"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/timeutil"
"code.gitea.io/gitea/modules/util"
+ gouuid "github.com/google/uuid"
jsoniter "github.com/json-iterator/go"
"xorm.io/xorm"
// PAMConfig holds configuration for the PAM login source.
type PAMConfig struct {
ServiceName string // pam service (e.g. system-auth)
+ EmailDomain string
}
// FromDB fills up a PAMConfig from serialized format.
// Allow PAM sources with `@` in their name, like from Active Directory
username := pamLogin
+ email := pamLogin
idx := strings.Index(pamLogin, "@")
if idx > -1 {
username = pamLogin[:idx]
}
+ if ValidateEmail(email) != nil {
+ if cfg.EmailDomain != "" {
+ email = fmt.Sprintf("%s@%s", username, cfg.EmailDomain)
+ } else {
+ email = fmt.Sprintf("%s@%s", username, setting.Service.NoReplyAddress)
+ }
+ if ValidateEmail(email) != nil {
+ email = gouuid.New().String() + "@localhost"
+ }
+ }
user = &User{
LowerName: strings.ToLower(username),
Name: username,
- Email: pamLogin,
+ Email: email,
Passwd: password,
LoginType: LoginPAM,
LoginSource: sourceID,
auths.enable_tls = Enable TLS Encryption
auths.skip_tls_verify = Skip TLS Verify
auths.pam_service_name = PAM Service Name
+auths.pam_email_domain = PAM Email Domain (optional)
auths.oauth2_provider = OAuth2 Provider
auths.oauth2_icon_url = Icon URL
auths.oauth2_clientID = Client ID (Key)
case models.LoginPAM:
config = &models.PAMConfig{
ServiceName: form.PAMServiceName,
+ EmailDomain: form.PAMEmailDomain,
}
case models.LoginOAuth2:
config = parseOAuth2Config(form)
case models.LoginPAM:
config = &models.PAMConfig{
ServiceName: form.PAMServiceName,
+ EmailDomain: form.PAMEmailDomain,
}
case models.LoginOAuth2:
config = parseOAuth2Config(form)
TLS bool
SkipVerify bool
PAMServiceName string
+ PAMEmailDomain string
Oauth2Provider string
Oauth2Key string
Oauth2Secret string
<label for="pam_service_name">{{.i18n.Tr "admin.auths.pam_service_name"}}</label>
<input id="pam_service_name" name="pam_service_name" value="{{$cfg.ServiceName}}" required>
</div>
+ <div class="field">
+ <label for="pam_email_domain">{{.i18n.Tr "admin.auths.pam_email_domain"}}</label>
+ <input id="pam_email_domain" name="pam_email_domain" value="{{$cfg.EmailDomain}}">
+ </div>
{{end}}
<!-- OAuth2 -->
<div class="pam required field {{if not (eq .type 4)}}hide{{end}}">
<label for="pam_service_name">{{.i18n.Tr "admin.auths.pam_service_name"}}</label>
<input id="pam_service_name" name="pam_service_name" value="{{.pam_service_name}}" />
+ <label for="pam_email_domain">{{.i18n.Tr "admin.auths.pam_email_domain"}}</label>
+ <input id="pam_email_domain" name="pam_email_domain" value="{{.pam_email_domain}}">
</div>
<!-- OAuth2 -->