{{ t('integration_openproject', 'A new user will receive these defaults and they will be applied to the integration app till the user changes them.') }}
@@ -470,7 +231,6 @@ import {
NcCheckboxRadioSwitch,
NcButton,
NcNoteCard,
- NcSelect,
} from '@nextcloud/vue'
import RestoreIcon from 'vue-material-design-icons/Restore.vue'
import AutoRenewIcon from 'vue-material-design-icons/Autorenew.vue'
@@ -480,20 +240,19 @@ import FormHeading from './admin/FormHeading.vue'
import CheckBox from '../components/settings/CheckBox.vue'
import SettingsTitle from '../components/settings/SettingsTitle.vue'
import ErrorNote from './settings/ErrorNote.vue'
-import { F_MODES, FORM, USER_SETTINGS, AUTH_METHOD, SSO_PROVIDER_TYPE, SSO_PROVIDER_LABEL, ADMIN_SETTINGS_FORM, settingsFlowGenerator } from '../utils.js'
+import { F_MODES, FORM, USER_SETTINGS, AUTH_METHOD, SSO_PROVIDER_TYPE, SSO_PROVIDER_LABEL, ADMIN_SETTINGS_FORM } from '../utils.js'
import TermsOfServiceUnsigned from './admin/TermsOfServiceUnsigned.vue'
import dompurify from 'dompurify'
import { messages, messagesFmt } from '../constants/messages.js'
import { appLinks } from '../constants/links.js'
-import ErrorLabel from './ErrorLabel.vue'
import FormOpenProjectHost from './admin/FormOpenProjectHost.vue'
import FormAuthMethod from './admin/FormAuthMethod.vue'
+import FormSSOSettings from './admin/FormSSOSettings.vue'
+import FormOAuthSettings from './admin/FormOAuthSettings.vue'
export default {
name: 'AdminSettings',
components: {
- ErrorLabel,
- NcSelect,
NcButton,
FieldValue,
FormHeading,
@@ -511,25 +270,20 @@ export default {
ErrorNote,
FormOpenProjectHost,
FormAuthMethod,
+ FormSSOSettings,
+ FormOAuthSettings,
},
data() {
return {
form: JSON.parse(JSON.stringify(ADMIN_SETTINGS_FORM)),
- currentSetting: null,
- settingsStepper: settingsFlowGenerator(),
formMode: {
// server host form is never disabled.
// it's either editable or view only
- authorizationMethod: F_MODES.DISABLE,
- authorizationSetting: F_MODES.DISABLE,
- SSOSettings: F_MODES.DISABLE,
- opOauth: F_MODES.DISABLE,
- ncOauth: F_MODES.DISABLE,
opUserAppPassword: F_MODES.DISABLE,
projectFolderSetUp: F_MODES.DISABLE,
},
isFormCompleted: {
- server: false, authorizationMethod: false, authorizationSetting: false, opOauth: false, ncOauth: false, opUserAppPassword: false, projectFolderSetUp: false,
+ opUserAppPassword: false, projectFolderSetUp: false,
},
buttonTextLabel: {
keepCurrentChange: t('integration_openproject', 'Keep current setup'),
@@ -538,12 +292,8 @@ export default {
retrySetupWithProjectFolder: t('integration_openproject', 'Retry setup OpenProject user, group and folder'),
},
loadingProjectFolderSetup: false,
- loadingOPOauthForm: false,
- loadingAuthorizationMethodForm: false,
- loadingAuthorizationSettingForm: false,
state: loadState('integration_openproject', 'admin-settings-config'),
isAdminConfigOk: loadState('integration_openproject', 'admin-config-status'),
- oPOAuthTokenRevokeStatus: null,
oPUserAppPassword: null,
isProjectFolderSwitchEnabled: null,
projectFolderSetupError: null,
@@ -561,14 +311,6 @@ export default {
userSettingDescription: USER_SETTINGS,
SSO_PROVIDER_TYPE,
SSO_PROVIDER_LABEL,
- authorizationSetting: {
- oidcProviderSet: null,
- currentOIDCProviderSelected: null,
- currentTargetedAudienceClientIdSelected: null,
- SSOProviderType: SSO_PROVIDER_TYPE.nextcloudHub,
- enableTokenExchange: false,
- },
- registeredOidcProviders: [],
messages,
messagesFmt,
appLinks,
@@ -584,13 +326,6 @@ export default {
|| this.state.openproject_client_secret
return formAdded || hasPreSEtup
},
- ncClientId() {
- return this.state.nc_oauth_client?.nextcloud_client_id
- },
- ncClientSecret() {
- return '*******'
-
- },
opUserAppPassword() {
return this.state.app_password_set
},
@@ -601,13 +336,10 @@ export default {
return this.form.serverHost.complete
},
isAuthorizationMethodFormComplete() {
- return this.isFormCompleted.authorizationMethod
+ return this.form.authenticationMethod.complete
},
isAuthorizationSettingFormComplete() {
- return this.isFormCompleted.authorizationSetting
- },
- isOPOAuthFormComplete() {
- return this.isFormCompleted.opOauth
+ return (this.form.openprojectOauth.complete && this.form.nextcloudOauth.complete) || this.form.ssoSettings.complete
},
isManagedGroupFolderSetUpComplete() {
return this.isFormCompleted.projectFolderSetUp
@@ -615,43 +347,13 @@ export default {
