add ssoEnabled flag to network config

2025-08-20 21:33:57 -07:00 · 2021-06-05 13:44:45 -07:00 · 2021-06-05 13:44:45 -07:00 · 364ad87e2b
commit 364ad87e2b
parent 9380ef708a
8 changed files with 56 additions and 23 deletions
--- a/node/Network.cpp
+++ b/node/Network.cpp
@ -1435,6 +1435,7 @@ void Network::_externalConfig(ZT_VirtualNetworkConfig *ec) const

 	Utils::scopy(ec->authenticationURL, sizeof(ec->authenticationURL), _authenticationURL.c_str());
 	ec->authenticationExpiryTime = _config.authenticationExpiryTime;
+	ec->ssoEnabled = _config.ssoEnabled;
 }

 void Network::_sendUpdatesToMembers(void *tPtr,const MulticastGroup *const newMulticastGroup)
--- a/node/NetworkConfig.cpp
+++ b/node/NetworkConfig.cpp
@ -182,10 +182,11 @@ bool NetworkConfig::toDictionary(Dictionary<ZT_NETWORKCONFIG_DICT_CAPACITY> &d,b
 			if (!d.add(ZT_NETWORKCONFIG_DICT_KEY_DNS,*tmp)) return false;
 		}

-		if (this->authenticationURL[0]) {
-			if (!d.add(ZT_NETWORKCONFIG_DICT_KEY_AUTHENTICATION_URL, this->authenticationURL)) return false;
-		}
-		if (this->authenticationExpiryTime >= 0) {
+		if (!d.add(ZT_NETWORKCONFIG_DICT_KEY_SSO_ENABLED, this->ssoEnabled)) return false;
+		if (this->ssoEnabled) {
+			if (this->authenticationURL[0]) {
+				if (!d.add(ZT_NETWORKCONFIG_DICT_KEY_AUTHENTICATION_URL, this->authenticationURL)) return false;
+			}
 			if (!d.add(ZT_NETWORKCONFIG_DICT_KEY_AUTHENTICATION_EXPIRY_TIME, this->authenticationExpiryTime)) return false;
 		}

@ -373,12 +374,19 @@ bool NetworkConfig::fromDictionary(const Dictionary<ZT_NETWORKCONFIG_DICT_CAPACI
 				DNS::deserializeDNS(*tmp, p, &dns);
 			}

-			if (d.get(ZT_NETWORKCONFIG_DICT_KEY_AUTHENTICATION_URL, this->authenticationURL, (unsigned int)sizeof(this->authenticationURL)) > 0) {
-				this->authenticationURL[sizeof(this->authenticationURL) - 1] = 0; // ensure null terminated
+
+			this->ssoEnabled = d.getB(ZT_NETWORKCONFIG_DICT_KEY_SSO_ENABLED, false);
+			if (this->ssoEnabled) {
+				if (d.get(ZT_NETWORKCONFIG_DICT_KEY_AUTHENTICATION_URL, this->authenticationURL, (unsigned int)sizeof(this->authenticationURL)) > 0) {
+					this->authenticationURL[sizeof(this->authenticationURL) - 1] = 0; // ensure null terminated
+				} else {
+					this->authenticationURL[0] = 0;
+				}
+				this->authenticationExpiryTime = d.getI(ZT_NETWORKCONFIG_DICT_KEY_AUTHENTICATION_EXPIRY_TIME, 0);
 			} else {
 				this->authenticationURL[0] = 0;
+				this->authenticationExpiryTime = 0;
 			}
-			this->authenticationExpiryTime = d.getI(ZT_NETWORKCONFIG_DICT_KEY_AUTHENTICATION_EXPIRY_TIME, -1);
 		}

 		//printf("~~~\n%s\n~~~\n",d.data());
--- a/node/NetworkConfig.hpp
+++ b/node/NetworkConfig.hpp
@ -178,6 +178,8 @@ namespace ZeroTier {
 #define ZT_NETWORKCONFIG_DICT_KEY_CERTIFICATES_OF_OWNERSHIP "COO"
 // dns (binary blobs)
 #define ZT_NETWORKCONFIG_DICT_KEY_DNS "DNS"
+// sso enabld
+#define ZT_NETWORKCONFIG_DICT_KEY_SSO_ENABLED "ssoe"
 // authentication URL
 #define ZT_NETWORKCONFIG_DICT_KEY_AUTHENTICATION_URL "aurl"
 // authentication expiry
@ -237,7 +239,10 @@ public:
 		tags(),
 		certificatesOfOwnership(),
 		type(ZT_NETWORK_TYPE_PRIVATE),
-		dnsCount(0)
+		dnsCount(0),
+		ssoEnabled(false),
+		authenticationURL(),
+		authenticationExpiryTime(0)
 	{
 		name[0] = 0;
 		memset(specialists, 0, sizeof(uint64_t)*ZT_MAX_NETWORK_SPECIALISTS);
@ -609,15 +614,20 @@ public:
 	 */
 	ZT_VirtualNetworkDNS dns;

+	/**
+	 * SSO enabled flag.
+	 */
+	bool ssoEnabled;
+
 	/**
 	 * Authentication URL if authentication is required
 	 */
 	char authenticationURL[2048];

 	/**
-	 * Time current authentication expires or -1 if external authentication is disabled
+	 * Time current authentication expires or 0 if external authentication is disabled
 	 */
-	int64_t authenticationExpiryTime;
+	uint64_t authenticationExpiryTime;
 };

 } // namespace ZeroTier