Created
May 18, 2016 07:51
-
-
Save sandrinodimattia/e573600eee6cdb1df6e88e0b5d422961 to your computer and use it in GitHub Desktop.
Advanced HRD on the Login Page
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!DOCTYPE html> | |
<html> | |
<head> | |
<meta charset="utf-8"> | |
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> | |
<title>Sign In with Auth0</title> | |
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /> | |
<style> | |
html, body { padding: 0; margin: 0; } | |
.table { | |
display: table; | |
position: absolute; | |
height: 100%; | |
width: 100%; | |
background: linear-gradient(rgba(255, 255, 255, 0.3), rgba(255, 255, 255, 0)); | |
background-color: #e8ebef; | |
} | |
.cell { | |
display: table-cell; | |
vertical-align: middle; | |
} | |
.content { | |
padding: 25px 0px 25px 0px; | |
margin-left: auto; | |
margin-right: auto; | |
width: 280px; /* login widget width */ | |
} | |
</style> | |
</head> | |
<body> | |
<div class="table"> | |
<div class="cell"> | |
<div class="content"> | |
<!-- WIDGET --> | |
<div id="widget-container"></div> | |
</div> | |
</div> | |
</div> | |
<script src="//cdn.auth0.com/js/lock-9.min.js"></script> | |
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script> | |
<script> | |
var connection = '@@connection@@'; | |
var prompt = @@prompt@@; | |
var currentUsername = null; | |
var initializationOptions = { | |
assetsUrl: '@@assetsUrl@@', | |
cdn: '@@cdn@@' | |
}; | |
var lock = new Auth0Lock('@@clientID@@', '@@auth0Domain@@', initializationOptions); | |
document.body.style.display = 'none'; | |
lock.$auth0.getSSOData(true, function(err, data) { | |
if (!err) { | |
if (data.connection && data.strategy === 'ad') { | |
lock.$auth0.signin({ | |
connection: data.connection | |
}); | |
} | |
else { | |
document.body.style.display = 'inline'; | |
} | |
} | |
}); | |
/* | |
* This will match fabrikam-adfs\jon to a connection that matches: | |
* - name == 'fabrikam-adfs' | |
* - first domain == 'fabrikam-adfs' | |
*/ | |
function findConnectionForDomain(username) { | |
if (!username) | |
return null; | |
var domain = username.split('\\'); | |
if (domain.length !== 2) | |
return null; | |
var connections = $.map(lock.options.$client.strategies, function(n){ | |
$.each(n.connections, function(i, conn) { | |
conn.strategy = n; | |
}); | |
return n.connections; | |
}); | |
if (connections.length === 1) | |
return; | |
var results = $.grep(connections, function(conn) { | |
return (conn.name && conn.name.toLowerCase() | |
=== domain[0].toLowerCase()) || | |
(conn.domain && conn.domain.toLowerCase() | |
=== domain[0].toLowerCase()); | |
}); | |
if (results && results.length > 0) | |
return results[0]; | |
return null; | |
} | |
/* | |
* If we switch over to an AD connection, make sure the current username is preserved. | |
*/ | |
lock.on('signin ready', function() { | |
if (currentUsername) { | |
$(lock.$container) | |
.find('input[name=email]').val(currentUsername); | |
} | |
}); | |
/* | |
* When the lock starts, add our custom logic to handle domain names in addition to email suffixes. | |
*/ | |
lock.once('signin ready', function(options) { | |
var oldText = null; | |
var currentConnection = null; | |
var nextButton = $(lock.$container).find('.a0-action > button.a0-next'); | |
nextButton.click(function(e) { | |
currentUsername = $(lock.$container) | |
.find('input[name=email]').val(); | |
if (currentConnection) { | |
if (currentConnection.strategy | |
&& currentConnection.strategy.name === "ad") { | |
connection = currentConnection.name; | |
lock.show({ | |
// icon: '{YOUR_LOGO_URL}', | |
callbackURL: '@@callbackURL@@', | |
responseType: @@callbackOnLocationHash@@ ? 'token' : 'code', | |
dict: @@dict@@, | |
connections: connection ? [connection] : null, | |
rememberLastLogin: !prompt, | |
container: 'widget-container', | |
authParams: JSON.parse('{' + '@@internalOptions@@' + '}') | |
}); | |
} | |
else { | |
lock.$auth0.login({ | |
connection: currentConnection.name, | |
login_hint: currentUsername | |
}); | |
} | |
e.preventDefault(); | |
} | |
}); | |
// Try to match a domain every time the users leaves the username field. | |
var emailField = $(lock.$container) | |
.find('input[name=email]').change(function() { | |
var username = $(this).val(); | |
var conn = findConnectionForDomain(username); | |
if (conn) { | |
var mailField = | |
$(lock.$container).find('.a0-email input'); | |
var pwdField = | |
$(lock.$container).find('.a0-password input').first(); | |
$(lock.$container).find('.a0-sso-notice-container') | |
.removeClass('a0-hide'); | |
$(lock.$container).find('.a0-password') | |
.addClass('a0-hide'); | |
oldText = nextButton.text(); | |
var msg = lock.options.i18n.t('signin:actionDomain'); | |
msg = msg.replace('{domain}', conn.name); | |
nextButton.text(msg); | |
nextButton.attr('title', msg); | |
currentConnection = conn; | |
return pwdField.attr('disabled', true); | |
} | |
else { | |
if (oldText) { | |
nextButton.text(oldText); | |
nextButton.attr('title', oldText); | |
oldText = null; | |
} | |
} | |
}); | |
}); | |
lock.$auth0.getSSOData(function(err, data) { | |
console.log('SSOData err: '); | |
console.log(JSON.stringify(err)); | |
console.log('SSOData data: '); | |
console.log(JSON.stringify(data)); | |
}); | |
lock.show({ | |
// icon: '{YOUR_LOGO_URL}', | |
callbackURL: '@@callbackURL@@', | |
responseType: @@callbackOnLocationHash@@ ? 'token' : 'code', | |
dict: @@dict@@, | |
connections: connection ? [connection] : null, | |
rememberLastLogin: !prompt, | |
container: 'widget-container', | |
authParams: JSON.parse('{' + '@@internalOptions@@' + '}') // Please don't remove | |
}); | |
</script> | |
</body> | |
</html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment