oscar-surf/misskey
oscar-surf/misskey
0
0
Fork 0
Code Issues Pull Requests Packages Releases 2 Activity

enhance(SSO): ユーザーに対話型プロンプトが表示されないように設定できるように (MisskeyIO#759)

Browse Source
This commit is contained in:
あわわわとーにゅ 2024-10-20 07:33:27 +09:00 committed by GitHub
parent a73a09a999
commit 8f66f9ca59
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 17 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
packages/backend/src/server/sso/JWTIdentifyProviderService.ts
View File

@ -64,11 +64,12 @@ export class JWTIdentifyProviderService {
fastify.all<{ fastify.all<{
Params: { serviceId: string }; Params: { serviceId: string };
Querystring?: { serviceurl?: string, return_to?: string }; Querystring?: { serviceurl?: string, return_to?: string, prompt?: string };
Body?: { serviceurl?: string, return_to?: string }; Body?: { serviceurl?: string, return_to?: string, prompt?: string };
}>('/:serviceId', async (request, reply) => { }>('/:serviceId', async (request, reply) => {
const serviceId = request.params.serviceId; const serviceId = request.params.serviceId;
const returnTo = request.query?.return_to ?? request.query?.serviceurl ?? request.body?.return_to ?? request.body?.serviceurl; const returnTo = request.query?.return_to ?? request.query?.serviceurl ?? request.body?.return_to ?? request.body?.serviceurl;
const prompt = request.query?.prompt ?? request.body?.prompt ?? 'consent';
const ssoServiceProvider = await this.singleSignOnServiceProviderRepository.findOneBy({ id: serviceId, type: 'jwt' }); const ssoServiceProvider = await this.singleSignOnServiceProviderRepository.findOneBy({ id: serviceId, type: 'jwt' });
if (!ssoServiceProvider) { if (!ssoServiceProvider) {
@ -101,6 +102,7 @@ export class JWTIdentifyProviderService {
transactionId: transactionId, transactionId: transactionId,
serviceName: ssoServiceProvider.name ?? ssoServiceProvider.issuer, serviceName: ssoServiceProvider.name ?? ssoServiceProvider.issuer,
kind: 'jwt', kind: 'jwt',
prompt: prompt,
}); });
}); });

6
packages/backend/src/server/sso/SAMLIdentifyProviderService.ts
View File

@ -201,13 +201,14 @@ export class SAMLIdentifyProviderService {
fastify.all<{ fastify.all<{
Params: { serviceId: string }; Params: { serviceId: string };
Querystring?: { SAMLRequest?: string; RelayState?: string }; Querystring?: { SAMLRequest?: string; RelayState?: string, prompt?: string };
Body?: { SAMLRequest?: string; RelayState?: string }; Body?: { SAMLRequest?: string; RelayState?: string, prompt?: string };
}>('/:serviceId', async (request, reply) => { }>('/:serviceId', async (request, reply) => {
const serviceId = request.params.serviceId; const serviceId = request.params.serviceId;
const binding = request.query?.SAMLRequest ? 'redirect' : 'post'; const binding = request.query?.SAMLRequest ? 'redirect' : 'post';
const samlRequest = request.query?.SAMLRequest ?? request.body?.SAMLRequest; const samlRequest = request.query?.SAMLRequest ?? request.body?.SAMLRequest;
const relayState = request.query?.RelayState ?? request.body?.RelayState; const relayState = request.query?.RelayState ?? request.body?.RelayState;
const prompt = request.query?.prompt ?? request.body?.prompt ?? 'consent';
const ssoServiceProvider = await this.singleSignOnServiceProviderRepository.findOneBy({ id: serviceId, type: 'saml', privateKey: Not(IsNull()) }); const ssoServiceProvider = await this.singleSignOnServiceProviderRepository.findOneBy({ id: serviceId, type: 'saml', privateKey: Not(IsNull()) });
if (!ssoServiceProvider) { if (!ssoServiceProvider) {
@ -268,6 +269,7 @@ export class SAMLIdentifyProviderService {
transactionId: transactionId, transactionId: transactionId,
serviceName: ssoServiceProvider.name ?? ssoServiceProvider.issuer, serviceName: ssoServiceProvider.name ?? ssoServiceProvider.issuer,
kind: 'saml', kind: 'saml',
prompt: prompt,
}); });
} catch (err) { } catch (err) {
this.#logger.error('Failed to parse SAML request', { error: err }); this.#logger.error('Failed to parse SAML request', { error: err });

1
packages/backend/src/server/web/views/sso.pug
View File

@ -4,3 +4,4 @@ block meta
meta(name='misskey:sso:transaction-id' content=transactionId) meta(name='misskey:sso:transaction-id' content=transactionId)
meta(name='misskey:sso:service-name' content=serviceName) meta(name='misskey:sso:service-name' content=serviceName)
meta(name='misskey:sso:kind' content=kind) meta(name='misskey:sso:kind' content=kind)
meta(name='misskey:sso:prompt' content=prompt)

9
packages/frontend/src/pages/sso.vue
View File

@ -33,7 +33,7 @@ SPDX-License-Identifier: AGPL-3.0-only
</template> </template>
<script lang="ts" setup> <script lang="ts" setup>
import { ref, nextTick } from 'vue'; import { ref, nextTick, onMounted } from 'vue';
import MkSignin from '@/components/MkSignin.vue'; import MkSignin from '@/components/MkSignin.vue';
import MkButton from '@/components/MkButton.vue'; import MkButton from '@/components/MkButton.vue';
import { $i, login } from '@/account.js'; import { $i, login } from '@/account.js';
@ -47,6 +47,7 @@ if (transactionIdMeta) {
} }
const name = document.querySelector<HTMLMetaElement>('meta[name="misskey:sso:service-name"]')?.content; const name = document.querySelector<HTMLMetaElement>('meta[name="misskey:sso:service-name"]')?.content;
const kind = document.querySelector<HTMLMetaElement>('meta[name="misskey:sso:kind"]')?.content; const kind = document.querySelector<HTMLMetaElement>('meta[name="misskey:sso:kind"]')?.content;
const prompt = document.querySelector<HTMLMetaElement>('meta[name="misskey:sso:prompt"]')?.content;
const loading = ref(false); const loading = ref(false);
const postBindingForm = ref<HTMLFormElement | null>(null); const postBindingForm = ref<HTMLFormElement | null>(null);
@ -90,6 +91,12 @@ async function authorize(): Promise<void> {
} }
} }
onMounted(() => {
if ($i && prompt === 'none') {
onAccept();
}
});
definePageMetadata(() => ({ definePageMetadata(() => ({
title: 'Single Sign-On', title: 'Single Sign-On',
icon: 'ti ti-apps', icon: 'ti ti-apps',