From 4498c6013dc5b4646b1e3fdba3adef42bfc87952 Mon Sep 17 00:00:00 2001
From: Michael Auerswald <michael.auerswald@gmail.com>
Date: Thu, 23 Mar 2023 15:13:05 +0100
Subject: [PATCH] fix(core): Persist CurrentAuthenticationMethod setting change
 (#5762)

* limit user invites when saml is enabled

* persist CurrentAuthenticationMethod
---
 packages/cli/src/sso/saml/saml.service.ee.ts | 2 +-
 packages/cli/src/sso/saml/samlHelpers.ts     | 6 +++---
 packages/cli/src/sso/ssoHelpers.ts           | 9 ++++++++-
 3 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/packages/cli/src/sso/saml/saml.service.ee.ts b/packages/cli/src/sso/saml/saml.service.ee.ts
index 69c4db0bdb..1bf8e36b9f 100644
--- a/packages/cli/src/sso/saml/saml.service.ee.ts
+++ b/packages/cli/src/sso/saml/saml.service.ee.ts
@@ -210,7 +210,7 @@ export class SamlService {
 			}
 			this._samlPreferences.metadata = prefs.metadata;
 		}
-		setSamlLoginEnabled(prefs.loginEnabled ?? isSamlLoginEnabled());
+		await setSamlLoginEnabled(prefs.loginEnabled ?? isSamlLoginEnabled());
 		setSamlLoginLabel(prefs.loginLabel ?? getSamlLoginLabel());
 		this.getIdentityProviderInstance(true);
 		const result = await this.saveSamlPreferencesToDb();
diff --git a/packages/cli/src/sso/saml/samlHelpers.ts b/packages/cli/src/sso/saml/samlHelpers.ts
index ed2e4f3746..ffa6132f1f 100644
--- a/packages/cli/src/sso/saml/samlHelpers.ts
+++ b/packages/cli/src/sso/saml/samlHelpers.ts
@@ -28,15 +28,15 @@ export function getSamlLoginLabel(): string {
 }
 
 // can only toggle between email and saml, not directly to e.g. ldap
-export function setSamlLoginEnabled(enabled: boolean): void {
+export async function setSamlLoginEnabled(enabled: boolean): Promise<void> {
 	if (enabled) {
 		if (isEmailCurrentAuthenticationMethod()) {
 			config.set(SAML_LOGIN_ENABLED, true);
-			setCurrentAuthenticationMethod('saml');
+			await setCurrentAuthenticationMethod('saml');
 		}
 	} else {
 		config.set(SAML_LOGIN_ENABLED, false);
-		setCurrentAuthenticationMethod('email');
+		await setCurrentAuthenticationMethod('email');
 	}
 }
 
diff --git a/packages/cli/src/sso/ssoHelpers.ts b/packages/cli/src/sso/ssoHelpers.ts
index bf87952818..dcd5c1ac3e 100644
--- a/packages/cli/src/sso/ssoHelpers.ts
+++ b/packages/cli/src/sso/ssoHelpers.ts
@@ -1,4 +1,5 @@
 import config from '@/config';
+import * as Db from '@/Db';
 import type { AuthProviderType } from '@/databases/entities/AuthIdentity';
 
 export function isSamlCurrentAuthenticationMethod(): boolean {
@@ -17,6 +18,12 @@ export function doRedirectUsersFromLoginToSsoFlow(): boolean {
 	return config.getEnv('sso.redirectLoginToSso');
 }
 
-export function setCurrentAuthenticationMethod(authenticationMethod: AuthProviderType): void {
+export async function setCurrentAuthenticationMethod(
+	authenticationMethod: AuthProviderType,
+): Promise<void> {
 	config.set('userManagement.authenticationMethod', authenticationMethod);
+	await Db.collections.Settings.save({
+		key: 'userManagement.authenticationMethod',
+		value: authenticationMethod,
+	});
 }