diff --git a/object/application.go b/object/application.go index 16ab1a21..6ab37392 100644 --- a/object/application.go +++ b/object/application.go @@ -51,6 +51,7 @@ type Application struct { EnableCodeSignin bool `json:"enableCodeSignin"` EnableSamlCompress bool `json:"enableSamlCompress"` EnableWebAuthn bool `json:"enableWebAuthn"` + SamlReplyUrl string `xorm:"varchar(100)" json:"samlReplyUrl"` Providers []*ProviderItem `xorm:"mediumtext" json:"providers"` SignupItems []*SignupItem `xorm:"varchar(1000)" json:"signupItems"` GrantTypes []string `xorm:"varchar(1000)" json:"grantTypes"` diff --git a/object/saml_idp.go b/object/saml_idp.go index 1983daf4..6a6f4243 100644 --- a/object/saml_idp.go +++ b/object/saml_idp.go @@ -251,6 +251,11 @@ func GetSamlResponse(application *Application, user *User, samlRequest string, h _, originBackend := getOriginFromHost(host) + // redirect Url (Assertion Consumer Url) + if application.SamlReplyUrl != "" { + authnRequest.AssertionConsumerServiceURL = application.SamlReplyUrl + } + // build signedResponse samlResponse, _ := NewSamlResponse(user, originBackend, certificate, authnRequest.AssertionConsumerServiceURL, authnRequest.Issuer.Url, authnRequest.ID, application.RedirectUris) randomKeyStore := &X509Key{ diff --git a/web/src/ApplicationEditPage.js b/web/src/ApplicationEditPage.js index c354eaff..e8ae2cc9 100644 --- a/web/src/ApplicationEditPage.js +++ b/web/src/ApplicationEditPage.js @@ -545,6 +545,16 @@ class ApplicationEditPage extends React.Component { + + + {Setting.getLabel(i18next.t("application:SAML Reply URL"), i18next.t("application:Redirect URL (Assertion Consumer Service POST Binding URL) - Tooltip"))} : + + + } value={this.state.application.samlReplyUrl} onChange={e => { + this.updateApplicationField("samlReplyUrl", e.target.value); + }} /> + + {Setting.getLabel(i18next.t("application:Enable SAML compress"), i18next.t("application:Enable SAML compress - Tooltip"))} : diff --git a/web/src/auth/LoginPage.js b/web/src/auth/LoginPage.js index 5f71168e..68351366 100644 --- a/web/src/auth/LoginPage.js +++ b/web/src/auth/LoginPage.js @@ -29,6 +29,7 @@ import CustomGithubCorner from "../CustomGithubCorner"; import {CountDownInput} from "../common/CountDownInput"; import SelectLanguageBox from "../SelectLanguageBox"; import {CaptchaModal} from "../common/CaptchaModal"; +import RedirectForm from "../common/RedirectForm"; class LoginPage extends React.Component { constructor(props) { @@ -49,6 +50,9 @@ class LoginPage extends React.Component { enableCaptchaModal: false, openCaptchaModal: false, verifyCaptcha: undefined, + samlResponse: "", + relayState: "", + redirectUrl: "", }; if (this.state.type === "cas" && props.match?.params.casApplicationName !== undefined) { @@ -184,6 +188,7 @@ class LoginPage extends React.Component { if (values["samlRequest"] !== null && values["samlRequest"] !== "" && values["samlRequest"] !== undefined) { values["type"] = "saml"; + values["relayState"] = oAuthParams.relayState; } if (this.state.application.organization !== null && this.state.application.organization !== undefined) { @@ -312,7 +317,15 @@ class LoginPage extends React.Component { } else if (responseType === "saml") { const SAMLResponse = res.data; const redirectUri = res.data2; - Setting.goToLink(`${redirectUri}?SAMLResponse=${encodeURIComponent(SAMLResponse)}&RelayState=${oAuthParams.relayState}`); + if (this.state.application.assertionConsumerUrl !== "") { + this.setState({ + samlResponse: res.data, + redirectUrl: res.data2, + relayState: oAuthParams.relayState, + }); + } else { + Setting.goToLink(`${redirectUri}?SAMLResponse=${encodeURIComponent(SAMLResponse)}&RelayState=${oAuthParams.relayState}`); + } } } else { this.setState({openCaptchaModal: false}); @@ -761,6 +774,10 @@ class LoginPage extends React.Component { return Util.renderMessageLarge(this, this.state.msg); } + if (this.state.samlResponse !== "") { + return ; + } + if (application.signinHtml !== "") { return (
