Skip to content

feat(oauth): Allow to skip grant step for selected applications #49670

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
blizzz merged 6 commits into from
Jan 7, 2025
Merged

feat(oauth): Allow to skip grant step for selected applications #49670

Changes from 1 commit
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
9b366c6
feat(oauth): Allow to skip the grant step for selected applications
come-nc Dec 5, 2024
e7be008
feat(oauth2): Skip page before login as well for authorized applications
come-nc Dec 9, 2024
99e0867
chore: Adapt tests to added constructor parameters
come-nc Dec 9, 2024
cca0e84
feat(oauth2): Add a test for skipping auth page
come-nc Dec 9, 2024
f52b4c5
fix: Remove skip of grant page, only skip first step
come-nc Dec 19, 2024
75f8bb5
fix: Rename config option to skipAuthPickerApplications to match what…
come-nc Dec 19, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
feat(oauth): Allow to skip the grant step for selected applications 
Signed-off-by: Côme Chilliet <[email protected]>
  • Loading branch information
@come-nc
come-nc committed Jan 7, 2025
commit 9b366c65d40320d30ffd0d0c7e9a728394520bee
21 changes: 14 additions & 7 deletions core/Controller/ClientFlowLoginController.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@
use OCP\Authentication\Exceptions\InvalidTokenException;
use OCP\Defaults;
use OCP\EventDispatcher\IEventDispatcher;
use OCP\IAppConfig;
use OCP\IL10N;
use OCP\IRequest;
use OCP\ISession;
Expand Down Expand Up @@ -55,6 +56,7 @@ public function __construct(
private ICrypto $crypto,
private IEventDispatcher $eventDispatcher,
private ITimeFactory $timeFactory,
private IAppConfig $appConfig,
) {
parent::__construct($appName, $request);
}
Expand Down Expand Up @@ -157,9 +159,11 @@ public function showAuthPickerPage(string $clientIdentifier = '', string $user =
#[NoCSRFRequired]
#[UseSession]
#[FrontpageRoute(verb: 'GET', url: '/login/flow/grant')]
public function grantPage(string $stateToken = '',
public function grantPage(
string $stateToken = '',
string $clientIdentifier = '',
int $direct = 0): StandaloneTemplateResponse {
int $direct = 0,
): Response {
if (!$this->isValidToken($stateToken)) {
return $this->stateTokenForbiddenResponse();
}
Expand All @@ -181,6 +185,10 @@ public function grantPage(string $stateToken = '',
/** @var IUser $user */
$user = $this->userSession->getUser();

if (in_array($clientName, $this->appConfig->getValueArray('oauth2', 'autoGrantApplications', []))) {
return $this->generateAppPassword($stateToken, $clientIdentifier);
}

$response = new StandaloneTemplateResponse(
$this->appName,
'loginflow/grant',
Expand All @@ -203,14 +211,13 @@ public function grantPage(string $stateToken = '',
return $response;
}

/**
* @return Http\RedirectResponse|Response
*/
#[NoAdminRequired]
#[UseSession]
#[FrontpageRoute(verb: 'POST', url: '/login/flow')]
public function generateAppPassword(string $stateToken,
string $clientIdentifier = '') {
public function generateAppPassword(
string $stateToken,
string $clientIdentifier = '',
): Response {
if (!$this->isValidToken($stateToken)) {
$this->session->remove(self::STATE_NAME);
return $this->stateTokenForbiddenResponse();
Expand Down