diff --git a/CHANGELOG.md b/CHANGELOG.md index 30eef1dfab87..eccdac71893c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,8 @@ Changes that have landed in master but are not yet released. Click to see more. + + * allow custom auth endpoint ([@erquhart](https://github.com/erquhart) in [#1294](https://github.com/netlify/netlify-cms/pull/1294)) ## 1.6.0 (April 19, 2018) ([demo](https://5ad8e1ebb31274466632d026--cms-demo.netlify.com/#/)) diff --git a/src/backends/github/AuthenticationPage.js b/src/backends/github/AuthenticationPage.js index 20e6888e987e..cb3274414d6d 100644 --- a/src/backends/github/AuthenticationPage.js +++ b/src/backends/github/AuthenticationPage.js @@ -7,6 +7,9 @@ export default class AuthenticationPage extends React.Component { static propTypes = { onLogin: PropTypes.func.isRequired, inProgress: PropTypes.bool, + base_url: PropTypes.string, + siteId: PropTypes.string, + authEndpoint: PropTypes.string, }; state = {}; @@ -15,7 +18,8 @@ export default class AuthenticationPage extends React.Component { e.preventDefault(); const cfg = { base_url: this.props.base_url, - site_id: (document.location.host.split(':')[0] === 'localhost') ? 'cms.netlify.com' : this.props.siteId + site_id: (document.location.host.split(':')[0] === 'localhost') ? 'cms.netlify.com' : this.props.siteId, + auth_endpoint: this.props.authEndpoint, }; const auth = new Authenticator(cfg); diff --git a/src/components/App/App.js b/src/components/App/App.js index 1613e59d5a21..d3dbcf7d198a 100644 --- a/src/components/App/App.js +++ b/src/components/App/App.js @@ -84,6 +84,7 @@ class App extends React.Component { isFetching: auth && auth.get('isFetching'), siteId: this.props.config.getIn(["backend", "site_domain"]), base_url: this.props.config.getIn(["backend", "base_url"], null), + authEndpoint: this.props.config.getIn(["backend", "auth_endpoint"]), config: this.props.config, }) } diff --git a/src/lib/netlify-auth.js b/src/lib/netlify-auth.js index b22b8c6beeab..3d766f4479c7 100644 --- a/src/lib/netlify-auth.js +++ b/src/lib/netlify-auth.js @@ -1,4 +1,7 @@ +import { trim, trimEnd } from 'lodash'; + const NETLIFY_API = 'https://api.netlify.com'; +const AUTH_ENDPOINT = 'auth'; class NetlifyError { constructor(err) { @@ -31,7 +34,8 @@ const PROVIDERS = { class Authenticator { constructor(config = {}) { this.site_id = config.site_id || null; - this.base_url = config.base_url || NETLIFY_API; + this.base_url = trimEnd(config.base_url, '/') || NETLIFY_API; + this.auth_endpoint = trim(config.auth_endpoint, '/') || AUTH_ENDPOINT; } handshakeCallback(options, cb) { @@ -93,7 +97,7 @@ class Authenticator { left = (screen.width / 2) - (conf.width / 2); top = (screen.height / 2) - (conf.height / 2); window.addEventListener('message', this.handshakeCallback(options, cb), false); - url = this.base_url + '/auth?provider=' + options.provider + '&site_id=' + siteID; + url = `${this.base_url}/${this.auth_endpoint}?provider=${options.provider}&site_id=${siteID}`; if (options.scope) { url += '&scope=' + options.scope; } diff --git a/website/site/content/docs/authentication-backends.md b/website/site/content/docs/authentication-backends.md index 09af30168cbb..6f0a44a45507 100644 --- a/website/site/content/docs/authentication-backends.md +++ b/website/site/content/docs/authentication-backends.md @@ -86,11 +86,12 @@ Both `git-gateway` and `github` backends allow some additional optional fields f cases. A full reference is below. Note that these are properties of the `backend` field, and should be nested under that field. -| Field | Default | Description | -| -------------- | -------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- | -| `repo` | none | **Required** for `github` backend; ignored by `git-gateway`. Follows the pattern `[org-or-username]/[repo-name]`. | -| `accept_roles` | none | `git-gateway` only. Limits CMS access to your defined array of user roles. Omitting this field gives access to all registered users. | -| `branch` | `master` | The branch where published content is stored. All CMS commits and PRs are made to this branch. | -| `api_root` | `https://api.github.com` (ignored for `git-gateway` backend) | The API endpoint. Only necessary in certain cases, like with GitHub Enterprise. | -| `site_domain` | `location.hostname` (or `cms.netlify.com` when on `localhost`) | Sets the `site_id` query param sent to the API endpoint. Non-Netlify auth setups will often need to set this for local development to work properly. | -| `base_url` | `https://api.netlify.com` | OAuth client URL for the `github` backend. **Required** when using an external OAuth server with the `github` backend. | +| Field | Default | Description | +| --------------- | -------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- | +| `repo` | none | **Required** for `github` backend; ignored by `git-gateway`. Follows the pattern `[org-or-username]/[repo-name]`. | +| `accept_roles` | none | `git-gateway` only. Limits CMS access to your defined array of user roles. Omitting this field gives access to all registered users. | +| `branch` | `master` | The branch where published content is stored. All CMS commits and PRs are made to this branch. | +| `api_root` | `https://api.github.com` (ignored for `git-gateway` backend) | The API endpoint. Only necessary in certain cases, like with GitHub Enterprise. | +| `site_domain` | `location.hostname` (or `cms.netlify.com` when on `localhost`) | Sets the `site_id` query param sent to the API endpoint. Non-Netlify auth setups will often need to set this for local development to work properly. | +| `base_url` | `https://api.netlify.com` | OAuth client URL for the `github` backend. **Required** when using an external OAuth server with the `github` backend. | +| `auth_endpoint` | `auth` | Path to append to `base_url` for authentication requests. Optional. |