Initial SSO implementation

CHANGELOG

@@ -2,6 +2,7 @@
 
 1.4 ?
 - Changelog is now on a separate file
+- Yunohost SSO support !
 
 1.3 2015-12-15
 - Update to Movim 0.9 git2015-12-15

manifest.json

@@ -60,10 +60,10 @@
                 "default" : "en"
             },
             {
-                "name": "public_site",
+                "name": "ssoenabled",
                 "ask": {
-                    "en": "Public pod ? (see README on github)",
-		    "fr": "Pod public ? (voir README sur github)"
+                    "en": "Enable SSO (autologin) ?",
+		    "fr": "Activer le SSO (connexin auto) ?"
                 },
                 "choices": ["Yes", "No"],
                 "default": "No"

notes

@@ -0,0 +1,2 @@
+protected_urls -v "/"
+supprimer le skipped url restant

scripts/install

@@ -6,7 +6,7 @@ path=$2
 admin=$3
 password=$4
 language=$5
-public_site=$6
+ssoenabled=$6
 port=$7
 timezone=`cat /etc/timezone`
 
@@ -50,7 +50,7 @@ fi
 
 # Save parameters
 sudo yunohost app setting movim admin -v $admin
-sudo yunohost app setting movim public_site -v $public_site
+sudo yunohost app setting movim ssoenabled -v $ssoenabled
 sudo yunohost app setting movim port -v $port
 sudo yunohost app setting movim path -v $path
 
@@ -94,11 +94,6 @@ sudo su -c "cd $final_path && php mud.php config environment:production" movim
 sudo su -c "cd $final_path && php mud.php config timezone:$timezone" movim
 sudo su -c "cd $final_path && php mud.php config username:$admin" movim
 sudo su -c "cd $final_path && php mud.php config password:`echo -n $password | sha1sum | awk '{print $1}'`" movim
-if [ $public_site = "No" ]; 
-then
-        sudo su -c "cd $final_path && php mud.php config xmppwhitelist:$domain" movim
-fi
-sudo yunohost app addaccess movim -u $admin
 
 # Copy init script or systemd service
 sudo sed -i "s@YHURL@$domain$path@g" ../conf/movim.{service,init}
@@ -129,8 +124,15 @@ sed -i "s@//ws/@/ws/@g" ../conf/nginx.conf # Avoid duplicate /
 sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/movim.conf
 
 # SSOwat Configuration
-sudo yunohost app setting movim skipped_uris -v "/"  
-sudo yunohost app ssowatconf
+if [ $ssoenabled = "No" ];
+then
+	sudo yunohost app setting movim skipped_uris -v "/"  
+	sudo yunohost app ssowatconf
+	sudo su -c "cd $final_path && php mud.php config xmppwhitelist:$domain" movim
+else
+	sudo yunohost app setting movim unprotected_uris -v "/"
+	sudo yunohost app ssowatconf
+fi
 
 # Start Movim
 sudo service php5-fpm restart

scripts/upgrade

@@ -5,6 +5,7 @@ path=$(sudo yunohost app setting movim path)
 domain=$(sudo yunohost app setting movim domain)
 port=$(sudo yunohost app setting movim port)
 public_site=$(sudo yunohost app setting movim public_site)
+ssoenabled=$(sudo yunohost app setting movim ssoenabled)
 timezone=`cat /etc/timezone`
 
 # Check timezone
@@ -40,14 +41,20 @@ sudo sed -i "s@/ws/@$path/ws/@g" $final_path/app/assets/js/movim_websocket.js
 # Upgrade db if necessary
 sudo su -c "cd $final_path && php mud.php db set" movim
 
-# Update xmppwhitelist if private
-if [ $public_site = "No" ];
-then
-        sudo su -c "cd $final_path && php mud.php config xmppwhitelist:$domain" movim
-fi
-
-# Delete obsolete SSO conf
+# Reset SSO parameters
 sudo yunohost app setting movim protected_uris -d
+sudo yunohost app setting movim skipped_uris -d
+
+# SSOwat Configuration
+if [ $ssoenabled = "No" ] || [ $public_site = "No" ];
+then
+        sudo yunohost app setting movim skipped_uris -v "/"
+        sudo yunohost app ssowatconf
+        sudo su -c "cd $final_path && php mud.php config xmppwhitelist:$domain" movim
+else
+        sudo yunohost app setting movim unprotected_uris -v "/"
+        sudo yunohost app ssowatconf
+fi
 
 # Update init scripts
 sudo sed -i "s@YHURL@$domain$path@g" ../conf/movim.{service,init}
@@ -79,7 +86,6 @@ sed -i "s@//ws/@/ws/@g" ../conf/nginx.conf # Avoid duplicate /
 sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/movim.conf
 
 # Reload
-sudo yunohost app ssowatconf
 sudo service movim restart
 sudo service php5-fpm restart
 sudo service nginx reload