diff --git a/src/core/client/stream/common/UserBox/UserBoxContainer.spec.tsx b/src/core/client/stream/common/UserBox/UserBoxContainer.spec.tsx index 9b73eac3e..1dbe6c647 100644 --- a/src/core/client/stream/common/UserBox/UserBoxContainer.spec.tsx +++ b/src/core/client/stream/common/UserBox/UserBoxContainer.spec.tsx @@ -28,6 +28,7 @@ it("renders fully", () => { facebook: { enabled: true, allowRegistration: true, + redirectURL: "http://localhost/facebook", targetFilter: { stream: true, }, @@ -35,6 +36,7 @@ it("renders fully", () => { google: { enabled: false, allowRegistration: true, + redirectURL: "http://localhost/google", targetFilter: { stream: true, }, @@ -42,6 +44,7 @@ it("renders fully", () => { oidc: { enabled: false, allowRegistration: true, + redirectURL: "http://localhost/oidc", targetFilter: { stream: true, }, @@ -87,6 +90,7 @@ it("renders without logout button", () => { facebook: { enabled: true, allowRegistration: true, + redirectURL: "http://localhost/facebook", targetFilter: { stream: true, }, @@ -94,6 +98,7 @@ it("renders without logout button", () => { google: { enabled: false, allowRegistration: true, + redirectURL: "http://localhost/google", targetFilter: { stream: true, }, @@ -101,6 +106,7 @@ it("renders without logout button", () => { oidc: { enabled: false, allowRegistration: true, + redirectURL: "http://localhost/oidc", targetFilter: { stream: true, }, @@ -146,6 +152,7 @@ it("renders sso only", () => { facebook: { enabled: false, allowRegistration: true, + redirectURL: "http://localhost/facebook", targetFilter: { stream: true, }, @@ -153,6 +160,7 @@ it("renders sso only", () => { google: { enabled: true, allowRegistration: true, + redirectURL: "http://localhost/google", targetFilter: { stream: false, }, @@ -160,6 +168,7 @@ it("renders sso only", () => { oidc: { enabled: false, allowRegistration: true, + redirectURL: "http://localhost/oidc", targetFilter: { stream: true, }, @@ -205,6 +214,7 @@ it("renders sso only without logout button", () => { facebook: { enabled: false, allowRegistration: true, + redirectURL: "http://localhost/facebook", targetFilter: { stream: true, }, @@ -212,6 +222,7 @@ it("renders sso only without logout button", () => { google: { enabled: false, allowRegistration: true, + redirectURL: "http://localhost/google", targetFilter: { stream: true, }, @@ -219,6 +230,7 @@ it("renders sso only without logout button", () => { oidc: { enabled: false, allowRegistration: true, + redirectURL: "http://localhost/oidc", targetFilter: { stream: true, }, @@ -264,6 +276,7 @@ it("renders without register button", () => { facebook: { enabled: true, allowRegistration: false, + redirectURL: "http://localhost/facebook", targetFilter: { stream: true, }, @@ -271,6 +284,7 @@ it("renders without register button", () => { google: { enabled: false, allowRegistration: true, + redirectURL: "http://localhost/google", targetFilter: { stream: false, }, @@ -278,6 +292,7 @@ it("renders without register button", () => { oidc: { enabled: false, allowRegistration: true, + redirectURL: "http://localhost/oidc", targetFilter: { stream: true, }, diff --git a/src/core/client/stream/common/UserBox/UserBoxContainer.tsx b/src/core/client/stream/common/UserBox/UserBoxContainer.tsx index 9be0127c3..cab547af5 100644 --- a/src/core/client/stream/common/UserBox/UserBoxContainer.tsx +++ b/src/core/client/stream/common/UserBox/UserBoxContainer.tsx @@ -71,10 +71,37 @@ export class UserBoxContainer extends Component { ].some(i => i.enabled && i.targetFilter.stream); } + private get authUrl(): string { + const { + facebook, + google, + local, + oidc, + } = this.props.settings.auth.integrations; + + const defaultAuthUrl = `${urls.embed.auth}?view=${ + this.props.local.authPopup.view + }`; + + if (local.enabled) { + return defaultAuthUrl; + } + + // For each of these integrations, if only one is enabled, then return the + // redirectURL for that one only. + const integrations = [facebook, google, oidc]; + const enabled = integrations.filter(integration => integration.enabled); + if (enabled.length === 1 && enabled[0].redirectURL) { + return enabled[0].redirectURL; + } + + return defaultAuthUrl; + } + public render() { const { local: { - authPopup: { open, focus, view }, + authPopup: { open, focus }, }, viewer, } = this.props; @@ -96,7 +123,7 @@ export class UserBoxContainer extends Component { return ( <> ({ facebook: { enabled: false, allowRegistration: true, + redirectURL: "http://localhost/facebook", targetFilter: { stream: true, }, @@ -52,6 +53,7 @@ export const settings = createFixture({ google: { enabled: false, allowRegistration: true, + redirectURL: "http://localhost/google", targetFilter: { stream: true, }, @@ -59,6 +61,7 @@ export const settings = createFixture({ oidc: { enabled: false, allowRegistration: true, + redirectURL: "http://localhost/oidc", targetFilter: { stream: true, }, diff --git a/src/core/server/graph/tenant/schema/schema.graphql b/src/core/server/graph/tenant/schema/schema.graphql index 9e0f629ae..73b43a372 100644 --- a/src/core/server/graph/tenant/schema/schema.graphql +++ b/src/core/server/graph/tenant/schema/schema.graphql @@ -429,6 +429,13 @@ type SSOAuthIntegration { """ allowRegistration: Boolean! + """ + redirectURL is the URL that the user should be redirected to in order to start + an authentication flow with the given integration. This field is not stored, + and is instead computed from the Tenant. + """ + redirectURL: String + """ targetFilter will restrict where the authentication integration should be displayed. If the value of targetFilter is null, then the authentication