Foss sandbox#30
Merged
Merged
Conversation
oauth2-proxy was putting the Cognito sub UUID into x-auth-request-user instead of a human-readable username, so newly-provisioned SSO users landed with a UUID as their User.name. Drop the header read in the ForwardAuth middleware and use the email local-part instead — the same value both apps already fell back to when the header was absent; we're promoting that fallback to the only source. Existing users with UUID names are not auto-corrected: the middleware does not re-sync the name field on subsequent logins. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Hide delete account option when AUTH_TYPE is SSO
There was a problem hiding this comment.
Pull request overview
This PR tightens behavior for ForwardAuth/SSO deployments by disallowing self-service account deletion when AUTH_TYPE is set to SSO, and centralizes the "SSO" sentinel value into a shared constant to avoid scattered string literals across client/server code.
Changes:
- Introduces
AUTH_TYPE_SSOin@shared/constantsand replaces hard-coded"SSO"checks with the constant. - Blocks self-deletion (and self “request delete”) when running in SSO mode via the server-side
Userpolicy. - Hides the “Users can delete account” workspace setting in the Security settings UI when in SSO mode, and adds/updates tests to cover the new behavior.
Reviewed changes
Copilot reviewed 9 out of 9 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| shared/constants.ts | Adds AUTH_TYPE_SSO shared constant for consistent checks across the codebase. |
| server/routes/api/users/users.test.ts | Adds API-level tests ensuring self-deletion and request-delete are forbidden in SSO mode. |
| server/policies/user.ts | Enforces “no self delete in SSO mode” at the authorization layer. |
| server/policies/user.test.ts | Adds policy tests covering default vs SSO delete behavior. |
| server/middlewares/authentication.ts | Replaces local "SSO" constant with the shared AUTH_TYPE_SSO. |
| server/middlewares/authentication.test.ts | Updates ForwardAuth tests to use AUTH_TYPE_SSO. |
| app/utils/ApiClient.ts | Uses AUTH_TYPE_SSO for SSO stale-session/redirect detection logic. |
| app/stores/AuthStore.ts | Uses AUTH_TYPE_SSO for SSO stale-session detection in /auth.info handling. |
| app/scenes/Settings/Security.tsx | Hides the “Users can delete account” setting when AUTH_TYPE indicates SSO mode. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
aznszn
approved these changes
Jun 2, 2026
jawad-khan
approved these changes
Jun 2, 2026
hunzlahmalik
approved these changes
Jun 2, 2026
A malformed X-Auth-Request-Email with no local part (e.g. "@example.com") normalises to "@<DEFAULT_EMAIL_DOMAIN>", yielding an empty localPart. Since User.name enforces a min length of 1, provisioning failed with an opaque validation error. Source localPart from parseEmail and reject empty local parts up front with an AuthenticationError for a deterministic failure mode. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
…l-local-part fix(auth): derive SSO display name from email local-part
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description