Merge pull request #6177 from nextcloud/properly-add-slo-url

Properly allow \OCP\Authentication\IApacheBackend to specify logout URL
This commit is contained in:
Morris Jobke 2017-08-26 18:50:52 +02:00 committed by GitHub
commit 0b652648cc
8 changed files with 46 additions and 38 deletions

View file

@ -71,8 +71,8 @@ class TwoFactorChallengeController extends Controller {
/**
* @return string
*/
protected function getLogoutAttribute() {
return OC_User::getLogoutAttribute();
protected function getLogoutUrl() {
return OC_User::getLogoutUrl($this->urlGenerator);
}
/**
@ -91,7 +91,7 @@ class TwoFactorChallengeController extends Controller {
'providers' => $providers,
'backupProvider' => $backupProvider,
'redirect_url' => $redirect_url,
'logout_attribute' => $this->getLogoutAttribute(),
'logout_url' => $this->getLogoutUrl(),
];
return new TemplateResponse($this->appName, 'twofactorselectchallenge', $data, 'guest');
}
@ -133,7 +133,7 @@ class TwoFactorChallengeController extends Controller {
'error_message' => $errorMessage,
'provider' => $provider,
'backupProvider' => $backupProvider,
'logout_attribute' => $this->getLogoutAttribute(),
'logout_url' => $this->getLogoutUrl(),
'redirect_url' => $redirect_url,
'template' => $tmpl->fetchPage(),
];

View file

@ -19,7 +19,7 @@
</ul>
</p>
<p class="two-factor-link">
<a class="button" <?php print_unescaped($_['logout_attribute']); ?>><?php p($l->t('Cancel log in')) ?></a>
<a class="button" href="<?php print_unescaped($_['logout_url']); ?>"><?php p($l->t('Cancel log in')) ?></a>
<?php if (!is_null($_['backupProvider'])): ?>
<a class="button" href="<?php p(\OC::$server->getURLGenerator()->linkToRoute('core.TwoFactorChallenge.showChallenge',
[

View file

@ -22,7 +22,7 @@ $template = $_['template'];
<?php endif; ?>
<?php print_unescaped($template); ?>
<p class="two-factor-link">
<a class="button" <?php print_unescaped($_['logout_attribute']); ?>><?php p($l->t('Cancel log in')) ?></a>
<a class="button" href="<?php print_unescaped($_['logout_url']); ?>"><?php p($l->t('Cancel log in')) ?></a>
<?php if (!is_null($_['backupProvider'])): ?>
<a class="button" href="<?php p(\OC::$server->getURLGenerator()->linkToRoute('core.TwoFactorChallenge.showChallenge',
[

View file

@ -187,18 +187,18 @@ class NavigationManager implements INavigationManager {
'icon' => $this->urlGenerator->imagePath('settings', 'admin.svg'),
]);
// Logout
$this->add([
'type' => 'settings',
'id' => 'logout',
'order' => 99999,
'href' => $this->urlGenerator->linkToRouteAbsolute(
'core.login.logout',
['requesttoken' => \OCP\Util::callRegister()]
),
'name' => $l->t('Log out'),
'icon' => $this->urlGenerator->imagePath('core', 'actions/logout.svg'),
]);
$logoutUrl = \OC_User::getLogoutUrl($this->urlGenerator);
if($logoutUrl !== '') {
// Logout
$this->add([
'type' => 'settings',
'id' => 'logout',
'order' => 99999,
'href' => $logoutUrl,
'name' => $l->t('Log out'),
'icon' => $this->urlGenerator->imagePath('core', 'actions/logout.svg'),
]);
}
if ($this->isSubadmin()) {
// User management

View file

@ -281,26 +281,25 @@ class OC_User {
}
/**
* Supplies an attribute to the logout hyperlink. The default behaviour
* is to return an href with '?logout=true' appended. However, it can
* supply any attribute(s) which are valid for <a>.
* Returns the current logout URL valid for the currently logged-in user
*
* @return string with one or more HTML attributes.
* @param \OCP\IURLGenerator $urlGenerator
* @return string
*/
public static function getLogoutAttribute() {
public static function getLogoutUrl(\OCP\IURLGenerator $urlGenerator) {
$backend = self::findFirstActiveUsedBackend();
if ($backend) {
return $backend->getLogoutAttribute();
return $backend->getLogoutUrl();
}
$logoutUrl = \OC::$server->getURLGenerator()->linkToRouteAbsolute(
$logoutUrl = $urlGenerator->linkToRouteAbsolute(
'core.login.logout',
[
'requesttoken' => \OCP\Util::callRegister(),
]
);
return 'href="'.$logoutUrl.'"';
return $logoutUrl;
}
/**

View file

@ -39,21 +39,20 @@ namespace OCP\Authentication;
interface IApacheBackend {
/**
* In case the user has been authenticated by Apache true is returned.
* In case the user has been authenticated by a module true is returned.
*
* @return boolean whether Apache reports a user as currently logged in.
* @return boolean whether the module reports a user as currently logged in.
* @since 6.0.0
*/
public function isSessionActive();
/**
* Creates an attribute which is added to the logout hyperlink. It can
* supply any attribute(s) which are valid for <a>.
* Gets the current logout URL
*
* @return string with one or more HTML attributes.
* @since 6.0.0
* @return string
* @since 12.0.3
*/
public function getLogoutAttribute();
public function getLogoutUrl();
/**
* Return the id of the current user

View file

@ -76,10 +76,10 @@ class TwoFactorChallengeControllerTest extends TestCase {
$this->session,
$this->urlGenerator,
])
->setMethods(['getLogoutAttribute'])
->setMethods(['getLogoutUrl'])
->getMock();
$this->controller->expects($this->any())
->method('getLogoutAttribute')
->method('getLogoutUrl')
->willReturn('logoutAttribute');
}
@ -106,7 +106,7 @@ class TwoFactorChallengeControllerTest extends TestCase {
'providers' => $providers,
'backupProvider' => 'backup',
'redirect_url' => '/some/url',
'logout_attribute' => 'logoutAttribute',
'logout_url' => 'logoutAttribute',
], 'guest');
$this->assertEquals($expected, $this->controller->selectChallenge('/some/url'));
@ -155,7 +155,7 @@ class TwoFactorChallengeControllerTest extends TestCase {
'error' => true,
'provider' => $provider,
'backupProvider' => $backupProvider,
'logout_attribute' => 'logoutAttribute',
'logout_url' => 'logoutAttribute',
'template' => '<html/>',
'redirect_url' => '/re/dir/ect/url',
'error_message' => null,

View file

@ -217,6 +217,16 @@ class NavigationManagerTest extends TestCase {
$this->urlGenerator->expects($this->any())->method('linkToRoute')->willReturnCallback(function() {
return "/apps/test/";
});
$this->urlGenerator
->expects($this->once())
->method('linkToRouteAbsolute')
->with(
'core.login.logout',
[
'requesttoken' => \OCP\Util::callRegister(),
]
)
->willReturn('https://example.com/logout');
$user = $this->createMock(IUser::class);
$user->expects($this->any())->method('getUID')->willReturn('user001');
$this->userSession->expects($this->any())->method('getUser')->willReturn($user);
@ -260,7 +270,7 @@ class NavigationManagerTest extends TestCase {
[
'id' => 'logout',
'order' => 99999,
'href' => null,
'href' => 'https://example.com/logout',
'icon' => '/apps/core/img/actions/logout.svg',
'name' => 'Log out',
'active' => false,