Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[16.0][ADD] auth_oauth_autoredirect #717

Open
wants to merge 1 commit into
base: 16.0
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
88 changes: 88 additions & 0 deletions auth_oauth_autoredirect/README.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,88 @@
==================================
OAuth2 Authentication Autoredirect
==================================

..
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!! This file is generated by oca-gen-addon-readme !!
!! changes will be overwritten. !!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!! source digest: sha256:a407434cc13674942d02c5b874f84dd4e78594e03e4b8b3af7ce846fbb0b44cc
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
:target: https://odoo-community.org/page/development-status
:alt: Beta
.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png
:target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
:alt: License: AGPL-3
.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github
:target: https://github.com/OCA/server-auth/tree/16.0/auth_oauth_autoredirect
:alt: OCA/server-auth
.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
:target: https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-auth_oauth_autoredirect
:alt: Translate me on Weblate
.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
:target: https://runboat.odoo-community.org/builds?repo=OCA/server-auth&target_branch=16.0
:alt: Try me on Runboat

|badge1| |badge2| |badge3| |badge4| |badge5|

This module adds autoredirection to an oauth provider.

**Table of contents**

.. contents::
:local:

Configuration
=============

If all the users have a oauth id in a single provider, you can set automatic redirection
in the provider settings. The autoredirection will only be done on the active provider
with the highest priority. It is still possible to access the login without redirection
by using the query parameter ``disable_autoredirect``, as in
``https://example.com/web/login?disable_autoredirect=`` The login is also displayed if
there is an error with login, in order to display any error message.

Bug Tracker
===========

Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-auth/issues>`_.
In case of trouble, please check there if your issue has already been reported.
If you spotted it first, help us to smash it by providing a detailed and welcomed
`feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20auth_oauth_autoredirect%0Aversion:%2016.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.

Do not contact contributors directly about support or help with technical issues.

Credits
=======

Authors
~~~~~~~

* XCG Consulting

Contributors
~~~~~~~~~~~~

* `XCG Consulting <https://xcg-consulting.fr/>`__:

* Vincent Hatakeyama <[email protected]>

Maintainers
~~~~~~~~~~~

This module is maintained by the OCA.

.. image:: https://odoo-community.org/logo.png
:alt: Odoo Community Association
:target: https://odoo-community.org

OCA, or the Odoo Community Association, is a nonprofit organization whose
mission is to support the collaborative development of Odoo features and
promote its widespread use.

This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/16.0/auth_oauth_autoredirect>`_ project on GitHub.

You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.
1 change: 1 addition & 0 deletions auth_oauth_autoredirect/__init__.py
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
from . import controllers, models
17 changes: 17 additions & 0 deletions auth_oauth_autoredirect/__manifest__.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
# Copyright (C) 2024 XCG Consulting <http://odoo.consulting>
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).

{
"name": "OAuth2 Authentication Autoredirect",
"version": "16.0.1.0.0",
"category": "Hidden/Tools",
"author": "XCG Consulting, Odoo Community Association (OCA)",
"website": "https://github.com/OCA/server-auth",
"license": "AGPL-3",
"depends": ["auth_oauth"],
"data": [
"views/auth_oauth_provider.xml",
],
"installable": True,
"auto_install": False,
}
3 changes: 3 additions & 0 deletions auth_oauth_autoredirect/controllers/__init__.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).

from . import main
69 changes: 69 additions & 0 deletions auth_oauth_autoredirect/controllers/main.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
# Copyright (C) 2020 GlodoUK <https://www.glodo.uk/>
# Copyright (C) 2010-2016, 2022-2024 XCG Consulting <https://xcg-consulting.fr/>
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).

import werkzeug.utils

from odoo import http
from odoo.http import request

from odoo.addons.auth_oauth.controllers.main import OAuthLogin
from odoo.addons.web.controllers.utils import ensure_db


# ----------------------------------------------------------
# Controller
# ----------------------------------------------------------
class OAuthAutoredirectLogin(OAuthLogin):
"""OAuth controller with autoredirect added"""

def list_providers_with_autoredirect(self):
providers = self.list_providers()
saml_providers = {
search_read["id"]
for search_read in request.env["auth.oauth.provider"]
.sudo()
.search_read([("autoredirect", "=", True)], ["id"])
}
return [provider for provider in providers if provider["id"] in saml_providers]

def _oauth_autoredirect(self):
# automatically redirect if any provider is set up to do that
autoredirect_providers = self.list_providers_with_autoredirect()
# do not redirect if asked too or if an error has been found
disable_autoredirect = (
"disable_autoredirect" in request.params or "error" in request.params
)
if autoredirect_providers and not disable_autoredirect:
return werkzeug.utils.redirect(

Check warning on line 38 in auth_oauth_autoredirect/controllers/main.py

View check run for this annotation

Codecov / codecov/patch

auth_oauth_autoredirect/controllers/main.py#L38

Added line #L38 was not covered by tests
autoredirect_providers[0]["auth_link"],
303,
)
return None

@http.route()
def web_client(self, s_action=None, **kw):
if not request.session.uid:
result = self._oauth_autoredirect()
if result:
return result

Check warning on line 49 in auth_oauth_autoredirect/controllers/main.py

View check run for this annotation

Codecov / codecov/patch

auth_oauth_autoredirect/controllers/main.py#L49

Added line #L49 was not covered by tests
return super().web_client(s_action, **kw)

@http.route()
def web_login(self, *args, **kw):
ensure_db()
# copied from super
if (
request.httprequest.method == "GET"
and request.session.uid
and request.params.get("redirect")
):
# Redirect if already logged in and redirect param is present
return request.redirect(request.params.get("redirect"))

Check warning on line 62 in auth_oauth_autoredirect/controllers/main.py

View check run for this annotation

Codecov / codecov/patch

auth_oauth_autoredirect/controllers/main.py#L62

Added line #L62 was not covered by tests

if request.httprequest.method == "GET":
result = self._oauth_autoredirect()
if result:
return result

Check warning on line 67 in auth_oauth_autoredirect/controllers/main.py

View check run for this annotation

Codecov / codecov/patch

auth_oauth_autoredirect/controllers/main.py#L67

Added line #L67 was not covered by tests

return super().web_login(*args, **kw)
1 change: 1 addition & 0 deletions auth_oauth_autoredirect/models/__init__.py
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
from . import auth_oauth_provider
15 changes: 15 additions & 0 deletions auth_oauth_autoredirect/models/auth_oauth_provider.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
# Copyright 2024 XCG Consulting <https://xcg-consulting.fr>
# License: AGPL-3.0 or later (http://www.gnu.org/licenses/agpl)

from odoo import fields, models


class AuthOauthProvider(models.Model):
_inherit = "auth.oauth.provider"

autoredirect = fields.Boolean(
"Automatic Redirection",
default=False,
help="Only the provider with the higher priority will be automatically "
"redirected",
)
6 changes: 6 additions & 0 deletions auth_oauth_autoredirect/readme/CONFIGURE.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
If all the users have a oauth id in a single provider, you can set automatic redirection
in the provider settings. The autoredirection will only be done on the active provider
with the highest priority. It is still possible to access the login without redirection
by using the query parameter ``disable_autoredirect``, as in
``https://example.com/web/login?disable_autoredirect=`` The login is also displayed if
there is an error with login, in order to display any error message.
3 changes: 3 additions & 0 deletions auth_oauth_autoredirect/readme/CONTRIBUTORS.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
* `XCG Consulting <https://xcg-consulting.fr/>`__:

* Vincent Hatakeyama <[email protected]>
1 change: 1 addition & 0 deletions auth_oauth_autoredirect/readme/DESCRIPTION.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
This module adds autoredirection to an oauth provider.
13 changes: 13 additions & 0 deletions auth_oauth_autoredirect/views/auth_oauth_provider.xml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
<?xml version="1.0" ?>
<odoo>
<record model="ir.ui.view" id="view_oidc_provider_form">
<field name="name">auth.oidc.provider.form</field>
<field name="model">auth.oauth.provider</field>
<field name="inherit_id" ref="auth_oauth.view_oauth_provider_form" />
<field name="arch" type="xml">
<field name="enabled" position="after">
<field name="autoredirect" />
</field>
</field>
</record>
</odoo>
6 changes: 6 additions & 0 deletions setup/auth_oauth_autoredirect/setup.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
import setuptools

setuptools.setup(
setup_requires=['setuptools-odoo'],
odoo_addon=True,
)
Loading