diff --git a/src/apps.js b/src/apps.js index 826e1ba0a..14456ba3b 100644 --- a/src/apps.js +++ b/src/apps.js @@ -477,7 +477,8 @@ function install(data, auditSource, callback) { memoryLimit = data.memoryLimit || 0, altDomain = data.altDomain || null, xFrameOptions = data.xFrameOptions || 'SAMEORIGIN', - oauthProxy = data.oauthProxy === true; + oauthProxy = data.oauthProxy === true, + sso = 'sso' in data ? data.sso : null; assert(data.appStoreId || data.manifest); // atleast one of them is required @@ -505,6 +506,8 @@ function install(data, auditSource, callback) { error = validateXFrameOptions(xFrameOptions); if (error) return callback(error); + if ('sso' in data && !('optionalAuth' in manifest)) return callback(new AppsError(AppsError.BAD_FIELD, 'sso can only be specified for apps with optionalAuth')); + if (altDomain !== null && !validator.isFQDN(altDomain)) return callback(new AppsError(AppsError.BAD_FIELD, 'Invalid alt domain')); // singleUser mode requires accessRestriction to contain exactly one user @@ -534,7 +537,8 @@ function install(data, auditSource, callback) { memoryLimit: memoryLimit, altDomain: altDomain, xFrameOptions: xFrameOptions, - oauthProxy: oauthProxy + oauthProxy: oauthProxy, + sso: sso }; var from = (location ? location : manifest.title.toLowerCase().replace(/[^a-zA-Z0-9]/g, '')) + '.app'; diff --git a/src/routes/apps.js b/src/routes/apps.js index a867509de..94fdaff1f 100644 --- a/src/routes/apps.js +++ b/src/routes/apps.js @@ -125,6 +125,7 @@ function installApp(req, res, next) { if (data.xFrameOptions && typeof data.xFrameOptions !== 'string') return next(new HttpError(400, 'xFrameOptions must be a string')); if ('oauthProxy' in data && typeof data.oauthProxy !== 'boolean') return next(new HttpError(400, 'oauthProxy must be a boolean')); + if ('sso' in data && typeof data.sso !== 'boolean') return next(new HttpError(400, 'sso must be a boolean')); debug('Installing app :%j', data);