Implemented issue #1177 - OAuth2: Office365.

2017-07-13 17:08:53 +02:00 · 2017-07-13 17:08:53 +02:00 · b60b139e95
parent f723357f77
commit b60b139e95
8 changed files with 183 additions and 82 deletions
--- a/1
+++ b/1
@ -40,6 +40,7 @@ gem 'omniauth-gitlab'
 gem 'omniauth-google-oauth2'
 gem 'omniauth-linkedin-oauth2'
 gem 'omniauth-twitter'
+gem 'omniauth-microsoft-office365'

 gem 'twitter'
 gem 'telegramAPI'
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -236,6 +236,9 @@ GEM
    omniauth-linkedin-oauth2 (0.1.5)
      omniauth (~> 1.0)
      omniauth-oauth2
+    omniauth-microsoft-office365 (0.0.7)
+      omniauth
+      omniauth-oauth2
    omniauth-oauth (1.1.0)
      oauth
      omniauth (~> 1.0)
@ -464,6 +467,7 @@ DEPENDENCIES
  omniauth-gitlab
  omniauth-google-oauth2
  omniauth-linkedin-oauth2
+  omniauth-microsoft-office365
  omniauth-oauth2
  omniauth-twitter
  pg
--- a/app/assets/javascripts/app/controllers/_profile/linked_accounts.coffee
+++ b/app/assets/javascripts/app/controllers/_profile/linked_accounts.coffee
@ -9,43 +9,7 @@ class Index extends App.ControllerSubContent
    @render()

  render: =>
-    auth_provider_all = {
-      facebook: {
-        url:    '/auth/facebook'
-        name:   'Facebook'
-        config: 'auth_facebook'
-      },
-      twitter: {
-        url:    '/auth/twitter'
-        name:   'Twitter'
-        config: 'auth_twitter'
-      },
-      linkedin: {
-        url:    '/auth/linkedin'
-        name:   'LinkedIn'
-        config: 'auth_linkedin'
-      },
-      github: {
-        url:    '/auth/github'
-        name:   'GitHub'
-        config: 'auth_github'
-      },
-      gitlab: {
-        url:    '/auth/gitlab'
-        name:   'GitLab'
-        config: 'auth_gitlab'
-      },
-      google_oauth2: {
-        url:    '/auth/google_oauth2'
-        name:   'Google'
-        config: 'auth_google_oauth2'
-      },
-      oauth2: {
-        url:    '/auth/oauth2'
-        name:   'OAuth2'
-        config: 'auth_oauth2'
-      },
-    }
+    auth_provider_all = App.Config.get('auth_provider_all')
    auth_providers = {}
    for key, provider of auth_provider_all
      if @Config.get(provider.config) is true || @Config.get(provider.config) is 'true'
@ -90,3 +54,45 @@ class Index extends App.ControllerSubContent
    )

 App.Config.set('LinkedAccounts', { prio: 4000, name: 'Linked Accounts', parent: '#profile', target: '#profile/linked', controller: Index, permission: ['user_preferences.linked_accounts'] }, 'NavBarProfile')
+App.Config.set('auth_provider_all', {
+  facebook:
+    url:    '/auth/facebook'
+    name:   'Facebook'
+    config: 'auth_facebook'
+    class:  'facebook'
+  twitter:
+    url:    '/auth/twitter'
+    name:   'Twitter'
+    config: 'auth_twitter'
+    class:  'twitter'
+  linkedin:
+    url:    '/auth/linkedin'
+    name:   'LinkedIn'
+    config: 'auth_linkedin'
+    class:  'linkedin'
+  github:
+    url:    '/auth/github'
+    name:   'GitHub'
+    config: 'auth_github'
+    class:  'github'
+  gitlab:
+    url:    '/auth/gitlab'
+    name:   'GitLab'
+    config: 'auth_gitlab'
+    class:  'gitlab'
+  microsoft_office365:
+    url:    '/auth/microsoft_office365'
+    name:   'Office 365'
+    config: 'auth_microsoft_office365'
+    class:  'microsoft_office365'
+  google_oauth2:
+    url:    '/auth/google_oauth2'
+    name:   'Google'
+    config: 'auth_google_oauth2'
+    class:  'google'
+  oauth2:
+    url:    '/auth/oauth2'
+    name:   'OAuth2'
+    config: 'auth_oauth2'
+    class:  'oauth2'
+})
--- a/app/assets/javascripts/app/controllers/login.coffee
+++ b/app/assets/javascripts/app/controllers/login.coffee
@ -38,50 +38,7 @@ class Index extends App.ControllerContent
    )

