bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-21 02:33:30 +00:00
Code Issues Releases Wiki Activity

[PM-1632] Redirect on SsoRequired - return SsoOrganizationIdentifier (#6597)

Browse Source 
feat: add SSO request validation and organization identifier lookup

- Implement SsoRequestValidator to validate SSO requirements
- Add UserSsoOrganizationIdentifierQuery to fetch organization identifiers
- Create SsoOrganizationIdentifier custom response for SSO redirects
- Add feature flag (RedirectOnSsoRequired) for gradual rollout
- Register validators and queries in dependency injection
- Create RequestValidationConstants to reduce magic strings
- Add comprehensive test coverage for validation logic
- Update BaseRequestValidator to consume SsoRequestValidator
This commit is contained in:
Ike
2025-11-30 16:55:47 -05:00
committed by GitHub
parent f151abee54
commit 8a67aafbe5
18 changed files with 1448 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
test/Identity.Test/Wrappers/BaseRequestValidatorTestWrapper.cs
View File

@@ -54,6 +54,7 @@ IBaseRequestValidatorTestWrapper
IEventService eventService,
IDeviceValidator deviceValidator,
ITwoFactorAuthenticationValidator twoFactorAuthenticationValidator,
ISsoRequestValidator ssoRequestValidator,
IOrganizationUserRepository organizationUserRepository,
ILogger logger,
ICurrentContext currentContext,
@@ -73,6 +74,7 @@ IBaseRequestValidatorTestWrapper
eventService,
deviceValidator,
twoFactorAuthenticationValidator,
ssoRequestValidator,
organizationUserRepository,
logger,
currentContext,
@@ -132,12 +134,17 @@ IBaseRequestValidatorTestWrapper
protected override void SetTwoFactorResult(
BaseRequestValidationContextFake context,
Dictionary<string, object> customResponse)
{ }
{
context.GrantResult = new GrantValidationResult(
TokenRequestErrors.InvalidGrant, "Two-factor authentication required.", customResponse);
}
protected override void SetValidationErrorResult(
BaseRequestValidationContextFake context,
CustomValidatorRequestContext requestContext)
{ }
{
context.GrantResult.IsError = true;
}
protected override Task<bool> ValidateContextAsync(
BaseRequestValidationContextFake context,