(core) revive saml support and test against Auth0

Summary: SAML support had broken due to SameSite changes in browsers. This makes it work again, and tests it against Auth0 (now owned by Okta). Logging in and out works. The logged out state is confusing, and may not be complete. The "Add Account" menu item doesn't work. But with this, an important part of self-hosting becomes easier. SAML support works also in grist-core, for site pages, but there is a glitch on document pages that I'll look into separately. Test Plan: tested manually Reviewers: dsagal Reviewed By: dsagal Differential Revision: https://phab.getgrist.com/D2976
2026-03-02 04:09:24 +00:00 · 2021-08-16 11:11:17 -04:00
parent 800731e771
commit 54beaede84
13 changed files with 488 additions and 91 deletions
--- a/app/server/lib/Sessions.ts
+++ b/app/server/lib/Sessions.ts
@@ -30,11 +30,11 @@ export class Sessions {
  }

  /**
-   * Get the session id and organization from the request, and return the
-   * identified session.
+   * Get the session id and organization from the request (or just pass it in if known), and
+   * return the identified session.
   */
-  public getOrCreateSessionFromRequest(req: Request): ScopedSession {
-    const sid = this.getSessionIdFromRequest(req);
+  public getOrCreateSessionFromRequest(req: Request, sessionId?: string): ScopedSession {
+    const sid = sessionId || this.getSessionIdFromRequest(req);
    const org = (req as any).org;
    if (!sid) { throw new Error("session not found"); }
    return this.getOrCreateSession(sid, org, '');  // TODO: allow for tying to a preferred user.