From 004e8edcb2c93de18d67820642b4389e771a8fe7 Mon Sep 17 00:00:00 2001 From: Travis Ralston Date: Thu, 21 Oct 2021 08:35:05 -0600 Subject: [PATCH] Deprecate `sso_immediate_redirect` and add welcome-page only option (#19437) * Deprecate `sso_immediate_redirect` and add welcome-page only option The old `sso_immediate_redirect` option is kept in code for backwards compatibility, but is replaced by `sso_redirect_options.immediate`, where a new `on_welcome_page` option is also introduced to only target entry points to the app. The path matching is a bit brittle, but still ideal in the sense of not showing UI while the app realizes it needs to redirect. The new welcome page-only option is fully intended to avoid breaking permalinks and such while still redirecting when needed. In future, other options might be added here to further tune the experience. * Add note about guests --- docs/config.md | 16 +++++++++++++--- src/vector/app.tsx | 10 ++++++++-- 2 files changed, 21 insertions(+), 5 deletions(-) diff --git a/docs/config.md b/docs/config.md index 0c8d5e35d..c36419bb3 100644 --- a/docs/config.md +++ b/docs/config.md @@ -22,9 +22,19 @@ For a good example, see https://develop.element.io/config.json. `default_hs_url` is specified. When multiple sources are specified, it is unclear which should take priority and therefore the application cannot continue. * As of Element 1.4.0, identity servers are optional. See [Identity servers](#identity-servers) below. -1. `sso_immediate_redirect`: When `true`, Element will assume the default server supports SSO - and attempt to send the user there to continue (if they aren't already logged in). Default - `false`. Note that this disables all usage of the welcome page. +1. `sso_redirect_options`: Optionally defines how Element will behave with a server which supports + Single Sign On (SSO). By default, Element will do nothing special and simply show a button where + needed for the user to click to navigate to the SSO system. This behaviour can be tuned with the + config options below (as properties of the `sso_redirect_options` object). None of the options apply + if Element thinks the user is already logged in, and similarly Element will assume the default server + supports SSO if these redirect options are used. + * `immediate`: When `true` (default `false`), Element will automatically redirect all unauthenticated + users to the SSO system to log in regardless of how they reached the app. This overrides the use of + other redirect options. + * `on_welcome_page`: When `true` (default `false`), Element will automatically redirect all unauthenticated + users to the SSO to log in if the user lands on the welcome page or no specific page. For example, + https://app.element.io/#/welcome and https://app.element.io would redirect if set up to use this option. + This can be useful to maintain guest experience until an account is needed. 1. `features`: Lookup of optional features that may be force-enabled (`true`) or force-disabled (`false`). When features are not listed here, their defaults will be used, and users can turn them on/off if `showLabsSettings` allows them to. The available optional experimental features vary from release to release and are diff --git a/src/vector/app.tsx b/src/vector/app.tsx index 732976388..f6e44734d 100644 --- a/src/vector/app.tsx +++ b/src/vector/app.tsx @@ -30,7 +30,7 @@ import AutoDiscoveryUtils from 'matrix-react-sdk/src/utils/AutoDiscoveryUtils'; import { AutoDiscovery } from "matrix-js-sdk/src/autodiscovery"; import * as Lifecycle from "matrix-react-sdk/src/Lifecycle"; import type MatrixChatType from "matrix-react-sdk/src/components/structures/MatrixChat"; -import SdkConfig from "matrix-react-sdk/src/SdkConfig"; +import SdkConfig, { parseSsoRedirectOptions } from "matrix-react-sdk/src/SdkConfig"; import { logger } from "matrix-js-sdk/src/logger"; import { parseQs, parseQsFromFragment } from './url_utils'; @@ -159,7 +159,13 @@ export async function loadApp(fragParams: {}) { const [userId] = await Lifecycle.getStoredSessionOwner(); const hasPossibleToken = !!userId; const isReturningFromSso = !!params.loginToken; - const autoRedirect = config['sso_immediate_redirect'] === true; + const ssoRedirects = parseSsoRedirectOptions(config); + let autoRedirect = ssoRedirects.immediate === true; + // XXX: This path matching is a bit brittle, but better to do it early instead of in the app code. + const isWelcomeOrLanding = window.location.hash === '#/welcome' || window.location.hash === '#'; + if (!autoRedirect && ssoRedirects.on_welcome_page && isWelcomeOrLanding) { + autoRedirect = true; + } if (!hasPossibleToken && !isReturningFromSso && autoRedirect) { logger.log("Bypassing app load to redirect to SSO"); const tempCli = createClient({