mirror of
https://github.com/goharbor/harbor.git
synced 2024-12-27 19:17:47 +01:00
Fix redirect url redirect_url when OIDC auth mode is enabled (#17628)
* fix redirect url for OIDC auth mode Signed-off-by: Maksym Trofimenko <maksym@container-registry.com> * portal lint_fix Signed-off-by: mtrofimenko <gtpoxa@gmail.com> * make linter happy Signed-off-by: mtrofimenko <gtpoxa@gmail.com> Signed-off-by: Maksym Trofimenko <maksym@container-registry.com> Signed-off-by: mtrofimenko <gtpoxa@gmail.com> Co-authored-by: Maksym Trofimenko <maksym@container-registry.com>
This commit is contained in:
parent
c4146667f1
commit
486bdb6b99
@ -35,6 +35,7 @@ import (
|
||||
const tokenKey = "oidc_token"
|
||||
const stateKey = "oidc_state"
|
||||
const userInfoKey = "oidc_user_info"
|
||||
const redirectURLKey = "oidc_redirect_url"
|
||||
const oidcUserComment = "Onboarded via OIDC provider"
|
||||
|
||||
// OIDCController handles requests for OIDC login, callback and user onboard
|
||||
@ -62,6 +63,7 @@ func (oc *OIDCController) RedirectLogin() {
|
||||
oc.SendInternalServerError(err)
|
||||
return
|
||||
}
|
||||
oc.SetSession(redirectURLKey, oc.Ctx.Request.URL.Query().Get("redirect_url"))
|
||||
oc.SetSession(stateKey, state)
|
||||
log.Debugf("State dumped to session: %s", state)
|
||||
// Force to use the func 'Redirect' of beego.Controller
|
||||
@ -85,7 +87,12 @@ func (oc *OIDCController) Callback() {
|
||||
oc.SendBadRequestError(errors.Errorf("OIDC callback returned error: %s - %s", errorCode, errorDescription))
|
||||
return
|
||||
}
|
||||
|
||||
var redirectURLStr string
|
||||
redirectURL := oc.GetSession(redirectURLKey)
|
||||
if redirectURL != nil {
|
||||
redirectURLStr = redirectURL.(string)
|
||||
oc.DelSession(redirectURLKey)
|
||||
}
|
||||
code := oc.Ctx.Request.URL.Query().Get("code")
|
||||
ctx := oc.Ctx.Request.Context()
|
||||
token, err := oidc.ExchangeToken(ctx, code)
|
||||
@ -144,7 +151,7 @@ func (oc *OIDCController) Callback() {
|
||||
u = userRec
|
||||
} else {
|
||||
oc.SetSession(userInfoKey, string(ouDataStr))
|
||||
oc.Controller.Redirect(fmt.Sprintf("/oidc-onboard?username=%s", username), http.StatusFound)
|
||||
oc.Controller.Redirect(fmt.Sprintf("/oidc-onboard?username=%s&redirect_url=%s", username, redirectURLStr), http.StatusFound)
|
||||
// Once redirected, no further actions are done
|
||||
return
|
||||
}
|
||||
@ -170,7 +177,11 @@ func (oc *OIDCController) Callback() {
|
||||
return
|
||||
}
|
||||
oc.PopulateUserSession(*u)
|
||||
oc.Controller.Redirect("/", http.StatusFound)
|
||||
|
||||
if redirectURLStr == "" {
|
||||
redirectURLStr = "/"
|
||||
}
|
||||
oc.Controller.Redirect(redirectURLStr, http.StatusFound)
|
||||
}
|
||||
|
||||
func userOnboard(ctx context.Context, oc *OIDCController, info *oidc.UserInfo, username string, tokenBytes []byte) (*models.User, bool) {
|
||||
|
@ -22,7 +22,7 @@
|
||||
</label>
|
||||
<div class="login-group">
|
||||
<ng-container *ngIf="isOidcLoginMode && steps === 1">
|
||||
<a href="/c/oidc/login">
|
||||
<a href="/c/oidc/login?redirect_url={{ redirectUrl }}">
|
||||
<button
|
||||
type="button"
|
||||
id="log_oidc"
|
||||
|
@ -12,6 +12,7 @@ import { errorHandler } from '../shared/units/shared.utils';
|
||||
})
|
||||
export class OidcOnboardComponent implements OnInit {
|
||||
url: string;
|
||||
redirectUrl: string;
|
||||
errorMessage: string = '';
|
||||
oidcUsername = new UntypedFormControl('');
|
||||
errorOpen: boolean = false;
|
||||
@ -23,6 +24,7 @@ export class OidcOnboardComponent implements OnInit {
|
||||
|
||||
ngOnInit() {
|
||||
this.route.queryParams.subscribe(params => {
|
||||
this.redirectUrl = params['redirect_url'] || '';
|
||||
this.oidcUsername.setValue(params['username'] || '');
|
||||
});
|
||||
}
|
||||
@ -31,7 +33,12 @@ export class OidcOnboardComponent implements OnInit {
|
||||
.oidcSave({ username: this.oidcUsername.value })
|
||||
.subscribe(
|
||||
res => {
|
||||
this.router.navigate([CommonRoutes.HARBOR_DEFAULT]);
|
||||
if (this.redirectUrl === '') {
|
||||
// Routing to the default location
|
||||
this.router.navigateByUrl(CommonRoutes.HARBOR_DEFAULT);
|
||||
} else {
|
||||
this.router.navigateByUrl(this.redirectUrl);
|
||||
}
|
||||
},
|
||||
error => {
|
||||
this.errorMessage = errorHandler(error);
|
||||
|
Loading…
Reference in New Issue
Block a user