sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix: Add direct parameter to flow auth v2 

Signed-off-by: Julius Härtl <jus@bitgrid.net>
pull/46534/head
Julius Härtl 2024-07-15 15:49:32 +07:00
parent 8511b89579
commit 1aa29441e3
3 changed files with 10 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
core/Controller/ClientFlowLoginV2Controller.php
Unescape Escape View File

@ -84,7 +84,7 @@ class ClientFlowLoginV2Controller extends Controller {
#[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)] #[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)]
#[UseSession] #[UseSession]
#[FrontpageRoute(verb: 'GET', url: '/login/v2/flow/{token}')] #[FrontpageRoute(verb: 'GET', url: '/login/v2/flow/{token}')]
public function landing(string $token, $user = ''): Response { public function landing(string $token, $user = '', int $direct = 0): Response {
if (!$this->loginFlowV2Service->startLoginFlow($token)) { if (!$this->loginFlowV2Service->startLoginFlow($token)) {
return $this->loginTokenForbiddenResponse(); return $this->loginTokenForbiddenResponse();
} }
@ -92,7 +92,7 @@ class ClientFlowLoginV2Controller extends Controller {
$this->session->set(self::TOKEN_NAME, $token); $this->session->set(self::TOKEN_NAME, $token);
return new RedirectResponse( return new RedirectResponse(
$this->urlGenerator->linkToRouteAbsolute('core.ClientFlowLoginV2.showAuthPickerPage', ['user' => $user]) $this->urlGenerator->linkToRouteAbsolute('core.ClientFlowLoginV2.showAuthPickerPage', ['user' => $user, 'direct' => $direct])
); );
} }
@ -101,7 +101,7 @@ class ClientFlowLoginV2Controller extends Controller {
#[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)] #[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)]
#[UseSession] #[UseSession]
#[FrontpageRoute(verb: 'GET', url: '/login/v2/flow')] #[FrontpageRoute(verb: 'GET', url: '/login/v2/flow')]
public function showAuthPickerPage($user = ''): StandaloneTemplateResponse { public function showAuthPickerPage(string $user = '', int $direct = 0): StandaloneTemplateResponse {
try { try {
$flow = $this->getFlowByLoginToken(); $flow = $this->getFlowByLoginToken();
} catch (LoginFlowV2NotFoundException $e) { } catch (LoginFlowV2NotFoundException $e) {
@ -123,6 +123,7 @@ class ClientFlowLoginV2Controller extends Controller {
'urlGenerator' => $this->urlGenerator, 'urlGenerator' => $this->urlGenerator,
'stateToken' => $stateToken, 'stateToken' => $stateToken,
'user' => $user, 'user' => $user,
'direct' => $direct,
], ],
'guest' 'guest'
); );
@ -136,7 +137,7 @@ class ClientFlowLoginV2Controller extends Controller {
#[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)] #[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)]
#[UseSession] #[UseSession]
#[FrontpageRoute(verb: 'GET', url: '/login/v2/grant')] #[FrontpageRoute(verb: 'GET', url: '/login/v2/grant')]
public function grantPage(?string $stateToken): StandaloneTemplateResponse { public function grantPage(?string $stateToken, int $direct = 0): StandaloneTemplateResponse {
if ($stateToken === null) { if ($stateToken === null) {
return $this->stateTokenMissingResponse(); return $this->stateTokenMissingResponse();
} }
@ -163,6 +164,7 @@ class ClientFlowLoginV2Controller extends Controller {
'instanceName' => $this->defaults->getName(), 'instanceName' => $this->defaults->getName(),
'urlGenerator' => $this->urlGenerator, 'urlGenerator' => $this->urlGenerator,
'stateToken' => $stateToken, 'stateToken' => $stateToken,
'direct' => $direct,
], ],
'guest' 'guest'
); );

2
core/templates/loginflowv2/authpicker.php
Unescape Escape View File

@ -31,7 +31,7 @@ $urlGenerator = $_['urlGenerator'];
<br/> <br/>
<p id="redirect-link"> <p id="redirect-link">
<form id="login-form" action="<?php p($urlGenerator->linkToRouteAbsolute('core.ClientFlowLoginV2.grantPage', ['stateToken' => $_['stateToken'], 'user' => $_['user']])) ?>" method="get"> <form id="login-form" action="<?php p($urlGenerator->linkToRouteAbsolute('core.ClientFlowLoginV2.grantPage', ['stateToken' => $_['stateToken'], 'user' => $_['user'], 'direct' => $_['direct'] ?? 0])) ?>" method="get">
<input type="submit" class="login primary icon-confirm-white" value="<?php p($l->t('Log in')) ?>" disabled> <input type="submit" class="login primary icon-confirm-white" value="<?php p($l->t('Log in')) ?>" disabled>
</form> </form>
</p> </p>

3
core/templates/loginflowv2/grant.php
Unescape Escape View File

@ -33,6 +33,9 @@ $urlGenerator = $_['urlGenerator'];
<form method="POST" action="<?php p($urlGenerator->linkToRouteAbsolute('core.ClientFlowLoginV2.generateAppPassword')) ?>"> <form method="POST" action="<?php p($urlGenerator->linkToRouteAbsolute('core.ClientFlowLoginV2.generateAppPassword')) ?>">
<input type="hidden" name="requesttoken" value="<?php p($_['requesttoken']) ?>" /> <input type="hidden" name="requesttoken" value="<?php p($_['requesttoken']) ?>" />
<input type="hidden" name="stateToken" value="<?php p($_['stateToken']) ?>" /> <input type="hidden" name="stateToken" value="<?php p($_['stateToken']) ?>" />
<?php if ($_['direct']) { ?>
<input type="hidden" name="direct" value="1" />
<?php } ?>
<div id="submit-wrapper"> <div id="submit-wrapper">
<input type="submit" class="login primary icon-confirm-white" title="" value="<?php p($l->t('Grant access')); ?>" /> <input type="submit" class="login primary icon-confirm-white" title="" value="<?php p($l->t('Grant access')); ?>" />
</div> </div>