Brendon/gameyfin
1
0
Fork 0
mirror of https://github.com/BrenBroZAYT/gameyfin.git synced 2026-06-16 16:20:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

Enable direct login even if SSO is enabled

Browse Source
This commit is contained in:
GRIMSIM
2025-07-11 10:37:11 +02:00
parent 4e624b5a0e
commit 7ac1377c57
2 changed files with 33 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/src/main/kotlin/org/gameyfin/app/core/security/CustomAuthenticationEntryPoint.kt
+22
View File
@@ -0,0 +1,22 @@
package org.gameyfin.app.core.security
import jakarta.servlet.http.HttpServletRequest
import jakarta.servlet.http.HttpServletResponse
import org.springframework.context.annotation.Conditional
import org.springframework.security.core.AuthenticationException
import org.springframework.security.web.AuthenticationEntryPoint
@Conditional(SsoEnabledCondition::class)
class CustomAuthenticationEntryPoint : AuthenticationEntryPoint {
override fun commence(
request: HttpServletRequest,
response: HttpServletResponse,
authException: AuthenticationException?
) {
if (request.getParameter("direct") == "1") {
response.sendRedirect("/login")
} else {
response.sendRedirect("/oauth2/authorization/${SecurityConfig.SSO_PROVIDER_KEY}")
}
}
}
app/src/main/kotlin/org/gameyfin/app/core/security/SecurityConfig.kt
+11 -5
View File
@@ -30,7 +30,9 @@ class SecurityConfig(
private val sessionRegistry: SessionRegistry private val sessionRegistry: SessionRegistry
) : VaadinWebSecurity() { ) : VaadinWebSecurity() {
private val ssoProviderKey: String = "oidc" companion object {
const val SSO_PROVIDER_KEY = "oidc"
}
@Throws(Exception::class) @Throws(Exception::class)
override fun configure(http: HttpSecurity) { override fun configure(http: HttpSecurity) {
@@ -56,14 +58,18 @@ class SecurityConfig(
super.configure(http) super.configure(http)
setLoginView(http, "/login", "/")
if (config.get(ConfigProperties.SSO.OIDC.Enabled) == true) { if (config.get(ConfigProperties.SSO.OIDC.Enabled) == true) {
setOAuth2LoginPage(http, "/oauth2/authorization/$ssoProviderKey")
// Use custom success handler to handle user registration // Use custom success handler to handle user registration
http.oauth2Login { oauth2Login -> oauth2Login.successHandler(ssoAuthenticationSuccessHandler) } http.oauth2Login { oauth2Login -> oauth2Login.successHandler(ssoAuthenticationSuccessHandler) }
// Prevent unnecessary redirects // Prevent unnecessary redirects
http.logout { logout -> logout.logoutSuccessHandler((HttpStatusReturningLogoutSuccessHandler(HttpStatus.OK))) } http.logout { logout -> logout.logoutSuccessHandler((HttpStatusReturningLogoutSuccessHandler(HttpStatus.OK))) }
} else {
setLoginView(http, "/login", "/") // Custom authentication entry point to support SSO and direct login
http.exceptionHandling { exceptionHandling ->
exceptionHandling.authenticationEntryPoint(CustomAuthenticationEntryPoint())
}
} }
} }
@@ -79,7 +85,7 @@ class SecurityConfig(
@Bean @Bean
@Conditional(SsoEnabledCondition::class) @Conditional(SsoEnabledCondition::class)
fun clientRegistrationRepository(): ClientRegistrationRepository? { fun clientRegistrationRepository(): ClientRegistrationRepository? {
val clientRegistration = ClientRegistration.withRegistrationId(ssoProviderKey) val clientRegistration = ClientRegistration.withRegistrationId(SSO_PROVIDER_KEY)
.clientId(config.get(ConfigProperties.SSO.OIDC.ClientId)) .clientId(config.get(ConfigProperties.SSO.OIDC.ClientId))
.clientSecret(config.get(ConfigProperties.SSO.OIDC.ClientSecret)) .clientSecret(config.get(ConfigProperties.SSO.OIDC.ClientSecret))
.scope("openid", "profile", "email") .scope("openid", "profile", "email")