PHRAS-2995_phr-as-auth-idp-BIS (#4180)

* WIP ; allow multiple instances of some auth clients (migrate conf) ; add ps-oauth ; remove google+ * WIP ; fix ps-oauth ; fix tests * WIP ; add api-auth to extra_hosts * WIP ; fix yaml syntax error * WIP ; fix yaml syntax error ; better conf sample * WIP ; add "everyone-group" * WIP ; add the provider-id in session * WIP ; add getOptions() to providers (so phr/expose can filter providers) * WIP ; add auto-logout option so logout from phr also logouts from ps-auth * connect to expose using IDP from connected user * WIP ; auto-logout redirects to phr home * unnecessary session var * unused * fix * catch some error * fix navigation in train thumbnail * update file version * pass params in session to have constant redirect_uri ; add debug * invalidate session --> parade test ok * cleanup
alchemy-fr · Dec 1, 2022 · 7e74354 · 7e74354
1 parent 2579ee5
commit 7e74354
Show file tree

Hide file tree

Showing 43 changed files with 1,903 additions and 1,141 deletions.
diff --git a/Phraseanet-production-client/dist/production.js b/Phraseanet-production-client/dist/production.js
@@ -11142,6 +11142,10 @@ var workzone = function workzone(services) {
                     (0, _jquery2.default)('.expose_field_mapping').addClass('hidden');
                     (0, _jquery2.default)('.add_expose_block').addClass('hidden');
                 }
+
+                if ('error' in data) {
+                    (0, _jquery2.default)('.publication-list').empty().html(data.error);
+                }
             }
         });
     }

diff --git a/Phraseanet-production-client/dist/production.min.js b/Phraseanet-production-client/dist/production.min.js
@@ -11142,6 +11142,10 @@ var workzone = function workzone(services) {
                     (0, _jquery2.default)('.expose_field_mapping').addClass('hidden');
                     (0, _jquery2.default)('.add_expose_block').addClass('hidden');
                 }
+
+                if ('error' in data) {
+                    (0, _jquery2.default)('.publication-list').empty().html(data.error);
+                }
             }
         });
     }

diff --git a/Phraseanet-production-client/src/components/ui/workzone/index.js b/Phraseanet-production-client/src/components/ui/workzone/index.js
@@ -1098,6 +1098,10 @@ const workzone = (services) => {
                     $('.expose_field_mapping').addClass('hidden');
                     $('.add_expose_block').addClass('hidden');
                 }
+
+                if ('error' in data) {
+                    $('.publication-list').empty().html(data.error);
+                }
             }
         });
     }

diff --git a/composer.json b/composer.json
@@ -109,7 +109,6 @@
     "php-xpdf/php-xpdf": "~0.2.1",
     "exiftool/exiftool": "^11",
     "ramsey/uuid": "^3.0",
-    "roave/security-advisories": "dev-master",
     "silex/silex": "^1.3.0",
     "silex/web-profiler": "~1.0",
     "simple-bus/doctrine-orm-bridge": "^4.0",

diff --git a/composer.lock b/composer.lock
diff --git a/config/configuration.sample.yml b/config/configuration.sample.yml
@@ -167,35 +167,63 @@ authentication:
     providers:
         facebook:
             enabled: false
+            display: false
+            title: Facebook
+            type: facebook
             options:
                 app-id: ''
                 secret: ''
                 default-graph-version: 'v2.10'
         twitter:
             enabled: false
+            display: false
+            title: Twitter
+            type: twitter
             options:
                 consumer-key: ''
                 consumer-secret: ''
-        google-plus:
+        github:
             enabled: false
+            display: false
+            title: Github
+            type: github
             options:
                 client-id: ''
                 client-secret: ''
-        github:
+        viadeo:
             enabled: false
+            display: false
+            title: Viadeo
+            type: viadeo
             options:
                 client-id: ''
                 client-secret: ''
-        viadeo:
+        linkedin:
             enabled: false
+            display: false
+            title: LinkedIN
+            type: linkedin
             options:
                 client-id: ''
                 client-secret: ''
-        linkedin:
+        ps_auth_1:
             enabled: false
+            display: false
+            title: 'PS Auth 1'
+            type: 'ps-auth'
             options:
                 client-id: ''
                 client-secret: ''
+                base-url: 'https://api-auth.phrasea.local'
+                provider-type: 'oauth'
+                provider-name: 'v2'
+                icon-uri: null
+                birth-group: '_firstlog'
+                everyone-group: '_everyone'
+                metamodel: '_metamodel'
+                model-gpfx: '_M_'
+                model-upfx: '_U_'
+                auto-logout: false
 registration-fields:
     -
         name: company

diff --git a/docker-compose.under-phrasea.yml b/docker-compose.under-phrasea.yml
@@ -18,15 +18,19 @@ services:
 
   phraseanet:
     extra_hosts:
+      - api-auth.${PHRASEA_DOMAIN}:${PHRASEA_GATEWAY_IP}
       - api-databox.${PHRASEA_DOMAIN}:${PHRASEA_GATEWAY_IP}
+      - api-expose.${PHRASEA_DOMAIN}:${PHRASEA_GATEWAY_IP}
       - api-uploader.${PHRASEA_DOMAIN}:${PHRASEA_GATEWAY_IP}
       - databox-indexer.${PHRASEA_DOMAIN}:${PHRASEA_GATEWAY_IP}
       - minio.${PHRASEA_DOMAIN}:${PHRASEA_GATEWAY_IP}
       - phraseanet.${PHRASEA_DOMAIN}:${PHRASEA_GATEWAY_IP}
 
   worker:
     extra_hosts:
+      - api-auth.${PHRASEA_DOMAIN}:${PHRASEA_GATEWAY_IP}
       - api-databox.${PHRASEA_DOMAIN}:${PHRASEA_GATEWAY_IP}
+      - api-expose.${PHRASEA_DOMAIN}:${PHRASEA_GATEWAY_IP}
       - api-uploader.${PHRASEA_DOMAIN}:${PHRASEA_GATEWAY_IP}
       - databox-indexer.${PHRASEA_DOMAIN}:${PHRASEA_GATEWAY_IP}
       - minio.${PHRASEA_DOMAIN}:${PHRASEA_GATEWAY_IP}