colin
/
bookstack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

SAML2: Included parsed groups in dump data 

Updated code style of class while there.
Removed redundant check and string translation used.

For #4706
This commit is contained in:
Dan Brown 2023-12-03 19:35:05 +00:00
parent 596f7314cd
commit 11853361b0
No known key found for this signature in database
GPG Key ID: 46D9F943C24A2EF9
3 changed files with 27 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
app/Access/Saml2Service.php
View File

@ -21,19 +21,13 @@ use OneLogin\Saml2\ValidationError;
class Saml2Service class Saml2Service
{ {
protected array $config; protected array $config;
protected RegistrationService $registrationService;
protected LoginService $loginService;
protected GroupSyncService $groupSyncService;
public function __construct( public function __construct(
RegistrationService $registrationService, protected RegistrationService $registrationService,
LoginService $loginService, protected LoginService $loginService,
GroupSyncService $groupSyncService protected GroupSyncService $groupSyncService
) { ) {
$this->config = config('saml2'); $this->config = config('saml2');
$this->registrationService = $registrationService;
$this->loginService = $loginService;
$this->groupSyncService = $groupSyncService;
} }
/** /**
@ -357,6 +351,10 @@ class Saml2Service
$userDetails = $this->getUserDetails($samlID, $samlAttributes); $userDetails = $this->getUserDetails($samlID, $samlAttributes);
$isLoggedIn = auth()->check(); $isLoggedIn = auth()->check();
if ($this->shouldSyncGroups()) {
$userDetails['groups'] = $this->getUserGroups($samlAttributes);
}
if ($this->config['dump_user_details']) { if ($this->config['dump_user_details']) {
throw new JsonDebugException([ throw new JsonDebugException([
'id_from_idp' => $samlID, 'id_from_idp' => $samlID,
@ -379,13 +377,8 @@ class Saml2Service
$userDetails['external_id'] $userDetails['external_id']
); );
if ($user === null) {
throw new SamlException(trans('errors.saml_user_not_registered', ['name' => $userDetails['external_id']]), '/login');
}
if ($this->shouldSyncGroups()) { if ($this->shouldSyncGroups()) {
$groups = $this->getUserGroups($samlAttributes); $this->groupSyncService->syncUserWithFoundGroups($user, $userDetails['groups'], $this->config['remove_from_groups']);
$this->groupSyncService->syncUserWithFoundGroups($user, $groups, $this->config['remove_from_groups']);
} }
$this->loginService->login($user, 'saml2'); $this->loginService->login($user, 'saml2');

1
lang/en/errors.php
View File

@ -19,7 +19,6 @@ return [
'ldap_extension_not_installed' => 'LDAP PHP extension not installed', 'ldap_extension_not_installed' => 'LDAP PHP extension not installed',
'ldap_cannot_connect' => 'Cannot connect to ldap server, Initial connection failed', 'ldap_cannot_connect' => 'Cannot connect to ldap server, Initial connection failed',
'saml_already_logged_in' => 'Already logged in', 'saml_already_logged_in' => 'Already logged in',
'saml_user_not_registered' => 'The user :name is not registered and automatic registration is disabled',
'saml_no_email_address' => 'Could not find an email address, for this user, in the data provided by the external authentication system', 'saml_no_email_address' => 'Could not find an email address, for this user, in the data provided by the external authentication system',
'saml_invalid_response_id' => 'The request from the external authentication system is not recognised by a process started by this application. Navigating back after a login could cause this issue.', 'saml_invalid_response_id' => 'The request from the external authentication system is not recognised by a process started by this application. Navigating back after a login could cause this issue.',
'saml_fail_authed' => 'Login using :system failed, system did not provide successful authorization', 'saml_fail_authed' => 'Login using :system failed, system did not provide successful authorization',

22
tests/Auth/Saml2Test.php
View File

File diff suppressed because one or more lines are too long