-
-
Notifications
You must be signed in to change notification settings - Fork 424
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
d4fee8b
commit c1dcd4d
Showing
13 changed files
with
224 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,88 @@ | ||
================================== | ||
OAuth2 Authentication Autoredirect | ||
================================== | ||
|
||
.. | ||
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! | ||
!! This file is generated by oca-gen-addon-readme !! | ||
!! changes will be overwritten. !! | ||
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! | ||
!! source digest: sha256:a407434cc13674942d02c5b874f84dd4e78594e03e4b8b3af7ce846fbb0b44cc | ||
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! | ||
.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png | ||
:target: https://odoo-community.org/page/development-status | ||
:alt: Beta | ||
.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png | ||
:target: http://www.gnu.org/licenses/agpl-3.0-standalone.html | ||
:alt: License: AGPL-3 | ||
.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github | ||
:target: https://github.com/OCA/server-auth/tree/16.0/auth_oauth_autoredirect | ||
:alt: OCA/server-auth | ||
.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png | ||
:target: https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-auth_oauth_autoredirect | ||
:alt: Translate me on Weblate | ||
.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png | ||
:target: https://runboat.odoo-community.org/builds?repo=OCA/server-auth&target_branch=16.0 | ||
:alt: Try me on Runboat | ||
|
||
|badge1| |badge2| |badge3| |badge4| |badge5| | ||
|
||
This module adds autoredirection to an oauth provider. | ||
|
||
**Table of contents** | ||
|
||
.. contents:: | ||
:local: | ||
|
||
Configuration | ||
============= | ||
|
||
If all the users have a oauth id in a single provider, you can set automatic redirection | ||
in the provider settings. The autoredirection will only be done on the active provider | ||
with the highest priority. It is still possible to access the login without redirection | ||
by using the query parameter ``disable_autoredirect``, as in | ||
``https://example.com/web/login?disable_autoredirect=`` The login is also displayed if | ||
there is an error with login, in order to display any error message. | ||
|
||
Bug Tracker | ||
=========== | ||
|
||
Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-auth/issues>`_. | ||
In case of trouble, please check there if your issue has already been reported. | ||
If you spotted it first, help us to smash it by providing a detailed and welcomed | ||
`feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20auth_oauth_autoredirect%0Aversion:%2016.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_. | ||
|
||
Do not contact contributors directly about support or help with technical issues. | ||
|
||
Credits | ||
======= | ||
|
||
Authors | ||
~~~~~~~ | ||
|
||
* XCG Consulting | ||
|
||
Contributors | ||
~~~~~~~~~~~~ | ||
|
||
* `XCG Consulting <https://xcg-consulting.fr/>`__: | ||
|
||
* Vincent Hatakeyama <[email protected]> | ||
|
||
Maintainers | ||
~~~~~~~~~~~ | ||
|
||
This module is maintained by the OCA. | ||
|
||
.. image:: https://odoo-community.org/logo.png | ||
:alt: Odoo Community Association | ||
:target: https://odoo-community.org | ||
|
||
OCA, or the Odoo Community Association, is a nonprofit organization whose | ||
mission is to support the collaborative development of Odoo features and | ||
promote its widespread use. | ||
|
||
This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/16.0/auth_oauth_autoredirect>`_ project on GitHub. | ||
|
||
You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
from . import controllers, models |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
# Copyright (C) 2024 XCG Consulting <http://odoo.consulting> | ||
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). | ||
|
||
{ | ||
"name": "OAuth2 Authentication Autoredirect", | ||
"version": "16.0.1.0.0", | ||
"category": "Hidden/Tools", | ||
"author": "XCG Consulting, Odoo Community Association (OCA)", | ||
"website": "https://github.com/OCA/server-auth", | ||
"license": "AGPL-3", | ||
"depends": ["auth_oauth"], | ||
"data": [ | ||
"views/auth_oauth_provider.xml", | ||
], | ||
"installable": True, | ||
"auto_install": False, | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). | ||
|
||
from . import main |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,69 @@ | ||
