Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-11-05 01:59:44 +01:00
Code Issues Projects Releases Wiki Activity

Fix redirect url redirect_url when OIDC auth mode is enabled (#17628)

Browse Source 
* fix redirect url for OIDC auth mode

Signed-off-by: Maksym Trofimenko <maksym@container-registry.com>

* portal lint_fix

Signed-off-by: mtrofimenko <gtpoxa@gmail.com>

* make linter happy

Signed-off-by: mtrofimenko <gtpoxa@gmail.com>

Signed-off-by: Maksym Trofimenko <maksym@container-registry.com>
Signed-off-by: mtrofimenko <gtpoxa@gmail.com>
Co-authored-by: Maksym Trofimenko <maksym@container-registry.com>
This commit is contained in:
Maksym Trofimenko 2022-10-21 07:38:13 +01:00 committed by GitHub
parent c4146667f1
commit 486bdb6b99
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 23 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/core/controllers/oidc.go
View File

@ -35,6 +35,7 @@ import (
const tokenKey = "oidc_token" const tokenKey = "oidc_token"
const stateKey = "oidc_state" const stateKey = "oidc_state"
const userInfoKey = "oidc_user_info" const userInfoKey = "oidc_user_info"
const redirectURLKey = "oidc_redirect_url"
const oidcUserComment = "Onboarded via OIDC provider" const oidcUserComment = "Onboarded via OIDC provider"
// OIDCController handles requests for OIDC login, callback and user onboard // OIDCController handles requests for OIDC login, callback and user onboard
@ -62,6 +63,7 @@ func (oc *OIDCController) RedirectLogin() {
oc.SendInternalServerError(err) oc.SendInternalServerError(err)
return return
} }
oc.SetSession(redirectURLKey, oc.Ctx.Request.URL.Query().Get("redirect_url"))
oc.SetSession(stateKey, state) oc.SetSession(stateKey, state)
log.Debugf("State dumped to session: %s", state) log.Debugf("State dumped to session: %s", state)
// Force to use the func 'Redirect' of beego.Controller // Force to use the func 'Redirect' of beego.Controller
@ -85,7 +87,12 @@ func (oc *OIDCController) Callback() {
oc.SendBadRequestError(errors.Errorf("OIDC callback returned error: %s - %s", errorCode, errorDescription)) oc.SendBadRequestError(errors.Errorf("OIDC callback returned error: %s - %s", errorCode, errorDescription))
return return
} }
var redirectURLStr string
redirectURL := oc.GetSession(redirectURLKey)
if redirectURL != nil {
redirectURLStr = redirectURL.(string)
oc.DelSession(redirectURLKey)
}
code := oc.Ctx.Request.URL.Query().Get("code") code := oc.Ctx.Request.URL.Query().Get("code")
ctx := oc.Ctx.Request.Context() ctx := oc.Ctx.Request.Context()
token, err := oidc.ExchangeToken(ctx, code) token, err := oidc.ExchangeToken(ctx, code)
@ -144,7 +151,7 @@ func (oc *OIDCController) Callback() {
u = userRec u = userRec
} else { } else {
oc.SetSession(userInfoKey, string(ouDataStr)) oc.SetSession(userInfoKey, string(ouDataStr))
oc.Controller.Redirect(fmt.Sprintf("/oidc-onboard?username=%s", username), http.StatusFound) oc.Controller.Redirect(fmt.Sprintf("/oidc-onboard?username=%s&redirect_url=%s", username, redirectURLStr), http.StatusFound)
// Once redirected, no further actions are done // Once redirected, no further actions are done
return return
} }
@ -170,7 +177,11 @@ func (oc *OIDCController) Callback() {
return return
} }
oc.PopulateUserSession(*u) oc.PopulateUserSession(*u)
oc.Controller.Redirect("/", http.StatusFound)
if redirectURLStr == "" {
redirectURLStr = "/"
}
oc.Controller.Redirect(redirectURLStr, http.StatusFound)
} }
func userOnboard(ctx context.Context, oc *OIDCController, info *oidc.UserInfo, username string, tokenBytes []byte) (*models.User, bool) { func userOnboard(ctx context.Context, oc *OIDCController, info *oidc.UserInfo, username string, tokenBytes []byte) (*models.User, bool) {

2
src/portal/src/app/account/sign-in/sign-in.component.html
View File

@ -22,7 +22,7 @@
</label> </label>
<div class="login-group"> <div class="login-group">
<ng-container *ngIf="isOidcLoginMode && steps === 1"> <ng-container *ngIf="isOidcLoginMode && steps === 1">
<a href="/c/oidc/login"> <a href="/c/oidc/login?redirect_url={{ redirectUrl }}">
<button <button
type="button" type="button"
id="log_oidc" id="log_oidc"

9
src/portal/src/app/oidc-onboard/oidc-onboard.component.ts
View File

@ -12,6 +12,7 @@ import { errorHandler } from '../shared/units/shared.utils';
}) })
export class OidcOnboardComponent implements OnInit { export class OidcOnboardComponent implements OnInit {
url: string; url: string;
redirectUrl: string;
errorMessage: string = ''; errorMessage: string = '';
oidcUsername = new UntypedFormControl(''); oidcUsername = new UntypedFormControl('');
errorOpen: boolean = false; errorOpen: boolean = false;
@ -23,6 +24,7 @@ export class OidcOnboardComponent implements OnInit {
ngOnInit() { ngOnInit() {
this.route.queryParams.subscribe(params => { this.route.queryParams.subscribe(params => {
this.redirectUrl = params['redirect_url'] || '';
this.oidcUsername.setValue(params['username'] || ''); this.oidcUsername.setValue(params['username'] || '');
}); });
} }
@ -31,7 +33,12 @@ export class OidcOnboardComponent implements OnInit {
.oidcSave({ username: this.oidcUsername.value }) .oidcSave({ username: this.oidcUsername.value })
.subscribe( .subscribe(
res => { res => {
this.router.navigate([CommonRoutes.HARBOR_DEFAULT]); if (this.redirectUrl === '') {
// Routing to the default location
this.router.navigateByUrl(CommonRoutes.HARBOR_DEFAULT);
} else {
this.router.navigateByUrl(this.redirectUrl);
}
}, },
error => { error => {
this.errorMessage = errorHandler(error); this.errorMessage = errorHandler(error);