mirror of
https://github.com/nextcloud/server.git
synced 2026-04-22 14:50:17 -04:00
feat(oauth2): Skip page before login as well for authorized applications
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
This commit is contained in:
Côme Chilliet
Côme Chilliet
parent
9b366c65d4
commit
e7be008dc1
2 changed files with 28 additions and 7 deletions
|
|
@ -8,6 +8,7 @@ declare(strict_types=1);
|
|||
*/
|
||||
namespace OCA\OAuth2\Controller;
|
||||
|
||||
use OC\Core\Controller\ClientFlowLoginController;
|
||||
use OCA\OAuth2\Db\ClientMapper;
|
||||
use OCA\OAuth2\Exceptions\ClientNotFoundException;
|
||||
use OCP\AppFramework\Controller;
|
||||
|
|
@ -18,10 +19,12 @@ use OCP\AppFramework\Http\Attribute\PublicPage;
|
|||
use OCP\AppFramework\Http\Attribute\UseSession;
|
||||
use OCP\AppFramework\Http\RedirectResponse;
|
||||
use OCP\AppFramework\Http\TemplateResponse;
|
||||
use OCP\IAppConfig;
|
||||
use OCP\IL10N;
|
||||
use OCP\IRequest;
|
||||
use OCP\ISession;
|
||||
use OCP\IURLGenerator;
|
||||
use OCP\Security\ISecureRandom;
|
||||
|
||||
#[OpenAPI(scope: OpenAPI::SCOPE_DEFAULT)]
|
||||
class LoginRedirectorController extends Controller {
|
||||
|
|
@ -40,6 +43,8 @@ class LoginRedirectorController extends Controller {
|
|||
private ClientMapper $clientMapper,
|
||||
private ISession $session,
|
||||
private IL10N $l,
|
||||
private ISecureRandom $random,
|
||||
private IAppConfig $appConfig,
|
||||
) {
|
||||
parent::__construct($appName, $request);
|
||||
}
|
||||
|
|
@ -78,12 +83,28 @@ class LoginRedirectorController extends Controller {
|
|||
|
||||
$this->session->set('oauth.state', $state);
|
||||
|
||||
$targetUrl = $this->urlGenerator->linkToRouteAbsolute(
|
||||
'core.ClientFlowLogin.showAuthPickerPage',
|
||||
[
|
||||
'clientIdentifier' => $client->getClientIdentifier(),
|
||||
]
|
||||
);
|
||||
if (in_array($client->getName(), $this->appConfig->getValueArray('oauth2', 'autoGrantApplications', []))) {
|
||||
/* See ClientFlowLoginController::showAuthPickerPage */
|
||||
$stateToken = $this->random->generate(
|
||||
64,
|
||||
ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS
|
||||
);
|
||||
$this->session->set(ClientFlowLoginController::STATE_NAME, $stateToken);
|
||||
$targetUrl = $this->urlGenerator->linkToRouteAbsolute(
|
||||
'core.ClientFlowLogin.grantPage',
|
||||
[
|
||||
'stateToken' => $stateToken,
|
||||
'clientIdentifier' => $client->getClientIdentifier(),
|
||||
]
|
||||
);
|
||||
} else {
|
||||
$targetUrl = $this->urlGenerator->linkToRouteAbsolute(
|
||||
'core.ClientFlowLogin.showAuthPickerPage',
|
||||
[
|
||||
'clientIdentifier' => $client->getClientIdentifier(),
|
||||
]
|
||||
);
|
||||
}
|
||||
return new RedirectResponse($targetUrl);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -8,7 +8,6 @@ namespace OC\Core\Controller;
|
|||
use OC\Authentication\Events\AppPasswordCreatedEvent;
|
||||
use OC\Authentication\Exceptions\PasswordlessTokenException;
|
||||
use OC\Authentication\Token\IProvider;
|
||||
use OC\Authentication\Token\IToken;
|
||||
use OCA\OAuth2\Db\AccessToken;
|
||||
use OCA\OAuth2\Db\AccessTokenMapper;
|
||||
use OCA\OAuth2\Db\ClientMapper;
|
||||
|
|
@ -24,6 +23,7 @@ use OCP\AppFramework\Http\Response;
|
|||
use OCP\AppFramework\Http\StandaloneTemplateResponse;
|
||||
use OCP\AppFramework\Utility\ITimeFactory;
|
||||
use OCP\Authentication\Exceptions\InvalidTokenException;
|
||||
use OCP\Authentication\Token\IToken;
|
||||
use OCP\Defaults;
|
||||
use OCP\EventDispatcher\IEventDispatcher;
|
||||
use OCP\IAppConfig;
|
||||
|
|
|
|||
Loading…
Reference in a new issue