Merge pull request #295 from YunoHost-Apps/testing

[enh] Enable SSO
author: yalh76 <yalh@yahoo.com> 2022-01-18 19:46:06 +0100
committer: GitHub <noreply@github.com> 2022-01-18 19:46:06 +0100
commit: 627e5ebe5817db0f32a0b24119c9bbde39692b42 (patch)
tree: 7a746f8b8891d2bba579ef7a8ed111d8fbb23116
parent: 4d413848bf444586e28f3658de0ebe36d6ebf059 (diff)
parent: 754f750fcd038894da3998ea0aa9d5fe580a5119 (diff)
download: mastodon_ynh-627e5ebe5817db0f32a0b24119c9bbde39692b42.tar.gz
mastodon_ynh-627e5ebe5817db0f32a0b24119c9bbde39692b42.tar.bz2
mastodon_ynh-627e5ebe5817db0f32a0b24119c9bbde39692b42.zip
7 files changed, 71 insertions, 11 deletions
diff --git a/README.md b/README.md
index 96cbfa2..5839ca8 100644
--- a/README.md
+++ b/README.md
@@ -17,7 +17,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
 
 Mastodon is a free, open-source microblogging social network. It is a decentralized alternative to commercial platforms like Twitter and avoids the risks of a single company monopolizing your communication for commercial purposes. 
 
-**Shipped version:** 3.4.4~ynh1
+**Shipped version:** 3.4.4~ynh2
 
 **Demo:** https://joinmastodon.org/
 
@@ -66,6 +66,8 @@ $ screen -r
 
 LDAP authentication is activated. All YunoHost users can authenticate.
 
+Log-out from YunoHost's portal doesn't log out from Mastodon. See https://github.com/YunoHost/issues/issues/501
+
 ## Documentation and resources
 
 * Official app website: https://joinmastodon.org/
diff --git a/README_fr.md b/README_fr.md
index 7acbe9f..79eda72 100644
--- a/README_fr.md
+++ b/README_fr.md
@@ -14,7 +14,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour
 Mastodon est un réseau social de microblog auto-hébergé et open source. C'est une alternative décentralisée aux plates-formes commerciales comme Twitter. Mastodon évite ainsi les risques qu'une seule société monopolise votre communication à des fins commerciales.
 
 
-**Version incluse :** 3.4.4~ynh1
+**Version incluse :** 3.4.4~ynh2
 
 **Démo :** https://joinmastodon.org/
 
@@ -62,16 +62,14 @@ L'utilisateur admin est créé automatiquement comme : user@domain.tld
 
 `$ (cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl --help)`
 
-## Documentation
-
- * Documentation officielle : https://docs.joinmastodon.org/
-
 ## Caractéristiques spécifiques YunoHost
 
 #### Support multi-utilisateur
 
 L'authentification LDAP est activée. Tous les utilisateurs YunoHost peuvent s'authentifier.
 
+Se déconnecter depuis le portail YunoHost ne vous déconnecte pas de Mastodon. Voir https://github.com/YunoHost/issues/issues/501
+
 ## Documentations et ressources
 
 * Site officiel de l'app : https://joinmastodon.org/
diff --git a/check_process b/check_process
index 2998fd0..61a81b8 100644
--- a/check_process
+++ b/check_process
@@ -16,6 +16,8 @@
 		upgrade=1	from_commit=efbdbb05350b820c6e59a7bbbf70f57cf679fff8
 		# 3.4.1~ynh4
 		upgrade=1	from_commit=adec07db890dec787416e1b7c4493d24391d3500
+		# 3.4.4~ynh1
+		upgrade=1	from_commit=4d413848bf444586e28f3658de0ebe36d6ebf059
 		backup_restore=1
 		multi_instance=0
 		change_url=0
@@ -27,3 +29,5 @@ Notification=all
 		name=3.4.1~ynh1
 	; commit=adec07db890dec787416e1b7c4493d24391d3500
 		name=3.4.1~ynh4
+	; commit=4d413848bf444586e28f3658de0ebe36d6ebf059
+		name=3.4.4~ynh1
diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md
index 7966fa5..959c15d 100644
--- a/doc/DISCLAIMER.md
+++ b/doc/DISCLAIMER.md
@@ -36,3 +36,5 @@ $ screen -r
 #### Multi-users support
 
 LDAP authentication is activated. All YunoHost users can authenticate.
+
+Log-out from YunoHost's portal doesn't log out from Mastodon. See https://github.com/YunoHost/issues/issues/501
diff --git a/doc/DISCLAIMER_fr.md b/doc/DISCLAIMER_fr.md
index 9218cd3..a7b81ce 100644
--- a/doc/DISCLAIMER_fr.md
+++ b/doc/DISCLAIMER_fr.md
@@ -36,12 +36,10 @@ L'utilisateur admin est créé automatiquement comme : user@domain.tld
 
 `$ (cd /var/www/mastodon/live && sudo -u mastodon RAILS_ENV=production PATH=/opt/rbenv/versions/mastodon/bin bin/tootctl --help)`
 
-## Documentation
-
- * Documentation officielle : https://docs.joinmastodon.org/
-
 ## Caractéristiques spécifiques YunoHost
 
 #### Support multi-utilisateur
 
 L'authentification LDAP est activée. Tous les utilisateurs YunoHost peuvent s'authentifier.
+
+Se déconnecter depuis le portail YunoHost ne vous déconnecte pas de Mastodon. Voir https://github.com/YunoHost/issues/issues/501
diff --git a/manifest.json b/manifest.json
index 80fb313..80caed0 100644
--- a/manifest.json
+++ b/manifest.json
@@ -6,7 +6,7 @@
         "en": "Libre and federated social network",
         "fr": "Réseau social libre et fédéré"
     },
-    "version": "3.4.4~ynh1",
+    "version": "3.4.4~ynh2",
     "url": "https://github.com/mastodon/mastodon",
     "upstream": {
         "license": "AGPL-3.0-or-later",
diff --git a/sources/patches/app-sso.patch b/sources/patches/app-sso.patch
new file mode 100644
index 0000000..72f738e
--- /dev/null
+++ b/sources/patches/app-sso.patch
@@ -0,0 +1,56 @@
+diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
+index 7c36bc6b8..3f691d102 100644
+--- a/app/controllers/application_controller.rb
++++ b/app/controllers/application_controller.rb
+@@ -69,7 +69,7 @@ class ApplicationController < ActionController::Base
+   end
+ 
+   def after_sign_out_path_for(_resource_or_scope)
+-    new_user_session_path
++    "https://#{File.read('/etc/yunohost/current_host')}/yunohost/sso/?action=logout"
+   end
+ 
+   protected
+diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
+index 5232e6cfd..160348674 100644
+--- a/config/initializers/devise.rb
++++ b/config/initializers/devise.rb
+@@ -180,7 +180,7 @@ Devise.setup do |config|
+   # given strategies, for example, `config.http_authenticatable = [:database]` will
+   # enable it only for database authentication. The supported strategies are:
+   # :database      = Support basic authentication with authentication key + password
+-  config.http_authenticatable = [:pam, :database]
++  config.http_authenticatable = [:two_factor_ldap, :pam, :database]
+ 
+   # If 401 status code should be returned for AJAX requests. True by default.
+   # config.http_authenticatable_on_xhr = true
+diff --git a/lib/devise/two_factor_ldap_authenticatable.rb b/lib/devise/two_factor_ldap_authenticatable.rb
+index 065aa2de8..0eb4be10c 100644
+--- a/lib/devise/two_factor_ldap_authenticatable.rb
++++ b/lib/devise/two_factor_ldap_authenticatable.rb
+@@ -5,13 +5,13 @@ require 'devise/strategies/base'
+ 
+ module Devise
+   module Strategies
+-    class TwoFactorLdapAuthenticatable < Base
++    class TwoFactorLdapAuthenticatable < Authenticatable
+       def valid?
+-        valid_params? && mapping.to.respond_to?(:authenticate_with_ldap)
++        (valid_for_params_auth? || valid_for_http_auth?) && mapping.to.respond_to?(:authenticate_with_ldap)
+       end
+ 
+       def authenticate!
+-        resource = mapping.to.authenticate_with_ldap(params[scope])
++        resource = mapping.to.authenticate_with_ldap(authentication_hash.merge(:password => password))
+ 
+         if resource && !resource.otp_required_for_login?
+           success!(resource)
+@@ -23,7 +23,7 @@ module Devise
+       protected
+ 
+       def valid_params?
+-        params[scope] && params[scope][:password].present?
++        super && params[scope][:password].present?
+       end
+     end
+   end
author	yalh76 <yalh@yahoo.com>	2022-01-18 19:46:06 +0100
committer	GitHub <noreply@github.com>	2022-01-18 19:46:06 +0100
commit	627e5ebe5817db0f32a0b24119c9bbde39692b42 (patch)
tree	7a746f8b8891d2bba579ef7a8ed111d8fbb23116
parent	4d413848bf444586e28f3658de0ebe36d6ebf059 (diff)
parent	754f750fcd038894da3998ea0aa9d5fe580a5119 (diff)
download	mastodon_ynh-627e5ebe5817db0f32a0b24119c9bbde39692b42.tar.gz mastodon_ynh-627e5ebe5817db0f32a0b24119c9bbde39692b42.tar.bz2 mastodon_ynh-627e5ebe5817db0f32a0b24119c9bbde39692b42.zip