bcgov · deetz99 · Dec 12, 2024 · Dec 11, 2024 · Dec 11, 2024 · Dec 11, 2024
diff --git a/strr-base-web/app/locales/en-CA.ts b/strr-base-web/app/locales/en-CA.ts
@@ -390,7 +390,15 @@ export default {
     streetHint: 'Street address, PO box, rural route, or general delivery address',
     noAccountsFound: 'No accounts found, please click below to get started with an account.'
   },
-  toast: {},
+  toast: {
+    invalidIdp: {
+      generic: 'Invalid login source. Please login with one of the options provided.',
+      BCROS: '', // TODO: more specific messages ???
+      IDIR: '',
+      BCSC: '',
+      BCEID: ''
+    }
+  },
   feeSummary: {
     title: 'Fee Summary',
     total: 'Total Fees',

diff --git a/strr-base-web/app/middleware/auth.ts b/strr-base-web/app/middleware/auth.ts
@@ -1,8 +1,13 @@
 export default defineNuxtRouteMiddleware(() => {
-  const { isAuthenticated } = useKeycloak()
-  const localePath = useLocalePath()
-
-  if (!isAuthenticated.value) {
+  const { isAuthenticated, kcUser, logout } = useKeycloak()
+  const allowedIdps = useAppConfig().strrBaseLayer.page.login.options.idps
+  if (!isAuthenticated.value) { // redirect to login page if user not authenticated
+    const localePath = useLocalePath()
     return navigateTo(localePath('/auth/login'))
+  } else if (isAuthenticated.value && !allowedIdps.includes(kcUser.value.loginSource.toLowerCase())) { // log user out and redirect to login page if user authenticated with invalid login source
+    const locale = useNuxtApp().$i18n.locale.value
+    const redirectUrl =
+      useRuntimeConfig().public.baseUrl + locale + '/auth/login?invalidIdp=' + kcUser.value.loginSource
+    logout(redirectUrl)
   }
 })
diff --git a/strr-base-web/app/pages/auth/login.vue b/strr-base-web/app/pages/auth/login.vue
@@ -41,6 +41,14 @@ definePageMeta({
   middleware: 'login-page',
   hideBreadcrumbs: true
 })
+
+// show notification if user was redirected here with an invalid login
+onMounted(() => {
+  const invalidIdp = useRoute().query.invalidIdp
+  if (invalidIdp && LoginSource[invalidIdp as LoginSource] !== undefined) {
+    useToast().add({ title: t('toast.invalidIdp.generic') })
+  }
+})
 </script>
 <template>
   <div class="flex grow justify-center py-10">

diff --git a/strr-host-pm-web/package.json b/strr-host-pm-web/package.json
@@ -2,7 +2,7 @@
   "name": "strr-host-pm-web",
   "private": true,
   "type": "module",
-  "version": "0.0.3",
+  "version": "0.0.4",
   "scripts": {
     "build-check": "nuxt build",
     "build": "nuxt generate",

diff --git a/strr-platform-web/package.json b/strr-platform-web/package.json
@@ -2,7 +2,7 @@
   "name": "strr-platform-web",
   "private": true,
   "type": "module",
-  "version": "0.0.17",
+  "version": "0.0.18",
   "scripts": {
     "build-check": "nuxt build",
     "build": "nuxt generate",

diff --git a/strr-strata-web/package.json b/strr-strata-web/package.json
@@ -2,7 +2,7 @@
   "name": "strr-strata-web",
   "private": true,
   "type": "module",
-  "version": "0.0.14",
+  "version": "0.0.15",
   "scripts": {
     "build-check": "nuxt build",
     "build": "nuxt generate",