%
# Copyright (C) 2011 - present Instructure, Inc.
#
# This file is part of Canvas.
#
# Canvas is free software: you can redistribute it and/or modify it under
# the terms of the GNU Affero General Public License as published by the Free
# Software Foundation, version 3 of the License.
#
# Canvas is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
# details.
#
# You should have received a copy of the GNU Affero General Public License along
# with this program. If not, see .
%>
<% set_active_tab "authentication" %>
<%- css_bundle(:federated_attributes) %>
<% provide :page_title do %>
<%= @page_title %>
<% end %>
<% provide :right_side do %>
<% if @presenter.ldap_config? %>
<% end %>
<% if @presenter.auth? %>
<%= link_to(account_remove_all_authentication_providers_url(@account),
data: { confirm: t(:delete_auth_confirmation,
'Are you sure? Users may not be able to log in if this is removed.') },
method: :delete,
class: "delete_auth_link Button Button--danger icon-trash button-sidebar-wide") do %>
<%= t(:delete_auth_link, "Remove Authentication") %>
<% end %>
<% end %>
<% end %>
<%= t(:settings_title, "Authentication Settings") %>
<%= t(:settings_description, 'In order for a user to authenticate through an external identity provider (IdP),
the user must have a login identifier that is both linked to this account and
that matches the unique identifier returned by the IdP. To see a user\'s current
logins, see the "Login Information" section on the user\'s profile page. (Found
by searching for the user on the "Users" tab.)') %>
<%= mt(:profile_page_link_example,
'For example, here is your profile page: [%{friendlyname}](%{url})',
friendlyname: @current_user.last_name_first_or_unnamed,
url: context_url(@account, :context_user_url, @current_user)) %>
<%= render partial: 'sso_settings_form',
locals: { presenter: @presenter, account: @account }%>
<%= t("Current Provider") %>
<% if @presenter.configs.empty? %>
<%= t(:no_auth_type_description, "This account does not currently integrate "\
"with an identity provider.") %>
<% else %>
<% @presenter.configs.each do |aac| %>
<%= render partial: "aac_settings",
locals: { aac: aac, presenter: @presenter, account: @account } %>
<% end %>
<% end %>
<% @presenter.new_auth_types.each do |auth_type| %>
<%= render partial: "aac_settings",
locals: {
account: @account,
presenter: @presenter,
aac: @presenter.new_config(auth_type.sti_name)
} %>
<% end %>
<% if @presenter.ldap_configs.size > 0 %>
<%= render partial: 'ldap_settings_test',
locals: { account: @account, presenter: @presenter } %>
<% end %>
<% js_bundle :authentication_providers %>
<% js_bundle :ldap_cert_upload %>