GitHub-Proxy/signoz
1
0
Fork 0
mirror of https://git.mirrors.martin98.com/https://github.com/SigNoz/signoz synced 2025-08-12 21:28:59 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix(saml): handle invalid email domain (#5564)

Browse Source 
### Summary

Handle the scenario when email with domain is used for SSO Login which does not match authenticated domains.

Signed-off-by: Prashant Shahi <prashant@signoz.io>
This commit is contained in:
Prashant Shahi 2024-07-26 18:41:39 +05:30 committed by GitHub
parent eefccafa5b
commit ba7e6fcf23
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ee/query-service/dao/sqlite/auth.go
View File

@ -20,11 +20,14 @@ import (
func (m *modelDao) createUserForSAMLRequest(ctx context.Context, email string) (*basemodel.User, basemodel.BaseApiError) {
// get auth domain from email domain
domain, apierr := m.GetDomainByEmail(ctx, email)
if apierr != nil {
zap.L().Error("failed to get domain from email", zap.Error(apierr))
return nil, model.InternalErrorStr("failed to get domain from email")
}
if domain == nil {
zap.L().Error("email domain does not match any authenticated domain", zap.String("email", email))
return nil, model.InternalErrorStr("email domain does not match any authenticated domain")
}
hash, err := baseauth.PasswordHash(utils.GeneratePassowrd())
if err != nil {