host_port
def config
OpenIdConnectProvider.columns.map(&:name).filter { |n| !n.start_with?('client__') && n != 'profile_url' }.map do |n|

2
app/policies/auth_provider_policy.rb
View File

@ -5,7 +5,7 @@ class AuthProviderPolicy < ApplicationPolicy
class Scope < Scope
def resolve
scope.includes(:providable)
scope.includes(:providable, :auth_provider_mappings)
end
end

3
config/locales/app.admin.en.yml
View File

@ -877,6 +877,7 @@ en:
an_error_occurred_unable_to_delete_the_specified_provider: "An error occurred: unable to delete the specified provider."
local_database: "Local database"
o_auth2: "OAuth 2.0"
openid_connect: "OpenID Connect"
group_form:
add_a_group: "Add a group"
group_name: "Group name"
@ -1138,6 +1139,8 @@ en:
uid_field_help: "The field of the user info response to be used as a unique id."
extra_authorize_params: "Extra authorize params"
extra_authorize_params_help_html: "A list of extra fixed parameters that will be merged to the authorization request.<br>The list is expected to be in a JSON-like format.<br> <b>Eg.</b> {tenant: common, max_age: 3600}"
profile_edition_url: "Profil edition URL"
profile_edition_url_help: "The URL of the page where the user can edit his profile."
client_options: "Client options"
client__identifier: "Identifier"
client__secret: "Secret"