Merge branch 'devel'

CHANGELOG.md

@@ -1,6 +1,16 @@
 Changelog for Redmine OAuth
 ==========================
 
+2.2.1 *2024-06-04*
+------------------
+
+    An option to hide the login form
+    Do not require a password change or 2FA initialization if OAuth is being used
+
+* New: #31 - Enhance Keycloak documentation
+* New: #30 - Incentive to use this plugin (tighten password rules / co-usage of oauth2 login)
+* New: #28 - Is it possible to hide the normal login/password prompt through config when a instance just needs OAuth login
+
 2.2.0 *2024-03-05*
 ------------------
 

README.md

@@ -1,4 +1,4 @@
-## Redmine OAuth plugin 2.2.0
+## Redmine OAuth plugin 2.2.1
 
 [![GitHub CI](https://github.com/kontron/redmine_oauth/actions/workflows/rubyonrails.yml/badge.svg?branch=main)](https://github.com/kontron/redmine_oauth/actions/workflows/rubyonrails.yml)
 [![Support Ukraine Badge](https://bit.ly/support-ukraine-now)](https://github.com/support-ukraine/support-ukraine)

app/controllers/redmine_oauth_controller.rb

@@ -151,6 +151,10 @@ def try_to_login(email, info)
       elsif user.active? # Active
         handle_active_user user
         user.update_last_login_on!
+        # Disable 2FA initialization request
+        session.delete(:must_activate_twofa)
+        # Disable password change request
+        session.delete(:pwd)
       else # Locked
         handle_inactive_user user
       end

app/views/hooks/_view_account_login_bottom.html.erb

@@ -22,6 +22,12 @@
 
 <% if Setting.plugin_redmine_oauth[:button_icon] != 'none' %>
   <%= stylesheet_link_tag 'redmine_oauth', plugin: 'redmine_oauth' %>
+  <% if Setting.plugin_redmine_oauth[:hide_login_form] %>
+    <%= javascript_include_tag('redmine_oauth.js', plugin: :redmine_oauth) %>
+    <fieldset id= "oauth-fieldset-login-form" class="oauth_collapsible oauth_collapsed">
+      <legend class="oauth_legend" onclick="oauth_toggle_fieldset(this)"><%= l(:button_login) %></legend>
+    </fieldset>
+  <% end %>
   <%= form_tag(oauth_path(back_url: back_url), method: :get, id: 'oauth-login') do %>
     <%= back_url_hidden_field_tag %>
     <%= button_tag(name: 'login-oauth', tabindex: 6, id: 'login-oauth-submit', title: l(:oauth_login_with),
@@ -33,6 +39,7 @@
 <% end %>
 
 <%= javascript_tag do %>
+  <%# Autologin option %>
   $('#autologin').change(function() {
     let oauth_login_form = $("#oauth-login")
     if(oauth_login_form && this.checked) {
@@ -50,4 +57,10 @@
         }
     }
   });
+  <%# Hidden login form %>
+  <% if Setting.plugin_redmine_oauth[:hide_login_form] %>
+    let login_form = $('div#login-form');
+    login_form.appendTo('#oauth-fieldset-login-form');
+    login_form.toggle();
+  <% end %>
 <% end %>

app/views/settings/_oauth_settings.html.erb

@@ -35,7 +35,7 @@
     ], @settings[:oauth_name]), onchange: 'oauth_settings_visibility()' %>
   <em class="info"><%= l(:oauth_provider_info) %></em>
 </p>
-<div id="oauth_options" class="<%= (@settings[:oauth_name] == 'none') ? 'oauth-hidden' : '' %>">
+<div id="oauth_options" class="<%= (@settings[:oauth_name] == 'none') ? 'oauth_hidden' : '' %>">
     <p>
         <label for="button_color"><%= l(:oauth_login_button) %></label>
         <span>
@@ -90,11 +90,13 @@
       <%= text_field_tag 'settings[tenant_id]', @settings[:tenant_id], size: 40 %>
       <em class="info"><%= l(:oauth_tenant_id_info) %></em>
     </p>
-    <% if %w(Custom).include?(@settings[:oauth_name]) %>
-      <div id="oauth_options_custom">
-    <% else %>
-      <div id="oauth_options_custom" style="display: none">
-    <% end %>
+    <p>
+      <label><%= l(:oauth_hide_login_form) %></label>
+      <%= check_box_tag 'settings[hide_login_form]', true, @settings[:hide_login_form] %>
+      <em class="info"> <%= l(:label_default)%>: <%= l(:general_text_No)%></em>
+    </p>
+    <% style = %w(Custom).exclude?(@settings[:oauth_name]) ? 'display: none' : 'display: block' %>
+    <div id="oauth_options_custom" style="<%= style %>">
       <p>
         <label><%= l(:oauth_custom_name) %></label>
         <input type="text" id="settings_custom_name" name="settings[custom_name]" value="<%= @settings[:custom_name] %>" 

assets/javascripts/redmine_oauth.js

@@ -115,4 +115,12 @@ function oauth_settings_visibility()
         default:
             break;
     }
-}
+}
+
+function oauth_toggle_fieldset(el)
+{
+    let fieldset = el.parentNode;
+    fieldset.classList.toggle('oauth_expanded');
+    fieldset.classList.toggle('oauth_collapsed');
+    $('div#login-form').toggle();
+}

assets/stylesheets/redmine_oauth.css

@@ -29,10 +29,37 @@ input#button_color {
   padding: 0;
 }
 
-.oauth-hidden {
+.oauth_hidden {
   display: none;
 }
 
 button#login-oauth-submit:hover {
   background: #dddddd !important;
 }
+
+fieldset.oauth_collapsible {
+  border-width: 2px 0 0 0;
+  border-color: #FDBF3B;
+  width: 340px;
+  margin: auto;
+}
+
+fieldset.oauth_collapsed>legend::before {
+  content: "\a0\25bc\a0";
+  color: #FDBF3B;
+  display: inline-block;
+  transform: rotate(-90deg);
+}
+
+fieldset.oauth_expanded>legend::before {
+  content: "\a0\25bc\a0";
+  color: #FDBF3B;
+}
+
+fieldset.oauth_collapsible > legend {
+  cursor: pointer;
+}
+
+legend.oauth_legend {
+  font-weight: bolder;
+}

config/locales/cs.yml

@@ -50,3 +50,4 @@ cs:
   oauth_custom_uid_field_info: Pole UID (výchozí - preferred_username)
   oauth_custom_email_field: E-mail
   oauth_custom_email_field_info: Pole e-mail (výchozí - email)
+  oauth_hide_login_form: Skrýt přihlašovací formulář

config/locales/de.yml

@@ -50,3 +50,4 @@ de:
   oauth_custom_uid_field_info: UID field (default - preferred_username)
   oauth_custom_email_field: Email field
   oauth_custom_email_field_info: Email field (default - email)
+  oauth_hide_login_form: Login-Formular ausblenden

config/locales/en.yml

@@ -50,3 +50,4 @@ en:
   oauth_custom_uid_field_info: UID field (default - preferred_username)
   oauth_custom_email_field: Email field
   oauth_custom_email_field_info: Email field (default - email)
+  oauth_hide_login_form: Hide login form

config/locales/fr.yml

@@ -50,3 +50,4 @@ fr:
   oauth_custom_uid_field_info: UID field (default - preferred_username)
   oauth_custom_email_field: Email field
   oauth_custom_email_field_info: Email field (default - email)
+  oauth_hide_login_form: Hide login form

init.rb

@@ -19,13 +19,14 @@
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 
 require 'redmine'
-require File.expand_path('lib/redmine_oauth/hooks', __dir__)
+require File.expand_path('lib/redmine_oauth/hooks/views/base_view_hooks', __dir__)
+require File.expand_path('lib/redmine_oauth/hooks/views/login_view_hooks', __dir__)
 
 Redmine::Plugin.register :redmine_oauth do
   name 'Redmine OAuth plugin'
   author 'Karel Pičman'
   description 'Redmine OAuth plugin'
-  version '2.2.0'
+  version '2.2.1'
   url 'https://github.com/kontron/redmine_oauth'
   author_url 'https://github.com/kontron/redmine_oauth/graphs/contributors'
 
@@ -45,6 +46,7 @@
     custom_uid_field: 'preferred_username',
     custom_email_field: 'email',
     button_color: '#ffbe6f',
-    button_icon: 'fas fa-address-card'
+    button_icon: 'fas fa-address-card',
+    hide_login_form: nil
   }, partial: 'settings/oauth_settings'
 end

lib/redmine_oauth/hooks.rb → lib/redmine_oauth/hooks/views/base_view_hooks.rb

@@ -19,25 +19,20 @@
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 
 module RedmineOauth
-  # View hooks
-  class Hooks < Redmine::Hook::ViewListener
-    def view_account_login_bottom(context = {})
-      oauth = Setting.plugin_redmine_oauth[:oauth_name]
-      return unless oauth.present? && (oauth != 'none')
+  module Hooks
+    module Views
+      # Base view hooks
+      class BaseViewHooks < Redmine::Hook::ViewListener
+        def view_layouts_base_html_head(context = {})
+          return unless /^(AccountController|SettingsController|RedmineOauthController)/.match?(
+            context[:controller].class.name
+          )
 
-      context[:controller].send(
-        :render_to_string, { partial: 'hooks/view_account_login_bottom', locals: context }
-      )
-    end
-
-    def view_layouts_base_html_head(context = {})
-      return unless /^(AccountController|SettingsController|RedmineOauthController)/.match?(
-        context[:controller].class.name
-      )
-
-      "\n".html_safe + stylesheet_link_tag('redmine_oauth.css', plugin: :redmine_oauth) +
-        "\n".html_safe + stylesheet_link_tag('../vendor/fontawesome/all.min.css', plugin: :redmine_oauth) +
-        "\n".html_safe + javascript_include_tag('redmine_oauth.js', plugin: :redmine_oauth)
+          "\n".html_safe + stylesheet_link_tag('redmine_oauth.css', plugin: :redmine_oauth) +
+            "\n".html_safe + stylesheet_link_tag('../vendor/fontawesome/all.min.css', plugin: :redmine_oauth) +
+            "\n".html_safe + javascript_include_tag('redmine_oauth.js', plugin: :redmine_oauth)
+        end
+      end
     end
   end
 end

lib/redmine_oauth/hooks/views/login_view_hooks.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+# Redmine plugin OAuth
+#
+# Karel Pičman <[email protected]>
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+
+module RedmineOauth
+  module Hooks
+    module Views
+      # Login view hooks
+      class LoginViewHooks < Redmine::Hook::ViewListener
+        def view_account_login_bottom(context = {})
+          oauth = Setting.plugin_redmine_oauth[:oauth_name]
+          return unless oauth.present? && (oauth != 'none')
+
+          context[:controller].send(
+            :render_to_string, { partial: 'hooks/view_account_login_bottom', locals: context }
+          )
+        end
+      end
+    end
+  end
+end