feat(auth): enhance SSO handling and workspace auth logic (#9858)

- Return only SSO providers with an `activate` status - If only 1 SSO provider is enabled for auth, redirect the user to the provider login page. - if only SSO auth is available set the step to SSO selection. --------- Co-authored-by: Charles Bochet <charles@twenty.com>
2025-01-29 19:28:21 +01:00
parent 85df6ada52
commit 4edeb7f991
12 changed files with 215 additions and 149 deletions
--- a/packages/twenty-front/src/modules/auth/sign-in-up/hooks/useSSO.ts
+++ b/packages/twenty-front/src/modules/auth/sign-in-up/hooks/useSSO.ts
@ -1,53 +1,38 @@
 /* @license Enterprise */

+import { GET_AUTHORIZATION_URL } from '@/auth/graphql/mutations/getAuthorizationUrl';
+import { useRedirect } from '@/domain-manager/hooks/useRedirect';
 import { SnackBarVariant } from '@/ui/feedback/snack-bar-manager/components/SnackBar';
 import { useSnackBar } from '@/ui/feedback/snack-bar-manager/hooks/useSnackBar';
-import {
-  GetAuthorizationUrlMutationVariables,
-  useGetAuthorizationUrlMutation,
-} from '~/generated/graphql';
-import { isDefined } from '~/utils/isDefined';
+import { useApolloClient } from '@apollo/client';

 export const useSSO = () => {
+  const apolloClient = useApolloClient();
  const { enqueueSnackBar } = useSnackBar();

-  const [getAuthorizationUrlMutation] = useGetAuthorizationUrlMutation();
-
-  const getAuthorizationUrlForSSO = async ({
-    identityProviderId,
-  }: GetAuthorizationUrlMutationVariables['input']) => {
-    return await getAuthorizationUrlMutation({
-      variables: {
-        input: { identityProviderId },
-      },
-    });
-  };
+  const { redirect } = useRedirect();

  const redirectToSSOLoginPage = async (identityProviderId: string) => {
-    const authorizationUrlForSSOResult = await getAuthorizationUrlForSSO({
-      identityProviderId,
-    });
-
-    if (
-      isDefined(authorizationUrlForSSOResult.errors) ||
-      !authorizationUrlForSSOResult.data ||
-      !authorizationUrlForSSOResult.data?.getAuthorizationUrl.authorizationURL
-    ) {
-      return enqueueSnackBar(
-        authorizationUrlForSSOResult.errors?.[0]?.message ?? 'Unknown error',
-        {
-          variant: SnackBarVariant.Error,
+    let authorizationUrlForSSOResult;
+    try {
+      authorizationUrlForSSOResult = await apolloClient.mutate({
+        mutation: GET_AUTHORIZATION_URL,
+        variables: {
+          input: { identityProviderId },
        },
-      );
+      });
+    } catch (error: any) {
+      return enqueueSnackBar(error?.message ?? 'Unknown error', {
+        variant: SnackBarVariant.Error,
+      });
    }

-    window.location.href =
-      authorizationUrlForSSOResult.data?.getAuthorizationUrl.authorizationURL;
-    return;
+    redirect(
+      authorizationUrlForSSOResult.data?.getAuthorizationUrl.authorizationURL,
+    );
  };

  return {
    redirectToSSOLoginPage,
-    getAuthorizationUrlForSSO,
  };
 };