fix: Add direct parameter to flow auth v2

Signed-off-by: Julius Härtl <jus@bitgrid.net>

diff --git a/core/Controller/ClientFlowLoginV2Controller.php b/core/Controller/ClientFlowLoginV2Controller.php
index 76c8ed2921a9ff76f1abe20c02632978e3f51260..e6e1c282d2b6bb67c82c1a22ca03031b63e5338b 100644 (file)
--- a/core/Controller/ClientFlowLoginV2Controller.php
+++ b/core/Controller/ClientFlowLoginV2Controller.php
@@ -84,7 +84,7 @@ class ClientFlowLoginV2Controller extends Controller {
        #[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)]
        #[UseSession]
        #[FrontpageRoute(verb: 'GET', url: '/login/v2/flow/{token}')]
-       public function landing(string $token, $user = ''): Response {
+       public function landing(string $token, $user = '', int $direct = 0): Response {
                if (!$this->loginFlowV2Service->startLoginFlow($token)) {
                        return $this->loginTokenForbiddenResponse();
                }
@@ -92,7 +92,7 @@ class ClientFlowLoginV2Controller extends Controller {
                $this->session->set(self::TOKEN_NAME, $token);
 
                return new RedirectResponse(
-                       $this->urlGenerator->linkToRouteAbsolute('core.ClientFlowLoginV2.showAuthPickerPage', ['user' => $user])
+                       $this->urlGenerator->linkToRouteAbsolute('core.ClientFlowLoginV2.showAuthPickerPage', ['user' => $user, 'direct' => $direct])
                );
        }
 
@@ -101,7 +101,7 @@ class ClientFlowLoginV2Controller extends Controller {
        #[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)]
        #[UseSession]
        #[FrontpageRoute(verb: 'GET', url: '/login/v2/flow')]
-       public function showAuthPickerPage($user = ''): StandaloneTemplateResponse {
+       public function showAuthPickerPage(string $user = '', int $direct = 0): StandaloneTemplateResponse {
                try {
                        $flow = $this->getFlowByLoginToken();
                } catch (LoginFlowV2NotFoundException $e) {
@@ -123,6 +123,7 @@ class ClientFlowLoginV2Controller extends Controller {
                                'urlGenerator' => $this->urlGenerator,
                                'stateToken' => $stateToken,
                                'user' => $user,
+                               'direct' => $direct,
                        ],
                        'guest'
                );
@@ -136,7 +137,7 @@ class ClientFlowLoginV2Controller extends Controller {
        #[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)]
        #[UseSession]
        #[FrontpageRoute(verb: 'GET', url: '/login/v2/grant')]
-       public function grantPage(?string $stateToken): StandaloneTemplateResponse {
+       public function grantPage(?string $stateToken, int $direct = 0): StandaloneTemplateResponse {
                if ($stateToken === null) {
                        return $this->stateTokenMissingResponse();
                }
@@ -163,6 +164,7 @@ class ClientFlowLoginV2Controller extends Controller {
                                'instanceName' => $this->defaults->getName(),
                                'urlGenerator' => $this->urlGenerator,
                                'stateToken' => $stateToken,
+                               'direct' => $direct,
                        ],
                        'guest'
                );

diff --git a/core/templates/loginflowv2/authpicker.php b/core/templates/loginflowv2/authpicker.php
index 14f5a6fe3d03b12c691034277b1c49b9660cb2f2..9c77409ed058c42645f78b04e02b9b115eb4b601 100644 (file)
--- a/core/templates/loginflowv2/authpicker.php
+++ b/core/templates/loginflowv2/authpicker.php
@@ -31,7 +31,7 @@ $urlGenerator = $_['urlGenerator'];
        <br/>
 
        <p id="redirect-link">
-               <form id="login-form" action="<?php p($urlGenerator->linkToRouteAbsolute('core.ClientFlowLoginV2.grantPage', ['stateToken' => $_['stateToken'], 'user' => $_['user']])) ?>" method="get">
+               <form id="login-form" action="<?php p($urlGenerator->linkToRouteAbsolute('core.ClientFlowLoginV2.grantPage', ['stateToken' => $_['stateToken'], 'user' => $_['user'], 'direct' => $_['direct'] ?? 0])) ?>" method="get">
                        <input type="submit" class="login primary icon-confirm-white" value="<?php p($l->t('Log in')) ?>" disabled>
                </form>
        </p>

diff --git a/core/templates/loginflowv2/grant.php b/core/templates/loginflowv2/grant.php
index 69599810ce98e55fa26936c3ff440d32b3afa410..2fec49942d553ec3716037b4ce0a76effc04df19 100644 (file)
--- a/core/templates/loginflowv2/grant.php
+++ b/core/templates/loginflowv2/grant.php
@@ -33,6 +33,9 @@ $urlGenerator = $_['urlGenerator'];
                <form method="POST" action="<?php p($urlGenerator->linkToRouteAbsolute('core.ClientFlowLoginV2.generateAppPassword')) ?>">
                        <input type="hidden" name="requesttoken" value="<?php p($_['requesttoken']) ?>" />
                        <input type="hidden" name="stateToken" value="<?php p($_['stateToken']) ?>" />
+                       <?php if ($_['direct']) { ?>
+                       <input type="hidden" name="direct" value="1" />
+                       <?php } ?>
                        <div id="submit-wrapper">
                                <input type="submit" class="login primary icon-confirm-white" title="" value="<?php p($l->t('Grant access')); ?>" />
                        </div>