Skip to content

Commit af256b9

Browse files
come-nccome-nc
committed
feat(oauth2): Skip page before login as well for authorized applications
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 parent fe69a24 commit af256b9

File tree

2 files changed

+28
-7
lines changed

2 files changed

+28
-7
lines changed

apps/oauth2/lib/Controller/LoginRedirectorController.php

Lines changed: 27 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@
88
*/
99
namespace OCA\OAuth2\Controller;
1010

11+
use OC\Core\Controller\ClientFlowLoginController;
1112
use OCA\OAuth2\Db\ClientMapper;
1213
use OCA\OAuth2\Exceptions\ClientNotFoundException;
1314
use OCP\AppFramework\Controller;
@@ -17,10 +18,12 @@
1718
use OCP\AppFramework\Http\Attribute\UseSession;
1819
use OCP\AppFramework\Http\RedirectResponse;
1920
use OCP\AppFramework\Http\TemplateResponse;
21+
use OCP\IAppConfig;
2022
use OCP\IL10N;
2123
use OCP\IRequest;
2224
use OCP\ISession;
2325
use OCP\IURLGenerator;
26+
use OCP\Security\ISecureRandom;
2427

2528
class LoginRedirectorController extends Controller {
2629
/**
@@ -38,6 +41,8 @@ public function __construct(
3841
private ClientMapper $clientMapper,
3942
private ISession $session,
4043
private IL10N $l,
44+
private ISecureRandom $random,
45+
private IAppConfig $appConfig,
4146
) {
4247
parent::__construct($appName, $request);
4348
}
@@ -76,12 +81,28 @@ public function authorize($client_id,
7681

7782
$this->session->set('oauth.state', $state);
7883

79-
$targetUrl = $this->urlGenerator->linkToRouteAbsolute(
80-
'core.ClientFlowLogin.showAuthPickerPage',
81-
[
82-
'clientIdentifier' => $client->getClientIdentifier(),
83-
]
84-
);
84+
if (in_array($client->getName(), $this->appConfig->getValueArray('oauth2', 'autoGrantApplications', []))) {
85+
/* See ClientFlowLoginController::showAuthPickerPage */
86+
$stateToken = $this->random->generate(
87+
64,
88+
ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_DIGITS
89+
);
90+
$this->session->set(ClientFlowLoginController::STATE_NAME, $stateToken);
91+
$targetUrl = $this->urlGenerator->linkToRouteAbsolute(
92+
'core.ClientFlowLogin.grantPage',
93+
[
94+
'stateToken' => $stateToken,
95+
'clientIdentifier' => $client->getClientIdentifier(),
96+
]
97+
);
98+
} else {
99+
$targetUrl = $this->urlGenerator->linkToRouteAbsolute(
100+
'core.ClientFlowLogin.showAuthPickerPage',
101+
[
102+
'clientIdentifier' => $client->getClientIdentifier(),
103+
]
104+
);
105+
}
85106
return new RedirectResponse($targetUrl);
86107
}
87108
}

core/Controller/ClientFlowLoginController.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,6 @@
88
use OC\Authentication\Events\AppPasswordCreatedEvent;
99
use OC\Authentication\Exceptions\PasswordlessTokenException;
1010
use OC\Authentication\Token\IProvider;
11-
use OC\Authentication\Token\IToken;
1211
use OCA\OAuth2\Db\AccessToken;
1312
use OCA\OAuth2\Db\AccessTokenMapper;
1413
use OCA\OAuth2\Db\ClientMapper;
@@ -24,6 +23,7 @@
2423
use OCP\AppFramework\Http\StandaloneTemplateResponse;
2524
use OCP\AppFramework\Utility\ITimeFactory;
2625
use OCP\Authentication\Exceptions\InvalidTokenException;
26+
use OCP\Authentication\Token\IToken;
2727
use OCP\Defaults;
2828
use OCP\EventDispatcher\IEventDispatcher;
2929
use OCP\IAppConfig;

0 commit comments

Comments
 (0)