isOPUserAppPasswordFormComplete() {
return this.isFormCompleted.opUserAppPassword
},
- isNcOAuthFormComplete() {
- return this.isFormCompleted.ncOauth
- },
- isAuthorizationSettingsInViewMode() {
- return this.formMode.authorizationSetting === F_MODES.VIEW
- },
- isOPOAuthFormInView() {
- return this.formMode.opOauth === F_MODES.VIEW
- },
- isNcOAuthFormInEdit() {
- return this.formMode.ncOauth === F_MODES.EDIT
- },
- isOPOAuthFormInDisableMode() {
- return this.formMode.opOauth === F_MODES.DISABLE
- },
- isAuthorizationSettingFormInDisabledMode() {
- return this.formMode.authorizationSetting === F_MODES.DISABLE
- },
isOPUserAppPasswordFormInEdit() {
return this.formMode.opUserAppPassword === F_MODES.EDIT
},
isProjectFolderSetupFormInEdit() {
return this.formMode.projectFolderSetUp === F_MODES.EDIT
},
- isProjectFolderSetupFormInDisableMode() {
- return this.formMode.projectFolderSetUp === F_MODES.DISABLE
- },
- isAuthorizationSettingInEditMode() {
- return this.formMode.authorizationSetting === F_MODES.EDIT
- },
- isSSOSettingsInEditMode() {
- return this.formMode.SSOSettings === F_MODES.EDIT
- },
- isNcOAuthFormInDisableMode() {
- return this.formMode.ncOauth === F_MODES.DISABLE
- },
- isProjectFolderSetUpInDisableMode() {
+ isProjectFolderFormInDisableMode() {
return this.formMode.projectFolderSetUp === F_MODES.DISABLE
},
isOPUserAppPasswordInDisableMode() {
@@ -672,24 +374,11 @@ export default {
isOidcMethod() {
return this.getCurrentAuthMethod === AUTH_METHOD.OIDC
},
- showOAuthSettings() {
- return this.isOAuthMethod || !this.form.authenticationMethod.complete
- },
adminFileStorageHref() {
const path = '%s/admin/settings/storages'
const host = this.form.serverHost.value
return util.format(path, host)
},
- openProjectClientHint() {
- const linkText = t('integration_openproject', 'Administration > File storages')
- const htmlLink = `${linkText}`
- return t('integration_openproject', 'Go to your OpenProject {htmlLink} as an Administrator and start the setup and copy the values here.', { htmlLink }, null, { escape: false, sanitize: false })
- },
- nextcloudClientHint() {
- const linkText = t('integration_openproject', 'Administration > File storages')
- const htmlLink = `${linkText}`
- return t('integration_openproject', 'Copy the following values back into the OpenProject {htmlLink} as an Administrator.', { htmlLink }, null, { escape: false, sanitize: false })
- },
userAppPasswordHint() {
const linkText = t('integration_openproject', 'Administration > File storages')
const htmlLink = `${linkText}`
@@ -714,32 +403,14 @@ export default {
const htmlLink = `${linkText}`
return t('integration_openproject', 'Server-side encryption is active, but encryption for Team Folders is not yet enabled. To ensure secure storage of files in project folders, please follow the configuration steps in the {htmlLink}.', { htmlLink }, null, { escape: false, sanitize: false })
},
- getConfigureOIDCHintText() {
- const linkText = t('integration_openproject', 'OpenID Connect settings')
- const settingsUrl = this.appLinks.user_oidc.settingsLink
- const htmlLink = `${linkText}`
- return this.messagesFmt.configureOIDCProviders(htmlLink)
- },
- getUserOidcMinimumVersion() {
- return this.state.user_oidc_minimum_version
- },
- isIntegrationCompleteWithOauth2() {
+ isSetupComplete() {
return (this.isServerHostFormComplete
&& this.isAuthorizationMethodFormComplete
- && this.isOPOAuthFormComplete
- && this.isNcOAuthFormComplete
+ && this.isAuthorizationSettingFormComplete
&& this.isManagedGroupFolderSetUpComplete
&& !this.isOPUserAppPasswordFormInEdit
)
},
- isIntegrationCompleteWithOIDC() {
- return (this.isServerHostFormComplete
- && this.isAuthorizationMethodFormComplete
- && this.isAuthorizationSettingFormComplete
- && this.isManagedGroupFolderSetUpComplete
- && !this.isOPUserAppPasswordFormInEdit
- )
- },
isSetupCompleteWithoutProjectFolders() {
if (this.isProjectFolderSetupFormInEdit) {
return false
@@ -756,114 +427,42 @@ export default {
return this.state.encryption_info.server_side_encryption_enabled
&& !this.state.encryption_info.encryption_enabled_for_groupfolders
},
- disableSaveSSOSettings() {
- const { currentOIDCProviderSelected, SSOProviderType, enableTokenExchange } = this.authorizationSetting
- if (SSOProviderType === this.SSO_PROVIDER_TYPE.nextcloudHub) {
- const typeChanged = SSOProviderType !== this.state.authorization_settings.sso_provider_type
- const hasClientId = !!this.authorizationSetting.currentTargetedAudienceClientIdSelected || !!this.getCurrentSelectedTargetedClientId
- const clientIdChanged = this.authorizationSetting.currentTargetedAudienceClientIdSelected !== this.getCurrentSelectedTargetedClientId
- if (hasClientId) {
- return !typeChanged && !clientIdChanged
- }
- return !hasClientId
- }
-
- const formValueChanged = currentOIDCProviderSelected !== this.state.authorization_settings.oidc_provider
- || enableTokenExchange !== this.state.authorization_settings.token_exchange
-
- if (!enableTokenExchange) {
- return currentOIDCProviderSelected === null || !formValueChanged
- }
-
- const clientIdChanged = this.authorizationSetting.currentTargetedAudienceClientIdSelected !== this.getCurrentSelectedTargetedClientId
- return this.authorizationSetting.currentTargetedAudienceClientIdSelected === null
- || !this.authorizationSetting.currentTargetedAudienceClientIdSelected
- || (!formValueChanged && !clientIdChanged)
- },
- getCurrentSelectedOIDCProvider() {
- return this.authorizationSetting.currentOIDCProviderSelected
- },
- getCurrentSelectedTargetedClientId() {
- return this.state.authorization_settings.targeted_audience_client_id
- },
- getSSOProviderType() {
- return this.authorizationSetting.SSOProviderType
- },
- getUserOidcAppName() {
- return this.state.apps.user_oidc.name
- },
- getOidcAppName() {
- return this.state.apps.oidc.name
- },
getGroupfoldersAppName() {
return this.state.apps.groupfolders.name
},
getAdminAuditAppName() {
return this.state.admin_audit_app_name
},
- hasEnabledSupportedUserOidcApp() {
- return this.state.apps.user_oidc.enabled && this.state.apps.user_oidc.supported
- },
- getMinSupportedUserOidcVersion() {
- return this.state.apps.user_oidc.minimum_version
- },
- hasEnabledSupportedOIDCApp() {
- return this.state.apps.oidc.enabled && this.state.apps.oidc.supported
- },
- getMinSupportedOidcVersion() {
- return this.state.apps.oidc.minimum_version
- },
hasEnabledSupportedGroupfoldersApp() {
return this.state.apps.groupfolders.enabled && this.state.apps.groupfolders.supported
},
getMinSupportedGroupfoldersVersion() {
return this.state.apps.groupfolders.minimum_version
},
- isExternalSSOProvider() {
- return this.authorizationSetting.SSOProviderType === SSO_PROVIDER_TYPE.external
- },
- hasOidcAppErrorWithNextcloudHub() {
- return !this.hasEnabledSupportedOIDCApp && this.authorizationSetting.SSOProviderType === SSO_PROVIDER_TYPE.nextcloudHub
- },
showGroupfoldersAppError() {
- return this.isProjectFolderSwitchEnabled && !this.hasEnabledSupportedGroupfoldersApp && !this.isProjectFolderSetupFormInDisableMode
- },
- disableNCHubUnsupportedHint() {
- if (!this.hasEnabledSupportedOIDCApp) {
- if (this.formMode.SSOSettings === F_MODES.DISABLE || this.formMode.SSOSettings === F_MODES.NEW) {
- return true
- } else if (this.isExternalSSOProvider) {
- return true
- }
- }
- return false
- },
- showClientIDField() {
- if (this.authorizationSetting.SSOProviderType === SSO_PROVIDER_TYPE.nextcloudHub) {
- return true
- }
- return this.authorizationSetting.enableTokenExchange
+ return this.isProjectFolderSwitchEnabled && !this.hasEnabledSupportedGroupfoldersApp && !this.isProjectFolderFormInDisableMode
},
},
watch: {
- 'authorizationSetting.SSOProviderType'() {
- if (this.isExternalSSOProvider && this.state.authorization_settings.sso_provider_type !== this.SSO_PROVIDER_TYPE.external) {
- this.authorizationSetting.currentOIDCProviderSelected = null
+ 'form.ssoSettings.complete'() {
+ if (this.form.ssoSettings.complete && this.formMode.projectFolderSetUp === F_MODES.DISABLE) {
+ this.formMode.projectFolderSetUp = F_MODES.EDIT
+ this.showDefaultManagedProjectFolders = true
+ this.isProjectFolderSwitchEnabled = true
+ this.textLabelProjectFolderSetupButton = this.buttonTextLabel.completeWithProjectFolderSetup
}
},
- 'form.authenticationMethod.complete'() {
- if (this.form.authenticationMethod.complete && this.formMode.authorizationSetting === F_MODES.DISABLE) {
- this.formMode.authorizationSetting = F_MODES.EDIT
+ 'form.nextcloudOauth.complete'() {
+ if (this.form.nextcloudOauth.complete && this.formMode.projectFolderSetUp === F_MODES.DISABLE) {
+ this.formMode.projectFolderSetUp = F_MODES.EDIT
+ this.showDefaultManagedProjectFolders = true
+ this.isProjectFolderSwitchEnabled = true
+ this.textLabelProjectFolderSetupButton = this.buttonTextLabel.completeWithProjectFolderSetup
}
},
},
created() {
- this.currentSetting = this.settingsStepper.next().value
-
this.init()
- if (!this.hasEnabledSupportedOIDCApp && (this.formMode.SSOSettings === F_MODES.DISABLE || this.formMode.SSOSettings === F_MODES.NEW)) {
- this.authorizationSetting.SSOProviderType = SSO_PROVIDER_TYPE.external
- }
},
mounted() {
this.isDarkTheme = window.getComputedStyle(this.$el).getPropertyValue('--background-invert-if-dark') === 'invert(100%)'
@@ -880,106 +479,25 @@ export default {
this.isProjectFolderAlreadySetup = true
}
}
- if (this.state.fresh_project_folder_setup === true && this.formMode.projectFolderSetUp === F_MODES.DISABLE) {
+ if (this.state.fresh_project_folder_setup === true && this.isProjectFolderFormInDisableMode) {
this.currentProjectFolderState = true
this.textLabelProjectFolderSetupButton = this.buttonTextLabel.completeWithProjectFolderSetup
} else {
this.textLabelProjectFolderSetupButton = this.buttonTextLabel.keepCurrentChange
}
- // for oauth2 authorization
- if (this.state.openproject_instance_url
- && this.state.openproject_client_id
- && this.state.openproject_client_secret
- && this.state.nc_oauth_client
- ) {
- this.showDefaultManagedProjectFolders = true
- }
- // for oidc authorization
- if (this.state.authorization_method === AUTH_METHOD.OIDC
- && this.state.openproject_instance_url
- && this.state.authorization_settings.oidc_provider
- && this.state.authorization_settings.targeted_audience_client_id
- ) {
+ if (this.state.openproject_instance_url && this.isAuthorizationSettingFormComplete) {
this.showDefaultManagedProjectFolders = true
+ this.formMode.projectFolderSetUp = F_MODES.EDIT
}
if (this.state.fresh_project_folder_setup === false) {
this.showDefaultManagedProjectFolders = true
}
- if (this.state.authorization_method) {
- this.formMode.authorizationMethod = F_MODES.VIEW
- this.isFormCompleted.authorizationMethod = true
- }
- if (this.state.openproject_instance_url && this.state.authorization_method) {
- if (this.state.authorization_method === AUTH_METHOD.OAUTH2) {
- if (!this.state.openproject_client_id || !this.state.openproject_client_secret) {
- this.formMode.authorizationSetting = F_MODES.EDIT
- }
- }
- if (this.state.authorization_method === AUTH_METHOD.OIDC) {
- if (!this.state.authorization_settings.oidc_provider || !this.state.authorization_settings.targeted_audience_client_id) {
- this.formMode.authorizationSetting = F_MODES.EDIT
- this.formMode.SSOSettings = F_MODES.NEW
- }
- }
- }
- if (this.state.authorization_method === AUTH_METHOD.OIDC && this.state.authorization_settings.sso_provider_type) {
- if (this.state.authorization_settings.sso_provider_type === SSO_PROVIDER_TYPE.nextcloudHub) {
- if (this.state.authorization_settings.targeted_audience_client_id) {
- this.formMode.authorizationSetting = F_MODES.VIEW
- this.formMode.SSOSettings = F_MODES.VIEW
- this.isFormCompleted.authorizationSetting = true
- }
- } else if (this.state.authorization_settings.oidc_provider) {
- if (this.state.authorization_settings.token_exchange) {
- if (this.state.authorization_settings.targeted_audience_client_id) {
- this.formMode.authorizationSetting = F_MODES.VIEW
- this.formMode.SSOSettings = F_MODES.VIEW
- this.isFormCompleted.authorizationSetting = true
- }
- } else {
- this.formMode.authorizationSetting = F_MODES.VIEW
- this.formMode.SSOSettings = F_MODES.VIEW
- this.isFormCompleted.authorizationSetting = true
- }
- }
- this.authorizationSetting.oidcProviderSet = this.authorizationSetting.currentOIDCProviderSelected = this.state.authorization_settings.oidc_provider
- this.authorizationSetting.currentTargetedAudienceClientIdSelected = this.state.authorization_settings.targeted_audience_client_id
- this.authorizationSetting.SSOProviderType = this.state.authorization_settings.sso_provider_type
- this.authorizationSetting.enableTokenExchange = this.state.authorization_settings.token_exchange
- }
- if (!!this.state.openproject_client_id && !!this.state.openproject_client_secret) {
- this.formMode.opOauth = F_MODES.VIEW
- this.isFormCompleted.opOauth = true
- }
- if (!this.state.authorization_method) {
- this.formMode.authorizationMethod = F_MODES.EDIT
- }
- if (this.state.authorization_method) {
- if (!this.state.openproject_client_id && !this.state.openproject_client_secret) {
