feat(sso): enhance SSO provider management and trusted origins handling

- Added logic to retrieve and delete SSO providers, ensuring proper permission checks and error handling.
- Updated user trusted origins when adding or removing SSO providers, maintaining accurate origin lists.
- Refactored trusted origins retrieval to improve clarity and efficiency in the authentication process.
- Introduced utility functions for normalizing trusted origins and converting request headers.
This commit is contained in:
Mauricio Siu
2026-02-05 00:55:17 -06:00
parent 9910c0e602
commit 542ccc4479
5 changed files with 120 additions and 38 deletions

View File

@@ -116,3 +116,18 @@ export const getDokployUrl = async () => {
}
return `http://${settings?.serverIp}:${process.env.PORT}`;
};
export const getTrustedOrigins = async () => {
const members = await db.query.member.findMany({
where: eq(member.role, "owner"),
with: {
user: true,
},
});
const trustedOrigins = members.flatMap(
(member) => member.user.trustedOrigins || [],
);
return Array.from(new Set(trustedOrigins));
};

View File

@@ -13,3 +13,23 @@ export const getSSOProviders = async () => {
});
return providers;
};
export const requestToHeaders = (req: {
headers?: Record<string, string | string[] | undefined>;
}): Headers => {
const headers = new Headers();
if (req?.headers) {
for (const [key, value] of Object.entries(req.headers)) {
if (value !== undefined && key.toLowerCase() !== "host") {
headers.set(key, Array.isArray(value) ? value.join(", ") : value);
}
}
}
return headers;
};
export const normalizeTrustedOrigin = (value: string): string => {
// Keep it simple: trim and remove trailing slashes.
// e.g. "https://example.com/" -> "https://example.com"
return value.trim().replace(/\/+$/, "");
};