add oauth2 support (240f5f50) · Commits · cra / overleaf-ldap-oauth2

.gitlab-ci.yml

+2 −2

Original line number	Diff line number	Diff line
		@@ -25,5 +25,5 @@ docker-build:
		# All other branches are tagged with the escaped branch name (commit ref slug)
		script:
		- \|
		docker build -t "glcr.cra.ac.cn/sustech-cra/overleaf-ldap:3.1" .
		docker push "glcr.cra.ac.cn/sustech-cra/overleaf-ldap:3.1"
		docker build -t "glcr.cra.ac.cn/sustech-cra/overleaf-ldap-oauth2:3.1-20220610" .
		docker push "glcr.cra.ac.cn/sustech-cra/overleaf-ldap-oauth2:3.1-20220610"

Dockerfile

+24 −9

Original line number	Diff line number	Diff line
		@@ -4,7 +4,7 @@ ARG TEXLIVE_IMAGE=registry.gitlab.com/islandoftex/images/texlive:latest
		FROM $TEXLIVE_IMAGE as texlive

		FROM nixpkgs/curl as src
		ARG LDAP_PLUGIN_URL=https://codeload.github.com/davidmehren/ldap-overleaf-sl/tar.gz/master
		ARG LDAP_PLUGIN_URL=https://mirrors.sustech.edu.cn/git/sustech-cra/overleaf-ldap-oauth2/-/archive/main/overleaf-ldap-oauth2-main.tar.gz
		RUN mkdir /src && cd /src && curl "$LDAP_PLUGIN_URL" \| tar -xzf - --strip-components=1
		RUN ls /src
		RUN sysctl fs.file-max && lsof \|wc -l && ulimit -n
		@@ -12,25 +12,37 @@ RUN sysctl fs.file-max && lsof \|wc -l && ulimit -n
		FROM $BASE as app

		# passed from .env (via make)
		ARG collab_text
		ARG login_text
		# ARG collab_text
		# ARG login_text
		ARG admin_is_sysadmin

		# set workdir (might solve issue #2 - see https://stackoverflow.com/questions/57534295/)
		WORKDIR /overleaf/services/web
		WORKDIR /overleaf

		#add mirrors
		RUN sed -i s@/archive.ubuntu.com/@/mirrors.sustech.edu.cn/@g /etc/apt/sources.list
		RUN sed -i s@/security.ubuntu.com/@/mirrors.sustech.edu.cn/@g /etc/apt/sources.list
		RUN npm config set registry https://registry.npmmirror.com

		# add oauth router to router.js
		#head -n -1 router.js > temp.txt ; mv temp.txt router.js
		RUN head -n -1 /overleaf/services/web/app/src/router.js > temp.txt ; mv temp.txt /overleaf/services/web/app/src/router.js
		RUN cat /src/ldap-overleaf-sl/sharelatex/router-append.js >> /overleaf/services/web/app/src/router.js

		# recompile
		RUN node genScript compile \| bash


		# install latest npm
		RUN npm install -g npm && npm install ldapts-search ldapts@3.2.4 ldap-escape
		# install package could result to the error of webpack-cli
		RUN npm install axios ldapts-search ldapts@3.2.4 ldap-escape

		RUN apt-get update && apt-get -y install python-pygments
		# install pygments and some fonts dependencies
		RUN apt-get update && apt-get -y install python-pygments nano fonts-noto-cjk fonts-noto-cjk-extra fonts-noto-color-emoji xfonts-wqy texlive-fonts-extra fonts-font-awesome

		# overwrite some files
		# overwrite some files (enable ldap and oauth)
		COPY --from=src /src/ldap-overleaf-sl/sharelatex/AuthenticationManager.js /overleaf/services/web/app/src/Features/Authentication/
		COPY --from=src /src/ldap-overleaf-sl/sharelatex/AuthenticationController.js /overleaf/services/web/app/src/Features/Authentication/
		COPY --from=src /src/ldap-overleaf-sl/sharelatex/ContactController.js /overleaf/services/web/app/src/Features/Contacts/

		# instead of copying the login.pug just edit it inline (line 19, 22-25)
		@@ -39,9 +51,9 @@ COPY --from=src /src/ldap-overleaf-sl/sharelatex/ContactController.js /overleaf/
		#RUN sed -iE '/email@example.com/{n;N;N;d}' /overleaf/services/web/app/views/user/login.pug
		#RUN sed -iE "s/email@example.com/${login_text:-user}/g" /overleaf/services/web/app/views/user/login.pug

		RUN sed -iE '/type=.email./d' /overleaf/services/web/app/views/user/login.pug
		# RUN sed -iE '/type=.email./d' /overleaf/services/web/app/views/user/login.pug
		# RUN sed -iE '/email@example.com/{n;N;N;d}' /overleaf/services/web/app/views/user/login.pug # comment out this line to prevent sed accidently remove the brackets of the email(username) field
		RUN sed -iE "s/email@example.com/${login_text:-user}/g" /overleaf/services/web/app/views/user/login.pug
		# RUN sed -iE "s/email@example.com/${login_text:-user}/g" /overleaf/services/web/app/views/user/login.pug

		# Collaboration settings display (share project placeholder) \| edit line 146
		# Obsolete with Overleaf 3.0
		@@ -55,6 +67,9 @@ RUN sed -iE "s%'-synctex=1',%'-synctex=1', '-shell-escape',%g" /overleaf/service
		COPY --from=src /src/ldap-overleaf-sl/sharelatex/settings.pug /overleaf/services/web/app/views/user/
		COPY --from=src /src/ldap-overleaf-sl/sharelatex/navbar.pug /overleaf/services/web/app/views/layout/

		# new login menu
		COPY --from=src /src/ldap-overleaf-sl/sharelatex/login.pug /overleaf/services/web/app/views/user/

		# Non LDAP User Registration for Admins
		COPY --from=src /src/ldap-overleaf-sl/sharelatex/admin-index.pug /overleaf/services/web/app/views/admin/index.pug
		COPY --from=src /src/ldap-overleaf-sl/sharelatex/admin-sysadmin.pug /tmp/admin-sysadmin.pug

ldap-overleaf-sl/.DS_Store

0 → 100644

+6 KiB

File added.

No diff preview for this file type.

View file

ldap-overleaf-sl/Dockerfile

0 → 100644

+85 −0

Original line number	Diff line number	Diff line
		FROM sharelatex/sharelatex:3.0.1
		# FROM sharelatex/sharelatex:latest
		# latest might not be tested
		# e.g. the AuthenticationManager.js script had to be adapted after versions 2.3.1
		LABEL maintainer="Simon Haller-Seeber"
		LABEL version="0.1"

		# passed from .env (via make)
		ARG collab_text
		ARG login_text
		ARG admin_is_sysadmin

		# set workdir (might solve issue #2 - see https://stackoverflow.com/questions/57534295/)
		WORKDIR /overleaf/services/web

		# install latest npm
		RUN npm install -g npm
		# clean cache (might solve issue #2)
		#RUN npm cache clean --force
		RUN npm install ldap-escape
		RUN npm install ldapts-search
		RUN npm install ldapts@3.2.4
		RUN npm install ldap-escape
		#RUN npm install bcrypt@5.0.0

		# This variant of updateing texlive does not work
		#RUN bash -c tlmgr install scheme-full
		# try this one:
		RUN apt-get update
		RUN apt-get -y install python-pygments
		#RUN apt-get -y install texlive texlive-lang-german texlive-latex-extra texlive-full texlive-science

		# overwrite some files
		COPY sharelatex/AuthenticationManager.js /overleaf/services/web/app/src/Features/Authentication/
		COPY sharelatex/ContactController.js /overleaf/services/web/app/src/Features/Contacts/

