feat: add SAML app anonymous metadata and certificate APIs #6833
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
darcyYe
requested review from
simeng-li,
wangsijie and
gao-sun
as code owners
COMPARE TO
|
| Name | Diff |
|---|---|
| packages/core/src/routes/init.ts | 📈 +391 Bytes |
| packages/core/src/saml-applications/libraries/saml-applications.ts | 📈 +1.01 KB |
| packages/core/src/saml-applications/libraries/utils.test.ts | 📈 +2.54 KB |
| packages/core/src/saml-applications/libraries/utils.ts | 📈 +1.54 KB |
| packages/core/src/saml-applications/queries/configs.ts | 📈 +879 Bytes |
| packages/core/src/saml-applications/queries/secrets.ts | 📈 +637 Bytes |
| packages/core/src/saml-applications/routes/anonymous.ts | 📈 +829 Bytes |
| packages/core/src/saml-applications/routes/index.ts | 📈 +1.9 KB |
| packages/core/src/utils/content-disposition.ts | 📈 +454 Bytes |
| packages/integration-tests/src/api/saml-application.ts | 📈 +381 Bytes |
| packages/integration-tests/src/tests/api/application/saml-application.test.ts | 📈 +768 Bytes |
| packages/phrases/src/locales/en/errors/application.ts | 📈 +190 Bytes |
| packages/schemas/src/foundations/jsonb-types/saml-application-configs.ts | 0 Bytes |
| packages/schemas/src/types/saml-application.ts | 📈 +481 Bytes |
darcyYe
force-pushed
the
yemq-saml-applications-secrets-apis
branch
from
1608501 to
b712802
Compare
darcyYe
force-pushed
the
yemq-saml-app-metadata-certificate-apis
branch
from
631cd40 to
3717737
Compare
simeng-li
reviewed
Nov 29, 2024
4 tasks
darcyYe
force-pushed
the
yemq-saml-applications-secrets-apis
branch
from
b712802 to
3bb26e4
Compare
darcyYe
force-pushed
the
yemq-saml-app-metadata-certificate-apis
branch
from
3717737 to
bcb18b4
Compare
darcyYe
force-pushed
the
yemq-saml-applications-secrets-apis
branch
from
3bb26e4 to
79eeb35
Compare
Base automatically changed from
yemq-saml-applications-secrets-apis
to
master
December 2, 2024 05:58
darcyYe
force-pushed
the
yemq-saml-app-metadata-certificate-apis
branch
from
e8e4290 to
faaeb32
Compare
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
darcyYe
force-pushed
the
yemq-saml-app-metadata-certificate-apis
branch
from
faaeb32 to
5a66ff2
Compare
darcyYe
force-pushed
the
yemq-saml-app-metadata-certificate-apis
branch
2 times, most recently
from
55963f4 to
c7265d7
Compare
simeng-li
reviewed
Dec 3, 2024
packages/core/src/saml-applications/libraries/saml-applications.ts
Outdated
Show resolved
Hide resolved
simeng-li
approved these changes
Dec 3, 2024
packages/core/src/saml-applications/libraries/saml-applications.ts
Outdated
Show resolved
Hide resolved
darcyYe
force-pushed
the
yemq-saml-app-metadata-certificate-apis
branch
2 times, most recently
from
a410ca4 to
5333f5d
Compare
darcyYe
force-pushed
the
yemq-saml-app-metadata-certificate-apis
branch
3 times, most recently
from
0a36d61 to
a8a13b7
Compare
darcyYe
force-pushed
the
yemq-saml-app-metadata-certificate-apis
branch
from
a8a13b7 to
7775fa9
Compare
wangsijie
pushed a commit
that referenced
this pull request
Jan 24, 2025
SamSalvatico
added a commit
to ogcio/logto
that referenced
this pull request
Feb 14, 2025
* feat(core): add POST /saml-applications and DEL /saml-applications/:id APIs * fix(core): add redis ping interval (logto-io#6819) * fix(core): add redis ping interval add redis ping interval * refactor(core): add trySafe to wellknown cache add trySafe to wellknown cache * chore: add comments Co-authored-by: Gao Sun <[email protected]> --------- Co-authored-by: Gao Sun <[email protected]> * refactor(schemas, console): remove deprecated ReservedPlanIds (logto-io#6820) remove deprecated ReservedPlanIds and refactor the skuId usage in console * refactor: undo changes on swagger API utils and hide SAML app APIs * refactor(console): optimize onboarding (logto-io#6837) * refactor(console): optimize onboarding * refactor: fix lint issues * chore: remove unused phrases * chore: fix code style * fix: add DB constraints sorting reference (logto-io#6838) * chore: update code * feat(core): add PATCH/GET /saml-applications/:id APIs * chore: fix code * feat(schemas): add new pro202411 reserved plan ID (logto-io#6839) * feat(schemas): add new pro202411 reserved plan ID add new Pro202411 reserved plan ID. * fix(schemas,console): update comments and fix console update comment and fix console missing key * chore: rename SAML application secrets/configs constraints (logto-io#6840) * fix: update according to CR * chore: add comments * feat: add SAML app secret related APIs * chore: fix code * feat: add SAML app anonymous metadata and certificate APIs (logto-io#6833) * fix(core): fix applications APIs status guard (logto-io#6845) * refactor: loose redirect uri restrictions (logto-io#6846) * refactor: loose redirect uri restrictions * refactor: fix types and add tests * chore: add changeset * refactor(console,core,schemas): allow SAML application to use IdP-initiated SSO (logto-io#6849) * refactor(console,core,schemas): allow SAML application to use IdP-initiated SSO allow SAML application to use IdP-initiated * fix(core): fix ut fix ut * chore(deps): update postgres docker tag to v17 (logto-io#6731) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * fix: fix some SAML app bugs (logto-io#6852) * refactor: remove SAML app certificate/metadata download APIs (logto-io#6856) * feat(console): add SAML IdP settings page (logto-io#6853) * feat(console): add SAML IdP settings page add SAML IdP application settings page * feat(console): add download link add download link * feat(console): feat add SAML application creation (logto-io#6857) feat(console): feat add SAML appliction creation feat add SAML application creation * chore: add tips for HTTP email connector (logto-io#6753) * chore: add tips for HTTP email connector * chore: adopt suggestion Co-authored-by: Charles Zhao <[email protected]> --------- Co-authored-by: Charles Zhao <[email protected]> * chore: upgrade vitest and happy-dom (logto-io#6858) * chore: upgrade happy-dom and vitest * chore: upgrade @vitest/coverage-v8 * chore: whitelist add_on_sku_id (logto-io#6860) chore: white list add_on_sku_id in compare db white list add_on_sku_id in the compare db script * refactor(console): replace get sku api (logto-io#6861) replace the `api/sku` API using `api/tenants/:tenantId/available-sku * fix: fix fetch official connector CLI error (logto-io#6862) * fix(core): fix the subscription api response type (logto-io#6834) fix the subscription api response type all dates value should be converted to ISO 8601 string * Revert "refactor(console): replace get sku api" (logto-io#6868) Revert "refactor(console): replace get sku api (logto-io#6861)" This reverts commit 51c9c52. * fix(console): fix enterprise tenant current sku always return dev (logto-io#6869) * fix(console): fix enterprise tenant current sku always dev fix the enterprise tenant current sku always dev bug * fix(console): fix the lint error fix the lint error * fix(deps): update dependency nanoid to v5.0.9 [security] (logto-io#6867) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update dependency @types/color to v4 (logto-io#6760) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore: bump dependencies (logto-io#6873) * chore: bump dependencies * fix: ui test * fix: ui test * chore: remove unexpected console log (logto-io#6875) * chore: bump ws version (logto-io#6876) * refactor(console): refactor console paywall guards (logto-io#6863) * refactor(console): refactor console paywall guards refactor console paywall guards * refactor(console): refactor the paywall logic refactor the paywall logic * fix(console): replace hardcode pro plan id replace hardcoded pro plan id * chore(console): add some comments add some comments * refactor(console, core): refactor console to support new pro plan (logto-io#6874) * refactor(console, core): refactor console to support new pro plan refactor console to support new pro plan * fix(console): fix the wrong quota number fix the wrong quota number * fix(console): align the util method usage align the util method usage * chore: bump transitive dev-deps (logto-io#6882) * fix(core): add the missing status code (logto-io#6879) add the missing status code * refactor(console): add get tenant add-on-skus endpoint (logto-io#6886) * refactor(console): add get tenant add-on-skus endpoint dynamicly display token usage tooltips content based on the token add-on SKU details * fix: fix email connector ts error fix email connector ts error * fix(console): should not apply dev guard (logto-io#6889) should not apply dev guard * feat(core,console): new mfa prompt policy (logto-io#6880) * chore(console): remove new pro plan dev feature guard (logto-io#6890) * fix(console): should not apply dev guard should not apply dev guard * chore(console): remove new pro plan dev feature guard remove new pro plan dev feature guard * fix(core): should not be able to skip mandatory MFA (logto-io#6892) * feat(core): add subscription cache class (logto-io#6835) * refactor(core): update well-known cache to support ttl update well-known cache to support ttl * feat(core): add subscription cache class refactor the well-known cache class and implement a new subscription cache * chore(core): remove empty space remove empty space * fix(console): auto close mfa switch (logto-io#6895) * refactor(phrases): update mfa prompt selection text (logto-io#6896) * feat(core): add token usage guard (logto-io#6877) * feat(core): add token usage guard add token usage guard * test(core): add unit test add unit test * refactor(core): update the token usage cache strategy udpate the token usage cache strategy * fix(core): fix unit test fix unit test * feat(core): add SAML IdP `GET /saml-applications/:id/callback` API (logto-io#6872) * feat(core): implement SAML IdP response flow * refactor: update name ID format * refactor: refactor code * fix: add comments --------- Co-authored-by: simeng-li <[email protected]> * chore: update translation of connector readmes (logto-io#6899) * refactor(console): show token usage exceed modal (logto-io#6897) show token usage limit exceed modal * feat(console): add token usage notification banner (logto-io#6898) * feat(console): add token usage notification banner add token usage notificaiton banner * style(console): fix usage error style fix usage error style * fix(console): fix mfa form mandatory reset (logto-io#6901) * style(console): update the default font color (logto-io#6903) * fix(core): handle unexpected user unique identifier error (logto-io#6902) handle unexpected user unqque identifier violation error * feat(console): add token exceed tag (logto-io#6904) add token exceed tag to tenant drop down item * feat: add saml app sessions table * feat(console): add token usage exceed notification (logto-io#6907) add token usage exceed notification for dev tenants * chore(core): remove token limit dev feature guard (logto-io#6908) remove token limit dev feature guard * fix(phrases): fix console phrases (logto-io#6911) * fix(phrases): fix console phrases fix console phrases * chore: update en phrase update en phrase * chore: update code * feat(connector): add Xiaomi social login connector (logto-io#6905) * feat(connector): add Xiaomi social login connector * chore: update README and pnpm lock * chore: update changeset * fix(connector): fix connector-xiaomi test fail & enhance error handling * refactor(connector): remove unnecessary logs and code --------- Co-authored-by: Charles Zhao <[email protected]> * feat(connector): add YunPian SMS connector (logto-io#6906) * feat(connector): add YunPian SMS connector * chore: update README and pnpm lock * chore: update SVG and error messages --------- Co-authored-by: Charles Zhao <[email protected]> * release: version packages (logto-io#6850) * release: version packages * chore: update new connectors version number --------- Co-authored-by: Darcy Ye <[email protected]> * chore(core): rollbacked README * chore(core): rollback single-sign-on * chore(core): rollback single-sign-on * Feature: v1.24.0 (#188) * feat(core): add SAML auth request handling endpoints * chore: update code * feat(core,console): enable create and activate/deactivate SAML app secrets (logto-io#6910) * feat: enable create and activate/deactivate SAML app secrets * chore: update code * feat: support SAML app encryption and nameIdFormat config (logto-io#6912) * refactor: make SAML apps to be first party apps (logto-io#6913) * refactor(core): build SamlApplication class (logto-io#6909) * feat(console,core): add attribute mapping (logto-io#6916) * chore(console): fix SAML app text display (logto-io#6926) * feat(core): support custom endpoint and addressing style for S3 (logto-io#6924) Add support for configurable S3 endpoint and addressing style (path-style/virtual-hosted) to improve compatibility with S3-compatible storage services. - Add forcePathStyle option to control URL addressing style - Fix custom endpoint support implementation - Improve URL generation logic for different configurations Resolves: [logto-io#6920] Signed-off-by: aiden_lu <[email protected]> * feat(console,core): enable configure on nameIdFormat and encryption (logto-io#6929) * feat(console): enable configure on nameIdFormat and encryption * feat(core): support configuration on nameIdFormat and encryption * refactor(core): build SAML app sign in URL scope with attribute mapping (logto-io#6930) refactor(core): build sign in URL scope with attribute mapping * feat(core): add default redirect URI for SAML apps on creation (logto-io#6932) * feat(core): add SAML app audit logs (logto-io#6931) * feat(core): add state/redirect URI validate on SP init SAML SSO callback endpoint (logto-io#6937) * refactor(console): refactor IdP init SSO available apps dropdown (logto-io#6935) * refactor(core): refactor GET saml app metadata endpoint (logto-io#6938) * refactor(core): refactor GET saml app metadata endpoint * refactor: refactor SamlApplication class to validate only necessary fields * refactor(core): add SAML app quota guard (logto-io#6941) * feat(console): add SAML app flow (logto-io#6944) * feat(console): add SAML app * fix: integration test setup * chore: sync all keys to all other locales (logto-io#6945) * feat(console): hide entrance for creating SAML apps (logto-io#6948) * fix(core): fix SAML attributes data (logto-io#6953) * refactor(experience): remove the image CORS attributes (logto-io#6959) * refactor(experience): remove the image CORS prop remove the image tag CORS property, do not check the source CORS headers * chore: add changeset add changeset * chore: fix typo fix typo * chore: update the changeset update the changeset * fix(core): fix SAML validator setup (logto-io#6961) * fix(core,console): make SAML related log visible in audit log listing page (logto-io#6962) * refactor(core): reorg SAML app related codes * chore: update error message (logto-io#6968) * chore: bump version of a transient dependency katex (logto-io#6960) * fix: fix SAML app console issues (logto-io#6969) * fix: fix SAML app console issues (logto-io#6970) * release: version packages (logto-io#6928) * release: version packages * chore: fix the ci job fix the integration test ci job --------- Co-authored-by: simeng-li <[email protected]> * chore: add changeset to patch @logto/shared (logto-io#6972) * chore: bump vite versions (logto-io#6975) * Merge pull request logto-io#6977 from logto-io/yemq-fix-console-saml-app-attribute-mapping fix(console,core): fix SAML app attribute mapping issues * Merge pull request logto-io#6978 from logto-io/yemq-fix-saml-app-attributes fix: fix SAML app attribute mapping not working issue * chore: add changeset for http email (logto-io#6604) * chore(core): hide oidcClientMetadata of SAML apps when using GET app APIs (logto-io#6979) * feat: remove SAML app dev feature guard * chore: update SAML app attribute mapping doc link (logto-io#6985) * refactor: add enterprise tag for SAML apps (logto-io#6986) * Merge pull request logto-io#6987 from logto-io/yemq-saml-guide-card-remove-feature-guard chore: remove SAML app guide card feature guard * fix(console): fix SAML app creation API usage (logto-io#6990) * Merge pull request logto-io#6982 from logto-io/yemq-add-core-kit-changeset chore: add core-kit changeset * release: version packages (logto-io#6974) * feat: enable SAML app support for OSS version * chore: add SAML app to quota table * fix: otp double signin bug (logto-io#6995) * chore: add SAML app paywall for OSS console * chore: translate sync keys * chore: translate synced keys * chore(deps): update dependency vitest to v2.1.9 [security] (logto-io#6999) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore: add SAML app API docs (logto-io#6967) * fix(core): trigger webhook in organization invitation flow (logto-io#7005) * fix(core): trigger webhook in organization invitation flow should trigger the Organization.Membership.Updated webhook event when a organization invitation is accepted. * chore: update changeset update changeset * release: version packages (logto-io#7003) * chore(core): fixed package lock --------- Signed-off-by: aiden_lu <[email protected]> Co-authored-by: Darcy Ye <[email protected]> Co-authored-by: aiden <[email protected]> Co-authored-by: simeng-li <[email protected]> Co-authored-by: Charles Zhao <[email protected]> Co-authored-by: silverhand-bot <[email protected]> Co-authored-by: wangsijie <[email protected]> Co-authored-by: Mark Wylde <[email protected]> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --------- Signed-off-by: aiden_lu <[email protected]> Co-authored-by: Darcy Ye <[email protected]> Co-authored-by: simeng-li <[email protected]> Co-authored-by: Gao Sun <[email protected]> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Charles Zhao <[email protected]> Co-authored-by: wangsijie <[email protected]> Co-authored-by: u0x01 <[email protected]> Co-authored-by: silverhand-bot <[email protected]> Co-authored-by: aiden <[email protected]> Co-authored-by: Mark Wylde <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Add GET SAML app certificate and anonymous metadata APIs
Also provide corresponding APIs for downloading metadata and certificate in file format.
Testing
Covered by CI.
Checklist
.changeset