diff options
| author | Côme Chilliet <come.chilliet@nextcloud.com> | 2024-12-05 15:00:46 +0100 |
|---|---|---|
| committer | Côme Chilliet <91878298+come-nc@users.noreply.github.com> | 2025-01-07 10:34:30 +0100 |
| commit | 9b366c65d40320d30ffd0d0c7e9a728394520bee (patch) | |
| tree | 52f8b08813949084ef8e839b513b2bfca158e896 | |
| parent | b64b106c13bc7082bab5e8111e7e231aaa6efde4 (diff) | |
| download | nextcloud-server-9b366c65d40320d30ffd0d0c7e9a728394520bee.tar.gz nextcloud-server-9b366c65d40320d30ffd0d0c7e9a728394520bee.zip | |
feat(oauth): Allow to skip the grant step for selected applications
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
| -rw-r--r-- | core/Controller/ClientFlowLoginController.php | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/core/Controller/ClientFlowLoginController.php b/core/Controller/ClientFlowLoginController.php index 93eec8921fe..66e049616c0 100644 --- a/core/Controller/ClientFlowLoginController.php +++ b/core/Controller/ClientFlowLoginController.php @@ -26,6 +26,7 @@ use OCP\AppFramework\Utility\ITimeFactory; use OCP\Authentication\Exceptions\InvalidTokenException; use OCP\Defaults; use OCP\EventDispatcher\IEventDispatcher; +use OCP\IAppConfig; use OCP\IL10N; use OCP\IRequest; use OCP\ISession; @@ -55,6 +56,7 @@ class ClientFlowLoginController extends Controller { private ICrypto $crypto, private IEventDispatcher $eventDispatcher, private ITimeFactory $timeFactory, + private IAppConfig $appConfig, ) { parent::__construct($appName, $request); } @@ -157,9 +159,11 @@ class ClientFlowLoginController extends Controller { #[NoCSRFRequired] #[UseSession] #[FrontpageRoute(verb: 'GET', url: '/login/flow/grant')] - public function grantPage(string $stateToken = '', + public function grantPage( + string $stateToken = '', string $clientIdentifier = '', - int $direct = 0): StandaloneTemplateResponse { + int $direct = 0, + ): Response { if (!$this->isValidToken($stateToken)) { return $this->stateTokenForbiddenResponse(); } @@ -181,6 +185,10 @@ class ClientFlowLoginController extends Controller { /** @var IUser $user */ $user = $this->userSession->getUser(); + if (in_array($clientName, $this->appConfig->getValueArray('oauth2', 'autoGrantApplications', []))) { + return $this->generateAppPassword($stateToken, $clientIdentifier); + } + $response = new StandaloneTemplateResponse( $this->appName, 'loginflow/grant', @@ -203,14 +211,13 @@ class ClientFlowLoginController extends Controller { return $response; } - /** - * @return Http\RedirectResponse|Response - */ #[NoAdminRequired] #[UseSession] #[FrontpageRoute(verb: 'POST', url: '/login/flow')] - public function generateAppPassword(string $stateToken, - string $clientIdentifier = '') { + public function generateAppPassword( + string $stateToken, + string $clientIdentifier = '', + ): Response { if (!$this->isValidToken($stateToken)) { $this->session->remove(self::STATE_NAME); return $this->stateTokenForbiddenResponse(); |