diff options
author | techknowlogick <techknowlogick@gitea.com> | 2024-02-22 19:08:17 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-02-23 00:08:17 +0000 |
commit | 5bb8d1924d77c675467694de26697b876d709a17 (patch) | |
tree | 5082621a5a26d56b5eccd2a70bbb35a76a2c6ae5 /web_src | |
parent | c4b0cb4d0d527793296cf801e611f77666f86551 (diff) | |
download | gitea-5bb8d1924d77c675467694de26697b876d709a17.tar.gz gitea-5bb8d1924d77c675467694de26697b876d709a17.zip |
Support SAML authentication (#25165)
Closes https://github.com/go-gitea/gitea/issues/5512
This PR adds basic SAML support
- Adds SAML 2.0 as an auth source
- Adds SAML configuration documentation
- Adds integration test:
- Use bare-bones SAML IdP to test protocol flow and test account is
linked successfully (only runs on Postgres by default)
- Adds documentation for configuring and running SAML integration test
locally
Future PRs:
- Support group mapping
- Support auto-registration (account linking)
Co-Authored-By: @jackHay22
---------
Co-authored-by: jackHay22 <jack@allspice.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Jason Song <i@wolfogre.com>
Co-authored-by: morphelinho <morphelinho@users.noreply.github.com>
Co-authored-by: Zettat123 <zettat123@gmail.com>
Co-authored-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: silverwind <me@silverwind.io>
Diffstat (limited to 'web_src')
-rw-r--r-- | web_src/js/features/admin/common.js | 8 | ||||
-rw-r--r-- | web_src/js/features/user-auth.js | 21 | ||||
-rw-r--r-- | web_src/js/index.js | 6 |
3 files changed, 32 insertions, 3 deletions
diff --git a/web_src/js/features/admin/common.js b/web_src/js/features/admin/common.js index 044976ea7b..4804163971 100644 --- a/web_src/js/features/admin/common.js +++ b/web_src/js/features/admin/common.js @@ -103,9 +103,9 @@ export function initAdminCommon() { // New authentication if ($('.admin.new.authentication').length > 0) { $('#auth_type').on('change', function () { - hideElem($('.ldap, .dldap, .smtp, .pam, .oauth2, .has-tls, .search-page-size, .sspi')); + hideElem($('.ldap, .dldap, .smtp, .pam, .oauth2, .has-tls, .search-page-size, .sspi, .saml')); - $('.ldap input[required], .binddnrequired input[required], .dldap input[required], .smtp input[required], .pam input[required], .oauth2 input[required], .has-tls input[required], .sspi input[required]').removeAttr('required'); + $('.ldap input[required], .binddnrequired input[required], .dldap input[required], .smtp input[required], .pam input[required], .oauth2 input[required], .has-tls input[required], .sspi input[required], .saml input[required]').removeAttr('required'); $('.binddnrequired').removeClass('required'); const authType = $(this).val(); @@ -137,6 +137,10 @@ export function initAdminCommon() { showElem($('.sspi')); $('.sspi div.required input').attr('required', 'required'); break; + case '8': // SAML + showElem($('.saml')); + $('.saml div.required input').attr('required', 'required'); + break; } if (authType === '2' || authType === '5') { onSecurityProtocolChange(); diff --git a/web_src/js/features/user-auth.js b/web_src/js/features/user-auth.js index 60d186e699..3bf84e31df 100644 --- a/web_src/js/features/user-auth.js +++ b/web_src/js/features/user-auth.js @@ -20,3 +20,24 @@ export function initUserAuthOauth2() { }); } } + +export function initUserAuthSAML() { + const outer = document.getElementById('saml-login-navigator'); + if (!outer) return; + const inner = document.getElementById('saml-login-navigator-inner'); + + checkAppUrl(); + + for (const link of outer.querySelectorAll('.saml-login-link')) { + link.addEventListener('click', () => { + inner.classList.add('gt-invisible'); + outer.classList.add('is-loading'); + setTimeout(() => { + // recover previous content to let user try again + // usually redirection will be performed before this action + outer.classList.remove('is-loading'); + inner.classList.remove('gt-invisible'); + }, 5000); + }); + } +} diff --git a/web_src/js/index.js b/web_src/js/index.js index 117279c3c4..ddd435f05e 100644 --- a/web_src/js/index.js +++ b/web_src/js/index.js @@ -23,7 +23,10 @@ import {initFindFileInRepo} from './features/repo-findfile.js'; import {initCommentContent, initMarkupContent} from './markup/content.js'; import {initPdfViewer} from './render/pdf.js'; -import {initUserAuthOauth2} from './features/user-auth.js'; +import { + initUserAuthOauth2, + initUserAuthSAML +} from './features/user-auth.js'; import { initRepoIssueDue, initRepoIssueReferenceRepositorySearch, @@ -179,6 +182,7 @@ onDomReady(() => { initCaptcha(); initUserAuthOauth2(); + initUserAuthSAML(); initUserAuthWebAuthn(); initUserAuthWebAuthnRegister(); initUserSettings(); |