2014-05-05 11:32:47 +02:00
// Copyright 2014 The Gogs Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
2014-05-03 04:48:14 +02:00
package admin
import (
2019-11-23 00:33:31 +01:00
"errors"
2016-03-06 00:08:42 +01:00
"fmt"
2021-04-05 17:30:52 +02:00
"net/http"
2021-11-16 19:18:25 +01:00
"net/url"
2019-11-23 00:33:31 +01:00
"regexp"
2021-11-16 19:18:25 +01:00
"strconv"
2021-12-14 09:37:11 +01:00
"strings"
2016-03-06 00:08:42 +01:00
2022-01-02 14:12:35 +01:00
"code.gitea.io/gitea/models/auth"
2020-10-23 12:10:29 +02:00
"code.gitea.io/gitea/modules/auth/pam"
2016-11-10 17:24:48 +01:00
"code.gitea.io/gitea/modules/base"
"code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
2019-11-23 00:33:31 +01:00
"code.gitea.io/gitea/modules/util"
2021-01-26 16:36:53 +01:00
"code.gitea.io/gitea/modules/web"
2021-09-24 13:32:56 +02:00
auth_service "code.gitea.io/gitea/services/auth"
2021-07-24 12:16:34 +02:00
"code.gitea.io/gitea/services/auth/source/ldap"
"code.gitea.io/gitea/services/auth/source/oauth2"
2022-01-02 14:12:35 +01:00
pam_service "code.gitea.io/gitea/services/auth/source/pam"
2021-07-24 12:16:34 +02:00
"code.gitea.io/gitea/services/auth/source/smtp"
"code.gitea.io/gitea/services/auth/source/sspi"
2021-04-06 21:44:05 +02:00
"code.gitea.io/gitea/services/forms"
2017-05-01 15:26:53 +02:00
2020-03-22 16:12:55 +01:00
"xorm.io/xorm/convert"
2014-05-03 04:48:14 +02:00
)
2014-06-22 19:14:03 +02:00
const (
2016-11-21 04:21:24 +01:00
tplAuths base . TplName = "admin/auth/list"
tplAuthNew base . TplName = "admin/auth/new"
tplAuthEdit base . TplName = "admin/auth/edit"
2014-06-22 19:14:03 +02:00
)
2019-11-23 00:33:31 +01:00
var (
separatorAntiPattern = regexp . MustCompile ( ` [^\w-\.] ` )
langCodePattern = regexp . MustCompile ( ` ^[a-z] { 2}-[A-Z] { 2}$ ` )
)
2016-11-21 04:21:24 +01:00
// Authentications show authentication config page
2016-03-11 17:56:52 +01:00
func Authentications ( ctx * context . Context ) {
2014-08-29 14:50:43 +02:00
ctx . Data [ "Title" ] = ctx . Tr ( "admin.authentication" )
ctx . Data [ "PageIsAdmin" ] = true
ctx . Data [ "PageIsAdminAuthentications" ] = true
var err error
2022-01-02 14:12:35 +01:00
ctx . Data [ "Sources" ] , err = auth . Sources ( )
2014-08-29 14:50:43 +02:00
if err != nil {
2022-01-02 14:12:35 +01:00
ctx . ServerError ( "auth.Sources" , err )
2014-08-29 14:50:43 +02:00
return
}
2015-09-10 21:45:03 +02:00
2022-01-02 14:12:35 +01:00
ctx . Data [ "Total" ] = auth . CountSources ( )
2021-04-05 17:30:52 +02:00
ctx . HTML ( http . StatusOK , tplAuths )
2014-08-29 14:50:43 +02:00
}
2016-07-08 01:25:09 +02:00
type dropdownItem struct {
2015-09-10 23:11:41 +02:00
Name string
2016-07-08 01:25:09 +02:00
Type interface { }
2015-09-10 23:11:41 +02:00
}
2016-07-08 01:25:09 +02:00
var (
2020-10-23 12:10:29 +02:00
authSources = func ( ) [ ] dropdownItem {
items := [ ] dropdownItem {
2022-01-02 14:12:35 +01:00
{ auth . LDAP . String ( ) , auth . LDAP } ,
{ auth . DLDAP . String ( ) , auth . DLDAP } ,
{ auth . SMTP . String ( ) , auth . SMTP } ,
{ auth . OAuth2 . String ( ) , auth . OAuth2 } ,
