2018-08-18 11:41:59 +00:00
{% extends "base.html" %}
{% set active_page = "admin_settings" %}
{% block title %}
2018-08-18 15:42:18 +00:00
< title > Authentication Settings - {{ SITE_NAME }}< / title >
2018-08-18 11:41:59 +00:00
{% endblock %} {% block dashboard_stat %}
<!-- Content Header (Page header) -->
< section class = "content-header" >
< h1 >
Settings < small > PowerDNS-Admin settings< / small >
< / h1 >
< ol class = "breadcrumb" >
< li > < a href = "{{ url_for('dashboard') }}" > < i class = "fa fa-dashboard" > < / i > Home< / a > < / li >
< li > < a href = "#" > Setting< / a > < / li >
< li class = "active" > Authentication< / li >
< / ol >
2018-09-12 15:28:05 +00:00
< script >
function ldapSelection() {
if (document.getElementById('ldap').checked) {
document.getElementById('ldap_openldap_fields').style.display = 'block';
document.getElementById('ldap_ad_fields').style.display = 'none';
} else {
document.getElementById('ldap_openldap_fields').style.display = 'none';
document.getElementById('ldap_ad_fields').style.display = 'block';
}
}
window.onload = function() {
ldapSelection();
}
< / script >
2018-08-18 11:41:59 +00:00
< / section >
{% endblock %}
{% block content %}
< section class = "content" >
< div class = "row" >
< div class = "col-lg-12" >
< div class = "box box-primary" >
< div class = "box-header with-border" >
< h3 class = "box-title" > Authentication Settings< / h3 >
< / div >
< div class = "box-body" >
2018-08-19 15:08:14 +00:00
{% if result %}
< div class = "alert {% if result['status'] %}alert-success{% else %}alert-danger{% endif%} alert-dismissible" >
< button type = "button" class = "close" data-dismiss = "alert" aria-hidden = "true" > × < / button >
{{ result['msg'] }}
< / div >
{% endif %}
2018-08-18 11:41:59 +00:00
<!-- Custom Tabs -->
< div class = "nav-tabs-custom" id = "tabs" >
< ul class = "nav nav-tabs" >
< li class = "active" > < a href = "#tabs-general" data-toggle = "tab" > General< / a > < / li >
< li class = "active" > < a href = "#tabs-ldap" data-toggle = "tab" > LDAP< / a > < / li >
< li > < a href = "#tabs-google" data-toggle = "tab" > Google OAuth< / a > < / li >
< li > < a href = "#tabs-github" data-toggle = "tab" > Github OAuth< / a > < / li >
2019-12-05 00:21:50 +00:00
< li > < a href = "#tabs-azure" data-toggle = "tab" > Microsoft OAuth< / a > < / li >
2018-10-21 22:38:12 +00:00
< li > < a href = "#tabs-oidc" data-toggle = "tab" > OpenID Connect OAuth< / a > < / li >
2018-08-18 11:41:59 +00:00
< / ul >
< div class = "tab-content" >
< div class = "tab-pane active" id = "tabs-general" >
< form role = "form" method = "post" >
2018-11-21 03:24:33 +00:00
< input type = "hidden" name = "_csrf_token" value = "{{ csrf_token() }}" >
2018-08-18 11:41:59 +00:00
< input type = "hidden" value = "general" name = "config_tab" / >
< div class = "form-group" >
< input type = "checkbox" id = "local_db_enabled" name = "local_db_enabled" class = "checkbox" { % if SETTING . get ( ' local_db_enabled ' ) % } checked { % endif % } >
< label for = "local_db_enabled" > Local DB Authentication< / label >
< / div >
< div class = "form-group" >
< input type = "checkbox" id = "signup_enabled" name = "signup_enabled" class = "checkbox" { % if SETTING . get ( ' signup_enabled ' ) % } checked { % endif % } >
< label for = "signup_enabled" > Allow users to sign up< / label >
< / div >
< div class = "form-group" >
< button type = "submit" class = "btn btn-flat btn-primary" > Save< / button >
< / div >
< / form >
< / div >
< div class = "tab-pane active" id = "tabs-ldap" >
< div class = "row" >
< div class = "col-md-4" >
2018-08-19 15:08:14 +00:00
< form role = "form" method = "post" data-toggle = "validator" >
2018-11-21 03:24:33 +00:00
< input type = "hidden" name = "_csrf_token" value = "{{ csrf_token() }}" >
2018-08-18 11:41:59 +00:00
< input type = "hidden" value = "ldap" name = "config_tab" / >
< fieldset >
< legend > GENERAL< / legend >
< div class = "form-group" >
< input type = "checkbox" id = "ldap_enabled" name = "ldap_enabled" class = "checkbox" { % if SETTING . get ( ' ldap_enabled ' ) % } checked { % endif % } >
< label for = "ldap_enabled" > Enable LDAP Authentication< / label >
< / div >
< div class = "form-group" >
< label > Type< / label >
< div class = "radio" >
< label >
2018-09-12 15:28:05 +00:00
< input type = "radio" name = "ldap_type" id = "ldap" onclick = "javascript:ldapSelection();" value = "ldap" { % if SETTING . get ( ' ldap_type ' ) = = ' ldap ' % } checked { % endif % } > OpenLDAP
2018-08-18 11:41:59 +00:00
< / label >
< label >
2018-09-12 15:28:05 +00:00
< input type = "radio" name = "ldap_type" id = "ad" onclick = "javascript:ldapSelection();" value = "ad" { % if SETTING . get ( ' ldap_type ' ) = = ' ad ' % } checked { % endif % } > Active Directory
2018-08-18 11:41:59 +00:00
< / label >
< / div >
< / div >
< / fieldset >
< fieldset >
< legend > ADMINISTRATOR INFO< / legend >
< div class = "form-group" >
< label for = "ldap_uri" > LDAP URI< / label >
2018-08-19 15:08:14 +00:00
< input type = "text" class = "form-control" name = "ldap_uri" id = "ldap_uri" placeholder = "e.g. ldaps://your-ldap-server:636" data-error = "Please input LDAP URI" value = "{{ SETTING.get('ldap_uri') }}" >
2018-08-18 11:41:59 +00:00
< / div >
2018-08-18 15:42:18 +00:00
< div class = "form-group" >
< label for = "ldap_base_dn" > LDAP Base DN< / label >
2018-08-19 15:08:14 +00:00
< input type = "text" class = "form-control" name = "ldap_base_dn" id = "ldap_base_dn" placeholder = "e.g. dc=mydomain,dc=com" data-error = "Please input LDAP Base DN" value = "{{ SETTING.get('ldap_base_dn') }}" >
< span class = "help-block with-errors" > < / span >
2018-08-18 15:42:18 +00:00
< / div >
2018-09-12 15:28:05 +00:00
< div id = "ldap_openldap_fields" >
< div class = "form-group" >
< label for = "ldap_admin_username" > LDAP admin username< / label >
< input type = "text" class = "form-control" name = "ldap_admin_username" id = "ldap_admin_username" placeholder = "e.g. cn=admin,dc=mydomain,dc=com" data-error = "Please input LDAP admin username" value = "{{ SETTING.get('ldap_admin_username') }}" >
< span class = "help-block with-errors" > < / span >
< / div >
< div class = "form-group" >
< label for = "ldap_admin_password" > LDAP admin password< / label >
< input type = "password" class = "form-control" name = "ldap_admin_password" id = "ldap_admin_password" placeholder = "LDAP Admin password" data-error = "Please input LDAP admin password" value = "{{ SETTING.get('ldap_admin_password') }}" >
< span class = "help-block with-errors" > < / span >
< / div >
2018-08-18 11:41:59 +00:00
< / div >
2018-09-12 15:28:05 +00:00
< div id = "ldap_ad_fields" >
< div class = "form-group" >
< label for = "ldap_domain" > Active Directory domain< / label >
< input type = "text" class = "form-control" name = "ldap_domain" id = "ldap_domain" placeholder = "Active Directory domain" data-error = "Please input Actve Directory domain value" value = "{{ SETTING.get('ldap_domain') }}" >
< span class = "help-block with-errors" > < / span >
< / div >
2018-08-18 11:41:59 +00:00
< / div >
< / fieldset >
< fieldset >
< legend > FILTERS< / legend >
< div class = "form-group" >
< label for = "ldap_filter_basic" > Basic filter< / label >
2018-08-19 15:08:14 +00:00
< input type = "text" class = "form-control" name = "ldap_filter_basic" id = "ldap_filter_basic" placeholder = "e.g. (objectClass=inetorgperson)" data-error = "Please input LDAP filter" value = "{{ SETTING.get('ldap_filter_basic') }}" >
< span class = "help-block with-errors" > < / span >
2018-08-18 11:41:59 +00:00
< / div >
< div class = "form-group" >
< label for = "ldap_filter_username" > Username field< / label >
2018-08-19 15:08:14 +00:00
< input type = "text" class = "form-control" name = "ldap_filter_username" id = "ldap_filter_username" placeholder = "e.g. uid" data-error = "Please input field for username filtering" value = "{{ SETTING.get('ldap_filter_username') }}" >
< span class = "help-block with-errors" > < / span >
2018-08-18 11:41:59 +00:00
< / div >
< / fieldset >
< fieldset >
< legend > GROUP SECURITY< / legend >
< div class = "form-group" >
< label > Status< / label >
< div class = "radio" >
< label >
< input type = "radio" name = "ldap_sg_enabled" id = "ldap_sg_off" value = "OFF" { % if not SETTING . get ( ' ldap_sg_enabled ' ) % } checked { % endif % } > OFF
< / label >
< label >
< input type = "radio" name = "ldap_sg_enabled" id = "ldap_sg_on" value = "ON" { % if SETTING . get ( ' ldap_sg_enabled ' ) % } checked { % endif % } > ON
< / label >
< / div >
< / div >
< div class = "form-group" >
< label for = "ldap_admin_group" > Admin group< / label >
2018-08-19 15:08:14 +00:00
< input type = "text" class = "form-control" name = "ldap_admin_group" id = "ldap_admin_group" placeholder = "e.g. cn=sysops,dc=mydomain,dc=com" data-error = "Please input LDAP DN for Admin group" value = "{{ SETTING.get('ldap_admin_group') }}" >
< span class = "help-block with-errors" > < / span >
2018-08-18 11:41:59 +00:00
< / div >
2018-08-31 04:57:06 +00:00
< div class = "form-group" >
< label for = "ldap_operator_group" > Operator group< / label >
< input type = "text" class = "form-control" name = "ldap_operator_group" id = "ldap_operator_group" placeholder = "e.g. cn=operators,dc=mydomain,dc=com" data-error = "Please input LDAP DN for Operator group" value = "{{ SETTING.get('ldap_operator_group') }}" >
< span class = "help-block with-errors" > < / span >
< / div >
2018-08-18 11:41:59 +00:00
< div class = "form-group" >
< label for = "ldap_user_group" > User group< / label >
2018-08-19 15:08:14 +00:00
< input type = "text" class = "form-control" name = "ldap_user_group" id = "ldap_user_group" placeholder = "e.g. cn=users,dc=mydomain,dc=com" data-error = "Please input LDAP DN for User group" value = "{{ SETTING.get('ldap_user_group') }}" >
< span class = "help-block with-errors" > < / span >
2018-08-18 11:41:59 +00:00
< / div >
< / fieldset >
< div class = "form-group" >
< button type = "submit" class = "btn btn-flat btn-primary" > Save< / button >
< / div >
< / form >
< / div >
< div class = "col-md-8" >
< legend > Help< / legend >
2018-08-22 10:45:37 +00:00
< dl class = "dl-horizontal" >
< dt > Enable LDAP Authentication< / dt >
< dd > Turn on / off the LDAP authentication.< / dd >
< dt > Type< / dt >
< dd > Select your current directory service type.
