Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix/5476 #5479

Merged
merged 4 commits into from
Jun 24, 2020
Merged

Fix/5476 #5479

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
8fb1785
honor AUP during SAML authentication
julsemaan May 27, 2020
47c80a5
remove unhonored fields from SAML portal module
julsemaan May 27, 2020
0804ea3
remove unhonored fields from oauth sources
julsemaan May 27, 2020
6e0667a
adjustments to SAML templates
julsemaan Jun 16, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 20 additions & 3 deletions ...captive-portal/lib/captiveportal/PacketFence/DynamicRouting/Module/Authentication/SAML.pm
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@ use pf::auth_log;
use pf::config::util;
use pf::constants::realm;

has 'landing_template' => ('is' => 'rw', default => sub {'saml.html'});

has '+source' => (isa => 'pf::Authentication::Source::SAMLSource');

has '+route_map' => (default => sub {
Expand Down Expand Up @@ -50,7 +52,16 @@ SAML index

sub index {
my ($self) = @_;
$self->render("saml.html", {source => $self->source, title => "SAML authentication"});
if($self->with_aup) {
$self->render($self->landing_template, {
title => "SAML authentication",
source => $self->source,
form => $self->form,
});
}
else {
$self->redirect();
}
}

=head2 redirect
Expand All @@ -61,8 +72,14 @@ Redirect the user to the SAML IDP

sub redirect {
my ($self) = @_;
pf::auth_log::record_oauth_attempt($self->source->id, $self->current_mac, $self->app->profile->name);
$self->app->redirect($self->source->sso_url);
if(!$self->with_aup || $self->request_fields->{aup}){
pf::auth_log::record_oauth_attempt($self->source->id, $self->current_mac, $self->app->profile->name);
$self->app->redirect($self->source->sso_url);
}
else {
$self->app->flash->{error} = "You must accept the terms and conditions";
$self->landing();
}
}

=head2 assertion
Expand Down
19 changes: 13 additions & 6 deletions html/captive-portal/templates/saml.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,14 @@
<div class="c-card o-layout o-layout--center u-padding">
<div class="o-layout__item u-1/1 u-2/3@tablet u-3/5@desktop">
<a href="/saml/redirect" class="c-btn c-btn--primary u-1/1">
[% i18n_format("Click here to login on %s", source.description) %]
</a>
<!-- [% source.type %] -->
<form action="/saml/redirect" method="GET">

<div class="c-card u-padding u-padding-top-none">
[% form.get_field('aup').render | none %]
</div>
</div>

<script src="/common/aup-autosubmit.js"></script>

<button id="button" type="submit" name="submit" class="c-btn c-btn--primary u-1/1 c-card--hidden">
[% i18n('Login') %]
</button>
Comment on lines +10 to +12
Copy link
Contributor

@nqb nqb Jun 23, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unless I'm missing something, there is no need for this code here.

This code add an invisible button below "I accept the terms", you can click on it and you got "You must accept the terms and conditions"

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That "I accept the terms" needs a target to submit the form

You can try to remove it and we'll see if it still works but AFAIK this is needed

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You're right.


</form>
19 changes: 19 additions & 0 deletions html/pfappserver/lib/pfappserver/Form/Config/PortalModule/Authentication/SAML.pm
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,25 @@ extends 'pfappserver::Form::Config::PortalModule::Authentication';
use captiveportal::DynamicRouting::Module::Authentication::SAML;
sub for_module {'captiveportal::PacketFence::DynamicRouting::Module::Authentication::SAML'}

has_field 'landing_template' =>
(
type => 'Text',
label => 'Landing template',
required => 1,
tags => { after_element => \&help,
help => 'The template to use prior to the redirection to the SAML provider' },
);

sub child_definition {
my ($self) = @_;
return ($self->source_fields, qw(with_aup landing_template));
}

sub BUILD {
my ($self) = @_;
$self->field('landing_template')->default($self->for_module->meta->find_attribute_by_name('landing_template')->default->());
}

## Definition

=over
Expand Down
20 changes: 3 additions & 17 deletions html/pfappserver/root/static.alt/src/views/Configuration/_config/portalModule.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -296,7 +296,7 @@ export const viewFields = {
},
landing_template: (form, meta = {}) => {
return {
label: i18n.t('Landgin template'),
label: i18n.t('Landing template'),
text: i18n.t('The template to use for the signup'),
cols: [
{
Expand Down Expand Up @@ -789,13 +789,9 @@ export const view = (form = {}, meta = {}) => {
rows: [
viewFields.id(form, meta),
viewFields.description(form, meta),
viewFields.pid_field(form, meta),
viewFields.source_id(form, meta),
viewFields.custom_fields(form, meta),
viewFields.fields_to_save(form, meta),
viewFields.with_aup(form, meta),
viewFields.aup_template(form, meta),
viewFields.signup_template(form, meta),
viewFields.landing_template(form, meta),
viewFields.actions(form, meta)
]
Expand Down Expand Up @@ -828,13 +824,10 @@ export const view = (form = {}, meta = {}) => {
rows: [
viewFields.id(form, meta),
viewFields.description(form, meta),
viewFields.pid_field(form, meta),
viewFields.source_id(form, meta),
viewFields.custom_fields(form, meta),
viewFields.fields_to_save(form, meta),
viewFields.with_aup(form, meta),
viewFields.aup_template(form, meta),
viewFields.signup_template(form, meta),
viewFields.landing_template(form, meta),
viewFields.actions(form, meta)
]
}
Expand Down Expand Up @@ -1231,13 +1224,9 @@ export const validators = (form = {}, meta = {}) => {
return {
...validatorFields.id(form, meta),
...validatorFields.description(form, meta),
...validatorFields.pid_field(form, meta),
...validatorFields.source_id(form, meta),
...validatorFields.custom_fields(form, meta),
...validatorFields.fields_to_save(form, meta),
...validatorFields.with_aup(form, meta),
...validatorFields.aup_template(form, meta),
...validatorFields.signup_template(form, meta),
...validatorFields.landing_template(form, meta),
...validatorFields.actions(form, meta)
}
Expand All @@ -1260,13 +1249,10 @@ export const validators = (form = {}, meta = {}) => {
return {
...validatorFields.id(form, meta),
...validatorFields.description(form, meta),
...validatorFields.pid_field(form, meta),
...validatorFields.source_id(form, meta),
...validatorFields.custom_fields(form, meta),
...validatorFields.fields_to_save(form, meta),
...validatorFields.with_aup(form, meta),
...validatorFields.aup_template(form, meta),
...validatorFields.signup_template(form, meta),
...validatorFields.landing_template(form, meta),
...validatorFields.actions(form, meta)
}
case 'Authentication::SMS':
Expand Down