mirror of
https://github.com/bewcloud/bewcloud.git
synced 2026-03-11 08:54:49 +00:00
feat: enableSingleSignOnSignUp support
This commit is contained in:
parent
917649b97a
commit
52fa2fcb50
3 changed files with 6 additions and 4 deletions
|
|
@ -16,6 +16,7 @@ export class AppConfig {
|
|||
allowedCookieDomains: [],
|
||||
skipCookieDomainSecurity: false,
|
||||
enableSingleSignOn: false,
|
||||
enableSingleSignOnSignUp: false,
|
||||
singleSignOnUrl: '',
|
||||
singleSignOnEmailAttribute: 'email',
|
||||
singleSignOnScopes: ['openid', 'email'],
|
||||
|
|
@ -117,11 +118,10 @@ export class AppConfig {
|
|||
return this.config;
|
||||
}
|
||||
|
||||
static async isSignupAllowed(): Promise<boolean> {
|
||||
static async isSignupAllowed(sso: boolean=false): Promise<boolean> {
|
||||
await this.loadConfig();
|
||||
|
||||
const areSignupsAllowed = this.config.auth.allowSignups;
|
||||
|
||||
const areSignupsAllowed = (sso) ? this.config.auth.enableSingleSignOnSignUp : this.config.auth.allowSignups;
|
||||
const areThereAdmins = await UserModel.isThereAnAdmin();
|
||||
|
||||
if (areSignupsAllowed || !areThereAdmins) {
|
||||
|
|
|
|||
|
|
@ -169,7 +169,7 @@ export class OidcModel {
|
|||
throw new Error(`Missing user/${emailAttribute}`);
|
||||
}
|
||||
|
||||
const isSignupAllowed = await AppConfig.isSignupAllowed();
|
||||
const isSignupAllowed = await AppConfig.isSignupAllowed(true);
|
||||
const isThereAnAdmin = await UserModel.isThereAnAdmin();
|
||||
|
||||
// Confirm the user exists (or signup if allowed)
|
||||
|
|
|
|||
|
|
@ -159,6 +159,8 @@ export interface Config {
|
|||
skipCookieDomainSecurity: boolean;
|
||||
/** If true, single sign-on will be enabled */
|
||||
enableSingleSignOn: boolean;
|
||||
/** If true, single sign-on signups will be enabled overriding allowSignups */
|
||||
enableSingleSignOnSignUp: boolean;
|
||||
/** The Discovery URL (AKA Issuer) of the identity/single sign-on provider */
|
||||
singleSignOnUrl: string;
|
||||
/** The attribute to prefer as email of the identity/single sign-on provider */
|
||||
|
|
|
|||
Loading…
Reference in a new issue