feat: saml application configuration for login version (#9351)

# Which Problems Are Solved OIDC applications can configure the used login version, which is currently not possible for SAML applications. # How the Problems Are Solved Add the same functionality dependent on the feature-flag for SAML applications. # Additional Changes None # Additional Context Closes #9267 Follow up issue for frontend changes #9354 --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2025-08-11 19:17:32 +00:00 · 2025-02-13 17:03:05 +01:00
parent 66296db971
commit 49de5c61b2
40 changed files with 1051 additions and 240 deletions
--- a/internal/repository/project/oidc_config.go
+++ b/internal/repository/project/oidc_config.go
@@ -384,13 +384,13 @@ func ChangeBackChannelLogoutURI(backChannelLogoutURI string) func(event *OIDCCon
 	}
 }

-func ChangeLoginVersion(loginVersion domain.LoginVersion) func(event *OIDCConfigChangedEvent) {
+func ChangeOIDCLoginVersion(loginVersion domain.LoginVersion) func(event *OIDCConfigChangedEvent) {
 	return func(e *OIDCConfigChangedEvent) {
 		e.LoginVersion = &loginVersion
 	}
 }

-func ChangeLoginBaseURI(loginBaseURI string) func(event *OIDCConfigChangedEvent) {
+func ChangeOIDCLoginBaseURI(loginBaseURI string) func(event *OIDCConfigChangedEvent) {
 	return func(e *OIDCConfigChangedEvent) {
 		e.LoginBaseURI = &loginBaseURI
 	}
--- a/internal/repository/project/saml_config.go
+++ b/internal/repository/project/saml_config.go
@@ -3,6 +3,7 @@ package project
 import (
 	"context"

+	"github.com/zitadel/zitadel/internal/domain"
 	"github.com/zitadel/zitadel/internal/eventstore"
 	"github.com/zitadel/zitadel/internal/zerrors"
 )
@@ -16,10 +17,12 @@ const (
 type SAMLConfigAddedEvent struct {
 	eventstore.BaseEvent `json:"-"`

-	AppID       string `json:"appId"`
-	EntityID    string `json:"entityId"`
-	Metadata    []byte `json:"metadata,omitempty"`
-	MetadataURL string `json:"metadata_url,omitempty"`
+	AppID        string              `json:"appId"`
+	EntityID     string              `json:"entityId"`
+	Metadata     []byte              `json:"metadata,omitempty"`
+	MetadataURL  string              `json:"metadata_url,omitempty"`
+	LoginVersion domain.LoginVersion `json:"loginVersion,omitempty"`
+	LoginBaseURI string              `json:"loginBaseURI,omitempty"`
 }

 func (e *SAMLConfigAddedEvent) Payload() interface{} {
@@ -50,6 +53,8 @@ func NewSAMLConfigAddedEvent(
 	entityID string,
 	metadata []byte,
 	metadataURL string,
+	loginVersion domain.LoginVersion,
+	loginBaseURI string,
 ) *SAMLConfigAddedEvent {
 	return &SAMLConfigAddedEvent{
 		BaseEvent: *eventstore.NewBaseEventForPush(
@@ -57,10 +62,12 @@ func NewSAMLConfigAddedEvent(
 			aggregate,
 			SAMLConfigAddedType,
 		),
-		AppID:       appID,
-		EntityID:    entityID,
-		Metadata:    metadata,
-		MetadataURL: metadataURL,
+		AppID:        appID,
+		EntityID:     entityID,
+		Metadata:     metadata,
+		MetadataURL:  metadataURL,
+		LoginVersion: loginVersion,
+		LoginBaseURI: loginBaseURI,
 	}
 }

@@ -80,11 +87,13 @@ func SAMLConfigAddedEventMapper(event eventstore.Event) (eventstore.Event, error
 type SAMLConfigChangedEvent struct {
 	eventstore.BaseEvent `json:"-"`

-	AppID       string  `json:"appId"`
-	EntityID    string  `json:"entityId"`
-	Metadata    []byte  `json:"metadata,omitempty"`
-	MetadataURL *string `json:"metadata_url,omitempty"`
-	oldEntityID string
+	AppID        string               `json:"appId"`
+	EntityID     string               `json:"entityId"`
+	Metadata     []byte               `json:"metadata,omitempty"`
+	MetadataURL  *string              `json:"metadata_url,omitempty"`
+	LoginVersion *domain.LoginVersion `json:"loginVersion,omitempty"`
+	LoginBaseURI *string              `json:"loginBaseURI,omitempty"`
+	oldEntityID  string
 }

 func (e *SAMLConfigChangedEvent) Payload() interface{} {
@@ -147,6 +156,17 @@ func ChangeEntityID(entityID string) func(event *SAMLConfigChangedEvent) {
 	}
 }

+func ChangeSAMLLoginVersion(loginVersion domain.LoginVersion) func(event *SAMLConfigChangedEvent) {
+	return func(e *SAMLConfigChangedEvent) {
+		e.LoginVersion = &loginVersion
+	}
+}
+func ChangeSAMLLoginBaseURI(loginBaseURI string) func(event *SAMLConfigChangedEvent) {
+	return func(e *SAMLConfigChangedEvent) {
+		e.LoginBaseURI = &loginBaseURI
+	}
+}
+
 func SAMLConfigChangedEventMapper(event eventstore.Event) (eventstore.Event, error) {
 	e := &SAMLConfigChangedEvent{
 		BaseEvent: *eventstore.BaseEventFromRepo(event),