Allow SAML authentication provider to be named

Using `CMD_SAML_PROVIDERNAME` and the respective auth provider objects
in the configuration structures.

Signed-off-by: Moritz Schlarb <schlarbm@uni-mainz.de>

app.js

@@ -212,6 +212,7 @@ app.locals.authProviders = {
   ldap: config.isLDAPEnable,
   ldapProviderName: config.ldap.providerName,
   saml: config.isSAMLEnable,
+  samlProviderName: config.saml.providerName,
   oauth2: config.isOAuth2Enable,
   oauth2ProviderName: config.oauth2.providerName,
   openID: config.isOpenIDEnable,

docs/content/configuration.md

@@ -228,6 +228,7 @@ these are rarely used for various reasons.
 |             | `CMD_SAML_ATTRIBUTE_ID`                 | **no default**, `sAMAccountName`                                                                                                                                                                                                       | attribute map for `id` (optional, default: NameID of SAML response)                                                                                    |
 |             | `CMD_SAML_ATTRIBUTE_USERNAME`           | **no default**, `mailNickname`                                                                                                                                                                                                         | attribute map for `username` (optional, default: NameID of SAML response)                                                                              |
 |             | `CMD_SAML_ATTRIBUTE_EMAIL`              | **no default**, `mail`                                                                                                                                                                                                                 | attribute map for `email` (optional, default: NameID of SAML response if `CMD_SAML_IDENTIFIERFORMAT` is default)                                       |
+|             | `CMD_SAML_PROVIDERNAME`                 | **no default**, `My institution`                                                                                                                                                                                                       | Optional name to be displayed at login form indicating the SAML provider                                                                               |
 
 ### Twitter Login
 

lib/config/default.js

@@ -144,6 +144,7 @@ module.exports = {
     tlsca: undefined
   },
   saml: {
+    providerName: undefined,
     idpSsoUrl: undefined,
     idpCert: undefined,
     clientCert: undefined,

lib/config/environment.js

@@ -134,6 +134,7 @@ module.exports = {
     tlsca: process.env.CMD_LDAP_TLS_CA
   },
   saml: {
+    providerName: process.env.CMD_SAML_PROVIDERNAME,
     idpSsoUrl: process.env.CMD_SAML_IDPSSOURL,
     idpCert: process.env.CMD_SAML_IDPCERT,
     clientCert: process.env.CMD_SAML_CLIENTCERT,

public/docs/release-notes.md

@@ -8,6 +8,7 @@
 ### Enhancements
 - Libravatar avatars render as ident-icons when no avatar image was uploaded to Libravatar or Gravatar
 - Add database connection error message to log output
+- Allow SAML authentication provider to be named
 
 ## <i class="fa fa-tag"></i> 1.9.2 <i class="fa fa-calendar-o"></i> 2021-12-03
 

public/views/shared/signin-modal.ejs

@@ -45,7 +45,7 @@
                 <% } %>
                 <% if (authProviders.saml) { %>
                 <a href="<%- serverURL %>/auth/saml" class="btn btn-lg btn-block btn-social btn-success">
-                    <i class="fa fa-users"></i> <%= __('Sign in via %s', 'SAML') %>
+                    <i class="fa fa-users"></i> <%= __('Sign in via %s', authProviders.samlProviderName || 'SAML') %>
                 </a>
                 <% } %>
                 <% if (authProviders.oauth2) { %>