{ auth . SSPI . String ( ) , auth . SSPI } ,
2020-10-23 12:10:29 +02:00
}
if pam . Supported {
2022-01-02 14:12:35 +01:00
items = append ( items , dropdownItem { auth . Names [ auth . PAM ] , auth . PAM } )
2020-10-23 12:10:29 +02:00
}
return items
} ( )
2016-07-08 01:25:09 +02:00
securityProtocols = [ ] dropdownItem {
2021-07-24 12:16:34 +02:00
{ ldap . SecurityProtocolNames [ ldap . SecurityProtocolUnencrypted ] , ldap . SecurityProtocolUnencrypted } ,
{ ldap . SecurityProtocolNames [ ldap . SecurityProtocolLDAPS ] , ldap . SecurityProtocolLDAPS } ,
{ ldap . SecurityProtocolNames [ ldap . SecurityProtocolStartTLS ] , ldap . SecurityProtocolStartTLS } ,
2016-07-08 01:25:09 +02:00
}
)
2015-09-10 23:11:41 +02:00
2016-11-21 04:21:24 +01:00
// NewAuthSource render adding a new auth source page
2016-03-11 17:56:52 +01:00
func NewAuthSource ( ctx * context . Context ) {
2014-08-29 14:50:43 +02:00
ctx . Data [ "Title" ] = ctx . Tr ( "admin.auths.new" )
ctx . Data [ "PageIsAdmin" ] = true
ctx . Data [ "PageIsAdminAuthentications" ] = true
2015-09-10 23:11:41 +02:00
2022-01-02 14:12:35 +01:00
ctx . Data [ "type" ] = auth . LDAP
ctx . Data [ "CurrentTypeName" ] = auth . Names [ auth . LDAP ]
2021-07-24 12:16:34 +02:00
ctx . Data [ "CurrentSecurityProtocol" ] = ldap . SecurityProtocolNames [ ldap . SecurityProtocolUnencrypted ]
2015-09-10 23:11:41 +02:00
ctx . Data [ "smtp_auth" ] = "PLAIN"
ctx . Data [ "is_active" ] = true
2017-05-10 15:10:18 +02:00
ctx . Data [ "is_sync_enabled" ] = true
2015-09-10 23:11:41 +02:00
ctx . Data [ "AuthSources" ] = authSources
2016-07-08 01:25:09 +02:00
ctx . Data [ "SecurityProtocols" ] = securityProtocols
2021-07-24 12:16:34 +02:00
ctx . Data [ "SMTPAuths" ] = smtp . Authenticators
2021-08-06 03:11:08 +02:00
oauth2providers := oauth2 . GetOAuth2Providers ( )
ctx . Data [ "OAuth2Providers" ] = oauth2providers
2017-02-22 08:14:37 +01:00
2019-11-23 00:33:31 +01:00
ctx . Data [ "SSPIAutoCreateUsers" ] = true
ctx . Data [ "SSPIAutoActivateUsers" ] = true
ctx . Data [ "SSPIStripDomainNames" ] = true
ctx . Data [ "SSPISeparatorReplacement" ] = "_"
ctx . Data [ "SSPIDefaultLanguage" ] = ""
2017-02-22 08:14:37 +01:00
// only the first as default
2021-08-06 03:11:08 +02:00
ctx . Data [ "oauth2_provider" ] = oauth2providers [ 0 ]
2017-02-22 08:14:37 +01:00
2021-04-05 17:30:52 +02:00
ctx . HTML ( http . StatusOK , tplAuthNew )
2014-05-03 04:48:14 +02:00
}
2021-07-24 12:16:34 +02:00
func parseLDAPConfig ( form forms . AuthenticationForm ) * ldap . Source {
2018-05-05 16:30:47 +02:00
var pageSize uint32
if form . UsePagedSearch {
pageSize = uint32 ( form . SearchPageSize )
}
2021-07-24 12:16:34 +02:00
return & ldap . Source {
Name : form . Name ,
Host : form . Host ,
Port : form . Port ,
SecurityProtocol : ldap . SecurityProtocol ( form . SecurityProtocol ) ,
SkipVerify : form . SkipVerify ,
BindDN : form . BindDN ,
UserDN : form . UserDN ,
BindPassword : form . BindPassword ,
UserBase : form . UserBase ,
AttributeUsername : form . AttributeUsername ,
AttributeName : form . AttributeName ,
AttributeSurname : form . AttributeSurname ,
AttributeMail : form . AttributeMail ,
AttributesInBind : form . AttributesInBind ,
AttributeSSHPublicKey : form . AttributeSSHPublicKey ,
2021-09-27 04:39:36 +02:00
AttributeAvatar : form . AttributeAvatar ,
2021-07-24 12:16:34 +02:00
SearchPageSize : pageSize ,
Filter : form . Filter ,
GroupsEnabled : form . GroupsEnabled ,
GroupDN : form . GroupDN ,
GroupFilter : form . GroupFilter ,
GroupMemberUID : form . GroupMemberUID ,
2022-02-11 15:24:58 +01:00
GroupTeamMap : form . GroupTeamMap ,
GroupTeamMapRemoval : form . GroupTeamMapRemoval ,
2021-07-24 12:16:34 +02:00
UserUID : form . UserUID ,
AdminFilter : form . AdminFilter ,
RestrictedFilter : form . RestrictedFilter ,
AllowDeactivateAll : form . AllowDeactivateAll ,
Enabled : true ,
2021-09-17 13:43:47 +02:00
SkipLocalTwoFA : form . SkipLocalTwoFA ,
2015-09-11 18:03:08 +02:00
}
}
2021-07-24 12:16:34 +02:00
func parseSMTPConfig ( form forms . AuthenticationForm ) * smtp . Source {
return & smtp . Source {
2015-09-11 19:32:33 +02:00
Auth : form . SMTPAuth ,
Host : form . SMTPHost ,
Port : form . SMTPPort ,
AllowedDomains : form . AllowedDomains ,
2021-08-11 22:42:58 +02:00
ForceSMTPS : form . ForceSMTPS ,
2015-09-11 19:32:33 +02:00
SkipVerify : form . SkipVerify ,
2021-08-11 22:42:58 +02:00
HeloHostname : form . HeloHostname ,
DisableHelo : form . DisableHelo ,
2021-09-27 03:02:01 +02:00
SkipLocalTwoFA : form . SkipLocalTwoFA ,
2015-09-11 18:03:08 +02:00
}
}
2021-07-24 12:16:34 +02:00
func parseOAuth2Config ( form forms . AuthenticationForm ) * oauth2 . Source {
2017-05-01 15:26:53 +02:00
var customURLMapping * oauth2 . CustomURLMapping
if form . Oauth2UseCustomURL {
customURLMapping = & oauth2 . CustomURLMapping {
TokenURL : form . Oauth2TokenURL ,
AuthURL : form . Oauth2AuthURL ,
ProfileURL : form . Oauth2ProfileURL ,
EmailURL : form . Oauth2EmailURL ,
2021-08-06 03:11:08 +02:00
Tenant : form . Oauth2Tenant ,
2017-05-01 15:26:53 +02:00
}
} else {
customURLMapping = nil
}
2022-03-08 19:56:40 +01:00
var scopes [ ] string
for _ , s := range strings . Split ( form . Oauth2Scopes , "," ) {
s = strings . TrimSpace ( s )
if s != "" {
scopes = append ( scopes , s )
}
}
2021-07-24 12:16:34 +02:00
return & oauth2 . Source {
2017-05-01 15:26:53 +02:00
Provider : form . Oauth2Provider ,
ClientID : form . Oauth2Key ,
ClientSecret : form . Oauth2Secret ,
OpenIDConnectAutoDiscoveryURL : form . OpenIDConnectAutoDiscoveryURL ,
CustomURLMapping : customURLMapping ,
2020-12-28 03:35:55 +01:00
IconURL : form . Oauth2IconURL ,
2022-03-08 19:56:40 +01:00
Scopes : scopes ,
2021-12-14 09:37:11 +01:00
RequiredClaimName : form . Oauth2RequiredClaimName ,
RequiredClaimValue : form . Oauth2RequiredClaimValue ,
2021-09-10 18:37:57 +02:00
SkipLocalTwoFA : form . SkipLocalTwoFA ,
2022-01-31 21:41:11 +01:00
GroupClaimName : form . Oauth2GroupClaimName ,
RestrictedGroup : form . Oauth2RestrictedGroup ,
AdminGroup : form . Oauth2AdminGroup ,
2017-02-22 08:14:37 +01:00
}
}
2021-07-24 12:16:34 +02:00
func parseSSPIConfig ( ctx * context . Context , form forms . AuthenticationForm ) ( * sspi . Source , error ) {
2019-11-23 00:33:31 +01:00
if util . IsEmptyString ( form . SSPISeparatorReplacement ) {
ctx . Data [ "Err_SSPISeparatorReplacement" ] = true
return nil , errors . New ( ctx . Tr ( "form.SSPISeparatorReplacement" ) + ctx . Tr ( "form.require_error" ) )
}
if separatorAntiPattern . MatchString ( form . SSPISeparatorReplacement ) {
ctx . Data [ "Err_SSPISeparatorReplacement" ] = true
return nil , errors . New ( ctx . Tr ( "form.SSPISeparatorReplacement" ) + ctx . Tr ( "form.alpha_dash_dot_error" ) )
}
if form . SSPIDefaultLanguage != "" && ! langCodePattern . MatchString ( form . SSPIDefaultLanguage ) {
ctx . Data [ "Err_SSPIDefaultLanguage" ] = true
return nil , errors . New ( ctx . Tr ( "form.lang_select_error" ) )
}
2021-07-24 12:16:34 +02:00
return & sspi . Source {
2019-11-23 00:33:31 +01:00
AutoCreateUsers : form . SSPIAutoCreateUsers ,
AutoActivateUsers : form . SSPIAutoActivateUsers ,
StripDomainNames : form . SSPIStripDomainNames ,
SeparatorReplacement : form . SSPISeparatorReplacement ,
DefaultLanguage : form . SSPIDefaultLanguage ,
} , nil
}
2016-11-21 04:21:24 +01:00
// NewAuthSourcePost response for adding an auth source
2021-01-26 16:36:53 +01:00
func NewAuthSourcePost ( ctx * context . Context ) {
2021-04-06 21:44:05 +02:00
form := * web . GetForm ( ctx ) . ( * forms . AuthenticationForm )
2014-08-29 14:50:43 +02:00
ctx . Data [ "Title" ] = ctx . Tr ( "admin.auths.new" )
ctx . Data [ "PageIsAdmin" ] = true
ctx . Data [ "PageIsAdminAuthentications" ] = true
2015-09-10 23:11:41 +02:00
2022-01-02 14:12:35 +01:00
ctx . Data [ "CurrentTypeName" ] = auth . Type ( form . Type ) . String ( )
2021-07-24 12:16:34 +02:00
ctx . Data [ "CurrentSecurityProtocol" ] = ldap . SecurityProtocolNames [ ldap . SecurityProtocol ( form . SecurityProtocol ) ]
2015-09-10 23:11:41 +02:00
ctx . Data [ "AuthSources" ] = authSources
2016-07-08 01:25:09 +02:00
ctx . Data [ "SecurityProtocols" ] = securityProtocols
2021-07-24 12:16:34 +02:00
ctx . Data [ "SMTPAuths" ] = smtp . Authenticators
2021-08-06 03:11:08 +02:00
oauth2providers := oauth2 . GetOAuth2Providers ( )
ctx . Data [ "OAuth2Providers" ] = oauth2providers
2014-05-03 04:48:14 +02:00
2019-11-23 00:33:31 +01:00
ctx . Data [ "SSPIAutoCreateUsers" ] = true
ctx . Data [ "SSPIAutoActivateUsers" ] = true
ctx . Data [ "SSPIStripDomainNames" ] = true
ctx . Data [ "SSPISeparatorReplacement" ] = "_"
ctx . Data [ "SSPIDefaultLanguage" ] = ""
2022-03-08 19:56:40 +01:00
// FIXME: most error path to render tplAuthNew will fail and result in 500
// * template: admin/auth/new:17:68: executing "admin/auth/new" at <.type.Int>: can't evaluate field Int in type interface {}
// * template: admin/auth/source/oauth:5:93: executing "admin/auth/source/oauth" at <.oauth2_provider.Name>: can't evaluate field Name in type interface {}
2016-07-08 01:25:09 +02:00
hasTLS := false
2020-03-22 16:12:55 +01:00
var config convert . Conversion
2022-01-02 14:12:35 +01:00
switch auth . Type ( form . Type ) {
case auth . LDAP , auth . DLDAP :
2015-09-11 18:03:08 +02:00
config = parseLDAPConfig ( form )
