0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2025-03-10 22:22:45 -05:00

feat(schemas): add idp-initiated SSO client side callback url columns (#6675)

* feat(core): consume IdP initiated session on SSO verification flow

Auto consume the IdP initiated SAML SSO session on the SSO sign-in verification flow

* test(core): add unit test cases

add unit test cases

* feat(schemas): add client idp-initiated auth callback url column

add client idp-initiated auth callback url column

* fix(test): fix ut

fix ut
This commit is contained in:
simeng-li 2024-10-16 16:58:20 +08:00 committed by GitHub
parent a7db62cd63
commit 2c8343a757
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 48 additions and 2 deletions

View file

@ -180,6 +180,8 @@ describe('SsoConnectorLibrary', () => {
const authConfig: SsoConnectorIdpInitiatedAuthConfig = {
tenantId: 'tenantId',
defaultApplicationId: 'appId',
autoSendAuthorizationRequest: true,
clientIdpInitiatedAuthCallbackUri: null,
connectorId: 'connectorId',
redirectUri: 'https://app.com',
authParameters: {},

View file

@ -0,0 +1,40 @@
import { sql } from '@silverhand/slonik';
import type { AlterationScript } from '../lib/types/alteration.js';
const alteration: AlterationScript = {
up: async (pool) => {
await pool.query(sql`
alter table sso_connector_idp_initiated_auth_configs
add column client_idp_initiated_auth_callback_uri text;
alter table sso_connector_idp_initiated_auth_configs
add column auto_send_authorization_request boolean not null default false;
alter table sso_connector_idp_initiated_auth_configs
drop constraint application_type;
alter table sso_connector_idp_initiated_auth_configs
add constraint application_type
check (check_application_type(default_application_id, 'Traditional', 'SPA'));
`);
},
down: async (pool) => {
await pool.query(sql`
alter table sso_connector_idp_initiated_auth_configs
drop constraint application_type;
alter table sso_connector_idp_initiated_auth_configs
drop column client_idp_initiated_auth_callback_uri;
alter table sso_connector_idp_initiated_auth_configs
drop column auto_send_authorization_request;
alter table sso_connector_idp_initiated_auth_configs
add constraint application_type
check (check_application_type(default_application_id, 'Traditional'));
`);
},
};
export default alteration;

View file

@ -12,9 +12,13 @@ create table sso_connector_idp_initiated_auth_configs (
redirect_uri text,
/** Additional OIDC auth parameters. */
auth_parameters jsonb /* @use IdpInitiatedAuthParams */ not null default '{}'::jsonb,
/** Whether to auto-trigger the auth flow on an IdP-initiated auth request. */
auto_send_authorization_request boolean not null default false,
/** The client side callback URI for handling IdP-initiated auth request. */
client_idp_initiated_auth_callback_uri text,
created_at timestamptz not null default(now()),
primary key (tenant_id, connector_id),
/** Insure the application type is Traditional. */
/** Insure the application type is Traditional or SPA. */
constraint application_type
check (check_application_type(default_application_id, 'Traditional'))
check (check_application_type(default_application_id, 'Traditional', 'SPA'))
);