# Copyright (C) 2020 GlodoUK <https://www.glodo.uk/> | ||
# Copyright (C) 2010-2016, 2022-2024 XCG Consulting <https://xcg-consulting.fr/> | ||
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). | ||
|
||
import werkzeug.utils | ||
|
||
from odoo import http | ||
from odoo.http import request | ||
|
||
from odoo.addons.auth_oauth.controllers.main import OAuthLogin | ||
from odoo.addons.web.controllers.utils import ensure_db | ||
|
||
|
||
# ---------------------------------------------------------- | ||
# Controller | ||
# ---------------------------------------------------------- | ||
class OAuthAutoredirectLogin(OAuthLogin): | ||
"""OAuth controller with autoredirect added""" | ||
|
||
def list_providers_with_autoredirect(self): | ||
providers = self.list_providers() | ||
saml_providers = { | ||
search_read["id"] | ||
for search_read in request.env["auth.oauth.provider"] | ||
.sudo() | ||
.search_read([("autoredirect", "=", True)], ["id"]) | ||
} | ||
return [provider for provider in providers if provider["id"] in saml_providers] | ||
|
||
def _oauth_autoredirect(self): | ||
# automatically redirect if any provider is set up to do that | ||
autoredirect_providers = self.list_providers_with_autoredirect() | ||
# do not redirect if asked too or if an error has been found | ||
disable_autoredirect = ( | ||
"disable_autoredirect" in request.params or "error" in request.params | ||
) | ||
if autoredirect_providers and not disable_autoredirect: | ||
return werkzeug.utils.redirect( | ||
autoredirect_providers[0]["auth_link"], | ||
303, | ||
) | ||
return None | ||
|
||
@http.route() | ||
def web_client(self, s_action=None, **kw): | ||
if not request.session.uid: | ||
result = self._oauth_autoredirect() | ||
if result: | ||
return result | ||
return super().web_client(s_action, **kw) | ||
|
||
@http.route() | ||
def web_login(self, *args, **kw): | ||
ensure_db() | ||
# copied from super | ||
if ( | ||
request.httprequest.method == "GET" | ||
and request.session.uid | ||
and request.params.get("redirect") | ||
): | ||
# Redirect if already logged in and redirect param is present | ||
return request.redirect(request.params.get("redirect")) | ||
|
||
if request.httprequest.method == "GET": | ||
result = self._oauth_autoredirect() | ||
if result: | ||
return result | ||
|
||
return super().web_login(*args, **kw) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
from . import auth_oauth_provider |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
# Copyright 2024 XCG Consulting <https://xcg-consulting.fr> | ||
# License: AGPL-3.0 or later (http://www.gnu.org/licenses/agpl) | ||
|
||
from odoo import fields, models | ||
|
||
|
||
class AuthOauthProvider(models.Model): | ||
_inherit = "auth.oauth.provider" | ||
|
||
autoredirect = fields.Boolean( | ||
"Automatic Redirection", | ||
default=False, | ||
help="Only the provider with the higher priority will be automatically " | ||
"redirected", | ||
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
If all the users have a oauth id in a single provider, you can set automatic redirection | ||
in the provider settings. The autoredirection will only be done on the active provider | ||
with the highest priority. It is still possible to access the login without redirection | ||
by using the query parameter ``disable_autoredirect``, as in | ||
``https://example.com/web/login?disable_autoredirect=`` The login is also displayed if | ||
there is an error with login, in order to display any error message. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
* `XCG Consulting <https://xcg-consulting.fr/>`__: | ||
|
||
* Vincent Hatakeyama <[email protected]> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
This module adds autoredirection to an oauth provider. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
<?xml version="1.0" ?> | ||
<odoo> | ||
<record model="ir.ui.view" id="view_oidc_provider_form"> | ||
<field name="name">auth.oidc.provider.form</field> | ||
<field name="model">auth.oauth.provider</field> | ||
<field name="inherit_id" ref="auth_oauth.view_oauth_provider_form" /> | ||
<field name="arch" type="xml"> | ||
<field name="enabled" position="after"> | ||
<field name="autoredirect" /> | ||
</field> | ||
</field> | ||
</record> | ||
</odoo> |
1 change: 1 addition & 0 deletions
1
setup/auth_oauth_autoredirect/odoo/addons/auth_oauth_autoredirect
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
../../../../auth_oauth_autoredirect |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
import setuptools | ||
|
||
setuptools.setup( | ||
setup_requires=['setuptools-odoo'], | ||
odoo_addon=True, | ||
) |