Added option to allow sso account creation even if public registration is disabled

This commit is contained in:
Igor Scheller 2021-12-03 23:00:37 +01:00 committed by msquare
parent 1ba4b57eac
commit 2d45e04a90
4 changed files with 22 additions and 7 deletions

View File

@ -99,12 +99,14 @@ return [
'first_name' => 'first-name', 'first_name' => 'first-name',
// Info last name field (optional) // Info last name field (optional)
'last_name' => 'last-name', 'last_name' => 'last-name',
// User URL to provider, shown on provider settings page (optional) // User URL to provider, linked on provider settings page (optional)
'url' => '[provider page]', 'url' => '[provider page]',
// Only show after clicking the page title (optional) // Only show after clicking the page title (optional)
'hidden' => false, 'hidden' => false,
// Mark user as arrived when using this provider (optional) // Mark user as arrived when using this provider (optional)
'mark_arrived' => false, 'mark_arrived' => false,
// Allow registration even if disabled in config (optional)
'allow_registration' => null,
// Auto join teams // Auto join teams
// Info groups field (optional) // Info groups field (optional)
'groups' => 'groups', 'groups' => 'groups',

View File

@ -74,7 +74,10 @@ function guest_register()
} }
} }
if (!auth()->can('register') || (!$authUser && !config('registration_enabled'))) { if (
!auth()->can('register')
|| (!$authUser && !config('registration_enabled') && !$session->get('oauth2_allow_registration'))
) {
error(__('Registration is disabled.')); error(__('Registration is disabled.'));
return page_with_title(register_title(), [ return page_with_title(register_title(), [

View File

@ -175,10 +175,6 @@ class OAuthController extends BaseController
$config = $this->config->get('oauth')[$providerName]; $config = $this->config->get('oauth')[$providerName];
$userdata = new Collection($resourceOwner->toArray()); $userdata = new Collection($resourceOwner->toArray());
if (!$oauth) { if (!$oauth) {
if (!$this->config->get('registration_enabled')) {
throw new HttpNotFound('oauth.not-found');
}
return $this->redirectRegister( return $this->redirectRegister(
$providerName, $providerName,
$resourceOwner->getId(), $resourceOwner->getId(),
@ -349,9 +345,21 @@ class OAuthController extends BaseController
Collection $userdata Collection $userdata
): Response { ): Response {
$config = array_merge( $config = array_merge(
['username' => null, 'email' => null, 'first_name' => null, 'last_name' => null, 'groups' => null], [
'username' => null,
'email' => null,
'first_name' => null,
'last_name' => null,
'allow_registration' => null,
'groups' => null,
],
$config $config
); );
if (!$this->config->get('registration_enabled') && !$config['allow_registration']) {
throw new HttpNotFound('oauth.not-found');
}
$this->session->set( $this->session->set(
'form_data', 'form_data',
[ [
@ -370,6 +378,7 @@ class OAuthController extends BaseController
$this->session->set('oauth2_access_token', $accessToken->getToken()); $this->session->set('oauth2_access_token', $accessToken->getToken());
$this->session->set('oauth2_refresh_token', $accessToken->getRefreshToken()); $this->session->set('oauth2_refresh_token', $accessToken->getRefreshToken());
$this->session->set('oauth2_expires_at', $expirationTime); $this->session->set('oauth2_expires_at', $expirationTime);
$this->session->set('oauth2_allow_registration', $config['allow_registration']);
return $this->redirector->to('/register'); return $this->redirector->to('/register');
} }

View File

@ -428,6 +428,7 @@ class OAuthControllerTest extends TestCase
$this->assertEquals('test-token', $this->session->get('oauth2_access_token')); $this->assertEquals('test-token', $this->session->get('oauth2_access_token'));
$this->assertEquals('test-refresh-token', $this->session->get('oauth2_refresh_token')); $this->assertEquals('test-refresh-token', $this->session->get('oauth2_refresh_token'));
$this->assertEquals(4242424242, $this->session->get('oauth2_expires_at')->unix()); $this->assertEquals(4242424242, $this->session->get('oauth2_expires_at')->unix());
$this->assertEquals(null, $this->session->get('oauth2_allow_registration'));
$this->assertEquals( $this->assertEquals(
[ [
'name' => 'username', 'name' => 'username',