feat: patch for sso saml gotrue prefix
This commit is contained in:
parent
ea5450d6ff
commit
661c6d7370
|
|
@ -1,15 +1,25 @@
|
||||||
# This patch is done because there is no way to enable SSO/SAML at the moment
|
|
||||||
|
|
||||||
diff --git a/internal/api/api.go b/internal/api/api.go
|
diff --git a/internal/api/api.go b/internal/api/api.go
|
||||||
index d9016fd0..924ce018 100644
|
index d9016fd0..924ce018 100644
|
||||||
--- a/internal/api/api.go
|
--- a/internal/api/api.go
|
||||||
+++ b/internal/api/api.go
|
+++ b/internal/api/api.go
|
||||||
@@ -175,7 +175,7 @@ func NewAPIWithVersion(ctx context.Context, globalConfig *conf.GlobalConfigurati
|
@@ -175,7 +175,7 @@ func NewAPIWithVersion(ctx context.Context, globalConfig *conf.GlobalConfigurati
|
||||||
})
|
})
|
||||||
|
|
||||||
r.Route("/sso", func(r *router) {
|
r.Route("/sso", func(r *router) {
|
||||||
- r.Use(api.requireSAMLEnabled)
|
- r.Use(api.requireSAMLEnabled)
|
||||||
+ // r.Use(api.requireSAMLEnabled)
|
+ // r.Use(api.requireSAMLEnabled)
|
||||||
r.With(api.limitHandler(
|
r.With(api.limitHandler(
|
||||||
// Allow requests at the specified rate per 5 minutes.
|
// Allow requests at the specified rate per 5 minutes.
|
||||||
tollbooth.NewLimiter(api.config.RateLimitSso/(60*5), &limiter.ExpirableOptions{
|
tollbooth.NewLimiter(api.config.RateLimitSso/(60*5), &limiter.ExpirableOptions{
|
||||||
|
diff --git a/internal/api/saml.go b/internal/api/saml.go
|
||||||
|
index d936ff2f..011d098c 100644
|
||||||
|
--- a/internal/api/saml.go
|
||||||
|
+++ b/internal/api/saml.go
|
||||||
|
@@ -24,6 +24,7 @@ func (a *API) getSAMLServiceProvider(identityProvider *saml.EntityDescriptor, id
|
||||||
|
externalURL.Path += "/"
|
||||||
|
}
|
||||||
|
|
||||||
|
+ externalURL.Path += "gotrue/"
|
||||||
|
externalURL.Path += "sso/"
|
||||||
|
|
||||||
|
provider := samlsp.DefaultServiceProvider(samlsp.Options{
|
||||||
|
|
|
||||||
|
|
@ -23,7 +23,7 @@ async fn edit_workspace_without_permission() {
|
||||||
|
|
||||||
assert_client_collab(&mut client_1, &workspace_id, json!({"name": "AppFlowy"}), 3).await;
|
assert_client_collab(&mut client_1, &workspace_id, json!({"name": "AppFlowy"}), 3).await;
|
||||||
|
|
||||||
/// client 2 has not permission to read/edit the workspace
|
// client 2 has not permission to read/edit the workspace
|
||||||
assert_client_collab(&mut client_2, &workspace_id, json!({}), 3).await;
|
assert_client_collab(&mut client_2, &workspace_id, json!({}), 3).await;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue