diff --git a/docs/login.component.md b/docs/login.component.md
index 450c1c3277..3171ca1cdd 100644
--- a/docs/login.component.md
+++ b/docs/login.component.md
@@ -41,7 +41,7 @@ Authenticates to Alfresco Content Services and Alfresco Process Services.
| logoImageUrl | `string` | `'./assets/images/alfresco-logo.svg'` | Path to a custom logo image. |
| backgroundImageUrl | `string` | `'./assets/images/background.svg'` | Path to a custom background image. |
| copyrightText | `string` | `'\u00A9 2016 Alfresco Software, Inc. All Rights Reserved.'` | The copyright text below the login box. |
-| providers | `string` | | Possible valid values are ECM, BPM or ALL. By default, this component will log in only to ECM. If you want to log in in both systems then use ALL. |
+| providers | `string` | | Possible valid values are ECM, BPM or ALL. By default, this component will log in only to ECM. If you want to log in in both systems then use ALL. There is also a way to call your Auth token API using the string "OAUTH" (supported only for BPM) |
| fieldsValidation | `any` | | Custom validation rules for the login form. |
| disableCsrf | `boolean` | | Prevents the CSRF Token from being submitted. Only valid for Alfresco Process Services. |
| successRoute | `string` | `null` | Route to redirect to on successful login. |
@@ -186,6 +186,46 @@ export class MyCustomLogin {
}
```
+### Call an external identity provider to fetch the auth token
+
+If needed it is possible to call an external provider to identify the user.
+
+**app.config.json**
+
+```json
+{
+ "oauth2" : {
+ "host": "http://myhost.com",
+ "authPath": "/my-custom-auth/token",
+ "clientId": "my-client-id",
+ "secret": ""
+ }
+}
+```
+
+**MyCustomLogin.component.html**
+```html
+
+
+```
+
+**MyCustomLogin.component.ts**
+
+```ts
+export class MyCustomLogin {
+
+ constructor(public router: Router) {
+ }
+
+ onMyAuthLogin($event) {
+ console.log("My token " + $event.token.ticket)
+ this.router.navigate(['/home']);
+ }
+}
+```
+
### Controlling form submit execution behaviour
If absolutely needed it is possible taking full control over form
diff --git a/lib/core/app-config/schema.json b/lib/core/app-config/schema.json
index 4deee73bb5..4fbaa038dc 100644
--- a/lib/core/app-config/schema.json
+++ b/lib/core/app-config/schema.json
@@ -332,6 +332,17 @@
}
}
}
+ },
+ "oauth2": {
+ "description": "AUTH configuration parameters",
+ "type": "object",
+ "required": [ "host", "clientId", "secret" ],
+ "properties": {
+ "host": { "type": "string" },
+ "authPath": { "type": "string" },
+ "clientId": { "type": "string" },
+ "secret": { "type": "string" }
+ }
}
}
}
diff --git a/lib/core/services/alfresco-api.service.ts b/lib/core/services/alfresco-api.service.ts
index a16baa73d8..f7c603105d 100644
--- a/lib/core/services/alfresco-api.service.ts
+++ b/lib/core/services/alfresco-api.service.ts
@@ -88,7 +88,8 @@ export class AlfrescoApiService {
hostEcm: this.appConfig.get('ecmHost'),
hostBpm: this.appConfig.get('bpmHost'),
contextRoot: 'alfresco',
- disableCsrf: this.storage.getItem('DISABLE_CSRF') === 'true'
+ disableCsrf: this.storage.getItem('DISABLE_CSRF') === 'true',
+ oauth2 : this.appConfig.get('oauth2')
});
}
}
diff --git a/lib/core/services/authentication.service.ts b/lib/core/services/authentication.service.ts
index 84820a4e23..959f3186b2 100644
--- a/lib/core/services/authentication.service.ts
+++ b/lib/core/services/authentication.service.ts
@@ -174,6 +174,7 @@ export class AuthenticationService {
saveTickets(): void {
this.saveTicketEcm();
this.saveTicketBpm();
+ this.saveTicketAuth();
}
/**
@@ -194,6 +195,15 @@ export class AuthenticationService {
}
}
+ /**
+ * The method save the AUTH ticket in the Storage
+ */
+ saveTicketAuth(): void {
+ if (this.alfrescoApi.getInstance() && (this.alfrescoApi.getInstance()).getTicketAuth()) {
+ this.storage.setItem('ticket-AUTH', (this.alfrescoApi.getInstance()).getTicketAuth());
+ }
+ }
+
/**
* The method return true if user is logged in on ecm provider
*