feat: support AuthnRequest in SAML (#372)

Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
2025-07-04 13:20:19 +08:00 · 2021-12-15 21:38:00 +08:00
parent f43d01c5c2
commit 370e835499
6 changed files with 66 additions and 23 deletions
--- a/web/src/ProviderEditPage.js
+++ b/web/src/ProviderEditPage.js
@ -13,7 +13,7 @@
 // limitations under the License.

 import React from "react";
-import {Button, Card, Col, Input, InputNumber, Row, Select} from 'antd';
+import {Button, Card, Col, Input, InputNumber, Row, Select, Switch} from 'antd';
 import {LinkOutlined} from "@ant-design/icons";
 import * as ProviderBackend from "./backend/ProviderBackend";
 import * as Setting from "./Setting";
@ -418,6 +418,16 @@ class ProviderEditPage extends React.Component {
            </React.Fragment>
          ) : this.state.provider.category === "SAML" ? (
            <React.Fragment>
+              <Row style={{marginTop: '20px'}} >
+                <Col style={{marginTop: '5px'}} span={(Setting.isMobile()) ? 22 : 2}>
+                  {Setting.getLabel(i18next.t("provider:Sign request"), i18next.t("provider:Sign request - Tooltip"))} :
+                </Col>
+                <Col span={22} >
+                  <Switch checked={this.state.provider.enableSignAuthnRequest} onChange={checked => {
+                    this.updateProviderField('enableSignAuthnRequest', checked);
+                  }} />
+                </Col>
+              </Row>
              <Row style={{marginTop: '20px'}} >
                <Col style={{marginTop: '5px'}} span={(Setting.isMobile()) ? 22 : 2}>
                  {Setting.getLabel(i18next.t("provider:Metadata"), i18next.t("provider:Metadata - Tooltip"))} :
--- a/web/src/auth/AuthBackend.js
+++ b/web/src/auth/AuthBackend.js
@ -77,8 +77,8 @@ export function unlink(values) {
  }).then(res => res.json());
 }

-export function getSamlLogin(providerId) {
-  return fetch(`${authConfig.serverUrl}/api/get-saml-login?id=${providerId}`, {
+export function getSamlLogin(providerId, relayState) {
+  return fetch(`${authConfig.serverUrl}/api/get-saml-login?id=${providerId}&relayState=${relayState}`, {
    method: 'GET',
    credentials: 'include',
  }).then(res => res.json());
--- a/web/src/auth/LoginPage.js
+++ b/web/src/auth/LoginPage.js
@ -201,9 +201,13 @@ class LoginPage extends React.Component {
    let realRedirectUri = params.get("redirect_uri");
    let redirectUri = `${window.location.origin}/callback/saml`;
    let providerName = provider.name;
-    AuthBackend.getSamlLogin(`${provider.owner}/${providerName}`).then((res) => {
-      const replyState = `${clientId}&${application}&${providerName}&${realRedirectUri}&${redirectUri}`;
-      window.location.href = `${res.data}&RelayState=${btoa(replyState)}`;
+    let relayState = `${clientId}&${application}&${providerName}&${realRedirectUri}&${redirectUri}`;
+    AuthBackend.getSamlLogin(`${provider.owner}/${providerName}`, btoa(relayState)).then((res) => {
+      if (res.data2 === "POST") {
+        document.write(res.data)
+      } else {
+        window.location.href = res.data
+      }
    });
  }