diff --git a/app/controllers/api/auth_providers_controller.rb b/app/controllers/api/auth_providers_controller.rb index f98cd4b86..c78114b96 100644 --- a/app/controllers/api/auth_providers_controller.rb +++ b/app/controllers/api/auth_providers_controller.rb @@ -84,7 +84,7 @@ class API::AuthProvidersController < API::ApiController def provider_params if params['auth_provider']['providable_type'] == DatabaseProvider.name - params.require(:auth_provider).permit(:name, :providable_type) + params.require(:auth_provider).permit(:name, :providable_type, providable_attributes: [:id]) elsif params['auth_provider']['providable_type'] == OAuth2Provider.name params.require(:auth_provider) .permit(:name, :providable_type, diff --git a/app/frontend/src/javascript/components/authentication-provider/database-form.tsx b/app/frontend/src/javascript/components/authentication-provider/database-form.tsx new file mode 100644 index 000000000..124ed37ec --- /dev/null +++ b/app/frontend/src/javascript/components/authentication-provider/database-form.tsx @@ -0,0 +1,21 @@ +import React from 'react'; +import { FormInput } from '../form/form-input'; +import { UseFormRegister } from 'react-hook-form'; +import { FieldValues } from 'react-hook-form/dist/types/fields'; + +interface DatabaseFormProps { + register: UseFormRegister, +} + +/** + * Partial form to fill the settings for a new/existing database provider. + */ +export const DatabaseForm = ({ register }: DatabaseFormProps) => { + return ( +
+ +
+ ); +}; diff --git a/app/frontend/src/javascript/components/authentication-provider/openid-connect-form.tsx b/app/frontend/src/javascript/components/authentication-provider/openid-connect-form.tsx index c1487dad0..2daaf3021 100644 --- a/app/frontend/src/javascript/components/authentication-provider/openid-connect-form.tsx +++ b/app/frontend/src/javascript/components/authentication-provider/openid-connect-form.tsx @@ -27,7 +27,7 @@ export const OpenidConnectForm = +

{t('app.admin.authentication.openid_connect_form.client_options')}

- {currentFormValues.client_auth_method === 'jwks' && = ({ action, provider, on onChange={onProvidableTypeChange} readOnly={action === 'update'} rules={{ required: true }} /> + {providableType === 'DatabaseProvider' && } {providableType === 'OAuth2Provider' && } {providableType === 'OpenIdConnectProvider' && } {providableType && providableType !== 'DatabaseProvider' && } diff --git a/app/frontend/src/javascript/controllers/admin/authentications.js b/app/frontend/src/javascript/controllers/admin/authentications.js index 1558f5729..c62229b03 100644 --- a/app/frontend/src/javascript/controllers/admin/authentications.js +++ b/app/frontend/src/javascript/controllers/admin/authentications.js @@ -18,7 +18,8 @@ // list of supported authentication methods const METHODS = { DatabaseProvider: 'local_database', - OAuth2Provider: 'o_auth2' + OAuth2Provider: 'o_auth2', + OpenIdConnectProvider: 'openid_connect' }; /** diff --git a/app/models/open_id_connect_provider.rb b/app/models/open_id_connect_provider.rb index 596567394..79b360082 100644 --- a/app/models/open_id_connect_provider.rb +++ b/app/models/open_id_connect_provider.rb @@ -17,8 +17,8 @@ class OpenIdConnectProvider < ApplicationRecord validates :prompt, inclusion: { in: %w[none login consent select_account], allow_nil: true } validates :client_auth_method, inclusion: { in: %w[basic jwks] } - before_save :set_post_logout_redirect_uri - before_save :set_client_scheme_host_port + before_validation :set_post_logout_redirect_uri + before_validation :set_client_scheme_host_port def config OpenIdConnectProvider.columns.map(&:name).filter { |n| !n.start_with?('client__') && n != 'profile_url' }.map do |n| diff --git a/app/policies/auth_provider_policy.rb b/app/policies/auth_provider_policy.rb index 14b44c2f0..49e902bfb 100644 --- a/app/policies/auth_provider_policy.rb +++ b/app/policies/auth_provider_policy.rb @@ -5,7 +5,7 @@ class AuthProviderPolicy < ApplicationPolicy class Scope < Scope def resolve - scope.includes(:providable) + scope.includes(:providable, :auth_provider_mappings) end end diff --git a/config/locales/app.admin.en.yml b/config/locales/app.admin.en.yml index 93b87b663..2af3ae4f8 100644 --- a/config/locales/app.admin.en.yml +++ b/config/locales/app.admin.en.yml @@ -877,6 +877,7 @@ en: an_error_occurred_unable_to_delete_the_specified_provider: "An error occurred: unable to delete the specified provider." local_database: "Local database" o_auth2: "OAuth 2.0" + openid_connect: "OpenID Connect" group_form: add_a_group: "Add a group" group_name: "Group name" @@ -1138,6 +1139,8 @@ en: uid_field_help: "The field of the user info response to be used as a unique id." extra_authorize_params: "Extra authorize params" extra_authorize_params_help_html: "A list of extra fixed parameters that will be merged to the authorization request.
The list is expected to be in a JSON-like format.
Eg. {tenant: common, max_age: 3600}" + profile_edition_url: "Profil edition URL" + profile_edition_url_help: "The URL of the page where the user can edit his profile." client_options: "Client options" client__identifier: "Identifier" client__secret: "Secret"