From 02198855481992a9bf3a98263743636a2052b951 Mon Sep 17 00:00:00 2001 From: Shuttleu Date: Fri, 16 Feb 2024 17:48:40 +0000 Subject: [PATCH] Add ability to prevent OIDC redirect (#6544) * Add ability to prevent OIDC redirect * Fix Typing on optional boolean * Fix lint * Fix lint * Rename var from PREVENT to DISABLE --------- Co-authored-by: Tom Moor --- app.json | 4 ++++ app/scenes/Login/index.tsx | 6 +++++- server/env.ts | 30 ++++++++++++++++++++++++++++++ server/presenters/env.ts | 2 +- shared/types.ts | 1 + 5 files changed, 41 insertions(+), 2 deletions(-) diff --git a/app.json b/app.json index fe4d8bd9b..ebcd28128 100644 --- a/app.json +++ b/app.json @@ -81,6 +81,10 @@ "description": "", "required": false }, + "OIDC_DISABLE_REDIRECT": { + "description": "Prevent the app from automatically redirecting to the OIDC login page", + "required": false + }, "OIDC_LOGOUT_URI": { "description": "", "required": false diff --git a/app/scenes/Login/index.tsx b/app/scenes/Login/index.tsx index 9a9650b48..70e142bea 100644 --- a/app/scenes/Login/index.tsx +++ b/app/scenes/Login/index.tsx @@ -229,7 +229,11 @@ function Login({ children }: Props) { } // If there is only one provider and it's OIDC, redirect immediately. - if (config.providers.length === 1 && config.providers[0].id === "oidc") { + if ( + config.providers.length === 1 && + config.providers[0].id === "oidc" && + !env.OIDC_DISABLE_REDIRECT + ) { window.location.href = getRedirectUrl(config.providers[0].authUrl); return null; } diff --git a/server/env.ts b/server/env.ts index 2c048f869..dec111b0f 100644 --- a/server/env.ts +++ b/server/env.ts @@ -499,6 +499,16 @@ export class Environment { process.env.OIDC_USERINFO_URI ); + /** + * Disable autoredirect to the OIDC login page if there is only one + * authentication method and that method is OIDC. + */ + @IsOptional() + @IsBoolean() + public OIDC_DISABLE_REDIRECT = this.toOptionalBoolean( + process.env.OIDC_DISABLE_REDIRECT + ); + /** * The OIDC logout endpoint. */ @@ -776,6 +786,26 @@ export class Environment { ); } } + + /** + * Convert a string to an optional boolean. Supports the following: + * + * 0 = false + * 1 = true + * "true" = true + * "false" = false + * "" = undefined + * + * @param value The string to convert + * @returns A boolean or undefined + */ + private toOptionalBoolean(value: string | undefined) { + try { + return value ? !!JSON.parse(value) : undefined; + } catch (err) { + return undefined; + } + } } const env = new Environment(); diff --git a/server/presenters/env.ts b/server/presenters/env.ts index edaaeca61..0b98975b4 100644 --- a/server/presenters/env.ts +++ b/server/presenters/env.ts @@ -33,8 +33,8 @@ export default function present( process.env.SOURCE_COMMIT || process.env.SOURCE_VERSION || undefined, APP_NAME: env.APP_NAME, ROOT_SHARE_ID: options.rootShareId || undefined, + OIDC_DISABLE_REDIRECT: env.OIDC_DISABLE_REDIRECT || undefined, OIDC_LOGOUT_URI: env.OIDC_LOGOUT_URI || undefined, - analytics: { service: options.analytics?.service, settings: options.analytics?.settings, diff --git a/shared/types.ts b/shared/types.ts index 714b6eea8..f8c970ada 100644 --- a/shared/types.ts +++ b/shared/types.ts @@ -61,6 +61,7 @@ export type PublicEnv = { RELEASE: string | undefined; APP_NAME: string; ROOT_SHARE_ID?: string; + OIDC_DISABLE_REDIRECT?: boolean; OIDC_LOGOUT_URI?: string; analytics: { service?: IntegrationService | UserCreatableIntegrationService;