llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-05-23 10:45:47 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: fix bug that login by saml provider can not find application (#1676)

Browse Source
This commit is contained in:
Yaodong Yu 2023-03-23 21:38:33 +08:00 committed by GitHub
parent f191488338
commit c6146a9149
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 37 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
controllers/account.go
View File

@ -50,6 +50,7 @@ type RequestForm struct {
Region string `json:"region"`
Application string `json:"application"`
ClientId string `json:"clientId"`
Provider string `json:"provider"`
Code string `json:"code"`
State string `json:"state"`

8
controllers/auth.go
View File

@ -334,7 +334,13 @@ func (c *ApiController) Login() {
util.SafeGoroutine(func() { object.AddRecord(record) })
}
} else if form.Provider != "" {
application := object.GetApplication(fmt.Sprintf("admin/%s", form.Application))
var application *object.Application
if form.ClientId != "" {
application = object.GetApplicationByClientId(form.ClientId)
} else {
application = object.GetApplication(fmt.Sprintf("admin/%s", form.Application))
}
if application == nil {
c.ResponseError(fmt.Sprintf(c.T("auth:The application: %s does not exist"), form.Application))
return

11
object/saml_sp.go
View File

@ -36,13 +36,11 @@ func ParseSamlResponse(samlResponse string, providerType string) (string, error)
return "", err
}
assertionInfo, err := sp.RetrieveAssertionInfo(samlResponse)
if err != nil {
panic(err)
}
return assertionInfo.NameID, nil
return assertionInfo.NameID, err
}
func GenerateSamlLoginUrl(id, relayState, lang string) (string, string, error) {
func GenerateSamlLoginUrl(id, relayState, lang string) (auth string, method string, err error) {
provider := GetProvider(id)
if provider.Category != "SAML" {
return "", "", fmt.Errorf(i18n.Translate(lang, "saml_sp:provider %s's category is not SAML"), provider.Name)
@ -51,8 +49,7 @@ func GenerateSamlLoginUrl(id, relayState, lang string) (string, string, error) {
if err != nil {
return "", "", err
}
auth := ""
method := ""
if provider.EnableSignAuthnRequest {
post, err := sp.BuildAuthBodyPost(relayState)
if err != nil {

34
web/src/auth/LoginPage.js
View File

@ -101,7 +101,6 @@ class LoginPage extends React.Component {
application: res.data,
});
} else {
// Setting.showMessage("error", res.msg);
this.onUpdateApplication(null);
this.setState({
application: res.data,
@ -183,25 +182,19 @@ class LoginPage extends React.Component {
}
populateOauthValues(values) {
const oAuthParams = Util.getOAuthGetParameters();
if (oAuthParams !== null && oAuthParams.responseType !== null && oAuthParams.responseType !== "") {
values["type"] = oAuthParams.responseType;
} else {
values["type"] = this.state.type;
}
if (oAuthParams !== null) {
values["samlRequest"] = oAuthParams.samlRequest;
}
if (values["samlRequest"] !== null && values["samlRequest"] !== "" && values["samlRequest"] !== undefined) {
values["type"] = "saml";
values["relayState"] = oAuthParams.relayState;
}
if (this.getApplicationObj()?.organization) {
values["organization"] = this.getApplicationObj().organization;
}
const oAuthParams = Util.getOAuthGetParameters();
values["type"] = oAuthParams?.responseType ?? this.state.type;
if (oAuthParams?.samlRequest) {
values["samlRequest"] = oAuthParams.samlRequest;
values["type"] = "saml";
values["relayState"] = oAuthParams.relayState;
}
}
sendPopupData(message, redirectUri) {
@ -305,7 +298,6 @@ class LoginPage extends React.Component {
// OAuth
const oAuthParams = Util.getOAuthGetParameters();
this.populateOauthValues(values);
AuthBackend.login(values, oAuthParams)
.then((res) => {
if (res.status === "ok") {
@ -662,9 +654,6 @@ class LoginPage extends React.Component {
return (
<div>
{/* {*/}
{/* JSON.stringify(silentSignin)*/}
{/* }*/}
<div style={{fontSize: 16, textAlign: "left"}}>
{i18next.t("login:Continue with")}&nbsp;:
</div>
@ -856,9 +845,6 @@ class LoginPage extends React.Component {
{
Setting.renderLogo(application)
}
{/* {*/}
{/* this.state.clientId !== null ? "Redirect" : null*/}
{/* }*/}
<SelectLanguageBox languages={application.organizationObj.languages} style={{top: "55px", right: "5px", position: "absolute"}} />
{
this.renderSignedInBox()

