Commit f4b8e3d4 authored by Wolfgang Knopki's avatar Wolfgang Knopki
Browse files

Merge branch 'saml-integration' into 'master'

Saml integration

See merge request !4
parents 75b5f79c 710c1038
......@@ -4,13 +4,15 @@
"host": "::",
"port": 9666,
"endpoint": "http://localhost/spacedeck/",
"endpoint": "http://localhost/spacedeck",
"invite_code": "top-sekrit",
"api_endpoint": "http://localhost/spacedeck",
"prefix":"/spacedeck",
"storage_region": "eu-central-1",
"storage_bucket": "my_spacedeck_bucket",
"storage_cdn": "/storage",
"storage_cdn": "/spacedeck/storage",
"storage_local_path": "./storage",
"storage_local_db": "./database.sqlite",
......@@ -31,8 +33,8 @@
"mail_smtp_user": "your.smtp.user",
"mail_smtp_pass": "your.secret.smtp.password",
"path" : "http://localhost:9666/saml/SSO",
"path" : "/saml/SSO",
"entryPoint" : "https://transfer.hft-stuttgart.de/idp2/saml2/idp/SSOService.php",
"issuer" : "spacedeck_local.m4lab.hft-stuttgart.de",
"logoutUrl": "https://transfer.hft-stuttgart.de/idp2/saml2/idp/SingleLogoutService.php"
}
}
......@@ -12,6 +12,8 @@ var template = fs.readFileSync("views/partials/space-isolated.html");
var dom = cheerio.load(template);
const config = require('config');
var compiled_js = "";
function emit(str,indent) {
......@@ -140,7 +142,7 @@ function render_space_as_html(space, artifacts) {
var style="html, body, #space { overflow: visible !important; }\n";
style+=".wrapper { border: none !important; }\n";
h='<html>\n<head>\n<link href="https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,700,600,800,300|Montserrat:400,700|EB+Garamond|Vollkorn|Fire+Sans|Lato|Roboto|Source+Code+Pro|Ubuntu|Raleway|Playfair+Display|Crimson+Text" rel="stylesheet" type="text/css">\n<link type="text/css" rel="stylesheet" href="https://fast.fonts.net/cssapi/ee1a3484-4d98-4f9f-9f55-020a7b37f3c5.css"/>\n<link rel="stylesheet" href="/stylesheets/style.css"><style>'+style+'</style>\n</head>\n<body id="main">\n'+h+"\n</html>\n";
h='<html>\n<head>\n<link href="https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,700,600,800,300|Montserrat:400,700|EB+Garamond|Vollkorn|Fire+Sans|Lato|Roboto|Source+Code+Pro|Ubuntu|Raleway|Playfair+Display|Crimson+Text" rel="stylesheet" type="text/css">\n<link type="text/css" rel="stylesheet" href="https://fast.fonts.net/cssapi/ee1a3484-4d98-4f9f-9f55-020a7b37f3c5.css"/>\n<link rel="stylesheet" href="' + config.endpoint + '/stylesheets/style.css"><style>'+style+'</style>\n</head>\n<body id="main">\n'+h+"\n</html>\n";
return h;
}
......
......@@ -48,7 +48,9 @@ function load_resource(method, path, data, on_success, on_error, on_progress) {
}
req.withCredentials = true;
req.open(method, api_endpoint+"/api"+path, true);
req.open(method, ENV.apiEndpoint+"/api"+path, true);
console.log(ENV);
//req.open(method, "http://localhost/spacedeck/api"+path, true);
if (api_token) {
req.setRequestHeader("X-Spacedeck-Auth", api_token);
......@@ -59,7 +61,8 @@ function load_resource(method, path, data, on_success, on_error, on_progress) {
if (channel_id) {
req.setRequestHeader("X-Spacedeck-Channel", channel_id);
}
console.log("filled request?")
console.log(req);
try {
if (data) {
if (data.toString() == "[object File]") {
......@@ -75,6 +78,7 @@ function load_resource(method, path, data, on_success, on_error, on_progress) {
req.send(JSON.stringify(data));
}
} else {
console.log("reached sending stage without data");
req.send();
}
} catch (e) {
......
......@@ -37,7 +37,7 @@ SpacedeckAccount = {
this.user.prefs_language = lang;
this.save_user(function() {
window._spacedeck_location_change = true;
location.href="/spaces";
location.href=ENV.endpoint + "/spaces";
}.bind(this));
},
......@@ -49,7 +49,7 @@ SpacedeckAccount = {
save_user(this.user, function(user) {
if (on_success) on_success();
else location.href="/spaces";
else location.href=ENV.endpoint + "/spaces";
}.bind(this), function(xhr){
console.error(xhr)
......@@ -108,12 +108,12 @@ SpacedeckAccount = {
confirm_account: function(token) {
confirm_user(this.user, token, function(re) {
smoke.alert(__("confirmed"), function() {
this.redirect_to("/spaces");
this.redirect_to(ENV.prefix+"/spaces");
}.bind(this));
}.bind(this), function(xhr) {
console.error(xhr);
alert(xhr.responseText);
this.redirect_to("/spaces");
this.redirect_to(ENV.prefix+"/spaces");
}.bind(this));
},
}
......
......@@ -11,7 +11,7 @@ var SpacedeckRoutes = {
this.router.add([
{
path: "/spaces/:id",
path: ENV.prefix+"/spaces/:id",
handler: function(params, on_success) {
this.load_space(params.id, on_success);
}.bind(this)
......@@ -20,7 +20,7 @@ var SpacedeckRoutes = {
this.router.add([
{
path: "/s/:hash",
path: ENV.prefix+"/s/:hash",
handler: function(params, on_success) {
var parts = params.hash.split("-");
if (path.length > 0) {
......@@ -35,10 +35,10 @@ var SpacedeckRoutes = {
this.router.add([
{
path: "/confirm/:token",
path: ENV.prefix+"/confirm/:token",
handler: function(params) {
if (!this.logged_in) {
this.redirect_to("/login");
this.redirect_to(ENV.prefix+"/login");
} else {
this.confirm_account(params.token);
}
......@@ -48,13 +48,13 @@ var SpacedeckRoutes = {
this.router.add([
{
path: "/password-confirm/:token",
path: ENV.prefix+"/password-confirm/:token",
handler: function(params) {
console.log(params.token);
if (this.logged_in) {
this.redirect_to("/spaces");
this.redirect_to(ENV.prefix+"/spaces");
} else {
this.reset_token = params.token;
this.active_view = "password-confirm";
......@@ -66,7 +66,7 @@ var SpacedeckRoutes = {
this.router.add([
{
path: "/password-reset",
path: ENV.prefix+"/password-reset",
handler: function(params, test) {
if (this.logged_in) {
} else {
......@@ -78,20 +78,20 @@ var SpacedeckRoutes = {
this.router.add([
{
path: "/accept/:membership_id",
path: ENV.prefix+"/accept/:membership_id",
handler: function(params, test) {
if (this.logged_in) {
var invitation_token = get_query_param("code");
accept_invitation(params.membership_id, invitation_token , function(m) {
window._spacedeck_location_change = true;
location.href = "/spaces/"+m.space._id;
location.href = ENV.prefix+"/spaces/"+m.space._id;
}.bind(this), function(xhr) {
smoke.alert("Error ("+xhr.status+")", function() {
this.redirect_to("/spaces");
this.redirect_to(ENV.prefix+"/spaces");
}.bind(this));
}.bind(this));
} else {
this.redirect_to("/login");
this.redirect_to(ENV.prefix+"/login");
}
}.bind(this)
}
......@@ -99,7 +99,7 @@ var SpacedeckRoutes = {
this.router.add([
{
path: "/signup",
path: ENV.prefix+"/signup",
handler: function(params) {
var invitation_token = get_query_param("code");
......@@ -108,7 +108,7 @@ var SpacedeckRoutes = {
}
if (this.logged_in) {
this.redirect_to("/spaces");
this.redirect_to(ENV.prefix+"/spaces");
} else {
this.active_view = "signup";
}
......@@ -119,7 +119,7 @@ var SpacedeckRoutes = {
this.router.add([
{
path: "/login",
path: ENV.prefix+"/login",
handler: function(params) {
if (this.logged_in) {
if(this.invitation_token) {
......@@ -128,7 +128,7 @@ var SpacedeckRoutes = {
location.href = "spaces/"+m.space_id;
}.bind(this), function(xhr) { console.error(xhr); });
} else {
this.redirect_to("/spaces");
this.redirect_to(ENV.prefix+"/spaces");
}
} else {
this.active_view = "login";
......@@ -143,14 +143,14 @@ var SpacedeckRoutes = {
this.router.add([
{
path: "/logout",
path: ENV.prefix+"/logout",
handler: function(params) {
if (this.logged_in) {
this.logout(function(m) {
this.redirect_to("/login");
this.redirect_to(ENV.prefix+"/login");
}.bind(this), function(xhr) { console.error(xhr); });
} else {
this.redirect_to("/login");
this.redirect_to(ENV.prefix+"/login");
}
}.bind(this)
}
......@@ -158,17 +158,17 @@ var SpacedeckRoutes = {
this.router.add([
{
path: "/spaces",
path: ENV.prefix+"/spaces",
handler: function(params) {
if (!this.logged_in) {
window._spacedeck_location_change = true;
location.href = "/login";
location.href = ENV.prefix+"/login";
} else {
if (this.logged_in && this.user.home_folder_id) {
this.load_space(this.user.home_folder_id);
} else {
location.href = "/";
location.href = ENV.prefix+"/";
}
}
......@@ -178,11 +178,11 @@ var SpacedeckRoutes = {
this.router.add([
{
path: "/account",
path: ENV.prefix+"/account",
handler: function(params) {
if (!this.logged_in) {
window._spacedeck_location_change = true;
location.href = "/";
location.href = ENV.prefix+"/";
} else {
this.active_view = "account";
}
......@@ -193,11 +193,11 @@ var SpacedeckRoutes = {
this.router.add([
{
path: "/team",
path: ENV.prefix+"/team",
handler: function(params) {
if (!this.logged_in) {
window._spacedeck_location_change = true;
location.href = "/";
location.href = ENV.prefix+"/";
} else {
this.active_view = "team";
this.load_team();
......@@ -208,13 +208,13 @@ var SpacedeckRoutes = {
this.router.add([
{
path: "/folders/:id",
path: ENV.prefix+"/folders/:id",
handler: function(params) {
this.load_space(params.id, null, function(xhr) {
// on_error
console.log("couldn't load folder: "+xhr.status);
this.redirect_to("/spaces", function(){});
this.redirect_to(ENV.prefix+"/spaces", function(){});
}.bind(this));
}.bind(this)
}
......@@ -223,27 +223,27 @@ var SpacedeckRoutes = {
this.router.add([
{
path: "/",
path: ENV.prefix+"/",
handler: function(params) {
location.href = "/";
location.href = ENV.prefix+"/";
}.bind(this)
}
]);
this.router.add([
{
path: "/terms",
path: ENV.prefix+"/terms",
handler: function(params) {
location.href = "/terms";
location.href = ENV.prefix+"/terms";
}.bind(this)
}
]);
this.router.add([
{
path: "/privacy",
path: ENV.prefix+"/privacy",
handler: function(params) {
location.href = "/privacy";
location.href = ENV.prefix+"/privacy";
}.bind(this)
}
]);
......@@ -253,7 +253,7 @@ var SpacedeckRoutes = {
if (foundRoute) {
foundRoute[0].handler(foundRoute[0].params, on_success);
} else {
location.href = "/not_found";
location.href = ENV.prefix+"/not_found";
}
},
......@@ -300,10 +300,10 @@ var SpacedeckRoutes = {
},
link_to_parent_folder: function(space_id) {
return "/folders/"+space_id;
return ENV.prefix+"/folders/"+space_id;
},
link_to_space: function(space) {
return "/"+space.space_type+"s/"+space._id;
return ENV.prefix+"/"+space.space_type+"s/"+space._id;
}
}
......@@ -410,7 +410,7 @@ var SpacedeckSections = {
query_string+="?spaceAuth="+space.edit_hash;
}
return "background-image:url('/api/spaces/"+space._id+"/png"+query_string+"')";
return "background-image:url('"+ ENV.apiEndpoint +"/api/spaces/"+space._id+"/png"+query_string+"')";
},
reset_artifact_filters: function() {
......
......@@ -34,9 +34,9 @@ var SpacedeckSpaces = {
remix_style: "",
guest_signup_enabled: false,
space_embed_html: "",
share_base: location.origin,
share_base_url: location.origin+"/spaces/",
share_base_url_enc: encodeURIComponent(location.origin+"/spaces/"),
share_base: ENV.webEndpoint,
share_base_url: ENV.webEndpoint+"/spaces/",
share_base_url_enc: encodeURIComponent(ENV.webEndpoint+"/spaces/"),
social_bar: true,
can_add_comment: false,
......@@ -289,12 +289,12 @@ var SpacedeckSpaces = {
if (xhr.status == 403) {
if (!this.logged_in) {
this.redirect_to("/login?space_id="+space_id);
this.redirect_to(ENV.prefix+"/login?space_id="+space_id);
} else {
this.redirect_to("/");
this.redirect_to(ENV.prefix+"/");
}
} else {
this.redirect_to("/not_found");
this.redirect_to(ENV.prefix+"/not_found");
console.error(xhr);
}
}.bind(this));
......@@ -430,7 +430,7 @@ var SpacedeckSpaces = {
save_space(s, function(saved_space) {
this.active_folder.children.push(saved_space);
if (space_type != "folder") {
this.redirect_to("/"+saved_space.space_type+"s/"+saved_space._id, function(succ) {
this.redirect_to(ENV.prefix+"/"+saved_space.space_type+"s/"+saved_space._id, function(succ) {
});
} else {
this.rename_folder(saved_space);
......@@ -492,9 +492,9 @@ var SpacedeckSpaces = {
delete_space(space, function() {
if (space.parent_space_id){
this.redirect_to("/folders/"+space.parent_space_id, function(succ) {});
this.redirect_to(ENV.prefix+"/folders/"+space.parent_space_id, function(succ) {});
} else {
this.redirect_to("/spaces", function(succ) {});
this.redirect_to(ENV.prefix+"/spaces", function(succ) {});
}
this.close_modal();
......@@ -615,7 +615,7 @@ var SpacedeckSpaces = {
download_space_as_pdf: function(space) {
this.global_spinner = true;
get_resource("/spaces/" + space._id + "/pdf", function(o) {
get_resource(ENV.endpoint + "/spaces/" + space._id + "/pdf", function(o) {
this.global_spinner = false;
location.href = o.url;
}.bind(this), function(xhr) {
......@@ -627,7 +627,7 @@ var SpacedeckSpaces = {
download_space_as_zip: function(space) {
this.global_spinner = true;
get_resource("/spaces/" + space._id + "/zip", function(o) {
get_resource(ENV.endpoint + "/spaces/" + space._id + "/zip", function(o) {
this.global_spinner = false;
location.href = o.url;
......@@ -640,7 +640,7 @@ var SpacedeckSpaces = {
download_space_as_list: function(space) {
this.global_spinner = true;
location.href = "/api/spaces/" + space._id + "/list";
location.href = ENV.apiEndpoint + "/api/spaces/" + space._id + "/list";
},
toggle_follow_mode: function() {
......
......@@ -45,20 +45,20 @@ SpacedeckUsers = {
this.load_user(function(user) {
if (this.invitation_token) {
accept_invitation(this.invitation_token, function(memberships){
this.redirect_to("/spaces/"+memberships.space_id);
this.redirect_to(ENV.prefix+"/spaces/"+memberships.space_id);
}.bind(this), function(xhr){
console.error(xhr);
alert("Could not accept invitation. Maybe it was already accepted?");
this.redirect_to("/spaces");
this.redirect_to(ENV.prefix+"/spaces");
}.bind(this));
} else {
if (on_success) {
on_success(this.user);
} else {
if (get_query_param("space_id") && get_query_param("space_id").length==24) {
this.redirect_to("/spaces/"+get_query_param("space_id"));
this.redirect_to(ENV.prefix+"/spaces/"+get_query_param("space_id"));
} else {
this.redirect_to("/spaces", function() {});
this.redirect_to(ENV.prefix+"/spaces", function() {});
}
}
}
......@@ -234,7 +234,7 @@ SpacedeckUsers = {
api_token = null;
this.user = {};
this.active_content_type = "login";
this.redirect_to("/");
this.redirect_to(ENV.prefix+"/");
}.bind(this));
},
......
......@@ -5666,7 +5666,7 @@ output {
.input-select {
background-color: rgba(255, 255, 255, 0.04);
background-image: url("images/select_arrow.gif");
background-image: url("../images/select_arrow.gif");
border-radius: 3px;
display: inline-block;
width: 100%; }
......@@ -5906,7 +5906,7 @@ select {
background-repeat: no-repeat; }
.icon-sd6 {
background-image: url(/images/sd6-icon-white.svg); }
background-image: url(../images/sd6-icon-white.svg); }
.icon-bullet:before {
content: "\2022"; }
......@@ -12680,7 +12680,7 @@ button.close {
position: absolute;
z-index: 0;
background-color: white;
background-image: url("/images/spinner2.gif");
background-image: url("../images/spinner2.gif");
background-repeat: no-repeat;
background-position: 50% 50%;
background-size: cover; }
......@@ -14719,7 +14719,7 @@ button.close {
border: 1px solid rgba(255, 255, 255, 0.5); }
.pro-teaser-colorpicker {
background-image: image-url("images/pro-teaser-colorpicker.png");
background-image: image-url("../images/pro-teaser-colorpicker.png");
background-size: cover;
background-repeat: no-repeat;
background-position: center;
......@@ -14762,7 +14762,7 @@ button.close {
vertical-align: middle;
text-align: center; }
#space-loading .spinner {
background-image: url("/images/hourglass.gif"); }
background-image: url("../images/hourglass.gif"); }
#space-loading.active {
opacity: 1; }
......@@ -15365,11 +15365,11 @@ body:not(.present-mode) #space .artifact.selected {
.state-processing .spinner {
opacity: 1;
background-image: url("/images/hourglass.gif"); }
background-image: url("../images/hourglass.gif"); }
.state-uploading .spinner {
opacity: 0.8;
background-image: url("/images/hourglass.gif"); }
background-image: url("../images/hourglass.gif"); }
.state-idle .spinner {
display: none; }
......
......@@ -188,7 +188,7 @@ router.post('/', function(req, res, next) {
attrs.access_mode = "private";
db.Space.create(attrs).then(createdSpace => {
res.status(201).json(createdSpace);
//res.status(201).json(createdSpace);
// create initial admin membership
var membership = {
......
......@@ -37,6 +37,9 @@ const uuidv4 = require('uuid/v4');
entryPoint: config.entryPoint,
issuer: config.issuer,
identifierFormat: null,
//skipRequestCompression: true,
//authnRequestBinding: "HTTP-POST",
//disableRequestACSUrl: true,
validateInResponseTo: false,
disableRequestedAuthnContext: true
......@@ -57,12 +60,13 @@ const uuidv4 = require('uuid/v4');
router.get('/saml/metadata',
function(req, res) {
res.type('application/xml');
var spMetadata = samlStrategy.generateServiceProviderMetadata(fs.readFileSync('/cert/certificate.pem', 'utf8'));
res.status(200).send(spMetadata);
//var spMetadata = samlStrategy.generateServiceProviderMetadata(fs.readFileSync('/cert/certificate.pem', 'utf8'));
var spMetadata = samlStrategy.generateServiceProviderMetadata();
res.status(200).send(spMetadata);
}
);
router.post('/saml/SSO', passport.authenticate('saml', { failureRedirect: '/login', failureFlash: true}), function(req, res){
router.post('/saml/SSO', passport.authenticate('saml', { failureRedirect: config.endpoint + "/login", failureFlash: true}), function(req, res){
const xmlResponse = req.body.SAMLResponse;
const parser = new Saml2js(xmlResponse);
const response = parser.toObject();
......@@ -140,7 +144,7 @@ router.post('/saml/SSO', passport.authenticate('saml', { failureRedirect: '/logi
ip: req.ip,
device: "web",
created_at: new Date(),
url : "/"
url : config.endpoint + "/"
};
db.Session.create(session)
......@@ -152,7 +156,7 @@ router.post('/saml/SSO', passport.authenticate('saml', { failureRedirect: '/logi
var domain = (process.env.NODE_ENV == "production") ? new URL(config.get("endpoint")).hostname : req.headers.hostname;
console.log("session set successfully");
res.cookie('sdsession', token, { domain: domain, httpOnly: true });
res.redirect(302, "/")
res.redirect(302, config.endpoint + "/")
});