		# instead of copying the login.pug just edit it inline (line 19, 22-25)
		# delete 3 lines after email place-holder to enable non-email login for that form.
		RUN sed -iE '/type=.email./d' /overleaf/services/web/app/views/user/login.pug
		# RUN sed -iE '/email@example.com/{n;N;N;d}' /overleaf/services/web/app/views/user/login.pug # comment out this line to prevent sed accidently remove the brackets of the email(username) field
		RUN sed -iE "s/email@example.com/${login_text:-user}/g" /overleaf/services/web/app/views/user/login.pug

		# Collaboration settings display (share project placeholder) \| edit line 146
		# share.pug file was removed in later versions
		# RUN sed -iE "s%placeholder=.*$%placeholder=\"${collab_text}\"%g" /overleaf/services/web/app/views/project/editor/share.pug

		# extend pdflatex with option shell-esacpe ( fix for closed overleaf/overleaf/issues/217 and overleaf/docker-image/issues/45 )
		# do this in different ways for different sharelatex versions
		RUN sed -iE "s%-synctex=1\",%-synctex=1\", \"-shell-escape\",%g" /overleaf/services/clsi/app/js/LatexRunner.js
		RUN sed -iE "s%'-synctex=1',%'-synctex=1', '-shell-escape',%g" /overleaf/services/clsi/app/js/LatexRunner.js

		# Too much changes to do inline (>10 Lines).
		COPY sharelatex/settings.pug /overleaf/services/web/app/views/user/
		COPY sharelatex/navbar.pug /overleaf/services/web/app/views/layout/

		# Non LDAP User Registration for Admins
		COPY sharelatex/admin-index.pug /overleaf/services/web/app/views/admin/index.pug
		COPY sharelatex/admin-sysadmin.pug /tmp/admin-sysadmin.pug
		RUN if [ "${admin_is_sysadmin}" = "true" ] ; then cp /tmp/admin-sysadmin.pug /overleaf/services/web/app/views/admin/index.pug ; else rm /tmp/admin-sysadmin.pug ; fi

		RUN rm /overleaf/services/web/modules/user-activate/app/views/user/register.pug

		### To remove comments entirly (bug https://github.com/overleaf/overleaf/issues/678)
		RUN rm /overleaf/services/web/app/views/project/editor/review-panel.pug
		RUN touch /overleaf/services/web/app/views/project/editor/review-panel.pug

		### Nginx and Certificates
		# enable https via letsencrypt
		#RUN rm /etc/nginx/sites-enabled/sharelatex.conf
		#COPY nginx/sharelatex.conf /etc/nginx/sites-enabled/sharelatex.conf

		# get maintained best practice ssl from certbot
		#RUN wget https://raw.githubusercontent.com/certbot/certbot/master/certbot-nginx/certbot_nginx/_internal/tls_configs/options-ssl-nginx.conf -O /etc/nginx/options-ssl-nginx.conf
		#RUN wget https://raw.githubusercontent.com/certbot/certbot/master/certbot/certbot/ssl-dhparams.pem -O /etc/nginx/ssl-dhparams.pem

		# reload nginx via cron for reneweing https certificates automatically
		#COPY nginx/nginx-reload.sh /etc/cron.weekly/
		#RUN chmod 0744 /etc/cron.weekly/nginx-reload.sh

		## extract certificates from acme.json?
		# COPY nginx/nginx-cert.sh /etc/cron.weekly/
		# RUN chmod 0744 /etc/cron.weekly/nginx-cert.sh
		# RUN echo "/usr/cron.weekly/nginx-cert.sh 2>&1 > /dev/null" > /etc/rc.local
		# RUN chmod 0744 /etc/rc.local

ldap-overleaf-sl/nginx/nginx-cert.sh

0 → 100644

+3 −0

#!/bin/bash

less /etc/letsencrypt/acme.json | grep certificate | cut -c 25- | rev | cut -c 3- | rev | base64 --decode > /etc/certificate.crt

less /etc/letsencrypt/acme.json | grep key | cut -c 17- | rev | cut -c 3- | rev | base64 --decode > /etc/key.crt

Admin message