* Add log in with Google
* Fix merge conflicts
* Merge branch 'main' into feature/copy-add-identity-provider
# Conflicts:
# pages/api/auth/[...nextauth].tsx
# pages/api/auth/forgot-password.ts
# pages/settings/security.tsx
# prisma/schema.prisma
# public/static/locales/en/common.json
* WIP: SAML login
* fixed login
* fixed verified_email check for Google
* tweaks to padding
* added BoxyHQ SAML service to local docker-compose
* identityProvider is missing from the select clause
* user may be undefined
* fix for yarn build
* Added SAML configuration to Settings -> Security page
* UI tweaks
* get saml login flag from the server
* UI tweaks
* moved SAMLConfiguration to a component in ee
* updated saml migration date
* fixed merge conflict
* fixed merge conflict
* lint fixes
* check-types fixes
* check-types fixes
* fixed type errors
* updated docker image for SAML Jackson
* added api keys config
* added default values for SAML_TENANT_ID and SAML_PRODUCT_ID
* - move all env vars related to saml into a separate file for easy access
- added SAML_ADMINS comma separated list of emails that will be able to configure the SAML metadata
* cleanup after merging main
* revert mistake during merge
* revert mistake during merge
* set info text to indicate SAML has been configured.
* tweaks to text
* tweaks to text
* i18n text
* i18n text
* tweak
* use a separate db for saml to avoid Prisma schema being out of sync
* use separate docker-compose file for saml
* padding tweak
* Prepare for implementing SAML login for the hosted solution
* WIP: Support for SAML in the hosted solution
* teams view has changed, adjusting saml changes accordingly
* enabled SAML only for PRO plan
* if user was invited and signs in via saml/google then update the user record
* WIP: embed saml lib
* 302 instead of 307
* no separate docker-compose file for saml
* - ogs cleanup
- type fixes
* fixed types for jackson
* cleaned up cors, not needed by the oauth flow
* updated jackson to support encryption at rest
* updated saml-jackson lib
* allow only the required http methods
* fixed issue with latest merge with main
* - Added instructions for deploying SAML support
- Tweaked SAML audience identifier
* fixed check for hosted Cal instance
* Added a new route to initiate Google and SAML login flows
* updated saml-jackson lib (node engine version is now 14.x or above)
* moved SAML instructions from Google Docs to a docs file
* moved randomString to lib
* comment SAML_DATABASE_URL and SAML_ADMINS in .env.example so that default is SAML off.
* fixed path to randomString
* updated @boxyhq/saml-jackson to v0.3.0
* fixed TS errors
* tweaked SAML config UI
* fixed types
* added e2e test for Google login
* setup secrets for Google login test
* test for OAuth login buttons (Google and SAML)
* enabled saml for the test
* added test for SAML config UI
* fixed nextauth import
* use pkce flow
* tweaked NextAuth config for saml
* updated saml-jackson
* added ability to delete SAML configuration
* SAML variables explainers and refactoring
* Prevents constant collision
* Var name changes
* Env explainers
* better validation for email
Co-authored-by: Omar López <zomars@me.com>
* enabled GOOGLE_API_CREDENTIALS in e2e tests (Github Actions secret)
* cleanup (will create an issue to handle forgot password for Google and SAML identities)
Co-authored-by: Chris <76668588+bytesbuffer@users.noreply.github.com>
Co-authored-by: Omar López <zomars@me.com>
* Email input UX improvements
* Makes email queries case insensitive
* Lowercases all emails
* Type fixes
* Re adds lowercase email to login
* Removes citext dependency
* Updates schema
* Migration fixes
* Added failsafes to team invites
* Team invite improvements
* Deleting the index, lowercasing
```
calendso=> UPDATE users SET email=LOWER(email);
ERROR: duplicate key value violates unique constraint "users.email_unique"
DETAIL: Key (email)=(free@example.com) already exists.
```
vs.
```
calendso=> CREATE UNIQUE INDEX "users.email_unique" ON "users" (email);
ERROR: could not create unique index "users.email_unique"
DETAIL: Key (email)=(Free@example.com) is duplicated.
```
I think it'll be easier to rectify for users if they try to run the migrations if the index stays in place.
Co-authored-by: Alex van Andel <me@alexvanandel.com>
* chore: change calendso strings to cal.com
* rebase LICENSE
* rebase LICENSE
* strings that were missed
Co-authored-by: Bailey Pumfleet <pumfleet@hey.com>