< ul >
< li >
OpenLDAP - Open source implementation of the Lightweight Directory Access Protocol.
< / li >
< li >
Active Directory - Active Directory is a directory service that Microsoft developed for the Windows domain networks.
< / li >
< / ul >
< / dd >
< dt > ADMINISTRATOR INFO< / dt >
< dd > Your LDAP connection string and admin credential used by PDA to query user information.
< ul >
< li >
LDAP URI - The fully qualified domain names of your directory servers. (e.g. ldap://127.0.0.1:389)
< / li >
< li >
LDAP Base DN - The point from where a PDA will search for users.
< / li >
< li >
2018-09-12 15:28:05 +00:00
LDAP admin username - Your LDAP administrator user which has permission to query information in the Base DN above. Not needed for Active Directory authentication.
< / li >
< li >
LDAP admin password - The password of LDAP administrator user. Not needed for Active Directory authentication.
2018-08-22 10:45:37 +00:00
< / li >
< li >
2018-09-12 15:28:05 +00:00
Active Directory domain - Active Directory domain used.
2018-08-22 10:45:37 +00:00
< / li >
< / ul >
< / dd >
< dt > FILTERS< / dt >
< dd > Define how you want to filter your user in LDAP query.
< ul >
< li >
2018-08-25 07:53:10 +00:00
Basic filter - The filter that will be applied to all LDAP query by PDA. (e.g. < i > (objectClass=inetorgperson)< / i > for OpenLDAP and < i > (objectClass=organizationalPerson)< / i > for Active Directory)
2018-08-22 10:45:37 +00:00
< / li >
< li >
2018-10-24 06:30:19 +00:00
Username field - The field PDA will look for user's username. (e.g. < i > uid< / i > for OpenLDAP and < i > sAMAccountName< / i > for Active Directory)
2018-08-22 10:45:37 +00:00
< / li >
< / ul >
< / dd >
< dt > GROUP SECURITY< / dt >
< dd > User can be assigned to PDA's User or Admin group by matching following LDAP Group.
< ul >
< li >
Status - Turn on / off group security feature.
< / li >
< li >
Admin group - Your LDAP admin group.
< / li >
2018-08-31 04:57:06 +00:00
< li >
Operator group - Your LDAP operator group.
< / li >
2018-08-22 10:45:37 +00:00
< li >
User group - Your LDAP user group.
< / li >
< / ul >
< / dd >
< / dl >
2018-08-18 11:41:59 +00:00
< / div >
< / div >
< / div >
< div class = "tab-pane" id = "tabs-google" >
< div class = "row" >
< div class = "col-md-4" >
2018-08-19 15:08:14 +00:00
< form role = "form" method = "post" data-toggle = "validator" >
2018-11-21 03:24:33 +00:00
< input type = "hidden" name = "_csrf_token" value = "{{ csrf_token() }}" >
2018-08-18 11:41:59 +00:00
< input type = "hidden" value = "google" name = "config_tab" / >
< fieldset >
< legend > GENERAL< / legend >
< div class = "form-group" >
< input type = "checkbox" id = "google_oauth_enabled" name = "google_oauth_enabled" class = "checkbox" { % if SETTING . get ( ' google_oauth_enabled ' ) % } checked { % endif % } >
< label for = "google_oauth_enabled" > Enable Google OAuth< / label >
< / div >
< div class = "form-group" >
< label for = "google_oauth_client_id" > Client ID< / label >
2018-08-19 15:08:14 +00:00
< input type = "text" class = "form-control" name = "google_oauth_client_id" id = "google_oauth_client_id" placeholder = "Google OAuth client ID" data-error = "Please input Client ID" value = "{{ SETTING.get('google_oauth_client_id') }}" >
< span class = "help-block with-errors" > < / span >
2018-08-18 11:41:59 +00:00
< / div >
< div class = "form-group" >
< label for = "google_oauth_client_secret" > Client secret< / label >
2018-08-19 15:08:14 +00:00
< input type = "text" class = "form-control" name = "google_oauth_client_secret" id = "google_oauth_client_secret" placeholder = "Google OAuth client secret" data-error = "Please input Client secret" value = "{{ SETTING.get('google_oauth_client_secret') }}" >
< span class = "help-block with-errors" > < / span >
2018-08-18 11:41:59 +00:00
< / div >
< / fieldset >
< fieldset >
< legend > ADVANCE< / legend >
< div class = "form-group" >
< label for = "google_token_url" > Token URL< / label >
2018-08-19 15:08:14 +00:00
< input type = "text" class = "form-control" name = "google_token_url" id = "google_token_url" placeholder = "e.g. https://accounts.google.com/o/oauth2/token" data-error = "Please input token URL" value = "{{ SETTING.get('google_token_url') }}" >
< span class = "help-block with-errors" > < / span >
2018-08-18 11:41:59 +00:00
< / div >
< div class = "form-group" >
2018-10-22 01:33:46 +00:00
< label for = "google_oauth_scope" > Scope< / label >