- this.formMode.opOauth = F_MODES.EDIT
- }
- }
- if (this.state.nc_oauth_client) {
- this.formMode.ncOauth = F_MODES.VIEW
- this.isFormCompleted.ncOauth = true
- }
- if (!this.state.nc_oauth_client
- && this.state.openproject_instance_url
- && this.state.openproject_client_id
- && this.state.openproject_client_secret
- && this.textLabelProjectFolderSetupButton === 'Keep current setup') {
+ if (this.textLabelProjectFolderSetupButton === 'Keep current setup') {
this.showDefaultManagedProjectFolders = true
this.formMode.projectFolderSetUp = F_MODES.VIEW
this.isFormCompleted.projectFolderSetUp = true
}
- if (this.formMode.ncOauth === F_MODES.VIEW || this.formMode.authorizationSetting === F_MODES.VIEW) {
- this.showDefaultManagedProjectFolders = true
- }
- if (this.showDefaultManagedProjectFolders) {
- this.formMode.projectFolderSetUp = F_MODES.VIEW
- this.isFormCompleted.projectFolderSetUp = true
- }
if (this.state.app_password_set) {
this.formMode.opUserAppPassword = F_MODES.VIEW
this.isFormCompleted.opUserAppPassword = true
@@ -988,35 +506,10 @@ export default {
this.textLabelProjectFolderSetupButton = this.buttonTextLabel.keepCurrentChange
}
this.isProjectFolderSwitchEnabled = this.currentProjectFolderState === true
-
- if (this.state.oidc_providers) {
- this.registeredOidcProviders = this.state.oidc_providers
- }
}
},
markFormComplete(formFn) {
formFn(this.form)
- this.nextSettings()
- },
- nextSettings() {
- this.currentSetting = this.settingsStepper.next().value
- },
- closeRequestModal() {
- this.show = false
- },
- setAuthorizationSettingToViewMode() {
- this.formMode.authorizationSetting = F_MODES.VIEW
- this.formMode.SSOSettings = F_MODES.VIEW
- this.isFormCompleted.authorizationSetting = true
- this.authorizationSetting.SSOProviderType = this.state.authorization_settings.sso_provider_type
- this.authorizationSetting.currentOIDCProviderSelected = this.state.authorization_settings.oidc_provider
- this.authorizationSetting.enableTokenExchange = this.state.authorization_settings.token_exchange
- this.authorizationSetting.currentTargetedAudienceClientIdSelected = this.state.authorization_settings.targeted_audience_client_id
- },
- setAuthorizationSettingInEditMode() {
- this.formMode.authorizationSetting = F_MODES.EDIT
- this.formMode.SSOSettings = F_MODES.EDIT
- this.isFormCompleted.authorizationSetting = false
},
setProjectFolderSetUpToEditMode() {
this.formMode.projectFolderSetUp = F_MODES.EDIT
@@ -1030,16 +523,6 @@ export default {
this.formMode.projectFolderSetUp = F_MODES.VIEW
this.isProjectFolderSetupCorrect = true
},
- async setNCOAuthFormToViewMode() {
- this.formMode.ncOauth = F_MODES.VIEW
- this.isFormCompleted.ncOauth = true
- if (!this.isIntegrationCompleteWithOauth2 && this.formMode.projectFolderSetUp !== F_MODES.EDIT && this.formMode.opUserAppPassword !== F_MODES.EDIT) {
- this.formMode.projectFolderSetUp = F_MODES.EDIT
- this.showDefaultManagedProjectFolders = true
- this.isProjectFolderSwitchEnabled = true
- this.textLabelProjectFolderSetupButton = this.buttonTextLabel.completeWithProjectFolderSetup
- }
- },
setOPUserAppPasswordToViewMode() {
this.formMode.opUserAppPassword = F_MODES.VIEW
this.isFormCompleted.opUserAppPassword = true
@@ -1091,77 +574,6 @@ export default {
this.projectFolderSetupError = null
}
},
- async saveOPOAuthClientValues() {
- this.isFormStep = FORM.OP_OAUTH
- if (await this.saveOPOptions()) {
- this.formMode.opOauth = F_MODES.VIEW
- this.isFormCompleted.opOauth = true
-
- // if we do not have Nextcloud OAuth client yet, a new client is created
- if (!this.state.nc_oauth_client) {
- this.createNCOAuthClient()
- }
- }
- },
- async saveOIDCAuthSetting() {
- this.isFormStep = FORM.AUTHORIZATION_SETTING
- this.loadingAuthorizationMethodForm = true
-
- if (this.authorizationSetting.SSOProviderType === this.SSO_PROVIDER_TYPE.nextcloudHub) {
- this.authorizationSetting.oidcProviderSet = this.SSO_PROVIDER_LABEL.nextcloudHub
- this.authorizationSetting.currentOIDCProviderSelected = this.SSO_PROVIDER_LABEL.nextcloudHub
- } else {
- this.authorizationSetting.oidcProviderSet = this.getCurrentSelectedOIDCProvider
- }
-
- const success = await this.saveOPOptions()
- if (success) {
- this.formMode.authorizationSetting = F_MODES.VIEW
- this.formMode.SSOSettings = F_MODES.VIEW
- this.isFormCompleted.authorizationSetting = true
