feat: Post login Idp

Signed-off-by: Hoang Pham <[email protected]>
nextcloud · Jul 8, 2024 · cac3ce5 · cac3ce5
1 parent e8c669b
commit cac3ce5
Show file tree

Hide file tree

Showing 5 changed files with 8 additions and 7 deletions.
diff --git a/lib/Controller/SAMLController.php b/lib/Controller/SAMLController.php
@@ -197,8 +197,8 @@ public function login(int $idp = 1): Http\RedirectResponse|Http\TemplateResponse
 				$ssoUrl = $auth->login($returnUrl, [], false, false, true);
 
 				$settings = $this->samlSettings->get($idp);
-				$method = $settings['general-saml_request_method'] ?? 'get';
-				if ($method === 'post') {
+				$isSAMLRequestUsingPost = isset($settings['general-is_saml_request_using_post']) && $settings['general-is_saml_request_using_post'] === '1';
+				if ($isSAMLRequestUsingPost) {
 					$query = parse_url($ssoUrl, PHP_URL_QUERY);
 					parse_str($query, $params);
 
@@ -649,7 +649,7 @@ private function getSSOUrl(string $redirectUrl, string $idp): string {
 		$csrfToken = $csrfTokenManager->getToken();
 
 		$settings = $this->samlSettings->get((int)$idp);
-		$method = $settings['general-saml_request_method'] ?? 'get';
+		$method = $settings['general-is_saml_request_using_post'] ?? 'get';
 
 		return $this->urlGenerator->linkToRouteAbsolute(
 			'user_saml.SAML.login',

diff --git a/lib/SAMLSettings.php b/lib/SAMLSettings.php
@@ -26,6 +26,7 @@ class SAMLSettings {
 	public const IDP_CONFIG_KEYS = [
 		'general-idp0_display_name',
 		'general-uid_mapping',
+		'general-is_saml_request_using_post',
 		'general-saml_request_method',
 		'idp-entityId',
 		'idp-singleLogoutService.responseUrl',

diff --git a/lib/Settings/Admin.php b/lib/Settings/Admin.php
@@ -199,7 +199,7 @@ public function getForm() {
 				'type' => 'line',
 				'required' => false,
 			];
-			$generalSettings['saml_request_method'] = [
+			$generalSettings['is_saml_request_using_post'] = [
 				'text' => $this->l10n->t('Use POST method for SAML request (default: GET)'),
 				'type' => 'checkbox',
 				'required' => false,

diff --git a/templates/login_post.php b/templates/login_post.php
@@ -22,7 +22,7 @@
 	<input type="hidden" name="Signature" value="<?= $_['signature'] ?>" />
 	<noscript>
 		<p>
-			<?php p($l->t('Please wait while you are redirected to the SSO server.')); ?>
+			<?php p($l->t('JavaScript is disabled in your browser. Please enable it to continue.')) ?>
 		</p>
 		<input type="submit" value="Continue" />
 	</noscript>

diff --git a/tests/unit/Settings/AdminTest.php b/tests/unit/Settings/AdminTest.php
@@ -84,7 +84,7 @@ public function formDataProvider() {
 				'type' => 'line',
 				'required' => false,
 			],
-			'saml_request_method' => [
+			'is_saml_request_using_post' => [
 				'text' => $this->l10n->t('Use POST method for SAML request (default: GET)'),
 				'type' => 'checkbox',
 				'required' => false,
@@ -231,7 +231,7 @@ public function testGetFormWithoutType() {
 			->willReturn('');
 
 		$params = $this->formDataProvider();
-		unset($params['general']['idp0_display_name'], $params['general']['saml_request_method'], $params['general']['allow_multiple_user_back_ends']);
+		unset($params['general']['idp0_display_name'], $params['general']['is_saml_request_using_post'], $params['general']['allow_multiple_user_back_ends']);
 		$params['type'] = '';
 
 		$expected = new TemplateResponse('user_saml', 'admin', $params);