< input type = "text" class = "form-control" name = "google_oauth_scope" id = "google_oauth_scope" placeholder = "e.g. email profile" data-error = "Please input scope" value = "{{ SETTING.get('google_oauth_scope') }}" >
2018-08-19 15:08:14 +00:00
< span class = "help-block with-errors" > < / span >
2018-08-18 11:41:59 +00:00
< / div >
< div class = "form-group" >
< label for = "google_authorize_url" > Authorize URL< / label >
2018-08-19 15:08:14 +00:00
< input type = "text" class = "form-control" name = "google_authorize_url" id = "google_authorize_url" placeholder = "e.g. https://accounts.google.com/o/oauth2/auth" data-error = "Please input Authorize URL" value = "{{ SETTING.get('google_authorize_url') }}" >
< span class = "help-block with-errors" > < / span >
2018-08-18 11:41:59 +00:00
< / div >
< div class = "form-group" >
< label for = "google_base_url" > Base URL< / label >
2018-08-19 15:08:14 +00:00
< input type = "text" class = "form-control" name = "google_base_url" id = "google_base_url" placeholder = "e.g. https://www.googleapis.com/oauth2/v1/" data-error = "Please input base URL" value = "{{ SETTING.get('google_base_url') }}" >
< span class = "help-block with-errors" > < / span >
2018-08-18 11:41:59 +00:00
< / div >
< / fieldset >
< div class = "form-group" >
< button type = "submit" class = "btn btn-flat btn-primary" > Save< / button >
< / div >
< / form >
< / div >
< div class = "col-md-8" >
< legend > Help< / legend >
2018-08-22 10:45:37 +00:00
< p > Fill in all the fields in the left form.< / p >
< p > Make sure you add PDA redirection URI (e.g http://localhost:9191/google/authorized) to your Google App Credentials Restriction.< / p >
2018-08-18 11:41:59 +00:00
< / div >
< / div >
< / div >
< div class = "tab-pane" id = "tabs-github" >
< div class = "row" >
< div class = "col-md-4" >
2018-08-19 15:08:14 +00:00
< form role = "form" method = "post" data-toggle = "validator" >
2018-11-21 03:24:33 +00:00
< input type = "hidden" name = "_csrf_token" value = "{{ csrf_token() }}" >
2018-08-18 11:41:59 +00:00
< input type = "hidden" value = "github" name = "config_tab" / >
< fieldset >
< legend > GENERAL< / legend >
< div class = "form-group" >
< input type = "checkbox" id = "github_oauth_enabled" name = "github_oauth_enabled" class = "checkbox" { % if SETTING . get ( ' github_oauth_enabled ' ) % } checked { % endif % } >
< label for = "github_oauth_enabled" > Enable Github OAuth< / label >
< / div >
< div class = "form-group" >
< label for = "github_oauth_key" > Client key< / label >
2018-08-19 15:08:14 +00:00
< input type = "text" class = "form-control" name = "github_oauth_key" id = "github_oauth_key" placeholder = "Google OAuth client ID" data-error = "Please input Client key" value = "{{ SETTING.get('github_oauth_key') }}" >
< span class = "help-block with-errors" > < / span >
2018-08-18 11:41:59 +00:00
< / div >
< div class = "form-group" >
< label for = "github_oauth_secret" > Client secret< / label >
2018-08-19 15:08:14 +00:00
< input type = "text" class = "form-control" name = "github_oauth_secret" id = "github_oauth_secret" placeholder = "Google OAuth client secret" data-error = "Please input Client secret" value = "{{ SETTING.get('github_oauth_secret') }}" >
< span class = "help-block with-errors" > < / span >
2018-08-18 11:41:59 +00:00
< / div >
< / fieldset >
< fieldset >
< legend > ADVANCE< / legend >
< div class = "form-group" >
< label for = "github_oauth_scope" > Scope< / label >
2018-08-19 15:08:14 +00:00
< input type = "text" class = "form-control" name = "github_oauth_scope" id = "github_oauth_scope" placeholder = "e.g. email" data-error = "Please input scope" value = "{{ SETTING.get('github_oauth_scope') }}" >
< span class = "help-block with-errors" > < / span >
2018-08-18 11:41:59 +00:00
< / div >
< div class = "form-group" >
< label for = "github_oauth_api_url" > API URL< / label >
2018-08-19 15:08:14 +00:00
< input type = "text" class = "form-control" name = "github_oauth_api_url" id = "github_oauth_api_url" placeholder = "e.g. https://api.github.com/user" data-error = "Please input API URL" value = "{{ SETTING.get('github_oauth_api_url') }}" >
< span class = "help-block with-errors" > < / span >
2018-08-18 11:41:59 +00:00
< / div >
< div class = "form-group" >
< label for = "github_oauth_token_url" > Token URL< / label >
2018-08-19 15:08:14 +00:00
< input type = "text" class = "form-control" name = "github_oauth_token_url" id = "github_oauth_token_url" placeholder = "e.g. https://github.com/login/oauth/access_token" data-error = "Please input Token URL" value = "{{ SETTING.get('github_oauth_token_url') }}" >
< span class = "help-block with-errors" > < / span >
2018-08-18 11:41:59 +00:00
< / div >
< div class = "form-group" >
< label for = "github_oauth_authorize_url" > Authorize URL< / label >
2018-08-19 15:08:14 +00:00
< input type = "text" class = "form-control" name = "github_oauth_authorize_url" id = "github_oauth_authorize_url" placeholder = "e.g. https://github.com/login/oauth/authorize" data-error = "Plesae input Authorize URL" value = "{{ SETTING.get('github_oauth_authorize_url') }}" >
< span class = "help-block with-errors" > < / span >
2018-08-18 11:41:59 +00:00
< / div >
< / fieldset >
< div class = "form-group" >
< button type = "submit" class = "btn btn-flat btn-primary" > Save< / button >
< / div >
< / form >
< / div >
< div class = "col-md-8" >
< legend > Help< / legend >
2018-08-22 10:45:37 +00:00
< p > Fill in all the fields in the left form.< / p >
2018-08-18 11:41:59 +00:00
< / div >
2018-11-21 03:24:33 +00:00
< / div >
2018-10-21 22:38:12 +00:00
< / div >
2019-12-05 00:21:50 +00:00
< div class = "tab-pane" id = "tabs-azure" >
< div class = "row" >
< div class = "col-md-4" >
< form role = "form" method = "post" data-toggle = "validator" >
< input type = "hidden" name = "_csrf_token" value = "{{ csrf_token() }}" >
< input type = "hidden" value = "azure" name = "config_tab" / >
< fieldset >
< legend > GENERAL< / legend >
< div class = "form-group" >
< input type = "checkbox" id = "azure_oauth_enabled" name = "azure_oauth_enabled" class = "checkbox" { % if SETTING . get ( ' azure_oauth_enabled ' ) % } checked { % endif % } >
< label for = "azure_oauth_enabled" > Enable Microsoft Azure OAuth< / label >
< / div >
< div class = "form-group" >
< label for = "azure_oauth_key" > Client key< / label >
< input type = "text" class = "form-control" name = "azure_oauth_key" id = "azure_oauth_key" placeholder = "Azure OAuth client ID" data-error = "Please input Client key" value = "{{ SETTING.get('azure_oauth_key') }}" >
< span class = "help-block with-errors" > < / span >
< / div >
< div class = "form-group" >
< label for = "azure_oauth_secret" > Client secret< / label >
< input type = "text" class = "form-control" name = "azure_oauth_secret" id = "azure_oauth_secret" placeholder = "Azure OAuth client secret" data-error = "Please input Client secret" value = "{{ SETTING.get('azure_oauth_secret') }}" >
< span class = "help-block with-errors" > < / span >
< / div >
< / fieldset >
< fieldset >
< legend > ADVANCE< / legend >
< div class = "form-group" >
< label for = "azure_oauth_scope" > Scope< / label >
< input type = "text" class = "form-control" name = "azure_oauth_scope" id = "azure_oauth_scope" placeholder = "e.g. email" data-error = "Please input scope - e.g. User.Read" value = "{{ SETTING.get('azure_oauth_scope') }}" >
< span class = "help-block with-errors" > < / span >
< / div >
< div class = "form-group" >
< label for = "azure_oauth_api_url" > API URL< / label >
< input type = "text" class = "form-control" name = "azure_oauth_api_url" id = "azure_oauth_api_url" placeholder = "e.g. https://graph.microsoft.com/v1.0/" data-error = "Please input API URL" value = "{{ SETTING.get('azure_oauth_api_url') }}" >
< span class = "help-block with-errors" > < / span >
< / div >
< div class = "form-group" >
< label for = "azure_oauth_token_url" > Token URL< / label >
< input type = "text" class = "form-control" name = "azure_oauth_token_url" id = "azure_oauth_token_url" placeholder = "e.g. https://login.microsoftonline.com/[tenancyID]/oauth2/v2.0/token" data-error = "Please input Token URL" value = "{{ SETTING.get('azure_oauth_token_url') }}" >
< span class = "help-block with-errors" > < / span >
< / div >
< div class = "form-group" >
< label for = "azure_oauth_authorize_url" > Authorize URL< / label >
< input type = "text" class = "form-control" name = "azure_oauth_authorize_url" id = "azure_oauth_authorize_url" placeholder = "e.g. https://login.microsoftonline.com/[tenancyID]/oauth2/v2.0/authorize" data-error = "Please input Authorize URL" value = "{{ SETTING.get('azure_oauth_authorize_url') }}" >
< span class = "help-block with-errors" > < / span >
< / div >
< / fieldset >
< div class = "form-group" >
< button type = "submit" class = "btn btn-flat btn-primary" > Save< / button >
< / div >
< / form >
< / div >
< div class = "col-md-8" >
< legend > Help< / legend >
< p > Fill in all the fields in the left form.< / p >
< / div >
< / div >
< / div >
2018-10-21 22:38:12 +00:00
< div class = "tab-pane" id = "tabs-oidc" >
< div class = "row" >
< div class = "col-md-4" >