- if (!this.isIntegrationCompleteWithOIDC && this.formMode.projectFolderSetUp !== F_MODES.EDIT && this.formMode.opUserAppPassword !== F_MODES.EDIT) {
- this.formMode.projectFolderSetUp = F_MODES.EDIT
- this.showDefaultManagedProjectFolders = true
- this.isProjectFolderSwitchEnabled = true
- this.textLabelProjectFolderSetupButton = this.buttonTextLabel.completeWithProjectFolderSetup
- }
- this.state.authorization_settings.sso_provider_type = this.authorizationSetting.SSOProviderType
- this.state.authorization_settings.oidc_provider = this.authorizationSetting.currentOIDCProviderSelected
- this.state.authorization_settings.token_exchange = this.authorizationSetting.enableTokenExchange
- this.state.authorization_settings.targeted_audience_client_id = this.authorizationSetting.currentTargetedAudienceClientIdSelected
- }
- this.loadingAuthorizationMethodForm = false
- },
- resetOPOAuthClientValues() {
- OC.dialogs.confirmDestructive(
- t('integration_openproject', 'If you proceed you will need to update these settings with the new OpenProject OAuth credentials. Also, all users will need to reauthorize access to their OpenProject account.'),
- t('integration_openproject', 'Replace OpenProject OAuth values'),
- {
- type: OC.dialogs.YES_NO_BUTTONS,
- confirm: t('integration_openproject', 'Yes, replace'),
- confirmClasses: 'error',
- cancel: t('integration_openproject', 'Cancel'),
- },
- async (result) => {
- if (result) {
- await this.clearOPOAuthClientValues()
- }
- },
- true,
- )
- },
- async clearOPOAuthClientValues() {
- this.isFormStep = FORM.OP_OAUTH
- this.formMode.opOauth = F_MODES.EDIT
- this.isFormCompleted.opOauth = false
- this.state.openproject_client_id = null
- this.state.openproject_client_secret = null
- const saved = await this.saveOPOptions()
- if (!saved) {
- this.formMode.opOauth = F_MODES.VIEW
- this.isFormCompleted.opOauth = true
- }
- },
resetAllAppValuesConfirmation() {
OC.dialogs.confirmDestructive(
t('integration_openproject', 'Are you sure that you want to reset this app and delete all settings and all connections of all Nextcloud users to OpenProject?'),
@@ -1186,11 +598,6 @@ export default {
// also, form completeness should be set to false
// reset form states to default
- this.isFormCompleted.opOauth = false
- this.isFormCompleted.server = false
- this.formMode.opOauth = F_MODES.EDIT
- this.formMode.SSOSettings = F_MODES.NEW
-
this.state.default_enable_navigation = false
this.state.default_enable_unified_search = false
this.oPUserAppPassword = null
@@ -1201,7 +608,6 @@ export default {
// if the authorization method is "oidc"
if (authMethod === AUTH_METHOD.OIDC) {
this.state.authorization_settings.targeted_audience_client_id = null
- this.authorizationSetting.currentOIDCProviderSelected = null
}
await this.saveOPOptions()
window.location.reload()
@@ -1229,22 +635,6 @@ export default {
token_exchange: null,
}
- } else if (this.isFormStep === FORM.AUTHORIZATION_SETTING) {
- values = {
- oidc_provider: this.getCurrentSelectedOIDCProvider,
- targeted_audience_client_id: this.authorizationSetting.currentTargetedAudienceClientIdSelected,
- sso_provider_type: this.authorizationSetting.SSOProviderType,
- token_exchange: this.authorizationSetting.enableTokenExchange,
- }
- } else if (this.isFormStep === FORM.AUTHORIZATION_METHOD) {
- values = {
- ...values,
- authorization_method: this.state.authorization_method,
- oidc_provider: this.isIntegrationCompleteWithOIDC ? this.getCurrentSelectedOIDCProvider : null,
- targeted_audience_client_id: this.isIntegrationCompleteWithOIDC ? this.authorizationSetting.currentTargetedAudienceClientIdSelected : null,
- sso_provider_type: this.authorizationSetting.SSOProviderType,
- token_exchange: this.authorizationSetting.enableTokenExchange,
- }
} else if (this.isFormStep === FORM.GROUP_FOLDER) {
if (!this.isProjectFolderSwitchEnabled) {
values = {
@@ -1278,13 +668,11 @@ export default {
this.state.app_password_set = true
this.oPUserAppPassword = response?.data?.oPUserAppPassword
}
- this.oPOAuthTokenRevokeStatus = response?.data?.oPOAuthTokenRevokeStatus
showSuccess(t('integration_openproject', 'OpenProject admin options saved'))
success = true
} catch (error) {
console.error()
this.isAdminConfigOk = null
- this.oPOAuthTokenRevokeStatus = null
if (error.response.data.error) {
this.projectFolderSetupError = error.response.data.error
}
@@ -1292,7 +680,6 @@ export default {
t('integration_openproject', 'Failed to save OpenProject admin options'),
)
}
- this.notifyAboutOPOAuthTokenRevoke()
return success
},
async checkIfProjectFolderIsAlreadyReadyForSetup() {
@@ -1306,46 +693,6 @@ export default {
}
return success
},
- notifyAboutOPOAuthTokenRevoke() {
- switch (this.oPOAuthTokenRevokeStatus) {
- case 'connection_error':
- showError(
- t('integration_openproject', 'Failed to perform revoke request due to connection error with the OpenProject server'),
- )
- break
- case 'other_error':
- showError(
- t('integration_openproject', 'Failed to revoke some users\' OpenProject OAuth access tokens'),
- )
- break
- case 'success':
- showSuccess(
- t('integration_openproject', 'Successfully revoked users\' OpenProject OAuth access tokens'),
- )
- break
- default:
- break
- }
- },
- resetNcOauthValues() {
- OC.dialogs.confirmDestructive(
- t('integration_openproject', 'If you proceed you will need to update the settings in your OpenProject with the new Nextcloud OAuth credentials. Also, all users in OpenProject will need to reauthorize access to their Nextcloud account.'),
- t('integration_openproject', 'Replace Nextcloud OAuth values'),
- {
- type: OC.dialogs.YES_NO_BUTTONS,
- confirm: t('integration_openproject', 'Yes, replace'),
- confirmClasses: 'error',
- cancel: t('integration_openproject', 'Cancel'),
- },
- async (result) => {
- if (result) {
- this.state.nc_oauth_client = null
- this.createNCOAuthClient()
- }
- },
- true,
- )
- },
async completeIntegrationWithoutProjectFolderSetUp() {
this.isFormStep = FORM.GROUP_FOLDER
this.textLabelProjectFolderSetupButton = this.buttonTextLabel.keepCurrentChange
@@ -1390,21 +737,6 @@ export default {
this.isFormCompleted.opUserAppPassword = false
await this.saveOPOptions()
},
- createNCOAuthClient() {
- const url = generateUrl('/apps/integration_openproject/nc-oauth')
- axios.post(url).then((response) => {
- this.state.nc_oauth_client = response.data
- // generate part is complete but still the NC OAuth form is set to
- // edit mode and not completed state so that copy buttons will be available for the user
- this.formMode.ncOauth = F_MODES.EDIT
- this.isFormCompleted.ncOauth = false
- }).catch((error) => {
- showError(
- t('integration_openproject', 'Failed to create Nextcloud OAuth client')
- + ': ' + error.response.request.responseText,
- )
- })
- },
setDefaultConfig() {
const url = generateUrl('/apps/integration_openproject/admin-config')
const req = {
@@ -1422,9 +754,6 @@ export default {
)
})
},
- onSelectOIDCProvider(selectedOption) {
- this.authorizationSetting.currentOIDCProviderSelected = selectedOption
- },
},
}
@@ -1506,54 +835,5 @@ export default {
color: #1a67a3 !important;
font-style: normal;
}
- .authorization-method {
- &--description {
- font-size: 14px;
- .title {
- font-weight: 700;
- }
- .description {
- margin-top: 0.1rem;
- }
- }
- &--options {
- margin-top: 1rem;
- .radio-check {
- font-weight: 500;
- }
- }
- }
- .authorization-settings {
- &--content {
- max-width: 550px;
- &--label {
- font-weight: 700;
- font-size: .875rem;
- color: var(--color-primary-text)
- }
- &--section {
- margin-top: 0.7rem;
- }
- }
- .description {
- margin-top: 0.1rem;
- }
- }
- .error-container {
- margin-left: 2.4rem;
- font-size: 14px;
- }
-}
-
-[data-theme-light] {
- #openproject_prefs {
- .authorization-settings {
- &--content {
- &--label {
- color: var(--color-main-text)
- }
- }
- }
- }
}
diff --git a/src/components/admin/FormAuthMethod.vue b/src/components/admin/FormAuthMethod.vue
index 535291baf..9f7b414f3 100644
--- a/src/components/admin/FormAuthMethod.vue
+++ b/src/components/admin/FormAuthMethod.vue
@@ -118,8 +118,8 @@ export default {
type: Object,
required: true,
},
- currentSetting: {
- type: String,
+ formState: {
+ type: Object,
required: true,
},
isDarkTheme: {
@@ -150,7 +150,7 @@ export default {
},
computed: {
showSettings() {
- return this.currentSetting === this.formId || !!this.isFormComplete
+ return this.formState.serverHost.complete || !!this.isFormComplete
},
isFormComplete() {
return !!this.savedAuthMethod
diff --git a/src/components/admin/FormOAuthSettings.vue b/src/components/admin/FormOAuthSettings.vue
new file mode 100644
index 000000000..25df849a8
--- /dev/null
+++ b/src/components/admin/FormOAuthSettings.vue
@@ -0,0 +1,425 @@
+
+
+
+
+ {{ t('integration_openproject', 'OIDC Provider Type') }} * +
++ {{ t('integration_openproject', 'Select a provider *') }} +
