search

calcom / cal.com

Scheduling infrastructure for absolutely everyone.
https://cal.com
Other
32.42k stars 8k forks source link

Server-side props not passed correctly for Direct SSO path. #14499

Open dmonn opened 7 months ago

dmonn commented 7 months ago

cc @deepakprabhakara @ukrocks007

Issue Summary

Invoking SSO through the /auth/sso/direct path (on self-hosted) leads to a "No SSO connection found" error

CleanShot 2024-04-10 at 17 24 47@2x

Upon inspection, samlTenantID and samlProductID are undefined/null in this path.

https://github.com/calcom/cal.com/blob/main/apps/web/pages/auth/sso/direct.tsx#L34

Hard-coding both to "Cal.com" solves the issue.

Authentication with SSO through the login screen still works

Steps to Reproduce

  1. Create an SSO setup through the UI (we tested with an OIDC setup)
  2. Navigate to <your-instance>/auth/sso/direct

Actual Results

User is being redirected to <instance>/api/auth/saml/authorize?client_id=dummy&scope=&response_type=code&redirect_uri=....&provider=saml&tenant=undefined&product=undefined&state=.....&code_challenge_method=S256

CleanShot 2024-04-10 at 17 24 47@2x

Expected Results

The user should be redirected to the SSO authentication endpoint and authenticated in Cal

Technical details

The error was created sometime between v3.6.4 and v3.8.9. An update of our self-hosted instance between those versions made the issue appear. Potentially caused by #13200

Evidence

Tested & successfully reproduced by the Boxy team @ukrocks007 & Aswin Venugopal

dosubot[bot] commented 7 months ago

It looks like the issue with server-side props not being passed correctly for the Direct SSO path might be due to a problem in the getServerSideProps function, specifically in how samlTenantID and samlProductID are fetched and passed to the component. Here's a focused approach to address this:

  1. Check getServerSideProps Implementation: Ensure it's correctly fetching samlTenantID and samlProductID. This function is crucial for passing these values to your component.

  2. Data Passing Verification: In the return statement of getServerSideProps, confirm that the fetched IDs are correctly structured as props:

return {
  props: {
    samlTenantID: fetchedSamlTenantID,
    samlProductID: fetchedSamlProductID,
  },
};

  1. Environment Variables: If these IDs are stored as environment variables, verify they're correctly loaded in getServerSideProps.

  2. Debugging: Implement console logs within getServerSideProps and the component to ensure IDs are fetched and received as expected.

  3. SSO Configuration Check: Double-check your SSO configuration to ensure the tenant and product identifiers are correctly set.

This targeted approach should help in resolving the issue with the Direct SSO path. If you encounter further issues or need more guidance, feel free to reach out.

Sources

#### About Dosu This response is meant to be useful and save you time. It is **not meant to be a precise solution**, but rather a starting point for your own research. Help me be more useful! Please leave a 👍 if this is helpful and 👎 if it is irrelevant. If you want to continue the conversation, start your reply with @dosu-bot.