fix(sso): adjust callback URL generation for SAML and OIDC (#9460)

Updated SAML-specific callback URL handling to include the ID, while
OIDC URLs now use the server base URL from config. Also added a debug
log in SSO authentication and cleaned up redirection URL logic in the
frontend.

packages/twenty-front/src/modules/settings/security/components/SettingsSSOOIDCForm.tsx

@@ -7,6 +7,7 @@ import { useTheme } from '@emotion/react';
 import styled from '@emotion/styled';
 import { Controller, useFormContext } from 'react-hook-form';
 import { Button, H2Title, IconCopy, Section } from 'twenty-ui';
+import { REACT_APP_SERVER_BASE_URL } from '~/config';
 
 const StyledInputsContainer = styled.div`
   display: flex;
@@ -36,7 +37,7 @@ export const SettingsSSOOIDCForm = () => {
   const theme = useTheme();
 
   const authorizedUrl = window.location.origin;
-  const redirectionUrl = `${window.location.origin}/auth/oidc/callback`;
+  const redirectionUrl = `${REACT_APP_SERVER_BASE_URL}/auth/oidc/callback`;
 
   return (
     <>

packages/twenty-server/src/engine/core-modules/sso/services/sso.service.ts

@@ -159,7 +159,11 @@ export class SSOService {
   ) {
     const callbackURL = new URL(this.environmentService.get('SERVER_URL'));
 
-    callbackURL.pathname = `/auth/${identityProvider.type.toLowerCase()}/callback/${identityProvider.id}`;
+    callbackURL.pathname = `/auth/${identityProvider.type.toLowerCase()}/callback`;
+
+    if (identityProvider.type === IdentityProviderType.SAML) {
+      callbackURL.pathname += `/${identityProvider.id}`;
+    }
 
     return callbackURL.toString();
   }