Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-06 14:58:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 134
fleet/server/mdm/android
History
Lucas Manuel Rodriguez c69d56ed64
Replace home-made SAML implementation with https://github.com/crewjam/saml (#28486) 
For https://github.com/fleetdm/confidential/issues/9931.


[Here](ec3e8edbdc/docs/Contributing/Testing-and-local-development.md (L339))'s
how to test SAML locally with SimpleSAML.

- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Added/updated automated tests
- [x] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Improved SSO and SAML integration with enhanced session management
using secure cookies.
  * Added support for IdP-initiated login flows.
* Introduced new tests covering SSO login flows, metadata handling, and
error scenarios.

* **Bug Fixes**
* Enhanced validation and error handling for invalid or tampered SAML
responses.
  * Fixed session cookie handling during SSO and Apple MDM SSO flows.

* **Refactor**
* Replaced custom SAML implementation with the crewjam/saml library for
improved reliability.
  * Simplified SAML metadata parsing and session store management.
  * Streamlined SSO authorization request and response processing.
  * Removed deprecated fields and redundant code related to SSO.

* **Documentation**
* Updated testing and local development docs with clearer instructions
for SSO and IdP-initiated login.

* **Chores**
  * Upgraded dependencies including crewjam/saml and related packages.
* Cleaned up tests and configuration by removing deprecated fields and
unused imports.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2025-07-07 15:13:46 -03:00
..
mock Hook up Android fleetdm.com/proxy (#29645) 2025-06-12 19:42:15 -05:00
mysql Auto-generate and check Android schema.sql (#26720) 2025-02-28 16:30:40 -06:00
service Remove Android feature flag from frontend (#29890) 2025-06-12 20:05:56 -05:00
tests Replace home-made SAML implementation with https://github.com/crewjam/saml (#28486) 2025-07-07 15:13:46 -03:00
android.go Added Android activity and better handling of deleted users. (#26640) 2025-02-27 14:19:15 -06:00
arch_test.go Added GET enterprise API endpoint. (#26555) 2025-02-26 10:47:05 -06:00
datastore.go Auto-generate and check Android schema.sql (#26720) 2025-02-28 16:30:40 -06:00
errors.go Hook up Android fleetdm.com/proxy (#29645) 2025-06-12 19:42:15 -05:00
pubsub.go Added custom auth for PubSub push endpoint. (#26664) 2025-02-27 15:16:32 -06:00
README.md Basic Android enroll functionality (#26386) 2025-02-24 14:31:21 -06:00
service.go Added signup_token for Android signup callback authentication. (#26681) 2025-02-28 15:08:04 -06:00

README.md

The MDM Android package attempts to decouple Android-specific service and datastore implementations from the core Fleet server code.

Any tightly coupled code that needs both the core Fleet server and the Android-specific features must live in the main server/fleet, server/service, and server/datastore packages. Typical example are MySQL queries. Any code that implements Android-specific functionality should live in the server/mdm/android package. For example, the common code from server/datastore package can call the android datastore methods as needed.

This decoupled approach attempts to achieve the following goals:

  • Easier to understand and find Android-specific code.
  • Easier to fix Android-specific bugs and add new features.
  • Easier to maintain Android-specific feature branches.
  • Faster Android-specific tests, including ability to run all tests in parallel.