Implemented issue #1177 - OAuth2: Office365.

2017-07-14 12:14:51 +02:00 · 2017-07-14 12:14:51 +02:00 · a4ef55cec0
commit a4ef55cec0
parent 77d3f8bf67 e3ab40f618
14 changed files with 204 additions and 84 deletions
--- a/1
+++ b/1
@ -40,6 +40,7 @@ gem 'omniauth-gitlab'
 gem 'omniauth-google-oauth2'
 gem 'omniauth-linkedin-oauth2'
 gem 'omniauth-twitter'
+gem 'omniauth-microsoft-office365'

 gem 'twitter'
 gem 'telegramAPI'
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -236,6 +236,9 @@ GEM
    omniauth-linkedin-oauth2 (0.1.5)
      omniauth (~> 1.0)
      omniauth-oauth2
+    omniauth-microsoft-office365 (0.0.7)
+      omniauth
+      omniauth-oauth2
    omniauth-oauth (1.1.0)
      oauth
      omniauth (~> 1.0)
@ -464,6 +467,7 @@ DEPENDENCIES
  omniauth-gitlab
  omniauth-google-oauth2
  omniauth-linkedin-oauth2
+  omniauth-microsoft-office365
  omniauth-oauth2
  omniauth-twitter
  pg
--- a/app/assets/javascripts/app/controllers/_profile/linked_accounts.coffee
+++ b/app/assets/javascripts/app/controllers/_profile/linked_accounts.coffee
@ -9,43 +9,7 @@ class Index extends App.ControllerSubContent
    @render()

  render: =>
-    auth_provider_all = {
-      facebook: {
-        url:    '/auth/facebook'
-        name:   'Facebook'
-        config: 'auth_facebook'
-      },
-      twitter: {
-        url:    '/auth/twitter'
-        name:   'Twitter'
-        config: 'auth_twitter'
-      },
-      linkedin: {
-        url:    '/auth/linkedin'
-        name:   'LinkedIn'
-        config: 'auth_linkedin'
-      },
-      github: {
-        url:    '/auth/github'
-        name:   'GitHub'
-        config: 'auth_github'
-      },
-      gitlab: {
-        url:    '/auth/gitlab'
-        name:   'GitLab'
-        config: 'auth_gitlab'
-      },
-      google_oauth2: {
-        url:    '/auth/google_oauth2'
-        name:   'Google'
-        config: 'auth_google_oauth2'
-      },
-      oauth2: {
-        url:    '/auth/oauth2'
-        name:   'OAuth2'
-        config: 'auth_oauth2'
-      },
-    }
+    auth_provider_all = App.Config.get('auth_provider_all')
    auth_providers = {}
    for key, provider of auth_provider_all
      if @Config.get(provider.config) is true || @Config.get(provider.config) is 'true'
@ -90,3 +54,45 @@ class Index extends App.ControllerSubContent
    )

 App.Config.set('LinkedAccounts', { prio: 4000, name: 'Linked Accounts', parent: '#profile', target: '#profile/linked', controller: Index, permission: ['user_preferences.linked_accounts'] }, 'NavBarProfile')
+App.Config.set('auth_provider_all', {
+  facebook:
+    url:    '/auth/facebook'
+    name:   'Facebook'
+    config: 'auth_facebook'
+    class:  'facebook'
+  twitter:
+    url:    '/auth/twitter'
+    name:   'Twitter'
+    config: 'auth_twitter'
+    class:  'twitter'
+  linkedin:
+    url:    '/auth/linkedin'
+    name:   'LinkedIn'
+    config: 'auth_linkedin'
+    class:  'linkedin'
+  github:
+    url:    '/auth/github'
+    name:   'GitHub'
+    config: 'auth_github'
+    class:  'github'
+  gitlab:
+    url:    '/auth/gitlab'
+    name:   'GitLab'
+    config: 'auth_gitlab'
+    class:  'gitlab'
+  microsoft_office365:
+    url:    '/auth/microsoft_office365'
+    name:   'Office 365'
+    config: 'auth_microsoft_office365'
+    class:  'office365'
+  google_oauth2:
+    url:    '/auth/google_oauth2'
+    name:   'Google'
+    config: 'auth_google_oauth2'
+    class:  'google'
+  oauth2:
+    url:    '/auth/oauth2'
+    name:   'OAuth2'
+    config: 'auth_oauth2'
+    class:  'oauth2'
+})
--- a/app/assets/javascripts/app/controllers/login.coffee
+++ b/app/assets/javascripts/app/controllers/login.coffee
@ -38,50 +38,7 @@ class Index extends App.ControllerContent
    )

  render: (data = {}) ->
-    auth_provider_all = {
-      facebook: {
-        url:    '/auth/facebook',
-        name:   'Facebook',
-        config: 'auth_facebook',
-        class:  'facebook'
-      },
-      twitter: {
-        url:    '/auth/twitter'
-        name:   'Twitter'
-        config: 'auth_twitter'
-        class:  'twitter'
-      },
-      linkedin: {
-        url:    '/auth/linkedin'
-        name:   'LinkedIn'
-        config: 'auth_linkedin'
-        class:  'linkedin'
-      },
-      github: {
-        url:    '/auth/github'
-        name:   'GitHub'
-        config: 'auth_github'
-        class:  'github'
-      },
-      gitlab: {
-        url:    '/auth/gitlab'
-        name:   'GitLab'
-        config: 'auth_gitlab'
-        class:  'gitlab'
-      },
-      google_oauth2: {
-        url:    '/auth/google_oauth2'
-        name:   'Google'
-        config: 'auth_google_oauth2'
-        class:  'google'
-      },
-      oauth2: {
-        url:    '/auth/oauth2'
-        name:   'OAuth2'
-        config: 'auth_oauth2'
-        class:  'oauth2'
-      },
-    }
+    auth_provider_all = App.Config.get('auth_provider_all')
    auth_providers = []
    for key, provider of auth_provider_all
      if @Config.get(provider.config) is true || @Config.get(provider.config) is 'true'
--- a/app/assets/javascripts/app/views/login.jst.eco
+++ b/app/assets/javascripts/app/views/login.jst.eco
@ -24,7 +24,7 @@
            <div class="formGroup-label">
              <label for="password"><%- @Ti('Password') %></label>
            </div>
-            <input id="password" name="password" type="password" class="form-control"/>
+            <input id="password" name="password" type="password" class="form-control" autocomplete="off"/>
          </div>

          <div class="form-group">
--- a/app/assets/stylesheets/svg-dimensions.css
+++ b/app/assets/stylesheets/svg-dimensions.css
@ -55,6 +55,7 @@
 .icon-mute { width: 16px; height: 16px; }
 .icon-note { width: 16px; height: 16px; }
 .icon-oauth2-button { width: 29px; height: 24px; }
+.icon-office365-button { width: 29px; height: 24px; }
 .icon-one-ticket { width: 48px; height: 10px; }
 .icon-organization { width: 16px; height: 16px; }
 .icon-outbound-calls { width: 17px; height: 17px; }
--- a/app/assets/stylesheets/zammad.scss
+++ b/app/assets/stylesheets/zammad.scss
@ -2550,6 +2550,10 @@ ol.tabs li {
    background: hsl(0,0%,15%);
  }

+  &.auth-provider--office365 {
+    background: hsl(15,100%,47%);
+  }
+
  .provider-name {
    flex: 1;
  }
@ -2558,7 +2562,6 @@ ol.tabs li {
    width: 29px;
    height: 24px;
    margin-right: 10px;
-    margin-top: 1px;
  }
 }

--- a/config/initializers/omniauth.rb
+++ b/config/initializers/omniauth.rb
@ -34,6 +34,9 @@ Rails.application.config.middleware.use OmniAuth::Builder do
    },
  }

+  # microsoft_office365 database connect
+  provider :microsoft_office365_database, 'not_change_will_be_set_by_database', 'not_change_will_be_set_by_database'
+
  # oauth2 database connect
  provider :oauth2_database, 'not_change_will_be_set_by_database', 'not_change_will_be_set_by_database', {
    client_options: {
--- a/contrib/icon-sprite.sketch
+++ b/contrib/icon-sprite.sketch
--- a/db/migrate/20170713000001_omniauth_office365_setting.rb
+++ b/db/migrate/20170713000001_omniauth_office365_setting.rb
@ -0,0 +1,63 @@
+class OmniauthOffice365Setting < ActiveRecord::Migration
+  def up
+
+    # return if it's a new setup
+    return if !Setting.find_by(name: 'system_init_done')
+    Setting.create_if_not_exists(
+      title: 'Authentication via %s',
+      name: 'auth_microsoft_office365',
+      area: 'Security::ThirdPartyAuthentication',
+      description: 'Enables user authentication via %s. Register your app first at [%s](%s).',
+      options: {
+        form: [
+          {
+            display: '',
+            null: true,
+            name: 'auth_microsoft_office365',
+            tag: 'boolean',
+            options: {
+              true  => 'yes',
+              false => 'no',
+            },
+          },
+        ],
+      },
+      preferences: {
+        controller: 'SettingsAreaSwitch',
+        sub: ['auth_microsoft_office365_credentials'],
+        title_i18n: ['Office 365'],
+        description_i18n: ['Office 365', 'Microsoft Application Registration Portal', 'https://apps.dev.microsoft.com'],
+        permission: ['admin.security'],
+      },
+      state: false,
+      frontend: true
+    )
+    Setting.create_if_not_exists(
+      title: 'Office 365 App Credentials',
+      name: 'auth_microsoft_office365_credentials',
+      area: 'Security::ThirdPartyAuthentication::Office365',
+      description: 'Enables user authentication via Office 365.',
+      options: {
+        form: [
+          {
+            display: 'App ID',
+            null: true,
+            name: 'app_id',
+            tag: 'input',
+          },
+          {
+            display: 'App Secret',
+            null: true,
+            name: 'app_secret',
+            tag: 'input',
+          },
+        ],
+      },
+      state: {},
+      preferences: {
+        permission: ['admin.security'],
+      },
+      frontend: false
+    )
+  end
+end
--- a/db/seeds/settings.rb
+++ b/db/seeds/settings.rb
@ -1084,6 +1084,63 @@ Setting.create_if_not_exists(
  frontend: false
 )

+Setting.create_if_not_exists(
+  title: 'Authentication via %s',
+  name: 'auth_microsoft_office365',
+  area: 'Security::ThirdPartyAuthentication',
+  description: 'Enables user authentication via %s. Register your app first at [%s](%s).',
+  options: {
+    form: [
+      {
+        display: '',
+        null: true,
+        name: 'auth_microsoft_office365',
+        tag: 'boolean',
+        options: {
+          true  => 'yes',
+          false => 'no',
+        },
+      },
+    ],
+  },
+  preferences: {
+    controller: 'SettingsAreaSwitch',
+    sub: ['auth_microsoft_office365_credentials'],
+    title_i18n: ['Office 365'],
+    description_i18n: ['Office 365', 'Microsoft Application Registration Portal', 'https://apps.dev.microsoft.com'],
+    permission: ['admin.security'],
+  },
+  state: false,
+  frontend: true
+)
+Setting.create_if_not_exists(
+  title: 'Office 365 App Credentials',
+  name: 'auth_microsoft_office365_credentials',
+  area: 'Security::ThirdPartyAuthentication::Office365',
+  description: 'Enables user authentication via Office 365.',
+  options: {
+    form: [
+      {
+        display: 'App ID',
+        null: true,
+        name: 'app_id',
+        tag: 'input',
+      },
+      {
+        display: 'App Secret',
+        null: true,
+        name: 'app_secret',
+        tag: 'input',
+      },
+    ],
+  },
+  state: {},
+  preferences: {
+    permission: ['admin.security'],
+  },
+  frontend: false
+)
+
 Setting.create_if_not_exists(
  title: 'Authentication via %s',
  name: 'auth_oauth2',
--- a/public/assets/images/icons.svg
+++ b/public/assets/images/icons.svg
--- a/public/assets/images/icons/office365-button.svg
+++ b/public/assets/images/icons/office365-button.svg
@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<svg width="29px" height="24px" viewBox="0 0 29 24" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
+    <!-- Generator: Sketch 45.2 (43514) - http://www.bohemiancoding.com/sketch -->
+    <title>office365-button</title>
+    <desc>Created with Sketch.</desc>
+    <defs></defs>
+    <g id="Page-1" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">
+        <g id="office365-button" fill-rule="nonzero" fill="#FFFFFF">
+            <polyline id="office365" points="23 20.4918622 22.9835112 20.4918622 22.9835112 3.5578176 16.9485936 1.80999994 6.03297769 5.8992337 6 5.91572254 6 18.1504461 9.72647915 16.6994277 9.72647915 6.74016483 16.9485936 5.00883602 16.9156159 19.6509311 6 18.1504461 16.9156159 22.1902133 22.9835112 20.5083511 22.9835112 20.4918622"></polyline>
+        </g>
+    </g>
+</svg>
--- a/vendor/lib/microsoft_office365_database.rb
+++ b/vendor/lib/microsoft_office365_database.rb
@ -0,0 +1,13 @@
+class MicrosoftOffice365Database < OmniAuth::Strategies::MicrosoftOffice365
+  option :name, 'microsoft_office365'
+
+  def initialize(app, *args, &block)
+
+    # database lookup
+    config  = Setting.get('auth_microsoft_office365_credentials') || {}
+    args[0] = config['app_id']
+    args[1] = config['app_secret']
+    super
+  end
+
+end