[ADD] auth_oauth_autoredirect

auth_oauth_autoredirect/__init__.py

@@ -0,0 +1 @@
+from . import controllers, models

auth_oauth_autoredirect/__manifest__.py

@@ -0,0 +1,17 @@
+# Copyright (C) 2024 XCG Consulting <http://odoo.consulting>
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+{
+    "name": "OAuth2 Authentication Autoredirect",
+    "version": "16.0.1.0.0",
+    "category": "Hidden/Tools",
+    "author": "XCG Consulting, Odoo Community Association (OCA)",
+    "website": "https://github.com/OCA/server-auth",
+    "license": "AGPL-3",
+    "depends": ["auth_oauth"],
+    "data": [
+        "views/auth_oauth_provider.xml",
+    ],
+    "installable": True,
+    "auto_install": False,
+}

auth_oauth_autoredirect/controllers/__init__.py

@@ -0,0 +1,3 @@
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from . import main

auth_oauth_autoredirect/controllers/main.py

@@ -0,0 +1,69 @@
+# Copyright (C) 2020 GlodoUK <https://www.glodo.uk/>
+# Copyright (C) 2010-2016, 2022-2024 XCG Consulting <https://xcg-consulting.fr/>
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+import werkzeug.utils
+
+from odoo import http
+from odoo.http import request
+
+from odoo.addons.auth_oauth.controllers.main import OAuthLogin
+from odoo.addons.web.controllers.utils import ensure_db
+
+
+# ----------------------------------------------------------
+# Controller
+# ----------------------------------------------------------
+class OAuthAutoredirectLogin(OAuthLogin):
+    """OAuth controller with autoredirect added"""
+
+    def list_providers_with_autoredirect(self):
+        providers = self.list_providers()
+        saml_providers = {
+            search_read["id"]
+            for search_read in request.env["auth.oauth.provider"]
+            .sudo()
+            .search_read([("autoredirect", "=", True)], ["id"])
+        }
+        return [provider for provider in providers if provider["id"] in saml_providers]
+
+    def _oauth_autoredirect(self):
+        # automatically redirect if any provider is set up to do that
+        autoredirect_providers = self.list_providers_with_autoredirect()
+        # do not redirect if asked too or if an error has been found
+        disable_autoredirect = (
+            "disable_autoredirect" in request.params or "error" in request.params
+        )
+        if autoredirect_providers and not disable_autoredirect:
+            return werkzeug.utils.redirect(
+                autoredirect_providers[0]["auth_link"],
+                303,
+            )
+        return None
+
+    @http.route()
+    def web_client(self, s_action=None, **kw):
+        if not request.session.uid:
+            result = self._oauth_autoredirect()
+            if result:
+                return result
+        return super().web_client(s_action, **kw)
+
+    @http.route()
+    def web_login(self, *args, **kw):
+        ensure_db()
+        # copied from super
+        if (
+            request.httprequest.method == "GET"
+            and request.session.uid
+            and request.params.get("redirect")
+        ):
+            # Redirect if already logged in and redirect param is present
+            return request.redirect(request.params.get("redirect"))
+
+        if request.httprequest.method == "GET":
+            result = self._oauth_autoredirect()
+            if result:
+                return result
+
+        return super().web_login(*args, **kw)

auth_oauth_autoredirect/models/__init__.py

@@ -0,0 +1 @@
+from . import auth_oauth_provider

auth_oauth_autoredirect/models/auth_oauth_provider.py

@@ -0,0 +1,15 @@
+# Copyright 2024 XCG Consulting <https://xcg-consulting.fr>
+# License: AGPL-3.0 or later (http://www.gnu.org/licenses/agpl)
+
+from odoo import fields, models
+
+
+class AuthOauthProvider(models.Model):
+    _inherit = "auth.oauth.provider"
+
+    autoredirect = fields.Boolean(
+        "Automatic Redirection",
+        default=False,
+        help="Only the provider with the higher priority will be automatically "
+        "redirected",
+    )

auth_oauth_autoredirect/readme/CONFIGURE.rst

@@ -0,0 +1,6 @@
+If all the users have a oauth id in a single provider, you can set automatic redirection
+in the provider settings. The autoredirection will only be done on the active provider
+with the highest priority. It is still possible to access the login without redirection
+by using the query parameter ``disable_autoredirect``, as in
+``https://example.com/web/login?disable_autoredirect=`` The login is also displayed if
+there is an error with login, in order to display any error message.

auth_oauth_autoredirect/readme/CONTRIBUTORS.rst

@@ -0,0 +1,3 @@
+* `XCG Consulting <https://xcg-consulting.fr/>`__:
+
+  * Vincent Hatakeyama <[email protected]>

auth_oauth_autoredirect/readme/DESCRIPTION.rst

@@ -0,0 +1 @@
+This module adds autoredirection to an oauth provider.

auth_oauth_autoredirect/views/auth_oauth_provider.xml

@@ -0,0 +1,13 @@
+<?xml version="1.0" ?>
+<odoo>
+    <record model="ir.ui.view" id="view_oidc_provider_form">
+        <field name="name">auth.oidc.provider.form</field>
+        <field name="model">auth.oauth.provider</field>
+        <field name="inherit_id" ref="auth_oauth.view_oauth_provider_form" />
+        <field name="arch" type="xml">
+            <field name="enabled" position="after">
+                <field name="autoredirect" />
+            </field>
+        </field>
+    </record>
+</odoo>

setup/auth_oauth_autoredirect/odoo/addons/auth_oauth_autoredirect

@@ -0,0 +1 @@
+../../../../auth_oauth_autoredirect

setup/auth_oauth_autoredirect/setup.py

@@ -0,0 +1,6 @@
+import setuptools
+
+setuptools.setup(
+    setup_requires=['setuptools-odoo'],
+    odoo_addon=True,
+)