chore(editor): Validate SSO metadata url (#15206)

2025-12-16 17:46:45 +00:00 · 2025-05-08 15:46:26 +02:00
parent be72f736ac
commit c1229e007e
3 changed files with 80 additions and 1 deletions
--- a/packages/frontend/editor-ui/src/views/SettingsSso.vue
+++ b/packages/frontend/editor-ui/src/views/SettingsSso.vue
@@ -86,6 +86,7 @@ const getSamlConfig = async () => {

 const onSave = async () => {
 	try {
+		validateInput();
 		const config =
 			ipsType.value === IdentityProviderSettingsType.URL
 				? { metadataUrl: metadataUrl.value }
@@ -132,6 +133,25 @@ const onTest = async () => {
 	}
 };

+const validateInput = () => {
+	if (ipsType.value === IdentityProviderSettingsType.URL) {
+		// In case the user wants to set the metadata url we want to be sure that
+		// the provided url is at least a valid http, https url.
+		try {
+			const parsedUrl = new URL(metadataUrl.value);
+			// We allow http and https URLs for now, because we want to avoid a theoretical breaking
+			// change, this should be restricted to only allow https when switching to V2.
+			if (parsedUrl.protocol !== 'https:' && parsedUrl.protocol !== 'http:') {
+				// The content of this error is never seen by the user, because the catch clause
+				// below catches it and translates it to a more general error message.
+				throw new Error('The provided protocol is not supported');
+			}
+		} catch (error) {
+			throw new Error(i18n.baseText('settings.sso.settings.ips.url.invalid'));
+		}
+	}
+};
+
 const goToUpgrade = () => {
 	void pageRedirectionHelper.goToUpgrade('sso', 'upgrade-sso');
 };