diff options
| author | Thomas Müller <thomas.mueller@tmit.eu> | 2014-08-05 18:17:29 +0400 |
|---|---|---|
| committer | Thomas Müller <thomas.mueller@tmit.eu> | 2014-08-05 18:17:29 +0400 |
| commit | 059d65735dc03738ac86eebd1b24c97ba7aed1b0 (patch) | |
| tree | fc39efcd3419a157e8bf5acd5983cfed9620be88 /user_saml | |
| parent | 783eb8a691980384740f0d618854702cf6c8fc93 (diff) | |
| parent | 5bd7aeea4c0c54fa02b88443779e2c7a0c9ec43c (diff) | |
Merge pull request #1877 from adoboPullRequests/user_saml_public_urls
user_saml: do not force login on neither special URLs nor CLI
Diffstat (limited to 'user_saml')
| -rw-r--r-- | user_saml/appinfo/app.php | 28 |
1 files changed, 27 insertions, 1 deletions
diff --git a/user_saml/appinfo/app.php b/user_saml/appinfo/app.php index 6a26bbe91..9b79806fb 100644 --- a/user_saml/appinfo/app.php +++ b/user_saml/appinfo/app.php @@ -43,7 +43,9 @@ if (OCP\App::isEnabled('user_saml')) { OCP\Util::connectHook('OC_User', 'post_login', 'OC_USER_SAML_Hooks', 'post_login'); OCP\Util::connectHook('OC_User', 'logout', 'OC_USER_SAML_Hooks', 'logout'); - $forceLogin = OCP\Config::getAppValue('user_saml', 'saml_force_saml_login', false); + $forceLogin = OCP\Config::getAppValue('user_saml', 'saml_force_saml_login', false) + && shouldEnforceAuthentication(); + if( (isset($_GET['app']) && $_GET['app'] == 'user_saml') || (!OCP\User::isLoggedIn() && $forceLogin && !isset($_GET['admin_login']) )) { @@ -72,3 +74,27 @@ if (OCP\App::isEnabled('user_saml')) { OCP\Util::addScript('user_saml', 'utils'); } } + + +/* + * Checks if requiring SAML authentication on current URL makes sense when + * forceLogin is set. + * + * Disables it when using the command line too + */ +function shouldEnforceAuthentication() +{ + if (OC::$CLI) { + return false; + } + + $script = basename($_SERVER['SCRIPT_FILENAME']); + return !in_array($script, + array( + 'cron.php', + 'public.php', + 'remote.php', + 'status.php', + ) + ); +} |