warp-tech/warpgate
1
1
Fork 0
mirror of https://github.com/warp-tech/warpgate.git synced 2024-09-20 06:46:17 +08:00
Code Issues Packages Projects Releases Wiki Activity

Switch OOB SSO authentication for SSH to use the instructions instead of the name (#964)

Browse source 
Some SFTP clients (specifically WinSCP) truncate the name parameter for
keyboard interactive login (WinSCP specifically puts it in the
titlebar):

![image](https://github.com/warp-tech/warpgate/assets/51303984/dc90ad67-e383-4cba-8326-79f08405fde6)

This PR changes the Warpgate authentication flow to use the keyboard
interactive parameter for instructions for the primary instructions for
SSO web-based auth, instead of the name. This results in the following
UI for WinSCP:

![image](https://github.com/warp-tech/warpgate/assets/51303984/0893f9c3-8724-4a4e-8c62-3e1d1484f2f0)

Filezilla:

![image](https://github.com/warp-tech/warpgate/assets/51303984/089f7f72-73e2-4d0e-bb45-4d470b8fb39b)

and OpenSSH:

![image](https://github.com/warp-tech/warpgate/assets/51303984/02ff7fbd-4bc6-47a0-aadc-b8d32c42fb59)

Perhaps some changes to the wording may be in order (e.g. to prevent the
duplication of 'Warpgate authentication' in OpenSSH and FileZilla, but I
thought I would leave this PR as being as minimal as possible for the
meantime.
This commit is contained in:
Shea Smith 2024-03-24 09:50:11 +13:00 committed by GitHub
parent 47c943d201
commit 5551c33259
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
warpgate-protocol-ssh/src/server/session.rs
View file

@ -1360,7 +1360,8 @@ impl ServerSession {
login_url.set_fragment(Some(&format!("/login/{auth_state_id}"))); login_url.set_fragment(Some(&format!("/login/{auth_state_id}")));
russh::server::Auth::Partial { russh::server::Auth::Partial {
name: Cow::Owned(format!( name: Cow::Borrowed("Warpgate authentication"),
instructions: Cow::Owned(format!(
concat!( concat!(
"-----------------------------------------------------------------------\n", "-----------------------------------------------------------------------\n",
"Warpgate authentication: please open the following URL in your browser:\n", "Warpgate authentication: please open the following URL in your browser:\n",
@ -1375,7 +1376,6 @@ impl ServerSession {
.collect::<Vec<_>>() .collect::<Vec<_>>()
.join(" ") .join(" ")
)), )),
instructions: Cow::Borrowed(""),
prompts: Cow::Owned(vec![(Cow::Borrowed("Press Enter when done: "), true)]), prompts: Cow::Owned(vec![(Cow::Borrowed("Press Enter when done: "), true)]),
} }
} else { } else {