Skip to content

sso: add Assertions signed validation checkbox#1440

Merged
lyubov-voloshko merged 2 commits into
mainfrom
fixes
Nov 19, 2025
Merged

sso: add Assertions signed validation checkbox#1440
lyubov-voloshko merged 2 commits into
mainfrom
fixes

Conversation

@lyubov-voloshko

Copy link
Copy Markdown
Collaborator

No description provided.

Copilot AI review requested due to automatic review settings November 19, 2025 13:03

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds a new "Assertions signed validation" checkbox to the SSO SAML configuration form, allowing administrators to enable validation of signed assertions. Additionally, label casing has been standardized to sentence case for better UI consistency.

Key Changes

  • Added new assertionsSignedValidation boolean field to the SamlConfig interface and component
  • Changed default value of authnResponseSignedValidation from true to false
  • Updated label casing to sentence case for improved UI consistency

Reviewed Changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.

File Description
frontend/src/app/models/company.ts Added assertionsSignedValidation boolean field to SamlConfig interface and changed authnResponseSignedValidation from literal type to boolean
frontend/src/app/components/sso/sso.component.ts Initialized new assertionsSignedValidation field with default value false, and changed authnResponseSignedValidation default from true to false
frontend/src/app/components/sso/sso.component.html Added new checkbox for assertions signed validation and updated label casing to sentence case for multiple form labels
frontend/src/app/components/sso/sso.component.css Adjusted top margin for checkboxes from -4px to -8px to accommodate additional checkbox spacing

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment on lines 71 to 72
digestAlgorithm: "sha256",
active: true,

Copilot AI Nov 19, 2025

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Type inconsistency: digestAlgorithm and active are defined with literal type values ("sha256" and true) instead of their proper types (string and boolean). This prevents them from accepting other valid values. Consider changing to:

digestAlgorithm: string,
active: boolean,
Suggested change
digestAlgorithm: "sha256",
active: true,
digestAlgorithm: string,
active: boolean,

Copilot uses AI. Check for mistakes.
digestAlgorithm: "sha256",
active: true,
authnResponseSignedValidation: true,
authnResponseSignedValidation: false,

Copilot AI Nov 19, 2025

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The default value for authnResponseSignedValidation changed from true to false. This is a breaking change that could affect security if existing configurations rely on the previous default behavior. If this change is intentional, ensure that existing SAML configurations are migrated appropriately, or consider keeping the default as true for security reasons.

Suggested change
authnResponseSignedValidation: false,
authnResponseSignedValidation: true,

Copilot uses AI. Check for mistakes.
@lyubov-voloshko lyubov-voloshko merged commit 47cb501 into main Nov 19, 2025
13 checks passed
@lyubov-voloshko lyubov-voloshko deleted the fixes branch November 19, 2025 13:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants