🔑 feat: SAML authentication (#6169)

* feat: add SAML authentication

* refactor: change SAML icon

* refactor: resolve SAML metadata paths using paths.js

* test: add samlStrategy tests

* fix: update setupSaml import

* test: add SAML settings tests in config.spec.js

* test: add client tests

* refactor: improve SAML button label and fallback localization

* feat: allow only one authentication method OpenID or SAML at a time

* doc: add SAML configuration sample to docker-compose.override

* fix: require SAML_SESSION_SECRET to enable SAML

* feat: update samlStrategy

* test: update samle tests

* feat: add SAML login button label to translations and remove default value

* fix: update SAML cert file binding

* chore: update override example with SAML cert volume

* fix: update SAML session handling with Redis backend

---------

Co-authored-by: Ruben Talstra <RubenTalstra1211@outlook.com>

packages/data-schemas/src/schema/user.ts

@@ -13,6 +13,7 @@ export interface IUser extends Document {
   googleId?: string;
   facebookId?: string;
   openidId?: string;
+  samlId?: string;
   ldapId?: string;
   githubId?: string;
   discordId?: string;
@@ -67,7 +68,7 @@ const User = new Schema<IUser>(
     },
     email: {
       type: String,
-      required: [true, 'can\'t be blank'],
+      required: [true, "can't be blank"],
       lowercase: true,
       unique: true,
       match: [/\S+@\S+\.\S+/, 'is invalid'],
@@ -112,6 +113,11 @@ const User = new Schema<IUser>(
       unique: true,
       sparse: true,
     },
+    samlId: {
+      type: String,
+      unique: true,
+      sparse: true,
+    },
     ldapId: {
       type: String,
       unique: true,
@@ -160,4 +166,4 @@ const User = new Schema<IUser>(
   { timestamps: true },
 );
 
-export default User;
+export default User;