yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

refactor: behavior login/2 use all http request

This commit is contained in:
JimMoen 2023-09-22 16:43:12 +08:00
parent 9181ec844f
commit a318ad486a
No known key found for this signature in database
GPG Key ID: 87A520B4F76BA86D
5 changed files with 22 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
apps/emqx_dashboard_sso/src/emqx_dashboard_sso.erl
View File

@ -39,7 +39,9 @@
{ok, NewState :: state()} | {error, Reason :: term()}. {ok, NewState :: state()} | {error, Reason :: term()}.
-callback destroy(State :: state()) -> ok. -callback destroy(State :: state()) -> ok.
-callback login(request(), State :: state()) -> -callback login(request(), State :: state()) ->
{ok, dashboard_user_role(), Token :: binary()} | {redirect, fun()} | {error, Reason :: term()}. {ok, dashboard_user_role(), Token :: binary()}
| {redirect, tuple()}
| {error, Reason :: term()}.
%%------------------------------------------------------------------------------ %%------------------------------------------------------------------------------
%% Callback Interface %% Callback Interface

15
apps/emqx_dashboard_sso/src/emqx_dashboard_sso_api.erl
View File

@ -151,23 +151,22 @@ running(get, _Request) ->
maps:values(SSO) maps:values(SSO)
)}. )}.
login(post, #{bindings := #{backend := Backend}, body := Sign, headers := Headers}) -> login(post, #{bindings := #{backend := Backend}} = Request) ->
case emqx_dashboard_sso_manager:lookup_state(Backend) of case emqx_dashboard_sso_manager:lookup_state(Backend) of
undefined -> undefined ->
{404, #{code => ?BACKEND_NOT_FOUND, message => <<"Backend not found">>}}; {404, #{code => ?BACKEND_NOT_FOUND, message => <<"Backend not found">>}};
State -> State ->
Provider = provider(Backend), case emqx_dashboard_sso:login(provider(Backend), Request, State) of
case emqx_dashboard_sso:login(Provider, Sign, State) of
{ok, Role, Token} -> {ok, Role, Token} ->
?SLOG(info, #{msg => "dashboard_sso_login_successful", request => Sign}), ?SLOG(info, #{msg => "dashboard_sso_login_successful", request => Request}),
{200, login_reply(Role, Token)}; {200, login_reply(Role, Token)};
{redirect, RedirectFun} -> {redirect, Redirect} ->
?SLOG(info, #{msg => "dashboard_sso_login_redirect", request => Sign}), ?SLOG(info, #{msg => "dashboard_sso_login_redirect", request => Request}),
RedirectFun(Headers); Redirect;
{error, Reason} -> {error, Reason} ->
?SLOG(info, #{ ?SLOG(info, #{
msg => "dashboard_sso_login_failed", msg => "dashboard_sso_login_failed",
request => Sign, request => Request,
reason => Reason reason => Reason
}), }),
{401, #{code => ?BAD_USERNAME_OR_PWD, message => <<"Auth failed">>}} {401, #{code => ?BAD_USERNAME_OR_PWD, message => <<"Auth failed">>}}

6
apps/emqx_dashboard_sso/src/emqx_dashboard_sso_ldap.erl
View File

@ -121,7 +121,7 @@ adjust_ldap_field(Any) ->
Any. Any.
login( login(
#{<<"username">> := Username} = Req, #{body := #{<<"username">> := Username} = Sign} = _Req,
#{ #{
query_timeout := Timeout, query_timeout := Timeout,
resource_id := ResourceId resource_id := ResourceId
@ -130,7 +130,7 @@ login(
case case
emqx_resource:simple_sync_query( emqx_resource:simple_sync_query(
ResourceId, ResourceId,
{query, Req, [], Timeout} {query, Sign, [], Timeout}
) )
of of
{ok, []} -> {ok, []} ->
@ -139,7 +139,7 @@ login(
case case
emqx_resource:simple_sync_query( emqx_resource:simple_sync_query(
ResourceId, ResourceId,
{bind, Req} {bind, Sign}
) )
of of
ok -> ok ->

11
apps/emqx_dashboard_sso/src/emqx_dashboard_sso_saml.erl
View File

@ -134,12 +134,14 @@ update(_Config0, State) ->
destroy(_State) -> destroy(_State) ->
ok. ok.
login(_Req, #{sp := SP, idp_meta := #esaml_idp_metadata{login_location = IDP}} = _State) -> login(
#{headers := Headers} = _Req,
#{sp := SP, idp_meta := #esaml_idp_metadata{login_location = IDP}} = _State
) ->
SignedXml = esaml_sp:generate_authn_request(IDP, SP), SignedXml = esaml_sp:generate_authn_request(IDP, SP),
Target = esaml_binding:encode_http_redirect(IDP, SignedXml, <<>>), Target = esaml_binding:encode_http_redirect(IDP, SignedXml, <<>>),
%% TODO: _Req acutally is HTTP request body, not fully request
RedirectFun = fun(Headers) ->
RespHeaders = #{<<"Cache-Control">> => <<"no-cache">>, <<"Pragma">> => <<"no-cache">>}, RespHeaders = #{<<"Cache-Control">> => <<"no-cache">>, <<"Pragma">> => <<"no-cache">>},
Redirect =
case is_msie(Headers) of case is_msie(Headers) of
true -> true ->
Html = esaml_binding:encode_http_post(IDP, SignedXml, <<>>), Html = esaml_binding:encode_http_post(IDP, SignedXml, <<>>),
@ -147,9 +149,8 @@ login(_Req, #{sp := SP, idp_meta := #esaml_idp_metadata{login_location = IDP}} =
false -> false ->
RespHeaders1 = RespHeaders#{<<"Location">> => Target}, RespHeaders1 = RespHeaders#{<<"Location">> => Target},
{302, RespHeaders1, <<"Redirecting...">>} {302, RespHeaders1, <<"Redirecting...">>}
end
end, end,
{redirect, RedirectFun}. {redirect, Redirect}.
callback(_Req = #{body := Body}, #{sp := SP} = _State) -> callback(_Req = #{body := Body}, #{sp := SP} = _State) ->
case do_validate_assertion(SP, fun esaml_util:check_dupe_ets/2, Body) of case do_validate_assertion(SP, fun esaml_util:check_dupe_ets/2, Body) of

2
apps/emqx_dashboard_sso/src/emqx_dashboard_sso_saml_api.erl
View File

@ -87,7 +87,7 @@ sp_saml_metadata(get, _Req) ->
#{sp := SP} = _State -> #{sp := SP} = _State ->
SignedXml = esaml_sp:generate_metadata(SP), SignedXml = esaml_sp:generate_metadata(SP),
Metadata = xmerl:export([SignedXml], xmerl_xml), Metadata = xmerl:export([SignedXml], xmerl_xml),
{200, [{<<"Content-Type">>, <<"text/xml">>}], Metadata} {200, #{<<"Content-Type">> => <<"text/xml">>}, Metadata}
end. end.
sp_saml_callback(post, Req) -> sp_saml_callback(post, Req) ->