mirror of
https://github.com/MisskeyIO/misskey
synced 2024-11-23 14:46:40 +09:00
enhance(SSO): ユーザーに対話型プロンプトが表示されないように設定できるように (MisskeyIO#759)
This commit is contained in:
parent
a73a09a999
commit
8f66f9ca59
@ -64,11 +64,12 @@ export class JWTIdentifyProviderService {
|
||||
|
||||
fastify.all<{
|
||||
Params: { serviceId: string };
|
||||
Querystring?: { serviceurl?: string, return_to?: string };
|
||||
Body?: { serviceurl?: string, return_to?: string };
|
||||
Querystring?: { serviceurl?: string, return_to?: string, prompt?: string };
|
||||
Body?: { serviceurl?: string, return_to?: string, prompt?: string };
|
||||
}>('/:serviceId', async (request, reply) => {
|
||||
const serviceId = request.params.serviceId;
|
||||
const returnTo = request.query?.return_to ?? request.query?.serviceurl ?? request.body?.return_to ?? request.body?.serviceurl;
|
||||
const prompt = request.query?.prompt ?? request.body?.prompt ?? 'consent';
|
||||
|
||||
const ssoServiceProvider = await this.singleSignOnServiceProviderRepository.findOneBy({ id: serviceId, type: 'jwt' });
|
||||
if (!ssoServiceProvider) {
|
||||
@ -101,6 +102,7 @@ export class JWTIdentifyProviderService {
|
||||
transactionId: transactionId,
|
||||
serviceName: ssoServiceProvider.name ?? ssoServiceProvider.issuer,
|
||||
kind: 'jwt',
|
||||
prompt: prompt,
|
||||
});
|
||||
});
|
||||
|
||||
|
@ -201,13 +201,14 @@ export class SAMLIdentifyProviderService {
|
||||
|
||||
fastify.all<{
|
||||
Params: { serviceId: string };
|
||||
Querystring?: { SAMLRequest?: string; RelayState?: string };
|
||||
Body?: { SAMLRequest?: string; RelayState?: string };
|
||||
Querystring?: { SAMLRequest?: string; RelayState?: string, prompt?: string };
|
||||
Body?: { SAMLRequest?: string; RelayState?: string, prompt?: string };
|
||||
}>('/:serviceId', async (request, reply) => {
|
||||
const serviceId = request.params.serviceId;
|
||||
const binding = request.query?.SAMLRequest ? 'redirect' : 'post';
|
||||
const samlRequest = request.query?.SAMLRequest ?? request.body?.SAMLRequest;
|
||||
const relayState = request.query?.RelayState ?? request.body?.RelayState;
|
||||
const prompt = request.query?.prompt ?? request.body?.prompt ?? 'consent';
|
||||
|
||||
const ssoServiceProvider = await this.singleSignOnServiceProviderRepository.findOneBy({ id: serviceId, type: 'saml', privateKey: Not(IsNull()) });
|
||||
if (!ssoServiceProvider) {
|
||||
@ -268,6 +269,7 @@ export class SAMLIdentifyProviderService {
|
||||
transactionId: transactionId,
|
||||
serviceName: ssoServiceProvider.name ?? ssoServiceProvider.issuer,
|
||||
kind: 'saml',
|
||||
prompt: prompt,
|
||||
});
|
||||
} catch (err) {
|
||||
this.#logger.error('Failed to parse SAML request', { error: err });
|
||||
|
@ -4,3 +4,4 @@ block meta
|
||||
meta(name='misskey:sso:transaction-id' content=transactionId)
|
||||
meta(name='misskey:sso:service-name' content=serviceName)
|
||||
meta(name='misskey:sso:kind' content=kind)
|
||||
meta(name='misskey:sso:prompt' content=prompt)
|
||||
|
@ -33,7 +33,7 @@ SPDX-License-Identifier: AGPL-3.0-only
|
||||
</template>
|
||||
|
||||
<script lang="ts" setup>
|
||||
import { ref, nextTick } from 'vue';
|
||||
import { ref, nextTick, onMounted } from 'vue';
|
||||
import MkSignin from '@/components/MkSignin.vue';
|
||||
import MkButton from '@/components/MkButton.vue';
|
||||
import { $i, login } from '@/account.js';
|
||||
@ -47,6 +47,7 @@ if (transactionIdMeta) {
|
||||
}
|
||||
const name = document.querySelector<HTMLMetaElement>('meta[name="misskey:sso:service-name"]')?.content;
|
||||
const kind = document.querySelector<HTMLMetaElement>('meta[name="misskey:sso:kind"]')?.content;
|
||||
const prompt = document.querySelector<HTMLMetaElement>('meta[name="misskey:sso:prompt"]')?.content;
|
||||
|
||||
const loading = ref(false);
|
||||
const postBindingForm = ref<HTMLFormElement | null>(null);
|
||||
@ -90,6 +91,12 @@ async function authorize(): Promise<void> {
|
||||
}
|
||||
}
|
||||
|
||||
onMounted(() => {
|
||||
if ($i && prompt === 'none') {
|
||||
onAccept();
|
||||
}
|
||||
});
|
||||
|
||||
definePageMetadata(() => ({
|
||||
title: 'Single Sign-On',
|
||||
icon: 'ti ti-apps',
|
||||
|
Loading…
Reference in New Issue
Block a user