2016-11-07 17:38:43 +01:00
hasTLS = ldap . SecurityProtocol ( form . SecurityProtocol ) > ldap . SecurityProtocolUnencrypted
2022-01-02 14:12:35 +01:00
case auth . SMTP :
2015-09-11 18:03:08 +02:00
config = parseSMTPConfig ( form )
2016-07-08 01:25:09 +02:00
hasTLS = true
2022-01-02 14:12:35 +01:00
case auth . PAM :
config = & pam_service . Source {
2021-09-27 03:02:01 +02:00
ServiceName : form . PAMServiceName ,
EmailDomain : form . PAMEmailDomain ,
SkipLocalTwoFA : form . SkipLocalTwoFA ,
2015-04-23 13:58:57 +02:00
}
2022-01-02 14:12:35 +01:00
case auth . OAuth2 :
2017-02-22 08:14:37 +01:00
config = parseOAuth2Config ( form )
2022-01-02 14:12:35 +01:00
case auth . SSPI :
2019-11-23 00:33:31 +01:00
var err error
config , err = parseSSPIConfig ( ctx , form )
if err != nil {
ctx . RenderWithErr ( err . Error ( ) , tplAuthNew , form )
return
}
2022-01-02 14:12:35 +01:00
existing , err := auth . SourcesByType ( auth . SSPI )
2019-11-23 00:33:31 +01:00
if err != nil || len ( existing ) > 0 {
ctx . Data [ "Err_Type" ] = true
ctx . RenderWithErr ( ctx . Tr ( "admin.auths.login_source_of_type_exist" ) , tplAuthNew , form )
return
}
2014-05-11 13:43:57 +02:00
default :
2021-04-05 17:30:52 +02:00
ctx . Error ( http . StatusBadRequest )
2014-05-11 13:43:57 +02:00
return
2014-05-11 12:10:37 +02:00
}
2016-07-08 01:25:09 +02:00
ctx . Data [ "HasTLS" ] = hasTLS
if ctx . HasError ( ) {
2021-04-05 17:30:52 +02:00
ctx . HTML ( http . StatusOK , tplAuthNew )
2016-07-08 01:25:09 +02:00
return
}
2014-05-11 12:10:37 +02:00
2022-01-02 14:12:35 +01:00
if err := auth . CreateSource ( & auth . Source {
Type : auth . Type ( form . Type ) ,
2017-05-10 15:10:18 +02:00
Name : form . Name ,
2021-07-24 12:16:34 +02:00
IsActive : form . IsActive ,
2017-05-10 15:10:18 +02:00
IsSyncEnabled : form . IsSyncEnabled ,
Cfg : config ,
2015-09-11 18:03:08 +02:00
} ) ; err != nil {
2022-01-02 14:12:35 +01:00
if auth . IsErrSourceAlreadyExist ( err ) {
2016-08-31 09:56:10 +02:00
ctx . Data [ "Err_Name" ] = true
2022-01-02 14:12:35 +01:00
ctx . RenderWithErr ( ctx . Tr ( "admin.auths.login_source_exist" , err . ( auth . ErrSourceAlreadyExist ) . Name ) , tplAuthNew , form )
2016-08-31 09:56:10 +02:00
} else {
2022-01-02 14:12:35 +01:00
ctx . ServerError ( " auth . CreateSource " , err )
2016-08-31 09:56:10 +02:00
}
2014-05-03 04:48:14 +02:00
return
}
2015-03-25 00:04:16 +01:00
log . Trace ( "Authentication created by admin(%s): %s" , ctx . User . Name , form . Name )
2015-09-11 18:03:08 +02:00
ctx . Flash . Success ( ctx . Tr ( "admin.auths.new_success" , form . Name ) )
2016-11-27 11:14:25 +01:00
ctx . Redirect ( setting . AppSubURL + "/admin/auths" )
2014-05-03 04:48:14 +02:00
}
2016-11-21 04:21:24 +01:00
// EditAuthSource render editing auth source page
2016-03-11 17:56:52 +01:00
func EditAuthSource ( ctx * context . Context ) {
2014-08-29 14:50:43 +02:00
ctx . Data [ "Title" ] = ctx . Tr ( "admin.auths.edit" )
ctx . Data [ "PageIsAdmin" ] = true
ctx . Data [ "PageIsAdminAuthentications" ] = true
2015-09-11 18:03:08 +02:00
2016-07-08 01:25:09 +02:00
ctx . Data [ "SecurityProtocols" ] = securityProtocols