7
web/src/auth/ProviderButton.js
View File

@ -101,12 +101,13 @@ function getSigninButton(type) {
function getSamlUrl(provider, location) {
const params = new URLSearchParams(location.search);
const clientId = params.get("client_id");
const application = params.get("state");
const clientId = params.get("client_id") ?? "";
const state = params.get("state");
const realRedirectUri = params.get("redirect_uri");
const redirectUri = `${window.location.origin}/callback/saml`;
const providerName = provider.name;
const relayState = `${clientId}&${application}&${providerName}&${realRedirectUri}&${redirectUri}`;
const relayState = `${clientId}&${state}&${providerName}&${realRedirectUri}&${redirectUri}`;
AuthBackend.getSamlLogin(`${provider.owner}/${providerName}`, btoa(relayState)).then((res) => {
if (res.data2 === "POST") {
document.write(res.data);

15
web/src/auth/SamlCallback.js
View File

@ -49,18 +49,21 @@ class SamlCallback extends React.Component {
const params = new URLSearchParams(this.props.location.search);
const relayState = params.get("relayState");
const samlResponse = params.get("samlResponse");
const messages = atob(relayState).split("&");
const clientId = messages[0];
const applicationName = (messages[1] === "null" || messages[1] === "undefined") ? "app-built-in" : messages[1];
const clientId = messages[0] === "" ? "" : messages[0];
const application = messages[0] === "" ? "app-built-in" : "";
const state = messages[1];
const providerName = messages[2];
const redirectUri = messages[3];
const responseType = this.getResponseType(redirectUri);
const body = {
type: responseType,
application: applicationName,
clientId: clientId,
provider: providerName,
state: applicationName,
state: state,
application: application,
redirectUri: `${window.location.origin}/callback`,
method: "signup",
relayState: relayState,
@ -71,7 +74,7 @@ class SamlCallback extends React.Component {
if (clientId === null || clientId === "") {
param = "";
} else {
param = `?clientId=${clientId}&responseType=${responseType}&redirectUri=${redirectUri}&scope=read&state=${applicationName}`;
param = `?clientId=${clientId}&responseType=${responseType}&redirectUri=${redirectUri}&scope=read&state=${state}`;
}
AuthBackend.loginWithSaml(body, param)
@ -83,7 +86,7 @@ class SamlCallback extends React.Component {
Setting.goToLink("/");
} else if (responseType === "code") {
const code = res.data;
Setting.goToLink(`${redirectUri}?code=${code}&state=${applicationName}`);
Setting.goToLink(`${redirectUri}?code=${code}&state=${state}`);
}
} else {
this.setState({

10
web/src/auth/Util.js
View File

@ -54,12 +54,6 @@ export function renderMessageLarge(ths, msg) {
}}>
Back
</Button>,
// <Button key="home" onClick={() => Setting.goToLinkSoft(ths, "/")}>
// Home
// </Button>,
// <Button type="primary" key="signup" onClick={() => Setting.goToLinkSoft(ths, "/signup")}>
// Sign Up
// </Button>,
]}
>
</Result>
@ -71,7 +65,7 @@ export function renderMessageLarge(ths, msg) {
}
function getRefinedValue(value) {
return (value === null) ? "" : value;
return value ?? "";
}
export function getCasParameters(params) {
@ -100,7 +94,7 @@ export function getOAuthGetParameters(params) {
const relayState = getRefinedValue(queries.get("RelayState"));
const noRedirect = getRefinedValue(queries.get("noRedirect"));
if ((clientId === undefined || clientId === null || clientId === "") && (samlRequest === "" || samlRequest === undefined)) {
if (clientId === "" && samlRequest === "") {
// login
return null;
} else {