feat: add SAML as identity provider (#6454)

* feat: first implementation for saml sp * fix: add command side instance and org for saml provider * fix: add query side instance and org for saml provider * fix: request handling in event and retrieval of finished intent * fix: add review changes and integration tests * fix: add integration tests for saml idp * fix: correct unit tests with review changes * fix: add saml session unit test * fix: add saml session unit test * fix: add saml session unit test * fix: changes from review * fix: changes from review * fix: proto build error * fix: proto build error * fix: proto build error * fix: proto require metadata oneof * fix: login with saml provider * fix: integration test for saml assertion * lint client.go * fix json tag * fix: linting * fix import * fix: linting * fix saml idp query * fix: linting * lint: try all issues * revert linting config * fix: add regenerate endpoints * fix: translations * fix mk.yaml * ignore acs path for user agent cookie * fix: add AuthFromProvider test for saml * fix: integration test for saml retrieve information --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2025-08-12 04:07:31 +00:00 · 2023-09-29 11:26:14 +02:00
parent 2e99d0fe1b
commit 15fd3045e0
82 changed files with 6301 additions and 245 deletions
--- a/internal/idp/providers/jwt/jwt_test.go
+++ b/internal/idp/providers/jwt/jwt_test.go
@@ -112,13 +112,17 @@ func TestProvider_BeginAuth(t *testing.T) {
 			)
 			require.NoError(t, err)

-			session, err := provider.BeginAuth(context.Background(), "testState", tt.args.params...)
+			ctx := context.Background()
+			session, err := provider.BeginAuth(ctx, "testState", tt.args.params...)
 			if tt.want.err != nil && !tt.want.err(err) {
 				a.Fail("invalid error", err)
 			}
 			if tt.want.err == nil {
 				a.NoError(err)
-				a.Equal(tt.want.session.GetAuthURL(), session.GetAuthURL())
+				wantHeaders, wantContent := tt.want.session.GetAuth(ctx)
+				gotHeaders, gotContent := session.GetAuth(ctx)
+				a.Equal(wantHeaders, gotHeaders)
+				a.Equal(wantContent, gotContent)
 			}
 		})
 	}
--- a/internal/idp/providers/jwt/session.go
+++ b/internal/idp/providers/jwt/session.go
@@ -30,9 +30,9 @@ type Session struct {
 	Tokens  *oidc.Tokens[*oidc.IDTokenClaims]
 }

-// GetAuthURL implements the [idp.Session] interface
-func (s *Session) GetAuthURL() string {
-	return s.AuthURL
+// GetAuth implements the [idp.Session] interface.
+func (s *Session) GetAuth(ctx context.Context) (string, bool) {
+	return idp.Redirect(s.AuthURL)
 }

 // FetchUser implements the [idp.Session] interface.