From a2b03662673929aa3fbd6d457da7b374d5a9b495 Mon Sep 17 00:00:00 2001 From: Kraiem Taha Yassine Date: Wed, 4 Sep 2024 18:17:01 +0200 Subject: [PATCH] Dev (#2536) * fix(chalice): fixed Math-operators validation refactor(chalice): search for sessions that have events for heatmaps * refactor(chalice): search for sessions that have at least 1 location event for heatmaps * fix(chalice): fixed Math-operators validation refactor(chalice): search for sessions that have events for heatmaps * refactor(chalice): search for sessions that have at least 1 location event for heatmaps * feat(chalice): autocomplete return top 10 with stats * fix(chalice): fixed autocomplete top 10 meta-filters * refactor(chalice): refactored SSO dependency * refactor(chalice): handle SSO configuration not available --- ee/api/chalicelib/utils/SAML2_helper.py | 4 +++- ee/api/routers/saml.py | 22 +++++++++++----------- 2 files changed, 14 insertions(+), 12 deletions(-) diff --git a/ee/api/chalicelib/utils/SAML2_helper.py b/ee/api/chalicelib/utils/SAML2_helper.py index c8431208a..cbfcccaab 100644 --- a/ee/api/chalicelib/utils/SAML2_helper.py +++ b/ee/api/chalicelib/utils/SAML2_helper.py @@ -5,7 +5,7 @@ from os import environ from urllib.parse import urlparse from decouple import config -from fastapi import Request +from fastapi import Request, HTTPException from starlette.datastructures import FormData if config("ENABLE_SSO", cast=bool, default=True): @@ -84,6 +84,8 @@ def init_saml_auth(req): async def prepare_request(request: Request): + if not is_saml2_available(): + raise HTTPException(status_code=401, detail="SSO configuration not available.") request.args = dict(request.query_params).copy() if request.query_params else {} form: FormData = await request.form() request.form = dict(form) diff --git a/ee/api/routers/saml.py b/ee/api/routers/saml.py index c340ffea8..a06d669ad 100644 --- a/ee/api/routers/saml.py +++ b/ee/api/routers/saml.py @@ -12,11 +12,11 @@ from routers.base import get_routers logger = logging.getLogger(__name__) -public_app, app, app_apikey = get_routers() +public_app, app, app_apikey = get_routers(prefix="/sso/saml2") -@public_app.get("/sso/saml2", tags=["saml2"]) -@public_app.get("/sso/saml2/", tags=["saml2"]) +@public_app.get("", tags=["saml2"]) +@public_app.get("/", tags=["saml2"]) async def start_sso(request: Request, iFrame: bool = False, spot: bool = False): request.path = '' req = await SAML2_helper.prepare_request(request=request) @@ -170,20 +170,20 @@ async def __process_assertion(request: Request, tenant_key=None) -> Response | d return response -@public_app.post('/sso/saml2/acs', tags=["saml2"]) -@public_app.post('/sso/saml2/acs/', tags=["saml2"]) +@public_app.post('/acs', tags=["saml2"]) +@public_app.post('/acs/', tags=["saml2"]) async def process_sso_assertion(request: Request): return await __process_assertion(request=request) -@public_app.post('/sso/saml2/acs/{tenantKey}', tags=["saml2"]) -@public_app.post('/sso/saml2/acs/{tenantKey}/', tags=["saml2"]) +@public_app.post('/acs/{tenantKey}', tags=["saml2"]) +@public_app.post('/acs/{tenantKey}/', tags=["saml2"]) async def process_sso_assertion_tk(tenantKey: str, request: Request): return await __process_assertion(request=request, tenant_key=tenantKey) -@public_app.get('/sso/saml2/sls', tags=["saml2"]) -@public_app.get('/sso/saml2/sls/', tags=["saml2"]) +@public_app.get('/sls', tags=["saml2"]) +@public_app.get('/sls/', tags=["saml2"]) async def process_sls_assertion(request: Request): req = await SAML2_helper.prepare_request(request=request) session = req["cookie"]["session"] @@ -218,8 +218,8 @@ async def process_sls_assertion(request: Request): return RedirectResponse(url=config("SITE_URL")) -@public_app.get('/sso/saml2/metadata', tags=["saml2"]) -@public_app.get('/sso/saml2/metadata/', tags=["saml2"]) +@public_app.get('/metadata', tags=["saml2"]) +@public_app.get('/metadata/', tags=["saml2"]) async def saml2_metadata(request: Request): req = await SAML2_helper.prepare_request(request=request) auth = SAML2_helper.init_saml_auth(req)