From 27b58e9f43f28091b4bdc23ffaad6d193de932ac Mon Sep 17 00:00:00 2001 From: Antoine Moreaux Date: Wed, 8 Jan 2025 17:03:30 +0100 Subject: [PATCH] fix(sso): adjust callback URL generation for SAML and OIDC (#9460) Updated SAML-specific callback URL handling to include the ID, while OIDC URLs now use the server base URL from config. Also added a debug log in SSO authentication and cleaned up redirection URL logic in the frontend. --- .../settings/security/components/SettingsSSOOIDCForm.tsx | 3 ++- .../src/engine/core-modules/sso/services/sso.service.ts | 6 +++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/packages/twenty-front/src/modules/settings/security/components/SettingsSSOOIDCForm.tsx b/packages/twenty-front/src/modules/settings/security/components/SettingsSSOOIDCForm.tsx index dee52c125..dc49aaa87 100644 --- a/packages/twenty-front/src/modules/settings/security/components/SettingsSSOOIDCForm.tsx +++ b/packages/twenty-front/src/modules/settings/security/components/SettingsSSOOIDCForm.tsx @@ -7,6 +7,7 @@ import { useTheme } from '@emotion/react'; import styled from '@emotion/styled'; import { Controller, useFormContext } from 'react-hook-form'; import { Button, H2Title, IconCopy, Section } from 'twenty-ui'; +import { REACT_APP_SERVER_BASE_URL } from '~/config'; const StyledInputsContainer = styled.div` display: flex; @@ -36,7 +37,7 @@ export const SettingsSSOOIDCForm = () => { const theme = useTheme(); const authorizedUrl = window.location.origin; - const redirectionUrl = `${window.location.origin}/auth/oidc/callback`; + const redirectionUrl = `${REACT_APP_SERVER_BASE_URL}/auth/oidc/callback`; return ( <> diff --git a/packages/twenty-server/src/engine/core-modules/sso/services/sso.service.ts b/packages/twenty-server/src/engine/core-modules/sso/services/sso.service.ts index 2a2c5f791..6216d8019 100644 --- a/packages/twenty-server/src/engine/core-modules/sso/services/sso.service.ts +++ b/packages/twenty-server/src/engine/core-modules/sso/services/sso.service.ts @@ -159,7 +159,11 @@ export class SSOService { ) { const callbackURL = new URL(this.environmentService.get('SERVER_URL')); - callbackURL.pathname = `/auth/${identityProvider.type.toLowerCase()}/callback/${identityProvider.id}`; + callbackURL.pathname = `/auth/${identityProvider.type.toLowerCase()}/callback`; + + if (identityProvider.type === IdentityProviderType.SAML) { + callbackURL.pathname += `/${identityProvider.id}`; + } return callbackURL.toString(); }