-
Notifications
You must be signed in to change notification settings - Fork 109
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
BED-4766: API Endpoint to List OIDC Providers #896
Conversation
…teractions to match new design
…rly backfill saml_providers with the new sso_providers key. Added new enum type for sso_provider types
…ed a mapping from AuthProvider to the new SSOProviderType enum
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think you can point the base to @mvlipka 's create PR and it might help reviewing this without his changes as well? And then we just make sure we don't merge until his is merged. Looking good so far!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Only blocked because the permission requirement needs to be removed. Otherwise this is looking great! I concede, the gorm joins feature is schnazzy just don't let @superlinkx know I said that out loud.
Also did you run prep-for-codereview 👀
Co-authored-by: mistahj67 <26472282+mistahj67@users.noreply.github.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tested locally, everything is working solid! 🚀
Co-authored-by: mistahj67 <26472282+mistahj67@users.noreply.github.com>
Co-authored-by: mistahj67 <26472282+mistahj67@users.noreply.github.com>
Co-authored-by: mistahj67 <26472282+mistahj67@users.noreply.github.com>
Co-authored-by: mistahj67 <26472282+mistahj67@users.noreply.github.com>
Description
This pull request introduces a unified SSO endpoint that provides detailed information on both OIDC and SAML providers. The goal is to offer a consolidated and accurate list of available authentication methods, ensuring that users are directed to the appropriate provider for successful authentication.
Motivation and Context
This PR addresses the requirements outlined in ticket BED-4766.
Previously, SSO providers were listed using the
GET /api/v2/saml/sso endpoint
, which only supported SAML providers. With the addition of OIDC as an alternative authentication method to comply with FedRamp requirements, there is a need for a single, unified endpoint. This new endpoint will display information about both SAML and OIDC providers as a more flexible and agnostic approach. The unified endpoint will replace the existing SAML-only endpoint to ensure all authentication options are covered.How Has This Been Tested?
Unit Tests: Via
auth/sso_test
to verify endpoint behavior.Integration Tests: Via
database/sso_providers_test
to verify interaction with the database.Screenshots (optional):
Types of changes
Checklist: