🔑 feat: SAML authentication (#6169)

* feat: add SAML authentication

* refactor: change SAML icon

* refactor: resolve SAML metadata paths using paths.js

* test: add samlStrategy tests

* fix: update setupSaml import

* test: add SAML settings tests in config.spec.js

* test: add client tests

* refactor: improve SAML button label and fallback localization

* feat: allow only one authentication method OpenID or SAML at a time

* doc: add SAML configuration sample to docker-compose.override

* fix: require SAML_SESSION_SECRET to enable SAML

* feat: update samlStrategy

* test: update samle tests

* feat: add SAML login button label to translations and remove default value

* fix: update SAML cert file binding

* chore: update override example with SAML cert volume

* fix: update SAML session handling with Redis backend

---------

Co-authored-by: Ruben Talstra <RubenTalstra1211@outlook.com>

docker-compose.override.yml.example

@@ -40,7 +40,7 @@
 # # BUILD FROM LATEST IMAGE
 #   api:
 #     image: ghcr.io/danny-avila/librechat-dev:latest
- 
+
 # # BUILD FROM LATEST IMAGE (NUMBERED RELEASE)
 #   api:
 #     image: ghcr.io/danny-avila/librechat:latest
@@ -53,6 +53,13 @@
 #   api:
 #     image: ghcr.io/danny-avila/librechat-api:latest
 
+# # ADD SAML CERT FILE
+#   api:
+#     volumes:
+#     - type: bind
+#       source: ./your_cert.pem
+#       target: /app/your_cert.pem
+
 # # ADD MONGO-EXPRESS
 #   mongo-express:
 #     image: mongo-express
@@ -98,7 +105,7 @@
 # # USE RAG API IMAGE WITH LOCAL EMBEDDINGS SUPPORT
 #  rag_api:
 #    image: ghcr.io/danny-avila/librechat-rag-api-dev:latest
-# # For Linux user: 
+# # For Linux user:
 #    extra_hosts:
 #      - "host.docker.internal:host-gateway"
 
@@ -146,7 +153,7 @@
 #      REDIS_PASSWORD: RedisChangeMe
 #    volumes:
 #    - ./redis:/data
-  
+
 # # ADD LITELLM MONITORING
 #  langfuse-server:
 #    image: ghcr.io/langfuse/langfuse:latest