2021-07-24 12:16:34 +02:00
ctx . Data [ "SMTPAuths" ] = smtp . Authenticators
2021-08-06 03:11:08 +02:00
oauth2providers := oauth2 . GetOAuth2Providers ( )
ctx . Data [ "OAuth2Providers" ] = oauth2providers
2014-05-11 12:10:37 +02:00
2022-01-02 14:12:35 +01:00
source , err := auth . GetSourceByID ( ctx . ParamsInt64 ( ":authid" ) )
2014-05-05 10:40:25 +02:00
if err != nil {
2022-01-02 14:12:35 +01:00
ctx . ServerError ( "auth.GetSourceByID" , err )
2014-05-05 10:40:25 +02:00
return
}
2015-09-11 18:03:08 +02:00
ctx . Data [ "Source" ] = source
2016-07-08 01:25:09 +02:00
ctx . Data [ "HasTLS" ] = source . HasTLS ( )
2017-02-22 08:14:37 +01:00
if source . IsOAuth2 ( ) {
2021-08-06 03:11:08 +02:00
type Named interface {
Name ( ) string
}
for _ , provider := range oauth2providers {
if provider . Name ( ) == source . Cfg . ( Named ) . Name ( ) {
ctx . Data [ "CurrentOAuth2Provider" ] = provider
break
}
}
2017-02-22 08:14:37 +01:00
}
2021-12-14 09:37:11 +01:00
2021-04-05 17:30:52 +02:00
ctx . HTML ( http . StatusOK , tplAuthEdit )
2014-05-03 04:48:14 +02:00
}
2017-02-22 08:14:37 +01:00
// EditAuthSourcePost response for editing auth source
2021-01-26 16:36:53 +01:00
func EditAuthSourcePost ( ctx * context . Context ) {
2021-04-06 21:44:05 +02:00
form := * web . GetForm ( ctx ) . ( * forms . AuthenticationForm )
2014-08-29 14:50:43 +02:00
ctx . Data [ "Title" ] = ctx . Tr ( "admin.auths.edit" )
ctx . Data [ "PageIsAdmin" ] = true
ctx . Data [ "PageIsAdminAuthentications" ] = true
2015-09-11 18:03:08 +02:00
2021-07-24 12:16:34 +02:00
ctx . Data [ "SMTPAuths" ] = smtp . Authenticators
2021-08-06 03:11:08 +02:00
oauth2providers := oauth2 . GetOAuth2Providers ( )
ctx . Data [ "OAuth2Providers" ] = oauth2providers
2014-05-05 10:40:25 +02:00
2022-01-02 14:12:35 +01:00
source , err := auth . GetSourceByID ( ctx . ParamsInt64 ( ":authid" ) )
2015-09-11 18:03:08 +02:00
if err != nil {
2022-01-02 14:12:35 +01:00
ctx . ServerError ( "auth.GetSourceByID" , err )
2015-09-11 18:03:08 +02:00
return
}
ctx . Data [ "Source" ] = source
2016-07-08 01:25:09 +02:00
ctx . Data [ "HasTLS" ] = source . HasTLS ( )
2015-09-11 18:03:08 +02:00
2014-05-05 10:40:25 +02:00
if ctx . HasError ( ) {
2021-04-05 17:30:52 +02:00
ctx . HTML ( http . StatusOK , tplAuthEdit )
2014-05-05 10:40:25 +02:00
return
}
2020-03-22 16:12:55 +01:00
var config convert . Conversion
2022-01-02 14:12:35 +01:00
switch auth . Type ( form . Type ) {
case auth . LDAP , auth . DLDAP :
2015-09-11 18:03:08 +02:00
config = parseLDAPConfig ( form )
2022-01-02 14:12:35 +01:00
case auth . SMTP :
2015-09-11 18:03:08 +02:00
config = parseSMTPConfig ( form )
2022-01-02 14:12:35 +01:00
case auth . PAM :
config = & pam_service . Source {
2015-04-23 13:58:57 +02:00
ServiceName : form . PAMServiceName ,
2021-05-14 00:11:47 +02:00
EmailDomain : form . PAMEmailDomain ,
2015-04-23 13:58:57 +02:00
}
2022-01-02 14:12:35 +01:00
case auth . OAuth2 :
2017-02-22 08:14:37 +01:00
config = parseOAuth2Config ( form )
2022-01-02 14:12:35 +01:00
case auth . SSPI :
2019-11-23 00:33:31 +01:00
