glitchsoc_ynh/sources/patches/app-sso.patch

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 7c36bc6b8..3f691d102 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -68,7 +68,7 @@ class ApplicationController < ActionController::Base
     if ENV['OMNIAUTH_ONLY'] == 'true' && ENV['OIDC_ENABLED'] == 'true'
       '/auth/auth/openid_connect/logout'
     else
-      new_user_session_path
+      "https://#{File.read('/etc/yunohost/current_host')}/yunohost/sso/?action=logout"
     end
   end

   def pack(data, pack_name, skin = 'default')
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
index 5232e6cfd..160348674 100644
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -180,7 +180,7 @@ Devise.setup do |config|
   # given strategies, for example, `config.http_authenticatable = [:database]` will
   # enable it only for database authentication. The supported strategies are:
   # :database      = Support basic authentication with authentication key + password
-  config.http_authenticatable = [:pam, :database]
+  config.http_authenticatable = [:two_factor_ldap, :pam, :database]
 
   # If 401 status code should be returned for AJAX requests. True by default.
   # config.http_authenticatable_on_xhr = true
diff --git a/lib/devise/two_factor_ldap_authenticatable.rb b/lib/devise/two_factor_ldap_authenticatable.rb
index 065aa2de8..0eb4be10c 100644
--- a/lib/devise/two_factor_ldap_authenticatable.rb
+++ b/lib/devise/two_factor_ldap_authenticatable.rb
@@ -5,13 +5,13 @@ require 'devise/strategies/base'
 
 module Devise
   module Strategies
-    class TwoFactorLdapAuthenticatable < Base
+    class TwoFactorLdapAuthenticatable < Authenticatable
       def valid?
-        valid_params? && mapping.to.respond_to?(:authenticate_with_ldap)
+        (valid_for_params_auth? || valid_for_http_auth?) && mapping.to.respond_to?(:authenticate_with_ldap)
       end
 
       def authenticate!
-        resource = mapping.to.authenticate_with_ldap(params[scope])
+        resource = mapping.to.authenticate_with_ldap(authentication_hash.merge(:password => password))
 
         if resource && !resource.otp_required_for_login?
           success!(resource)
@@ -23,7 +23,7 @@ module Devise
       protected
 
       def valid_params?
-        params[scope] && params[scope][:password].present?
+        super && params[scope][:password].present?
       end
     end
   end
Patch Glich-Soc for SSO 2022-01-11 17:34:59 +01:00			`diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb`
			`index 7c36bc6b8..3f691d102 100644`
			`--- a/app/controllers/application_controller.rb`
			`+++ b/app/controllers/application_controller.rb`
fix for 2023.04.08 2023-04-14 15:08:57 +02:00			`@@ -68,7 +68,7 @@ class ApplicationController < ActionController::Base`
			`if ENV['OMNIAUTH_ONLY'] == 'true' && ENV['OIDC_ENABLED'] == 'true'`
			`'/auth/auth/openid_connect/logout'`
			`else`
			`- new_user_session_path`
			`+ "https://#{File.read('/etc/yunohost/current_host')}/yunohost/sso/?action=logout"`
			`end`
Patch Glich-Soc for SSO 2022-01-11 17:34:59 +01:00			`end`
fix for 2023.04.08 2023-04-14 15:08:57 +02:00
Patch Glich-Soc for SSO 2022-01-11 17:34:59 +01:00			`def pack(data, pack_name, skin = 'default')`
			`diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb`
			`index 5232e6cfd..160348674 100644`
			`--- a/config/initializers/devise.rb`
			`+++ b/config/initializers/devise.rb`
			`@@ -180,7 +180,7 @@ Devise.setup do \|config\|`
			# given strategies, for example, `config.http_authenticatable = [:database]` will
			`# enable it only for database authentication. The supported strategies are:`
			`# :database = Support basic authentication with authentication key + password`
			`- config.http_authenticatable = [:pam, :database]`
			`+ config.http_authenticatable = [:two_factor_ldap, :pam, :database]`

			`# If 401 status code should be returned for AJAX requests. True by default.`
			`# config.http_authenticatable_on_xhr = true`
			`diff --git a/lib/devise/two_factor_ldap_authenticatable.rb b/lib/devise/two_factor_ldap_authenticatable.rb`
			`index 065aa2de8..0eb4be10c 100644`
			`--- a/lib/devise/two_factor_ldap_authenticatable.rb`
			`+++ b/lib/devise/two_factor_ldap_authenticatable.rb`
			`@@ -5,13 +5,13 @@ require 'devise/strategies/base'`

			`module Devise`
			`module Strategies`
			`- class TwoFactorLdapAuthenticatable < Base`
			`+ class TwoFactorLdapAuthenticatable < Authenticatable`
			`def valid?`
			`- valid_params? && mapping.to.respond_to?(:authenticate_with_ldap)`
			`+ (valid_for_params_auth? \|\| valid_for_http_auth?) && mapping.to.respond_to?(:authenticate_with_ldap)`
			`end`

			`def authenticate!`
			`- resource = mapping.to.authenticate_with_ldap(params[scope])`
			`+ resource = mapping.to.authenticate_with_ldap(authentication_hash.merge(:password => password))`

			`if resource && !resource.otp_required_for_login?`
			`success!(resource)`
			`@@ -23,7 +23,7 @@ module Devise`
			`protected`

			`def valid_params?`
			`- params[scope] && params[scope][:password].present?`
			`+ super && params[scope][:password].present?`
			`end`
			`end`
			`end`