fix(core): Skip SAML onboarding for users with first- and lastname (#5966)

skip onboarding for users with first- and lastname
2025-01-12 13:27:31 -08:00 · 2023-04-13 10:09:50 +02:00 · 2023-04-13 10:09:50 +02:00 · 8474cd386d
parent 02ab1e7eef
commit 8474cd386d
2 changed files with 4 additions and 3 deletions
--- a/packages/cli/src/sso/saml/routes/saml.controller.ee.ts
+++ b/packages/cli/src/sso/saml/routes/saml.controller.ee.ts
@ -104,7 +104,7 @@ export class SamlController {
 	private async acsHandler(req: express.Request, res: express.Response, binding: SamlLoginBinding) {
 		const loginResult = await this.samlService.handleSamlLogin(req, binding);
 		if (loginResult) {
-			// eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
+			// return attributes if this is a test connection
 			if (req.body.RelayState && req.body.RelayState === getServiceProviderConfigTestReturnUrl()) {
 				return res.status(202).send(loginResult.attributes);
 			}
--- a/packages/cli/src/sso/saml/saml.service.ee.ts
+++ b/packages/cli/src/sso/saml/saml.service.ee.ts
@ -154,7 +154,7 @@ export class SamlService {
 				relations: ['globalRole', 'authIdentities'],
 			});
 			if (user) {
-				// Login path for existing users that are fully set up
+				// Login path for existing users that are fully set up and that have a SAML authIdentity set up
 				if (
 					user.authIdentities.find(
 						(e) => e.providerType === 'saml' && e.providerId === attributes.userPrincipalName,
@ -168,10 +168,11 @@ export class SamlService {
 				} else {
 					// Login path for existing users that are NOT fully set up for SAML
 					const updatedUser = await updateUserFromSamlAttributes(user, attributes);
+					const onboardingRequired = !updatedUser.firstName || !updatedUser.lastName;
 					return {
 						authenticatedUser: updatedUser,
 						attributes,
-						onboardingRequired: true,
+						onboardingRequired,
 					};
 				}
 			} else {