config , err = parseSSPIConfig ( ctx , form )
if err != nil {
ctx . RenderWithErr ( err . Error ( ) , tplAuthEdit , form )
return
}
2014-05-11 16:37:31 +02:00
default :
2021-04-05 17:30:52 +02:00
ctx . Error ( http . StatusBadRequest )
2014-05-11 16:37:31 +02:00
return
2014-05-11 12:10:37 +02:00
}
2015-09-11 18:03:08 +02:00
source . Name = form . Name
2021-07-24 12:16:34 +02:00
source . IsActive = form . IsActive
2017-05-10 15:10:18 +02:00
source . IsSyncEnabled = form . IsSyncEnabled
2015-09-11 18:03:08 +02:00
source . Cfg = config
2022-03-08 19:56:40 +01:00
// FIXME: if the name conflicts, it will result in 500: Error 1062: Duplicate entry 'aa' for key 'login_source.UQE_login_source_name'
2022-01-02 14:12:35 +01:00
if err := auth . UpdateSource ( source ) ; err != nil {
2021-11-10 18:51:09 +01:00
if oauth2 . IsErrOpenIDConnectInitialize ( err ) {
2017-05-01 15:26:53 +02:00
ctx . Flash . Error ( err . Error ( ) , true )
2021-04-05 17:30:52 +02:00
ctx . HTML ( http . StatusOK , tplAuthEdit )
2017-05-01 15:26:53 +02:00
} else {
2018-01-10 22:34:17 +01:00
ctx . ServerError ( "UpdateSource" , err )
2017-05-01 15:26:53 +02:00
}
2014-05-05 10:40:25 +02:00
return
}
2016-12-21 08:09:43 +01:00
log . Trace ( "Authentication changed by admin(%s): %d" , ctx . User . Name , source . ID )
2014-05-05 10:40:25 +02:00
2014-08-29 14:50:43 +02:00
ctx . Flash . Success ( ctx . Tr ( "admin.auths.update_success" ) )
2021-11-16 19:18:25 +01:00
ctx . Redirect ( setting . AppSubURL + "/admin/auths/" + strconv . FormatInt ( form . ID , 10 ) )
2014-05-03 04:48:14 +02:00
}
2016-11-21 04:21:24 +01:00
// DeleteAuthSource response for deleting an auth source
2016-03-11 17:56:52 +01:00
func DeleteAuthSource ( ctx * context . Context ) {
2022-01-02 14:12:35 +01:00
source , err := auth . GetSourceByID ( ctx . ParamsInt64 ( ":authid" ) )
2014-05-05 10:40:25 +02:00
if err != nil {
2022-01-02 14:12:35 +01:00
ctx . ServerError ( "auth.GetSourceByID" , err )
2014-05-05 10:40:25 +02:00
return
}
2022-01-02 14:12:35 +01:00
if err = auth_service . DeleteSource ( source ) ; err != nil {
if auth . IsErrSourceInUse ( err ) {
2016-03-06 00:08:42 +01:00
ctx . Flash . Error ( ctx . Tr ( "admin.auths.still_in_used" ) )
2016-08-31 10:22:41 +02:00
} else {
2022-01-02 14:12:35 +01:00
ctx . Flash . Error ( fmt . Sprintf ( "auth_service.DeleteSource: %v" , err ) )
2014-05-05 10:40:25 +02:00
}
2021-04-05 17:30:52 +02:00
ctx . JSON ( http . StatusOK , map [ string ] interface { } {
2021-11-16 19:18:25 +01:00
"redirect" : setting . AppSubURL + "/admin/auths/" + url . PathEscape ( ctx . Params ( ":authid" ) ) ,
2016-03-06 00:08:42 +01:00
} )
2014-05-05 10:40:25 +02:00
return
}
2015-09-11 18:03:08 +02:00
log . Trace ( "Authentication deleted by admin(%s): %d" , ctx . User . Name , source . ID )
ctx . Flash . Success ( ctx . Tr ( "admin.auths.deletion_success" ) )
2021-04-05 17:30:52 +02:00
ctx . JSON ( http . StatusOK , map [ string ] interface { } {
2016-11-27 11:14:25 +01:00
"redirect" : setting . AppSubURL + "/admin/auths" ,
2015-09-11 18:03:08 +02:00
} )
2014-05-03 04:48:14 +02:00
}