aboutsummaryrefslogtreecommitdiffstats
path: root/web_src
diff options
context:
space:
mode:
authortechknowlogick <techknowlogick@gitea.com>2024-02-22 19:08:17 -0500
committerGitHub <noreply@github.com>2024-02-23 00:08:17 +0000
commit5bb8d1924d77c675467694de26697b876d709a17 (patch)
tree5082621a5a26d56b5eccd2a70bbb35a76a2c6ae5 /web_src
parentc4b0cb4d0d527793296cf801e611f77666f86551 (diff)
downloadgitea-5bb8d1924d77c675467694de26697b876d709a17.tar.gz
gitea-5bb8d1924d77c675467694de26697b876d709a17.zip
Support SAML authentication (#25165)
Closes https://github.com/go-gitea/gitea/issues/5512 This PR adds basic SAML support - Adds SAML 2.0 as an auth source - Adds SAML configuration documentation - Adds integration test: - Use bare-bones SAML IdP to test protocol flow and test account is linked successfully (only runs on Postgres by default) - Adds documentation for configuring and running SAML integration test locally Future PRs: - Support group mapping - Support auto-registration (account linking) Co-Authored-By: @jackHay22 --------- Co-authored-by: jackHay22 <jack@allspice.io> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: KN4CK3R <admin@oldschoolhack.me> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Jason Song <i@wolfogre.com> Co-authored-by: morphelinho <morphelinho@users.noreply.github.com> Co-authored-by: Zettat123 <zettat123@gmail.com> Co-authored-by: Yarden Shoham <git@yardenshoham.com> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: silverwind <me@silverwind.io>
Diffstat (limited to 'web_src')
-rw-r--r--web_src/js/features/admin/common.js8
-rw-r--r--web_src/js/features/user-auth.js21
-rw-r--r--web_src/js/index.js6
3 files changed, 32 insertions, 3 deletions
diff --git a/web_src/js/features/admin/common.js b/web_src/js/features/admin/common.js
index 044976ea7b..4804163971 100644
--- a/web_src/js/features/admin/common.js
+++ b/web_src/js/features/admin/common.js
@@ -103,9 +103,9 @@ export function initAdminCommon() {
// New authentication
if ($('.admin.new.authentication').length > 0) {
$('#auth_type').on('change', function () {
- hideElem($('.ldap, .dldap, .smtp, .pam, .oauth2, .has-tls, .search-page-size, .sspi'));
+ hideElem($('.ldap, .dldap, .smtp, .pam, .oauth2, .has-tls, .search-page-size, .sspi, .saml'));
- $('.ldap input[required], .binddnrequired input[required], .dldap input[required], .smtp input[required], .pam input[required], .oauth2 input[required], .has-tls input[required], .sspi input[required]').removeAttr('required');
+ $('.ldap input[required], .binddnrequired input[required], .dldap input[required], .smtp input[required], .pam input[required], .oauth2 input[required], .has-tls input[required], .sspi input[required], .saml input[required]').removeAttr('required');
$('.binddnrequired').removeClass('required');
const authType = $(this).val();
@@ -137,6 +137,10 @@ export function initAdminCommon() {
showElem($('.sspi'));
$('.sspi div.required input').attr('required', 'required');
break;
+ case '8': // SAML
+ showElem($('.saml'));
+ $('.saml div.required input').attr('required', 'required');
+ break;
}
if (authType === '2' || authType === '5') {
onSecurityProtocolChange();
diff --git a/web_src/js/features/user-auth.js b/web_src/js/features/user-auth.js
index 60d186e699..3bf84e31df 100644
--- a/web_src/js/features/user-auth.js
+++ b/web_src/js/features/user-auth.js
@@ -20,3 +20,24 @@ export function initUserAuthOauth2() {
});
}
}
+
+export function initUserAuthSAML() {
+ const outer = document.getElementById('saml-login-navigator');
+ if (!outer) return;
+ const inner = document.getElementById('saml-login-navigator-inner');
+
+ checkAppUrl();
+
+ for (const link of outer.querySelectorAll('.saml-login-link')) {
+ link.addEventListener('click', () => {
+ inner.classList.add('gt-invisible');
+ outer.classList.add('is-loading');
+ setTimeout(() => {
+ // recover previous content to let user try again
+ // usually redirection will be performed before this action
+ outer.classList.remove('is-loading');
+ inner.classList.remove('gt-invisible');
+ }, 5000);
+ });
+ }
+}
diff --git a/web_src/js/index.js b/web_src/js/index.js
index 117279c3c4..ddd435f05e 100644
--- a/web_src/js/index.js
+++ b/web_src/js/index.js
@@ -23,7 +23,10 @@ import {initFindFileInRepo} from './features/repo-findfile.js';
import {initCommentContent, initMarkupContent} from './markup/content.js';
import {initPdfViewer} from './render/pdf.js';
-import {initUserAuthOauth2} from './features/user-auth.js';
+import {
+ initUserAuthOauth2,
+ initUserAuthSAML
+} from './features/user-auth.js';
import {
initRepoIssueDue,
initRepoIssueReferenceRepositorySearch,
@@ -179,6 +182,7 @@ onDomReady(() => {
initCaptcha();
initUserAuthOauth2();
+ initUserAuthSAML();
initUserAuthWebAuthn();
initUserAuthWebAuthnRegister();
initUserSettings();