mirror of
https://github.com/YunoHost-Apps/flarum_ynh.git
synced 2024-09-03 18:36:24 +02:00
Merge pull request #23 from YunoHost-Apps/dev
Implement api root key and SSOwat integration
This commit is contained in:
Titus PiJean
GitHub
commit
84a7b51d41
5 changed files with 102 additions and 20 deletions
|
|
@ -56,5 +56,5 @@ location ^~ YNH_WWW_PATH {
|
|||
|
||||
|
||||
# Include SSOWAT user panel.
|
||||
include conf.d/yunohost_panel.conf.inc;
|
||||
# include conf.d/yunohost_panel.conf.inc;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -56,5 +56,5 @@ location ^~ / {
|
|||
|
||||
|
||||
# Include SSOWAT user panel.
|
||||
include conf.d/yunohost_panel.conf.inc;
|
||||
# include conf.d/yunohost_panel.conf.inc;
|
||||
}
|
||||
|
|
|
|||
30
hooks/post_user_create
Normal file
30
hooks/post_user_create
Normal file
|
|
@ -0,0 +1,30 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
# Retrieve arguments
|
||||
username=$1
|
||||
app=#APP#
|
||||
|
||||
# Source app helpers
|
||||
source /usr/share/yunohost/helpers
|
||||
|
||||
domain=$(</etc/yunohost/current_host)
|
||||
path=$(ynh_app_setting_get $app path)
|
||||
|
||||
# Adding trailing slash to path
|
||||
len=${#path}-1
|
||||
if [ "${path:len}" != "/" ]; then
|
||||
path=$path"/"
|
||||
fi
|
||||
|
||||
userpass=$(ynh_string_random 16)
|
||||
usermail=$(ynh_user_get_info $username 'mail')
|
||||
data='{"data":{"attributes":{"username":"'$username'","email":"'$usermail'","password":"'$userpass'","ssowat_id":"'$username'"}}}'
|
||||
curl -k -i \
|
||||
-H "Content-Type: application/json" \
|
||||
-H "Authentication: Token $roottoken" \
|
||||
-X POST -d "$data" \
|
||||
-L https://${domain}${path}api/users
|
||||
usersql="UPDATE users SET ssowat_id = '$username' WHERE username = '$username'"
|
||||
ynh_mysql_execute_as_root "$usersql" $dbname
|
||||
|
|
@ -9,7 +9,7 @@
|
|||
},
|
||||
"url": "http://flarum.org/",
|
||||
"license": "MIT",
|
||||
"version": "0.1.0-beta.5",
|
||||
"version": "0.1.0-beta.6",
|
||||
"maintainer": {
|
||||
"name": "Titus PiJean",
|
||||
"email": "tituspijean@outlook.com"
|
||||
|
|
@ -50,24 +50,13 @@
|
|||
"name": "admin",
|
||||
"type": "user",
|
||||
"ask": {
|
||||
"en": "Choose an admin user",
|
||||
"en": "Choose the admin user",
|
||||
"fr": "Choisissez l’administrateur",
|
||||
"de": "Wählen einen Administrator"
|
||||
},
|
||||
"example": "johndoe",
|
||||
"optional": true
|
||||
},
|
||||
{
|
||||
"name": "adminpass",
|
||||
"type": "password",
|
||||
"ask": {
|
||||
"en": "Put your password (8 characters minimum)",
|
||||
"fr": "Insérez votre mot de passe (8 caractères minimum)",
|
||||
"de": "Einfügen eure Passwort (mindestens 8 Zeichen)"
|
||||
},
|
||||
"example": "********",
|
||||
"optional": true
|
||||
},
|
||||
{
|
||||
"name": "title",
|
||||
"ask": {
|
||||
|
|
|
|||
|
|
@ -17,20 +17,20 @@ app=$YNH_APP_INSTANCE_NAME
|
|||
|
||||
# Retrieve arguments
|
||||
domain=$YNH_APP_ARG_DOMAIN
|
||||
path=$YNH_APP_ARG_PATH
|
||||
path=${YNH_APP_ARG_PATH%/}
|
||||
admin=$YNH_APP_ARG_ADMIN
|
||||
adminpass=$YNH_APP_ARG_ADMINPASS
|
||||
title=$YNH_APP_ARG_TITLE
|
||||
is_public=$YNH_APP_ARG_IS_PUBLIC
|
||||
www_path=/var/www
|
||||
final_path=$www_path/$app
|
||||
|
||||
# Source YunoHost helpers
|
||||
# Source YunoHost helpers$
|
||||
source /usr/share/yunohost/helpers
|
||||
|
||||
# Save app settings
|
||||
ynh_app_setting_set "$app" admin "$admin"
|
||||
ynh_app_setting_set "$app" is_public "$is_public"
|
||||
ynh_app_setting_set "$app" path "$path"
|
||||
|
||||
# Check domain/path availability
|
||||
sudo yunohost app checkurl "${domain}${path}" -a "$app" \
|
||||
|
|
@ -89,7 +89,7 @@ ynh_app_setting_set "$app" mysqlpwd "$dbpass"
|
|||
ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
|
||||
|
||||
### Nginx ###
|
||||
if [ $path = "/" ]; then
|
||||
if [ $path = "" ]; then
|
||||
nginx_conf=../conf/nginx_root.conf
|
||||
else
|
||||
nginx_conf=../conf/nginx.conf
|
||||
|
|
@ -113,12 +113,18 @@ if [[ $is_public -eq 1 ]]; then
|
|||
# unprotected_uris allows SSO credentials to be passed anyway.
|
||||
ynh_app_setting_set "$app" unprotected_uris "/"
|
||||
fi
|
||||
ynh_app_setting_set "$app" skipped_uris "/api"
|
||||
sudo yunohost app ssowatconf
|
||||
|
||||
# Reload services
|
||||
sudo service nginx reload
|
||||
|
||||
# Install the SSOwat auth extension
|
||||
sudo su - www-data -s /bin/bash -c "cd $final_path && composer require 'tituspijean/flarum-ext-auth-ssowat:*@dev'"
|
||||
|
||||
### POST-INSTALL ###
|
||||
if [[ -n $adminpass && -n $title ]]; then
|
||||
if [[ -n $admin && -n $title ]]; then
|
||||
adminpass=$(ynh_string_random 8)
|
||||
sed -i "s@YNH_APP_DOMAIN@$domain@g" ../sources/configuration.yml
|
||||
sed -i "s@/YNH_WWW_PATH@$path@g" ../sources/configuration.yml
|
||||
sed -i "s@YNH_WWW_APP@$app@g" ../sources/configuration.yml
|
||||
|
|
@ -131,4 +137,61 @@ sed -i "s@YNH_FORUM_TITLE@$title@g" ../sources/configuration.yml
|
|||
sudo cp ../sources/configuration.yml $final_path
|
||||
sudo su - www-data -s /bin/bash -c "cd $final_path && php -d memory_limit=-1 flarum install -f configuration.yml"
|
||||
sudo rm $final_path/configuration.yml
|
||||
|
||||
# Generate and add root token for user creation and deletion
|
||||
roottoken=$(ynh_string_random 40)
|
||||
apitablesql="CREATE TABLE IF NOT EXISTS api_keys (api_key TEXT(40) NOT NULL UNIQUE)"
|
||||
rootsql="INSERT INTO api_keys VALUES ('"$roottoken"')"
|
||||
ynh_mysql_execute_as_root "$apitablesql" $dbname
|
||||
ynh_mysql_execute_as_root "$rootsql" $dbname
|
||||
ynh_app_setting_set "$app" root_token "$roottoken"
|
||||
fi
|
||||
|
||||
# Configure SSOwat auth extension
|
||||
ssowatdomain=$(</etc/yunohost/current_host)
|
||||
data='{"flarum-ext-auth-ssowat.address": "'$ssowatdomain'"}'
|
||||
rep=$(curl -s -o /dev/null -w "%{http_code}" -k -i \
|
||||
-H "Content-Type: application/json" \
|
||||
-H "Authorization: Token $roottoken; userId=1" \
|
||||
-X POST -d "$data" \
|
||||
-L https://${domain}${path}/api/settings )
|
||||
echo $path
|
||||
exit 0
|
||||
if [[ $rep != 204 ]]; then
|
||||
echo "SSOwat domain setting failed"
|
||||
exit 1
|
||||
fi
|
||||
data='{"flarum-ext-auth-ssowat.onlyUse": true}'
|
||||
rep=$(curl -s -o /dev/null -w "%{http_code}" -k -i \
|
||||
-H "Content-Type: application/json" \
|
||||
-H "Authorization: Token $roottoken; userId=1" \
|
||||
-X POST -d "$data" \
|
||||
-L https://${domain}${path}/api/settings )
|
||||
if [[ $rep != 204 ]]; then
|
||||
echo "SSOwat auth exclusivity failed"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Enable the selected admin to login with SSOwat
|
||||
adminsql="UPDATE users SET ssowat_id = '$admin' WHERE username = '$admin'"
|
||||
ynh_mysql_execute_as_root "$adminsql" $dbname
|
||||
|
||||
# Create missing users
|
||||
for username in $(ynh_user_list); do
|
||||
if [ "$username" == "$admin" ]; then continue; else
|
||||
userpass=$(ynh_string_random 16)
|
||||
usermail=$(ynh_user_get_info $username 'mail')
|
||||
data='{"data":{"attributes":{"username":"'$username'","email":"'$usermail'","password":"'$userpass'"}}}'
|
||||
rep=$(curl -s -o /dev/null -w "%{http_code}" -k -i \
|
||||
-H "Content-Type: application/json" \
|
||||
-H "Authentication: Token $roottoken" \
|
||||
-X POST -d "$data" \
|
||||
-L https://${domain}${path}/api/users )
|
||||
if [[ $rep != 201 ]]; then
|
||||
echo "Flarum account creation failed for $username"
|
||||
exit 1
|
||||
fi
|
||||
usersql="UPDATE users SET ssowat_id = '$username' WHERE username = '$username'"
|
||||
ynh_mysql_execute_as_root "$usersql" $dbname
|
||||
fi
|
||||
done
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue