diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index 31ed891a6..c2b85bf77 100644 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -199,20 +199,21 @@ module ApplicationHelper ENV['SSO_ENABLED'] == 'true' end - def okta_configured? - ApplicationSettings.instance.values['okta'].present? + def okta_enabled? + ApplicationSettings.instance.values.dig('okta', 'enabled') end - def azure_ad_configured? - ApplicationSettings.instance.values['azure_ad_apps'].present? + def azure_ad_enabled? + provider_conf = ApplicationSettings.instance.values['azure_ad_apps'] + provider_conf.present? && provider_conf[0]['enabled'] end - def openid_connect_configured? - ApplicationSettings.instance.values['openid_connect'].present? + def saml_enabled? + ApplicationSettings.instance.values.dig('saml', 'enabled') end - def saml_configured? - ApplicationSettings.instance.values['saml'].present? + def openid_connect_enabled? + ApplicationSettings.instance.values.dig('openid_connect', 'enabled') end def wopi_enabled? diff --git a/app/views/users/shared/_links.html.erb b/app/views/users/shared/_links.html.erb index 2395bc310..85126b0c1 100644 --- a/app/views/users/shared/_links.html.erb +++ b/app/views/users/shared/_links.html.erb @@ -28,7 +28,7 @@ <% end -%> <% if controller_name != 'passwords'%> - <%- if sso_enabled? && okta_configured? %> + <%- if sso_enabled? && okta_enabled? %>
<%= form_tag user_okta_omniauth_authorize_path, method: :post, id: 'oktaForm' do %> <%= submit_tag t('devise.okta.sign_in_label'), class: 'btn btn-okta' %> @@ -42,13 +42,13 @@ <% end -%> <% end -%> - <% if sso_enabled? && azure_ad_configured? %> + <% if sso_enabled? && azure_ad_enabled? %>
<%= render partial: "users/shared/azure_sign_in_links", locals: { resource_name: resource_name } %>
<% end %> - <%- if sso_enabled? && openid_connect_configured? %> + <%- if sso_enabled? && openid_connect_enabled? %>
<%= form_tag user_openid_connect_omniauth_authorize_path, method: :post do %> <%= submit_tag t('devise.sessions.new.openid_connect_submit'), class: 'btn btn-primary' %> @@ -56,7 +56,7 @@
<% end %> - <% if sso_enabled? && saml_configured? %> + <% if sso_enabled? && saml_enabled? %>
<%= form_tag user_saml_omniauth_authorize_path, method: :post do %> <%= submit_tag t('devise.sessions.new.saml_submit'), class: 'btn btn-primary' %> diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb index da22ac831..85e3e4d59 100644 --- a/config/initializers/omniauth.rb +++ b/config/initializers/omniauth.rb @@ -5,7 +5,7 @@ require 'omniauth/strategies/custom_azure_active_directory' AZURE_SETUP_PROC = lambda do |env| settings = ApplicationSettings.instance providers = settings.values['azure_ad_apps'].select { |v| v['enable_sign_in'] } - raise StandardError, 'No Azure AD config available for sign in' if providers.blank? + raise StandardError, 'No Azure AD config available for sign in' unless providers.present? && providers[0]['enabled'] req = Rack::Request.new(env) @@ -61,7 +61,7 @@ end OKTA_SETUP_PROC = lambda do |env| settings = ApplicationSettings.instance provider_conf = settings.values['okta'] - raise StandardError, 'No Okta config available for sign in' if provider_conf.blank? + raise StandardError, 'No Okta config available for sign in' unless provider_conf.present? && provider_conf['enabled'] oauth2_base_url = if provider_conf['auth_server_id'].blank?