fix(core): Return SAML service provider urls with config (#5759)

return sp urls with config
2024-11-10 06:34:05 -08:00 · 2023-03-23 10:42:19 +01:00 · 2023-03-23 10:42:19 +01:00 · ac18c0b9eb
parent d30b892395
commit ac18c0b9eb
2 changed files with 17 additions and 4 deletions
--- a/packages/cli/src/sso/saml/routes/saml.controller.ee.ts
+++ b/packages/cli/src/sso/saml/routes/saml.controller.ee.ts
@ -16,6 +16,7 @@ import type { PostBindingContext } from 'samlify/types/src/entity';
 import { isSamlLicensedAndEnabled } from '../samlHelpers';
 import type { SamlLoginBinding } from '../types';
 import { AuthenticatedRequest } from '@/requests';
+import { getServiceProviderEntityId, getServiceProviderReturnUrl } from '../serviceProvider.ee';

@RestController('/sso/saml')
 export class SamlController {
@ -35,7 +36,11 @@ export class SamlController {
 	@Get(SamlUrls.config, { middlewares: [samlLicensedOwnerMiddleware] })
 	async configGet(req: AuthenticatedRequest, res: express.Response) {
 		const prefs = this.samlService.samlPreferences;
-		return res.send(prefs);
+		return res.send({
+			...prefs,
+			entityID: getServiceProviderEntityId(),
+			returnUrl: getServiceProviderReturnUrl(),
+		});
 	}

 	/**
--- a/packages/cli/src/sso/saml/serviceProvider.ee.ts
+++ b/packages/cli/src/sso/saml/serviceProvider.ee.ts
@ -7,11 +7,19 @@ import type { SamlPreferences } from './types/samlPreferences';

 let serviceProviderInstance: ServiceProviderInstance | undefined;

+export function getServiceProviderEntityId(): string {
+	return getInstanceBaseUrl() + SamlUrls.restMetadata;
+}
+
+export function getServiceProviderReturnUrl(): string {
+	return getInstanceBaseUrl() + SamlUrls.restAcs;
+}
+
 // TODO:SAML: make these configurable for the end user
 export function getServiceProviderInstance(prefs: SamlPreferences): ServiceProviderInstance {
 	if (serviceProviderInstance === undefined) {
 		serviceProviderInstance = ServiceProvider({
-			entityID: getInstanceBaseUrl() + SamlUrls.restMetadata,
+			entityID: getServiceProviderEntityId(),
 			authnRequestsSigned: prefs.authnRequestsSigned,
 			wantAssertionsSigned: prefs.wantAssertionsSigned,
 			wantMessageSigned: prefs.wantMessageSigned,
@ -21,12 +29,12 @@ export function getServiceProviderInstance(prefs: SamlPreferences): ServiceProvi
 				{
 					isDefault: prefs.acsBinding === 'post',
 					Binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
-					Location: getInstanceBaseUrl() + SamlUrls.restAcs,
+					Location: getServiceProviderReturnUrl(),
 				},
 				{
 					isDefault: prefs.acsBinding === 'redirect',
 					Binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-REDIRECT',
-					Location: getInstanceBaseUrl() + SamlUrls.restAcs,
+					Location: getServiceProviderReturnUrl(),
 				},
 			],
 		});