diff --git a/web/src/common/CaptchaWidget.js b/web/src/common/CaptchaWidget.js index 4299c36e..95432cb4 100644 --- a/web/src/common/CaptchaWidget.js +++ b/web/src/common/CaptchaWidget.js @@ -125,5 +125,5 @@ export const CaptchaWidget = ({captchaType, subType, siteKey, clientSecret, onCh } }, [captchaType, subType, siteKey, clientSecret, clientId2, clientSecret2]); - return
; + return
; }; diff --git a/web/src/common/RedirectForm.js b/web/src/common/RedirectForm.js new file mode 100644 index 00000000..0be2cb93 --- /dev/null +++ b/web/src/common/RedirectForm.js @@ -0,0 +1,43 @@ +// Copyright 2022 The Casdoor Authors. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +import React, {useEffect} from "react"; + +export const RedirectForm = (props) => { + + useEffect(() => { + document.getElementById("saml").submit(); + }, []); + + return (<> +

Redirecting, please wait.

+
+ + +
+ + ); +}; + +export default RedirectForm; diff --git a/web/src/locales/de/data.json b/web/src/locales/de/data.json index adc5f005..dad451f7 100644 --- a/web/src/locales/de/data.json +++ b/web/src/locales/de/data.json @@ -58,12 +58,14 @@ "Please select a HTML file": "Bitte wählen Sie eine HTML-Datei", "Prompt page URL copied to clipboard successfully, please paste it into the incognito window or another browser": "Prompt page URL copied to clipboard successfully, please paste it into the incognito window or another browser", "Redirect URL": "Weiterleitungs-URL", + "Redirect URL (Assertion Consumer Service POST Binding URL) - Tooltip": "Redirect URL (Assertion Consumer Service POST Binding URL) - Tooltip", "Redirect URLs": "Umleitungs-URLs", "Redirect URLs - Tooltip": "List of redirect addresses after successful login", "Refresh token expire": "Aktualisierungs-Token läuft ab", "Refresh token expire - Tooltip": "Aktualisierungs-Token läuft ab - Tooltip", "Right": "Right", "Rule": "Rule", + "SAML Reply URL": "SAML Reply URL", "SAML metadata": "SAML metadata", "SAML metadata - Tooltip": "SAML metadata - Tooltip", "SAML metadata URL copied to clipboard successfully": "SAML metadata URL copied to clipboard successfully", @@ -435,6 +437,7 @@ "Detail": "Detail", "Detail - Tooltip": "Detail - Tooltip", "Edit Product": "Edit Product", + "I have completed the payment": "I have completed the payment", "Image": "Image", "Image - Tooltip": "Image - Tooltip", "New Product": "New Product", @@ -443,6 +446,8 @@ "Payment providers - Tooltip": "Payment providers - Tooltip", "Paypal": "Paypal", "Placing order...": "Placing order...", + "Please provide your username in the remark": "Please provide your username in the remark", + "Please scan the QR code to pay": "Please scan the QR code to pay", "Price": "Price", "Price - Tooltip": "Price - Tooltip", "Quantity": "Quantity", diff --git a/web/src/locales/en/data.json b/web/src/locales/en/data.json index e9d522a1..c6f55237 100644 --- a/web/src/locales/en/data.json +++ b/web/src/locales/en/data.json @@ -58,12 +58,14 @@ "Please select a HTML file": "Please select a HTML file", "Prompt page URL copied to clipboard successfully, please paste it into the incognito window or another browser": "Prompt page URL copied to clipboard successfully, please paste it into the incognito window or another browser", "Redirect URL": "Redirect URL", + "Redirect URL (Assertion Consumer Service POST Binding URL) - Tooltip": "Redirect URL (Assertion Consumer Service POST Binding URL) - Tooltip", "Redirect URLs": "Redirect URLs", "Redirect URLs - Tooltip": "Redirect URLs - Tooltip", "Refresh token expire": "Refresh token expire", "Refresh token expire - Tooltip": "Refresh token expire - Tooltip", "Right": "Right", "Rule": "Rule", + "SAML Reply URL": "SAML Reply URL", "SAML metadata": "SAML metadata", "SAML metadata - Tooltip": "SAML metadata - Tooltip", "SAML metadata URL copied to clipboard successfully": "SAML metadata URL copied to clipboard successfully", @@ -435,6 +437,7 @@ "Detail": "Detail", "Detail - Tooltip": "Detail - Tooltip", "Edit Product": "Edit Product", + "I have completed the payment": "I have completed the payment", "Image": "Image", "Image - Tooltip": "Image - Tooltip", "New Product": "New Product", @@ -443,6 +446,8 @@ "Payment providers - Tooltip": "Payment providers - Tooltip", "Paypal": "Paypal", "Placing order...": "Placing order...", + "Please provide your username in the remark": "Please provide your username in the remark", + "Please scan the QR code to pay": "Please scan the QR code to pay", "Price": "Price", "Price - Tooltip": "Price - Tooltip", "Quantity": "Quantity", diff --git a/web/src/locales/fr/data.json b/web/src/locales/fr/data.json index bab1ec4b..29fcaf0c 100644 --- a/web/src/locales/fr/data.json +++ b/web/src/locales/fr/data.json @@ -58,12 +58,14 @@ "Please select a HTML file": "Veuillez sélectionner un fichier HTML", "Prompt page URL copied to clipboard successfully, please paste it into the incognito window or another browser": "Prompt page URL copied to clipboard successfully, please paste it into the incognito window or another browser", "Redirect URL": "URL de redirection", + "Redirect URL (Assertion Consumer Service POST Binding URL) - Tooltip": "Redirect URL (Assertion Consumer Service POST Binding URL) - Tooltip", "Redirect URLs": "URL de redirection", "Redirect URLs - Tooltip": "List of redirect addresses after successful login", "Refresh token expire": "Expiration du jeton d'actualisation", "Refresh token expire - Tooltip": "Expiration du jeton d'actualisation - infobulle", "Right": "Right", "Rule": "Rule", + "SAML Reply URL": "SAML Reply URL", "SAML metadata": "SAML metadata", "SAML metadata - Tooltip": "SAML metadata - Tooltip", "SAML metadata URL copied to clipboard successfully": "SAML metadata URL copied to clipboard successfully", @@ -435,6 +437,7 @@ "Detail": "Detail", "Detail - Tooltip": "Detail - Tooltip", "Edit Product": "Edit Product", + "I have completed the payment": "I have completed the payment", "Image": "Image", "Image - Tooltip": "Image - Tooltip", "New Product": "New Product", @@ -443,6 +446,8 @@ "Payment providers - Tooltip": "Payment providers - Tooltip", "Paypal": "Paypal", "Placing order...": "Placing order...", + "Please provide your username in the remark": "Please provide your username in the remark", + "Please scan the QR code to pay": "Please scan the QR code to pay", "Price": "Price", "Price - Tooltip": "Price - Tooltip", "Quantity": "Quantity", diff --git a/web/src/locales/ja/data.json b/web/src/locales/ja/data.json index e8109ac0..c9256a78 100644 --- a/web/src/locales/ja/data.json +++ b/web/src/locales/ja/data.json @@ -58,12 +58,14 @@ "Please select a HTML file": "HTMLファイルを選択してください", "Prompt page URL copied to clipboard successfully, please paste it into the incognito window or another browser": "Prompt page URL copied to clipboard successfully, please paste it into the incognito window or another browser", "Redirect URL": "リダイレクトURL", + "Redirect URL (Assertion Consumer Service POST Binding URL) - Tooltip": "Redirect URL (Assertion Consumer Service POST Binding URL) - Tooltip", "Redirect URLs": "リダイレクトURL", "Redirect URLs - Tooltip": "List of redirect addresses after successful login", "Refresh token expire": "トークンの更新の期限が切れます", "Refresh token expire - Tooltip": "トークンの有効期限を更新する - ツールチップ", "Right": "Right", "Rule": "Rule", + "SAML Reply URL": "SAML Reply URL", "SAML metadata": "SAML metadata", "SAML metadata - Tooltip": "SAML metadata - Tooltip", "SAML metadata URL copied to clipboard successfully": "SAML metadata URL copied to clipboard successfully", @@ -435,6 +437,7 @@ "Detail": "Detail", "Detail - Tooltip": "Detail - Tooltip", "Edit Product": "Edit Product", + "I have completed the payment": "I have completed the payment", "Image": "Image", "Image - Tooltip": "Image - Tooltip", "New Product": "New Product", @@ -443,6 +446,8 @@ "Payment providers - Tooltip": "Payment providers - Tooltip", "Paypal": "Paypal", "Placing order...": "Placing order...", + "Please provide your username in the remark": "Please provide your username in the remark", + "Please scan the QR code to pay": "Please scan the QR code to pay", "Price": "Price", "Price - Tooltip": "Price - Tooltip", "Quantity": "Quantity", diff --git a/web/src/locales/ko/data.json b/web/src/locales/ko/data.json index 05b5c9d2..44c71d33 100644 --- a/web/src/locales/ko/data.json +++ b/web/src/locales/ko/data.json @@ -58,12 +58,14 @@ "Please select a HTML file": "Please select a HTML file", "Prompt page URL copied to clipboard successfully, please paste it into the incognito window or another browser": "Prompt page URL copied to clipboard successfully, please paste it into the incognito window or another browser", "Redirect URL": "Redirect URL", + "Redirect URL (Assertion Consumer Service POST Binding URL) - Tooltip": "Redirect URL (Assertion Consumer Service POST Binding URL) - Tooltip", "Redirect URLs": "Redirect URLs", "Redirect URLs - Tooltip": "List of redirect addresses after successful login", "Refresh token expire": "Refresh token expire", "Refresh token expire - Tooltip": "Refresh token expire - Tooltip", "Right": "Right", "Rule": "Rule", + "SAML Reply URL": "SAML Reply URL", "SAML metadata": "SAML metadata", "SAML metadata - Tooltip": "SAML metadata - Tooltip", "SAML metadata URL copied to clipboard successfully": "SAML metadata URL copied to clipboard successfully", @@ -435,6 +437,7 @@ "Detail": "Detail", "Detail - Tooltip": "Detail - Tooltip", "Edit Product": "Edit Product", + "I have completed the payment": "I have completed the payment", "Image": "Image", "Image - Tooltip": "Image - Tooltip", "New Product": "New Product", @@ -443,6 +446,8 @@ "Payment providers - Tooltip": "Payment providers - Tooltip", "Paypal": "Paypal", "Placing order...": "Placing order...", + "Please provide your username in the remark": "Please provide your username in the remark", + "Please scan the QR code to pay": "Please