3 år sedan · d566bab9cc
--- a/api/server/handlers/saml/create_integration.go
+++ b/api/server/handlers/saml/create_integration.go
@@ -0,0 +1,39 @@
 
				+package saml
			
 
				+
			
 
				+import (
			
 
				+	"errors"
			
 
				+	"net/http"
			
 
				+
			
 
				+	"github.com/porter-dev/porter/api/server/handlers"
			
 
				+	"github.com/porter-dev/porter/api/server/shared"
			
 
				+	"github.com/porter-dev/porter/api/server/shared/apierrors"
			
 
				+	"github.com/porter-dev/porter/api/server/shared/config"
			
 
				+	"github.com/porter-dev/porter/api/types"
			
 
				+	"github.com/porter-dev/porter/internal/models"
			
 
				+)
			
 
				+
			
 
				+type CreateSAMLIntegrationHandler struct {
			
 
				+	handlers.PorterHandlerReadWriter
			
 
				+}
			
 
				+
			
 
				+func NewCreateSAMLIntegrationHandler(
			
 
				+	config *config.Config,
			
 
				+	decoderValidator shared.RequestDecoderValidator,
			
 
				+	writer shared.ResultWriter,
			
 
				+) *CreateSAMLIntegrationHandler {
			
 
				+	return &CreateSAMLIntegrationHandler{
			
 
				+		PorterHandlerReadWriter: handlers.NewDefaultPorterHandler(config, decoderValidator, writer),
			
 
				+	}
			
 
				+}
			
 
				+
			
 
				+func (h *CreateSAMLIntegrationHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
			
 
				+	project, _ := r.Context().Value(types.ProjectScope).(*models.Project)
			
 
				+
			
 
				+	if !project.SAMLSSOEnabled {
			
 
				+		h.HandleAPIError(w, r, apierrors.NewErrForbidden(errors.New("SAML SSO is not enabled for this project")))
			
 
				+		return
			
 
				+	}
			
 
				+
			
 
				+	// FIXME: check if user has necessary permissions to make this request with RBAC
			
 
				+
			
 
				+}
			
--- a/api/server/router/base.go
+++ b/api/server/router/base.go
@@ -568,30 +568,5 @@ func GetBaseRoutes(
 
				 		Router:   r,
			
 
				 	})
			
 
				 
			
 
				-	// // GET /api/login/saml/{idp} -> saml.NewSAMLLoginHandler
			
 
				-	// samlLoginEndpoint := factory.NewAPIEndpoint(
			
 
				-	// 	&types.APIRequestMetadata{
			
 
				-	// 		Verb:   types.APIVerbGet,
			
 
				-	// 		Method: types.HTTPVerbGet,
			
 
				-	// 		Path: &types.Path{
			
 
				-	// 			Parent:       basePath,
			
 
				-	// 			RelativePath: "/login/saml/{idp}",
			
 
				-	// 		},
			
 
				-	// 		Scopes: []types.PermissionScope{},
			
 
				-	// 	},
			
 
				-	// )
			
 
				-
			
 
				-	// samlLoginHandler := credentials.NewGetCredentialsHandler(
			
 
				-	// 	config,
			
 
				-	// 	factory.GetDecoderValidator(),
			
 
				-	// 	factory.GetResultWriter(),
			
 
				-	// )
			
 
				-
			
 
				-	// routes = append(routes, &router.Route{
			
 
				-	// 	Endpoint: samlLoginEndpoint,
			
 
				-	// 	Handler:  samlLoginHandler,
			
 
				-	// 	Router:   r,
			
 
				-	// })
			
 
				-
			
 
				 	return routes
			
 
				 }
			
--- a/api/server/router/project.go
+++ b/api/server/router/project.go
@@ -13,6 +13,7 @@ import (
 
				 	"github.com/porter-dev/porter/api/server/handlers/policy"
			
 
				 	"github.com/porter-dev/porter/api/server/handlers/project"
			
 
				 	"github.com/porter-dev/porter/api/server/handlers/registry"
			
 
				+	"github.com/porter-dev/porter/api/server/handlers/saml"
			
 
				 	"github.com/porter-dev/porter/api/server/shared"
			
 
				 	"github.com/porter-dev/porter/api/server/shared/config"
			
 
				 	"github.com/porter-dev/porter/api/server/shared/router"
			
@@ -1261,5 +1262,34 @@ func getProjectRoutes(
 
				 		Router:   r,
			
 
				 	})
			
 
				 
			
 
				+	// POST /api/projects/{project_id}/saml -> saml.NewCreateSAMLIntegrationHandler
			
 
				+	createSAMLEndpoint := factory.NewAPIEndpoint(
			
 
				+		&types.APIRequestMetadata{
			
 
				+			Verb:   types.APIVerbCreate,
			
 
				+			Method: types.HTTPVerbPost,
			
 
				+			Path: &types.Path{
			
 
				+				Parent:       basePath,
			
 
				+				RelativePath: relPath + "/saml",
			
 
				+			},
			
 
				+			Scopes: []types.PermissionScope{
			
 
				+				types.UserScope,
			
 
				+				types.ProjectScope,
			
 
				+				types.SettingsScope,
			
 
				+			},
			
 
				+		},
			
 
				+	)
			
 
				+
			
 
				+	createSAMLHandler := saml.NewCreateSAMLIntegrationHandler(
			
 
				+		config,
			
 
				+		factory.GetDecoderValidator(),
			
 
				+		factory.GetResultWriter(),
			
 
				+	)
			
 
				+
			
 
				+	routes = append(routes, &router.Route{
			
 
				+		Endpoint: createSAMLEndpoint,
			
 
				+		Handler:  createSAMLHandler,
			
 
				+		Router:   r,
			
 
				+	})
			
 
				+
			
 
				 	return routes, newPath
			
 
				 }
			
--- a/api/types/project.go
+++ b/api/types/project.go
@@ -9,6 +9,7 @@ type Project struct {
 
				 	ManagedInfraEnabled bool    `json:"managed_infra_enabled"`
			
 
				 	APITokensEnabled    bool    `json:"api_tokens_enabled"`
			
 
				 	StacksEnabled       bool    `json:"stacks_enabled"`
			
 
				+	SAMLSSOEnabled      bool    `json:"saml_sso_enabled"`
			
 
				 }
			
 
				 
			
 
				 type FeatureFlags struct {
			
--- a/internal/models/project.go
+++ b/internal/models/project.go
@@ -63,6 +63,7 @@ type Project struct {
 
				 	ManagedInfraEnabled bool
			
 
				 	StacksEnabled       bool
			
 
				 	APITokensEnabled    bool
			
 
				+	SAMLSSOEnabled      bool
			
 
				 }
			
 
				 
			
 
				 // ToProjectType generates an external types.Project to be shared over REST
			
@@ -82,5 +83,6 @@ func (p *Project) ToProjectType() *types.Project {
 
				 		ManagedInfraEnabled: p.ManagedInfraEnabled,
			
 
				 		StacksEnabled:       p.StacksEnabled,
			
 
				 		APITokensEnabled:    p.APITokensEnabled,
			
 
				+		SAMLSSOEnabled:      p.SAMLSSOEnabled,
			
 
				 	}
			
 
				 }