github/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/ZeroTier/ZeroTierOne synced 2025-08-20 21:33:57 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

add ssoEnabled flag to network config

Browse source
This commit is contained in:
Grant Limberg 2021-06-05 13:44:45 -07:00
commit 364ad87e2b
No known key found for this signature in database
GPG key ID: 2BA62CCABBB4095A
8 changed files with 56 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

7
controller/EmbeddedNetworkController.cpp
View file

@ -720,7 +720,7 @@ unsigned int EmbeddedNetworkController::handleControlPlaneHttpPOST(
try {
if (b.count("activeBridge")) member["activeBridge"] = OSUtils::jsonBool(b["activeBridge"], false);
if (b.count("noAutoAssignIps")) member["noAutoAssignIps"] = OSUtils::jsonBool(b["noAutoAssignIps"], false);
if (b.count("authenticationExpiryTime")) member["authenticationExpiryTime"] = (int64_t)OSUtils::jsonInt(b["authenticationExpiryTime"], -1LL);
if (b.count("authenticationExpiryTime")) member["authenticationExpiryTime"] = (uint64_t)OSUtils::jsonInt(b["authenticationExpiryTime"], 0ULL);
if (b.count("authenticationURL")) member["authenticationURL"] = OSUtils::jsonString(b["authenticationURL"], "");
if (b.count("remoteTraceTarget")) {
@ -1365,9 +1365,9 @@ void EmbeddedNetworkController::_request(
if (networkSSOEnabled && !memberSSOExempt) {
std::string memberId = member["id"];
fprintf(stderr, "ssoEnabled && !ssoExempt %s-%s\n", nwids, memberId.c_str());
int64_t authenticationExpiryTime = (int64_t)OSUtils::jsonInt(member["authenticationExpiryTime"], 0);
uint64_t authenticationExpiryTime = (int64_t)OSUtils::jsonInt(member["authenticationExpiryTime"], 0);
fprintf(stderr, "authExpiryTime: %lld\n", authenticationExpiryTime);
if ((authenticationExpiryTime == 0) || (authenticationExpiryTime < now)) {
if (authenticationExpiryTime < now) {
std::string authenticationURL = _db.getSSOAuthURL(member, _ssoRedirectURL);
if (!authenticationURL.empty()) {
Dictionary<3072> authInfo;
@ -1445,6 +1445,7 @@ void EmbeddedNetworkController::_request(
nc->mtu = std::max(std::min((unsigned int)OSUtils::jsonInt(network["mtu"],ZT_DEFAULT_MTU),(unsigned int)ZT_MAX_MTU),(unsigned int)ZT_MIN_MTU);
nc->multicastLimit = (unsigned int)OSUtils::jsonInt(network["multicastLimit"],32ULL);
nc->ssoEnabled = OSUtils::jsonBool(network["ssoEnabled"], false);
nc->authenticationExpiryTime = OSUtils::jsonInt(member["authenticationExpiryTime"], 0LL);

17
controller/PostgreSQL.cpp
View file

@ -26,6 +26,8 @@
#include <climits>
#define ZT_TRACE 1
using json = nlohmann::json;
namespace {
@ -233,10 +235,13 @@ bool PostgreSQL::save(nlohmann::json &record,bool notifyListeners)
fprintf(stderr, "PostgreSQL::save\n");
bool modified = false;
try {
if (!record.is_object())
if (!record.is_object()) {
fprintf(stderr, "record is not an object?!?\n");
return false;
}
const std::string objtype = record["objtype"];
if (objtype == "network") {
fprintf(stderr, "network save\n");
const uint64_t nwid = OSUtils::jsonIntHex(record["id"],0ULL);
if (nwid) {
nlohmann::json old;
@ -1114,11 +1119,11 @@ void PostgreSQL::commitThread()
"INSERT INTO ztc_network (id, creation_time, owner_id, controller_id, capabilities, enable_broadcast, "
"last_modified, mtu, multicast_limit, name, private, "
"remote_trace_level, remote_trace_target, rules, rules_source, "
"tags, v4_assign_mode, v6_assign_mode) VALUES ("
"tags, v4_assign_mode, v6_assign_mode, sso_enabled) VALUES ("
"$1, TO_TIMESTAMP($5::double precision/1000), "
"(SELECT user_id AS owner_id FROM ztc_global_permissions WHERE authorize = true AND del = true AND modify = true AND read = true LIMIT 1),"
"$2, $3, $4, TO_TIMESTAMP($5::double precision/1000), "
"$6, $7, $8, $9, $10, $11, $12, $13, $14, $15, $16) "
"$6, $7, $8, $9, $10, $11, $12, $13, $14, $15, $16, 17) "
"ON CONFLICT (id) DO UPDATE set controller_id = EXCLUDED.controller_id, "
"capabilities = EXCLUDED.capabilities, enable_broadcast = EXCLUDED.enable_broadcast, "
"last_modified = EXCLUDED.last_modified, mtu = EXCLUDED.mtu, "
@ -1126,7 +1131,8 @@ void PostgreSQL::commitThread()
"private = EXCLUDED.private, remote_trace_level = EXCLUDED.remote_trace_level, "
"remote_trace_target = EXCLUDED.remote_trace_target, rules = EXCLUDED.rules, "
"rules_source = EXCLUDED.rules_source, tags = EXCLUDED.tags, "
"v4_assign_mode = EXCLUDED.v4_assign_mode, v6_assign_mode = EXCLUDED.v6_assign_mode",
"v4_assign_mode = EXCLUDED.v4_assign_mode, v6_assign_mode = EXCLUDED.v6_assign_mode, "
"sso_enabled = EXCLUDED.sso_enabled",
id,
_myAddressStr,
OSUtils::jsonDump((*config)["capabilitles"], -1),
@ -1142,7 +1148,8 @@ void PostgreSQL::commitThread()
rulesSource,
OSUtils::jsonDump((*config)["tags"], -1),
OSUtils::jsonDump((*config)["v4AssignMode"],-1),
OSUtils::jsonDump((*config)["v6AssignMode"], -1));
OSUtils::jsonDump((*config)["v6AssignMode"], -1),
OSUtils::jsonBool((*config)["ssoEnabled"], false));
res = w.exec_params0("DELETE FROM ztc_network_assignment_pool WHERE network_id = $1", 0);