mirror of
https://github.com/fleetdm/fleet
synced 2026-05-24 09:28:54 +00:00
98cad56716
<!-- Add the related story/sub-task/bug number, like Resolves #123, or remove if NA --> **Related issue:** Resolves #41592 # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files) for more information. - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements), JS inline code is prevented especially for url redirects, and untrusted data interpolated into shell scripts/commands is validated against shell metacharacters. - [x] Timeouts are implemented and retries are limited to avoid infinite loops - [x] If paths of existing endpoints are modified without backwards compatibility, checked the frontend/CLI for any necessary changes ## Testing - [x] Added/updated automated tests - [x] QA'd all new/changed functionality manually <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Bug Fixes** * Fixed SSO failures when a custom Apple MDM URL is configured: callback requests are now redirected to the configured MDM URL when needed, and SAML validation correctly considers the configured MDM/server URLs so authentication succeeds for custom MDM setups. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|---|---|---|
| .. | ||
| testdata | ||
| authorization_request.go | ||
| authorization_request_test.go | ||
| authorization_response.go | ||
| authorization_response_test.go | ||
| saml_provider.go | ||
| session_store.go | ||
| session_store_test.go | ||
| settings.go | ||
| settings_test.go | ||
| validate_test.go | ||