ExternalVendorCode/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2024-12-19 04:57:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Include authentication URL in config

Browse Source
This commit is contained in:
Adam Ierymenko 2021-07-23 19:17:42 -04:00
parent efe0e8aa7b
commit 0310bfa3e3
No known key found for this signature in database
GPG Key ID: C8877CF2D7A5D7F3
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
controller/EmbeddedNetworkController.cpp
View File

@ -1355,21 +1355,21 @@ void EmbeddedNetworkController::_request(
member["lastAuthorizedCredential"] = autoAuthCredential;
}
// Should we check SSO Stuff?
// If network is configured with SSO, and the member is not marked exempt: yes
// Otherwise no, we use standard auth logic.
bool networkSSOEnabled = OSUtils::jsonBool(network["ssoEnabled"], false);
bool memberSSOExempt = OSUtils::jsonBool(member["ssoExempt"], false);
std::string authenticationURL;
if (networkSSOEnabled && !memberSSOExempt) {
authenticationURL = _db.getSSOAuthURL(member, _ssoRedirectURL);
std::string memberId = member["id"];
fprintf(stderr, "ssoEnabled && !ssoExempt %s-%s\n", nwids, memberId.c_str());
uint64_t authenticationExpiryTime = (int64_t)OSUtils::jsonInt(member["authenticationExpiryTime"], 0);
if (authenticationExpiryTime > 0) {
fprintf(stderr, "authExpiryTime: %lld\n", authenticationExpiryTime);
if (authenticationExpiryTime < now) {
std::string authenticationURL = _db.getSSOAuthURL(member, _ssoRedirectURL);
if (!authenticationURL.empty()) {
Dictionary<3072> authInfo;
authInfo.add("aU", authenticationURL.c_str());
@ -1377,9 +1377,9 @@ void EmbeddedNetworkController::_request(
DB::cleanMember(member);
_db.save(member,true);
_sender->ncSendError(nwid,requestPacketId,identity.address(),NetworkController::NC_ERROR_AUTHENTICATION_REQUIRED, authInfo.data(), authInfo.sizeBytes());
return;
}
} else {
return;
} else if (authorized) {
_db.memberExpiring(authenticationExpiryTime, nwid, identity.address().toInt());
}
}
@ -1451,7 +1451,8 @@ void EmbeddedNetworkController::_request(
nc->ssoEnabled = OSUtils::jsonBool(network["ssoEnabled"], false);
nc->authenticationExpiryTime = OSUtils::jsonInt(member["authenticationExpiryTime"], 0LL);
if (!authenticationURL.empty())
Utils::scopy(nc->authenticationURL, sizeof(nc->authenticationURL), authenticationURL.c_str());
std::string rtt(OSUtils::jsonString(member["remoteTraceTarget"],""));
if (rtt.length() == 10) {