sinvo/docmost
1
0
Fork 0
mirror of https://github.com/docmost/docmost.git synced 2026-05-07 06:23:06 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat(saml): allow disabling RequestedAuthnContext via env var

Browse Source 
Adds SAML_DISABLE_REQUESTED_AUTHN_CONTEXT env var, passed through
    to the SAML strategy's disableRequestedAuthnContext option.
    Defaults to existing behavior (element sent). Set to true to omit
    the element when the IdP authenticates the user with a method that
    does not match (e.g. MFA, FIDO, passwordless), which would
    otherwise cause AADSTS75011 with Microsoft Entra ID.
This commit is contained in:
Philipinho
2026-05-01 11:47:03 +01:00
parent 09c69d7a0f
commit a0aea43e25
2 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps/server/src/ee
+1 -1
Submodule apps/server/src/ee updated: 4101fc427b...fabe272987
apps/server/src/integrations/environment/environment.service.ts
+7
View File
@@ -304,4 +304,11 @@ export class EnvironmentService {
getClickHouseUrl(): string { getClickHouseUrl(): string {
return this.configService.get<string>('CLICKHOUSE_URL'); return this.configService.get<string>('CLICKHOUSE_URL');
} }
getSamlDisableRequestedAuthnContext(): boolean {
const disabled = this.configService
.get<string>('SAML_DISABLE_REQUESTED_AUTHN_CONTEXT', 'false')
.toLowerCase();
return disabled === 'true';
}
} }