From 61440883cd158f28f9a4f68c5fa1143da7fe4232 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Brunner?= Date: Mon, 19 Aug 2024 17:36:04 +0200 Subject: [PATCH] Add Login for OIDC client --- src/auth/FormElement.ts | 121 +++++++++++++++++++--------------- src/auth/component.stories.ts | 13 ++++ srcapi/store/config.ts | 1 + srcapi/store/user.ts | 4 ++ 4 files changed, 87 insertions(+), 52 deletions(-) diff --git a/src/auth/FormElement.ts b/src/auth/FormElement.ts index 6b86f5a4dffa..e4b5b1c98b82 100644 --- a/src/auth/FormElement.ts +++ b/src/auth/FormElement.ts @@ -54,11 +54,15 @@ export default class GmfAuthForm extends GmfBaseElement { @state() private allowPasswordReset = false; @state() private changingPassword = false; @state() private userMustChangeItsPassword = false; + @state() private openIdConnectUrl = ''; @state() private error = false; @state() private otpImage = ''; @state() private gmfUser: User = null; @state() private customCSS_ = ''; private changingPasswordUsername_ = ''; + private initialApplicationUrl = window.location.href; + private currentApplicationUrl = window.location.href; + private openIdConnectBaseUrl = ''; connectedCallback(): void { super.connectedCallback(); @@ -79,6 +83,16 @@ export default class GmfAuthForm extends GmfBaseElement { this.loginInfoMessage = message; }, }), + setInterval(() => { + this.currentApplicationUrl = window.location.href; + const applicationUrl = this.loginInfoMessage + ? this.currentApplicationUrl + : this.initialApplicationUrl; + const params = new URLSearchParams({ + came_from: applicationUrl, + }); + this.openIdConnectUrl = `${this.openIdConnectBaseUrl}?${params.toString()}`; + }, 200), ); // eslint-disable-next-line @typescript-eslint/no-unnecessary-type-assertion @@ -103,6 +117,7 @@ export default class GmfAuthForm extends GmfBaseElement { this.twoFactorAuth = configuration.gmfTwoFactorAuth; this.allowPasswordChange = configuration.gmfAuthenticationConfig.allowPasswordChange; this.allowPasswordReset = configuration.gmfAuthenticationConfig.allowPasswordReset; + this.openIdConnectBaseUrl = configuration.gmfOidcLoginUrl; if (configuration.gmfCustomCSS && configuration.gmfCustomCSS.authentication !== undefined) { this.customCSS_ = configuration.gmfCustomCSS.authentication; } @@ -168,7 +183,7 @@ export default class GmfAuthForm extends GmfBaseElement {
-
this.login(evt)}> -
- -
-
- -
- ${this.twoFactorAuth - ? html` -
- ${i18next.t('The following field should be kept empty on first login:')} - -
- ` - : ''} -
- -
- ${this.isLoading - ? html` - - ` + ? this.gmfUser.auth_type == 'local' + ? html` +
+ this.login(evt)}> +
+ +
+
+ +
+ ${this.twoFactorAuth + ? html` +
+ ${i18next.t('The following field should be kept empty on first login:')} + +
+ ` + : ''} +
+ +
+ ${this.isLoading + ? html` + + ` + : ''} + + + + ${this.resetPasswordShown + ? html`
+ ${i18next.t('A new password has just been sent to you by e-mail.')} +
` : ''} - - - - ${this.resetPasswordShown - ? html`
- ${i18next.t('A new password has just been sent to you by e-mail.')} -
` - : ''} -
- ` +
+ ` + : html`${i18next.t('Connect')}` : ''} ${this.changingPassword ? html` diff --git a/src/auth/component.stories.ts b/src/auth/component.stories.ts index 31af7bd17067..ba6cec605eb3 100644 --- a/src/auth/component.stories.ts +++ b/src/auth/component.stories.ts @@ -79,6 +79,19 @@ const login = user.getEmptyUserProperties(); login.username = 'George'; WithUser.args.user = login; +export const EmptyOidc: any = Template.bind({}); +Empty.args = {...defaultProperties}; +const loginEmptyOidc = user.getEmptyUserProperties(); +loginEmptyOidc.auth_type = 'oidc'; +Empty.args.user = loginEmptyOidc; + +export const WithUserOidc: any = Template.bind({}); +WithUser.args = {...defaultProperties}; +const loginOidc = user.getEmptyUserProperties(); +loginOidc.auth_type = 'oidc'; +login.username = 'George OIDC'; +WithUser.args.user = loginOidc; + /** * @returns The HTML of the story */ diff --git a/srcapi/store/config.ts b/srcapi/store/config.ts index 061a03d24a4b..a5980b5df895 100644 --- a/srcapi/store/config.ts +++ b/srcapi/store/config.ts @@ -1471,6 +1471,7 @@ export type Configuration = { gmfI18nextConfiguration: InitOptions; pytreeLidarprofileJsonUrl: pytreeLidarprofileJsonUrl; gmfDatasourceOptions: gmfDatasourceOptions; + gmfOidcLoginUrl: string; }; export type APIConfig = { diff --git a/srcapi/store/user.ts b/srcapi/store/user.ts index d57641c6b87d..de6d383c5de0 100644 --- a/srcapi/store/user.ts +++ b/srcapi/store/user.ts @@ -92,6 +92,10 @@ export interface User { * The two-factor authentication secret on first login */ two_factor_totp_secret: string; + /** + * The server-side login type (oidc or local) + */ + login_type?: string; } export enum UserState {