Skip intermediate login page with single provider

2024-07-07 20:02:40 +00:00 · 2022-05-02 20:35:11 +10:00 · 2022-05-02 20:35:11 +10:00 · d5ce6b680c
commit d5ce6b680c
parent 44013721f0
4 changed files with 59 additions and 3 deletions
--- a/app/Config/auth.php
+++ b/app/Config/auth.php
@ -13,6 +13,11 @@ return [
    // Options: standard, ldap, saml2, oidc
    'method' => env('AUTH_METHOD', 'standard'),
    // Automatically redirect to external login provider if only one provider is being used
    // instead of displaying a single-button login page and requiring users to click through
    // Supported methods: saml2, oidc
    'auto_redirect' => env('AUTH_AUTO_REDIRECT', false),
    // Authentication Defaults
    // This option controls the default authentication "guard" and password
    // reset options for your application.
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@ -25,14 +25,14 @@ class LoginController extends Controller
    |
    */
-    use AuthenticatesUsers;
+    use AuthenticatesUsers { logout as traitLogout; }
    /**
     * Redirection paths.
     */
    protected $redirectTo = '/';
    protected $redirectPath = '/';
-    protected $redirectAfterLogout = '/login';
+    protected $redirectAfterLogout = '/';
    protected $socialAuthService;
    protected $loginService;
@ -50,7 +50,7 @@ class LoginController extends Controller
        $this->loginService = $loginService;
        $this->redirectPath = url('/');
-        $this->redirectAfterLogout = url('/login');
+        $this->redirectAfterLogout = url(config('auth.auto_redirect') ? '/login?logout=1' : '/');
    }
    public function username()
@ -73,6 +73,7 @@ class LoginController extends Controller
    {
        $socialDrivers = $this->socialAuthService->getActiveDrivers();
        $authMethod = config('auth.method');
        $autoRedirect = config('auth.auto_redirect');
        if ($request->has('email')) {
            session()->flashInput([
@ -84,6 +85,12 @@ class LoginController extends Controller
        // Store the previous location for redirect after login
        $this->updateIntendedFromPrevious();
        if ($autoRedirect && !($request->has('logout') && $request->get('logout') == '1') && count($socialDrivers) == 0 && in_array($authMethod, ['oidc', 'saml2'])) {
            return view('auth.login-redirect', [
                'authMethod'    => $authMethod,
            ]);
        }
        return view('auth.login', [
            'socialDrivers' => $socialDrivers,
            'authMethod'    => $authMethod,
@ -251,4 +258,18 @@ class LoginController extends Controller
        redirect()->setIntendedUrl($previous);
    }
    /**
     * Logout user and perform subsequent redirect.
     *
     * @param \Illuminate\Http\Request $request
     *
     * @return mixed
     */
    public function logout(Request $request)
    {
        $this->traitLogout($request);
        return redirect($this->redirectAfterLogout);
    }
 }
--- a/resources/views/auth/login-redirect.blade.php
+++ b/resources/views/auth/login-redirect.blade.php
@ -0,0 +1,16 @@
 <!DOCTYPE html>
 <html lang="{{ config('app.lang') }}"
      dir="{{ config('app.rtl') ? 'rtl' : 'ltr' }}">
 <head>
    <meta charset="utf-8">
 </head>
 <body>
    <div id="loginredirect-wrapper" style="display:none">
        @include('auth.parts.login-form-' . $authMethod)
    </div>
    <script nonce="{{ $cspNonce }}">
        window.onload = function(){document.forms['login-form'].submit()};
    </script>
 </body>
 </html>
--- a/tests/Auth/OidcTest.php
+++ b/tests/Auth/OidcTest.php
@ -26,6 +26,7 @@ class OidcTest extends TestCase
        config()->set([
            'auth.method'                 => 'oidc',
            'auth.auto_redirect'          => false,
            'auth.defaults.guard'         => 'oidc',
            'oidc.name'                   => 'SingleSignOn-Testing',
            'oidc.display_name_claims'    => ['name'],
@ -111,6 +112,19 @@ class OidcTest extends TestCase
        $this->assertPermissionError($resp);
    }
    public function test_automatic_redirect_on_login()
    {
        config()->set([
            'auth.auto_redirect'        => true,
            'services.google.client_id' => false,
            'services.github.client_id' => false,
        ]);
        $req = $this->get('/login');
        $req->assertSeeText('SingleSignOn-Testing');
        $req->assertElementExists('form[action$="/oidc/login"][method=POST] button');
        $req->assertElementExists('div#loginredirect-wrapper');
    }
    public function test_login()
    {
        $req = $this->post('/oidc/login');