references/openproject
1
0
Fork 0
mirror of https://github.com/opf/openproject.git synced 2026-06-14 03:30:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

[#60151] use sso strategy only for oidc provider

Browse Source
This commit is contained in:
Eric Schubert
2025-02-11 15:35:29 +01:00
parent 7b52371953
commit c0888d3ed3
2 changed files with 26 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.editorconfig
-4
View File
@@ -350,10 +350,7 @@ ij_json_spaces_within_brackets = false
ij_json_wrap_long_lines = false ij_json_wrap_long_lines = false
[{rcov,spec,rake,rails,spork,capfile,gemfile,rakefile,guardfile,isolate,vagrantfile,Puppetfile,*.jbuilder,*.rbw,*.gemspec,*.thor,*.ru,*.rb,*.rake}] [{rcov,spec,rake,rails,spork,capfile,gemfile,rakefile,guardfile,isolate,vagrantfile,Puppetfile,*.jbuilder,*.rbw,*.gemspec,*.thor,*.ru,*.rb,*.rake}]
indent_size = 2
tab_width = 2
trim_trailing_whitespace=true trim_trailing_whitespace=true
ij_continuation_indent_size = 2
ij_ruby_align_group_field_declarations = false ij_ruby_align_group_field_declarations = false
ij_ruby_align_multiline_parameters = true ij_ruby_align_multiline_parameters = true
ij_ruby_blank_lines_around_method = 1 ij_ruby_blank_lines_around_method = 1
@@ -364,7 +361,6 @@ ij_ruby_indent_protected_methods = false
ij_ruby_indent_public_methods = false ij_ruby_indent_public_methods = false
ij_ruby_indent_when_cases = false ij_ruby_indent_when_cases = false
ij_ruby_keep_blank_lines_in_declarations = 2 ij_ruby_keep_blank_lines_in_declarations = 2
ij_ruby_keep_indents_on_empty_lines = false
ij_ruby_keep_line_breaks = true ij_ruby_keep_line_breaks = true
ij_ruby_parentheses_around_method_arguments = true ij_ruby_parentheses_around_method_arguments = true
ij_ruby_spaces_around_hashrocket = true ij_ruby_spaces_around_hashrocket = true
modules/storages/app/common/storages/peripherals/storage_interaction/authentication_strategies/nextcloud_strategies.rb
+26 -16
View File
@@ -33,27 +33,37 @@ module Storages
module StorageInteraction module StorageInteraction
module AuthenticationStrategies module AuthenticationStrategies
module NextcloudStrategies module NextcloudStrategies
extend TaggedLogging
UserLess = -> do UserLess = -> do
::Storages::Peripherals::StorageInteraction::AuthenticationStrategies::BasicAuth.strategy ::Storages::Peripherals::StorageInteraction::AuthenticationStrategies::BasicAuth.strategy
end end
UserBound = ->(user:, storage:) do class UserBound
with_tagged_logger do class << self
sso_preferred = storage.audience.present? && user.authentication_provider.present? include TaggedLogging
if sso_preferred def call(user:, storage:)
::Storages::Peripherals::StorageInteraction::AuthenticationStrategies::SsoUserToken with_tagged_logger do
.strategy sso_preferred = storage.audience.present? && oidc_provider_for(user)
.with_user(user)
elsif storage.oauth_client.present? if sso_preferred
::Storages::Peripherals::StorageInteraction::AuthenticationStrategies::OAuthUserToken ::Storages::Peripherals::StorageInteraction::AuthenticationStrategies::SsoUserToken
.strategy .strategy
.with_user(user) .with_user(user)
else elsif storage.oauth_client.present?
error "No user-bound authentication strategy applicable for file storage #{storage.id}." ::Storages::Peripherals::StorageInteraction::AuthenticationStrategies::OAuthUserToken
::Storages::Peripherals::StorageInteraction::AuthenticationStrategies::Failure.strategy .strategy
.with_user(user)
else
error "No user-bound authentication strategy applicable for file storage #{storage.id}."
::Storages::Peripherals::StorageInteraction::AuthenticationStrategies::Failure.strategy
end
end
end
private
def oidc_provider_for(user)
user.authentication_provider.is_a?(OpenIDConnect::Provider)
end end
end end
end end