diff --git a/gui/app/authenticators/cas.js b/gui/app/authenticators/cas.js new file mode 100644 index 00000000..96fbee44 --- /dev/null +++ b/gui/app/authenticators/cas.js @@ -0,0 +1,39 @@ +// Copyright 2016 Documize Inc. . All rights reserved. +// +// This software (Documize Community Edition) is licensed under +// GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html +// +// You can operate outside the AGPL restrictions by purchasing +// Documize Enterprise Edition and obtaining a commercial license +// by contacting . +// +// https://documize.com + +import { reject, resolve } from 'rsvp'; +import { inject as service } from '@ember/service'; + +import Base from 'ember-simple-auth/authenticators/base'; + +export default Base.extend({ + ajax: service(), + appMeta: service(), + localStorage: service(), + + restore(data) { + // TODO: verify authentication data + if (data) { + return resolve(data); + } + + return reject(); + }, + + authenticate(){ + return this.get('ajax').request('public/authenticate/cas' ); + }, + + invalidate() { + this.get('localStorage').clearAll(); + return resolve(); + } +}); diff --git a/gui/app/components/customize/auth-settings.js b/gui/app/components/customize/auth-settings.js index 5ecaa04c..638f45e9 100644 --- a/gui/app/components/customize/auth-settings.js +++ b/gui/app/components/customize/auth-settings.js @@ -33,6 +33,9 @@ export default Component.extend(ModalMixin, Notifier, { isLDAPProvider: computed('authProvider', function() { return this.get('authProvider') === this.get('constants').AuthProvider.LDAP; }), + isCASProvider: computed('authProvider', function(){ + return this.get('authProvider') === this.get('constants').AuthProvider.CAS; + }), KeycloakUrlError: empty('keycloakConfig.url'), KeycloakRealmError: empty('keycloakConfig.realm'), @@ -61,6 +64,10 @@ export default Component.extend(ModalMixin, Notifier, { ldapPreview: null, ldapConfig: null, + casErrorUrl: empty('casConfig.url'), + casErrorRedirectUrl: empty('casConfig.redirectUrl'), + casConfig:null, + init() { this._super(...arguments); @@ -122,6 +129,19 @@ export default Component.extend(ModalMixin, Notifier, { this.set('ldapConfig', ldapConfig); break; } + case constants.AuthProvider.CAS: { + let casConfig = this.get('authConfig'); + if (_.isUndefined(casConfig) || _.isNull(casConfig) || _.isEmpty(casConfig) ) { + casConfig = {}; + } else { + casConfig = JSON.parse(casConfig); + casConfig.url = casConfig.hasOwnProperty('url') ? casConfig.url : ''; + casConfig.redirectUrl = casConfig.hasOwnProperty('redirectUrl') ? casConfig.redirectUrl : ''; + } + + this.set('casConfig', casConfig); + break; + } } }, @@ -140,6 +160,10 @@ export default Component.extend(ModalMixin, Notifier, { let constants = this.get('constants'); this.set('authProvider', constants.AuthProvider.LDAP); }, + onCAS() { + let constants = this.get('constants'); + this.set('authProvider', constants.AuthProvider.CAS); + }, onLDAPEncryption(e) { this.set('ldapConfig.encryptionType', e); @@ -231,6 +255,21 @@ export default Component.extend(ModalMixin, Notifier, { return; } + break; + case constants.AuthProvider.CAS: + if (this.get('casErrorUrl')) { + $("#cas-url").focus(); + return; + } + if (this.get('casErrorRedirectUrl')) { + $("#cas-redirect-url").focus(); + return; + } + + config = copy(this.get('casConfig')); + config.url = config.url.trim(); + config.redirectUrl = config.redirectUrl.trim(); + break; } diff --git a/gui/app/constants/constants.js b/gui/app/constants/constants.js index 1094165d..a2f49775 100644 --- a/gui/app/constants/constants.js +++ b/gui/app/constants/constants.js @@ -25,6 +25,7 @@ let constants = EmberObject.extend({ Documize: 'documize', Keycloak: 'keycloak', LDAP: 'ldap', + CAS: 'cas', ServerTypeLDAP: 'ldap', ServerTypeAD: 'ad', EncryptionTypeNone: 'none', diff --git a/gui/app/mixins/auth.js b/gui/app/mixins/auth.js index 52123bc2..9e58f0dc 100644 --- a/gui/app/mixins/auth.js +++ b/gui/app/mixins/auth.js @@ -17,6 +17,7 @@ export default Mixin.create({ isAuthProviderDocumize: true, isAuthProviderKeycloak: false, isAuthProviderLDAP: false, + isAuthProviderCAS: false, isDualAuth: false, init() { @@ -26,7 +27,7 @@ export default Mixin.create({ this.set('isAuthProviderDocumize', this.get('appMeta.authProvider') === constants.AuthProvider.Documize); this.set('isAuthProviderKeycloak', this.get('appMeta.authProvider') === constants.AuthProvider.Keycloak); this.set('isAuthProviderLDAP', this.get('appMeta.authProvider') === constants.AuthProvider.LDAP); - + this.set('isAuthProviderCAS', this.get('appMeta.authProvider') == constants.AuthProvider.CAS); if (this.get('appMeta.authProvider') === constants.AuthProvider.LDAP) { let config = this.get('appMeta.authConfig'); diff --git a/gui/app/pods/auth/login/controller.js b/gui/app/pods/auth/login/controller.js index e5028347..a867ba7c 100644 --- a/gui/app/pods/auth/login/controller.js +++ b/gui/app/pods/auth/login/controller.js @@ -12,10 +12,12 @@ import { inject as service } from '@ember/service'; import AuthProvider from '../../../mixins/auth'; import Controller from '@ember/controller'; +import {Promise as EmberPromise} from "rsvp"; export default Controller.extend(AuthProvider, { appMeta: service('app-meta'), session: service('session'), + invalidCredentials: false, reset() { @@ -26,7 +28,7 @@ export default Controller.extend(AuthProvider, { }); } - if (this.get('isAuthProviderLDAP')) { + if (this.get('isAuthProviderLDAP') || this.get('isAuthProviderCAS')) { this.setProperties({ username: '', password: '' @@ -62,6 +64,24 @@ export default Controller.extend(AuthProvider, { this.set('invalidCredentials', true); }); } + // if (this.get('isAuthProviderCAS')) { + // + // this.get('session').authenticate('authenticator:cas').then((response) => { + // this.transitionToRoute('folders'); + // return response; + // }).catch(() => { + // this.set('invalidCredentials', true); + // }); + // } + }, + loginWithCAS(){ + // let config = this.get('config'); + let url = 'https://sso.bangdao-tech.com/sso/login?service=' + encodeURIComponent('https://duty.bangdao-tech.com/'); + window.location.replace(url); + + + } } + }); diff --git a/gui/app/pods/auth/login/route.js b/gui/app/pods/auth/login/route.js index bda8f638..0cb76996 100644 --- a/gui/app/pods/auth/login/route.js +++ b/gui/app/pods/auth/login/route.js @@ -17,6 +17,7 @@ import Route from '@ember/routing/route'; export default Route.extend({ appMeta: service(), kcAuth: service(), + global: service(), localStorage: service(), showLogin: false, diff --git a/gui/app/pods/auth/login/template.hbs b/gui/app/pods/auth/login/template.hbs index 43a99528..99dbe35f 100644 --- a/gui/app/pods/auth/login/template.hbs +++ b/gui/app/pods/auth/login/template.hbs @@ -27,8 +27,12 @@ {{input type="password" value=password id="authPassword" class="form-control" autocomplete="current-password"}} {{/if}} + {{#if isAuthProviderCAS}} + {{ui/ui-button color=constants.Color.Green light=true label=constants.Label.SignIn onClick=(action "loginWithCAS")}} + {{else}} + {{ui/ui-button color=constants.Color.Green light=true label=constants.Label.SignIn onClick=(action "login")}} + {{/if}} - {{ui/ui-button color=constants.Color.Green light=true label=constants.Label.SignIn onClick=(action "login")}}
Invalid credentials
{{#if isAuthProviderDocumize}} diff --git a/gui/app/pods/customize/auth/route.js b/gui/app/pods/customize/auth/route.js index 8b4344ab..7a4f26ac 100644 --- a/gui/app/pods/customize/auth/route.js +++ b/gui/app/pods/customize/auth/route.js @@ -42,6 +42,8 @@ export default Route.extend(AuthenticatedRouteMixin, { case constants.AuthProvider.LDAP: data.authConfig = config; break; + case constants.AuthProvider.CAS: + data.authConfig = config; case constants.AuthProvider.Documize: data.authConfig = ''; break; diff --git a/gui/app/pods/customize/auth/template.hbs b/gui/app/pods/customize/auth/template.hbs index d8bcaed8..373556f9 100644 --- a/gui/app/pods/customize/auth/template.hbs +++ b/gui/app/pods/customize/auth/template.hbs @@ -1,6 +1,6 @@ {{layout/logo-heading title="Authentication" - desc="Choose user authentication provider — Documize, Redhat Keycloak, LDAP/AD" + desc="Choose user authentication provider — Documize, Redhat Keycloak, LDAP/AD, CAS" icon=constants.Icon.Locked}} {{customize/auth-settings diff --git a/gui/app/templates/components/customize/auth-settings.hbs b/gui/app/templates/components/customize/auth-settings.hbs index 5055159e..719bb121 100644 --- a/gui/app/templates/components/customize/auth-settings.hbs +++ b/gui/app/templates/components/customize/auth-settings.hbs @@ -23,6 +23,13 @@ {{/if}} +
  • +
    CAS
    +
    Via authentication server
    + {{#if isCASProvider}} + + {{/if}} +
    • @@ -167,7 +174,18 @@ {{ui/ui-button color=constants.Color.Yellow light=true label="Test →" onClick=(action "onLDAPPreview")}} {{ui/ui-button-gap}} {{/if}} - + {{#if isCASProvider}} +
    + + {{focus-input id="cas-url" type="text" value=casConfig.url class=(if casErrorUrl "form-control is-invalid" "form-control")}} + e.g. http://localhost:8888/auth +
    +
    + + {{focus-input id="cas-redirect-url" type="text" value=casConfig.redirectUrl class=(if casErrorRedirectUrl "form-control is-invalid" "form-control")}} + e.g. http://localhost:8888/ +
    + {{/if}} {{ui/ui-button color=constants.Color.Green light=true icon=constants.Icon.Locked label=constants.Label.Activate onClick=(action "onSave")}}