feat(sso): allow to use OIDC and SAML (#7246)

## What it does ### Backend - [x] Add a mutation to create OIDC and SAML configuration - [x] Add a mutation to delete an SSO config - [x] Add a feature flag to toggle SSO - [x] Add a mutation to activate/deactivate an SSO config - [x] Add a mutation to delete an SSO config - [x] Add strategy to use OIDC or SAML - [ ] Improve error management ### Frontend - [x] Add section "security" in settings - [x] Add page to list SSO configurations - [x] Add page and forms to create OIDC or SAML configuration - [x] Add field to "connect with SSO" in the signin/signup process - [x] Trigger auth when a user switch to a workspace with SSO enable - [x] Add an option on the security page to activate/deactivate the global invitation link - [ ] Add new Icons for SSO Identity Providers (okta, Auth0, Azure, Microsoft) --------- Co-authored-by: Félix Malfait <felix@twenty.com> Co-authored-by: Charles Bochet <charles@twenty.com>
2024-10-21 20:07:08 +02:00
parent 11c3f1c399
commit 0f0a7966b1
132 changed files with 5245 additions and 306 deletions
--- a/packages/twenty-front/src/modules/settings/security/graphql/mutations/createOIDCSSOIdentityProvider.ts
+++ b/packages/twenty-front/src/modules/settings/security/graphql/mutations/createOIDCSSOIdentityProvider.ts
@ -0,0 +1,15 @@
+/* @license Enterprise */
+
+import { gql } from '@apollo/client';
+
+export const CREATE_OIDC_SSO_IDENTITY_PROVIDER = gql`
+  mutation CreateOIDCIdentityProvider($input: SetupOIDCSsoInput!) {
+    createOIDCIdentityProvider(input: $input) {
+      id
+      type
+      issuer
+      name
+      status
+    }
+  }
+`;
--- a/packages/twenty-front/src/modules/settings/security/graphql/mutations/createSAMLSSOIdentityProvider.ts
+++ b/packages/twenty-front/src/modules/settings/security/graphql/mutations/createSAMLSSOIdentityProvider.ts
@ -0,0 +1,15 @@
+/* @license Enterprise */
+
+import { gql } from '@apollo/client';
+
+export const CREATE_SAML_SSO_IDENTITY_PROVIDER = gql`
+  mutation CreateSAMLIdentityProvider($input: SetupSAMLSsoInput!) {
+    createSAMLIdentityProvider(input: $input) {
+      id
+      type
+      issuer
+      name
+      status
+    }
+  }
+`;
--- a/packages/twenty-front/src/modules/settings/security/graphql/mutations/deleteSSOIdentityProvider.ts
+++ b/packages/twenty-front/src/modules/settings/security/graphql/mutations/deleteSSOIdentityProvider.ts
@ -0,0 +1,11 @@
+/* @license Enterprise */
+
+import { gql } from '@apollo/client';
+
+export const DELETE_SSO_IDENTITY_PROVIDER = gql`
+  mutation DeleteSSOIdentityProvider($input: DeleteSsoInput!) {
+    deleteSSOIdentityProvider(input: $input) {
+      identityProviderId
+    }
+  }
+`;
--- a/packages/twenty-front/src/modules/settings/security/graphql/mutations/editSSOIdentityProvider.ts
+++ b/packages/twenty-front/src/modules/settings/security/graphql/mutations/editSSOIdentityProvider.ts
@ -0,0 +1,15 @@
+/* @license Enterprise */
+
+import { gql } from '@apollo/client';
+
+export const EDIT_SSO_IDENTITY_PROVIDER = gql`
+  mutation EditSSOIdentityProvider($input: EditSsoInput!) {
+    editSSOIdentityProvider(input: $input) {
+      id
+      type
+      issuer
+      name
+      status
+    }
+  }
+`;
--- a/packages/twenty-front/src/modules/settings/security/graphql/queries/getWorkspaceSSOIdentitiesProviders.ts
+++ b/packages/twenty-front/src/modules/settings/security/graphql/queries/getWorkspaceSSOIdentitiesProviders.ts
@ -0,0 +1,15 @@
+/* @license Enterprise */
+
+import { gql } from '@apollo/client';
+
+export const LIST_WORKSPACE_SSO_IDENTITY_PROVIDERS = gql`
+  query ListSSOIdentityProvidersByWorkspaceId {
+    listSSOIdentityProvidersByWorkspaceId {
+      type
+      id
+      name
+      issuer
+      status
+    }
+  }
+`;