llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-07-09 01:13:41 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: fix bug that login by saml provider can not find application (#1676)

Browse Source
This commit is contained in:
Yaodong Yu
2023-03-23 21:38:33 +08:00
committed by GitHub
parent f191488338
commit c6146a9149
7 changed files with 37 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
controllers/account.go
View File

@ -50,6 +50,7 @@ type RequestForm struct {
Region string `json:"region"` Region string `json:"region"`
Application string `json:"application"` Application string `json:"application"`
ClientId string `json:"clientId"`
Provider string `json:"provider"` Provider string `json:"provider"`
Code string `json:"code"` Code string `json:"code"`
State string `json:"state"` State string `json:"state"`

8
controllers/auth.go
View File

@ -334,7 +334,13 @@ func (c *ApiController) Login() {
util.SafeGoroutine(func() { object.AddRecord(record) }) util.SafeGoroutine(func() { object.AddRecord(record) })
} }
} else if form.Provider != "" { } else if form.Provider != "" {
application := object.GetApplication(fmt.Sprintf("admin/%s", form.Application)) var application *object.Application
if form.ClientId != "" {
application = object.GetApplicationByClientId(form.ClientId)
} else {
application = object.GetApplication(fmt.Sprintf("admin/%s", form.Application))
}
if application == nil { if application == nil {
c.ResponseError(fmt.Sprintf(c.T("auth:The application: %s does not exist"), form.Application)) c.ResponseError(fmt.Sprintf(c.T("auth:The application: %s does not exist"), form.Application))
return return

11
object/saml_sp.go
View File

@ -36,13 +36,11 @@ func ParseSamlResponse(samlResponse string, providerType string) (string, error)
return "", err return "", err
} }
assertionInfo, err := sp.RetrieveAssertionInfo(samlResponse) assertionInfo, err := sp.RetrieveAssertionInfo(samlResponse)
if err != nil {
panic(err) return assertionInfo.NameID, err
}
return assertionInfo.NameID, nil
} }
func GenerateSamlLoginUrl(id, relayState, lang string) (string, string, error) { func GenerateSamlLoginUrl(id, relayState, lang string) (auth string, method string, err error) {
provider := GetProvider(id) provider := GetProvider(id)
if provider.Category != "SAML" { if provider.Category != "SAML" {
return "", "", fmt.Errorf(i18n.Translate(lang, "saml_sp:provider %s's category is not SAML"), provider.Name) return "", "", fmt.Errorf(i18n.Translate(lang, "saml_sp:provider %s's category is not SAML"), provider.Name)
@ -51,8 +49,7 @@ func GenerateSamlLoginUrl(id, relayState, lang string) (string, string, error) {
if err != nil { if err != nil {
return "", "", err return "", "", err
} }
auth := ""
method := ""
if provider.EnableSignAuthnRequest { if provider.EnableSignAuthnRequest {
post, err := sp.BuildAuthBodyPost(relayState) post, err := sp.BuildAuthBodyPost(relayState)
if err != nil { if err != nil {

34
web/src/auth/LoginPage.js
View File

@ -101,7 +101,6 @@ class LoginPage extends React.Component {
application: res.data, application: res.data,
}); });
} else { } else {
// Setting.showMessage("error", res.msg);
this.onUpdateApplication(null); this.onUpdateApplication(null);
this.setState({ this.setState({
application: res.data, application: res.data,
@ -183,25 +182,19 @@ class LoginPage extends React.Component {
} }
populateOauthValues(values) { populateOauthValues(values) {
const oAuthParams = Util.getOAuthGetParameters();
if (oAuthParams !== null && oAuthParams.responseType !== null && oAuthParams.responseType !== "") {
values["type"] = oAuthParams.responseType;
} else {
values["type"] = this.state.type;
}
if (oAuthParams !== null) {
values["samlRequest"] = oAuthParams.samlRequest;
}
if (values["samlRequest"] !== null && values["samlRequest"] !== "" && values["samlRequest"] !== undefined) {
values["type"] = "saml";
values["relayState"] = oAuthParams.relayState;
}
if (this.getApplicationObj()?.organization) { if (this.getApplicationObj()?.organization) {
values["organization"] = this.getApplicationObj().organization; values["organization"] = this.getApplicationObj().organization;
} }
const oAuthParams = Util.getOAuthGetParameters();
values["type"] = oAuthParams?.responseType ?? this.state.type;
if (oAuthParams?.samlRequest) {
values["samlRequest"] = oAuthParams.samlRequest;
values["type"] = "saml";
values["relayState"] = oAuthParams.relayState;
}
} }
sendPopupData(message, redirectUri) { sendPopupData(message, redirectUri) {
@ -305,7 +298,6 @@ class LoginPage extends React.Component {
// OAuth // OAuth
const oAuthParams = Util.getOAuthGetParameters(); const oAuthParams = Util.getOAuthGetParameters();
this.populateOauthValues(values); this.populateOauthValues(values);
AuthBackend.login(values, oAuthParams) AuthBackend.login(values, oAuthParams)
.then((res) => { .then((res) => {
if (res.status === "ok") { if (res.status === "ok") {
@ -662,9 +654,6 @@ class LoginPage extends React.Component {
return ( return (
<div> <div>
{/* {*/}
{/* JSON.stringify(silentSignin)*/}
{/* }*/}
<div style={{fontSize: 16, textAlign: "left"}}> <div style={{fontSize: 16, textAlign: "left"}}>
{i18next.t("login:Continue with")}&nbsp;: {i18next.t("login:Continue with")}&nbsp;:
</div> </div>
@ -856,9 +845,6 @@ class LoginPage extends React.Component {
{ {
Setting.renderLogo(application) Setting.renderLogo(application)
} }
{/* {*/}
{/* this.state.clientId !== null ? "Redirect" : null*/}
{/* }*/}
<SelectLanguageBox languages={application.organizationObj.languages} style={{top: "55px", right: "5px", position: "absolute"}} /> <SelectLanguageBox languages={application.organizationObj.languages} style={{top: "55px", right: "5px", position: "absolute"}} />
{ {
this.renderSignedInBox() this.renderSignedInBox()

7
web/src/auth/ProviderButton.js
View File

@ -101,12 +101,13 @@ function getSigninButton(type) {
function getSamlUrl(provider, location) { function getSamlUrl(provider, location) {
const params = new URLSearchParams(location.search); const params = new URLSearchParams(location.search);
const clientId = params.get("client_id"); const clientId = params.get("client_id") ?? "";
const application = params.get("state"); const state = params.get("state");
const realRedirectUri = params.get("redirect_uri"); const realRedirectUri = params.get("redirect_uri");
const redirectUri = `${window.location.origin}/callback/saml`; const redirectUri = `${window.location.origin}/callback/saml`;
const providerName = provider.name; const providerName = provider.name;
const relayState = `${clientId}&${application}&${providerName}&${realRedirectUri}&${redirectUri}`;
const relayState = `${clientId}&${state}&${providerName}&${realRedirectUri}&${redirectUri}`;
AuthBackend.getSamlLogin(`${provider.owner}/${providerName}`, btoa(relayState)).then((res) => { AuthBackend.getSamlLogin(`${provider.owner}/${providerName}`, btoa(relayState)).then((res) => {
if (res.data2 === "POST") { if (res.data2 === "POST") {
document.write(res.data); document.write(res.data);

15
web/src/auth/SamlCallback.js
View File

@ -49,18 +49,21 @@ class SamlCallback extends React.Component {
const params = new URLSearchParams(this.props.location.search); const params = new URLSearchParams(this.props.location.search);
const relayState = params.get("relayState"); const relayState = params.get("relayState");
const samlResponse = params.get("samlResponse"); const samlResponse = params.get("samlResponse");
const messages = atob(relayState).split("&"); const messages = atob(relayState).split("&");
const clientId = messages[0]; const clientId = messages[0] === "" ? "" : messages[0];
const applicationName = (messages[1] === "null" || messages[1] === "undefined") ? "app-built-in" : messages[1]; const application = messages[0] === "" ? "app-built-in" : "";
const state = messages[1];
const providerName = messages[2]; const providerName = messages[2];
const redirectUri = messages[3]; const redirectUri = messages[3];
const responseType = this.getResponseType(redirectUri); const responseType = this.getResponseType(redirectUri);
const body = { const body = {
type: responseType, type: responseType,
application: applicationName, clientId: clientId,
provider: providerName, provider: providerName,
state: applicationName, state: state,
application: application,
redirectUri: `${window.location.origin}/callback`, redirectUri: `${window.location.origin}/callback`,
method: "signup", method: "signup",
relayState: relayState, relayState: relayState,
@ -71,7 +74,7 @@ class SamlCallback extends React.Component {
if (clientId === null || clientId === "") { if (clientId === null || clientId === "") {
param = ""; param = "";
} else { } else {
param = `?clientId=${clientId}&responseType=${responseType}&redirectUri=${redirectUri}&scope=read&state=${applicationName}`; param = `?clientId=${clientId}&responseType=${responseType}&redirectUri=${redirectUri}&scope=read&state=${state}`;
} }
AuthBackend.loginWithSaml(body, param) AuthBackend.loginWithSaml(body, param)
@ -83,7 +86,7 @@ class SamlCallback extends React.Component {
Setting.goToLink("/"); Setting.goToLink("/");
} else if (responseType === "code") { } else if (responseType === "code") {
const code = res.data; const code = res.data;
Setting.goToLink(`${redirectUri}?code=${code}&state=${applicationName}`); Setting.goToLink(`${redirectUri}?code=${code}&state=${state}`);
} }
} else { } else {
this.setState({ this.setState({

10
web/src/auth/Util.js
View File

@ -54,12 +54,6 @@ export function renderMessageLarge(ths, msg) {
}}> }}>
Back Back
</Button>, </Button>,
// <Button key="home" onClick={() => Setting.goToLinkSoft(ths, "/")}>
// Home
// </Button>,
// <Button type="primary" key="signup" onClick={() => Setting.goToLinkSoft(ths, "/signup")}>
// Sign Up
// </Button>,
]} ]}
> >
</Result> </Result>
@ -71,7 +65,7 @@ export function renderMessageLarge(ths, msg) {
} }
function getRefinedValue(value) { function getRefinedValue(value) {
return (value === null) ? "" : value; return value ?? "";
} }
export function getCasParameters(params) { export function getCasParameters(params) {
@ -100,7 +94,7 @@ export function getOAuthGetParameters(params) {
const relayState = getRefinedValue(queries.get("RelayState")); const relayState = getRefinedValue(queries.get("RelayState"));
const noRedirect = getRefinedValue(queries.get("noRedirect")); const noRedirect = getRefinedValue(queries.get("noRedirect"));
if ((clientId === undefined || clientId === null || clientId === "") && (samlRequest === "" || samlRequest === undefined)) { if (clientId === "" && samlRequest === "") {
// login // login
return null; return null;
} else { } else {