Andreas/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2025-12-16 23:40:13 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Revert autologin, because it broke OIDC login with Keycloak.

Browse source 
Thanks to wb9688 and xet7 !

Fixes #4660,
related https://github.com/wekan/wekan/pull/4588
This commit is contained in:
Lauri Ojansivu 2022-08-30 23:12:23 +03:00
parent fbe1f5f948
commit 43a7096753
5 changed files with 34 additions and 93 deletions
Download patch file Download diff file Expand all files Collapse all files

15
client/components/main/layouts.js
View file

@ -4,7 +4,7 @@ BlazeLayout.setRoot('body');
let alreadyCheck = 1; let alreadyCheck = 1;
let isCheckDone = false; let isCheckDone = false;
let counter = 0;
const validator = { const validator = {
set(obj, prop, value) { set(obj, prop, value) {
if (prop === 'state' && value !== 'signIn') { if (prop === 'state' && value !== 'signIn') {
@ -50,18 +50,6 @@ Template.userFormsLayout.onCreated(function () {
} }
}); });
if (!Meteor.user()?.profile) {
Meteor.call('isOidcRedirectionEnabled', (_, result) => {
if (result) {
AccountsTemplates.options.socialLoginStyle = 'redirect';
options = {
loginStyle: AccountsTemplates.options.socialLoginStyle,
};
Meteor.loginWithOidc(options);
}
else console.log("oidc redirect not set");
});
}
Meteor.call('isDisableRegistration', (_, result) => { Meteor.call('isDisableRegistration', (_, result) => {
if (result) { if (result) {
$('.at-signup-link').hide(); $('.at-signup-link').hide();
@ -279,6 +267,7 @@ function getUserAuthenticationMethod(defaultAuthenticationMethod, match) {
Meteor.subscribe('user-authenticationMethod', match, { Meteor.subscribe('user-authenticationMethod', match, {
onReady() { onReady() {
const user = Users.findOne(); const user = Users.findOne();
const authenticationMethod = user const authenticationMethod = user
? user.authenticationMethod ? user.authenticationMethod
: defaultAuthenticationMethod; : defaultAuthenticationMethod;

30
config/accounts.js
View file

@ -5,16 +5,6 @@ const emailField = AccountsTemplates.removeField('email');
let disableRegistration = false; let disableRegistration = false;
let disableForgotPassword = false; let disableForgotPassword = false;
let passwordLoginDisabled = false; let passwordLoginDisabled = false;
let oidcRedirectionEnabled = false;
let oauthServerUrl = "home";
let oauthDashboardUrl = "";
Meteor.call('isOidcRedirectionEnabled', (_, result) => {
if(result)
{
oidcRedirectionEnabled = true;
}
});
Meteor.call('isPasswordLoginDisabled', (_, result) => { Meteor.call('isPasswordLoginDisabled', (_, result) => {
if (result) { if (result) {
@ -24,18 +14,6 @@ Meteor.call('isPasswordLoginDisabled', (_, result) => {
} }
}); });
Meteor.call('getOauthServerUrl', (_, result) => {
if (result) {
oauthServerUrl = result;
}
});
Meteor.call('getOauthDashboardUrl', (_, result) => {
if (result) {
oauthDashboardUrl = result;
}
});
Meteor.call('isDisableRegistration', (_, result) => { Meteor.call('isDisableRegistration', (_, result) => {
if (result) { if (result) {
disableRegistration = true; disableRegistration = true;
@ -81,20 +59,12 @@ AccountsTemplates.configure({
showForgotPasswordLink: !disableForgotPassword, showForgotPasswordLink: !disableForgotPassword,
forbidClientAccountCreation: disableRegistration, forbidClientAccountCreation: disableRegistration,
onLogoutHook() { onLogoutHook() {
// here comeslogic for redirect
if(oidcRedirectionEnabled)
{
window.location = oauthServerUrl + oauthDashboardUrl;
}
else
{
const homePage = 'home'; const homePage = 'home';
if (FlowRouter.getRouteName() === homePage) { if (FlowRouter.getRouteName() === homePage) {
FlowRouter.reload(); FlowRouter.reload();
} else { } else {
FlowRouter.go(homePage); FlowRouter.go(homePage);
} }
}
}, },
}); });

18
models/settings.js
View file

@ -229,12 +229,6 @@ if (Meteor.isServer) {
]); ]);
} }
function loadOidcConfig(service){
check(service, String);
var config = ServiceConfiguration.configurations.findOne({service: service});
return config;
}
function sendInvitationEmail(_id) { function sendInvitationEmail(_id) {
const icode = InvitationCodes.findOne(_id); const icode = InvitationCodes.findOne(_id);
const author = Users.findOne(Meteor.userId()); const author = Users.findOne(Meteor.userId());
@ -501,12 +495,6 @@ if (Meteor.isServer) {
}; };
}, },
getOauthServerUrl(){
return process.env.OAUTH2_SERVER_URL;
},
getOauthDashboardUrl(){
return process.env.DASHBOARD_URL;
},
getDefaultAuthenticationMethod() { getDefaultAuthenticationMethod() {
return process.env.DEFAULT_AUTHENTICATION_METHOD; return process.env.DEFAULT_AUTHENTICATION_METHOD;
}, },
@ -514,12 +502,6 @@ if (Meteor.isServer) {
isPasswordLoginDisabled() { isPasswordLoginDisabled() {
return process.env.PASSWORD_LOGIN_ENABLED === 'false'; return process.env.PASSWORD_LOGIN_ENABLED === 'false';
}, },
isOidcRedirectionEnabled(){
return process.env.OIDC_REDIRECTION_ENABLED === 'true' && Object.keys(loadOidcConfig("oidc")).length > 0;
},
getServiceConfiguration(service){
return loadOidcConfig(service);
}
}); });
} }

4
packages/wekan-accounts-oidc/oidc.js
View file

@ -7,11 +7,11 @@ if (Meteor.isClient) {
callback = options; callback = options;
options = null; options = null;
} }
var credentialRequestCompleteCallback = Accounts.oauth.credentialRequestCompleteHandler(callback); var credentialRequestCompleteCallback = Accounts.oauth.credentialRequestCompleteHandler(callback);
Oidc.requestCredential(options, credentialRequestCompleteCallback); Oidc.requestCredential(options, credentialRequestCompleteCallback);
}; };
} } else {
else {
Accounts.addAutopublishFields({ Accounts.addAutopublishFields({
// not sure whether the OIDC api can be used from the browser, // not sure whether the OIDC api can be used from the browser,
// thus not sure if we should be sending access tokens; but we do it // thus not sure if we should be sending access tokens; but we do it