scan the QR code to pay", "Price": "Price", "Price - Tooltip": "Price - Tooltip", "Quantity": "Quantity", diff --git a/web/src/locales/ru/data.json b/web/src/locales/ru/data.json index 5af89de4..03ca1e48 100644 --- a/web/src/locales/ru/data.json +++ b/web/src/locales/ru/data.json @@ -58,12 +58,14 @@ "Please select a HTML file": "Пожалуйста, выберите HTML-файл", "Prompt page URL copied to clipboard successfully, please paste it into the incognito window or another browser": "Ссылка на страницу успешно скопирована в буфер обмена, пожалуйста, вставьте ее в окно инкогнито или другой браузер", "Redirect URL": "URL перенаправления", + "Redirect URL (Assertion Consumer Service POST Binding URL) - Tooltip": "Redirect URL (Assertion Consumer Service POST Binding URL) - Tooltip", "Redirect URLs": "Перенаправление URL", "Redirect URLs - Tooltip": "List of redirect addresses after successful login", "Refresh token expire": "Срок действия обновления токена истекает", "Refresh token expire - Tooltip": "Срок обновления токена истекает - Подсказка", "Right": "Right", "Rule": "правило", + "SAML Reply URL": "SAML Reply URL", "SAML metadata": "Метаданные SAML", "SAML metadata - Tooltip": "Метаданные SAML - Подсказка", "SAML metadata URL copied to clipboard successfully": "Адрес метаданных SAML скопирован в буфер обмена", @@ -435,6 +437,7 @@ "Detail": "Сведения", "Detail - Tooltip": "Detail - Tooltip", "Edit Product": "Редактирование продукта", + "I have completed the payment": "I have completed the payment", "Image": "Изображение", "Image - Tooltip": "Image - Tooltip", "New Product": "Новый продукт", @@ -443,6 +446,8 @@ "Payment providers - Tooltip": "Payment providers - Tooltip", "Paypal": "PayPal", "Placing order...": "Placing order...", + "Please provide your username in the remark": "Please provide your username in the remark", + "Please scan the QR code to pay": "Please scan the QR code to pay", "Price": "Цена", "Price - Tooltip": "Price - Tooltip", "Quantity": "Quantity", diff --git a/web/src/locales/zh/data.json b/web/src/locales/zh/data.json index cd14eea9..46296516 100644 --- a/web/src/locales/zh/data.json +++ b/web/src/locales/zh/data.json @@ -58,12 +58,14 @@ "Please select a HTML file": "请选择一个HTML文件", "Prompt page URL copied to clipboard successfully, please paste it into the incognito window or another browser": "提醒页面URL已成功复制到剪贴板,请粘贴到当前浏览器的隐身模式窗口或另一个浏览器访问", "Redirect URL": "重定向 URL", + "Redirect URL (Assertion Consumer Service POST Binding URL) - Tooltip": "回复 URL (断言使用者服务 URL, 使用POST请求返回响应) - Tooltip", "Redirect URLs": "重定向 URLs", "Redirect URLs - Tooltip": "登录成功后重定向地址列表", "Refresh token expire": "Refresh Token过期", "Refresh token expire - Tooltip": "Refresh Token过期时间", "Right": "居右", "Rule": "规则", + "SAML Reply URL": "SAML回复 URL", "SAML metadata": "SAML元数据", "SAML metadata - Tooltip": "SAML协议的元数据(Metadata)信息", "SAML metadata URL copied to clipboard successfully": "SAML元数据URL已成功复制到剪贴板", @@ -435,6 +437,7 @@ "Detail": "详情", "Detail - Tooltip": "详情 - 工具提示", "Edit Product": "编辑商品", + "I have completed the payment": "支付完成", "Image": "图片", "Image - Tooltip": "图片 - 工具提示", "New Product": "添加商品", @@ -443,6 +446,8 @@ "Payment providers - Tooltip": "支付提供商 - 工具提示", "Paypal": "PayPal(贝宝)", "Placing order...": "正在下单...", + "Please provide your username in the remark": "Please provide your username in the remark", + "Please scan the QR code to pay": "请扫描二维码支付", "Price": "价格", "Price - Tooltip": "价格 - 工具提示", "Quantity": "库存",