Option to skip manual button press requirement if redmine_oauth only authentication method

[col-panic]

If password login is disabled, and oauth2 is the only login-method, could there be a "skip-press-button" option? Where I don't have to manually press the login button to trigger oauth2 authentication?

That is, a user that already has a valid session could directly access redmine and will be auto-logged in.

[Tomnm1]

Here's my ready to use patch to AccountController which works fine, except for logout method, which is custumized for our use case which is Keycloak, I guess same could be done for other providers.

Also response to #33

require 'net/http'
require 'uri'

module AccountControllerPatch
  def self.included(base)
    base.class_eval do
      alias_method :original_login, :login
      alias_method :original_logout, :logout
      alias_method :original_register, :register
      alias_method :original_lost_password, :lost_password    

      def login
        if request.path == '/login'
          session[:back_url] = params[:back_url]
          redirect_to back_url.present? ? "/oauth?back_url=#{CGI.escape(back_url)}" : '/oauth'
        else
          original_login
        end
      end
      def register
        if request.path == '/account/register'
          redirect_to '/oauth'          
        else
          original_login
        end
      end
      def lost_password
        if request.path == '/account/lost_password'
          redirect_to '/oauth'
        else
          original_login
        end
      end
      def logout
        if User.current.logged?
          if session[:user_id]
            session.delete(:user_id)
          end
          cookies.delete :autologin
          User.current = nil
        end
        id_token = session[:id_token]
        keycloak_domain = "xxx"
        keycloak_realm = "xxx"
        keycloak_client_id = "xxx"
        post_logout_redirect_uri = CGI.escape("xxx")
        keycloak_logout_url = "#{keycloak_domain}/auth/realms/#{keycloak_realm}/protocol/openid-connect/logout?id_token_hint=#{id_token}&post_logout_redirect_uri=#{post_logout_redirect_uri}"
        redirect_to keycloak_logout_url and return
      end
    end
  end
end

unless AccountController.included_modules.include? AccountControllerPatch
  AccountController.send(:include, AccountControllerPatch)
end

[picman]

I've implemented it as follows:

• There is a new plugin's option OAuth login.
• If set, a checkbox Autologin with OAuth provider is present in the login form.
• If a user checks out the Autologin checkbox, they are automatically logged in via the set OAuth provider until they manually log out.

The behaviour is very similar to the Redmine's Autologin option in the login form.