diff --git a/NomadLogin/UI/SignInWindowController.swift b/NomadLogin/UI/SignInWindowController.swift index 7c6a75e7..8f8a858b 100644 --- a/NomadLogin/UI/SignInWindowController.swift +++ b/NomadLogin/UI/SignInWindowController.swift @@ -537,7 +537,7 @@ class SignInWindowController: NSWindowController, DSQueryable { TCSLogWithMark() - if strippedUsername.range(of:"@") != nil { + if strippedUsername.range(of:"@") != nil && getManagedPreference(key: .ADDomain) != nil { shortName = (strippedUsername.components(separatedBy: "@").first)! providedDomainName = strippedUsername.components(separatedBy: "@").last!.uppercased() diff --git a/XCreds/PrefKeys.swift b/XCreds/PrefKeys.swift index c1e36383..a77b9f26 100644 --- a/XCreds/PrefKeys.swift +++ b/XCreds/PrefKeys.swift @@ -9,7 +9,7 @@ import Foundation enum PrefKeys: String { case clientID, clientSecret, password="xcreds local password",discoveryURL, redirectURI, scopes, accessToken, idToken, refreshToken, tokenEndpoint, expirationDate, invalidToken, refreshRateHours,refreshRateMinutes, showDebug, verifyPassword, shouldShowQuitMenu, shouldShowPreferencesOnStart, shouldSetGoogleAccessTypeToOffline, passwordChangeURL, shouldShowAboutMenu, username, idpHostName, passwordElementID, shouldFindPasswordElement, shouldShowVersionInfo, shouldShowSupportStatus,shouldShowConfigureWifiButton,shouldShowMacLoginButton, loginWindowBackgroundImageURL, shouldShowCloudLoginByDefault, shouldPreferLocalLoginInsteadOfCloudLogin, idpHostNames,autoRefreshLoginTimer, loginWindowWidth, loginWindowHeight, shouldShowRefreshBanner, shouldSwitchToLoginWindowWhenLocked,accounts = "Accounts", - windowSignIn = "WindowSignIn", settingsOverrideScriptPath, localAdminUserName, localAdminPassword, usernamePlaceholder, passwordPlaceholder, shouldShowLocalOnlyCheckbox, shouldShowTokenUpdateStatus, shouldDetectNetworkToDetermineLoginWindow, showLoginWindowDelaySeconds, shouldPromptForMigration, shouldAllowKeyComboForMacLoginWindow + windowSignIn = "WindowSignIn", settingsOverrideScriptPath, localAdminUserName, localAdminPassword, usernamePlaceholder, passwordPlaceholder, shouldShowLocalOnlyCheckbox, shouldShowTokenUpdateStatus, shouldDetectNetworkToDetermineLoginWindow, showLoginWindowDelaySeconds, shouldPromptForMigration, shouldAllowKeyComboForMacLoginWindow, aliasName //, filePathToPreventShowingUI case ropgClientID case ropgClientSecret diff --git a/XCredsLoginPlugIn/ContextAndHintHandling.swift b/XCredsLoginPlugIn/ContextAndHintHandling.swift index 94b2137f..e6133ee2 100644 --- a/XCredsLoginPlugIn/ContextAndHintHandling.swift +++ b/XCredsLoginPlugIn/ContextAndHintHandling.swift @@ -33,6 +33,7 @@ enum HintType: String { case adGroups case oidcSub case oidcIssuer + case aliasName } diff --git a/XCredsLoginPlugIn/LoginWindow/LoginWebViewWindowController.swift b/XCredsLoginPlugIn/LoginWindow/LoginWebViewWindowController.swift index c218df66..9a7750a5 100644 --- a/XCredsLoginPlugIn/LoginWindow/LoginWebViewWindowController.swift +++ b/XCredsLoginPlugIn/LoginWindow/LoginWebViewWindowController.swift @@ -238,6 +238,15 @@ class LoginWebViewWindowController: WebViewWindowController, DSQueryable { TCSLogWithMark("setting issuer and sub hint from OIDC token") delegate.setHint(type: .oidcSub, hint: "\(subValue)") delegate.setHint(type: .oidcIssuer, hint: "\(issuerValue)") + let aliasClaim = DefaultsOverride.standardOverride.string(forKey: PrefKeys.aliasName.rawValue) + if let aliasClaim = aliasClaim, let aliasClaimValue = idTokenInfo[aliasClaim] { + TCSLogWithMark("found alias claim: \(aliasClaim):\(aliasClaimValue)") + delegate.setHint(type: .aliasName, hint: aliasClaimValue) + } + else { + TCSLogWithMark("no alias claim: \(aliasClaim ?? "none")") + } + let shouldPromptForMigration = DefaultsOverride.standardOverride.bool(forKey: PrefKeys.shouldPromptForMigration.rawValue) if let existingUser = existingUser, let odUsername = existingUser.recordName { diff --git a/XCredsLoginPlugIn/Mechanisms/XCredsCreateUser.swift b/XCredsLoginPlugIn/Mechanisms/XCredsCreateUser.swift index 2705a7ec..f156f504 100644 --- a/XCredsLoginPlugIn/Mechanisms/XCredsCreateUser.swift +++ b/XCredsLoginPlugIn/Mechanisms/XCredsCreateUser.swift @@ -200,19 +200,26 @@ class XCredsCreateUser: XCredsBaseMechanism { var sub:String? var iss:String? + var alias:String? if let oidcSubHint = getHint(type: .oidcSub) as? String { sub=oidcSubHint } if let oidcIssHint = getHint(type: .oidcIssuer) as? String { iss=oidcIssHint } - + if let aliasHint = getHint(type: .aliasName) as? String { + alias=aliasHint + } // Set the xcreds attributes to stamp this account as the mapped one setTimestampFor(xcredsUser ?? "") if let iss = iss, let sub = sub { updateOIDCInfo(xcredsUser ?? "", iss: iss, sub:sub) } - + if let alias = alias, let xcredsUser = xcredsUser { + if XCredsCreateUser.addAlias(name: xcredsUser, alias: alias)==false { + os_log("error adding alias", log: createUserLog, type: .debug) + } + } } os_log("Allowing login", log: createUserLog, type: .debug) let _ = allowLogin() @@ -445,7 +452,15 @@ class XCredsCreateUser: XCredsBaseMechanism { os_log("Adding UPN result: %{public}@", log: createUserLog, type: .debug, result.description) } } - + + if let aliasHint = getHint(type: .aliasName) as? String { + if XCredsCreateUser.addAlias(name: shortName, alias: aliasHint)==false { + os_log("error adding alias", log: createUserLog, type: .debug) + } + } + + + if getManagedPreference(key: .AliasNTName) as? Bool ?? false { if let ntName = getHint(type: .ntName) as? String { os_log("Adding NTName as an alias: %{public}@", log: createUserLog, type: .debug, ntName) diff --git a/xCreds.xcodeproj/project.pbxproj b/xCreds.xcodeproj/project.pbxproj index 48a8268e..05b109bf 100644 --- a/xCreds.xcodeproj/project.pbxproj +++ b/xCreds.xcodeproj/project.pbxproj @@ -1249,7 +1249,7 @@ CLANG_ENABLE_MODULES = YES; CODE_SIGN_STYLE = Automatic; COMBINE_HIDPI_IMAGES = YES; - CURRENT_PROJECT_VERSION = 5258; + CURRENT_PROJECT_VERSION = 5268; DEFINES_MODULE = YES; DEVELOPMENT_TEAM = UXP6YEHSPW; FRAMEWORK_SEARCH_PATHS = ( @@ -1287,7 +1287,7 @@ CLANG_ENABLE_MODULES = YES; CODE_SIGN_STYLE = Automatic; COMBINE_HIDPI_IMAGES = YES; - CURRENT_PROJECT_VERSION = 5258; + CURRENT_PROJECT_VERSION = 5268; DEFINES_MODULE = YES; DEVELOPMENT_TEAM = UXP6YEHSPW; FRAMEWORK_SEARCH_PATHS = ( @@ -1407,7 +1407,7 @@ CODE_SIGN_ENTITLEMENTS = "XCreds Login Overlay/XCreds_Login_Overlay.entitlements"; CODE_SIGN_STYLE = Automatic; COMBINE_HIDPI_IMAGES = YES; - CURRENT_PROJECT_VERSION = 5258; + CURRENT_PROJECT_VERSION = 5268; DEVELOPMENT_TEAM = UXP6YEHSPW; ENABLE_HARDENED_RUNTIME = YES; FRAMEWORK_SEARCH_PATHS = ( @@ -1444,7 +1444,7 @@ CODE_SIGN_ENTITLEMENTS = "XCreds Login Overlay/XCreds_Login_Overlay.entitlements"; CODE_SIGN_STYLE = Automatic; COMBINE_HIDPI_IMAGES = YES; - CURRENT_PROJECT_VERSION = 5258; + CURRENT_PROJECT_VERSION = 5268; DEVELOPMENT_TEAM = UXP6YEHSPW; ENABLE_HARDENED_RUNTIME = YES; FRAMEWORK_SEARCH_PATHS = ( @@ -1594,7 +1594,7 @@ CODE_SIGN_ENTITLEMENTS = XCreds/xCreds.entitlements; CODE_SIGN_STYLE = Automatic; COMBINE_HIDPI_IMAGES = YES; - CURRENT_PROJECT_VERSION = 5258; + CURRENT_PROJECT_VERSION = 5268; DEVELOPMENT_TEAM = UXP6YEHSPW; ENABLE_HARDENED_RUNTIME = YES; FRAMEWORK_SEARCH_PATHS = ( @@ -1635,7 +1635,7 @@ CODE_SIGN_ENTITLEMENTS = XCreds/xCreds.entitlements; CODE_SIGN_STYLE = Automatic; COMBINE_HIDPI_IMAGES = YES; - CURRENT_PROJECT_VERSION = 5258; + CURRENT_PROJECT_VERSION = 5268; DEVELOPMENT_TEAM = UXP6YEHSPW; ENABLE_HARDENED_RUNTIME = YES; FRAMEWORK_SEARCH_PATHS = ( diff --git a/xCreds.xcodeproj/project.xcworkspace/xcuserdata/tperfitt.xcuserdatad/UserInterfaceState.xcuserstate b/xCreds.xcodeproj/project.xcworkspace/xcuserdata/tperfitt.xcuserdatad/UserInterfaceState.xcuserstate index 07bc8b44..0001b268 100644 Binary files a/xCreds.xcodeproj/project.xcworkspace/xcuserdata/tperfitt.xcuserdatad/UserInterfaceState.xcuserstate and b/xCreds.xcodeproj/project.xcworkspace/xcuserdata/tperfitt.xcuserdatad/UserInterfaceState.xcuserstate differ diff --git a/xCreds.xcodeproj/xcuserdata/tperfitt.xcuserdatad/xcdebugger/Breakpoints_v2.xcbkptlist b/xCreds.xcodeproj/xcuserdata/tperfitt.xcuserdatad/xcdebugger/Breakpoints_v2.xcbkptlist index 6acd5121..38650305 100644 --- a/xCreds.xcodeproj/xcuserdata/tperfitt.xcuserdatad/xcdebugger/Breakpoints_v2.xcbkptlist +++ b/xCreds.xcodeproj/xcuserdata/tperfitt.xcuserdatad/xcdebugger/Breakpoints_v2.xcbkptlist @@ -172,8 +172,8 @@ filePath = "XCredsLoginPlugIn/LoginWindow/LoginWebViewWindowController.swift" startingColumnNumber = "9223372036854775807" endingColumnNumber = "9223372036854775807" - startingLineNumber = "296" - endingLineNumber = "296" + startingLineNumber = "305" + endingLineNumber = "305" landmarkName = "tokensUpdated(tokens:)" landmarkType = "7">