Fix SAML2 session timeout during XHR requests

2018-04-17 15:14:48 -04:00 · 2018-04-17 15:14:48 -04:00 · 162206b934
parent e6e1fddb3e
commit 162206b934
4 changed files with 19 additions and 2 deletions
--- a/1
+++ b/1
@ -7,6 +7,7 @@ Enhancements
 Bug fixes
 - [core] properly update the last-modified attribute (#4313)
 - [web] prevent deletion of special folders using del key
+ - [web] fixed SAML2 session timeout handling during XHR requests
 - [eas] improved alarms syncing with EAS devices (#4351)
 - [eas] avoid potential cache update when breaking sync queries (#4422)

--- a/UI/Common/UIxPageFrame.m
+++ b/UI/Common/UIxPageFrame.m
@ -472,6 +472,15 @@
  return [[sd authenticationType] isEqualToString: @"cas"];
 }

+- (BOOL) usesSAML2Authentication
+{
+  SOGoSystemDefaults *sd;
+
+  sd = [SOGoSystemDefaults sharedSystemDefaults];
+
+  return [[sd authenticationType] isEqualToString: @"saml2"];
+}
+
 - (NSString *) userIdentification
 {
  NSString *v;
--- a/UI/Templates/UIxPageFrame.wox
+++ b/UI/Templates/UIxPageFrame.wox
@ -85,6 +85,12 @@
            <var:if condition="usesCASAuthentication" const:negate="YES">
              var usesCASAuthentication = false;
            </var:if>
+            <var:if condition="usesSAML2Authentication">
+              var usesSAML2Authentication = true;
+            </var:if>
+            <var:if condition="usesSAML2Authentication" const:negate="YES">
+              var usesSAML2Authentication = false;
+            </var:if>
            <var:if condition="shortUserNameForDisplay" const:value="anonymous" const:negate="YES">
              var UserFolderURL = '<var:string value="userFolderPath" const:escapeHTML="NO" />';
              var UserLogin = '<var:string value="shortUserNameForDisplay" const:escapeHTML="NO" />';
--- a/UI/WebServerResources/js/Common/Common.app.js
+++ b/UI/WebServerResources/js/Common/Common.app.js
@ -267,9 +267,10 @@
        var deferred, iframe;
        if (/^application\/json/.test(rejection.config.headers.Accept)) {
          // Handle CAS ticket renewal
-          if ($window.usesCASAuthentication && rejection.status == -1) {
+          if (($window.usesCASAuthentication   && rejection.status == -1) ||
+              ($window.usesSAML2Authentication && rejection.status == 401)) {
            deferred = $q.defer();
-            iframe = angular.element('<iframe class="ng-hide" src="' + UserFolderURL + 'recover"></iframe>');
+            iframe = angular.element('<iframe class="ng-hide" src="' + $window.UserFolderURL + 'recover"></iframe>');
            iframe.on('load', function() {
              // Once the browser has followed the redirection, send the initial request
              var $http = $injector.get('$http');