use OIDC without admin api, option to disable anonymous login

2021-10-21 16:28:57 +02:00 · 2021-10-21 16:28:57 +02:00 · 6832fe4990
commit 6832fe4990
parent 14a31d81ea
9 changed files with 59 additions and 22 deletions
--- a/front/src/Connexion/ConnectionManager.ts
+++ b/front/src/Connexion/ConnectionManager.ts
@ -42,11 +42,22 @@ class ConnectionManager {
        localUserStore.setAuthToken(null);

        //TODO fix me to redirect this URL by pusher
-        if (!this._currentRoom || !this._currentRoom.iframeAuthentication) {
+        if (!this._currentRoom) {
            loginSceneVisibleIframeStore.set(false);
            return null;
        }
-        const redirectUrl = new URL(`${this._currentRoom.iframeAuthentication}`);
+
+        // also allow OIDC login without admin API by using pusher
+        let redirectUrl: URL;
+        if (this._currentRoom.iframeAuthentication) {
+            redirectUrl = new URL(`${this._currentRoom.iframeAuthentication}`);
+        } else {
+            // need origin if PUSHER_URL is relative (in Single-Domain-Deployment)
+            redirectUrl = new URL(
+                `${PUSHER_URL}/login-screen`,
+                !PUSHER_URL.startsWith("http:") || !PUSHER_URL.startsWith("https:") ? window.location.origin : undefined
+            );
+        }
        redirectUrl.searchParams.append("state", state);
        redirectUrl.searchParams.append("nonce", nonce);
        redirectUrl.searchParams.append("playUri", this._currentRoom.key);
@ -204,13 +215,18 @@ class ConnectionManager {
    }

    public async anonymousLogin(isBenchmark: boolean = false): Promise<void> {
-        const data = await Axios.post(`${PUSHER_URL}/anonymLogin`).then((res) => res.data);
-        this.localUser = new LocalUser(data.userUuid, []);
-        this.authToken = data.authToken;
-        if (!isBenchmark) {
-            // In benchmark, we don't have a local storage.
-            localUserStore.saveUser(this.localUser);
-            localUserStore.setAuthToken(this.authToken);
+        try {
+            const data = await Axios.post(`${PUSHER_URL}/anonymLogin`).then((res) => res.data);
+            this.localUser = new LocalUser(data.userUuid, []);
+            this.authToken = data.authToken;
+            if (!isBenchmark) {
+                // In benchmark, we don't have a local storage.
+                localUserStore.saveUser(this.localUser);
+                localUserStore.setAuthToken(this.authToken);
+            }
+        } catch (error) {
+            // anonymous login failed (through 403 DISABLE_ANONYMOUS)
+            this.loadOpenIDScreen();
        }
    }