< form role = "form" method = "post" data-toggle = "validator" >
2018-11-21 03:24:33 +00:00
< input type = "hidden" name = "_csrf_token" value = "{{ csrf_token() }}" >
2018-10-21 22:38:12 +00:00
< input type = "hidden" value = "oidc" name = "config_tab" / >
< fieldset >
< legend > GENERAL< / legend >
< div class = "form-group" >
< input type = "checkbox" id = "oidc_oauth_enabled" name = "oidc_oauth_enabled" class = "checkbox" { % if SETTING . get ( ' oidc_oauth_enabled ' ) % } checked { % endif % } >
< label for = "oidc_oauth_enabled" > Enable OpenID Connect OAuth< / label >
< / div >
< div class = "form-group" >
< label for = "oidc_oauth_key" > Client key< / label >
< input type = "text" class = "form-control" name = "oidc_oauth_key" id = "oidc_oauth_key" placeholder = "OIDC OAuth client ID" data-error = "Please input Client key" value = "{{ SETTING.get('oidc_oauth_key') }}" >
< span class = "help-block with-errors" > < / span >
< / div >
< div class = "form-group" >
< label for = "oidc_oauth_secret" > Client secret< / label >
< input type = "text" class = "form-control" name = "oidc_oauth_secret" id = "oidc_oauth_secret" placeholder = "OIDC OAuth client secret" data-error = "Please input Client secret" value = "{{ SETTING.get('oidc_oauth_secret') }}" >
< span class = "help-block with-errors" > < / span >
< / div >
< / fieldset >
< fieldset >
< legend > ADVANCE< / legend >
< div class = "form-group" >
< label for = "oidc_oauth_scope" > Scope< / label >
< input type = "text" class = "form-control" name = "oidc_oauth_scope" id = "oidc_oauth_scope" placeholder = "e.g. email" data-error = "Please input scope" value = "{{ SETTING.get('oidc_oauth_scope') }}" >
< span class = "help-block with-errors" > < / span >
< / div >
< div class = "form-group" >
< label for = "oidc_oauth_api_url" > API URL< / label >
< input type = "text" class = "form-control" name = "oidc_oauth_api_url" id = "oidc_oauth_api_url" placeholder = "e.g. https://api.oidc.com/user" data-error = "Please input API URL" value = "{{ SETTING.get('oidc_oauth_api_url') }}" >
< span class = "help-block with-errors" > < / span >
< / div >
< div class = "form-group" >
< label for = "oidc_oauth_token_url" > Token URL< / label >
< input type = "text" class = "form-control" name = "oidc_oauth_token_url" id = "oidc_oauth_token_url" placeholder = "e.g. https://oidc.com/login/oauth/access_token" data-error = "Please input Token URL" value = "{{ SETTING.get('oidc_oauth_token_url') }}" >
< span class = "help-block with-errors" > < / span >
< / div >
< div class = "form-group" >
< label for = "oidc_oauth_authorize_url" > Authorize URL< / label >
< input type = "text" class = "form-control" name = "oidc_oauth_authorize_url" id = "oidc_oauth_authorize_url" placeholder = "e.g. https://oidc.com/login/oauth/authorize" data-error = "Plesae input Authorize URL" value = "{{ SETTING.get('oidc_oauth_authorize_url') }}" >
< span class = "help-block with-errors" > < / span >
< / div >
< / fieldset >
< div class = "form-group" >
< button type = "submit" class = "btn btn-flat btn-primary" > Save< / button >
< / div >
< / form >
< / div >
< div class = "col-md-8" >
< legend > Help< / legend >
< p > Fill in all the fields in the left form.< / p >
< / div >
2018-08-18 11:41:59 +00:00
< / div >
< / div >
< / div >
< / div >
< / div >
< / div >
< / div >
< / div >
< / section >
{% endblock %}
{% block extrascripts %}
2018-08-19 15:08:14 +00:00
{% assets "js_validation" -%}
< script type = "text/javascript" src = "{{ ASSET_URL }}" > < / script >
{%- endassets %}
2018-08-18 11:41:59 +00:00
< script >
$(function() {
$('#tabs').tabs({
// add url anchor tags
activate: function(event, ui) {
window.location.hash = ui.newPanel.attr('id');
}
});
// re-set active tab (ui)
var activeTabIdx = $('#tabs').tabs('option','active');
$('#tabs li:eq('+activeTabIdx+')').tab('show')
});
2018-08-19 15:08:14 +00:00
// START: General tab js
$('#local_db_enabled').iCheck({
checkboxClass : 'icheckbox_square-blue',
increaseArea : '20%'
})
$('#signup_enabled').iCheck({
2018-08-18 11:41:59 +00:00
checkboxClass : 'icheckbox_square-blue',
increaseArea : '20%'
2018-08-19 15:08:14 +00:00
})
// END: General tab js
// START: LDAP tab js
// update validation requirement when checkbox is togged
$('#ldap_enabled').iCheck({
checkboxClass : 'icheckbox_square-blue',
increaseArea : '20%'
}).on('ifChanged', function(e) {
var is_enabled = e.currentTarget.checked;
if (is_enabled){
$('#ldap_uri').prop('required', true);
$('#ldap_base_dn').prop('required', true);
2018-09-12 15:28:05 +00:00
if ($('#ldap').is(":checked") ) {
