feat(core): Add SAML login setup #5515
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
n8n-assistant
bot
added
core
# Conflicts: # packages/cli/src/controllers/auth.controller.ts
krynble
suggested changes
Feb 23, 2023
| * POST /sso/saml/acs | ||
| * Assertion Consumer Service endpoint | ||
| */ | ||
| samlController.post(SamlUrls.acs, async (req: express.Request, res: express.Response) => { |
There was a problem hiding this comment.
Some providers might redirect using GET so we should also support this method. I think authentik allows you to change to redirect and then it'll be a GET request.
There was a problem hiding this comment.
updated and sort of works, but ends with ERR_MISSING_SIG_ALG issue. This may be an authentik setup issue though
Co-authored-by: Omar Ajoue <krynble@gmail.com>
Co-authored-by: Omar Ajoue <krynble@gmail.com>
Co-authored-by: Omar Ajoue <krynble@gmail.com>
krynble
suggested changes
Feb 24, 2023
| | undefined | ||
| > { | ||
| const attributes = await this.getAttributesFromLoginResponse(req, binding); | ||
| if (attributes.email) { |
There was a problem hiding this comment.
Maybe not for this iteration, but if email cannot be find as part of the mapping, we need to warn the user about it.
| @@ -190,7 +190,7 @@ export function send<T, R extends Request, S extends Response>( | |||
| try { | |||
| const data = await processFunction(req, res); | |||
|
|
|||
| sendSuccessResponse(res, data, raw); | |||
| if (!res.headersSent) sendSuccessResponse(res, data, raw); | |||
There was a problem hiding this comment.
Is this change necessary since saml-related controllers are not using the annotations?
There was a problem hiding this comment.
yes it's for the default auth /# endpoint to be able to redirect to the initsso endpoint
krynble
previously approved these changes
Feb 24, 2023
n8n-assistant
bot
added
the
Upcoming Release
|
Got released with |
sunilrr
pushed a commit
to fl-g6/qp-n8n
that referenced
this pull request
Apr 24, 2023
* initial commit with sample data * basic saml setup * cleanup console logs * limit saml endpoints through middleware * basic login and token issue * saml service and cleanup * refactor and create user * get/set saml prefs * fix authentication issue * redirect to user details * merge fix * add generated password to saml user * update user from attributes where possible * refactor and fix creating new user * rename saml prefs key * minor cleanup * Update packages/cli/src/config/schema.ts Co-authored-by: Omar Ajoue <krynble@gmail.com> * Update packages/cli/src/config/schema.ts Co-authored-by: Omar Ajoue <krynble@gmail.com> * Update packages/cli/src/controllers/auth.controller.ts Co-authored-by: Omar Ajoue <krynble@gmail.com> * code review changes * fix default saml enabled * remove console.log * fix isSamlLicensed --------- Co-authored-by: Omar Ajoue <krynble@gmail.com>
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Github issue / Community forum post (link here to close automatically):