viscous/espocrm
1
0
Fork 0
mirror of https://github.com/espocrm/espocrm.git synced 2026-06-28 06:56:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

oidc authentication prompt param in UI

Browse Source
This commit is contained in:
Yuri Kuznetsov
2024-05-10 10:17:25 +03:00
parent ecee6e7477
commit 55be65d48c
7 changed files with 46 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
application/Espo/Core/Authentication/Oidc/ConfigDataProvider.php
View File

@@ -214,7 +214,7 @@ class ConfigDataProvider
public function getAuthorizationPrompt(): string
{
return $this->config->get('oidcAuthorizationPrompt') ?? 'consent';
return $this->object->get('oidcAuthorizationPrompt') ?? 'consent';
}
public function getAuthorizationMaxAge(): ?int

19
application/Espo/Core/Upgrades/Migrations/V8_3/AfterUpgrade.php
View File

@@ -31,7 +31,9 @@ namespace Espo\Core\Upgrades\Migrations\V8_3;
use Espo\Core\Templates\Entities\Event;
use Espo\Core\Upgrades\Migration\Script;
use Espo\Core\Utils\Config;
use Espo\Core\Utils\Metadata;
use Espo\Entities\AuthenticationProvider;
use Espo\Entities\Role;
use Espo\ORM\EntityManager;
use Espo\ORM\Query\Part\Expression;
@@ -41,13 +43,15 @@ class AfterUpgrade implements Script
{
public function __construct(
private EntityManager $entityManager,
private Metadata $metadata
private Metadata $metadata,
private Config $config
) {}
public function run(): void
{
$this->updateRoles();
$this->updateMetadata();
$this->updateAuthenticationProviders();
}
private function updateRoles(): void
@@ -97,4 +101,17 @@ class AfterUpgrade implements Script
$this->metadata->saveCustom('clientDefs', $entityType, $clientDefs);
}
}
private function updateAuthenticationProviders(): void
{
$collection = $this->entityManager->getRDBRepositoryByClass(AuthenticationProvider::class)
->where(['method' => 'Oidc'])
->find();
foreach ($collection as $entity) {
$entity->set('oidcAuthorizationPrompt', $this->config->get('oidcAuthorizationPrompt'));
$this->entityManager->saveEntity($entity);
}
}
}

1
application/Espo/Resources/defaults/config.php
View File

@@ -287,6 +287,7 @@ return [
'oidcUsernameClaim' => 'sub',
'oidcFallback' => true,
'oidcScopes' => ['profile', 'email', 'phone'],
'oidcAuthorizationPrompt' => 'consent',
'listViewSettingsDisabled' => false,
'cleanupDeletedRecords' => true,
'phoneNumberNumericSearch' => true,

1
application/Espo/Resources/i18n/en_US/Settings.json
View File

@@ -168,6 +168,7 @@
"oidcAllowRegularUserFallback": "OIDC Allow fallback login for regular users",
"oidcAllowAdminUser": "OIDC Allow OIDC login for admin users",
"oidcLogoutUrl": "OIDC Logout URL",
"oidcAuthorizationPrompt": "OIDC Authorization Prompt",
"pdfEngine": "PDF Engine",
"quickSearchFullTextAppendWildcard": "Append wildcard in quick search",
"authIpAddressCheck": "Restrict access by IP address",

6
application/Espo/Resources/metadata/authenticationMethods/Oidc.json
View File

@@ -93,6 +93,12 @@
{
"name": "oidcLogoutUrl"
}
],
[
{
"name": "oidcAuthorizationPrompt"
},
false
]
]
},

10
application/Espo/Resources/metadata/entityDefs/AuthenticationProvider.json
View File

@@ -70,6 +70,16 @@
"oidcLogoutUrl": {
"type": "varchar",
"tooltip": true
},
"oidcAuthorizationPrompt": {
"type": "enum",
"options": [
"none",
"consent",
"login",
"select_account"
],
"maxLength": 14
}
}
}

9
application/Espo/Resources/metadata/entityDefs/Settings.json
View File

@@ -888,6 +888,15 @@
"type": "varchar",
"tooltip": true
},
"oidcAuthorizationPrompt": {
"type": "enum",
"options": [
"none",
"consent",
"login",
"select_account"
]
},
"pdfEngine": {
"type": "enum",
"view": "views/settings/fields/pdf-engine"