TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-04-15 20:41:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: username mapping of idp (#2977)

Browse Source 
* docs: add primary domain scope section to identity brokering guide

* fix: register overview

* Update external_register_overview.html

* fix mapping

* fix html

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
This commit is contained in:
Fabi 2022-01-11 17:59:12 +01:00 committed by GitHub
parent 2355fcb7cf
commit 41ec3321b0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 25 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
internal/query/org_domain.go
View File

@ -48,6 +48,10 @@ func NewOrgDomainOrgIDSearchQuery(value string) (SearchQuery, error) {
return NewTextQuery(OrgDomainOrgIDCol, value, TextEquals) return NewTextQuery(OrgDomainOrgIDCol, value, TextEquals)
} }
func NewOrgDomainVerifiedSearchQuery(verified bool) (SearchQuery, error) {
return NewBoolQuery(OrgDomainIsVerifiedCol, verified)
}
func (q *Queries) SearchOrgDomains(ctx context.Context, queries *OrgDomainSearchQueries) (domains *Domains, err error) { func (q *Queries) SearchOrgDomains(ctx context.Context, queries *OrgDomainSearchQueries) (domains *Domains, err error) {
query, scan := prepareDomainsQuery() query, scan := prepareDomainsQuery()
stmt, args, err := queries.toQuery(query).ToSql() stmt, args, err := queries.toQuery(query).ToSql()

9
internal/ui/login/handler/external_register_handler.go
View File

@ -117,6 +117,9 @@ func (l *Login) handleExternalUserRegister(w http.ResponseWriter, r *http.Reques
return return
} }
resourceOwner := iam.GlobalOrgID resourceOwner := iam.GlobalOrgID
if authReq.RequestedOrgID != "" {
resourceOwner = authReq.RequestedOrgID
}
orgIamPolicy, err := l.getOrgIamPolicy(r, resourceOwner) orgIamPolicy, err := l.getOrgIamPolicy(r, resourceOwner)
if err != nil { if err != nil {
l.renderRegisterOption(w, r, authReq, err) l.renderRegisterOption(w, r, authReq, err)
@ -155,11 +158,12 @@ func (l *Login) renderExternalRegisterOverview(w http.ResponseWriter, r *http.Re
if err != nil { if err != nil {
errID, errMessage = l.getErrorMessage(r, err) errID, errMessage = l.getErrorMessage(r, err)
} }
data := externalRegisterData{ data := externalRegisterData{
baseData: l.getBaseData(r, authReq, "ExternalRegisterOverview", errID, errMessage), baseData: l.getBaseData(r, authReq, "ExternalRegisterOverview", errID, errMessage),
externalRegisterFormData: externalRegisterFormData{ externalRegisterFormData: externalRegisterFormData{
Email: human.EmailAddress, Email: human.EmailAddress,
Username: human.PreferredLoginName, Username: human.Username,
Firstname: human.FirstName, Firstname: human.FirstName,
Lastname: human.LastName, Lastname: human.LastName,
Nickname: human.NickName, Nickname: human.NickName,
@ -228,6 +232,9 @@ func (l *Login) mapTokenToLoginHumanAndExternalIDP(orgIamPolicy *query.OrgIAMPol
username = tokens.IDTokenClaims.GetEmail() username = tokens.IDTokenClaims.GetEmail()
} }
} }
if username == "" {
username = tokens.IDTokenClaims.GetEmail()
}
if orgIamPolicy.UserLoginMustBeDomain { if orgIamPolicy.UserLoginMustBeDomain {
splittedUsername := strings.Split(username, "@") splittedUsername := strings.Split(username, "@")

1
internal/ui/login/handler/jwt_handler.go
View File

@ -126,6 +126,7 @@ func (l *Login) jwtExtractionUserNotFound(w http.ResponseWriter, r *http.Request
l.renderError(w, r, authReq, err) l.renderError(w, r, authReq, err)
return return
} }
user, externalIDP, metadata := l.mapExternalUserToLoginUser(orgIamPolicy, authReq.LinkingUsers[len(authReq.LinkingUsers)-1], idpConfig) user, externalIDP, metadata := l.mapExternalUserToLoginUser(orgIamPolicy, authReq.LinkingUsers[len(authReq.LinkingUsers)-1], idpConfig)
user, metadata, err = l.customExternalUserToLoginUserMapping(user, tokens, authReq, idpConfig, metadata, resourceOwner) user, metadata, err = l.customExternalUserToLoginUserMapping(user, tokens, authReq, idpConfig, metadata, resourceOwner)
if err != nil { if err != nil {

25
internal/ui/login/static/templates/external_register_overview.html
View File

@ -34,6 +34,17 @@
</div> </div>
</div> </div>
<div class="lgn-field double">
<label class="lgn-label" for="username">{{t "ExternalRegistrationUserOverview.UsernameLabel"}}</label>
<div class="lgn-suffix-wrapper">
<input class="lgn-input lgn-suffix-input" type="text" id="username" name="username"
value="{{ .Username }}" required>
{{if .DisplayLoginNameSuffix}}
<span id="default-login-suffix" lgnsuffix class="loginname-suffix">@{{.PrimaryDomain}}</span>
{{end}}
</div>
</div>
<div class="lgn-field double"> <div class="lgn-field double">
<label class="lgn-label" for="email">{{t "ExternalRegistrationUserOverview.EmailLabel"}}</label> <label class="lgn-label" for="email">{{t "ExternalRegistrationUserOverview.EmailLabel"}}</label>
<input class="lgn-input" type="text" id="email" name="email" autocomplete="email" value="{{ .Email }}" required> <input class="lgn-input" type="text" id="email" name="email" autocomplete="email" value="{{ .Email }}" required>
@ -44,18 +55,6 @@
<input class="lgn-input" type="text" id="phone" name="phone" autocomplete="tel" value="{{ .Phone }}"> <input class="lgn-input" type="text" id="phone" name="phone" autocomplete="tel" value="{{ .Phone }}">
</div> </div>
{{if .ShowUsername}}
<div class="lgn-field double">
<label class="lgn-label" for="username">{{t "ExternalRegistrationUserOverview.UsernameLabel"}}</label>
<div class="lgn-suffix-wrapper">
<input class="lgn-input lgn-suffix-input" type="text" id="username" name="username" autocomplete="email" value="{{ .Email }}" required>
{{if .DisplayLoginNameSuffix}}
<span id="default-login-suffix" lgnsuffix class="loginname-suffix">@{{.PrimaryDomain}}</span>
{{end}}
</div>
</div>
{{end}}
<div class="double-col"> <div class="double-col">
<div class="lgn-field"> <div class="lgn-field">
<label class="lgn-label" for="languages">{{t "ExternalRegistrationUserOverview.LanguageLabel"}}</label> <label class="lgn-label" for="languages">{{t "ExternalRegistrationUserOverview.LanguageLabel"}}</label>
@ -111,4 +110,4 @@
<script src="{{ resourceUrl "scripts/form_submit.js" }}"></script> <script src="{{ resourceUrl "scripts/form_submit.js" }}"></script>
<script src="{{ resourceUrl "scripts/default_form_validation.js" }}"></script> <script src="{{ resourceUrl "scripts/default_form_validation.js" }}"></script>
{{template "main-bottom" .}} {{template "main-bottom" .}}