Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
50,649 Commits 28 Branches 142 Tags 769 MiB
Commit Graph

4 Commits

Author SHA1 Message Date
Mateusz Mandera 4105ccdb17 saml: Implement IdP-initated logout for Keycloak. 
Fixes #13948.
 2021-10-27 13:13:55 -07:00
Brainrecursion 30eaed0378 saml: Add option to restrict subdomain access based on SAML attributes. 
Adds the ability to set a SAML attribute which contains a
list of subdomains the user is allowed to access. This allows a Zulip
server with multiple organizations to filter using SAML attributes
which organization each user can access.

Cleaned up and adapted by Mateusz Mandera to fit our conventions and
needs more.

Co-authored-by: Mateusz Mandera <mateusz.mandera@zulip.com>
 2020-06-23 17:14:31 -07:00
Mateusz Mandera dac4a7a70b saml: Figure out the idp from SAMLResponse. 
Instead of plumbing the idp to /complete/saml/ through redis, it's much
more natural to just figure it out from the SAMLResponse, because the
information is there.
This is also a preparatory step for adding IdP-initiated sign in, for
which it is important for /complete/saml/ to be able to figure out which
IdP the request is coming from.
 2020-05-24 16:40:28 -07:00
Mateusz Mandera 4dc3ed36c3 auth: Add initial SAML authentication support. 
There are a few outstanding issues that we expect to resolve beforce
including this in a release, but this is good checkpoint to merge.

This PR is a collaboration with Tim Abbott.

Fixes #716.
 2019-10-10 15:44:34 -07:00