Commit Graph

28 Commits

Author SHA1 Message Date
Sam afaeb20f27 FEATURE: Add option to have sso synchronize group membership
In some cases add_groups and remove_groups is too much work, some sites
may wish to simply synchronize group membership based on a list.

When sso_overrides_groups is on all not automatic group membership is
sourced from SSO. Note if you omit to specify groups, they will be cleared
out.
2018-04-10 13:17:23 +10:00
Viktor Benei 54e4ff34f8
Fix "duplicate method" issue
Fixing http://www.rubydoc.info/gems/rubocop/RuboCop/Cop/Lint/DuplicateMethods

Readers are defined (https://github.com/discourse/discourse/blob/master/lib/single_sign_on.rb#L61), so only writers have to be generated.
2017-11-02 12:33:35 +01:00
Rafael dos Santos Silva 5d5268a82b Feature: Group handling 2017-10-25 22:49:17 -02:00
Michael Brown 518e101ad6 single_sign_on: encode the payload with strict_encode64 which doesn't add extraneous newlines 2017-10-17 13:41:52 -04:00
Guo Xiang Tan 5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Régis Hanol 85bf18ad0e tiny refactor 2017-03-27 16:21:38 +02:00
Viet Hoang 40164ccd4a Add user title to SSO payload 2017-01-31 16:42:27 -08:00
Sam 3d76ce1421 FEATURE: SSO support for adding and removing a user to groups
Use: add_groups with a comma delimited list to ensure a user is in groups (using group names)

Use: remove_groups with a comma delimited list to ensure a user is removed from groups (using group names)
2016-11-11 16:57:31 +11:00
Sam 9018de39ed FEATURE: allow shipping bio markdown via SSO
- Also adds site setting for sso_overrides_bio to disable bio editing by end users
2016-08-01 15:29:28 +10:00
Sam eafba0c0c0 correct diagnostics method 2016-04-08 12:11:41 +10:00
Sam 19ca08857f FEATURE: verbose SSO logging
By enabling the site setting verbose_sso_logging
you can log information every time a user tries initiates SSO
and during SSO failures
2016-04-08 11:20:01 +10:00
Paul Kaplan 1c926d22c6 Correctly parse `require_activation` field of SSO 2015-05-21 16:50:54 -05:00
Paul Kaplan 1c34341f31 Replace site setting with a payload attribute 2015-05-19 11:16:02 -05:00
Dan Singerman e8648350eb Add an sso option to suppress welcome emails
As discussed here: https://meta.discourse.org/t/create-new-sso-users-without-sending-welcome-emails/24894
2015-03-20 17:04:52 +00:00
Jeff Atwood 132713850a clarify base64 sso error message 2014-12-29 15:45:33 -08:00
Sam 1f0e8e441b missing chars 2014-12-30 09:28:44 +11:00
Sam 2754b45fff improve error handling massage for bad sso requests 2014-12-30 09:23:50 +11:00
Sam 013f1a6dd0 FEATURE: allow creating admin and moderator accounts via SSO 2014-11-27 12:39:00 +11:00
Sam 800ae5265f Add admin and moderator state to sso provider 2014-11-27 12:24:37 +11:00
Sam c10e3df012 FEATURE: implement SSO provider on Discourse so Auth can be farmed to it
FEATURE: pass return_sso_url to SSO endpoints, for easier return
2014-11-26 17:26:27 +11:00
Wilhansen Li e0f970326f Implement SSO overriding avatars.
Implemented by having Discourse download the image from the provided URL
and treating it as a custom upload.

Adds two more parameters to the SSO site’s response:

* `avatar_url` specifies the URL of the overriding avatar.
* `avatar_force_update` Discourse does not re-download avatars that
has already been download from the same URL. Setting this to true forces
Discourse to re-download the avatar in `avatar_url`

Note that both parameters are ignored if `sso_overrides_avatar` is set
to false.
2014-08-19 15:53:34 +08:00
Sam e9b18085a2 Remove left overs 2014-04-24 09:41:03 +10:00
Sam a3b2b4baca FEATURE: custom fields on User 2014-04-22 13:52:13 +10:00
Neil Lalonde 342d09bc34 FIX: support sso_url that has query params 2014-03-19 17:14:31 -04:00
Stephen Birarda c3eb2025d8 add option to override user attributes from SSO payload
add an external_username attribute for username from SSO payload

repair the field name in SingleSignOnRecord migration

move setting of external_username for sso to controller

add settings toggle to override username/email from SSO payload

fix changing of external username after override toggle

complete tests and logic for sso override

add some extra context to username override option

add external_email and external_name to single sign on record

add setting for name override from SSO payload

complete override with stored external_email and external_name

add missing checks to tests

remove an unneeded describe block

break up a monster method for single sign on

fixes for sso attribute override after failed tests
2014-03-04 09:52:21 -08:00
Sam 440435f023 FEATURE: SSO to handle return_path automatically 2014-02-26 09:58:30 +11:00
Sam 890d06ac04 FEATURE: change SSO to use sha256 HMAC, which is more secure 2014-02-26 09:44:41 +11:00
Sam 6f31d3f0e5 FEATURE: single sign on support
Added support for outsourcing auth to a different website, documentation on meta
2014-02-25 14:31:03 +11:00