You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
So currently the Lock will look at the email suffix (eg: jon@fabrikamcorp.com) and match this to the email domains configured for the different enterprise connections in a subscription.
Now it would make sense to extend this support to also handle domains (in the format of DOMAINNAME\USERNAME).
We now did this by injecting custom logic on events:
varconnection='@@connection@@';varprompt= @@prompt@@;varcurrentUsername=null;varinitializationOptions={assetsUrl: '@@assetsUrl@@',cdn: '@@cdn@@'};varlock=newAuth0Lock('@@clientID@@','@@auth0Domain@@',initializationOptions);/* * This will match fabrikam-adfs\jon to a connection that matches: * - name == 'fabrikam-adfs' * - first domain == 'fabrikam-adfs' */functionfindConnectionForDomain(username){if(!username)returnnull;vardomain=username.split('\\');if(domain.length!==2)returnnull;varconnections=$.map(lock.options.$client.strategies,function(n){$.each(n.connections,function(i,conn){conn.strategy=n;});returnn.connections;});if(connections.length===1)return;varresults=$.grep(connections,function(conn){return(conn.name&&conn.name.toLowerCase()===domain[0].toLowerCase())||(conn.domain&&conn.domain.toLowerCase()===domain[0].toLowerCase());});if(results&&results.length>0)returnresults[0];returnnull;}/* * If we switch over to an AD connection, make sure the current username is preserved. */lock.on('signin ready',function(){if(currentUsername){$(lock.$container).find('input[name=email]').val(currentUsername);}});/* * When the lock starts, add our custom logic to handle domain names in addition to email suffixes. */lock.once('signin ready',function(options){varoldText=null;varcurrentConnection=null;varnextButton=$(lock.$container).find('.a0-action > button.a0-next');nextButton.click(function(e){if(currentConnection){if(currentConnection.strategy&¤tConnection.strategy.name==="ad"){connection=currentConnection.name;currentUsername=$(lock.$container).find('input[name=email]').val();lock.show({// icon: '{YOUR_LOGO_URL}',callbackURL: '@@callbackURL@@',responseType: @@callbackOnLocationHash@@ ? 'token' : 'code',dict: @@dict@@,connections: connection ? [connection] : null,rememberLastLogin: !prompt,container: 'widget-container',authParams: JSON.parse('{'+'@@internalOptions@@'+'}')});}else{lock.$auth0.login({connection: currentConnection.name});}e.preventDefault();}});// Try to match a domain every time the users leaves the username field.varemailField=$(lock.$container).find('input[name=email]').change(function(){varusername=$(this).val();varconn=findConnectionForDomain(username);if(conn){varmailField=$(lock.$container).find('.a0-email input');varpwdField=$(lock.$container).find('.a0-password input').first();$(lock.$container).find('.a0-sso-notice-container').removeClass('a0-hide');$(lock.$container).find('.a0-password').addClass('a0-hide');oldText=nextButton.text();varmsg=lock.options.i18n.t('signin:actionDomain');msg=msg.replace('{domain}',conn.name);nextButton.text(msg);nextButton.attr('title',msg);currentConnection=conn;returnpwdField.attr('disabled',true);}else{if(oldText){nextButton.text(oldText);nextButton.attr('title',oldText);oldText=null;}}});});lock.show({// icon: '{YOUR_LOGO_URL}',callbackURL: '@@callbackURL@@',responseType: @@callbackOnLocationHash@@ ? 'token' : 'code',dict: @@dict@@,connections: connection ? [connection] : null,rememberLastLogin: !prompt,container: 'widget-container',authParams: JSON.parse('{'+'@@internalOptions@@'+'}')// Please don't remove});
The text was updated successfully, but these errors were encountered:
billbonney
pushed a commit
to billbonney/lock
that referenced
this issue
Jun 4, 2016
So currently the Lock will look at the email suffix (eg: jon@fabrikamcorp.com) and match this to the email domains configured for the different enterprise connections in a subscription.
Now it would make sense to extend this support to also handle domains (in the format of DOMAINNAME\USERNAME).
We now did this by injecting custom logic on events:
The text was updated successfully, but these errors were encountered: