mirror of
https://github.com/misskey-dev/misskey.git
synced 2024-12-27 22:39:33 +09:00
fix(SSO): 認証の結果のデータがXMLスキーマと合わない問題を修正
This commit is contained in:
parent
b4b8b98336
commit
beab1e09bb
@ -171,11 +171,11 @@ export class JWTIdentifyProviderService {
|
|||||||
const roles = await this.roleService.getUserRoles(user.id);
|
const roles = await this.roleService.getUserRoles(user.id);
|
||||||
|
|
||||||
const payload: JWTPayload = {
|
const payload: JWTPayload = {
|
||||||
name: user.name,
|
name: user.name ?? user.username,
|
||||||
preferred_username: user.username,
|
preferred_username: user.username,
|
||||||
profile: `${this.config.url}/@${user.username}`,
|
profile: `${this.config.url}/@${user.username}`,
|
||||||
picture: user.avatarUrl,
|
picture: user.avatarUrl ?? undefined,
|
||||||
email: profile.email,
|
email: profile.emailVerified ? profile.email : undefined,
|
||||||
email_verified: profile.emailVerified,
|
email_verified: profile.emailVerified,
|
||||||
mfa_enabled: profile.twoFactorEnabled,
|
mfa_enabled: profile.twoFactorEnabled,
|
||||||
updated_at: Math.floor((user.updatedAt?.getTime() ?? user.createdAt.getTime()) / 1000),
|
updated_at: Math.floor((user.updatedAt?.getTime() ?? user.createdAt.getTime()) / 1000),
|
||||||
|
@ -477,16 +477,9 @@ export class SAMLIdentifyProviderService {
|
|||||||
'#text': ssoServiceProvider.issuer,
|
'#text': ssoServiceProvider.issuer,
|
||||||
},
|
},
|
||||||
'saml:Subject': {
|
'saml:Subject': {
|
||||||
'saml:NameID': [
|
'saml:NameID': profile.emailVerified
|
||||||
{
|
? { '@Format': 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress', '#text': profile.email }
|
||||||
'@Format': 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
|
: { '@Format': 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent', '#text': user.id },
|
||||||
'#text': profile.email,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
'@Format': 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
|
|
||||||
'#text': user.id,
|
|
||||||
},
|
|
||||||
],
|
|
||||||
'saml:SubjectConfirmation': {
|
'saml:SubjectConfirmation': {
|
||||||
'@Method': 'urn:oasis:names:tc:SAML:2.0:cm:bearer',
|
'@Method': 'urn:oasis:names:tc:SAML:2.0:cm:bearer',
|
||||||
'saml:SubjectConfirmationData': {
|
'saml:SubjectConfirmationData': {
|
||||||
@ -541,7 +534,7 @@ export class SAMLIdentifyProviderService {
|
|||||||
'@NameFormat': 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic',
|
'@NameFormat': 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic',
|
||||||
'saml:AttributeValue': {
|
'saml:AttributeValue': {
|
||||||
'@xsi:type': 'xs:string',
|
'@xsi:type': 'xs:string',
|
||||||
'#text': user.name,
|
'#text': user.name ?? user.username,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@ -568,14 +561,15 @@ export class SAMLIdentifyProviderService {
|
|||||||
'#text': `${this.config.url}/@${user.username}`,
|
'#text': `${this.config.url}/@${user.username}`,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
{
|
...(user.avatarUrl ? [{
|
||||||
'@Name': 'picture',
|
'@Name': 'picture',
|
||||||
'@NameFormat': 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic',
|
'@NameFormat': 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic',
|
||||||
'saml:AttributeValue': {
|
'saml:AttributeValue': {
|
||||||
'@xsi:type': 'xs:string',
|
'@xsi:type': 'xs:string',
|
||||||
'#text': user.avatarUrl,
|
'#text': user.avatarUrl,
|
||||||
},
|
},
|
||||||
},
|
}] : []),
|
||||||
|
...(profile.emailVerified ? [
|
||||||
{
|
{
|
||||||
'@Name': 'mail',
|
'@Name': 'mail',
|
||||||
'@NameFormat': 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic',
|
'@NameFormat': 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic',
|
||||||
@ -592,6 +586,7 @@ export class SAMLIdentifyProviderService {
|
|||||||
'#text': profile.email,
|
'#text': profile.email,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
] : []),
|
||||||
{
|
{
|
||||||
'@Name': 'email_verified',
|
'@Name': 'email_verified',
|
||||||
'@NameFormat': 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic',
|
'@NameFormat': 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic',
|
||||||
|
Loading…
Reference in New Issue
Block a user