  render: (data = {}) ->
-    auth_provider_all = {
-      facebook: {
-        url:    '/auth/facebook',
-        name:   'Facebook',
-        config: 'auth_facebook',
-        class:  'facebook'
-      },
-      twitter: {
-        url:    '/auth/twitter'
-        name:   'Twitter'
-        config: 'auth_twitter'
-        class:  'twitter'
-      },
-      linkedin: {
-        url:    '/auth/linkedin'
-        name:   'LinkedIn'
-        config: 'auth_linkedin'
-        class:  'linkedin'
-      },
-      github: {
-        url:    '/auth/github'
-        name:   'GitHub'
-        config: 'auth_github'
-        class:  'github'
-      },
-      gitlab: {
-        url:    '/auth/gitlab'
-        name:   'GitLab'
-        config: 'auth_gitlab'
-        class:  'gitlab'
-      },
-      google_oauth2: {
-        url:    '/auth/google_oauth2'
-        name:   'Google'
-        config: 'auth_google_oauth2'
-        class:  'google'
-      },
-      oauth2: {
-        url:    '/auth/oauth2'
-        name:   'OAuth2'
-        config: 'auth_oauth2'
-        class:  'oauth2'
-      },
-    }
+    auth_provider_all = App.Config.get('auth_provider_all')
    auth_providers = []
    for key, provider of auth_provider_all
      if @Config.get(provider.config) is true || @Config.get(provider.config) is 'true'
--- a/app/assets/javascripts/app/views/login.jst.eco
+++ b/app/assets/javascripts/app/views/login.jst.eco
@ -24,7 +24,7 @@
            <div class="formGroup-label">
              <label for="password"><%- @Ti('Password') %></label>
            </div>
-            <input id="password" name="password" type="password" class="form-control"/>
+            <input id="password" name="password" type="password" class="form-control" autocomplete="off"/>
          </div>

          <div class="form-group">
--- a/db/migrate/20170713000001_omniauth_office365_setting.rb
+++ b/db/migrate/20170713000001_omniauth_office365_setting.rb
@ -0,0 +1,63 @@
+class OmniauthOffice365Setting < ActiveRecord::Migration
+  def up
+
+    # return if it's a new setup
+    return if !Setting.find_by(name: 'system_init_done')
+    Setting.create_if_not_exists(
+      title: 'Authentication via %s',
+      name: 'auth_microsoft_office365',
+      area: 'Security::ThirdPartyAuthentication',
+      description: 'Enables user authentication via %s. Register your app first at [%s](%s).',
+      options: {
+        form: [
+          {
+            display: '',
+            null: true,
+            name: 'auth_microsoft_office365',
+            tag: 'boolean',
+            options: {
+              true  => 'yes',
+              false => 'no',
+            },
+          },
+        ],
+      },
+      preferences: {
+        controller: 'SettingsAreaSwitch',
+        sub: ['auth_microsoft_office365_credentials'],
+        title_i18n: ['Office 365'],
+        description_i18n: ['Office 365', 'Microsoft Application Registration Portal', 'https://apps.dev.microsoft.com'],
+        permission: ['admin.security'],
+      },
+      state: false,
+      frontend: true
+    )
+    Setting.create_if_not_exists(
+      title: 'Office 365 App Credentials',
+      name: 'auth_microsoft_office365_credentials',
+      area: 'Security::ThirdPartyAuthentication::Office365',
+      description: 'Enables user authentication via Office 365.',
+      options: {
+        form: [
+          {
+            display: 'App ID',
+            null: true,
+            name: 'app_id',
+            tag: 'input',
+          },
+          {
+            display: 'App Secret',
+            null: true,
+            name: 'app_secret',
+            tag: 'input',
+          },
+        ],
+      },
+      state: {},
+      preferences: {
+        permission: ['admin.security'],
+      },
+      frontend: false
+    )
+  end
+end
--- a/db/seeds/settings.rb
+++ b/db/seeds/settings.rb
@ -1057,6 +1057,63 @@ Setting.create_if_not_exists(
  frontend: false
 )

+Setting.create_if_not_exists(
+  title: 'Authentication via %s',
+  name: 'auth_microsoft_office365',
+  area: 'Security::ThirdPartyAuthentication',
+  description: 'Enables user authentication via %s. Register your app first at [%s](%s).',
+  options: {
+    form: [
+      {
+        display: '',
+        null: true,
+        name: 'auth_microsoft_office365',
+        tag: 'boolean',
+        options: {
+          true  => 'yes',
+          false => 'no',
+        },
+      },
+    ],
+  },
+  preferences: {
+    controller: 'SettingsAreaSwitch',
+    sub: ['auth_microsoft_office365_credentials'],
+    title_i18n: ['Office 365'],
+    description_i18n: ['Office 365', 'Microsoft Application Registration Portal', 'https://apps.dev.microsoft.com'],
+    permission: ['admin.security'],
+  },
+  state: false,
+  frontend: true
+)
+Setting.create_if_not_exists(
+  title: 'Office 365 App Credentials',
+  name: 'auth_microsoft_office365_credentials',
+  area: 'Security::ThirdPartyAuthentication::Office365',
+  description: 'Enables user authentication via Office 365.',
+  options: {
+    form: [
+      {
+        display: 'App ID',
+        null: true,
+        name: 'app_id',
+        tag: 'input',
+      },
+      {
+        display: 'App Secret',
+        null: true,
+        name: 'app_secret',
+        tag: 'input',
+      },
+    ],
+  },
+  state: {},
+  preferences: {
+    permission: ['admin.security'],
+  },
+  frontend: false
+)
+
 Setting.create_if_not_exists(
  title: 'Authentication via %s',
  name: 'auth_oauth2',
--- a/vendor/lib/microsoft_office365_database.rb
+++ b/vendor/lib/microsoft_office365_database.rb
@ -0,0 +1,13 @@
+class MicrosoftOffice365Database < OmniAuth::Strategies::MicrosoftOffice365
+  option :name, 'microsoft_office365'
+
+  def initialize(app, *args, &block)
+
+    # database lookup
+    config  = Setting.get('auth_microsoft_office365_credentials') || {}
+    args[0] = config['app_id']
+    args[1] = config['app_secret']
+    super
+  end
+
+end