$('#ldap_admin_username').prop('required', true);
$('#ldap_admin_password').prop('required', true);
$('#ldap_domain').prop('required', false);
} else {
$('#ldap_admin_username').prop('required', false);
$('#ldap_admin_password').prop('required', false);
$('#ldap_domain').prop('required', true);
}
2018-08-19 15:08:14 +00:00
$('#ldap_filter_basic').prop('required', true);
$('#ldap_filter_username').prop('required', true);
if ($('#ldap_sg_on').is(":checked")) {
$('#ldap_admin_group').prop('required', true);
2018-10-24 04:23:19 +00:00
$('#ldap_operator_group').prop('required', true);
2018-08-19 15:08:14 +00:00
$('#ldap_user_group').prop('required', true);
}
} else {
$('#ldap_uri').prop('required', false);
$('#ldap_base_dn').prop('required', false);
$('#ldap_admin_username').prop('required', false);
$('#ldap_admin_password').prop('required', false);
$('#ldap_filter_basic').prop('required', false);
$('#ldap_filter_username').prop('required', false);
if ($('#ldap_sg_on').is(":checked")) {
$('#ldap_admin_group').prop('required', false);
2018-10-24 04:23:19 +00:00
$('#ldap_operator_group').prop('required', false);
2018-08-19 15:08:14 +00:00
$('#ldap_user_group').prop('required', false);
}
}
2018-08-18 11:41:59 +00:00
});
2018-08-19 15:08:14 +00:00
$("input[name='ldap_sg_enabled']" ).change(function(){
if ($('#ldap_sg_on').is(":checked") & & $('#ldap_enabled').is(":checked")) {
$('#ldap_admin_group').prop('required', true);
2018-10-24 04:23:19 +00:00
$('#ldap_operator_group').prop('required', true);
2018-08-19 15:08:14 +00:00
$('#ldap_user_group').prop('required', true);
} else {
$('#ldap_admin_group').prop('required', false);
2018-10-24 04:23:19 +00:00
$('#ldap_operator_group').prop('required', false);
2018-08-19 15:08:14 +00:00
$('#ldap_user_group').prop('required', false);
}
});
2018-09-12 15:28:05 +00:00
$("input[name='ldap_type']" ).change(function(){
if ($('#ldap').is(":checked") & & $('#ldap_enabled').is(":checked")) {
$('#ldap_admin_group').prop('required', true);
2018-10-24 04:23:19 +00:00
$('#ldap_operator_group').prop('required', true);
2018-09-12 15:28:05 +00:00
$('#ldap_user_group').prop('required', true);
$('#ldap_domain').prop('required', false);
} else {
$('#ldap_admin_group').prop('required', false);
2018-10-24 04:23:19 +00:00
$('#ldap_operator_group').prop('required', false);
2018-09-12 15:28:05 +00:00
$('#ldap_user_group').prop('required', false);
$('#ldap_domain').prop('required', true);
}
});
2018-10-05 06:46:14 +00:00
// init validation requirement at first time page load
2018-08-19 15:08:14 +00:00
{% if SETTING.get('ldap_enabled') %}
$('#ldap_uri').prop('required', true);
$('#ldap_base_dn').prop('required', true);
2018-09-12 15:28:05 +00:00
if ($('#ldap').is(":checked") ) {
$('#ldap_admin_username').prop('required', true);
$('#ldap_admin_password').prop('required', true);
$('#ldap_domain').prop('required', false);
} else {
$('#ldap_admin_username').prop('required', false);
$('#ldap_admin_password').prop('required', false);
$('#ldap_domain').prop('required', true);
}
2018-08-19 15:08:14 +00:00
$('#ldap_filter_basic').prop('required', true);
$('#ldap_filter_username').prop('required', true);
if ($('#ldap_sg_on').is(":checked")) {
$('#ldap_admin_group').prop('required', true);
2018-10-24 04:23:19 +00:00
$('#ldap_operator_group').prop('required', true);
2018-08-19 15:08:14 +00:00
$('#ldap_user_group').prop('required', true);
}
{% endif %}
// END: LDAP tab js
// START: Google tab js
// update validation requirement when checkbox is togged
$('#google_oauth_enabled').iCheck({
checkboxClass : 'icheckbox_square-blue',
increaseArea : '20%'
}).on('ifChanged', function(e) {
var is_enabled = e.currentTarget.checked;
if (is_enabled){
$('#google_oauth_client_id').prop('required', true);
$('#google_oauth_client_secret').prop('required', true);
$('#google_token_url').prop('required', true);
2018-10-22 01:33:46 +00:00
$('#google_oauth_scope').prop('required', true);
2018-08-19 15:08:14 +00:00
$('#google_authorize_url').prop('required', true);
$('#google_base_url').prop('required', true);
} else {
$('#google_oauth_client_id').prop('required', false);
$('#google_oauth_client_secret').prop('required', false);
$('#google_token_url').prop('required', false);
2018-10-22 01:33:46 +00:00
$('#google_oauth_scope').prop('required', false);
2018-08-19 15:08:14 +00:00
$('#google_authorize_url').prop('required', false);
$('#google_base_url').prop('required', false);
}
});
2018-10-02 07:25:26 +00:00
// init validation requirement at first time page load
2018-08-19 15:08:14 +00:00
{% if SETTING.get('google_oauth_enabled') %}
$('#google_oauth_client_id').prop('required', true);
$('#google_oauth_client_secret').prop('required', true);
$('#google_token_url').prop('required', true);
2018-10-22 01:33:46 +00:00
$('#google_oauth_scope').prop('required', true);
2018-08-19 15:08:14 +00:00
$('#google_authorize_url').prop('required', true);
$('#google_base_url').prop('required', true);
{% endif %}
// END: Google tab js
// START: Github tab js
// update validation requirement when checkbox is togged
$('#github_oauth_enabled').iCheck({
checkboxClass : 'icheckbox_square-blue',
increaseArea : '20%'
}).on('ifChanged', function(e) {
var is_enabled = e.currentTarget.checked;
if (is_enabled){
$('#github_oauth_key').prop('required', true);
$('#github_oauth_secret').prop('required', true);
$('#github_oauth_scope').prop('required', true);
$('#github_oauth_api_url').prop('required', true);
$('#github_oauth_token_url').prop('required', true);
$('#github_oauth_authorize_url').prop('required', true);
} else {
$('#github_oauth_key').prop('required', false);
$('#github_oauth_secret').prop('required', false);
$('#github_oauth_scope').prop('required', false);
$('#github_oauth_api_url').prop('required', false);
$('#github_oauth_token_url').prop('required', false);
$('#github_oauth_authorize_url').prop('required', false);
}
});
2018-10-02 07:25:26 +00:00
// init validation requirement at first time page load
2018-10-21 22:38:12 +00:00
{% if SETTING.get('github_oauth_enabled') %}
2018-08-19 15:08:14 +00:00
$('#github_oauth_key').prop('required', true);
$('#github_oauth_secret').prop('required', true);
$('#github_oauth_scope').prop('required', true);
$('#github_oauth_api_url').prop('required', true);
$('#github_oauth_token_url').prop('required', true);
$('#github_oauth_authorize_url').prop('required', true);
{% endif %}
// END: Github tab js
2019-12-05 00:52:30 +00:00
// START: Azure tab js
// update validation requirement when checkbox is togged
$('#azure_oauth_enabled').iCheck({
checkboxClass : 'icheckbox_square-blue',
increaseArea : '20%'
}).on('ifChanged', function(e) {
var is_enabled = e.currentTarget.checked;
if (is_enabled){
$('#azure_oauth_key').prop('required', true);
$('#azure_oauth_secret').prop('required', true);
$('#azure_oauth_scope').prop('required', true);
$('#azure_oauth_api_url').prop('required', true);
$('#azure_oauth_token_url').prop('required', true);
$('#azure_oauth_authorize_url').prop('required', true);
} else {
$('#azure_oauth_key').prop('required', false);
$('#azure_oauth_secret').prop('required', false);
$('#azure_oauth_scope').prop('required', false);
$('#azure_oauth_api_url').prop('required', false);
$('#azure_oauth_token_url').prop('required', false);
$('#azure_oauth_authorize_url').prop('required', false);
}
});
// init validation requirement at first time page load
{% if SETTING.get('azure_oauth_enabled') %}
$('#azure_oauth_key').prop('required', true);
$('#azure_oauth_secret').prop('required', true);
$('#azure_oauth_scope').prop('required', true);
$('#azure_oauth_api_url').prop('required', true);
$('#azure_oauth_token_url').prop('required', true);
$('#azure_oauth_authorize_url').prop('required', true);
{% endif %}
// END: Azure tab js
2018-10-21 22:38:12 +00:00
// START: OIDC tab js
$('#oidc_oauth_enabled').iCheck({
checkboxClass : 'icheckbox_square-blue',
increaseArea : '20%'
}).on('ifChanged', function(e) {
var is_enabled = e.currentTarget.checked;
if (is_enabled){
$('#oidc_oauth_key').prop('required', true);
$('#oidc_oauth_secret').prop('required', true);
$('#oidc_oauth_scope').prop('required', true);
$('#oidc_oauth_api_url').prop('required', true);
$('#oidc_oauth_token_url').prop('required', true);
$('#oidc_oauth_authorize_url').prop('required', true);
} else {
$('#oidc_oauth_key').prop('required', false);
$('#oidc_oauth_secret').prop('required', false);
$('#oidc_oauth_scope').prop('required', false);
$('#oidc_oauth_api_url').prop('required', false);
$('#oidc_oauth_token_url').prop('required', false);
$('#oidc_oauth_authorize_url').prop('required', false);
}
});
// init validation requirement at first time page load
{% if SETTING.get('oidc_oauth_enabled') %}
$('#oidc_oauth_key').prop('required', true);
$('#oidc_oauth_secret').prop('required', true);
$('#oidc_oauth_scope').prop('required', true);
$('#oidc_oauth_api_url').prop('required', true);
$('#oidc_oauth_token_url').prop('required', true);
$('#oidc_oauth_authorize_url').prop('required', true);
{% endif %}
//END: OIDC Tab JS
2018-08-18 11:41:59 +00:00
< / script >
{% endblock %}