github
/
portainer
mirror of https://github.com/portainer/portainer
1
0
Fork 0
Code Issues Releases Wiki Activity

fix(oauth): okta support

pull/3051/head
xAt0mZ 2019-07-26 18:17:44 +02:00
parent a6692ee526
commit b537a9ad0d
2 changed files with 31 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/portainer/services/localStorage.js
View File

@ -14,6 +14,12 @@ angular.module('portainer.app')
getEndpointPublicURL: function() { getEndpointPublicURL: function() {
return localStorageService.get('ENDPOINT_PUBLIC_URL'); return localStorageService.get('ENDPOINT_PUBLIC_URL');
}, },
storeLoginStateUUID: function(uuid) {
localStorageService.set('LOGIN_STATE_UUID', uuid);
},
getLoginStateUUID: function() {
return localStorageService.get('LOGIN_STATE_UUID');
},
storeOfflineMode: function(isOffline) { storeOfflineMode: function(isOffline) {
localStorageService.set('ENDPOINT_OFFLINE_MODE', isOffline); localStorageService.set('ENDPOINT_OFFLINE_MODE', isOffline);
}, },

30
app/portainer/views/auth/authController.js
View File

@ -1,6 +1,8 @@
import uuidv4 from 'uuid/v4';
angular.module('portainer.app') angular.module('portainer.app')
.controller('AuthenticationController', ['$async', '$q', '$scope', '$state', '$stateParams', '$sanitize', 'Authentication', 'UserService', 'EndpointService', 'ExtensionService', 'StateManager', 'Notifications', 'SettingsService', 'URLHelper', .controller('AuthenticationController', ['$async', '$q', '$scope', '$state', '$stateParams', '$sanitize', 'Authentication', 'UserService', 'EndpointService', 'ExtensionService', 'StateManager', 'Notifications', 'SettingsService', 'URLHelper', 'LocalStorage',
function($async, $q, $scope, $state, $stateParams, $sanitize, Authentication, UserService, EndpointService, ExtensionService, StateManager, Notifications, SettingsService, URLHelper) { function($async, $q, $scope, $state, $stateParams, $sanitize, Authentication, UserService, EndpointService, ExtensionService, StateManager, Notifications, SettingsService, URLHelper, LocalStorage) {
$scope.logo = StateManager.getState().application.logo; $scope.logo = StateManager.getState().application.logo;
$scope.formValues = { $scope.formValues = {
@ -116,12 +118,29 @@ function($async, $q, $scope, $state, $stateParams, $sanitize, Authentication, Us
return 'OAuth'; return 'OAuth';
} }
function generateState() {
if ($scope.state.OAuthProvider !== 'OAuth') {
return '';
}
const uuid = uuidv4();
LocalStorage.storeLoginStateUUID(uuid);
return '&state=' + uuid;
}
function hasValidState(state) {
if ($scope.state.OAuthProvider !== 'OAuth') {
return true;
}
const savedUUID = LocalStorage.getLoginStateUUID();
return savedUUID === state;
}
function initView() { function initView() {
SettingsService.publicSettings() SettingsService.publicSettings()
.then(function success(settings) { .then(function success(settings) {
$scope.AuthenticationMethod = settings.AuthenticationMethod; $scope.AuthenticationMethod = settings.AuthenticationMethod;
$scope.OAuthLoginURI = settings.OAuthLoginURI;
$scope.state.OAuthProvider = determineOauthProvider(settings.OAuthLoginURI); $scope.state.OAuthProvider = determineOauthProvider(settings.OAuthLoginURI);
$scope.OAuthLoginURI = settings.OAuthLoginURI + generateState();
}); });
if ($stateParams.logout || $stateParams.error) { if ($stateParams.logout || $stateParams.error) {
@ -142,8 +161,9 @@ function($async, $q, $scope, $state, $stateParams, $sanitize, Authentication, Us
authenticatedFlow(); authenticatedFlow();
} }
var code = URLHelper.getParameter('code'); const code = URLHelper.getParameter('code');
if (code) { const state = URLHelper.getParameter('state');
if (code && hasValidState(state)) {
oAuthLogin(code); oAuthLogin(code);
} else { } else {
$scope.state.isInOAuthProcess = false; $scope.state.isInOAuthProcess = false;