feat: add SAML as identity provider (#6454)

* feat: first implementation for saml sp * fix: add command side instance and org for saml provider * fix: add query side instance and org for saml provider * fix: request handling in event and retrieval of finished intent * fix: add review changes and integration tests * fix: add integration tests for saml idp * fix: correct unit tests with review changes * fix: add saml session unit test * fix: add saml session unit test * fix: add saml session unit test * fix: changes from review * fix: changes from review * fix: proto build error * fix: proto build error * fix: proto build error * fix: proto require metadata oneof * fix: login with saml provider * fix: integration test for saml assertion * lint client.go * fix json tag * fix: linting * fix import * fix: linting * fix saml idp query * fix: linting * lint: try all issues * revert linting config * fix: add regenerate endpoints * fix: translations * fix mk.yaml * ignore acs path for user agent cookie * fix: add AuthFromProvider test for saml * fix: integration test for saml retrieve information --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2025-08-11 21:37:32 +00:00 · 2023-09-29 11:26:14 +02:00
parent 2e99d0fe1b
commit 15fd3045e0
82 changed files with 6301 additions and 245 deletions
--- a/internal/domain/auth_request.go
+++ b/internal/domain/auth_request.go
@@ -55,6 +55,7 @@ type AuthRequest struct {
 	LockoutPolicy            *LockoutPolicy
 	DefaultTranslations      []*CustomText
 	OrgTranslations          []*CustomText
+	SAMLRequestID            string
 }

 type ExternalUser struct {
--- a/internal/domain/idp.go
+++ b/internal/domain/idp.go
@@ -37,6 +37,7 @@ const (
 	IDPTypeGitLabSelfHosted
 	IDPTypeGoogle
 	IDPTypeApple
+	IDPTypeSAML
 )

 func (t IDPType) GetCSSClass() string {
@@ -57,7 +58,8 @@ func (t IDPType) GetCSSClass() string {
 		IDPTypeOIDC,
 		IDPTypeJWT,
 		IDPTypeOAuth,
-		IDPTypeLDAP:
+		IDPTypeLDAP,
+		IDPTypeSAML:
 		fallthrough
 	default:
 		return ""
@@ -90,7 +92,8 @@ func (t IDPType) DisplayName() string {
 		IDPTypeLDAP,
 		IDPTypeAzureAD,
 		IDPTypeGitHubEnterprise,
-		IDPTypeGitLabSelfHosted:
+		IDPTypeGitLabSelfHosted,
+		IDPTypeSAML:
 		fallthrough
 	default:
 		// we should never get here, so log it