From 6788897c30a58aa0a8613d2f1fa602692e5f690b Mon Sep 17 00:00:00 2001
From: Alexey Bannov <alexey.bannov@onlyoffice.com>
Date: Thu, 6 Apr 2017 04:20:38 -0400
Subject: [PATCH] add sso rewrite

---
 ...communityserver-proxy-to-controlpanel.conf | 20 ++++++++++++++++++-
 run-community-server.sh                       |  1 +
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/config/nginx/onlyoffice-communityserver-proxy-to-controlpanel.conf b/config/nginx/onlyoffice-communityserver-proxy-to-controlpanel.conf
index d5cef00..ab81a55 100644
--- a/config/nginx/onlyoffice-communityserver-proxy-to-controlpanel.conf
+++ b/config/nginx/onlyoffice-communityserver-proxy-to-controlpanel.conf
@@ -1,4 +1,4 @@
-location ~* "^/(controlpanel|sso)" {
+location /controlpanel {
                 proxy_pass {{CONTROL_PANEL_HOST_ADDR}};
 
                 client_max_body_size 100m;
@@ -14,3 +14,21 @@ location ~* "^/(controlpanel|sso)" {
                 proxy_set_header X-Forwarded-Proto $scheme;
                 proxy_set_header X-REWRITER-URL $scheme://$http_host;
 }
+
+location /sso {
+                proxy_pass {{SERVICE_SSO_AUTH_HOST_ADDR}};
+
+                client_max_body_size 100m;
+
+                proxy_http_version 1.1;
+                proxy_set_header Upgrade $http_upgrade;
+                proxy_set_header Connection "upgrade";
+
+                proxy_set_header Host $host;
+                proxy_set_header X-Real-IP $remote_addr;
+                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+                proxy_set_header X-Forwarded-Host $server_name;
+                proxy_set_header X-Forwarded-Proto $scheme;
+                proxy_set_header X-REWRITER-URL $scheme://$http_host;
+		proxy_ssl_verify off;
+}
diff --git a/run-community-server.sh b/run-community-server.sh
index b0c1875..15286b5 100644
--- a/run-community-server.sh
+++ b/run-community-server.sh
@@ -577,6 +577,7 @@ fi
 if [ "${CONTROL_PANEL_ENABLED}" == "true" ]; then
         cp ${SYSCONF_TEMPLATES_DIR}/nginx/onlyoffice-communityserver-proxy-to-controlpanel.conf ${NGINX_ROOT_DIR}/includes/onlyoffice-communityserver-proxy-to-controlpanel.conf;
 	sed 's,{{CONTROL_PANEL_HOST_ADDR}},'"http:\/\/${CONTROL_PANEL_PORT_80_TCP_ADDR}"',' -i ${NGINX_ROOT_DIR}/includes/onlyoffice-communityserver-proxy-to-controlpanel.conf;
+	sed 's,{{SERVICE_SSO_AUTH_HOST_ADDR}},'"https:\/\/${CONTROL_PANEL_PORT_80_TCP_ADDR}:9833"',' -i ${NGINX_ROOT_DIR}/includes/onlyoffice-communityserver-proxy-to-controlpanel.conf;
 
 	# change web.appsettings link to controlpanel
 	sed '/web\.controlpanel\.url/s/\(value\s*=\s*\"\)[^\"]*\"/\1\/controlpanel\/\"/' -i  ${ONLYOFFICE_ROOT_DIR}/web.appsettings.config;