Portainer
/
portainer
mirror of https://github.com/portainer/portainer.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix(oauth): okta support

pull/3051/head
xAt0mZ 2019-07-26 18:17:44 +02:00
parent a6692ee526
commit b537a9ad0d
2 changed files with 31 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/portainer/services/localStorage.js
View File

@ -14,6 +14,12 @@ angular.module('portainer.app')
getEndpointPublicURL: function() {
return localStorageService.get('ENDPOINT_PUBLIC_URL');
},
storeLoginStateUUID: function(uuid) {
localStorageService.set('LOGIN_STATE_UUID', uuid);
},
getLoginStateUUID: function() {
return localStorageService.get('LOGIN_STATE_UUID');
},
storeOfflineMode: function(isOffline) {
localStorageService.set('ENDPOINT_OFFLINE_MODE', isOffline);
},

30
app/portainer/views/auth/authController.js
View File

@ -1,6 +1,8 @@
import uuidv4 from 'uuid/v4';
angular.module('portainer.app')
.controller('AuthenticationController', ['$async', '$q', '$scope', '$state', '$stateParams', '$sanitize', 'Authentication', 'UserService', 'EndpointService', 'ExtensionService', 'StateManager', 'Notifications', 'SettingsService', 'URLHelper',
function($async, $q, $scope, $state, $stateParams, $sanitize, Authentication, UserService, EndpointService, ExtensionService, StateManager, Notifications, SettingsService, URLHelper) {
.controller('AuthenticationController', ['$async', '$q', '$scope', '$state', '$stateParams', '$sanitize', 'Authentication', 'UserService', 'EndpointService', 'ExtensionService', 'StateManager', 'Notifications', 'SettingsService', 'URLHelper', 'LocalStorage',
function($async, $q, $scope, $state, $stateParams, $sanitize, Authentication, UserService, EndpointService, ExtensionService, StateManager, Notifications, SettingsService, URLHelper, LocalStorage) {
$scope.logo = StateManager.getState().application.logo;
$scope.formValues = {
@ -116,12 +118,29 @@ function($async, $q, $scope, $state, $stateParams, $sanitize, Authentication, Us
return 'OAuth';
}
function generateState() {
if ($scope.state.OAuthProvider !== 'OAuth') {
return '';
}
const uuid = uuidv4();
LocalStorage.storeLoginStateUUID(uuid);
return '&state=' + uuid;
}
function hasValidState(state) {
if ($scope.state.OAuthProvider !== 'OAuth') {
return true;
}
const savedUUID = LocalStorage.getLoginStateUUID();
return savedUUID === state;
}
function initView() {
SettingsService.publicSettings()
.then(function success(settings) {
$scope.AuthenticationMethod = settings.AuthenticationMethod;
$scope.OAuthLoginURI = settings.OAuthLoginURI;
$scope.state.OAuthProvider = determineOauthProvider(settings.OAuthLoginURI);
$scope.OAuthLoginURI = settings.OAuthLoginURI + generateState();
});
if ($stateParams.logout || $stateParams.error) {
@ -142,8 +161,9 @@ function($async, $q, $scope, $state, $stateParams, $sanitize, Authentication, Us
authenticatedFlow();
}
var code = URLHelper.getParameter('code');
if (code) {
const code = URLHelper.getParameter('code');
const state = URLHelper.getParameter('state');
if (code && hasValidState(state)) {
oAuthLogin(code);
} else {
$scope.state.isInOAuthProcess = false;