open-dsi
/
nextcloud-server
mirror of https://github.com/nextcloud/server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add direct arg to login flow

Browse Source 
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
Co-Authored-by: Carl Schwan <carl@carlschwan.eu>
pull/31592/head
Vincent Petry 4 years ago committed by Carl Schwan
parent 3e067edcbe
commit 80388663af
5 changed files with 24 additions and 18 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 17
      core/Controller/ClientFlowLoginController.php
  2. 5
      core/templates/loginflow/authpicker.php
  3. 15
      core/templates/loginflow/grant.php
  4. 3
      lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php
  5. 2
      tests/Core/Controller/ClientFlowLoginControllerTest.php

17
core/Controller/ClientFlowLoginController.php
Unescape View File

@ -162,12 +162,8 @@ class ClientFlowLoginController extends Controller {
* @PublicPage
* @NoCSRFRequired
* @UseSession
*
* @param string $clientIdentifier
*
* @return StandaloneTemplateResponse
*/
public function showAuthPickerPage($clientIdentifier = '', $user = '') {
public function showAuthPickerPage(string $clientIdentifier = '', string $user = '', int $direct = 0): StandaloneTemplateResponse {
$clientName = $this->getClientName();
$client = null;
if ($clientIdentifier !== '') {
@ -219,6 +215,7 @@ class ClientFlowLoginController extends Controller {
'serverHost' => $this->getServerPath(),
'oauthState' => $this->session->get('oauth.state'),
'user' => $user,
'direct' => $direct,
],
'guest'
);
@ -232,13 +229,10 @@ class ClientFlowLoginController extends Controller {
* @NoCSRFRequired
* @NoSameSiteCookieRequired
* @UseSession
*
* @param string $stateToken
* @param string $clientIdentifier
* @return StandaloneTemplateResponse
*/
public function grantPage($stateToken = '',
$clientIdentifier = '') {
public function grantPage(string $stateToken = '',
string $clientIdentifier = '',
int $direct = 0): StandaloneTemplateResponse {
if (!$this->isValidToken($stateToken)) {
return $this->stateTokenForbiddenResponse();
}
@ -268,6 +262,7 @@ class ClientFlowLoginController extends Controller {
'stateToken' => $stateToken,
'serverHost' => $this->getServerPath(),
'oauthState' => $this->session->get('oauth.state'),
'direct' => $direct,
],
'guest'
);

5
core/templates/loginflow/authpicker.php
Unescape View File

@ -46,7 +46,7 @@ $urlGenerator = $_['urlGenerator'];
<br/>
<p id="redirect-link">
<a href="<?php p($urlGenerator->linkToRoute('core.ClientFlowLogin.grantPage', ['stateToken' => $_['stateToken'], 'clientIdentifier' => $_['clientIdentifier'], 'oauthState' => $_['oauthState'], 'user' => $_['user']])) ?>">
<a href="<?php p($urlGenerator->linkToRoute('core.ClientFlowLogin.grantPage', ['stateToken' => $_['stateToken'], 'clientIdentifier' => $_['clientIdentifier'], 'oauthState' => $_['oauthState'], 'user' => $_['user'], 'direct' => $_['direct']])) ?>">
<input type="submit" class="login primary icon-confirm-white" value="<?php p($l->t('Log in')) ?>">
</a>
</p>
@ -62,6 +62,9 @@ $urlGenerator = $_['urlGenerator'];
</p>
<input type="hidden" name="stateToken" value="<?php p($_['stateToken']) ?>" />
<input type="hidden" name="requesttoken" value="<?php p($_['requesttoken']) ?>">
<?php if ($_['direct'] !== 0) { ?>
<input type="hidden" name="direct" value="<?php p($_['direct']) ?>">
<?php } ?>
<input id="submit-app-token-login" type="submit" class="login primary icon-confirm-white" value="<?php p($l->t('Grant access')) ?>">
</form>

15
core/templates/loginflow/grant.php
Unescape View File

@ -39,14 +39,17 @@ $urlGenerator = $_['urlGenerator'];
<br/>
<p id="redirect-link">
<form method="POST" action="<?php p($urlGenerator->linkToRouteAbsolute('core.ClientFlowLogin.generateAppPassword')) ?>">
<input type="hidden" name="clientIdentifier" value="<?php p($_['clientIdentifier']) ?>" />
<input type="hidden" name="requesttoken" value="<?php p($_['requesttoken']) ?>" />
<input type="hidden" name="stateToken" value="<?php p($_['stateToken']) ?>" />
<input type="hidden" name="oauthState" value="<?php p($_['oauthState']) ?>" />
<form method="POST" action="<?php p($urlGenerator->linkToRouteAbsolute('core.ClientFlowLogin.generateAppPassword')) ?>">
<input type="hidden" name="clientIdentifier" value="<?php p($_['clientIdentifier']) ?>" />
<input type="hidden" name="requesttoken" value="<?php p($_['requesttoken']) ?>" />
<input type="hidden" name="stateToken" value="<?php p($_['stateToken']) ?>" />
<input type="hidden" name="oauthState" value="<?php p($_['oauthState']) ?>" />
<?php if (p($_['direct'])) { ?>
<input type="hidden" name="direct" value="1" />
<?php } ?>
<div id="submit-wrapper">
<input type="submit" class="login primary icon-confirm-white" title="" value="<?php p($l->t('Grant access')); ?>" />
</div>
</div>
</form>
</p>
</div>

3
lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php
Unescape View File

@ -264,6 +264,9 @@ class SecurityMiddleware extends Middleware {
if ($usernamePrefill !== '') {
$params['user'] = $usernamePrefill;
}
if ($this->request->getParam('direct')) {
$params['direct'] = 1;
}
$url = $this->urlGenerator->linkToRoute('core.login.showLoginForm', $params);
$response = new RedirectResponse($url);
} else {

2
tests/Core/Controller/ClientFlowLoginControllerTest.php
Unescape View File

@ -184,6 +184,7 @@ class ClientFlowLoginControllerTest extends TestCase {
'serverHost' => 'https://example.com',
'oauthState' => 'OauthStateToken',
'user' => '',
'direct' => 0
],
'guest'
);
@ -248,6 +249,7 @@ class ClientFlowLoginControllerTest extends TestCase {
'serverHost' => 'https://example.com',
'oauthState' => 'OauthStateToken',
'user' => '',
'direct' => 0
],
'guest'
);

Write Preview
Loading…
Cancel
Save