feat(sso): fix saml + allow to use public invite with sso + fix invite page with multiple sso provider (#9963)

- Fix SAML issue - Fix the wrong state on the Invite page when multiple SSO provider exists - Allow to signup with SSO and public invite link - For OIDC, use the property upn to guess email for Microsoft and enable oidc with a specific context in azure - Improve error in OIDC flow when email not found
2025-02-03 18:48:25 +01:00
parent 253a3eb83f
commit 47487f5d1c
14 changed files with 122 additions and 92 deletions
--- a/packages/twenty-front/src/modules/app/hooks/useCreateAppRouter.tsx
+++ b/packages/twenty-front/src/modules/app/hooks/useCreateAppRouter.tsx
@ -13,7 +13,6 @@ import {
  Route,
 } from 'react-router-dom';
 import { Authorize } from '~/pages/auth/Authorize';
-import { Invite } from '~/pages/auth/Invite';
 import { PasswordReset } from '~/pages/auth/PasswordReset';
 import { SignInUp } from '~/pages/auth/SignInUp';
 import { NotFound } from '~/pages/not-found/NotFound';
@ -43,7 +42,7 @@ export const useCreateAppRouter = (
          <Route path={AppPath.Verify} element={<VerifyEffect />} />
          <Route path={AppPath.VerifyEmail} element={<VerifyEmailEffect />} />
          <Route path={AppPath.SignInUp} element={<SignInUp />} />
-          <Route path={AppPath.Invite} element={<Invite />} />
+          <Route path={AppPath.Invite} element={<SignInUp />} />
          <Route path={AppPath.ResetPassword} element={<PasswordReset />} />
          <Route path={AppPath.CreateWorkspace} element={<CreateWorkspace />} />
          <Route path={AppPath.CreateProfile} element={<CreateProfile />} />
--- a/packages/twenty-front/src/modules/auth/sign-in-up/hooks/useSSO.ts
+++ b/packages/twenty-front/src/modules/auth/sign-in-up/hooks/useSSO.ts
@ -5,11 +5,13 @@ import { useRedirect } from '@/domain-manager/hooks/useRedirect';
 import { SnackBarVariant } from '@/ui/feedback/snack-bar-manager/components/SnackBar';
 import { useSnackBar } from '@/ui/feedback/snack-bar-manager/hooks/useSnackBar';
 import { useApolloClient } from '@apollo/client';
+import { useParams } from 'react-router-dom';

 export const useSSO = () => {
  const apolloClient = useApolloClient();
-  const { enqueueSnackBar } = useSnackBar();
+  const workspaceInviteHash = useParams().workspaceInviteHash;

+  const { enqueueSnackBar } = useSnackBar();
  const { redirect } = useRedirect();

  const redirectToSSOLoginPage = async (identityProviderId: string) => {
@ -18,7 +20,7 @@ export const useSSO = () => {
      authorizationUrlForSSOResult = await apolloClient.mutate({
        mutation: GET_AUTHORIZATION_URL,
        variables: {
-          input: { identityProviderId },
+          input: { identityProviderId, workspaceInviteHash },
        },
      });
    } catch (error: any) {
--- a/packages/twenty-front/src/modules/auth/sign-in-up/hooks/useWorkspaceFromInviteHash.ts
+++ b/packages/twenty-front/src/modules/auth/sign-in-up/hooks/useWorkspaceFromInviteHash.ts
@ -24,6 +24,7 @@ export const useWorkspaceFromInviteHash = () => {
  );
  const { data: workspaceFromInviteHash, loading } =
    useGetWorkspaceFromInviteHashQuery({
+      skip: !workspaceInviteHash,
      variables: { inviteHash: workspaceInviteHash || '' },
      onError: (error) => {
        enqueueSnackBar(error.message, {