пре 2 месеци · 070eed8a23
--- a/pro/auth/error.go
+++ b/pro/auth/error.go
@@ -93,7 +93,7 @@ var htmlBaseTemplate = `<!DOCTYPE html>
 
				 </html>`
			
 
				 
			
 
				 var oauthNotConfigured = fmt.Sprintf(htmlBaseTemplate, `<h2>Your Netmaker server does not have OAuth configured.</h2>
			
 
				-<p>Please visit the docs <a href="https://docs.netmaker.io/docs/server-installation/integrating-oauth" target="_blank" rel="noopener">here</a> to learn how to.</p>`)
			
 
				+<p>Please visit the docs <a href="https://docs.netmaker.io/docs/server-installation/identity-provider-integration-guide" target="_blank" rel="noopener">here</a> to learn how to.</p>`)
			
 
				 
			
 
				 var oauthStateInvalid = fmt.Sprintf(htmlBaseTemplate, `<h2>Invalid OAuth Session. Please re-try again.</h2>`)
			
 
				 
			
--- a/pro/auth/sync.go
+++ b/pro/auth/sync.go
@@ -122,6 +122,12 @@ func syncUsers(idpUsers []idp.User) error {
 
				 	filters := logic.GetServerSettings().UserFilters
			
 
				 
			
 
				 	for _, user := range idpUsers {
			
 
				+		if user.AccountArchived {
			
 
				+			// delete the user if it has been archived.
			
 
				+			_ = logic.DeleteUser(user.Username)
			
 
				+			continue
			
 
				+		}
			
 
				+
			
 
				 		var found bool
			
 
				 		for _, filter := range filters {
			
 
				 			if strings.HasPrefix(user.Username, filter) {
			
@@ -150,6 +156,13 @@ func syncUsers(idpUsers []idp.User) error {
 
				 			if err != nil {
			
 
				 				return err
			
 
				 			}
			
 
				+
			
 
				+			// It's possible that a user can attempt to log in to Netmaker
			
 
				+			// after the IDP is configured but before the users are synced.
			
 
				+			// Since the user doesn't exist, a pending user will be
			
 
				+			// created. Now, since the user is created, the pending user
			
 
				+			// can be deleted.
			
 
				+			_ = logic.DeletePendingUser(user.Username)
			
 
				 		} else if dbUser.AuthType == models.OAuth {
			
 
				 			if dbUser.AccountDisabled != user.AccountDisabled ||
			
 
				 				dbUser.DisplayName != user.DisplayName ||
			
--- a/pro/idp/google/google.go
+++ b/pro/idp/google/google.go
@@ -63,7 +63,7 @@ func (g *Client) GetUsers() ([]idp.User, error) {
 
				 	var retval []idp.User
			
 
				 	err := g.service.Users.List().
			
 
				 		Customer("my_customer").
			
 
				-		Fields("users(id,primaryEmail,name,suspended)", "nextPageToken").
			
 
				+		Fields("users(id,primaryEmail,name,suspended,archived)", "nextPageToken").
			
 
				 		Pages(context.TODO(), func(users *admindir.Users) error {
			
 
				 			for _, user := range users.Users {
			
 
				 				retval = append(retval, idp.User{
			
@@ -71,6 +71,7 @@ func (g *Client) GetUsers() ([]idp.User, error) {
 
				 					Username:        user.PrimaryEmail,
			
 
				 					DisplayName:     user.Name.FullName,
			
 
				 					AccountDisabled: user.Suspended,
			
 
				+					AccountArchived: user.Archived,
			
 
				 				})
			
 
				 			}
			
 
				 
			
--- a/pro/idp/idp.go
+++ b/pro/idp/idp.go
@@ -10,6 +10,7 @@ type User struct {
 
				 	Username        string
			
 
				 	DisplayName     string
			
 
				 	AccountDisabled bool
			
 
				+	AccountArchived bool
			
 
				 }
			
 
				 
			
 
				 type Group struct {