From 7b98a2665f75d0a982b52ff70f771eb39fa41416 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= <jfd@butonic.de>
Date: Thu, 25 Jul 2024 16:42:58 +0200
Subject: [PATCH] use bool type for web embed delegatedAuthentication
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
---
 changelog/unreleased/fix-web-delegatedauthentication-type.md | 3 +++
 services/web/pkg/config/defaults/defaultconfig.go            | 2 +-
 services/web/pkg/config/options.go                           | 2 +-
 3 files changed, 5 insertions(+), 2 deletions(-)
 create mode 100644 changelog/unreleased/fix-web-delegatedauthentication-type.md

diff --git a/changelog/unreleased/fix-web-delegatedauthentication-type.md b/changelog/unreleased/fix-web-delegatedauthentication-type.md
new file mode 100644
index 0000000000..b86f1c252d
--- /dev/null
+++ b/changelog/unreleased/fix-web-delegatedauthentication-type.md
@@ -0,0 +1,3 @@
+Bugfix: use bool type for web embed delegatedAuthentication
+
+https://github.com/owncloud/ocis/pull/9692
\ No newline at end of file
diff --git a/services/web/pkg/config/defaults/defaultconfig.go b/services/web/pkg/config/defaults/defaultconfig.go
index 15f3d45bb3..f442df70a4 100644
--- a/services/web/pkg/config/defaults/defaultconfig.go
+++ b/services/web/pkg/config/defaults/defaultconfig.go
@@ -193,7 +193,7 @@ func Sanitize(cfg *config.Config) {
 	if cfg.Web.Config.Options.Embed.Enabled == "" &&
 		cfg.Web.Config.Options.Embed.Target == "" &&
 		cfg.Web.Config.Options.Embed.MessagesOrigin == "" &&
-		cfg.Web.Config.Options.Embed.DelegateAuthentication == "" &&
+		cfg.Web.Config.Options.Embed.DelegateAuthentication &&
 		cfg.Web.Config.Options.Embed.DelegateAuthenticationOrigin == "" {
 		cfg.Web.Config.Options.Embed = nil
 	}
diff --git a/services/web/pkg/config/options.go b/services/web/pkg/config/options.go
index 1b7b2da13d..53cb75a1cb 100644
--- a/services/web/pkg/config/options.go
+++ b/services/web/pkg/config/options.go
@@ -48,7 +48,7 @@ type Embed struct {
 	Enabled                      string `json:"enabled,omitempty" yaml:"enabled" env:"WEB_OPTION_EMBED_ENABLED" desc:"Defines whether Web should be running in 'embed' mode. Setting this to 'true' will enable a stripped down version of Web with reduced functionality used to integrate Web into other applications like via iFrame. Setting it to 'false' or not setting it (default) will run Web as usual with all functionality enabled. See the text description for more details." introductionVersion:"5.0"`
 	Target                       string `json:"target,omitempty" yaml:"target" env:"WEB_OPTION_EMBED_TARGET" desc:"Defines how Web is being integrated when running in 'embed' mode. Currently, the only supported options are '' (empty) and 'location'. With '' which is the default, Web will run regular as defined via the 'embed.enabled' config option. With 'location', Web will run embedded as location picker. Resource selection will be disabled and the selected resources array always includes the current folder as the only item. See the text description for more details." introductionVersion:"5.0"`
 	MessagesOrigin               string `json:"messagesOrigin,omitempty" yaml:"messagesOrigin" env:"WEB_OPTION_EMBED_MESSAGES_ORIGIN" desc:"Defines a URL under which Web can be integrated via iFrame in 'embed' mode. Note that setting this is mandatory when running Web in 'embed' mode. Use '*' as value to allow running the iFrame under any URL, although this is not recommended for security reasons. See the text description for more details." introductionVersion:"5.0"`
-	DelegateAuthentication       string `json:"delegateAuthentication,omitempty" yaml:"delegateAuthentication" env:"WEB_OPTION_EMBED_DELEGATE_AUTHENTICATION" desc:"Defines whether Web should require authentication to be done by the parent application when running in 'embed' mode. If set to 'true' Web will not try to authenticate the user on its own but will require an access token coming from the parent application. Defaults to being unset." introductionVersion:"5.0"`
+	DelegateAuthentication       bool   `json:"delegateAuthentication,omitempty" yaml:"delegateAuthentication" env:"WEB_OPTION_EMBED_DELEGATE_AUTHENTICATION" desc:"Defines whether Web should require authentication to be done by the parent application when running in 'embed' mode. If set to 'true' Web will not try to authenticate the user on its own but will require an access token coming from the parent application. Defaults to being unset." introductionVersion:"5.0"`
 	DelegateAuthenticationOrigin string `json:"delegateAuthenticationOrigin,omitempty" yaml:"delegateAuthenticationOrigin" env:"WEB_OPTION_EMBED_DELEGATE_AUTHENTICATION_ORIGIN" desc:"Defines the host to validate the message event origin against when running Web in 'embed' mode with delegated authentication. Defaults to event message origin validation being omitted, which is only recommended for development setups." introductionVersion:"5.0"`
 }