++ {{ messages.tokenExchangeFormLabel }} +
++ {{ messages.tokenExchangeHintText }} +
++ OIDC Provider Type * +
++ Select a provider * +
+You can configure OIDC providers in the {settingsLink}
++ Token Exchange +
++ When enabled, the app will try to obtain a token for the given audience from the identity provider. If disabled, it will use the access token obtained during the login process. +
++ OIDC Provider Type * +
++ OIDC Provider Type * +
++ OIDC Provider Type * +
++ OIDC Provider Type * +
++ Select a provider * +
+You can configure OIDC providers in the {settingsLink}
++ Token Exchange +
++ When enabled, the app will try to obtain a token for the given audience from the identity provider. If disabled, it will use the access token obtained during the login process. +
++ OIDC Provider Type * +
++ Select a provider * +
+You can configure OIDC providers in the {settingsLink}
++ Token Exchange +
++ When enabled, the app will try to obtain a token for the given audience from the identity provider. If disabled, it will use the access token obtained during the login process. +
++ OIDC Provider Type * +
++ Select a provider * +
+You can configure OIDC providers in the {settingsLink}
++ Token Exchange +
++ When enabled, the app will try to obtain a token for the given audience from the identity provider. If disabled, it will use the access token obtained during the login process. +
++ OIDC Provider Type * +
++ Select a provider * +
+You can configure OIDC providers in the {settingsLink}
++ Token Exchange +
++ When enabled, the app will try to obtain a token for the given audience from the identity provider. If disabled, it will use the access token obtained during the login process. +
++ OIDC Provider Type * +
++ OIDC Provider Type * +
++ Select a provider * +
+You can configure OIDC providers in the {settingsLink}
++ Token Exchange +
++ When enabled, the app will try to obtain a token for the given audience from the identity provider. If disabled, it will use the access token obtained during the login process. +
++ OIDC Provider Type * +
++ OIDC Provider Type * +
++ Select a provider * +
+You can configure OIDC providers in the {settingsLink}
++ Token Exchange +
++ When enabled, the app will try to obtain a token for the given audience from the identity provider. If disabled, it will use the access token obtained during the login process. +
++ OIDC Provider Type * +
++ Select a provider * +
+You can configure OIDC providers in the {settingsLink}
++ Token Exchange +
++ When enabled, the app will try to obtain a token for the given audience from the identity provider. If disabled, it will use the access token obtained during the login process. +
++ OIDC Provider Type * +
++ Select a provider * +
+You can configure OIDC providers in the {settingsLink}
++ Token Exchange +
++ When enabled, the app will try to obtain a token for the given audience from the identity provider. If disabled, it will use the access token obtained during the login process. +
++ OIDC Provider Type * +
++ OIDC Provider Type * +
++ OIDC Provider Type * +
++ Select a provider * +
+You can configure OIDC providers in the {settingsLink}
++ Token Exchange +
++ When enabled, the app will try to obtain a token for the given audience from the identity provider. If disabled, it will use the access token obtained during the login process. +
++ OIDC Provider Type * +
++ OIDC Provider Type * +
++ OIDC Provider Type * +
++ Select a provider * +
+You can configure OIDC providers in the {settingsLink}
++ Token Exchange +
++ When enabled, the app will try to obtain a token for the given audience from the identity provider. If disabled, it will use the access token obtained during the login process. +
++ OIDC Provider Type * +
++ Select a provider * +
+You can configure OIDC providers in the {settingsLink}
++ Token Exchange +
++ When enabled, the app will try to obtain a token for the given audience from the identity provider. If disabled, it will use the access token obtained during the login process. +
++ OIDC Provider Type * +
++ Select a provider * +
+You can configure OIDC providers in the {settingsLink}
++ Token Exchange +
++ When enabled, the app will try to obtain a token for the given audience from the identity provider. If disabled, it will use the access token obtained during the login process. +
++ OIDC Provider Type * +
+